MSBR | CLI Reference Guide. Name. Mediant 800 MSBR User's Manual · Mediant MSBR IP Networking CLI Configuration Guide ...
2022-01-10 — CHAPTER 6 Show Commands. MSBR | CLI Reference Guide show data arp. IP Address MAC Address Interface Type. 172.17.141.1 64:64:9b:3b:6a:81 VLAN 1 DYNAMIC.
Reference Guide
AudioCodes Multi-Service Business Router Series
Command-Line Interface for MSBRs
Version 7.2
Notice
MSBR | CLI Reference Guide
Notice
Information contained in this document is believed to be accurate and reliable at the time of printing. However, due to ongoing product improvements and revisions, AudioCodes cannot guarantee accuracy of printed material after the Date Published nor can it accept responsibility for errors or omissions. Updates to this document can be downloaded from https://www.audiocodes.com/library/technical-documents.
This document is subject to change without notice. Date Published: June-22-2020
WEEE EU Directive
Pursuant to the WEEE EU Directive, electronic and electrical waste must not be disposed of with unsorted waste. Please contact your local recycling authority for disposal of this product.
Customer Support
Customer technical support and services are provided by AudioCodes or by an authorized AudioCodes Service Partner. For more information on how to buy technical support for AudioCodes products and for contact information, please visit our website at https://www.audiocodes.com/services-support/maintenance-and-support.
Documentation Feedback
AudioCodes continually strives to produce high quality documentation. If you have any comments (suggestions or errors) regarding this document, please fill out the Documentation Feedback form on our website at https://online.audiocodes.com/documentation-feedback.
Stay in the Loop with AudioCodes
Related Documentation
Document Name MSBR Series Release Notes Mediant 500 MSBR User's Manual Mediant 500L MSBR User's Manual
- ii -
Notice
MSBR | CLI Reference Guide
Document Name Mediant 800 MSBR User's Manual Mediant MSBR IP Networking CLI Configuration Guide Ver. 7.2 Mediant MSBR Layer-2 Bridging CLI Configuration Guide Ver. 7.2 Mediant MSBR LAN-WAN Access CLI Configuration Guide Ver. 7.2 Mediant MSBR Security Setup CLI Configuration Guide Ver. 7.2 Mediant MSBR Simplifying Network CLI Configuration Note Ver. 7.2 Mediant MSBR Basic System Setup CLI Configuration Guide Ver. 7.2 Troubleshooting the MSBR Configuration Note Ver. 7.2 Upgrading MSBR Firmware from Ver. 6.8 to Ver. 7.2 Configuration Note Configuring Mediant MSBR Wireless Access Configuration Guide
Document Revision Record
LTRT
Description
17929 Initial document release for Ver. 7.2.
17937
Updated to Ver. 7.20A.200.019
New: tail; show network http-proxy; clear voip ids blacklist; admin streaming; copy configuration-pkg; copy nginx-conf-files; automatic-update mt-firmware| vmt-firmware; sbc-performance-settings; http-proxy debuglevel; http-proxy directive-sets; http-proxy dns-primary-server; http-proxy dns-secondary-server; http-proxy http-proxy-app; http-proxy upstreamhost| upstream-group; public-key display; alternative-name-add; alternative-name-clear; sbc-enhanced-plc; max-streaming-calls; cac-profile; external-media-source; cac-profile; user-info
Updated: show voip proxy sets status; write; write factory keep-networkand-users-configuration; http-proxy
17939
Updated to Ver. 7.20A.202.112
New commands: filter commands descending, first <x>, last <x>, range <x-y>; show activity-log; show admin state; admin state lock |unlock; copy mtfirmware| vmc-firmware; ystem-snapshot; automatic-update > aupdgraceful-shutdown| vmc-firmware; floating-license; time-zone-format; dhcp-
- iii -
Notice
MSBR | CLI Reference Guide
LTRT
Description
server server > name; configure network > mtc; fxs-callid-cat-brazil
Updates: clear voip ids blacklist entry; "prefix" changed to "pattern"; parentchild tables structure update
17945
Updated to Ver. 7.20A.204.108
New commands: isdn-ignore-18x-without-sdp; isdn-send-progress-for-te; force-generate-to-tag
17948
Updated to Ver. 7.20A.250.003
Updated sections: Privileged User Mode (user levels, RADIUS-LDAP)
New commands: debug exception-syslog-history; debug reset-sysloghistory; ping (tos|traffic-class); traceroute (proto); ids global-parameters (enable-ids on); automatic-update > credentials; rules-set-name; sshredundant-device-port; oauth-http-service; sbc-server-auth-type; ppreferred-id-list; account-name; re-register-on-invite-failure
Updated commands: trace-level (notes); copy ini-file (replaced voiceconfiguration); debug debug-recording; pstn-debug (replaced debug pstndebug); logging-filters (description); alt-res-name; show system temperature; registrar-stickiness; charge-code; message (path); inboundmap-set (path); outbound-map-set (path)
17950
Updated to Ver. 7.20A.252.062
New commands: snmp alarm-customization; qoe additional-parameters; call-end-cdr-sip-reasons-filter; call-end-cdr-zero-duration-filter; export-csvto; import-csv-from; fxs-offhook-timeout-alarm; http-login-needed (httpservices); verify-cert-subject-name (http-services); key-port-configure; obscure-password-mode; hostname (network-settings); keep-alive-time / secondary-server-name / tls / verify-certificate / verify-certificate-subjectname (qoe qoe-settings); operational-state-delay; history at-start show system utilization; debug-level-high-threshold; log-level; (test-call test-calltable) allowed-audio-coders-group-name / allowed-coders-mode / mediasecurity-mode / offered-audio-coders-group-name / play-dtmf-method / play-tone-index; dedicated-connection-mode
Updated commands: verify-cert-subject-name (name change); message callsetup-rules ("none" added to action-type / request-key / request-target / request-type with http-post-notify and http-post-query; passwordobscurity; crypto isakmp policy
17954 Updated commands (typo): graceful command added to reload without-saving command; keep-network-and-users-configuration (removed)
- iv -
Notice
MSBR | CLI Reference Guide
LTRT
Description
Updated to Ver. 7.20A.254.
New commands: topology-hiding-header-list; call-failure-internal-reasons; call-failure-sip-reasons; call-success-internal-reasons; call-success-sipreasons; call-transferred-after-connect; call-transferred-before-connect; nouser-response-after-connect; no-user-response-before-connect; video-recsync-timeout; mfr1-detector-enable; dtmf-detector-enable; alt-routereasons-set; alt-route-reasons-rules; short-call-seconds; mf-transport-type; sbc-msrp-empty-message-format; sbc-msrp-offer-setup-role; sbc-msrp-reinvite-update-supp; data-diffserv; web-password-change-interval: heartbeat-interval; initial-rto; minimum-rto; maximum-rto; max-pathretransmit; max-association-retransmit; max-data-tx-burst; max-datachunks-before-sack
17957
Updated to Ver. 7.20A.254.375
New commands: web-password-change-interval
Updated commands: hotline-dia-ltone-duration (typo); energy-detectorcmd (removed); format-dst-phone-number (removed); qsig-tunneling-mode (description); nel open only fo Rx (removed)
17958
Updated sections: Accessing the CLI (miscellaneous)
Updated commands: Answer Detector commands removed (answerdetector-activativity-delay, answer-detector-enable, answer-detectorredirection, answer-detector-sensitivity, answer-detector-silence-time); (radius)# source data;
New commands: format-dst-phone-number; snmp-transport-type
17960
Updated to Ver. 7.20A.254.733
Updated commands: show running config (Local Users table); (configisakmp) ike
New commands: tls-renegotiation; min-web-password-len; internal-mediarealm-name; teams-media-optimization-handling
17965
Updated to Ver. 7.2.256.107
Updated commands: interface gigabitEthernet (typo); interface gpon (removed); proxy-enable-keep-alive (using-options-on-active-server); tlsversion (TLS 1.3); floating-license (flex); external-media-source (typo); ntp (example typo); optional values added for ISDN commands; topologyhiding-headerlist (removed)
New commands: show data interfaces <Interface> history bandwidth; send-
-v-
Notice
MSBR | CLI Reference Guide
LTRT
Description
screen-to-isdn-1; send-screen-to-isdn-2; layer_2_only; port-monitor-saveafter-reset; dns-rebinding-protection-enabled; ciphers-client-tls13; ciphersserver-tls13; key-exchange-groups; middlebox-compat-mode; forkinghandling; : user-defined-failure-pm; ovoc-tunnel-settings (address, path, username, password, secured, verify-server); rest-message-type (new value); push-notification-servers; pns-reminderperiod; pns-registertimeout; remote-monitoring; remote-monitor-reporting-period; remote-monitorstatus; remote-monitor-alarms; remote-monitor-kpi; ; remote-monitorregistration; sipsource-host-name; sip-topology-hiding-mode; reserve-dsponsdp- offer; teams-mo-initial-behavior
17968
Updated to Ver. 7.20M1.256.029
New commands: period-inform-enable; crypto isakmp identity ip; acceptdhcp-proxy-list; register-by-served-tg-status; configure system > cwmp > source data; ip dhcp-client authentication; ipv6 dhcp-client authentication; show system floating-license; show system floating-license reports; floatinglicense; show data cellular status history; date-header-time-sync; dateheader-time-sync-interval; isdn-ntt-noid-interworking-mode; ipv6 enable; cwmp > source data source-address interface loopback (replaces vrf-name)
Updated commands: crypto ipsec transform-set (new value esp-sha256hmac)
- vi -
Content
Table of Contents
1 Introduction Part I Getting Started 2 Accessing the CLI 3 CLI Structure
CLI Command Modes
Basic User Mode Privileged User Mode Switching between Command Modes
CLI Configuration Wizard CLI Shortcut Keys Common CLI Commands Working with Tables
Adding New Rows Adding New Rows to Specific Indices Changing Index Position of Rows Deleting Table Rows
CLI Error Messages Typographical Conventions Part II Root-Level Commands 4 Introduction 5 Debug Commands debug adsl-connection debug adsl-firmware debug auxilary-files
debug auxilary-files dial-plan debug auxilary-files user-info
debug bfd debug bgp debug capture
debug capture data debug capture data interface debug capture data physical clear debug capture data physical start debug capture data physical stop debug capture data physical insert-pad debug capture data physical target debug capture data physical autostop
- vii -
MSBR | CLI Reference Guide
1 2 2 3 4 4
4 4 5
6 6 8 13
13 13 14 15
15 16 18 18 19 20 22 22 23
24 25
25 26 27
27 28 30 30 31 32 33 34
Content
debug capture data physical <interface> debug capture trim debug capture voip
debug capture voip interface debug capture voip physical
debug cli delayed-command debug cwmp send-connection-request debug data-syslog debug debug-recording debug dhcpv6_client debug dhcpv6_server debug dial plan debug dot11radio debug dynamic-routing debug ethernet debug exception-info debug exception-syslog-history debug fax debug ipv6-ra debug log debug ospf debug ospf6 debug persistent-log show debug phy-err-injection debug reset-history debug reset-syslog-history debug rip debug ripng debug rmx-serial debug serial-port debug sip debug speedtest debug syslog debug syslog-server debug test-call debug usb debug usb-3g debug voip debug vrf debug zebra 6 Show Commands show activity-log show admin state
- viii -
MSBR | CLI Reference Guide
36 37 37 37 39
41 42 43 43 45 45 46 46 48 49 50 51 51 52 53 54 55 57 59 60 61 62 62 63 64 65 66 67 68 68 70 71 72 73 73
75
75 76
Content
show sctp
show sctp connections show sctp statistics
show data
show data access-lists show data arp show data backup-group show data bfd neighbors show data bgp show data bridge-configuration show data cellular show data crypto show data ddns show data debugging show data dns-views show data dot11radio show data dot1x-status show data dsl show data ethernet show data f-path rate show data hosts show data interfaces show data ip show data ipv6 show data l2tp-server show data lldp show data mac-address-table show data port-monitor show data port-security show data pptp-server show data qos show data route-map show data spanning-tree show data tacacs show data track show data vrrp
show ini-file show last-cli-script-log show network
show network access-list show network arp show network dhcp clients show network interface show network network-dev show network nqm
- ix -
MSBR | CLI Reference Guide
77
77 78
79
82 82 83 83 84 85 86 87 89 89 90 91 93 94 95 96 97 98 102 112 115 116 116 117 118 119 119 121 121 122 123 123
124 125 126
127 127 128 128 129 130
Content
show network physical-port show network route show network tls show network wan-bindings
show running-config show startup-script show storage-history show system
show system alarms show system alarms-history show system assembly show system clock show system cpu-util show system cwmp show system fax-debug-status show system feature-key show system floating-license show system floating-license reports show system interface osn show system log show system ntp-status show system radius servers status show system temperature show system uptime show system utilization show system version
show users show voip
show voip calls show voip calls active show voip calls history show voip calls statistics
show voip channel-stats show voip coders-stats show voip cpu-stats show voip dsp
show voip dsp perf show voip dsp status show voip e911 show voip ids show voip interface show voip ip-group show voip ldap show voip other-dialog statistics show voip proxy sets status
-x-
MSBR | CLI Reference Guide
130 131 131 132
133 134 134 135
136 137 137 138 138 139 140 140 141 142 142 142 143 144 145 145 146 147
148 149
150 150 152 152 154 156 156 157 157 158 159 159 160 162 163 164 165
Content
show voip realm show voip register show voip subscribe show voip tdm
7 Clear Commands clear alarms-history clear debug-file clear counters clear data clear ip clear ipv6 clear l2tp-server clear pptp-server clear qos counters clear storage-history clear system clear system-log clear user clear voip
clear voip calls clear voip ids blacklist clear voip register db sbc clear voip statistics
8 General Root Commands admin
admin register|unregister admin state admin streaming
copy dir erase ethernet nslookup output-format ping pstn reload run-startup-script srd-view system-snapshot telnet traceroute undebug
- xi -
MSBR | CLI Reference Guide
165 166 168 169
170
171 171 171 173 174 175 177 178 179 179 180 180 181 181
182 183 183 184
185
185
186 187 188
188 194 195 196 197 198 200 202 203 204 205 205 207 208 209
Content
usb write write-and-backup Part III System-Level Commands 9 Introduction 10 additional-mgmt-if 11 automatic-update Files http-user-agent template-files-list template-url 12 cli-settings 13 clock 14 configuration-version 14 cwmp 15 feature-key 16 floating-license 17 http-services http-remote-services
http-remote-hosts
18 ldap ldap ldap-configuration
ldap ldap-servers-search-dns ldap mgmt-ldap-groups
ldap ldap-server-groups ldap settings 19 mgmt-access-list 20 mgmt-auth 21 ntp 22 packetsmart 23 performance-profile 24 radius radius servers radius settings 25 sbc-performance-settings
- xii -
MSBR | CLI Reference Guide
210 211 212 214 214 215 217 218 219 222 223 224 227 230 231 232 236 237 239 240
242
244 244
246 246
247 248 250 251 253 254 255 257 257 258 260
Content
26 snmp snmp alarm-customization snmp settings snmp trap snmp trap-destination snmp v3-users
27 user 27 user-defined-failure-pm 28 web 29 welcome-msg Part IV Troubleshoot-Level Commands 30 Introduction 31 activity-log 32 activity-trap 33 cdr
cdr-format
gw-cdr-format sb-cdr-format show-title
33 cdr-server 33 pstn-debug 34 fax-debug 35 logging
logging-filters settings 36 max-startup-fail-attempts 37 pstn-debug 38 startup-n-recovery 39 syslog 40 test-call settings test-call-table Part V Network-Level Commands 41 Introduction
- xiii -
MSBR | CLI Reference Guide
261 261 262 264 264 265 267 270 271 273 275 275 276 277 279 280 283
284 285 286
288 290 291 292 292 293 295 296 297 298 300 300 301 305 305 306
Content
42 access-list 42 bind vrf 43 dhcp-server
dhcp-server delete-client dhcp-server option dhcp-server server dhcp-server static-ip dhcp-server vendor-class 44 dns dns dns-to-ip dns override dns settings dns srv2ip 45 hostname 46 interface interface osn 47 nat-translation 48 network-dev 49 network-settings 50 nqm nqm probing-table nqm responder-table nqm sender-table 50 ovoc-tunnel-settings 51 physical-port 52 poe-table 53 qos qos vlan-mapping qos application-mapping 53 sctp 54 security-settings 55 static 56 tftp-server 57 tls certificate private-key trusted-root
- xiv -
MSBR | CLI Reference Guide
308 310 312 312 313 313 316 317 318 319 319 320 321 323 324 324 325 327 328 329 329 330 331 334 335 336 337 337 337 339 341 343 345 346 349 351 352
Content
Part VI VoIP-Level Commands 58 Introduction 59 application 60 gateway
advanced analog
authentication automatic-dialing call-forward call-waiting caller-display-info enable-caller-id enable-did fxo-setting fxs-setting keypad-features metering-tones reject-anonymous-calls tone-index
digital
rp-network-domains settings
dtmf-supp-service
charge-code dtmf-and-dialing isdn-supp-serv supp-service-settings
manipulation
calling-name-map-ip2tel calling-name-map-tel2ip cause-map-isdn2isdn cause-map-isdn2sip cause-map-sip2isdn dst-number-map-ip2tel dst-number-map-tel2ip phone-context-table redirect-number-map-ip2tel redirect-number-map-tel2ip settings src-number-map-ip2tel src-number-map-tel2ip
routing
- xv -
MSBR | CLI Reference Guide
354
354
355
356
357
357 358
359 360 361 362 363 364 365 366 368 368 370 371 372
373
373 374
384
384 385 387 389
393
394 395 396 397 398 399 400 401 402 404 405 407 409
410
Content
alt-route-cause-ip2tel alt-route-cause-tel2ip fwd-on-bsy-trk-dst gw-routing-policy ip2tel-routing settings tel2ip-routing
trunk-group trunk-group-setting voice-mail-setting 61 coders-and-profiles allowed-audio-coders-groups
allowed-audio-coders
allowed-video-coders-groups
allowed-video-coders
audio-coders-groups
audio-coders
ip-profile tel-profile 62 ids global-parameters match policy
rule
63 interface bri e1-t1 fxs-fxo
64 ip-group 65 media
fax-modem ipmedia rtp-rtcp security settings tdm voice 66 message call-setup-rules message-manipulations message-policy
- xvi -
MSBR | CLI Reference Guide
411 412 412 413 414 416 417
419 420 422 425 425
426
427
427
428
429
430 438 442 442 443 444
444
447 447 450 453 457
463 463 466 467 469 471 473 475 477 477 479 480
Content
pre-parsing-manip-sets
pre-parsing-manip-rules
settings 67 proxy-set
proxy-ip 68 qoe
bw-profile additional-parameters call-flow-report qoe-profile
qoe-color-rules
quality-of-service-rules qoe-settings 69 realm realm-extension remote-media-subnet 70 sbc classification dial-plan
dial-plan <Index> dial-plan-rule dial-plan-rule <Index> dial-plan dial-plan-rule
external-media-source malicious-signature-database manipulation
ip-inbound-manipulation ip-outbound-manipulation
routing
condition-table ip-group-set
ip-group-set-member ip2ip-routing alt-routing-reasons
alt-route-reasons-rules sbc-routing-policy
cac-profile
cac-rule
settings 71 sip-definition
account least-cost-routing cost-group
- xvii -
MSBR | CLI Reference Guide
482
483
483 485 487 489 489 491 491
492
494 495 497 498 499 501 501 503
504 505 505 506
507 508 509
509 511
514
514 515 516 517 520 521 523
524
525
526 532 532 534
Content
cost-group-time-bands
proxy-and-registration
user-info
push-notification-servers settings sip-recording
settings sip-rec-routing
72 sip-interface 73 srd Part VII Data-Router Level Commands 74 Introduction 75 WAN Access Commands
General WAN Commands
interface interface vti interface vlan interface t1 interface serial interface loopback interface multilink interface gigabitethernet interface fastethernet interface efm interface e1 interface bvi interface pppoe
ip address vrrp description duplex bind
Cellular 3G/4G Modem Configuration Commands
interface cellular 0/0 adv
hdlc modem-details option usb-modeswitch apn backup monitoring conditional-apn
- xviii -
MSBR | CLI Reference Guide
535
536
539
541 541 554
554 555
557
560
562
562
563
564
564
564 566 567 567 568 568 569 570 570 571 572 572 573 574 574 575 576 577
578
578 579 580 580 581 582 583 584 584
Content
crypto firewall initstr mode mtu napt pcui phone pin ppp user ppp authentication profile sms tty vendor
ADSL/VDSL Commands
interface dsl 0/0 Fiber Optic Commands interface fiber
SHDSL Commands
interface SHDSL 0/0 mode group pairs termination linerate annex interface atm pvc encapsulation ubr / cbr / vbr ppp user T1 WAN Commands T1 Physical Interfaces
channel-group clock-source framing-method line-code line-buildout-loss max-cable-loss loopback ber-test Serial Interfaces serial-protocol ip address (HDLC over T1)
- xix -
MSBR | CLI Reference Guide
585 586 586 587 587 588 589 589 590 591 591 592 593 594 595
596
596 597 597
598
598 598 599 600 601 601 602 603 604 605 606 607 607 608 608 608 609 610 610 611 612 613 614 615 616
Content
ip dns-server (HDLC over T1) ip mtu (HDLC over T1) ip address (PPP over T1) ip dns-server (PPP over T1) ip mtu (PPP over T1) authentication chap (PPP/MLP over T1) authentication pap (PPP/MLP over T1) authentication ms-chap (PPP/MLP over T1) authentication ms-chap2 (PPP/MLP over T1) authentication username (PPP/MLP over T1) authentication password (PPP/MLP over T1) multilink bundle-id (MLP over T1) Multilink Interfaces (MLP over T1 WAN) napt ppp bundle-id ppp fragments-enable ppp mrru ip address ip dns-server
Backup Group Commands
backup-group backup monitoring group
76 Layer-2 (LAN) Commands Wi-Fi Commands
radio shutdown
Data Services Commands
DNS Server ip dns server ip host ip flow-export ip fastpath dns-view set server address match source-address set server interface ip name-server ip max-conn
DHCP Server ip dhcp-server option service dhcp
DHCPv4 Client ip address dhcp ip dhcp-client class-id
- xx -
MSBR | CLI Reference Guide
616 617 618 619 619 620 621 621 622 623 623 624 625 625 625 626 627 627 628
629
629 630
632
632
632
632
632 632 633 635 637 637 638 639 639 640 641 641 641 645 647 648 648 649
Content
ip dhcp-client default-route ip dhcp-client authentication ip dhcp-source-address ip dhcp pool service dhcp DHCPv6 Client ipv6 dhcp-client authentication ipv6 dhcp-client ntp-server opt56 ipv6 dhcp-client pd ipv6 dhcp-client prefix-len-128 ipv6 dhcp-client vendor-class enterprise ipv6 dhcp-client vendor-specific shutdown mtu layer_2_only ip tcp adjust-mss speed Switch Port Interface Commands switchport mode switchport access vlan switchport trunk allowed vlan switchport trunk native vlan network IP Destination Reachability track bfd neighbor ip reassembly service tcp keepalives ip dns randomization
Port Monitoring Commands
port-monitor port-monitor-save-after-reset
Spanning Tree Commands
Spanning Tree General Commands spanning-tree spanning-tree priority spanning-tree hello-time spanning-tree max-age spanning-tree forward-delay
Spanning Tree Interface Commands spanning-tree spanning-tree priority spanning-tree cost spanning-tree edge spanning-tree point-to-point
- xxi -
MSBR | CLI Reference Guide
649 650 651 652 664 665 665 665 666 667 667 668 669 669 670 671 671 672 672 673 674 675 676 676 676 679 680 680 681
682
682 683
684
684 684 684 685 686 686 687 687 688 688 689 690
Content
LLDP and LLDP-MED Commands
lldp run lldp holdtime lldp location lldp network-policy lldp timer
77 Layer-3 Commands IPv6 Commands
ipv6 enable IPv6 Static Routes Commands
ipv6 route ipv6 access-list Acquiring IPv6 Address from DHCPv6 Server ipv6 address dhcp Acquiring IPv6 Address from Router Advertisement ipv6 address autoconfig IPv6 Router Advertisement Daemon Commands ipv6 nd managed-config-flag ipv6 nd other-config-flag ipv6 nd ns-interval ipv6 nd reachable-time ipv6 nd router-preference ipv6 nd ra ipv6 nd ra suppress ipv6 nd ra lifetime ipv6 nd ra interval ipv6 nd prefix ipv6 nd prefix <X:X::X:X> no-advertise ipv6 dhcp-server dns-server <X:X::X:X> interface QoS Commands bandwidth (queue) bandwidth (service-map) qos match-map match priority match precedence match length packet match length data match dscp match any match access-list set queue qos service-map qos priority-retain
- xxii -
MSBR | CLI Reference Guide
691
691 691 692 693 693
695
695
695 696 696 698 700 700 701 701 702 702 702 703 704 704 705 705 706 706 707 708 709 709 710 710 711 711 713 714 715 715 716 718 719 719 720 721
Content
set precedence set dscp set priority policy priority queue priority
Data Routing Commands
Static Routing Commands ip route ip address ip route source ip redirects ip port-triggering ip port-map
Dynamic Routing Commands router bgp vrf ip as-path ip community-list ip extcommunity-list standard ip extcommunity-list vrf ip extcommunity-list expanded ip pim ip prefix-list ipv6 prefix-list key chain router-id aggregate-address redistribute kernel bgp scan-time bgp router-id bgp log-neighbor-changes bgp graceful-restart bgp fast-external-failover bgp enforce-first-as bgp deterministic-med bgp default local-preference bgp dampening bgp confederation peers bgp confederation identifier bgp router-id bgp cluster-id bgp client-to-client reflection bgp bestpath as-path bgp bestpath compare-routerid bgp bestpath med confed
- xxiii -
MSBR | CLI Reference Guide
721 722 724 725 726 727 727
728
729 729 730 732 733 734 735 735 736 736 737 738 740 741 742 743 745 746 746 747 748 749 749 750 751 751 752 752 753 754 755 756 756 757 757 758 759
Content
bgp bestpath med missing-as-worst bgp always-compare-med distance distance bgp redistribute static redistribute connected redistribute ospf neighbor remote-as neighbor shutdown neighbor enforce-multihop neighbor dont-capability-negotiate neighbor disable-connected-check neighbor ebgp-multihop neighbor description neighbor fall-over bfd neighbor version neighbor interface ifname neighbor next-hop-self neighbor update-source neighbor unsuppress-map neighbor transparent-nexthop neighbor transparent-as neighbor timers neighbor soft-reconfiguration inbound neighbor default-originate neighbor capability route-refresh neighbor port neighbor send-community neighbor route-server-client neighbor route-reflector-client neighbor remove-private-AS neighbor weight neighbor passive neighbor password neighbor override-capability neighbor maximum-prefix neighbor route-map name neighbor peer-group neighbor local-as neighbor interface neighbor strict-capability-match neighbor attribute-unchanged neighbor allowas-in neighbor advertisement-interval neighbor activate
- xxiv -
MSBR | CLI Reference Guide
759 760 760 761 762 762 763 764 764 765 766 766 767 768 769 769 770 771 772 773 774 774 775 776 777 777 778 779 780 781 781 782 783 783 784 785 786 787 787 788 789 790 791 792 793
Content
MSBR | CLI Reference Guide
neighbor prefix-list name
793
neighbor filter-list name
794
network
795
BGP Protocol
796
route-map
796
route-map-static
797
match as-path
797
set as-path prepend
798
OSPFv2 Protocol
799
router ospf
799
ospf router-id
800
ospf abr-type
800
ospf rfc1583compatibility
801
log-adjacency-changes
802
passive-interface
802
timers throttle spf
803
max-metric router-lsa
804
auto-cost reference-bandwidth
805
network
806
area
807
area ip-address|number range a.b.c.d/m not-advertise
807
area ip-address|number range a.b.c.d/m substitute a.b.c.d/M
808
area ip-address|number shortcut
809
area ip-address|number stub
810
area ip-address|number stub no-summary
811
area ip-address|number default-cost
812
area ip-address|number filter-list prefix NAME in/out
812
area ip-address|number authentication
813
area ip-address|number authentication message-digest
814
redistribute kernel
815
redistribute rip
816
redistribute connected
817
redistribute static
818
redistribute bgp
818
timers bgp
819
default-information originate
820
default-metric
821
distance
822
ip ospf authentication-key auth_key
822
ip ospf authentication message-digest
823
ip ospf message-digest-key KEYID md5 KEY
824
ip ospf cost
824
ip ospf dead-interval
825
ip ospf hello-interval
826
ip ospf network
826
- xxv -
Content
ip ospf priority ip ospf retransmit-interval ip ospf transmit-delay ip ospf bfd OSPF6 Protocol Routing Information Protocol (RIP) router rip router ripng passive-interface ip split-horizon network network network ifname neighbor a.b.c.d version version redistribute kernel redistribute static redistribute connected redistribute ospf redistribute bgp default-information originate distribute-list prefix distance timers basic ip rip split-horizon ip rip send version version ip rip receive version version ip rip authentication mode md5 ip rip authentication mode text ip rip authentication string ip rip authentication key-chain match community match extcommunity match interface ifname match ip address prefix-list [WORD] match ip next-hop match metric set comm-list set ip next-hop set metric redistribute connected default-information originate default-metric distribute-list prefix network ifname passive-interface
- xxvi -
MSBR | CLI Reference Guide
827 828 829 829 830 834 834 835 835 837 837 838 839 840 841 841 842 843 844 844 845 846 847 847 848 849 849 850 850 851 851 852 853 854 854 855 855 856 856 857 857 858 859 860 861
Content
route route-map timers basic redistribute bgp redistribute kernel redistribute ospf6 redistribute static Virtual Routing and Forwarding (VRF) Commands
GRE and IPIP Tunnel Interface Commands
interface gre|ipip napt ip address tunnel destination
GARP Commands
garp timer garp enable
78 Security ip synflood-protection web-restrict VPN Commands
IPSec (crypto) crypto isakmp identity crypto isakmp keepalive crypto isakmp key crypto isakmp policy crypto ipsec profile crypto ipsec transform-set crypto map
L2TP and PPTP Tunnel Interface Commands description firewall enable lcp-echo interface l2tp|pptp mtu napt ppp user ppp authentication pap|chap|ms-chap|ms-chap-v2 shutdown tunnel destination
l2tp-server pptp-server vpn-users
Port Security based on MAC Address
authentication static
- xxvii -
MSBR | CLI Reference Guide
862 863 864 865 866 867 867 868
873
873 873 874 875
875
875 876
878
878 878 879
879 879 880 880 881 883 884 885 887 887 888 888 889 890 890 891 891 892 893 894 894 895
895
895
Content
MSBR | CLI Reference Guide
Access Control List (ACL) Commands
access-list ip access-list extended ip access-list standard <rule id> deny|permit ip access-list resequence ip access-group
Firewall Commands
firewall enable mtu desc shutdown
NAT Commands
ip nat inside source static ip nat inside source static list ip nat inside destination ip nat pool ip nat translation
802.1x LAN Port-based Authentication Commands
dot.1x lan-authentication enable dot1x radius-server dot1x reauth-time authentication dot1x
802.1X On-board RADIUS Server Authentication Commands
dot1x local-user interface dot11radio security 802.1x security wpa security mode no shutdown
Ethernet Commands
ethernet l2tunnel ethernet cfm
TACACS+ Commands
tacacs-server aaa authentication login tacacs+ aaa accounting exec start-stop tacacs+ aaa authentication login tacacs+ allow-console-bypass authentication aaa authentication login tacacs+ allow-console-bypass authentication authorization aaa accounting command start-stop tacacs+ aaa authorization command tacacs+ aaa authorization enable if-authenticated tacacs+
79 Performance Monitoring Commands
pm sample-interval
896
896 899 899 900 900 901
902
902 903 904 904
905
905 907 909 910 911
912
912 912 913 914
914
914 915 916 916 916 917
917
917 918
919
919 921 922 923 923 924 924 925
926
926
- xxviii -
CHAPTER 1 Introduction
MSBR | CLI Reference Guide
1 Introduction
This document describes the Command- Line Interface (CLI) commands for configuring, monitoring and diagnosing AudioCodes Multi-Service Business Routers (MSBR).
For a detailed description of each command concerned with configuration, refer to the device's User's Manual.
Some AudioCodes products referred to in this document may not have been released in Version 7.2. Therefore, ignore commands that are applicable only to these specific products. For a list of the products released in Version 7.2, refer to the Release Notes of the MSBR series, which can be downloaded from AudioCodes website.
-1-
Part I
Getting Started
CHAPTER 2 Accessing the CLI
MSBR | CLI Reference Guide
2 Accessing the CLI
You can access the device's CLI through the following: RS-232: Device's that are appliances (hardware) can be accessed through RS-232 by
connecting a VT100 terminal to the device's console (serial) port or using a terminal emulation program (e.g., HyperTerminal®) with a PC. Once you have connected via a VT100 terminal and started the emulation program, set the program settings as follows:
115200 baud rate
8 data bits
No parity
1 stop bit
No flow control
For cabling your device's RS-232 interface (console port), refer to the device's User's Manual or Hardware Installation Manual. SSH: For remote access, the device can be accessed through the SSH protocol using thirdparty SSH client software. A popular freeware SSH client software is PuTTY, which can be downloaded from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html. By default, SSH access is disabled. To enable SSH, enter the following command set:
# configure system (config-system)# cli-settings (cli-settings)# ssh on
Telnet: For remote access, the device can be accessed through the Telnet protocol using third-party Telnet client software (e.g., PuTTY). Most Windows® computers come with a program called Telnet, which can be activated via the Windows command line:
> telnet <Device's OAMP IP Address> Welcome to ... Username: <Username> Password: <Password>
When accessing the device's CLI, you are prompted to enter your management username and password. The credentials are common to all the device's management interfaces (e.g., Web).
The default username and password of the Administrator user level is Admin and Admin, respectively.
The default username and password of the Monitor user level is User and User, respectively.
-3-
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
3 CLI Structure
This section describes the CLI structure.
CLI Command Modes
Before you begin your CLI session, it is recommended that you familiarize yourself with the CLI command modes. Each mode provides different levels of access to commands, as described below.
Basic User Mode
The Basic User command mode is accessed upon a successful CLI login authentication. Any user level can access the mode. The commands available under this mode are limited and only allow you to view information (using the show commands) and activate various debugging capabilities.
Welcome to ... Username: Admin Password: <Password> >
The Basic User mode prompt is ">".
Privileged User Mode
The Privileged User command mode is the high-level tier in the command hierarchy, one step up from the Basic User mode. A password is required to access the mode after you have accessed the Basic User mode. The mode allows you to configure all the device's settings. Once you have logged in to the device, the Privileged User mode is accessed by entering the following commands: > enable
Password: <Privileged User mode password> #
The Privileged User mode prompt is "#".
Only management users with Security Administrator or Master user levels can access the Privileged User mode.
The default password for accessing the Privileged User mode is "Admin" (casesensitive). To change this password, use the privilege-password command.
If you enable RADIUS- or LDAP-based user login authentication, when users with Security Administrator privilege level log in to the device's CLI, they are automatically given access to the Privileged User mode.
-4-
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
The Privileged User mode groups the configuration commands under the following configuration command sets:
Configuration Command Sets Data
Description
Contains data-router related commands. To access this command set:
# configure data (config-data)#
Network
Contains IP network-related commands (e.g., interface and dhcp-server). To access this command set:
# configure network (config-network)#
System
Contains system-related commands (e.g., clock, snmp settings, and web). To access this command set:
# configure system (config-system)#
Troubleshoot
Contains troubleshooting-related commands (e.g., syslog, logging and test-call). To access this command set:
# configure troubleshoot (config-troubleshoot)#
VoIP
Contains voice-over-IP (VoIP) related commands (e.g.,
ip-group, sbc, and media).
To access this command set:
# configure voip (config-voip)#
Switching between Command Modes
To switch between command modes, use the following commands on the root-level prompt:
-5-
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
Switching from Basic User to Privileged User mode:
> enable Password: <Password> #
Switching from Privileged User to Basic User mode:
# disable >
CLI Configuration Wizard
AudioCodes CLI Wizard provides a quick-and-easy tool for configuring your device with basic, initial management settings:
Login passwords of the Security Administrator ("Admin") and User Monitor user accounts for accessing the device's embedded Web and CLI servers.
IP network of the operations, administration, maintenance, and provisioning (OAMP) interface
SNMP community strings (read-only and read-write)
The utility is typically used for first-time configuration of the device and is performed through a direct RS-232 serial cable connection with a computer. Configuration is done using the device's CLI. Once configured through the utility, you can access the device's management interface through the IP network.
To access the CLI Wizard, enter the following command at the root-prompt level:
# configure-wizard
For more information on how to use this utility, refer to the CLI Wizard User's Guide.
CLI Shortcut Keys
The device's CLI supports the following shortcut keys to facilitate configuration. Table 3-1: CLI Shortcut Keys
Shortcut Key
Description
(Up arrow key) Retypes the previously entered command. Continuing to
press the key cycles through all commands entered, starting with the
most recent command.
-6-
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
Shortcut Key
Description
Tab
Pressing the key after entering a partial, but unique command
automatically completes the command name.
?
(Question mark) Can be used for the following:
To display commands pertaining to the command set, for example:
(config-network)# ?
access-list Network access list
dhcp-server DHCP server configuration
dns
DNS configuration
...
To display commands beginning with certain letters. Enter the letter followed by the "?" mark (no space), for example:
(config-network)# d?
dhcp-server DHCP server configuration
dns
DNS configuration
To display a description of a command. Enter the command followed by the "?" mark (no space), for example:
(config-network)#dns srv2ip?
srv2ip SRV to IP internal table
To display all subcommands for the current command. Enter the command, a space, and then the "?" mark, for example:
(config-network)# dns srv2ip ?
-7-
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
Shortcut Key
Description
[0-9]
index
If one of the listed items after running the "?" mark is "<cr>", a carriage return (Enter) can be entered to run the command, for example:
show active-alarms ?
<cr>
Ctrl + A Ctrl + E Ctrl + U Space Bar
Moves the cursor to the beginning of the command line. Moves the cursor to the end of the command line. Deletes all characters on the command line. When pressed after "--MORE--" that appears at the end of a displayed list, the next items are displayed.
Common CLI Commands
The table below describes common CLI commands. Table 3-2: Common CLI Commands
Command
Description
| <filter>
Filters a command's output by matching the filter string or expression, and thereby displaying only what you need. The syntax includes the command, the vertical bar (|) and the filter expression:
<command>|<filter string or expression>
The filter expression can be:
include <string>: Filters the output to display only lines with the string, for example:
# show running-config|include sbc routing ip2ip-routing 1 sbc routing ip2ip-routing 1
exclude <string>: Filters the output to display all lines
-8-
CHAPTER 3 CLI Structure
Command
MSBR | CLI Reference Guide
Description
except the string.
grep <options> <expression>: Filters the output according to common options ("-v" and "-w") of the global regular expression print ("grep") UNIX utility.
"-v": Excludes all output lines that match the regular expression. If the "-v" option is not specified, all output lines matching the regular expression are displayed.
"-w": Filters the output lines to display only lines matching whole words form of the regular expression.
For example:
show system version|grep Number
;Serial Number: 2239835;Slot Number: 1 egrep <expression>: Filters the output according to
common options of the "egrep" Unix utility.
begin <string>: Filters the output to display all lines starting with the matched string, for example:
# show running-config|begin troubleshoot configure troubleshoot syslog syslog on syslog-ip 10.8.94.236 activate exit activate exit
between <string 1> <string 2>: Filters the output to display only lines located between the matched string 1 (top line) and string 2 (last line). If a string contains a space(s), enclose the string in double quotes. For example, the string, sbc malicious-signature-database 0 contains spaces and is therefore enclosed in double quotes:
-9-
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
Command
Description
# show running-config|between "sbc malicious-signature-database 0" exit
sbc malicious-signature-database 0 name "SIPVicious" pattern "Header.User-Agent.content prefix 'friendly-scanner'" activate exit
| tail <number of lines>
count: Displays the number of output lines.
Filters the command output to display a specified number of lines from the end of the output. The syntax includes the command of whose output you want to filter, the vertical bar (|) followed by the tail command, and then the number of lines to display:
<command> | tail <number of lines (1-1000) to display>
Below shows an example where the last five lines of the show running-config command output are displayed:
# show running-config | tail 5 testcall-id "555" activate exit activate exit
activate
Applies (activates) the command setting.
Note:
Offline configuration changes require a reset of the device. A reset can be performed at the end of your configuration changes. A required reset is indicated by an asterisk (*) before the command prompt. To reset the device, use the reload now command (resetting the device by powering off-on the device or by pressing the reset pinhole button will not preserve your new configuration).
- 10 -
CHAPTER 3 CLI Structure
Command defaults descending display do
exit
MSBR | CLI Reference Guide
Description
The command is applicable to SBC and Gateway functionality.
Restores the configuration of the currently accessed command set to factory default settings. For example, the below restores the Automatic Update configuration to factory defaults:
(auto-update)# defaults
Displays the command output in descending order, for example:
# show voip calls active descending
Note: Currently, this filter is supported only by certain show commands.
Displays the configuration of current configuration set.
Runs a command from another unrelated command without exiting the current command set. For example, the command to display all active alarms is run from the current command set for clock settings:
(clock)# do show active-alarms
The example below runs the show running-config command (which displays device configuration) from the current command set for clock settings:
(clock)# do show running-config
Leaves the current command-set and returns one level up. For online parameters, if the configuration was changed and no activate command was entered, the exit command applies the activate command automatically. If entered on the top level, the session ends.
(config-system)# exit # exit Connection to host lost.
- 11 -
CHAPTER 3 CLI Structure
Command first <x>
help history last <x>
list no
pwd
MSBR | CLI Reference Guide
Description Filters the command output to display the first x number of entries. For example, the following displays only the first two entries:
# show voip calls history sbc first 2
Note: Currently, this filter is supported only by certain show commands. Displays a short help how-to string. Displays a list of previously run commands. Filters the command output to display the last x number of entries. For example, the following displays only the last four entries:
# show voip calls active last 4
Note: Currently, this filter is supported only by certain show commands. Displays a list of the available commands list of the current command-set. Undoes an issued command, disables a feature or deletes a table row. Enter the no before the command, for example: Disables the debug log feature:
# no debug log
Deletes the table row at Index 2:
<config-voip># no sbc routing ip2ip-routing 2
Displays the full path to the current CLI command, for example:
(auto-update)# pwd /config-system/auto-update
- 12 -
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
Command quit range <x-y>
Description
Terminates the CLI session.
Filters the command output to display a range of entries from x to y. For example, the following displays only the entries from 1 to 4:
# show voip calls active 1-4
Note: Currently, this filter is supported only by certain show commands.
Working with Tables
This section describes general commands for configuring tables in the CLI.
Adding New Rows
When you add a new row to a table, it is automatically assigned to the next consecutive, available index.
Syntax # <table name> new
Command Mode Privileged User
Example If the Accounts table is configured with three existing rows (account-0, account-1, and account2) and a new row is added, account-3 is automatically created and its configuration mode is accessed:
(config-voip)# sip-definition account new (account-3)#
Adding New Rows to Specific Indices
You can add a new row to any specific index number in the table, even if a row has already been configured for that index. The row that was assigned that index is incremented to the next consecutive index number, as well as all the index rows listed below it in the table.
- 13 -
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
Syntax # <table name> <row index> insert
Note The command is applicable only to the following tables: SBC:
IP-to-IP Routing Classification Message Condition IP-to-IP Inbound Manipulation IP-to-IP Outbound Manipulation SBC and Gateway: Message Manipulations Gateway: Destination Phone Number Manipulation Tables for IP-to-Tel / Tel-to-IP Calls Calling Name Manipulation Tables for IP-to-Tel / Tel-to-IP Calls Source Phone Number Manipulation Tables IP-to-Tel / Tel-to-IP Calls Redirect Number Tel-to-IP
Command Mode Privileged User
Example If the IP-to-IP Routing table is configured with three existing rows (ip2ip-routing-0, ip2iprouting-1, and ip2ip-routing-2) and a new row is added at Index 1, the previous ip2ip-routing-1 becomes ip2ip-routing-2, the previous ip2ip-routing-2 becomes ip2ip-routing-3, and so on:
(config-voip)# sbc routing ip2ip routing 1 insert (ip2ip-routing-1)#
Changing Index Position of Rows
You can change the position (index) of a table row, by moving it one row up or one row down in the table.
- 14 -
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
Syntax # <table name> <row index> move-up|move-down
Note The command is applicable only to certain tables. Command Mode Privileged User Example Moving row at Index 1 down to Index 2 in the IP-to-IP Routing table:
<config-voip># sbc routing ip2ip-routing 1 move-down
Deleting Table Rows
You can delete a specific table row, by using the no command. Syntax
# no <table name> <row index to delete>
Command Mode Privileged User Example This example deletes a table row at Index 2 in the IP-to-IP Routing table:
<config-voip># no sbc routing ip2ip-routing 2
CLI Error Messages
The table below lists and configures common error messages given in the CLI.
- 15 -
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
Table 3-3: CLI Error Messages
Message
Helpful Hints
"Invalid command"
The command may be invalid in the current command mode or you may not have entered sufficient characters for the command to be recognized.
"Incomplete command"
You may not have entered all of the pertinent information required to make the command valid. To view available Command associated with the command, enter a question mark (?) on the command line.
Typographical Conventions
This document uses the following typographical conventions: Table 3-4: Typographical Conventions
Convention
Description
bold font
Bold text indicates commands and keywords, for example:
ping 10.4.0.1 timeout 10
< ... >
Text enclosed by angled brackets indicates Command for which you need to enter a value (digits or characters), for example:
ping <IP Address> timeout <Duration>
|
The pipeline (or vertical bar) indicates a choice between commands or
keywords, for example:
# reload {if-needed|now|without-saving}
[...]
Keywords or command enclosed by square brackets indicate optional
commands (i.e., not mandatory). This example shows two optional
commands, size and repeat:
ping <IP Address> timeout <Duration> [size <Max Packet Size>] [repeat <1-300>]
{...}
Keywords or command enclosed by curly brackets (braces) indicate a
required (mandatory) choice, for example:
- 16 -
CHAPTER 3 CLI Structure
MSBR | CLI Reference Guide
Convention
Description # reload {if-needed|now|without-saving}
- 17 -
Part II
Root-Level Commands
CHAPTER 4 Introduction
MSBR | CLI Reference Guide
4 Introduction
This part describes commands located at the root level, which includes the following main commands:
Command debug show clear Maintenance commands
Description See Debug Commands on page 20 See Show Commands on page 75 See Clear Commands on page 170 See General Root Commands on page 185
- 19 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
5 Debug Commands
This section describes the debug commands.
Syntax # debug
This command includes the following commands:
Command adsl-connection adsl-firmware auxilary-files bfd bgp capture cli cwmp
data-syslog debug-recording dhcpv6_client dhcpv6_server dial-plan dot11radio dynamic-routing ethernet exception-info exception-syslog-history
Description See debug adsl-connection on page 22 See debug adsl-firmware on page 22 See debug auxilary-files on page 23 See debug bfd on page 25 See debug bgp on page 26 See debug capture on page 27 See debug cli delayed-command on page 41 See debug cwmp send-connection-request on page 42 See debug data-syslog on page 43 See debug debug-recording on page 43 See debug dhcpv6_client on page 45 See debug dhcpv6_server on page 45 See debug dial plan on page 46 See debug dot11radio on page 46 See debug dynamic-routing on page 48 See debug ethernet on page 49 See debug exception-info on page 50 See debug exception-syslog-history on page 51
- 20 -
CHAPTER 5 Debug Commands
Command fax ipv6-ra log ospf ospf6 persistent-log show phy-err-injection pstn reset-history reset-syslog-history rip ripng rmx-serial serial-port sip speedtest syslog syslog-server test-call usb usb-3g voip vrf zebra
MSBR | CLI Reference Guide
Description See debug fax on page 51 See debug ipv6-ra on page 52 See debug log on page 53 See debug ospf on page 54 See debug ospf6 on page 55 See debug persistent-log show on page 57 See debug phy-err-injection on page 59 See pstn-debug on page 290 See debug reset-history on page 60 See debug reset-syslog-history on page 61 See debug rip on page 62 See debug ripng on page 62 See debug rmx-serial on page 63 See debug serial-port on page 64 See debug sip on page 65 See debug speedtest on page 66 See debug syslog on page 67 See debug syslog-server on page 68 See debug test-call on page 68 See debug usb on page 70 See debug usb-3g on page 71 See debug voip on page 72 See debug vrf on page 73 See debug zebra on page 73
- 21 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug adsl-connection
This command displays the ADSL line synchronization status (Physical Interface). The output can be displayed in the CLI as well as in the Syslog viewer after Syslog is enabled.
Syntax
# debug adsl-connection
Command Mode Privileged User
Example This example displays the ADSL line synchronization status. Note that the debug log command, run first, displays logs. If you run the debug adsl-connection command without running the debug log command, the log messages of the debug adsl-connection command will be sent to a log that can be displayed by running the show log command. If Syslog messaging is configured, the message will be sent to the Syslog server.
# debug log # debug adsl-connection
May 16 20:01:01 DATA: interface adsl 0/2 line State: 0x00000200 (Silent). May 16 20:01:03 DATA: interface adsl 0/2 line State: 0x00000300 (Handshake). May 16 20:01:07 DATA: interface adsl 0/2 line State: 0x00000380 (Full Init). May 16 20:01:32 DATA: interface adsl 0/2 line State: 0x00000801 (Showtime TC Sync).
This example displays the ADSL line synchronization status in the Syslog server:
# enable syslog # debug adsl-connection
debug adsl-firmware
This command configures the method for copying the ADSL firmware file.
- 22 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Syntax # debug adsl-firmware <tftp | usb>
Command
Description
tftp
[A.B.C.D] = Configures the TFTP server address old-image = Configures using the old-image for copying the firmware file
usb
[VRX File Name] = Configures the Visual ReportX Data file name
old-image = Configures using the old-image for copying the firmware file
Command Mode Privileged User
Example This example configures the USB method of copying the firmware file:
# debug adsl-firmware usb usb
debug auxilary-files
This command debugs loaded Auxiliary files.
Syntax # debug auxilary-files {dial-plan|user-info}
Command dial-plan
user-info
Description
Debugs the dial plan (see debug auxilary-files dial-plan on the next page).
Debugs the User Info file (see debug auxilary-files user-info on page 25).
Command Mode Privileged User
- 23 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug auxilary-files dial-plan
This command debugs the Dial Plan file.
Syntax # debug auxilary-files dial-plan {info|match-number <Dial Plan Number> <Prefix Number>}
Command info
matchnumber
Description
Displays the loaded Dial Plan file and lists the names of its configured Dial Plans.
Checks whether a specific prefix number is configured in a specific Dial Plan number. If the Dial Plan is used for tags, the command also shows the tag name.
Dial Plan Number
Defines the Dial Plan in which to search for the specified prefix number.
Prefix Number
Defines the prefix number to search for in the Dial Plan.
Note The index number of the first Dial Plan is 0.
Command Mode Privileged User
Example Checking if the called prefix number 2000 is configured in Dial Plan 1, which is used for obtaining the destination IP address (tag):
# debug auxilary-files dial-plan match-number PLAN1 2000 Match found for 4 digits Matched prefix: 2000 Tag: 10.33.45.92
Displaying the loaded Dial Plan file and listing its configured Dial Plans:
- 24 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
# debug auxilary-files dial-plan info File Name: dialPlan.txt Plans: Plan #0 = PLAN1 Plan #1 = PLAN2
debug auxilary-files user-info
This command displays the name of the User-Info file installed on the device.
Syntax
# debug auxilary-files user-info info
Command Mode Privileged User
Example Displaying the name of the User-Info file installed on the device:
# debug auxilary-files user-info info User Info File Name UIF_SBC.txt
debug bfd
The Bidirectional Forwarding Detection (BFD) debug command configures the logging of debugging information for critical BFD events, normal BFD events, and BFD packets. The command configures BFD event traces and BFD event logs. The command helps administrators identify and analyze issues with BFD sessions.
Syntax
# debug bfd
Command
Description
fsm
Associates the Finite State Machine with Virtual Routing and Forwarding
(VRF) technology which allows multiple instances of a routing table to co-
exist within the same router. Routing instances are independent so the
same or overlapping IP addresses can be used without conflicts. Enter the
- 25 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command
Description
name of the VRF table with which to associate the Finite State Machine.
net
Associates the BFD network messages with a VRF. Enter the name of the VRF
table with which to associate the BFD network messages.
zebra
Associates the BFD Zebra messages with a VRF. Enter the name of the VRF table with which to associate the BFD Zebra messages. Zebra routing software provides TCP/IP based routing services with support from routing protocols RIP, OSPF and BGP. Zebra also supports IPv4 and IPv6 routing protocols.
Command Mode Privileged User
Example This example associates BFD network messages with a VRF:
# debug bfd net vrf VRF-table-1
debug bgp
This command debugs Border Gateway Protocol (BGP) processing.
Syntax # debug dbg
Command
Description
events
Debugs BGP events.
filters
Debugs BGP filters.
fsm
Debugs BGP Finite State Machine.
keepalives Debugs BGP keepalives.
updates {in|out}
Debugs BGP updates.
- 26 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command zebra
Description
Debugs BGP Zebra messages. Zebra routing software provides TCP/IP based routing services with support from routing protocols RIP, OSPF and BGP. Zebra also supports IPv4 and IPv6 routing protocols.
Command Mode Privileged User
Example This example shows how to configure debugging outbound updates:
# debug bgp updates BGP updates debugging is on # debug bgp updates out BGP updates debugging is on (outbound)
debug capture
This command captures network traffic.
Syntax # debug capture {trim|voip}
data trim voip
Command
Description See debug capture data below See debug capture trim on page 37 See debug capture voip on page 37
Command Mode Privileged User
debug capture data
This command debugs data-routing functionality.
- 27 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
The captured files are saved to a pcap file. You can also send the file to an FTP or a TFTP server or save the file to a USB device connected to the MSBR. You can also save the file locally on the MSBR, but in this case, the file size is limited to 20 MB.
debug capture data interface
This command captures network traffic on one of the data sub-system network interfaces.
Syntax The syntax of this command includes the following variations:
debug capture data interface <interface type> <interface ID> [ipsec] proto <protocol filter> host <host filter> debug capture data interface <interface type> <interface ID> [ipsec] proto <protocol> host <host filter> port <port filter> debug capture data interface <interface type> <interface ID> [ipsec] proto <protocol> host <host filter> port <port filter> tftp-server <tftp server ip address> debug capture data interface <interface type> <interface ID> [ipsec] proto udp <host filter> any port <port filter> ftp-server <ftp server ip address>
The command's syntax format is described below:
Arguments
Description
interface type interface ID
Defines the Interface Type and ID of the network interface on which to start the debug capture process. Each interface type has its own interface ID options:
vlan <vlan number>
GigabitEthernet <slot/port>
GigabitEthernet <slot/port.vlan number>
protocol filter
Captures specific protocol, or all protocols. Available options are: all ip ipv6 tcp udp arp icmp
- 28 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Arguments
Description
host filter Captures traffic from/to a specific host (IP address), or any.
port filter
Captures traffic from/to a specific port. Valid ports are 1-65535, or the keyword any. When using arp or icmp as protocol filter, port filter cannot be used, and the only valid value is any. This argument is optional.
tftp server ip address
When this argument is omitted, captured traffic is printed to the CLI console. When using this argument, the captured traffic is saved to a file in pcap format, and when the capture is stopped (using ctrl-c), the capture file is uploaded, via TFTP, to the TFTP server specified in this argument.
The TFTP server IP address specified in this argument must be accessible from one of the data sub-system network interfaces, so that the capture file will be uploaded to the server successfully. Use ping test to make sure this TFTP server is accessible. This argument is optional.
ftp server ip address
This command provides support for sending debug captures to an FTP server. Note: This is only applicable to MSBR devices.
Default NA
Command Mode Enable
Related Commands debug capture voip
Examples The following example starts a debug capture on the network interface vlan 77, with a protocol filter (tcp), a host filter (192.168.0.15), and a port filter (80). The captured traffic will be printed to the CLI session:
# debug capture data interface vlan 77 proto tcp host 192.168.0.15 port 80
The following example starts a debug capture on the network interface GigabitEthernet 0/0, with a protocol filter (udp), no host filter, and no port filter. The captured traffic will be saved to a temporary file, and will be sent, when ctrl-c is used, to the TFTP server at address 192.168.1.12. This server is accessible via network interface vlan 1:
- 29 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
# debug capture data interface GigabitEthernet 0/0 proto udp host any port any tftpserver 192.168.0.15
debug capture data physical clear
The command deletes debug captured files from the device's RAM..
Syntax debug capture data physical clear
Command Mode Enable
Related Commands NA
Examples The following example deletes debug captured files from the device's RAM.
# debug capture data physical clear
debug capture data physical start
The command starts capturing files.
Syntax debug capture data physical start
Default By default, capture is inactive.
Note: Once this command is issued, recording is performed to an in-memory buffer. If the buffer becomes full, recording stops.
- 30 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command Mode Enable
Related Commands NA
Examples The following example performs a network capture of both LAN and ADSL.
# debug capture data physical start Note: Debug capture data will be collected locally, and later sent to a PC via TFTP/FTP. Please make sure that VLAN 1 is defined and the PC is accessible through it.
debug capture data physical stop
This command stops capturing files.
Syntax debug capture data physical stop <Server IP> vrf <VRF name>
Arguments <Server IP> vrf <name>
Description Defines the IP address of the TFTP/FTP server. Defines the VRF name.
Default By default, capture is inactive.
Note: The captured data is collected locally, and only then sent to the PC later on. The usb option is only applicable when a USB stick is connected to the device. Once the start command is issued, recording is performed to an in-memory buffer. If the
buffer becomes full, recording stops. The stop command creates a file named debug-capture-data-<timestamp>.pcap and
sends it to the TFTP server. The TFTP server must be configured to allow file uploads.
- 31 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
The generated PCAP file is in the Extensible Record Format (ERF); recent versions of Wireshark (1.5.0 or newer) are recommended for proper dissection.
Wireshark's ERF settings must be configured as follows:
Command Mode Enable
Related Commands NA
Examples The debug capture is de-activated using the following existing commands:
# debug capture data physical stop 192.168.0.3 vrf vrf1 Trying to send capture to TFTP/FTP server , filename debug-capture-data16032014-154400 Finished
debug capture data physical insert-pad
This command makes a manual mark in the captured file.
Syntax debug capture data physical insert-pad
Default By default, capture is inactive.
Command Mode Enable
Related Commands
- 32 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
NA
Examples The following example inserts a manual mark in the captured file.
# debug capture data physical insert-pad
debug capture data physical target
This command defines the destination server for the captured packet file.
Syntax
debug capture data physical target ftp user <ftp username> password <ftp password> debug capture data physical target tftp debug capture data physical target usb
Arguments ftp tftp usb
Description Defines using an FTP server. Sends the capture to a TFTP server. Saves the capture to USB storage.
Default By default, capture is inactive.
Note: The usb option is only applicable when a USB stick is connected to the device. This applies only to Mediant 5xx and Mediant 8xx devices.
Command Mode Enable
Related Commands NA
Examples
- 33 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
The following example sets the destination for the captured packet file as a TFTP server. # debug capture data physical target tftp
debug capture data physical autostop
This command provides support for starting a debug-traffic capture on the device's physical network interfaces and allowing it to run until a user-defined event. This event can be a Syslog message or an interface state-change.
All physical targets (TFTP, FTP, and USB), and SSH retrieval are supported, as well as regular and cyclic-buffer modes. When combined with cyclic-buffer mode, this command makes diagnosis of network problems easier.
Syntax
debug capture data physical auto-stop {event|keep|send} syslog <message> debug capture data physical auto-stop event state-change <interface> debug capture data physical auto-stop event state-change any debug capture data physical auto-stop {send <IP address>|keep} no debug capture data physical auto-stop
Arguments
Description
auto-stop
Enables auto-stop capture on predefined events. event Selects events keep Keeps capture for SSH retrieval send - Sends capture to the TFTP/FTP server
<interface> Use one of the following: eth-lan eth-wan cellular-wan shdsl-wan t1-wan dsl-wan depending on the hardware capabilities of the device. This command may be issued multiple times to capture data from several interfaces at once.
- 34 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Default By default, capture is inactive.
Command Mode Enable
Related Commands NA
Examples: The following are examples of how this command can be used. Defines the Syslog message event, upon which the device stops the debug capture:
# debug capture data physical auto-stop event syslog "<message>"
Defines the state change on a specific interface, upon which the device stops the debug capture:
# debug capture data physical auto-stop event state-change <interface, e.g., GigabitEthernet 0/0>
Defines a state change on any interface, upon which the device stops the debug capture:
# debug capture data physical auto-stop event state-change any
Defines what to do with the debug capture when it is automatically stopped:
# debug capture data physical auto-stop {send <IP address>|keep}
Where: send: sends the capture to the defined IP address keep: saves the capture on the device for later retrieval
Disables the automatic stopping feature for debug captures:
# no debug capture data physical auto-stop
- 35 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug capture data physical <interface>
This command records all traffic on the device's interfaces, saving the result in a PCAP-format file (suitable for Wireshark) on a TFTP server. This command provides support for debug capturing of Asynchronous Transfer Mode (ATM) packets over ADSL through the ADSL/VDSL PHY (physical layer) chipset. It also supports ATM AAL5 (ATM Adaptation Layer 5) and ATM OAMP cells.
Syntax
debug capture data physical <interface>
<interface> cellular-wan eth-lan eth-wan fiber-wan xdsl-wan
Description Defines the cellular WAN interface. Defines LAN Ethernet interfaces. Defines WAN Ethernet interfaces. Defines the WAN fiber interface. Defines any DSL interface (ADSL, VDSL) that is installed on the MSBR.
Default By default, capture is inactive.
Command Mode Enable
Related Commands NA
Examples: The following example performs a network capture of both LAN and ADSL.
# debug capture data physical eth-lan # debug capture data physical xdsl-wan
- 36 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug capture trim
This command trims captured network traffic for USB captures.
Syntax # debug capture trim {in-file <File>|offset <Time>}
Command in-file offset
Description
Trims captured traffic. Uses the existing file on USB storage.
After a capture has been saved on an attached USB stick, you can trim the capture to include only a relevant time-slice. The command is useful when fetching a large capture file via SSH over a slow network connection. Offset is from the start of the capture, in hours:minutes:seconds.
Example Offsetting 1 hour 20 minutes from start of capture in order to trim captured USB traffic:
debug capture trim offset 00:01:20
debug capture voip
This command captures network traffic on VoIP network interfaces.
Syntax # debug capture voip {interface|physical}
Command interface
physical
Description
Captures network traffic on one of the VoIP sub-system network interfaces. See debug capture voip interface below
Captures traffic on the wire. See debug capture voip physical on page 39
debug capture voip interface
This command captures network traffic on a VoIP network interface (VLAN).
- 37 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Syntax
# debug capture voip interface vlan <VLAN ID> proto <Protocol Filter> host <Host Filter> {port <Port Filter> [tftp-server <TFTP Server IP Address>|ftp-server <FTP Server IP Address>]}
To start and stop the capture: 1. After typing the above command, press Enter. 2. To stop the capture, press Ctrl+C.
Command
Description
vlan
Defines the VLAN ID of the network interface on which to start the
debug capture.
proto
Configures a protocol filter: all (all protocols) arp (ARP packets) icmp (ICMP packets) ip (IP packets) ipv6 (IPv6 packets) tcp (TCP packets) udp (UDP packets)
host
Configures a host (IP address) from/to which the packets are captured.
To specify all hosts, enter any.
port
(Optional) Configures a port filter: 1-65535 or any (all ports). When
using arp or icmp as the protocol filter, port filter cannot be used and
the only valid value is any.
ftp-server
(Optional) Defines the IP address of the FTP server to which the captured traffic file (in .pcap file format) is sent. If not specified, captured traffic is displayed in the CLI console.
After running the command, press Ctrl+C when you want the capture to end and the captured traffic file to be sent to the server.
Note: The FTP server's IP address must be accessible from one of the VoIP network interfaces for the capture file to be successfully uploaded to the server. Ping the server to make sure it's accessible.
- 38 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command tftp-server
Description
(Optional) Defines the IP address of the TFTP server to which the captured traffic file (in .pcap file format) is sent. If not specified, captured traffic is displayed in the CLI console. After running the command, press Ctrl+C when you want the capture to end and the captured traffic file to be sent to the server. Note: The TFTP server's IP address must be accessible from one of the VoIP network interfaces for the capture file to be successfully uploaded to the server. Ping the server to make sure it's accessible.
Command Mode Privileged User
Examples Starting a debug capture on network interface VLAN 12, no host filter, and no port filter; the captured traffic is displayed in the CLI console:
# debug capture voip interface vlan 12 proto all host any
Starting a debug capture on network interface VLAN 1 with a protocol filter (IP), no host filter, and a port filter (514); the captured traffic is saved to a temporary file and is sent (when you press Ctrl+C) to the TFTP server at address 171.18.1.21:
# debug capture voip interface vlan 1 proto ip host any port 514 tftp-server 171.18.1.21
debug capture voip physical
This command captures network traffic on a physical VoIP network interface.
Syntax # debug capture voip physical {clear|cyclic-buffer|eth-lan|get_last_capture|insertpad|show|start|stop|target} # debug capture voip physical target {ftp|tftp|usb} # debug capture voip physical get_last_capture <TFTP/FTP Server IP Address>
To start a capture:
# debug capture voip physical start
- 39 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
To stop a capture: # debug capture voip physical stop {<TFTP/FTP server IP Address>|usb}
Command clear cyclic-buffer
eth-lan get_last_capture
insert-pad
show start stop
target
Description
Deletes captured files from the device's RAM.
Continuously captures packets in a cyclical buffer. Packets are continuously captured until the Stop command is entered.
Captures LAN frames.
Retrieves the last captured PCAP file sent to a specified TFTP/FTP server IP address. Note: The file is saved to the device's memory (not flash) and is erased after a device reset.
Before running this command, the debug capture must be started.
Inserts a PAD packet. A marked packet is shown with black background regardless of the configured coloring rules. Benefit: A marked packet can easily be located later when analyzing in a large capture file.
Displays debug status and configured rules.
Starts the capture.
Stops the capture and sends the capture file to the specified target. The capture file is named: "debug-capture-voip-<timestamp>.pcap"
Defines the capture storage target: ftp tftp usb
user
(Only applicable if ftp is specified as the capture storage target) Defines the name of the FTP user.
password
(Only applicable if ftp is specified as the capture storage target) Defines the password of the FTP user.
- 40 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Note To free up memory on your device, it is recommended to delete the captured files when
you no longer need them, using the following command: debug capture voip physical clear Capturing to USB is applicable only to devices providing USB port interfaces. The command is applicable only to MP-1288, Mediant 5xx, Mediant 8xx; Mediant 1000B, Mediant 2600 and Mediant 4000.
Examples Starting a physical VoIP debug capture:
# debug capture voip physical eth-lan # debug capture voip physical start
Retrieving the latest capture (PCAP file) saved on a specified server.
# debug capture voip physical get_last_capture 10.15.7.99
Specifying USB as the destination to which to send the PCAP file:
# debug capture voip physical target usb
debug cli delayed-command
This command allows you to run a specified command after a user-defined interval.
Syntax # debug cli delayed-command
Command
Description
<Delay Time> {minutes|seconds} '<Command Name>'
Configures how much time (in minutes or seconds) to wait before running a specific command. The entire command path must be specified and enclosed in apostrophe. To denote carriage returns in the path, use semi-colons (;).
- 41 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command cancel <Command Number>
show
Description Cancels the delayed timer for a specific command.
Displays configured delayed commands whose timers have not yet expired.
Command Mode Privileged User
Example This example performs a firmware upgrade after 10 minutes:
# debug cli delayed-command 10 minutes `copy firmware from http://10.3.1.2:1400/tftp/SIP_F7.20A.150.001.cmp'
debug cwmp send-connection-request
This command sends a connection request to the ACS to start a TR-069 (CWMP) session with the device.
Syntax debug cwmp send-connection-request
Default NA
Command Mode All
Related Commands (config-system)# cwmp (cwmp-tr069)# send-connection-request
- 42 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug data-syslog
This command configures sending data networking debugging messages to Syslog.
Syntax # debug data syslog
Command Mode Privileged User
Example This example configures sending data networking debugging messages to Syslog:
# debug data-syslog
debug debug-recording
This command enables debug recording for all trunks. To collect debug recording packets, use Wireshark open-source packet capturing program. AudioCodes' proprietary plug-in files are required. They can be downloaded from https://www.audiocodes.com/library/firmware. After starting Wireshark, type acdr in the 'Filter' field to view the debug recording messages. Note that the source IP address of the messages is always the device's OAMP IP address.
Syntax
# debug debug-recording <Destination IP Address> {ip-trace|port|pstntrace|signaling|signaling-media|signaling-media-pcm} # debug debug-recording status
Command Destination IP Address
ip-trace
Description
Defines the destination IP address (IPv4) to which to send the debug recording (i.e., debug recording server).
Defines the debug recording filter type. Filters debug recording for IP network traces, using Wireshark-like expression (e.g., udp && ip.addr==10.8.6.55). IP traces are used to record any IP stream according to
- 43 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command
port pstn-trace signaling signaling-media signaling-media-pcm status
Description
destination and/or source IP address, or port and Layer4 protocol (UDP, TCP or any other IP type as defined by http://www.iana.com). Network traces are typically used to record HTTP.
Defines the port of the debug recording server to which to send the debug recording.
Defines the debug recording capture type as PSTN trace. The debug recording includes ISDN and CAS traces.
Defines the debug recording capture type as signaling. The debug recording includes signaling information such as SIP signaling messages, Syslog messages, CDRs, and the device's internal processing messages
Defines the debug recording capture type as signaling and media. The debug recording includes signaling, Syslog messages, and media (RTP/RTCP/T.38).
Defines the debug recording capture type as signaling, media and PCM. The debug recording includes SIP signalling messages, Syslog messages, media, and PCM (voice signals from and to TDM).
Displays the debug recording status.
Command Mode Privileged User
Note To configure the PSTN trace level per trunk, use the following command: configure voip >
interface > trace-level To send the PSTN trace to a Syslog server (instead of Wireshark), use the following
command: configure troubleshoot > pstn-debug To configure and start a PSTN trace per trunk, use the following command: configure
troubleshoot > logging logging-filters.
Example Displaying the debug recording status:
- 44 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
# debug debug-recording status Debug Recording Configuration: ============================== Debug Recording Destination IP: 10.33.5.231 Debug Recording Destination Port: 925 Debug Recording Status: Stop
Logging Filter Configuration (line 0): ====================================== Filter Type: Any Value: Capture Type: Signaling Log Destination: Syslog Server Mode: Enable
debug dhcpv6_client
This command configures debugging the functioning of the Dynamic Host Configuration Protocol (DHCP) version 6 client.
Syntax
# debug dhcpv6_client
Command Mode Privileged User
Example This example configures debugging DHCP v6 client functioning:
# debug dhcpv6_client
debug dhcpv6_server
This command configures debugging Dynamic Host Configuration Protocol (DHCP) version 6 server processing.
Syntax # debug dhcpv6_server
- 45 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example configures debugging DHCP v6 server processing:
# debug dhcpv6_server
debug dial plan
This command checks whether a specified Dial Plan contains specific digits.
Syntax debug dial-plan <Dial Plan Name> match-digits <Digits to Match>
Command Mode Basic and Privileged User
Example Searching for digits "2000" in Dial Plan 1:
debug dial-plan 1 match-digits 2000 Match succeeded for dial plan 1 and dialed number 2000. Returned tag RmoteUser
debug dot11radio
This command configures debugging the functioning of the router's wireless module.
Syntax # debug dot11radio
Command ath-debug
Description
Configures debugging Atheros Communications Inc. wireless module.
- 46 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command
ieee80211debug
Description
aggr-mem (Aggregated packets memory handling) beacon (Beacon handling) bt-coex (BT coexistence) calibrate (Periodic calibration) cwm (Channel width management) dcsDynamic (channel switch) fatal-error (Fatal errors) greenap (Green AP) htc-wmi (HTC/WMI) keycache (Key cache management) matMAT (for ProxySTA) node (Node management) power-save (PS Poll and PS save) ppm (PPM management) rateRate (control) recv (Basic RX operation) reset (Reset processing) scan (Scan) state (802.11 state transitions) swr (SwRetry mechanism) uapsd (UAPSD) watchdog (Watchdog timeout) xmit (Basic TX operation)
VAP and protocol-related messages.
Command Mode Privileged User
Example
- 47 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
This example configures debugging the power save function of the router's Atheros Communications Wi-Fi driver:
# debug dot11radio ath-debug power-save
debug dynamic-routing
This command configures debugging the MSBR device's memory storage capabilities.
Syntax # debug dynamic-routing
Command
Description
all
Debugs using all the commandss listed below.
bgp
Debugs Border Gateway Protocol memory.
lib
Debugs Library memory.
ospf
Debugs Open Shortest Path First (OSPF) memory.
ospf6
Debugs Open Shortest Path First for Internet Protocol version 6 (OSPF6) memory.
rip
Debugs Routing Information Protocol (RIP) memory.
ripng
Debugs RIPng (RIP next generation), defined in RFC 2080, extends RIPv2 to support next generation Internet Protocol, IPv6.
vrf
Associates memory debug messages with a VRF. Enter the name of the VRF
table with which to associate the debug messages.
zebra
Debugs Zebra routing software which provides TCP/IP based routing services with support from routing protocols RIP, OSPF and BGP (see above). Zebra also supports IPv4 and IPv6 routing protocols.
Command Mode Privileged User
Example This example shows how to configure debugging OSPF memory:
- 48 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
# debug dynamic-routing memory ospf
OSPF if info
: 12
OSPF if params
: 12
debug ethernet
This command configures loopback testing on specific WAN interfaces, for monitoring and troubleshooting (debugging). Loopback debugging can be activated on any WAN interface (name or type) and allows the remote side to loop traffic back through the device's WAN interface (typically used to check traffic flow). This is to comply with the IEEE 802.3ah standard for Operation, Administration, and Management (OAM) for link-fault management by remote loopback (on the Ethernet WAN interface). The no debug command is used to disable the feature.
Syntax
# debug ethernet loopback interface
Command
Description
fiber [slot/port] Configures the fiber interface in Loopback mode.
gigabitethernet [slot/port]
Configures the Gigabit Ethernet interface in Loopback mode.
Command Mode Privileged User
Note The command is applicable only to Mediant 500 MSBR and Mediant 800/B MSBR. All communication through the loopback WAN interface stops when the command is
enabled.
Example This example shows how to use debug ethernet:
- 49 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
# debug ethernet loopback interface gigabitethernet 0/0 Interface is in LOOPBACK mode. You will be unable to pass traffic across that interface.
debug exception-info
This command displays debug information about exceptions.
Syntax # debug exception-info
Command <Exception Number>
Description
Displays debug information of a specified exception number.
Command Mode
Privileged User
Example
This example shows how to display debug information related to exception 1:
# debug exception-info 1 There are 10 Exceptions Exception Info of Exception 1: Trap Message - Force system crash(0) due to HW Watchdog Board Was Crashed: Signal 0, Task BOARD MAC : 00908F5B1035 EXCEPTION TIME : 0.0.0 0.0.0 VERSION: Time 13.5.25, Date 16.12.16, major 720, minor 90, fix 485 Cmp Name:ramESBC_SIP Board Type:77 RELATED DUMP FILE : core_E-SBC_ver_720-90-485_bid_5b1035-177_SIP ZERO:00000000 AT:00000000 V0:00000000 V1:00000000 A0:00000000 A1:00000000 A2:00000000 A3:00000000 T0:00000000 T1:00000000 T2:00000000 T3:00000000 T4:00000000 T5:00000000 T6:00000000 T7:00000000 S0:00000000 S1:00000000 S2:00000000 S3:00000000 S4:00000000 S5:00000000 S6:00000000 S7:00000000 T8:00000000 T9:00000000 K0:00000000 K1:00000000 GP:00000000 SP:00000000 FP:00000000
- 50 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
stack_t - ss_sp:00000000 ss_size:00000000 ss_flags:00000000
PC:00000000
+0
RA:00000000
+0
debug exception-syslog-history
This command displays the syslog generated for exceptions.
Syntax # debug exception-syslog-history <0-9>
Where 0 is the latest syslog generated due to an exception.
Command Mode Privileged User
Example This example shows how to display the last two syslog-related exceptions:
# debug exception-syslog-history 1
debug fax
This command debugs fax modem with a debug level.
Syntax # debug fax
Command basic
detail
Description
Defines debug fax level to Basic. You can define the number of next sessions for debug.
Defines debug fax level to Detail. You can define the number of next sessions for debug.
Note The command is applicable only to devices supporting FXS interfaces.
- 51 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
To disable debug fax, type no debug fax.
Command Mode Privileged User
Example This example configures detailed fax debug for the next 10 sessions to be traced:
# debug fax detail 10 FaxModem debug has been activated in DETAIL mode. The 10 next FaxModem sessions will be traced.
debug ipv6-ra
This command debugs Internet Protocol Version 6 (IPv6) Router Advertisement (RA), which enables the MSBR device to advertise its presence.
Syntax # debug ipv6-ra <Debug Level>
Command Debug Level
Description
Configures the IP Version 6 RA debug level. 1 = Low 5 = High
Command Mode Privileged User
Example This example configures the IP version 6 RA debug level to 5:
# debug ipv6-ra 5
- 52 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug log
This command displays debugging messages (e.g., Syslog messages). Also displays activities performed by management users in the devices' management interfaces (CLI and Web interface).
Syntax debug log [full]
Command
Description
full
(Optional) Displays more information than the regular debug messages, for example, 'SID' (Session ID) and 'S' (Syslog message sequence). Useful (for example) in determining if there's a network problem resulting from a Loss of Packets.
Note When connected to the CLI through Telnet/SSH, the debug log command affects only the
current CLI session. To disable logging, type no debug log.
When connected to the CLI through Telnet/SSH, the no debug log command affects only the current CLI session.
To cancel log display for all sessions, use the command no debug log all.
Command Mode Basic and Privileged User
Example Displaying debug messages:
debug log Logging started Jun 16 13:58:54 Resource SIPMessage deleted - (#144) Jun 16 13:58:54 (#70) SBCRoutesIterator Deallocated. Jun 16 13:58:54 (#283) FEATURE Deallocated.
Displaying debug messages (full):
- 53 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug log full Logging started Jun 16 13:59:55 local0.notice [S=707517] [SID:1192090812] (sip_stack)(706869) Resource SIP Message deleted - (#79) Jun 16 13:59:55 local0.notice [S=707518] [SID:1192090812] (lgr_sbc)(706870)(#69) SBCRoutesIterator Deallocated. Jun 16 13:59:55 local0.notice [S=707519] [SID:1192090812] (lgr_sbc)(706871) (#282) FEATURE Deallocated.
debug ospf
This command debugs Open Shortest Path First (OSPF) routing protocol for Internet Protocol (IP) networks.
Syntax # debug ospf
Command
Description
event
Displays OSPF event information.
ism {events|status|timers}
Debugs the OSPF Interface State Machine (ISM Event Information, ISM Status Information and ISM TImer Information).
lsa {flooding|generate|install| refresh}
Debugs the OSPF Link State Advertisement (LSA Flooding, LSA Generation, LSA Install/Delete and LSA Refresh).
nsm {events|status|timers}
Debugs the OSPF Neighbor State Machine (NSM Event Information, NSM Status Information and NSM Timer Information).
nssa
Debugs the OSPF NSSA (Not-So-Stubby Area), a non-proprietary extension of the existing stub area feature that allows external routes to be injected in a limited fashion into the stub area. See http://www.ietf.org/rfc/rfc1587.txt for more information.
packet {all|dd|hello|lsack|ls-request|ls-update}
Debugs the OSPF packets (detailed information, packets received or packets
- 54 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command {detail|recv|send}
zebra {interface|redistribute}
Description
sent). Packets can be all, database (dd), hello, link state acknowledgement, link state request or link state update).
Debugs the OSPF Zebra routing software which provides TCP/IP based routing services with support from routing protocol OSPF.
Command Mode Privileged User
Example This example displays OSPF event information:
# debug ospf event
debug ospf6
This command debugs the Open Shortest Path First (OSPF) routing protocol for Internet Protocol (IP) Version 6 networks.
Syntax # debug ospf6
Command abr
asbr
border-routers {areaid|router-id}
Description
Debugs the OSPF Version 6 Area Border Router (ABR) function. ABRs connect one or more areas to the main backbone network.
Debugs the OSPF Version 6 ASBR (Autonomous System Boundary Router) function.
Debugs the border router (debugs a specific area according to area ID in A.B.C.D. notation, or debugs a specific border router according to that border router's ID in A.B.C.D. notation).
- 55 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command
Description
flooding
Debugs the OSPF Version 6 flooding function.
interface
Debugs the OSPF Version 6 interface.
lsa [XXXX/0xXXXX] {as-external|interprefix|inter-router| intra-prefix|link| network|router|unknown}
Debugs the OSPF Link State Advertisement. Debugs according to LS type specified as hexadecimal, or debugs AS-External, Inter-Prefix, Inter-Router, Intra-Prefix, Link, Network, Router or Unknown). Possible value for each of these:
examin (debugs Examining)
flooding (debugs Flooding) -or-
originate (debugs Originating)
message {all|dbdesc| hello|lsack|lsreq| lsupdate|unknown} (recv|send}
Debugs the OSPF Version 6 messages. Debugs: all (All messages) dbdesc (Database Description messages) hello (Hello messages) lsack (Link State Acknowledgement messages) lsreq (Link State Request messages) lsupdate (Link State Update messages) unknown (Unknown messages) Possible value for each of these: All Received only -or Sent only
neighbor {event|state}
Debugs the OSPF Version 6 Neighbor. After two routers become OSPF neighbors, they can become adjacent and exchange routing information.
event (Debugs OSPF Version 6 neighbor event)
state (Debugs OSPF Version 6 neighbor state change)
route {interarea|intra-area|
Debugs the calculation of the route table: inter-area (Debugs the calculation of the inter-
- 56 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command
Description
memory|table}
area route) intra-area (Debugs the calculation of the intra-
area route) memory (Debugs route memory use) table (Debugs detail)
spf {database|process|time}
Debugs the calculation of the SPF algorithm which computes the best path to all known destinations based on the data in their link state database.
database (Log number of Link State Advertisements at the time the SPF is calculated)
process (Debugs the detailed SPF process)
time (Measures how long it takes to calculate the SPF)
zebra {recv|send}
Debugs Zebra routing software. Zebra provides TCP/IP based routing services with support from routing protocols RIP, OSPF and BGP. Zebra also supports IPv4 and IPv6 routing protocols.
Possible values:
recv (Debugs only messages received)
send (Debugs only messages sent)
Command Mode Privileged User
Example This example debugs how long it takes the SPF algorithm to make its calculation:
# debug ospf6 spf time
debug persistent-log show
This command displays logged messages that are stored on the device's Persistent Logging storage.
- 57 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Syntax # debug persistent-log show
Command
Description
category-list {conf|err|ha|init|other}
Filters display by category of logged messages. You can filter by more than one category; make sure that you have spaces between the category subcommands (e.g., category-list conf ha).
count <Number of Logs>
Filters display by number of most recently logged messages.
offset <Logged Message Index>
When the count command is used, it filters display by displaying from this logged message index onward.
start-date <Date> enddate <Date>
Filters display by date range of logged event. The date is in the format YYYY-MM-DD, where YYYY is the year (e.g., 2017), MM the month (e.g., 01), and DD the day (e.g., 20).
stats
Displays statistics of the persistent logging:
"Number of received logs": Number of logs that were sent to the Persistent Logging storage.
"Number of logs sent to DB": Number of logs that were successfully saved to the Persistent Logging storage.
"Number of dropped logs": Difference between "Number of received logs" and "Number of logs sent to DB". Dropped logs (typically, due to a high load) indicates that the information in the Persistent Logging storage may be inconsequential or missing.
Note The command is applicable only to Mediant 9000 and Mediant VE/SE. Persistent Logging is always enabled (and cannot be disabled).
Command Mode
- 58 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Privileged User
Example
This example filters persistent logging by displaying two logged messages, starting from logged message at index 120:
# debug persistent-log show count 2 offset 120 120|2017-04-26 16:10:26|TPApp: [S=11008][BID=da4aec:20] SNMP Authentication Failure - source: IP = 172.17.118.45, Port = 1161, failed community string = public. [File:dosnmpv3.c Line:187] 121|2017-04-26 16:10:46|TPApp: [S=11009][BID=da4aec:20] SNMP Authentication Failure - source: IP = 172.17.118.45, Port = 1161, failed community string = public. [File:dosnmpv3.c Line:187]
debug phy-err-injection
This command debugs the Rx physical error injection.
Syntax # debug phy-err-injection
Command set delay-depth <Value>
set delay-rate <Value> set drop-rate <Value> set interface {atm|efm|fiber|gigabitethernet}
Description
Configures the delay depth, in packets
Configures the delay rate
Configures the drop rate
Configures the interface to run the Rx error on: atm
<Group/Subinterface> efm
<Slot/Port.vlanID> fiber <Slot/Port> gigabitethernet
<Slot/Port.vlanID> Example: 0/0.150
- 59 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
show start stop
Command
Description
where slot=0, port=0 and vlanID=150
Shows the configuration of the Rx physical error injection.
Starts the Rx physical error injection.
Stops the Rx physical error injection.
Command Mode Privileged User
Example This example starts debugging the RX physical error injection on the Gigabit Ethernet interface, slot 0, port 0 and VLAN ID 150:
# debug phy-err-injection set interface gigabitethernet 0/0.150
debug reset-history
This command displays a history (last 20) of device resets and the reasons for the resets (for example, a reset initiated by the user through the Web interface).
Syntax # debug reset-history
Command Mode Privileged User
Example This example resets debug history:
- 60 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
# debug reset-history Reset History : Reset History [00]: Reset Reason: an exception Time : 6-1-2010 21:17:31 FIRMWARE: Time 12.3.20, Date 8.5.17, major 720, minor 140, fix 716 Reset Syslog Counter 214 ********************************************** Reset History [01]: Reset Reason: issuing of a reset from Web interface Time : 1-1-2010 00:15:26 FIRMWARE: Time 12.3.20, Date 8.5.17, major 720, minor 140, fix 716 Reset Syslog Counter 213 ********************************************** Reset History [02]: Reset Reason: issuing of a reset from Web interface Time : 3-1-2010 20:52:03 FIRMWARE: Time 12.3.20, Date 8.5.17, major 720, minor 140, fix 716 Reset Syslog Counter 212 ********************************************** Reset History [03]: -- More
debug reset-syslog-history
This command displays a history (last 20) of syslogs generated upon device resets.
Syntax
# debug reset-syslog-history <0-19>
Where 0 is the latest syslog.
Command Mode Privileged User
Example This example debugs the latest syslog reset history:
# debug reset-syslog-history
- 61 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug rip
This command configures Routing Information Protocol (RIP) which enables routing information to be exchanged between routers.
Syntax # debug rip
Command
Description
events
Debugs RIP events
packet {recv [detail]|send [detail]}
Debugs RIP packets: recv (Debugs only RIP packets received) send (Debugs only RIP packets sent)
zebra
Debugs Zebra routing software. Zebra provides TCP/IP based routing services.
Command Mode Privileged User
Example This example debugs RIP packets sent:
# debug rip packet send detail
debug ripng
This command RIPng (RIP next generation), defined in RFC 2080, is an extension of RIPv2 for support of IPv6 - next generation Internet Protocol.
Syntax # debug ripng
- 62 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command events packet {recv [detail]|send [detail]}
zebra
Description
Debugs RIPng events
Debugs RIPng packets: recv (Debugs only RIPng
packets received) send (Debugs only RIPng
packets sent)
Debugs Zebra routing software which provides TCP/IP based routing services.
Command Mode Privileged User
Example This example shows how to debug RIPng packets that are sent:
# debug ripng packet send detail
debug rmx-serial
This command configures serial debugging of the RMX (Real-Time Multitasking Executive) realtime operating system, used with the Intel 8080 and 8086 family of processors.
Syntax # debug rmx-serial
Command clear-logs copy-logs-usb list-logs profile {current|
Description Clears all logs. Copies all saved RMX logs to USB storage. Lists the saved RMX serial debug logs. CPU profiling logs:
- 63 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command list-logs|read-log <Number>}
read-log <Number> tap
Description
Current (Prints the currently run RMX CPU profiling log)
list-logs (Lists the saved RMX CPU profiling logs) read-log (Read the saved RMX CPU profiling log
according to the log's run number)
Reads the saved RMX serial debug log according to the log's run number.
Starts debugging the RMX serial Test Access Port (TAP).
Command Mode Privileged User
Example This example debugs the RMX's serial TAP:
# debug rmx-serial tap [Start RMX serial tap] Password: [1129554.457] cn3xxx_check_adsl:1394: @@@ interface adsl 0/2 Line State: 0x000000FF (Idle Request). [1129556.463] cn3xxx_check_adsl:1394: @@@ interface adsl 0/2 Line State: 0x00000200 (Silent). [1129618.440] cn3xxx_check_adsl:1394: @@@ interface adsl 0/2 Line State: 0x000000FF (Idle Request).
This example lists the saved RMX serial debug logs:
# debug rmx-serial list-logs
FILE
SIZE
------------------------------ --------
log_160.txt
50024
debug serial-port
This command debugs the serial port.
Syntax
- 64 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
# debug serial-port
Command configuration {show}
dsl {burn-to-flash} dsl2 {burn-to-flash} rmx {burn-to-flash}
Description Displays the configuration of the second serial port: RMX (default), DSL1 or DSL2. Configures the second serial port to DSL. Configures the second serial port to DSL2. Configures the second serial port to RMX (default).
Command Mode Privileged User
Example This example shows how to display the second serial port's configuration:
# debug serial-port configuration show The Yellow connector serial port is configured to the RMX
debug sip
This command configures SIP debug level.
Syntax # debug sip {[<Debug Level>]|status}
Command Debug Level
status
Description
Defines the SIP debug level: 0 = (No debug) Debug is disabled and Syslog messages are not sent. 1 = (Basic) Sends debug logs of incoming and outgoing SIP messages. 5 = (Detailed) Sends debug logs of incoming and outgoing SIP
messages as well as many other logged processes.
Displays the current debug level.
- 65 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Note If no level is specified, level 5 is used. Typing no debug sip configures the level to 0.
Command Mode Privileged User
Example Setting the SIP debug level to 5:
# debug sip 5
debug speedtest
This command tests the upload and download speed (in bps) to and from a specified URL, respectively.
Syntax
# debug speedtest set {upload|download} <URL> # debug speedtest set upsize <Upload Transfer Bytes> # debug speedtest {run|show|stop}
Command upload upsize
download show stop run
Description Tests the upload speed to a URL (IP address or FQDN). (Optional) Defines the number of bytes (1-10000000) to upload to the specified URL for testing the upload speed Tests the download speed from a URL (IP address or FQDN). Displays the test results. Stops the test. Starts the test.
Example Testing upload speed to speedy.com:
- 66 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
# debug speedtest set upload http://www.speedy.com/speedtest Upload URL : http://www.speedy.com/speedtest
# debug speedtest run Starting speed test. Check results using the command "debug speedtest show".
# debug speedtest show Speed test results: Upload : Complete URL: http://www.speedy.com/speedtest
Bytes transferred: 1000000 Speed: 9.8 Mbps
debug syslog
This command verifies that Syslog messages sent by the device are received by the Syslog server. After you run the command, you need to check the Syslog server to verify whether it has received your Syslog message.
Syntax # debug syslog <String>
Command
Description
String
Configures any characters that you want to send in the Syslog message to the Syslog server.
Command Mode Privileged User
Related Commands debug syslog-server
Example Verifying that a Syslog message containing "hello Joe" is sent to the Syslog server:
# debug syslog hello Joe
- 67 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug syslog-server
This command configures the IP address and port of the Syslog server.
Syntax # debug syslog-server <IP Address> port <Port Number>
Command IP Address port
Description Defines the IP address of the Syslog server. Defines the port number of the Syslog server.
Note To disable Syslog server debugging, use the following command:
# no debug syslog-server
Command Mode Privileged User
Example Enabling Syslog by configuring the Syslog server:
# debug syslog-server 10.15.1.0 port 514 Syslog enabled to dest IP Address: 10.15.1.0 Port 514
debug test-call
This command initiates and terminates a call from the device to a remote destination to test whether connectivity, media, etc., are correct. Sends a SIP INVITE message and then manages the call with the call recipient.
Syntax debug test-call ip
Configures a test call:
- 68 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug test-call ip dial from {<Calling Number> to <Called Number> [destaddress <IP Address>] [sip-interface <SIP Interface ID>]|id <Test Call Table Index>}
Configures a test call:
debug test-call ip set called-number <Called number> caller-id <Caller ID> calling-number <Calling number>dest-address <IP Address> play <Playback> sip-interfaces <SIP Interface ID> timeout <Disconnection timeout> transport-type
Terminates a test call:
debug test-call ip drop {<Calling Number>|id <Test Call Table Index>}
Displays test call configuration:
debug test-call ip show
Command
Description
ip
Configures and initiates a test call to an IP address.
dial (Dials using specified parameters)
from (Defines the calling number):
[NUMBER] (Calling number)
id (uses the Test Call Rules table entry)
drop (Terminates the latest outgoing test call):
[Calling Number] (Terminates outgoing test call by number)
id (Terminates outgoing test calls by table index)
set (Sets test options):
called-number (Called number)
caller-id (Caller ID)
calling-number (Calling number)
dest-address (Target host)
play (Sets playback)
sip-interfaces (Sets SIP interfaces to listen on)
- 69 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command
Description
timeout (Disconnection timeout (seconds)) transport-type (Transport type) show (Displays test call configuration)
Command Mode Basic and Privileged User
Note The command is applicable only to the SBC application. Test calls can be made with the following two recommended commands:
(Basic) Making a call from one phone number to another, without performing any configuration:
debug test-call ip dial from * to * dest-address * [sip-interface *]
(Advanced) Configuring a row in the Test Call table, and then placing a call by the row index:
debug test-call ip dial from id *
debug usb
This command debugs the USB stick connected to the device.
Syntax # debug usb devices
Command
Description
devices Displays information about the USB stick (e.g., manufacturer) connected to the device.
Command Mode Privileged User
- 70 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug usb-3g
This command debugs 3G USB devices.
Syntax # debug usb-3g {cellular|devices|serial-trace}
Command cellular {syslog}
devices serial-trace {cli|syslog}
Description
Enables debug for the cellular interface (and optionally, to send to Syslog).
Displays connected 3G USB devices.
Enables serial traces, which can be sent to one of the following: cli: Sends trace output to a CLI session syslog: Sends trace output to Syslog To stop a process, press Ctrl+C; the CLI prompt reappears.
Command Mode
Privileged User
Example
This example shows how to display connected 3G USB devices:
# debug usb-3g devices T: Bus=01 Lev=00 Prnt=00 Port=00 Cnt=00 Dev#= 1 Spd=480 MxCh= 1 B: Alloc= 0/800 us ( 0%), #Int= 1, #Iso= 0 D: Ver= 2.00 Cls=09(hub ) Sub=00 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=0000 ProdID=0000 Rev= 2.06 S: Manufacturer=Linux 2.6.21.7-Cavium-Octeon dwc_otg_hcd S: Product=DWC OTG Controller S: SerialNumber=dwc_otg C:* #Ifs= 1 Cfg#= 1 Atr=e0 MxPwr= 0mA I:* If#= 0 Alt= 0 #EPs= 1 Cls=09(hub ) Sub=00 Prot=00 Driver=hub E: Ad=81(I) Atr=03(Int.) MxPS= 4 Ivl=256ms T: Bus=01 Lev=01 Prnt=01 Port=00 Cnt=01 Dev#= 2 Spd=480 MxCh= 4
- 71 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
D: Ver= 2.10 Cls=09(hub ) Sub=00 Prot=02 MxPS=64 #Cfgs= 1 P: Vendor=0451 ProdID=8043 Rev= 1.00 S: SerialNumber=17010081B6D1 C:* #Ifs= 1 Cfg#= 1 Atr=e0 MxPwr= 0mA I: If#= 0 Alt= 0 #EPs= 1 Cls=09(hub ) Sub=00 Prot=01 Driver=hub E: Ad=81(I) Atr=03(Int.) MxPS= 1 Ivl=256ms I:* If#= 0 Alt= 1 #EPs= 1 Cls=09(hub ) Sub=00 Prot=02 Driver=hub E: Ad=81(I) Atr=03(Int.) MxPS= 1 Ivl=256ms
debug voip
This command debugs voice over IP channels. # debug voip
Command
Description
activate-channel {analog|digital|virtual} <Channel ID>
Configures a specific channel.
close-channels {analog|digital|virtual}
Closes channels. To view the orientation of the device's hardware, use the command, show system assembly.
dial-string {analog|digital|virtual}
Sends a string of DTMF tones. To view the orientation of the device's hardware, use the command, show system assembly.
open-and-activate {analog|digital|virtual}
Opens and activates a channel. To view the orientation of the device's hardware, use the command, show system assembly.
open-channel {analog|digital|virtual} <Channel ID>
Opens a channel .
wait-for-detection
Waits for a digit detection event
Command Mode Privileged User
- 72 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
debug vrf
This command debugs the MSBR's VRF (Virtual Routing and Forwarding) table which determines what routes to import/export.
Syntax # debug vrf <VRF table name>
Command Mode Privileged User
Example This example debugs the VRF table:
# debug vrf table1
debug zebra
This command debugs Zebra routing software. Zebra provides TCP/IP based routing services with support from routing protocols RIP, OSPF and BGP. Zebra also supports IPv4 and IPv6 routing protocols.
Syntax # debug zebra
Command
Description
events
Debug option set for Zebra events
kernel
Debug option set for Zebra between kernel interface
packet {recv|send} {detail}
Debugs Zebra routing packets: recv detail (Debugs received Zebra packets) send detail (Debugs sent Zebra packets)
rib {queue}
Debugs RIB (Routing Information Base) events. Each routing protocol has its own RIB. The main RIB associates all routing protocols with one another.
- 73 -
CHAPTER 5 Debug Commands
MSBR | CLI Reference Guide
Command
Description queue (Debugs RIB queueing)
Command Mode Privileged User
Example This example debugs sent Zebra routing packets:
# debug zebra packet send detail
- 74 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
6 Show Commands
This section describes the show commands.
Syntax show
This command includes the following commands:
Command activity-log admin state
Description See show activity-log below See show admin state on the next page
data ini-file last-cli-script-log network running-config startup-script storage-history system users voip
See show data on page 79 See show ini-file on page 124 See show last-cli-script-log on page 125 See show network on page 126 See show running-config on page 133 See show startup-script on page 134 See show storage-history on page 134 See show system on page 135 See show users on page 148 See show voip on page 149
show activity-log
This command displays the device's logged CLI activities.
Syntax show activity-log
- 75 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command (Carriage Return) > <URL>
Description
Displays all logged message history.
Sends the logged activities to a remote server (TFTP or HTTP/S).
Command Mode Basic and Privileged User
Note If you have not enabled logging of user activities in the management interface, nothing is displayed in the output of this show command. To enable logging, see the following command:
configure troubleshoot > activity-log
Related Command configure troubleshoot > activity-log enables logging of activities
Example This example displays the logged messages:
show activity log Jan 4 00:44:39 local0.notice [S=4666] [BID=5b1035:208] HTTPTaskHCTL - Run selfCheck Jan 4 00:45:40 local0.notice [S=4667] [BID=5b1035:208] HTTPTaskHCTL - Run selfCheck
show admin state
This command displays the device's current administrative state (locked or unlocked).
Syntax show admin state
Command Mode
- 76 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Basic and Privileged User
Related Command admin state locks or unlocks the device.
Example This example displays the administrative state of the device (which is unlocked):
# show admin state current admin-state: unlock
show sctp
This command displays Stream Control Transmission Protocol (SCTP) information.
Syntax show sctp
Command connections statistics
Description See show sctp connections below See show sctp statistics on the next page
Command Mode Basic and Privileged User
show sctp connections
This command displays SCTP socket associations status.
Syntax show sctp connections
Command Mode Basic and Privileged User
- 77 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Note SCTP is applicable only to Mediant 90xx and Mediant Software.
Related Commands (config-network)# sctp
Example
The example below displays the local SCTP endpoint (i.e., device) titled "Association #1", and the SCTP association status with the remote SCTP endpoint (proxy) titled "Association #2).
show sctp connections
---------------------------------------------------------------------
Association #1
Type:
SERVER
State:
LISTEN
Local Addresses: 10.55.3.80, 10.55.2.80
Local Port:
5060
---------------------------------------------------------------------
Association #2
Type:
CLIENT
State:
ESTABLISHED
Local Addresses: 10.55.3.80, 10.55.2.80
Local Port:
50226
Remote Addresses Configured State
10.55.1.100:5060 Yes
INACTIVE - Primary
10.55.0.100:5060 Yes
ACTIVE Secondary
show sctp statistics
This command displays statistics for all SCTP socket associations.
Syntax show sctp statistics
Command Mode Basic and Privileged User
- 78 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Note SCTP is applicable only to Mediant 90xx and Mediant Software.
Related Commands (config-network)# sctp
Example The example below displays statistics for all SCTP associations (only a partial output is shown below).
show sctp statistics MIB according to RFC 3873: discontinuity.sec = 1547641112, discontinuity.usec = 169612, currestab = 3, activeestab = 2 restartestab = 0, collisionestab = 0, passiveestab = 1, aborted = 1 shutdown = 0, outoftheblue = 0, checksumerrors = 0, outcontrolchunks = 248438 outorderchunks = 1769, outunorderchunks = 349601, incontrolchunks = 243466, inorderchunks = 1769 inunorderchunks = 466146, fragusrmsgs = 0, reasmusrmsgs = 0, outpackets = 302051, inpackets = 306499
input statistics: recvpackets = 306499, recvdatagrams = 306499, recvpktwithdata = 281264, recvsacks = 241804, recvdata = 467915 recvdupdata = 6, recvheartbeat = 828, recvheartbeatack = 826, recvecne = 0, recvauth = 1 recvauthmissing = 0, recvivalhmacid = 0, recvivalkeyid = 0, recvauthfailed = 0, recvexpress = 467914 recvexpressm = 0, recv_spare = 0, recvswcrc = 301493, recvhwcrc = 5006
output statistics: sendpackets = 302051, sendsacks = 246385, senddata = 351370, sendretransdata = 75 sendfastretrans = 0, sendmultfastretrans = 0, sendheartbeat = 1210, sendecne = 0 sendauth = 0, senderrors = 0, send_spare = 0, sendswcrc = 297046, sendhwcrc = 5005 ...
show data
These commands display data-router functionality.
- 79 -
CHAPTER 6 Show Commands
Syntax show data Command access-lists arp backup-group bfd bgp bridge-configuration cellular crypto ddns debugging dns-views dot11radio dot1x-status dsl ethernet
- 80 -
MSBR | CLI Reference Guide
Description See show data access-lists on page 82 See show data arp on page 82 See show data backup-group on page 83 See show data bfd neighbors on page 83 See show data bgp on page 84 See show data bridgeconfiguration on page 85 See show data cellular on page 86 See show data crypto on page 87 See show data ddns on page 89 See show data debugging on page 89 See show data dns-views on page 90 See show data dot11radio on page 91 See show data dot1x-status on page 93 See show data dsl on page 94 See show data ethernet on page 95
CHAPTER 6 Show Commands
f-path rate
Command
hosts
interfaces
ip ipv6
l2tp-server
lldp
mac-address-table
port-monitor
port-security
pptp-server
qos
route-map
spanning-tree
tacacs
track
- 81 -
MSBR | CLI Reference Guide
Description
See show data f-path rate on page 96
See show data hosts on page 97
See show data interfaces on page 98
See show data ip on page 102
See show data ipv6 on page 112
See show data l2tp-server on page 115
See show data lldp on page 116
See show data mac-addresstable on page 116
See show data port-monitor on page 117
See show data port-security on page 118
See show data pptp-server on page 119
See show data qos on page 119
See show data route-map on page 121
See show data spanning-tree on page 121
See show data tacacs on page 122
See show data track on page 123
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
vrrp
Command
Command Mode Basic User and Privileged User
show data access-lists
This command displays configured access lists.
Syntax show data access-lists
Description
See show data vrrp on page 123
Command Mode Basic User and Privileged User
Example This example demonstrates how to view configured access lists:
show data access-lists
show data arp
This command displays all Address Resolution Protocol (ARP) entries in the cache.
Syntax show data arp
Command Mode Basic User and Privileged User
Example This example displays all ARP entries in the cache:
- 82 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show data arp
IP Address MAC Address
Interface Type
172.17.141.1 64:64:9b:3b:6a:81 VLAN 1
DYNAMIC
End of arp table, 1 entries displayed.
show data backup-group
This command displays the configuration of a set of interfaces in a backup group.
Syntax show data backup-group
Command Mode Basic User and Privileged User
Related Commands (config-data)backup-group
Example This example displays the configuration of a set of interfaces in a backup group:
show data backup-group Group Name: WAN_BACKUP_GROUP Priority 1 GigabitEthernet 0/0 Priority 2 Fiber 0/1 Priority 3 Currently active interface: GigabitEthernet 0/0
show data bfd neighbors
This command displays details about Bidirectional Forwarding Detection (BFD) neighbors.
Syntax
show data bfd neighbors
- 83 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
details [vrf <VRF Table Name>]
vrf <VRF Table Name>
Description
Displays detailed status of all configured BFD neighbors or, optionally, of a specified VRF table.
Displays the status of configured BFD neighbors for a specified VRF table.
Command Mode Basic User and Privileged User
Example This example displays the status of all configured BFD neighbors:
show data neighbors details
VRF main-vrf
Protocol Codes: S - Static, O - OSPF
Proto NeighAddr
Holdown(mult) RH/RS State Int
1 S 192.168.110.10
600(3) Up Up VLAN 2
OutAddr: 192.168.100.254
Local Diag: 1, Demand mode: 0, Poll bit: 0
MinTxInt: 200000, MinRxInt: 200000, Multiplier: 3
Received MinRxInt: 200000, Received Multiplier: 3
Holdown (hits): 600(1), Hello (hits): 200(4575)
Rx Count: 4575
Tx Count: 4578
Last packet: Version: 1
- Diagnostic: 3
State bit: Up - Demand bit: 0
Poll bit: 0
- Final bit: 0
Multiplier: 3 - Length: 24
My Discr: 1
- Your Discr: 51
Min tx interval: 200000 - Min rx interval: 200000
Min Echo interval: 0
show data bgp
This command displays information about Border Gateway Protocol (BGP) processing.
Syntax
- 84 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show data bgp Command
memory view <BGP View Name>
vrf <VRF Table Name>
Description Displays statistics on global BGP memory. Displays information about BGP. rsclient (BGP view name) Displays BGP status for a specified VRF table.
Command Mode
Basic User and Privileged User
Example
This example displays statistics on global BGP memory:
show data bgp memory 4 RIB nodes, using 384 bytes of memory 0 BGP routes, using 0 bytes of memory 0 BGP attributes, using 0 bytes of memory 0 BGP AS-PATH entries, using 0 bytes of memory 0 BGP AS-PATH segments, using 0 bytes of memory 0 peers, using 0 bytes of memory 7 hash tables, using 280 bytes of memory 8 hash buckets, using 192 bytes of memory
show data bridge-configuration
This command displays the Ethernet bridging configuration.
Syntax show data bridge-configuration
Command Mode Basic User and Privileged User
Example
- 85 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
This example displays the Ethernet bridging configuration: show data bridge-configuration
show data cellular
This command displays Internet connections via a cellular 3G/4G modem connected to the USB port, or the integrated LTE/4G cellular modem (QMI).
Syntax show data cellular
Command
Description
config Displays the running configuration.
history [1-60]
Displays a history (in intervals defined by minutes) of the cellular status. This includes interface technology (e.g., LTE), signal strength, and IP address assigned by cellular provider to the interface.
status Displays the current status of the cellular interface (e.g., signal strength).
Command Mode Basic User and Privileged User
Example Displays current status of cellular PPP interface:
show data cellular status Cellular interface status:
Modem status: UP PPP status: UP Cellular operator: US ORANGE Signal strength: -73 dBm Roam status: HOME KB sent: 0 KB received: 0 Packets sent: 6 Packets received: 6
- 86 -
CHAPTER 6 Show Commands
Modem report: RSSI: 66,13,145 Displays status history of cellular LTE:
MSBR | CLI Reference Guide
show data crypto
This command displays information about the encryption module.
Syntax show data crypto
Command conf debug server status
Description Displays the configuration of the IPSec VPN. Displays diagnostic information about the IPSec VPN. Displays information about the active VPN server. Displays the status of the IPSec VPN.
Command Mode Basic User and Privileged User
Example This example displays diagnostic information about the IPSec VPN:
- 87 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show data crypto debug Kernel routing table: 169.254.254.252/30 dev eth0.4001 scope link src 169.254.254.253 metric 4 169.254.254.252/30 dev ipsec1 scope link src 169.254.254.253 metric 5 172.17.141.0/24 dev eth0.1 scope link src 172.17.141.163 metric 4 172.17.141.0/24 dev ipsec0 scope link src 172.17.141.163 metric 5 10.25.116.0/24 dev eth0.5 proto static scope link metric 1 default via 172.17.141.1 dev eth0.1 proto static metric 1 --Data Interfaces: --eth0 Link encap:Ethernet HWaddr 00:90:8F:8C:D3:27
inet6 addr: fe80::290:8fff:fe8c:d327/64 Scope:Link UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2792505 errors:0 dropped:0 overruns:0 frame:0 TX packets:5753622 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:267485784 (255.0 MiB) TX bytes:911843542 (869.6 MiB)
eth0.1 Link encap:Ethernet HWaddr 00:90:8F:8C:D3:27 inet6 addr: fe80::290:8fff:fe8c:d327/64 Scope:Link inet6 addr: 2010:3::116:209/64 Scope:Global UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500
Metric:1 RX packets:2064977 errors:0 dropped:0 overruns:0 frame:0 TX packets:11246 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:199628814 (190.3 MiB) TX bytes:846682 (826.8 KiB)
eth0.5 Link encap:Ethernet HWaddr 00:90:8F:8C:D3:27 inet6 addr: fe80::290:8fff:fe8c:d327/64 Scope:Link inet6 addr: 2010:25::116:209/64 Scope:Global UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500
Metric:1 RX packets:33 errors:0 dropped:0 overruns:0 frame:0 TX packets:10 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:2440 (2.3 KiB) TX bytes:1036 (1.0 KiB)
eth0.6 Link encap:Ethernet HWaddr 00:90:8F:8C:D3:27 inet6 addr: fe80::290:8fff:fe8c:d327/64 Scope:Link inet6 addr: 2010:26::116:209/64 Scope:Global UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500
Metric:1
- 88 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
RX packets:31 errors:0 dropped:0 overruns:0 frame:0 --MORE--
show data ddns
This command displays the configuration of the Dynamic Domain Name System (DNS).
Syntax show data ddns
Command Mode Basic User and Privileged User
Example This example displays the configuration of the DDNS:
show data ddns
show data debugging
This command displays debugging information.
Syntax show data debugging
Command
Description
bgp
Displays debugging information about BGP.
ospf
Displays debugging information about OSPF.
ospf6 Displays debugging information about OSPF6.
rip
Displays debugging information about Routing Information Protocol (RIP)
which enables routing information to be exchanged between routers.
ripng
Displays debugging information about Next Generation Routing Information Protocol (RIP), defined in RFC 2080.
- 89 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Description
vrf <VRF Table Name>
Displays debugging information for a specified Virtual Routing and Forwarding (VRF) table.
zebra
Displays debugging information about Zebra routing software which provides TCP/IP based routing services with support from routing protocols RIP, OSPF and BGP (see above). Zebra also supports IPv4 and IPv6 routing protocols.
Command Mode
Basic User and Privileged User
Example
This example displays debugging information about BGP:
show data debugging bgp BGP debugging status: BGP events debugging is on BGP keepalives debugging is on BGP updates debugging is on (outbound) BGP fsm debugging is on BGP filter debugging is on BGP zebra debugging is on
This example displays debugging information about Zebra:
show data debugging zebra Zebra debugging status: Zebra event debugging is on Zebra packet debugging is on Zebra kernel debugging is on Zebra RIB debugging is on Zebra RIB queue debugging is on
show data dns-views
This command displays the configuration of the DNS (Domain Name System) server's view feature which allows binding DNS queries source to a specified DNS server destination.
- 90 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Syntax show data dns-views
Command Mode Basic User and Privileged User
Example This example displays the configuration of the DNS server's view feature:
show data dns-views dns-view dnsv1: num of dns queries sent via this view: 3 source address 10.25.2.92/32 source address 10.17.2.92/16
dns-view dnsv2: num of dns queries sent via this view: 1 source address 10.26.2.92/24 source address 10.17.2.92/16 server address 10.26.2.95
show data dot11radio
This command displays status information about the MSBR router's wireless module.
Syntax show data dot11radio
Command
Description
associations {all|interface|stats interface}
Displays the stations associated with this WiFi access point:
all (Displays all stations associated with this access point)
interface n (Displays the dot11radio interface, where n is the dot11radio interface number in the range of 1-4)
- 91 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
channel country-code hardware-stats interface other-ap
Description
stats interface n (Displays statistics about the associations connecting through the dot11radio interface, where n is the dot11radio interface number in the range of 1-4)
Displays information about the current WiFi channel.
Displays the WiFi country code.
Displays statistics about the WiFi hardware.
Displays information according to Wi-Fi interface ID.
Displays other Wi-Fi access points (APs) in the range.
Command Mode
Basic User and Privileged User
Example
This example displays information about the current WiFi channel:
show data dot11radio channel Channel configured auto. Current channel is 1 Width 20
This example displays information about Wi-Fi interface ID 1:
show data dot11radio interface 1 dot11radio 1 is Disabled. Description: LAN Wireless 802.11n Access Point bridge-group 1 State Time: 91:02:49 Time since creation: 91:02:49 mtu auto (current value 1500) network lan ssid MSBR broadcast security mode NONE no security mac mode mode ngb channel width 40/20 channel auto
- 92 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
power 100
beacon dtim-period 1
beacon period 100
fragment threshold 2346
cts mode none
cts type cts
burst num 3
burst time 2
rts threshold 2346
wmm
country code 0x178 (376)
DNS is configured dynamic
IPv6 is disabled
rx_packets 0
rx_bytes 0
tx_packets 0
tx_bytes 0
Device debug: state
Connected clients: -1
Global TX power limit: 24dBm
15-seconds input rate: 0 bits/sec, 0 packets/sec
15-seconds output rate: 0 bits/sec, 0 packets/sec
5-minutes input rate: 0 bits/sec, 0 packets/sec
5-minutes output rate: 0 bits/sec, 0 packets/sec
show data dot1x-status
This command displays the status of the 802.1x port.
Syntax show data dot1x-status
Command Mode Basic User and Privileged User
Note The RADIUS server must be configured for EAP.
Example This example displays the stations associated with this access point:
- 93 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show data dot1x-status
Port Auth State Timeout Username
---- ---- ----- ------- --------
1 Disabled Idle
0
2 Enabled Forwarding 75 John
3 Disabled Idle
0
4 Disabled Idle
0
show data dsl
This command displays information about digital subscriber line (DSL) connectivity. DSL includes both ADSL (asymmetric digital subscriber line) and VDSL (very-high-bit-rate digital subscriber line).
Syntax
show data dsl
Command status
Description Displays status information about the ADSL/VDSL connection.
Command Mode Basic User and Privileged User
Example This example displays status information about DSL connectivity:
show data dsl status
DSL interface 0/2:
Configuration: no shutdown
Status: Connected
Line State:
0x801 (Showtime TC Sync)
ATM alarm status: interface atm 0/2 vc alarm status: No Alarm vp alarm status: No Alarm
- 94 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show data ethernet
This command displays status information about CFM (Connectivity Fault Management).
Syntax show data ethernet
Command
Description
cfm {legend}
Displays the status of the CFM (IEEE 802.1ag) standard defined by IEEE for local and metropolitan area networks virtual bridged local area networks.
legend (Displays descriptions of errors)
oam {brief|configuration| counters|interface <fiber slot/port> <gigabitethernet slot/port>| status}
Displays status information about OAM (Operations, Administration, and Maintenance) protocols and practices defined by IEEE 802.3ah for paths through 802.1 bridges and LANs.
brief (Displays information about the Ethernet OAM brief)
configuration (Displays information about the Ethernet OAM configuration)
counters (Displays information about the Ethernet OAM counters)
interface
fiber slot/port (Displays information about the fiber interface)
gigabitethernet slot/port (Displays information about the Gigabit Ethernet interface)
status (Displays status information about the Ethernet OAM)
y1731
Displays the status of ITU-T's Recommendation Y.1731 which addresses performance monitoring.
Command Mode Basic User and Privileged User
Example
- 95 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
This example displays CFM status including descriptions of errors:
show ethernet show data ethernet cfm legend
Local MEPs: MPID VLAN RmtRDI MAC Remote XCON RmtAIS RmtLCK --------------------------------------------------------
Error legend: VLAN : The local logical interface is down. RmtRDI: One of the remote MEPs is not receiving all CCMs. MAC : One of the remote MEPs has a blocked port status. Remote: There are no known remote MEPs. XCON : The MEP is receiving CCMs from different domains or services. RmtAIS: Alarm Indication Signal from MEP RmtLCK: One of the remote MIP set administrative lock condition .
Remote MEPs:
MPID Stat DomainName MAC
Age Intf Port
--------------------------------------------------------------------
M500Lshow data ethernet cfm
Local MEPs: MPID VLAN RmtRDI MAC Remote XCON RmtAIS RmtLCK --------------------------------------------------------
Remote MEPs:
MPID Stat DomainName MAC
Age Intf Port
--------------------------------------------------------------------
M500Lshow data ethernet cfm
Local MEPs: MPID VLAN RmtRDI MAC Remote XCON RmtAIS RmtLCK --------------------------------------------------------
Remote MEPs:
MPID Stat DomainName MAC
Age Intf Port
--------------------------------------------------------------------
show data f-path rate
This command displays throughput counters of traffic using fast-path or full-path.
- 96 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Syntax show data f-path rate [refreshing]
Command
show data fpath rate
show data fpath rate refreshing
Description Displays throughput counters of traffic using fast-path or full-path.
Displays throughput counters of traffic using fast-path or full-path, and refreshes the output every three seconds until the CTRL+C keys are pressed.
Command Mode Basic User and Privileged User
Example This example displays the output of the command:
# sh data f-path rate refreshing 15-seconds Fastpath rate: 430 pps, 0 bps 5-minutes Fastpath rate: 445 pps, 0 bps 15-seconds fullpath rate: 475 pps, 1476 Kbps 5-minutes fullpath rate: 460 pps, 1494 Kbps
show data hosts
This command displays the configured DNS server entries and current DNS entries in cache for all Layer 3 interfaces. This includes A/SRV/NAPTR records, and their parameters.
Syntax show data hosts
Command Mode Basic User and Privileged User
Example
- 97 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
This example displays the configured DNS server addresses and current name/address list in cache for all Layer 3 interfaces:
show data hosts
show data interfaces
This command displays information about each MSBR interface.
Syntax show data interfaces [description|rates|status|<Interface>] {history bandwith}
Command
Description
atm
Displays information about the ATM on xDSL interfaces
<Group/Subinterface> (per DSL line group and ATM sub-interface ID).
bvi <Bridge Interface ID>
Displays information about the bridge interface.
cellular 0/0
Displays information about the cellular 3G/4G interface.
description
Displays a description of the interfaces.
dot11radio
Displays status information about the MSBR router's wireless (WiFi) module.
dsl <Slot/Port>| {brief|history}
Displays information about the ADSL/VDSL interfaces.
<slot/port>: Defines the slot and port of the DSL interface and displays detailed information about the DSL interface
brief: Displays summarized information about the DSL interface
history: Displays historical statistics of the upstream and downstream transmission (speed, power, SNR margin and attenuation) of the DSL interface.
efm <Slot/Port.vlanID>
Displays information about Ethernet in the First Mile (EFM) interface's slot, port and VLAN ID.
fastethernet <Slot/Port>
Displays information about the Fast Ethernet interface's slot and port.
- 98 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Description
slot/port (FastEthernet interface slot and port)
fiber <Slot/Port.vlanID>
Displays information about the Fiber interface. Slot/Port.vlanID
gigabitethernet <Slot/Port.VLAN ID>
Displays information about the Gigabit Ethernet interface's slot and port. VLAN ID is optional.
gre <ID>
Displays information about the Generic Routing Encapsulation (GRE) tunnel interfaces, according to interface ID. GRE tunneling encapsulates packets so they can be tunneled.
history bandwidth [hours|minutes]
Displays bandwidth usage history per specified interface.
hours: displays the mean bandwidth usage every 10 minutes for the past 72 hours
minutes: displays bandwidth usage every 15 seconds for the past 120 minutes
The output is displayed in descending order (i.e., most recent measurement is displayed on top of the list).
ipip <ID>
Displays information about the IP-IP tunnel interfaces, according to interface ID. IP-IP Tunnel protocol encapsulates IP packets in IP to create a tunnel between two routers. The protocol enables multiple network schemes.
ipipv6 <ID>
Displays information about the IP-IP version 6 tunnel interfaces, according to interface ID.
ipv6ip <ID>
Displays information about the IP version 6 - IP tunnel interfaces, according to interface ID.
l2tp <ID>
Displays information about the Layer 2 Tunneling Protocol (L2TP) interfaces, according to interface ID. L2TP is used to support VPNs and for ISP services delivery.
loopback <ID>
Displays information about the Loopback interfaces, according to interface ID. The MSBR's loopback interface is logical and virtual rather than physical like the Fast Ethernet interface or the Gigabit Ethernet interface.
pppoe <ID>
Displays information about Point-to-Point Protocol over
- 99 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
pptp <ID> rates {refreshing}
status switchport {rates <refreshing>}
shdsl vlan <ID> vti <ID>
Description
Ethernet (PPPoE) tunnel interfaces, according to interface ID.
Displays information about Point-to-Point Tunneling Protocol (PPTP) interfaces, according to interface ID.
Displays information about the interfaces rates. To stop the refreshing (if you choose the refreshing
option): Press Ctrl+C.
Displays the interface line statuses.
Displays information about the switchport interface. rates (Displays interface switchport data rates) To stop the refreshing (if you choose the refreshing
option): Press Ctrl+C.
SHDSL
Displays information about the VLAN interfaces, according to interface ID.
Displays information about the Virtual Tunnel Interfaces (VTIs), according to interface ID.
Command Mode Basic User and Privileged User
Example Displays interface line status:
show data interfaces status
Port Description Status Vlan Duplex Speed
FastEthernet 1/1
disconnected trunk - -
FastEthernet 1/2
disconnected trunk - -
FastEthernet 1/3
disconnected trunk - -
FastEthernet 1/4
disconnected trunk - -
GigabitEthernet 0/0 WAN Copper connected - FULL
Fiber 0/1 WAN Fiber disconnected - - -
1Gbps
- 100 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Displays descriptions of all the interfaces:
show data interfaces description
Interface
Status
Protocol Description
GigabitEthernet 0/0 Connected Up WAN Copper
Fiber 0/1
Enabled
Up WAN Fiber
EFM 0/2
Disabled Down VDSL
FastEthernet 1/1
Disconnected Down
FastEthernet 1/2
Disconnected Down
FastEthernet 1/3
Disconnected Down
FastEthernet 1/4
Disconnected Down
ATM 0/2
Connected Up ATM 0/2
VLAN 1
Connected Up LAN switch VLAN 1
VLAN 4001
Connected Up LAN switch VLAN 4001
BVI 1
Connected Up LAN Bridge
dot11radio 1
Disabled Down LAN Wireless 802.11n Access
Point
Cellular 0/0
Disabled Down 3G Cellular PPP connection
Displays statistics of DSL interface transmission:
sh data interfaces dsl 0/2 history Time: 03/01/2018 11:11:03 Downstream: Actual speed 112636000, power 13.9, SNR margin 26.2, Attenuation 0.1 Upstream: Actual speed 83680000, power 8.1, SNR margin 5.3, Attenuation 1.6 Time: 03/01/2018 11:09:53 Downstream: Actual speed 112636000, power 13.9, SNR margin 25.9, Attenuation 0.1 Upstream: Actual speed 83680000, power 8.1, SNR margin 5.2, Attenuation 1.6
Displays the bandwidth usage every 15 minutes of the PPPoE interface:
show data interfaces pppoe 0 history bandwidth minutes Jan 19 20 07:24:35 - Tx:2533 [bps], Rx:25933 [bps] Jan 19 20 07:24:20 - Tx:2666 [bps], Rx:2666 [bps] Jan 19 20 07:24:05 - Tx:0 [bps], Rx:29333 [bps] Jan 19 20 07:23:50 - Tx:0 [bps], Rx:0 [bps]
Displays information about VLAN ID 1 interface:
- 101 -
CHAPTER 6 Show Commands
show data interfaces vlan 1
VLAN 1 is Connected.
Description: LAN switch VLAN 1
Hardware address is 00:90:8f:87:e7:e2
IP address is 192.169.0.1
netmask is 255.255.255.0
bridge-group 1
State Time: 94:39:32
Time since creation: 94:40:05
Time since last counters clear : 94:38:45
mtu auto (current value 1500)
DNS is configured static
DNS primary IP address is not configured
IPv6 is disabled
rx_packets 8
rx_bytes 512
tx_packets 0
tx_bytes 0
15-seconds input rate: 0 bits/sec, 0 packets/sec
15-seconds output rate: 0 bits/sec, 0 packets/sec
5-minutes input rate: 0 bits/sec, 0 packets/sec
5-minutes output rate: 0 bits/sec, 0 packets/sec
show data ip
This command displays configured access lists.
Syntax show data ip
access-list
Command
arp <vrf>
MSBR | CLI Reference Guide
Description Configures the name or number of the access-list to display. Displays the Address Resolution Protocol (ARP) table entries.
- 102 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command as-path-access-list <Name of AS Path> bgp {neighbors <IP address> |summary|vrf}
captive-portal
Description
vrf (Displays ARP entries for a specified VRF table)
Displays the aspath access list.
Displays information about Border Gateway Protocol (BGP) processing.
neighbors <IP address> (Displays detailed information about the neighbor router)
summary (Displays a summary of BGP neighbor status)
vrf (Displays BGP status information for a specified VRF table)
Displays information about the Captive Portal server.
- 103 -
CHAPTER 6 Show Commands
community-list
Command
connections {all|brief|interface| port|queue|summary|top}
- 104 -
MSBR | CLI Reference Guide
Description
Displays
information
about
the
current
community list.
When number or
name
is
specified,
information
about
the
specified
community list is
displayed.
Displays the data router IP network connections.
all (Displays All IP connections)
brief (Displays IP connection summary)
interface (Displays from a specific interface)
port (Displays IP connections on a specific port)
queue (Displays IP connections on a specific QOS queue)
CHAPTER 6 Show Commands
Command
dhcp {binding|pool|zone}
dhcp-server all extcommunity-list firewall {max-conn-statistics|states}
MSBR | CLI Reference Guide
Description
summary (Displays a summary of IP connections by ports)
top (Displays the last IP connections)
Displays the items in the DHCP database.
binding (Displays DHCP address bindings)
pool (Displays DHCP pools information)
zone (Displays DHCP server zones)
Displays information on all DHCP server interfaces.
Displays information about the Extended Community Lists.
Displays firewall statistics:
- 105 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Description
firewall maxconnstatistics {last-72hours|las t-hour}
Displays firewall states:
firewall states [brief]
fullpath-profiler {enable|show|zero}
igmp proxy {groups} {lan-interface <atm|bvi|cellular| dot11radio|efm|fiber| gigabitethernet|gre|ipip| ipipv6|ipv6ip|l2tp|loopback| pppoe|pptp|vlan|vti>} {lan-interfaces}
interface {brief|atm|bvi|cellular|dot11radio| efm|fiber|gigabitethernet| gre|ipip|ipipv6|ipv6ip|l2tp|loopback |pppoe|pptp|vlan|vti|rates}
mroute {active|interfaces|summary| vrf <VRF Table Name>}
Displays all IP connections.
Displays information about IGMP (Internet Group Management Protocol) which is used by hosts and adjacent routers on IPv4 networks to establish multicast group memberships.
Displays the status of each IPv4 interface. 'brief' displays a brief summary of all statuses.
Displays the multicast route table entries.
- 106 -
CHAPTER 6 Show Commands
Command
nat {activity <rates|refreshing> |brief|pools|rules| translations}
- 107 -
MSBR | CLI Reference Guide
Description
active (Displays active multicast sources)
interfaces (Displays information about the multicast route interface)
summary (Displays a summary of the multicast route table entries)
vrf (Displays information about the multicast route table entries per VRF (Virtual Routing and Forwarding) table, according to the name of the VRF table)
Displays the NAT (Network Address Translation) connections.
activity (Displays NAT activity -
CHAPTER 6 Show Commands
Command
- 108 -
MSBR | CLI Reference Guide
Description
top connections)
rates (Displays NAT activity and statistics - with rate details)
refreshin g (Displays NAT activity and statistics with autorefreshin g). To stop the refreshin g (if you choose the refreshin g option): Press Ctrl+C.11 1
brief (Displays IP NAT summary)
pools (Displays IP NAT pools)
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Description
rules (Displays IP NAT rules)
translations (Displays currently active translations)
ospf {borderrouters|database|interface|neighbor< [A.B.C.D]|all|atm|bvi|cellular|dot11radio|efm| fiber| gigabitethernet|gre|ipip|ipipv6|ipv6ip|l2tp|lo opback |pppoe|pptp|vlan>|route|vrf}
Displays Open Shortest Path First (OSPF).
pim {bsr-router|groups|interfaces|rp|vrf}
Displays information about PIM (Protocol Independent Multicast) used by the MSBR to dynamically create a multicast distribution tree.
port-map
Displays information about the MSBR's port-toapplication mapping.
port-triggering
Displays information about TFTP and L2TP porttriggering.
prefix-list {<Prefix List
Displays
- 109 -
CHAPTER 6 Show Commands
Command Name>|detail|summary|vrf}
rip {status|vrf<VRF Table Name>}
route {<A.B.C.D>|bgp|connected| kernel|ospf|rip|static|summary| supernets-only|vrf<VRF Table Name>} vrf <VRF Table Name>
Command Mode Basic User and Privileged User Example This example displays information on all DHCP server interfaces:
show data ip dhcp-server all DHCP relay server of interface BVI 1 : Relay Server is disabled. DHCP relay server of interface VLAN 1 : Relay Server is disabled. DHCP relay server of interface dot11radio 1 : Relay Server is disabled. DHCP relay server of interface GigabitEthernet 0/0 : Relay Server is disabled. DHCP relay server of interface EFM 0/2 :
MSBR | CLI Reference Guide
Description
information about the IPv4 prefix-based filtering mechanism.
Displays information about Routing Information Protocol (RIP).
Displays information about the IP routing tables.
Displays information about the IP data routing status for a specified VRF table.
- 110 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Relay Server is disabled. DHCP relay server of interface GigabitEthernet 0/2 : Relay Server is disabled. DHCP relay server of interface Fiber 0/1 : Relay Server is disabled. DHCP relay server of interface GigabitEthernet 0/4 : Relay Server is disabled. DHCP relay server of interface GigabitEthernet 0/6 : Relay Server is disabled. DHCP relay server of interface EFM 0/2 : Relay Server is disabled. DHCP relay server of interface ATM 0/2 : Relay Server is disabled. DHCP relay server of interface Cellular 0/0 : Relay Server is disabled.
This example displays information about the firewall states:
show data ip firewall states Active Connections 1, quota 50000. New connections will be created above the quota if there are more than 4096000 bytes of free memory. Current free memory is 83214336 bytes. memory. free ram 66179072. Fastpath packets: 10249, Fullpath packets: 6177852 Totals: TCP 1 UDP 0 ICMP 0 NAT total: 0, of them TCP 0 UDP 0 ICMP 0 Route fp total: 0 fpe total: 0 conn allocation failure: 0 peak: 7 ratio:0 1: TCP 10.31.2.62:23 <-->10.31.2.62:23 [10.13.2.19:54490] ESTABLISHED/ESTABLISHED ttl 3599 bytes 16.7/26.6 pkts 419/514 sticky 0/0 kbps 0/0 pps 0.0/0.0 nas0 Route Incoming FW-FP-ENA FW-FP-CAP HW-FPCAP
This example displays a brief summary of the status of each IPv4 interface:
show data ip interface brief
Interface
IP Address Status Protocol
GigabitEthernet 0/0 10.31.2.39 Connected Up
Fiber 0/1
unassigned Enabled Up
EFM 0/2
unassigned Disabled Down
ATM 0/2
10.31.2.62 Connected Up
VLAN 1
192.169.0.1 Connected Up
VLAN 4001
169.254.254.253 Connected Up
- 111 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
BVI 1
192.168.0.1 Connected Up
dot11radio 1 unassigned Disabled Down
Cellular 0/0 0.0.0.0 Disabled Down
This example displays information about port-to-application mapping:
show data ip port-map ip port-map ftp port[21] active[Y] ip port-map dns port[53] active[Y] ip port-map dhcp port[67] active[Y] ip port-map ike port[500] active[Y] ip port-map pptp port[1723] active[N] ip port-map aim port[5190] active[Y] ip port-map msn Messenger port[1863] active[Y] ip port-map sip port[5060] active[N] ip port-map h323 cs port[1720] active[Y] ip port-map h323 ras port[1719] active[Y] ip port-map mgcp port[2727] active[N] ip port-map l2tp port[1701] active[Y] ip port-map rtsp port[554] active[Y] ip port-map dhcpv6 port[547] active[Y]
This example displays information about TFTP and L2TP port-triggering.
show data ip port-triggering ip port-triggering tftp active[Y] ip port-triggering l2tp active[Y]
show data ipv6
This command displays information related to Internet Protocol version 6.
Syntax show data ipv6
Command bgp {neighbors <IP address> |summary|vrf}
Description
Displays information about Border Gateway
- 112 -
CHAPTER 6 Show Commands
Command
- 113 -
MSBR | CLI Reference Guide
Description
Protocol (BGP) processing.
neighbo rs <IP addres s> (Display s detailed informa tion about the connect ions of the TCP and BGP neighbo r router whose IP address is X:X::X:X)
summa ry (Display sa summa ry of BGP neighbo r status)
vrf (Display s BGP status informa
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Description
tion for a specifie d VRF table)
dhcp6 {binding|atm| bvi|cellular|dot11radio|efm|fiber| gigabitethernet|gre|ipip|ipipv6|ipv6ip|l2tp| loopback|pppoe|pptp|vlan|vti|pool}
Displays the items in the DHCP database.
interface {brief|atm<Group/Subinterface>|bvi| cellular<Cellular Interface ID>|dot11radio<WiFi Interface ID> |efm<Slot/Port.VLAN ID>|fiber<Slot/Port.VLAN ID>| gigabitethernet<Slot/Port.VLAN ID>|gre<Tunnel GRE ID>|ipip<Tunnel IPIP ID>| ipv6<Tunnel IP v6 ID>|ipv6ip<Tunnel IP v6 IP ID>|l2tp<L2TP Tunnel ID>|loopback<Loopback Interface Index>| pppoe<PPPOE Interface ID>|pptp|vlan<VLAN ID>|vti <VTI ID>}
Displays the status of the IPv6 interface.
neighbors {vrf}
Displays information about IP version 6 neighbors for a specified VRF table.
ospf6 {area<Area ID in A.B.C.D IP Version 4 Format>|border-routers<Router ID><detail>|database<*|adv-router| as-external|detail|dump|group-membership|interprefix|inter-router| internal|intra-prefix|link|linkstateid|network|router|self-originated type-7>|interface<atm|bvi|cellular| dot11radio|efm|fiber|gigabitethernet| gre|ipip|ipipv6|ipv6ip|l2tp|loopback| pppoe|pptp|vlan|prefix>|linkstate<detail
Displays Open Shortest Path First (OSPF) for IP Version 6.
- 114 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Description
|network router>|neighbor<detail| drchoice>|redistribute |route<IP Version 6 Address in X:X::X:X format|detail|external1|external-2|inter-area |intraarea|summary>|simulate<SPF Tree>|spf<SPF Tree>|vrf<VRF Table Name>}
prefix-list {Prefix List Name|detail| summary|vrf}
Displays a prefix list.
ripng {status|vrf<VRF Table Name>}
Displays RIPng (RIP next generation) routes.
route {<IP Version 6 address / prefix in the routing table to display, in X:X::X:X/M format>|bgp|connected|kernel|ospf6|ripng|static|s ummary|vrf<VRF Table Name>}
Displays the IP Version 6 routing table.
Command Mode Basic User and Privileged User
Example This example displays the IP Version 6 routing table associated with BGP:
show data ipv6 route bgp Codes: K - kernel route, C - connected, S - static,
R - RIPng, O - OSPFv6, B - BGP
show data l2tp-server
This command displays the Layer 2 Tunneling Protocol (L2TP) server connections.
Syntax show data l2tp
- 115 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command Mode Basic User and Privileged User
Example This example displays displays incoming L2TP connections:
show data l2tp-server
show data lldp
This command displays information about Link Layer- 2 Discovery Protocol (LLDP) which advertises/discovers neighbors on IEEE 802 LANs.
Syntax show data lldp neighbors
Command Mode Basic User and Privileged User
Example This example displays information about LLDP neighbors:
show data lldp neighbors LLDP totals: received 0 packets, sent 0 packets
show data mac-address-table
This command displays information about the Ethernet switch's MAC addresses table.
Syntax show data mac-address-table
Command address
Description
Finds an Ethernet switch's MAC address in the MAC address table. Use format XX:XX:XX:XX:XX:XX when searching.
- 116 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
count {vlan <VLAN ID>}
interface {bvi<Bridge Interface ID>}
vlan <VLAN Interface ID>
vrf <VRF Name>
Description
Displays the size of the Ethernet switch's MAC table, according to VLAN (ID).
Displays the Ethernet switch's MAC table for a specific BVI (Bridge Virtual Interface), according to interface ID.
Displays the Ethernet switch's MAC table per VLAN interface, according to VLAN interface ID.
Displays the Ethernet switch's MAC table per VRF (Virtual Routing and Forwarding) table, according to the name of the VRF table.
Command Mode Basic User and Privileged User
Example This example displays the size of the Ethernet switch's MAC table for VLAN ID 1:
show data mac-address-table count vlan 1 GE switch: 0 occupied entries.
This example displays the Ethernet switch's MAC table for BVI ID 1:
show data mac-address-table interface bvi 1 Bridge 1 MAC table:
MAC Address -------------------------------------------------Interface VLAN 1, 0 entries. -------------------------------------------------Bridge 1 total 0 entries.
show data port-monitor
This command displays the monitoring status for all ports.
Syntax show data port-monitor wan
- 117 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command Mode Basic User and Privileged User
Example This example displays the monitoring status for all ports:
show data port-monitor wan There is no active Port Monitor session.
show data port-security
This command displays information about port security according to interface.
Syntax show data port-security interface
Command
fastethernet <Slot/Port>
gigabitethernet <Slot/Port>
Description
Displays information about security for the Fast Ethernet interface.
Displays information about port security for the Gigabit Ethernet interface.
Command Mode Basic User and Privileged User
Example This example displays information about security for the Fast Ethernet interface, Slot 1, Port 1:
show data port-security interface fastethernet 1/1 Port security : Disabled Violation Mode : Protect Aging Time : 330sec Mac Addresses Limit : 0 Mac Addresses count : 0 Security Violation : No
- 118 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show data pptp-server
This command displays information about the Point-to-Point Tunneling Protocol (PPTP) VPN server.
Syntax show data pptp-server
Command Mode Basic User and Privileged User
Example
This example displays information about the Point-to-Point Tunneling Protocol (PPTP) VPN server:
show data pptp-server
ConnUsername
IP
Rx/Tx Uptime
----- ----------------------------------- ----------------- ----------- ------
Total 0 connections.
show data qos
This command displays quality of service statistics according to specified criteria.
Syntax show data qos
Command
Descriptio n
match-map {atm|cellular|efm|fiber|gigabitethernet|gre|input| ipip|ipipv6|ipv6ip|l2tp|loopback|output|pppoe|pptp |vlan} <Interface ID>
Displays QoS statistics for a group of matchmaps or a specific match-
- 119 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Descriptio n
map.
queue {atm|cellular|efm|fiber|gigabitethernet|lan} <Slot/Port>
Displays QoS statistics for a group of queues or a specific queue.
service-map {atm|cellular|efm|fiber|gigabitethernet|lan} <Slot/Port>
Displays QoS statistics for a group of servicemaps or a specific servicemap.
Command Mode Basic User and Privileged User
Example This example displays QoS statistics for LAN/WAN queues:
show data qos queue Global statistics for LAN Queues: No available queue statistics.
Global statistics for WAN Queues: GigabitEthernet 0/0: No available queue statistics.
Fiber 0/1: No available queue statistics.
- 120 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
EFM 0/2: No available queue statistics. ATM 0/2: No available queue statistics. Global statistics for Cellular 0/0 Queues: No available queue statistics. Note: Queue name may be truncated (limited to 20 characters).
show data route-map
This command displays the route map.
Syntax show data route-map <Route-Map Name>
Command Mode Basic User and Privileged User
Example This example displays NAT activity and statistics:
show data route-map plist1 vrf vrfnam1
show data spanning-tree
This command displays the status and parameters of Spanning Tree Protocol including system status and all the relevant interfaces.
Syntax show data spanning-tree
Command info <Slot/Port>
Description
Displays only system Spanning Tree information, per Slot/Port.
- 121 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Description
interface-info {fastethernet|gigabitethernet} <Slot/Port>
Displays spanning-tree information per Fast Ethernet interface or per Gigabit Ethernet interface, per Slot/Port.
Command Mode Basic User and Privileged User
Example This example displays the status and parameters of STP per Fast Internet interface, Slot 1, Port 1:
show data spanning-tree interface-info fastethernet 1/1 Interface 1/1 Spanning-tree Status ---------------------------------In this Interface the spanning tree is Disabled!!
This example displays the status and parameters of STP per Gigabit Ethernet interface, Slot 0, Port 0:
show data spanning-tree interface-info gigabitethernet 0/0 No spanning tree on this interface
show data tacacs
This command displays information about TACACS (Terminal Access Controller Access Control System) authentication protocol, used for centralized username and password verification.
Syntax show data tacacs config
Command Mode Basic User and Privileged User
Example This example displays information about TACACS:
- 122 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show data tacacs config
show data track
This command displays all active tracks status, including Configured ID and Probe Type, the state (up/down) and maximum probe trip time.
Syntax show data <Track ID> <brief>
Command Mode Basic User and Privileged User
Related Commands clear counters track
Example This example displays the state of all tracks:
show data track brief
Track Type
State Max round trip time (m.s)
5 ICMP reachability Down 0
show data vrrp
This command displays the status of Virtual Router Redundancy Protocol (VRRP).
Syntax show data vrrp
brief
Command
interface {atm|bvi|cellular|dot11radio|
Description
Displays a brief status of VRRP.
Displays VRRP
- 123 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
efm|fiber|gigabitethernet|gre| ipip|ipipv6|ipv6ip|l2tp|loopback| pppoe|pptp|vlan|vti}
Description
status per interface.
Command Mode Basic User and Privileged User
Example This example displays a brief status of VRRP:
show data vrrp brief Interface Grp Pri Time,msec Own Pre State Master addr Group addr
This example displays the VRRP status for a cellular interface:
show data vrrp interface cellular 0/0
show ini-file
This command displays the device's current configuration in ini-file format.
Syntax show ini-file
Command Mode Basic and Privileged User
Example
show ini-file ;************** ;** Ini File ** ;**************
;Board: Mxx ;HW Board Type: 69 FK Board Type: 84
- 124 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
;Serial Number: 8906721 ;Customer SN: ;Slot Number: 1 ;Software Version: 7.20A.140.586 ;DSP Software Version: 5011AE3_R => 721.09 ;Board IP Address: 192.168.0.2 ;Board Subnet Mask: 255.255.255.0 ;Board Default Gateway: 192.168.0.1 ;Ram size: 512M Flash size: 128M Core speed: 300Mhz ;Num of DSP Cores: 1 Num DSP Channels: 30 ;Num of physical LAN ports: 4 ;Profile: NONE ;;;Key features:;Board Type: M500L ;Security: IPSEC MediaEncryption StrongEncryption EncryptControlProtocol ;Eth-Port=32 ;DATA features: Routing FireW all&VPN WAN BGP Advanced-Routing 3G FTTX-WAN T1E1-Wan-Trunks=2 ;DSP Voice features: ;Channel Type: DspCh=30 ;E1Trunks=4 ;T1Trunks=4 ;FXSPorts=4 ;FXOPo rts=4 ;Control Protocols: MGCP MEGACO H323 SIP SBC=4 ;Default features:;Coders: G711 G726;
;------ HW components-----; ; Slot # : Module type : # of ports ;---------------------------------------------; 2 : FXS : 4 ; 3 : FXO : 4 ;----------------------------------------------
[SYSTEM Params]
SyslogServerIP = 10.31.2.44 EnableSyslog = 1 TelnetServerIdleDisconnect = 120 --MORE--
show last-cli-script-log
This command displays the contents of the latest CLI Script file that was loaded (i.e., copy cliscript from) to the device. The device always keeps a log file of the most recently loaded CLI Script file.
Syntax
- 125 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
# show last-cli-script-log
Command Mode Privileged User
Note If the device resets (or powers off), the logged CLI Script file is deleted.
Example
# show last-cli-script-log --------------# LOG CREATED ON: 26/04/2017 16:21:56 # Running Configuration # IP NETWORK # configure network (config-network)# tls 0 (tls-0)# name default (tls-0)# tls-version unlimited ...
show network
This command displays networking information.
Syntax show network
Command access-list arp dhcp clients http-proxy interface network-dev
Description See show network access-list on the next page See show network arp on the next page See show network dhcp clients on page 128 See show network http-proxy See show network interface on page 128 See show network network-dev on page 129
- 126 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command physical-port route tls
Description See show network physical-port on page 130 See show network route on page 131 See show network tls on page 131
Command Mode Basic and Privileged User
show network access-list
This command displays the network access list (firewall) rules, which are configured in the Firewall table.
Syntax show network access-list
Command Mode Basic and Privileged User
Example show network access-list L# Source IP /Pref SrcPort Port Range Protocol Action Count ---- --------------- ---- ------- ------------- -------- -----0 10.6.6.7 / 0 0 0 - 65535 Any ALLOW 616 Total 1 active firewall rules.
show network arp
This command displays the ARP table entries.
Syntax show network arp
Command Mode
- 127 -
CHAPTER 6 Show Commands
Basic and Privileged User
Example show network arp IP Address MAC Address Interface Type 10.15.0.1 00:1c:7f:3f:a9:5d eth0.1 reachable End of arp table, 1 entries displayed
show network dhcp clients
This command displays DHCP server leases.
Syntax show network dhcp clients
MSBR | CLI Reference Guide
Command Mode Basic and Privileged User
Example show network dhcp clients Total 0 leases.
show network interface
This command displays the IP network interfaces, which are configured in the IP Interfaces table. It also displays packet statistics for each interface, for example, number of transmitted packets.
Syntax
show network interface
Command description
Description
(Optional) Displays IP network interfaces in the same format as the IP Interfaces table.
- 128 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command Mode Basic and Privileged User
Example
show network interface Name: vlan 1 Vlan ID: 1 Underlying Interface: GROUP_1 Hardware address is: 00-90-8f-5b-10-35
Name: Voice Application Type: O+M+C IP address: 10.15.7.96/16 Gateway: 10.15.0.1
Uptime: 0:34:40 rx_packets 100724 rx_bytes 6271237 rx_dropped 0 rx_errors 0 tx_packets 566 tx_bytes 257623 tx_dropped 0 tx_errors 0
show network network-dev
This command displays the Ethernet Devices, which are configured in the Ethernet Devices table.
Syntax
show network network-dev
Command Mode Basic and Privileged User
Example
show network network-dev D.Num Device Name VlanID MTU GroupName ------ ------------------ --------- ------ ---------------0 vlan 1 1 1400 GROUP_1 # show network interface
- 129 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show network nqm
This command displays the latest results of previous Network Quality Monitoring (NQM) probing sessions.
Syntax show network nqm <Indexed Sender Number>
Command Mode Basic User and Privileged User
Example
This example displays the latest results of previous Network Quality Monitoring (NQM) probing sessions:
show network nqm 0 2
| Probe Time | Valid | RTT | PL | PL | Total | Jit. | Jit. | Total | MOS | MOS |
|
| | | Tx | Rx | PL | Tx | Rx | Jit. | CQ | LQ |
|-------------------|-------|-----|------|------|-------|------|------|-------|-----|-----|
|04-25-2017@09:45:22| yes | 10| 0| 0| 0| 24| 4| 28| 4.2| 4.2|
|04-25-2017@09:46:22| yes | 11| 0| 0| 0| 3| 5| 8| 4.2| 4.2|
there are 3 entries in the log, displaying last 2 entries
show network physical-port
This command displays the Ethernet ports, which are configured in the Physical Ports table.
Syntax show network physical-port
Command Mode Basic and Privileged User
Example
- 130 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show network physical-port
Port Num Port Name MAC Address Speed Duplexity Link Status Native
VLAN
1 GE_4_1 00:90:8f:5b:10:35 1Gbps FULL UP 1
2 GE_4_2 00:90:8f:5b:10:35
DOWN 1
3 GE_4_3 00:90:8f:5b:10:35
DOWN 1
4 GE_4_4 00:90:8f:5b:10:35
DOWN 1
show network route
This command displays the status of the static routes, which are configured in the Static Routes table.
Syntax show network route
Command Mode Basic and Privileged User
Example show network route Codes: C - connected, S - static
C 169.253.0.0/16 is directly connected, InternalIf 2, Active C 10.15.0.0/16 is directly connected, vlan 1, Active S 0.0.0.0/0 [1] via 10.15.0.1, vlan 1, Active
show network tls
This command displays TLS security information (TLS Context), which is configured in the TLS Contexts table.
Syntax show tls
- 131 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Description
certificate
Displays certificate information.
contexts
Displays TLS security context information.
trusted-root {detail <Index>|summary}
Displays trusted certificates. detail (Displays a specific trusted certificate) summary (Displays all trusted certificates)
Command Mode Basic and Privileged User
Example
show tls contexts Context # Name --------- --------------------------0 default 2 ymca
Total 2 active contexts. Total certificate file size: 4208 bytes.
show network wan-bindings
This command displays information about the WAN interface bindings.
Syntax show network wan-bindings
Command Mode Basic User and Privileged User
Example This example displays information about the WAN interface bindings:
show network wan-bindings
- 132 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show running-config
This command displays the device's current configuration.
Syntax show running-config
Command (Carriage Return)
> <URL Destination> full [> <URL Destination>]
network system troubleshoot voip
Description
Displays the device's full configuration in the format of a CLI command script. You can copy and paste the displayed output in a text-based file (e.g., using Notepad), and then upload the file to another device, or the same device if you want to make configuration changes, as a CLI script file.
Sends the device's configuration in CLI script format, as a file to a remote destination defined by a URL (TFTP, HTTP or HTTPS).
Displays the device's configuration as well as default configuration settings that were not actively set by the user. In regular mode, only configuration that is not equal to the default is displayed. Can also send the configuration in CLI script format, as a file to a remote destination defined by a URL (TFTP, HTTP or HTTPS).
Displays the device's network configuration (config-network).
Displays the device's system configuration (configsystem).
Displays the device's troubleshoot configuration (config-troubleshoot).
Displays the device's VoIP configuration (configvoip).
Command Mode Basic and Privileged User
- 133 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Note The Local Users table (in which management users are configured, as described in user on
page 267) is included in the output of this command only if you are in Privileged User command mode. You can also run this command from any other command, using the do command, for example:
(clock)# do show running-config
Example This example sends the device's configuration to an HTTP server:
show running-config> http://10.9.9.9
show startup-script
This command displays the Startup Script file log.
Syntax # show startup-script
Commands recovery-log
startup-log
Description
Displays the logs generated during the failed Startup Script process. If the startup process fails, the device is rolled back to its previous configuration.
Displays the Startup Script log.
Command Modes Privileged User
show storage-history
This command displays the CDRs stored on the device.
- 134 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Syntax show storage-history {services|unused}
Command services unused
Description Displays registered storage services, e.g., for CDRs. Displays stored files that are not used.
Command Mode Basic and Privileged User
Related Command clear storage-history
show system
This command displays system information.
Syntax show system
Command alarms alarms-history assembly clock cpu-util fax-debug-status feature-key floating-license floating-license
Description See show system alarms on the next page See show system alarms-history on page 137 See show system assembly on page 137 See show system clock on page 138 See show system cpu-util on page 138 See show system fax-debug-status on page 140 See show system feature-key on page 140 See show system floating-license on page 141 See show system floating-license reports on page 142
- 135 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command reports interface osn log ntp-status radius servers status temperature uptime utilization version
Description
See show system interface osn on page 142 See show system log on page 142 See show system ntp-status on page 143 See show system radius servers status on page 144
See show system temperature on page 145 See show system uptime on page 145 See show system utilization on page 146 See show system version on page 147
Command Mode Basic and Privileged User
show system alarms
This command displays active alarms.
Syntax show system alarms
Command Mode Basic and Privileged User
Examples
show system alarms
Seq. Source
Severity Date
Description
1. Board#1/EthernetLink#2 minor 11.6.2010 , 14:19:42 Ethernet link alarm.
LAN port number 2 is down.
2. Board#1/EthernetGroup#2 major 11.6.2010 , 14:19:46 Ethernet Group
alarm. Ethernet Group 2 is Down.
- 136 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show system alarms-history
This command displays the system alarms history.
Syntax show system alarms-history
Command Mode Basic and Privileged User
Example
show system alarms-history
Seq. Source
Severity Date
Description
1. Board#1
major 24.2.2011 , 20:20:32 Network element admin
state change alarm. Gateway is locked.
3. Board#1/EthernetLink#2 minor 24.2.2011 , 20:20:34 Ethernet link alarm.
LAN
port number 2 is down.
4. Board#1/EthernetLink#3 minor 24.2.2011 , 20:20:34 Ethernet link alarm.
LAN
port number 3 is down.
show system assembly
This command displays information about the device's hardware assembly (slots, ports, module type, fan tray and power supply). It also displays virtual NICs for Mediant CE/VE.
Syntax show system assembly
Command Mode Basic and Privileged User
Example show system assembly Board Assembly Info:
- 137 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
|Slot No.
| Ports |Module Type
|
|1
| 1 | E1/T1
|
|2
| 1-4 | FXS
|
|3
| 0 | Empty
|
|4
| 1-4 | LAN-GE
|
|5
| 0 | Empty
|
USB Port 1: Empty USB Port 2: Empty
show system clock
This command displays the device's time and date.
Syntax show system clock
Command Mode Basic and Privileged User
Example show system clock 14:12:48 01/02/2017 (dd/mm/yyyy)
show system cpu-util
This command displays the voice CPU utilization (in percentage).
Syntax show system cpu-util
Command refreshing
Description
(Optional) Refreshes the displayed voice CPU utilization information. Press CTRL+C to stop the refresh.
Command Mode
- 138 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Basic and Privileged User
Example show system cpu-util Voice CPU utilization 20%%%
show system cwmp
This command displays the status of the DSL Forum's TR-069, CPE WAN Management Protocol (CWMP), for example, the Auto-Configuration Server's (ACS's) URL. CWMP is implemented for CPE-ACS communications. The command also displays the ACS hardware version.
Syntax
show system cwmp
Command deviceinfo hardwareversion status
Description Displays the ACS hardware version. Display the status of the ACS connection.
Command Mode Basic User and Privileged User
Example This example displays the status of the ACS connection:
show system cwmp status CPE Connection-Request URL: ACS URL: Connection Status: Not applicable Provisioning Code: 000.000.000.000
This example displays the version of the ACS hardware:
show system cwmp deviceinfo hardwareversion HardwareVersion: M500L-4S4O-4LFW-CA1SF-1U
- 139 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show system fax-debug-status
This command displays fax debug status (off or on).
Syntax show system fax-debug-status
Command Mode Basic and Privileged User
Example show system fax-debug-status The fax debug is OFF. # show fax-debug-status
show system feature-key
This command displays the device's License Key.
Syntax show system feature-key
Command Mode Basic and Privileged User
Example show system feature-key
Key features: Board Type: Mxx DATA features: IP Media: Conf DSP Voice features: RTCP-XR Channel Type: DspCh=30 HA Coders: G723 G729 G728 NETCODER GSM-FR GSM-EFR AMR EVRC-QCELP G727 ILBC EVRC-B AMR-WB G722 EG711 MS_RTA_NB MS_RTA_WB SILK_
- 140 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
NB SILK_WB SPEEX_NB SPEEX_WB OPUS_NB OPUS_WB Security: IPSEC MediaEncryption StrongEncryption EncryptControlProtocol E1Trunks=2 T1Trunks=2 FXSPorts=1 FXOPorts=1 BRITrunks=2 QOE features: VoiceQualityMonitoring MediaEnhancement Control Protocols: MGCP SIP SBC=30 TRANSCODING=5 TestCall=6 SIPRec=10 CODER-TRANSCODING=2 SIPRec-Redundancy=2 Default features: Coders: G711 G726
show system floating-license
This command displays information on the Floating License. This includes whether it is enabled, and if so, connection status with OVOC, OVOC Product Key, and SBC allocation resources.
Syntax
show system floating-license
Command Mode
Basic and Privileged User
Example
show system floating-license Floating License is on OVOC IP address: 10.8.6.250 OVOC Connection status: Connected OVOC product ID: 384 Allocation profile: SIP Trunking Allocation - FEU (Far End Users): 0 Allocation - signaling sessions: 6000 Allocation - media sessions: 6000 Allocation - transcoding sessions: 1536 User Limit - FEU (Far End Users): No limit User Limit - signaling sessions: No limit User Limit - media sessions: No limit User Limit - transcoding sessions: No limit)
- 141 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show system floating-license reports
This command displays the Floating License reports that the device sends to OVOC. The report contains the device's SBC resource consumption (signaling sessions, media sessions, transcoding sessions, and far-end user registrations).
Syntax show system floating-license reports
Command Mode Basic and Privileged User
Example show system floating-license reports [2018-09-04 17:17:56] Signaling Sessions: (2111), Media Sessions: (2109), Transcoding Sessions: (2029), Far End Users: (0) [2018-09-04 17:16:55] Signaling Sessions: (2032), Media Sessions: (0), Transcoding Sessions: (0), Far End Users: (0) [2018-09-04 17:15:54] Signaling Sessions: (0), Media Sessions: (0), Transcoding Sessions: (0), Far End Users: (0)
show system interface osn
This command displays information on the OSN module.
Syntax show system interface osn
Command Mode Basic and Privileged User
show system log
This command displays the device's logged history.
Syntax
- 142 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show system log
Command (Carriage Return) -h
Description Displays all logged message history.
Displays the log history in a readable format.
Command Mode Basic and Privileged User
Related Commands To configure the maximum log file size that is saved on the device, use the command system-log-size. This determines the amount of logged information displayed when the show system log command is run.
Example This example displays the logged messages:
show system log Jan 4 00:44:39 local0.notice [S=4666] [BID=5b1035:208] HTTPTaskHCTL - Run selfCheck Jan 4 00:45:40 local0.notice [S=4667] [BID=5b1035:208] HTTPTaskHCTL - Run selfCheck
show system ntp-status
This command displays NTP information.
Syntax show system ntp-status
Command Mode Basic and Privileged User
Example
- 143 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show system ntp-status Configured NTP server #1 is 0.0.0.0 NTP is not synchronized. Current local time: 2010-01-04 00:50:52
show system radius servers status
This command displays the status of the RADIUS severs.
Syntax show system radius servers status
Command Mode
Basic and Privileged User
Example
show system radius servers status servers 0 ip-address 10.4.4.203 auth-port 1812 auth-ha-state "ACTIVE" acc-port 1813 acc-ha-state "ACTIVE" servers 1 ip-address 10.4.4.202 auth-port 1812 auth-ha-state "STANDBY" acc-port 1813 acc-ha-state "STANDBY"
This example shows the following fields per server:
If the authentication port is 0, the server is not part of the redundancy server selection for authentication.
If the accounting port is 0, the server is not part of the redundancy server selection for accounting.
Server authentication redundancy (HA) status. ACTIVE = the server was used for the last sent authentication request.
- 144 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Server accounting redundancy (HA) status. ACTIVE = the server was used for the last sent accounting request.
show system temperature
This command displays the temperature of the device's CPU as well as DSPs (in the Media Processing Module / MPM).
Syntax show system temperature
Command Mode Basic and Privileged User
Note The command is applicable only to Mediant 4000B SBC.
Example show system temperature Last Updated Temperature (in Celsius): CSM (GA #3 ASM #1): 42 DSM (GA #7 ASM #0): 59 DSM (GA #7 ASM #3): 62
Where "CSM" is the CPU, "DSM" the DSP module, and "GA" the slot.
show system uptime
This command displays the device's uptime (time since last restarted).
Syntax show system uptime
Command Mode Basic and Privileged User
Example
- 145 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show system uptime Uptime: 3 days, 0 hours, 55 minutes, 46 seconds
show system utilization
This command displays the device's CPU and memory utilization for the Voice application and the Data-Router application (in percentage).
Syntax show system utilization
Command history {atstart|data|voice}
refreshing <Refresh Rate>
Description
at-start: Displays CPU utilization (in percentage) measured five minutes after the device resets.
data|voice: Displays CPU utilization (in percentage) of voice or data-router: Utilization per hour in the last 72 hours. Utilization per minute in the last hour (60 minutes).
Displays CPU and memory utilization (in percentage) every user-defined refresh rate. To stop the display, press the Ctrl+C key combination.
Command Mode Basic and Privileged User
Example This example displays system utilization, which is refreshed every 5 seconds:
show system utilization refreshing 5 CPUs utilization: Data 0% Voice 19% CPUs Used Memory: Data 0% Voice 56% System Time 00:58:1
The example below displays CPU utilization in the last 72 hours and 60 minutes, using the command, show system utilization history voice:
- 146 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show system version
This command displays the current running software and hardware version.
Syntax show system version
Command Mode Basic and Privileged User
Example show system version Version info: -------------;Board: Mxx ;HW Board Type: 69 FK Board Type: 72 ;Serial Number: 5967925 ;Slot Number: 1
- 147 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
;Software Version: 7.20A.140.652 ;DSP Software Version: 5014AE3_R => 721.09 ;Board IP Address: 10.15.7.96 ;Board Subnet Mask: 255.255.0.0 ;Board Default Gateway: 10.15.0.1 ;Ram size: 512M Flash size: 64M Core speed: 500Mhz ;Num of DSP Cores: 3 Num DSP Channels: 30 ;Num of physical LAN ports: 4 ;Profile: NONE ;;;Key features:;Board Type: M800B ;DATA features: ;IP Media: Conf ;DSP Voice features: RTCP-XR ;Channel Type: DspCh=30 ;HA ;Coders: G723 G729 G728 NETCODER GSM-FR GSM-EFR AMR EVRC-QCELP G727 ILBC EVRC-B AMR-WB G722 EG711 MS_RTA_NB MS_RTA_WB SILK_NB SILK_WB SPEEX_NB SPEEX_ WB OPUS_NB OPUS_WB ;Security: IPSEC MediaEncryption StrongEncryption EncryptControlProtocol ;E1Trunks=2 ;T1Trunks=2 ;FXSPorts=1 ;FXOPorts=1 ;BRITrunks=2 ;QOE features: VoiceQualityMonitoring MediaEnhancement ;Control Protocols: MGCP SIP SBC=30 TRANSCODING=5 TestCall=6 SIPRec=10 CODERTRANSCODING=2 SIPRec-Redundancy=2 ;Default features:;Coders: G711 G726;
;------ HW components-----; ; Slot # : Module type : # of ports ;---------------------------------------------; 1 : FALC56 : 1 ; 2 : FXS : 4 ; 3 : Empty ;----------------------------------------------
show users
This command displays and terminates users that are currently logged into the device's CLI and applies to users logged into the CLI through RS-232 (console), Telnet, or SSH.
For each logged-in user, the command displays the type of interface (console, Telnet, or SSH), user's username, remote IP address from where the user logged in, and the duration (days and time) of the session. Each user is displayed with a unique index (session ID).
Syntax
show users
- 148 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command Mode Basic and Privileged User
Note
The device can display management sessions of up to 24 hours. After this time, the duration counter is reset.
Example Displaying all active calls:
show users
[0] console Admin local
0d00h03m15s
[1] telnet John 10.4.2.1 0d01h03m47s
[2]* ssh Alex 192.168.121.234 12d00h02m34s
The current session from which the show command was run is displayed with an asterisk (*).
show voip
This command displays VoIP-related information.
Syntax show voip
Command calls channel-stats coders-stats cpu-stats dsp e911 ids interface
Description See show voip calls on the next page See show voip channel-stats on page 154 See show voip coders-stats on page 156 See show voip cpu-stats on page 156 See show voip dsp on page 157 See show voip e911 on page 159 See show voip ids on page 159 See show voip interface on page 160
- 149 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command ip-group ldap other-dialog proxy realm register subscribe tdm
Description See show voip ip-group on page 162 See show voip ldap on page 163 See show voip other-dialog statistics on page 164 See show voip proxy sets status on page 165 See show voip realm on page 165 See show voip register on page 166 See show voip subscribe on page 168 See show voip tdm on page 169
Command Mode Basic and Privileged User
show voip calls
This command displays active VoIP call information.
Syntax show voip calls {active|history|statistics}
Command active history statistics
Description See show voip calls active below See show voip calls history on page 152 See show voip calls statistics on page 152
Command Mode Basic and Privileged User
show voip calls active
This command displays active calls.
- 150 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Syntax show voip calls active [<Session ID> |descending|gw|sbc|summary]
Command
Description
(Carriage Return) Displays the total number of active calls and detailed call information.
Session ID
Displays detailed call information for a specific SIP session ID.
descending
Displays currently active calls, listed in descending order by call duration.
gw
Displays call information of currently active Gateway calls, listed in
ascending order by call duration.
sbc
Displays call information of currently active SBC calls, listed in
ascending order by call duration.
summary
Displays the total number of currently active calls (Gateway and SBC)
Command Mode Basic and Privileged User
Related Commands
To hide (by displaying an asterisk) the values of the Caller and Callee CDR fields, use the cdrhistory-privacy command.
Example Displaying all active calls:
show voip calls active sbc Total Active Calls: 1000 | Session ID | Caller | Callee |Duration|Call State
| Origin | Remote IP |End Point Type
========================================================== ========================================================== ========= |314380675 |1129@10.3.3.194 |100@10.3.91.2 |Incoming|10.3.3.194(IPG1) |SBC |00:05:12|Connected
- 151 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
|314380675 2) |SBC |314380674 1) |SBC
|1129@10.3.3.194 |100@10.3.91.2 |00:05:12|Connected |1128@10.3.3.194 |100@10.3.91.2 |00:05:12|Connected
|Outgoing|10.3.3.194(IPG|Incoming|10.3.3.194(IPG-
show voip calls history
This command displays CDR history information.
Syntax show voip calls history {gw|sbc} [<Session ID>]
Command
Description
gw
Displays historical Gateway CDRs.
sbc
Displays historical SBC CDRs.
Session ID
(Optional) Displays historical SBC or Gateway CDRs of a specified SIP session ID.
Command Mode Basic and Privileged User
Related Commands To hide (by displaying an asterisk) the values of the Caller and Callee CDR fields, use the cdrhistory-privacy command.
Example Displaying CDR history information:
show voip calls history sbc
show voip calls statistics
This command displays call statistics.
Syntax
- 152 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show voip calls statistics {gw|ipgroup|sbc|siprec}
Command gw [ip2tel|tel2ip]
ipgroup <IP Group ID> sbc siprec
Description
Displays all Gateway call statistics or per call direction:
ip2tel
Displays statistics of IPto-Tel calls
tel2ip
Displays statistics of Tel-to-IP calls
Displays call statistics per IP Group (ID).
Displays SBC call statistics (see the example below).
Displays the total number of currently active SIPRec signalling sessions with the SIPRec server (SRS).
Command Mode Basic and Privileged User
Example The examples display various SIPRec sessions:
Eight recorded calls (Gateway and/or SBC) without SRS redundancy:
show voip calls statistics siprec SIPRec number of active sessions: 8 (redundant sessions: 0)
Eight recorded SBC calls with SRS redundancy (active-standby):
show voip calls statistics siprec SIPRec number of active sessions: 8 (redundant sessions: 8)
Eight recorded SBC calls with SRS redundancy (active-active):
show voip calls statistics siprec SIPRec number of active sessions: 16 (redundant sessions: 0)
- 153 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
The example displays SBC call statistics:
show voip calls statistics sbc SBC Call Statistics: Active INVITE dialogs: 0 Active incoming INVITE dialogs: 0 Active outgoing INVITE dialogs: 0 Average call duration [min:sec]: 0:00 Call attempts: 0 Incoming call attempts: 0 Outgoing call attempts: 0 Established calls: 0 Incoming established calls: 0 Outgoing established calls: 0 Calls terminated due to busy line: 0 Incoming calls terminated due to busy line: 0 Outgoing calls terminated due to busy line: 0 Calls terminated due to no answer: 0 Incoming calls terminated due to no answer: 0 Outgoing calls terminated due to no answer: 0 Calls terminated due to forward: 0 Incoming calls terminated due to forward: 0 Outgoing calls terminated due to forward: 0 Calls terminated due to resource allocation failure: 0 Incoming calls terminated due to resource allocation failure: 0 Outgoing calls terminated due to resource allocation failure: 0 Calls terminated due to media negotiation failure: 0 Incoming calls terminated due to media negotiation failure: 0 Outgoing calls terminated due to media negotiation failure: 0 Calls terminated due to general failure: 0 Incoming calls terminated due to general failure: 0 Outgoing calls terminated due to general failure: 0 Calls abnormally terminated: 0 Incoming calls abnormally terminated: 0 Outgoing calls abnormally terminated: 0
show voip channel-stats
This command displays statistics associated with a specific VoIP channel.
Syntax show voip channel-stats {analog|channel-count|digital|jitter-threshold|pl|plthreshold|rtt-threshold|virtual}
- 154 -
CHAPTER 6 Show Commands
Command analog
channel-count digital
jitter-threshold pl pl-threshold rtt-threshold virtual
Command Mode Basic and Privileged User
MSBR | CLI Reference Guide
Description
Displays an analog channel's statistics (FXS or FXO). channel number (0-255; run the command show
system assembly to facilitate defining this command) number of channels (1-256)
Displays the number of active voice channels.
Displays a digital channel's statistics (E1/T1 or BRI). channel number (0-255; run the command show
system assembly to facilitate defining this command) number of channels (1-256)
Displays the number of analog channels, digital channels, and virtual channels on which jitter occurred that exceeded the threshold you configured (in the range 0-65535).
Displays the number of analog channels, digital channels, and virtual channels on which PL (packet loss) occurred.
Displays the number of analog channels, digital channels, and virtual channels on which PL (packet loss) occurred that exceeded the threshold you configured (in the range 0-65535).
Displays the number of analog channels, digital channels, and virtual channels on which the RTT (Round Trip Time) exceeded the threshold you configured (in the range 0-65535).
Displays a virtual channel's statistics of active calls. channel number (0-255; run the command show
system assembly to facilitate defining this command) number of channels (1-256)
- 155 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show voip coders-stats
This command displays the number and percentage of active channels using each audio coder.
Syntax show voip coders-stats
Command Mode Basic and Privileged User
Example
Showing that 67 channels (25.18%) of the 266 active channels are using the G.729e coder, 76 (28.57%) are using the G.726 coder, and 123 (46.24%) are using the G.722 coder:
show voip coders-stats
There are 266 active channels.
Coder Number of Channels Percentage
--------------------------------------------
G729e 67
25.18
G726 76
28.57
G722 123
46.24
show voip cpu-stats
This command displays the device's CPU percentage use.
Syntax show voip cpu-stats
Command Mode Basic and Privileged User
Example Displaying CPU percentage use:
- 156 -
CHAPTER 6 Show Commands
show voip cpu-stats CPU percentage: 47%
show voip dsp
This command displays DSP information.
Syntax show voip dsp
Command perf status
Description
See show voip dsp perf below
See show voip dsp status on the next page
Command Mode Basic and Privileged User show voip dsp perf This command displays performance monitoring of DSP data.
Syntax show voip dsp perf
Command Mode Basic and Privileged User
Example Displaying performance monitoring of DSP data:
show voip dsp perf DSP Statistics (statistics for 144 seconds): Active DSP resources: 0
MSBR | CLI Reference Guide
- 157 -
CHAPTER 6 Show Commands
Total DSP resources: 76 DSP usage : 0
MSBR | CLI Reference Guide
show voip dsp status
This command displays the current DSP status.
Syntax
show voip dsp status
Command Mode Basic and Privileged User
Example Displaying the current DSP status:
show voip dsp status
Group:0 DSP firmware:624AE3 Version:0660.07 - Used=0 Free=72 Total=72 DSP device 0: Active Used= 0 Free= 6 Total= 6 DSP device 1: Active Used= 0 Free= 6 Total= 6 DSP device 2: Active Used= 0 Free= 6 Total= 6 DSP device 3: Active Used= 0 Free= 6 Total= 6 DSP device 4: Active Used= 0 Free= 6 Total= 6 DSP device 5: Active Used= 0 Free= 6 Total= 6 DSP device 6: Active Used= 0 Free= 6 Total= 6 DSP device 7: Active Used= 0 Free= 6 Total= 6 DSP device 8: Active Used= 0 Free= 6 Total= 6 DSP device 9: Active Used= 0 Free= 6 Total= 6 DSP device 10: Active Used= 0 Free= 6 Total= 6 DSP device 11: Active Used= 0 Free= 6 Total= 6 Group:1 DSP firmware:204IM Version:0660.07 - Used=0 Free=8 Total=8 DSP device 12: Active Used= 0 Free= 4 Total= 4 DSP device 13: Active Used= 0 Free= 4 Total= 4 Group:2 DSP firmware:204IM Version:0660.07 - Used=0 Free=4 Total=4 DSP device 14: Active Used= 0 Free= 4 Total= 4 Group:4 DSP firmware:204IM Version:0660.07 - Used=4 Free=0 Total=4 DSP device 15: Active Used= 4 Free= 0 Total= 4
- 158 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show voip e911
This command displays the ELIN number per E911 caller and the time of call.
Syntax show voip e911
Command Mode Basic and Privileged User
show voip ids
This command displays the Intrusion Detection System (IDS) blacklist of remote hosts (IP addresses / ports) considered malicious.
Syntax # show voip ids {blacklist active|active-alarm} # show voip ids active-alarm {all|match <ID> rule <ID>}
Command active-alarm
blacklist active
Description
Displays all active blacklist alarms: all (Displays all active alarms) match (Displays active alarms of an IDS matched ID and rule
ID)
Displays blacklisted hosts.
Command Mode Privileged User
Related Commands ids policy ids rule clear voip ids blacklist
- 159 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Example Displaying the IDS blacklist:
# show voip ids blacklist active Active blacklist entries: 10.33.5.110(NI:0) remaining 00h:00m:10s in blacklist
Where SI is the SIP Interface, and NI is the Network interface. Displaying the blacklist of all active IDS alarms:
# show voip ids active-alarm all IDSMatch#0/IDSRule#1: minor alarm active.
Displaying details regarding an active IDS alarm of the specified match and rule IDs:
# show voip ids active-alarm match 0 rule 1 IDSMatch#0/IDSRule#1: minor alarm active. - Scope values crossed while this alarm is active:
10.33.5.110(SI0)
show voip interface
This command displays information (basic configuration, status and Performance Monitoring) of a specified telephony interface (E1/T1, BRI or FXS/FXO).
Syntax show voip interface {e1-t1|bri|fxs-fxo} <Module>/<Port>
Command e1-t1 bri fxs-fxo
module port
Description Displays information on a specified E1/T1 interface. Displays information on a specified BRI interface. Displays the current status, main PM parameters and main configuration parameters to a specific analog interface (FXS or FXO Defines the module slot index as shown on the front panel Defines the module's analog port number (FXS/FXO) or trunk
- 160 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Description port number (E1/T1 or BRI) to display.
Command Mode Basic and Privileged User
Note Parameters displayed depend on the PSTN protocol type. The command is applicable to devices supporting analog and/or digital PSTN interfaces.
Example Displaying information of the E1/T1 interface of trunk port 1 of trunk module 3:
show voip interface e1-t1 3/1
show voip interface e1-t1 3/1
-------------------------------
module/port: 3/1
trunk number: 0
protocol: t1_transparent
state:
not active
alarm status: LOS 1, LOF 0, RAI 0, AIS 0, RAI_CRC 0
loopback status: no loop
send alarm status: no alarm
main performance monitoring counters collected in the last 470 seconds:
BitError: 0 EBitErrorDetected: 0
CRCErrorReceived: 0 LineCodeViolation: 0
ControlledSlip: 0 ControlledSlipSeconds: 0
ErroredSeconds: 0 BurstyErroredSeconds: 0
UnAvailableSeconds: 470 PathCodingViolation: 0
LineErroredSeconds: 0 SeverelyErroredSeconds: 0
SeverelyErroredFramingSeconds: 0
basic configuration: framing: T1_FRAMING_ESF_CRC6 line-code: B8ZS clock-master: CLOCK_MASTER_OFF clock-priority: 0 trace-level: no-trace
- 161 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show voip ip-group
This command displays the following QoS metrics per IP Group: QoE profile metrics per IP Group and its associated Media Realm on currently established
calls such as MOS, jitter, packet loss, and delay. Metrics are displayed as average amounts. Bandwidth Profile (BW) metrics for Tx and Rx traffic per IP Group and/or Media Realm.
Metrics are displayed with a status color for each specific port. QoE profile metrics for the remote (far-end) such as MOS, jitter, packet loss, and delay.
Each metric is displayed with a specific color. Group MSA metrics for the IP Group and the Media Realm. Metrics are displayed as an
aggregated value.
Syntax
show voip ip-group <IP Groups Table Index> media-statistics
Command Mode Basic and Privileged User
Example Displaying QoS metrics of IP Group configured in row index 0:
show voip ip-group 0 media-statistics IPGroup 0. BWProfile: -1, QoEProfile: -1 -------------------------------------MSA: 0 Averages: MOS 0 Remote MOS 0 Delay 0 Remote Delay 0 Jitter 0 Remote Jitter 0 Fraction loss tx 0 Fraction loss rx 0 Packet sent 0 Packet received 0 Audio Tx BW 0, Audio Tx Status Green Audio Rx BW 0, Audio Rx Status Green Total Tx BW 0, Total Tx Status Green Total Rx BW 0, Total Rx Status Green Video Tx BW 0, Video Tx Status Green Video Rx BW 0, Video Rx Status Green MSA color Gray MSA remote color Gray MOS color Gray remote MOS color Gray Delay color Gray remote Delay color Gray PL color Gray remote PL color Gray Jitter color Gray remote Jitter color Gray
- 162 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
color is not relevant Media Realm -1. BWProfile -1, QoEProfile: -1
show voip ldap
This command displays the number of 'internal AD search requests', i.e., routings requiring information from the AD, including requests answered via the cache and directly from the AD. Routing requests are stored every 15 minutes. The last 96 intervals (24h) are stored.
Syntax
show voip ldap {cache-hits-pm|print-cache} {group <Group Matrix Index>}|printcache-entry {group <Group Index>}|print-cache-nums|searches-pm|timeout-pm
Command
Description
cache-hits-pm
Displays the number of responses answered by the cache in each interval.
print-cache
Displays the cache (by group).
print-cacheentry
Displays a cache entry (by key and group).
print-cache-nums Displays the number of entries and aged entries in the cache.
searches-pm
Displays performance monitoring results for searches.
timeout-pm
Displays performance monitoring results for searches.
Command Mode Basic and Privileged User
Example Displaying the the number of responses answered by the cache in each interval:
show voip ldap cache-hits-pm server 0 000000000000000000000000000000000000000000000 00000000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 server 1 000000000000000000000000000000000000000000000
- 163 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
00000000000 00000000000000000000000000
Displaying the cache (by group):
show voip ldap print-cache print cache servers' group number 0 Hash size 0 aged 0 servers' total Hash size 16384 servers' group number 1 Hash size 0 aged 0
Displaying the cache (by key and group):
show voip ldap print-cache-entry servers' group number 0 Hash size 0 aged 0 servers' total Hash size 16384 servers' group number 1 Hash size 0 aged 0
show voip other-dialog statistics
This command displays the number of current incoming and outgoing SIP dialogs (e.g., REGISTER), except for INVITE and SUBSCRIBE messages.
Syntax
show voip other-dialog statistics
Command Mode Basic and Privileged User
Note The command is applicable only to the SBC application.
Example
show voip other-dialog statistics SBC other Dialog Statistics: Active other dialogs: 0 Active incoming other dialogs: 0 Active outgoing other dialogs: 0
- 164 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
show voip proxy sets status
This command displays the information of Proxy Sets including their status. The status ("OK" or "FAIL") indicates IP connectivity with the proxy server.
Syntax show voip proxy sets status
Command Mode Basic and Privileged User
Example Displaying status of Proxy Sets:
show voip proxy sets status
Active Proxy Sets Status
ID NAME MODE KEEP ALIVE ADDRESS PRIORITY WEIGHT
SUCCESS COUNT FAILED COUNT STATUS
0 ITSP--1 Parking Disabled NOT RESOLVED
1 ITSP-2 Homing Enabled 10.8.6.31(10.8.6.31)
OK
show voip realm
This command displays statistics relating to Media Realms and Remote Media Subnets.
Syntax Displaying Media Realms:
show voip realm <Media Realm Table Index> statistics
Displaying Remote Media Subnets:
show voip realm <Media Realm Table Index> remote-media-subnet <Remote Media Subnet Table Index> statistics
Command Mode Basic and Privileged User
- 165 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Note The command is especially useful when Quality of Experience Profile or Bandwidth Profile is associated with the Media Realm or Remote Media Subnets.
show voip register
This command displays registration status of users.
Syntax show voip register {account|board|db sbc|ports|suppserv gw|user-info}
Command
Description
account
Displays registration status of user Accounts (Accounts table). gw (Gateway accounts) sbc (SBC accounts)
board
Displays registration status for the entire gateway.
db sbc
Displays SBC users registered with the device (SBC User Information table).
list (Displays the status of all registered SBC users showing their AOR and Contact)
user <AOR> (Displays detailed information about a specific registered SBC user, including the IP Group to which the user belongs):
Active:YES = user was successfully registered. Active:NO = user was registered and is waiting for approval.
Note: The command is applicable only to the SBC application.
ports
Displays registration status of the devices' ports. Note: The command is applicable only to the Gateway application.
suppserv gw
Displays the number of users in the Supplementary Services table.
list (Displays detailed information about users, including registration status (REGISTERED / NOT REGISTERED).
Note: The command is applicable only to the Gateway application.
userinfo
Displays registration status of users in the User Info table. gw (Displays total number of Gateway users)
list (Displays detailed information about users, including
- 166 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Command
Description
registration status - REGISTERED / NOT REGISTERED). sbc (Displays total number of SBC users)
list (Displays detailed information about users, including registration status - REGISTERED / NOT REGISTERED).
Command Mode Basic and Privileged User
Example Displaying registration status of SBC users of AOR "2017":
show voip register db sbc user 2017 *** SBC Registered Contacts for AOR '2017' *** sip:2017@10.8.2.225:5080;expire=90; Active: YES; IPG#4; ResourceID# (#983)
Displaying port registration status:
show voip register ports
*** Ports Registration Status ***
Gateway Port
Status
=================================================
Module 3 Port 1 FXO REGISTERED
-------------------------------------------------
Module 3 Port 2 FXO REGISTERED
-------------------------------------------------
Module 3 Port 3 FXO REGISTERED
-------------------------------------------------
Module 3 Port 4 FXO NOT REGISTERED
-------------------------------------------------
Module 5 Port 1 FXS NOT REGISTERED
-------------------------------------------------
Module 5 Port 2 FXS NOT REGISTERED
-------------------------------------------------
Module 5 Port 3 FXS NOT REGISTERED
-------------------------------------------------
Module 5 Port 4 FXS REGISTERED
- 167 -
CHAPTER 6 Show Commands
MSBR | CLI Reference Guide
Displaying detailed information about users in the Supplementary Services table:
show voip register suppserv gw list *** GW Supp Serv Users Registration Status *** Index Type Status Contact ================================================= 1 EndPoint NOT REGISTERED sip:4000@10.15.7.96:5060
show voip subscribe
This command displays active SIP SUBSCRIBE dialog sessions.
Syntax show voip subscribe {list|statistics} show voip subscribe list [<Session ID>|descending|summary]
Command
Description
list
Displays SUBSCRIBE dialog information. One of three options can be selected:
<Session ID> (Displays detailed information for the specified Session ID).
descending(Displays SUBSCRIBE dialogs sorted in descending order by call duration).
summary (Displays a summary of SUBSCRIBE dialogs).
statistics Displays SUBSCRIBE dialog statistics including incoming and outgoing SUBSCRIBEs.
Command Mode Basic and Privileged User
Example Displaying a summary of active SUBSCRIBE dialogs:
show voip subscribe statistics SBC SUBSCRIBE Dialog Statistics: Active SUBSCRIBE dialogs: 4
- 168 -
CHAPTER 6 Show Commands
Active incoming SUBSCRIBE dialogs: 6 Active outgoing SUBSCRIBE dialogs: 8
MSBR | CLI Reference Guide
show voip tdm
This command displays TDM status.
Syntax
show voip tdm
Command Mode Basic and Privileged User
Example The command is applicable only to devices supporting PSTN interfaces.
Example
show voip tdm Clock status:
TDM Bus Active Clock Source Internal Configuration:
PCM Law Select 3 TDM Bus Clock Source 1 TDM Bus Local Reference 0 TDM Bus Type 2 Idle ABCD Pattern 15 Idle PCM Pattern 255 TDM Bus PSTN Auto Clock Enable 0 TDM Bus PSTN Auto Clock Reverting Enable 0
- 169 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
7 Clear Commands
This section describes the clear commands.
Syntax # clear
This command includes the following commands:
Command alarms-history clear counters clear data debug-file clear ip clear ipv6 clear l2tpserver
Description See clear alarms-history on the next page See clear counters on the next page See clear data on page 173 See clear debug-file on the next page See clear ip on page 174 See clear ipv6 on page 175 See clear l2tp-server on page 177
clear pptpserver
See clear pptp-server on page 178
qos
See clear qos counters on page 179
storage-history See clear storage-history on page 179
system
See clear system on page 180
system-log
See clear system-log on page 180
user
See clear user on page 181
voip
See clear voip on page 181
Command Mode Privileged User
- 170 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
clear alarms-history
This command deletes the Alarms History table.
Syntax # clear alarms-history
Command Mode Privileged User
clear debug-file
This command deletes the debug file (core dump).
Syntax # clear debug-file
Command Mode Privileged User
clear counters
This command deletes all interface counters or one specific interface counter.
Syntax # clear counters
Command
Description
(Carriage Return)
Deletes all counters.
atm <Group/Subinterface>
Deletes the counters of Asynchronous Transfer Mode (ATM) on xDSL interface counters (per DSL line group and ATM sub-interface ID).
bvi <Bridge Interface>
Deletes the counters of the Bridge group Virtual Interface (BVI), per interface.
- 171 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
Command
Description
cellular <Cellular
Deletes the counters of the 3G Cellular interface, per
Interface ID Number> interface ID number.
dot11radio <Interface ID Number>
Deletes the counters of the WiFi interface, per WiFi interface ID number.
efm <Slot/Port.VLAN ID>
Deletes the counters of the Ethernet in the First Mile interface, per interface slot and port (VLAN ID is optional).
fiber <Slot/Port.VLAN ID>
Deletes the counters of the Fiber interface, per interface slot and port (VLAN ID is optional).
gigabitethernet <Slot/Port.VLAN ID>
Deletes the counters of the Gigabit Ethernet interface, per interface slot and port (VLAN ID is optional).
gre <Interface ID Number>
Deletes the counters of the Generic Routing Encapsulation (GRE) tunneling interface, per GRE tunneling interface ID number.
ipip <Interface ID Number>
Deletes the counters of the IP in IP tunneling interface, per IP in IP tunneling interface ID number.
ipipv6 <Interface ID Number>
Deletes the counters of the IP in IP version 6 tunneling interface, per IP in IP version 6 tunneling interface ID number.
ipv6ip <Interface ID Number>
Deletes the counters of the IP version 6 in IP tunneling interface, per IP version 6 in IP tunneling interface ID number.
l2tp <Interface ID Number>
Deletes the counters of the Layer 2 Tunneling Protocol (L2TP), per L2TP tunneling interface number.
loopback <Interface ID Number>
Deletes the counters of the PPPoE interface / Loopback interface, per interface ID number.
pppoe <Interface ID Number>
Deletes the counters of the Point-to-Point Protocol over Ethernet (PPPoE) interface, per PPPoE interface ID number.
pptp <Interface ID Number>
Deletes the counters of the Point-to-Point Tunneling Protocol (PPTP) interface, per PPTP interface ID number.
- 172 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
Command track [Track ID]
vlan <Interface ID Number> vti <Interface ID Number>
Description
Deletes the statistics of the maximum round-trip time (RTT) of packets for all Tracks or optionally, per Track ID. It clears (resets to zero) the maximum RTT counter displayed in the output of the command, show data track brief.
Deletes the counters of the VLAN interface, per VLAN interface ID number.
Deletes the counters of the Virtual Tunnel Interface (VTI), per VTI number.
Command Mode Privileged User
Example This example clears all counters:
# clear counters This example clears the counter of the PPTP interface whose ID is 0:
# clear counters pptp 0
clear data
This command deletes the data logs.
Syntax # clear data
Command dns-view counters
dsl-connectionattempts
Description Deletes the DNS counters. Deletes the data logs for DSL connection attempts.
- 173 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
Command log-history
mac-address-table <VLAN>
Description
Deletes buffered log messages relating to the data functionality of the device.
Deletes the MAC table. Optional: Deletes per VLAN ID.
Command Mode Privileged User
Example This example deletes the buffer of log messages relating to the data functionality of the device:
# clear data log-history
clear ip
This command deletes IP information.
Syntax # clear
Command
Description
access-list {counters}
Deletes IP access list counters.
arp {<A.B.C.D.>|all|interface}
Deletes a specific dynamic ARP entry in the format A.B.C.D., or the entire ARP cache, or the dynamic ARP cache of a specific interface.
bgp {<*>|<1-65535>|<A.B.C.D>| <X:X::X:X>|dampening|external| peer-group|view}
Deletes BGP information.
dhcp {binding}
Deletes items from the DHCP database.
mroute <VRF Table Name>
Deletes the multicast route table entries, or, optionally, for a specified Virtual Routing and Forwarding (VRF) table.
- 174 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
Command
Description
nat translations
Deletes the current NAT (Network Address Translation) connections.
prefix-list <Prefix List Name> Deletes the counters for IP prefix lists or for a specified prefix list.
vrf <VRF Table Name>
Deletes IP information associated with a specified Virtual Routing and Forwarding (VRF) table.
Command Mode Privileged User
Example This example deletes
# clear ip nat translations
All NAT translations cleared. This example deletes access list counters:
# clear access-list
clear ipv6
This command deletes IP version 6 configuration.
Syntax # clear ipv6
Command dhcpv6 binding {<XX:XX::XX>|all|interface}
Description
Deletes items from the DHCP version 6 database:
- 175 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
Command
Description
XX:XX:XX:X X (Deletes a specific IPv6 binding)
all (Deletes all automatic bindings)
interface (Deletes the binding from a specific interface)
neighbors {<XX:XX::XX>|all|interface<atm|bvi|cellular|efm | gigabitethernet|gre|ipip|l2tp| loopback|pppoe|pptp|vlan>}
Deletes IP version 6 entries from the neighbors table.
XX:XX:XX:X X (Deletes a specific IP version 6 entry from the neighbors table)
all (Deletes all IP version 6 entries from the neighbors cache)
interface (Deletes IP version 6
- 176 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
Command prefix-list <Prefix List Name>
vrf <VRF Table Name>
Description
entries per interface)
Deletes counters for IP version 6 prefix lists, or deletes counters for a specified IP version 6 prefix list.
Deletes the counters on an IP version 6 prefix list associated with a specified VRF table.
Command Mode Privileged User
Example This example deletes counters for IP prefix lists:
# clear ip prefix-list
clear l2tp-server
This command deletes Layer 2 Tunneling Protocol (L2TP) server connections.
Syntax # clear l2tp-server
- 177 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
Command all
conn <Connection Number>
Description
Clears all L2TP server connections
Clears incoming L2TP server connections, per connection number.
Command Mode Privileged User
Example This example clears incoming L2TP server connection number 1:
# clear l2tp-server conn 1
clear pptp-server
This command deletes incoming Point- to- Point Tunneling Protocol (PPTP) VPN server connections.
Syntax # clear pptp-server
Command
Description
all
Deletes all PPTP server connections.
conn
Deletes incoming PPTP server connections, per connection number.
Command Mode Privileged User
Example This example deletes incoming PPTP server connection number 1:
# clear # clear pptp-server conn 1
- 178 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
clear qos counters
This command deletes counter data related to quality of service.
Syntax # clear qos counters
Command Mode Privileged User
clear storage-history
This command deletes the locally stored CDRs.
Syntax # clear storage-history <Service Name> {all|unused}
Command Service Name
Description
The name of the service. To view services, run the show storagehistory services command. Currently supported service: cdr-storage-history Includes the following Command:
all
Deletes all stored CDR files
unused
Deletes unused stored CDR files
Command Mode Privileged User
Related Commands show storage-history services
Example Deleting all stored CDR files:
- 179 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
# clear storage-history cdr-storage-history all Deleting all unused stored CDR files:
# clear storage-history cdr-storage-history unused
clear system
This command deletes the history of the CPU utilization. Syntax
# clear system cpu-util history
Command Mode Privileged User
Example This example clears the history of system CPU utilization:
# clear system cpu-util history Cleared CPU history
clear system-log
This command deletes the system log. This clears the Syslog messages in the CLI, and on the Web interface's Message Log page (Troubleshoot menu > Troubleshoot tab > Message Log) where it does the same as clicking the Clear button.
Syntax # clear system-log
Command Mode Privileged User
Related Commands show system log
- 180 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
clear user
This command terminates CLI users who are currently logged in through RS-232 (console), Telnet, or SSH. When run, the command drops the Telnet/SSH session or logs out the RS-232 session, and displays the login prompt.
Syntax # clear user <Session ID>
Command Session ID
Description
Unique identification of each currently logged in CLI user. Allows you to end the active CLI session of a specific CLI user. You can view session IDs by running the show users command.
Note The CLI session from which the command is run cannot be terminated.
Command Mode Privileged User
Related Commands show users
Example Ending the CLI session of a specific user:
# clear user 1
clear voip
This command deletes VoIP-related information.
Syntax # clear voip {calls|register|statistics}
- 181 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
Command calls ids blacklist register
statistics
Description See clear voip calls below See clear voip ids blacklist on the next page See clear voip register db sbc on the next page See clear voip statistics on page 184
Command Mode Privileged User
clear voip calls
This command deletes all active calls.
Syntax # clear voip calls [<Session ID>]
Command
(Carriage Return)
Session ID
Description If Session ID isn't specified, all active VoIP calls are cleared.
(Optional) If Session ID is specified, the specified call is cleared.
Command Mode Privileged User
Related Commands show voip calls active
Example Displaying and then clearing VoIP calls:
# show voip calls Total Active Calls: 1 | Session ID | Caller
| Callee
| Origin | Remote IP |End Point Type
- 182 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
|Duration|Call State
==========================================================
==========================================================
=========
|326433737 |3005
|2000
|Outgoing|10.8.6.36 |FXS-3/3
|00:00:06|Connected
# clear voip calls 326433737 1 Active Calls were Manually disconnected
clear voip ids blacklist
This command deletes active blacklisted remote hosts in the IDS Active Black List table.
Syntax # clear voip ids blacklist {all|entry <Removal Key>}
Command all
entry <Removal Key>
Description
Deletes all blacklisted entries in the IDS Active Black List table.
Deletes a blacklisted entry in the IDS Active Black List table, specified by its Removal Key.
Command Mode Privileged User
Related Commands show voip ids
Example This example deletes a blacklisted entry whose Removal Key is 776-854-3:
# clear voip ids blacklist entry 776-854-3
clear voip register db sbc
This command deletes SBC users registered from the device's registration database.
- 183 -
CHAPTER 7 Clear Commands
MSBR | CLI Reference Guide
Syntax
# clear voip register db sbc user <AOR> # clear voip register db sbc ip-group <ID or Name>
Command AOR ID or name
Description
Defines the Address of Record (AOR) of the user (user part or user@host).
Configures an IP Group (i.e., deletes all registered users belonging to the IP Group).
Command Mode Privileged User
Note The command is applicable only to the SBC application.
Example Clearing John@10.33.2.22 from the registration database:
# clear voip register db sbc user John@10.33.2.22
clear voip statistics
This command deletes calls statistics.
Syntax # clear voip statistics
Command Mode Privileged User
- 184 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
8 General Root Commands
This section describes general root commands. These commands are entered at root level.
Command admin copy dir erase ethernet nslookup output-format ping pstn reload srd-view system-snapshot telnet traceroute undebug usb write write-and-backup
Description See admin below See copy on page 188 See dir on page 194 See erase on page 195 See ethernet on page 196 See nslookup on page 197 See output-format on page 198 See ping on page 200 See pstn on page 202 See reload on page 203 See srd-view on page 205 See system-snapshot on page 205 See telnet on page 207 See traceroute on page 208 See undebug on page 209 see usb on page 210 See write on page 211 See write-and-backup on page 212
admin
This command provides various administration-related operations.
Syntax
- 185 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
admin
Command register state streaming unregister
Description See admin register|unregister below See admin state on the next page See admin streaming on page 188 See admin register|unregister below
admin register|unregister
This command registers (or unregisters) users with a proxy server.
Syntax admin register|unregister {accounts|gw|ports|suppserv|userinfo}
Command
Description
accounts <Account Registers user Accounts, configured in the Accounts table. Index>
gw
Registers the device as a single entity (Gateway).
ports <Module Number> <Port Number>
Registers the device's ports. You need to specify the module number and port number.
suppserv <Extension Number>
Registers an FXS endpoint by phone number and BRI line extensions configured in the Supplementary Services table.
userinfo {gw|sbc} Registers users configured in the User Info table. <Local User>
Command Mode Basic and Privileged User
Example This example registers Port 1 located on Module 3:
- 186 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
admin register ports 3 1 Registering module 3 port 1 (200)
admin state
This command locks and unlocks the device.
Syntax Locks the device:
# admin state lock {graceful <timeout>|no-graceful} [disconnect-clientconnections]
Unlocks the device:
# admin state unlock
Command
Description
lock graceful <timeout>
Gracefully locks the device after a user-defined interval, during which new calls are rejected and existing calls continue. If the existing calls do not end on their own accord during the interval, the device terminates them when the timeout expires.
lock nograceful
Locks the device immediately, terminating all active calls (if any exist).
disconnectclientconnections
Closes existing TLS/TCP client connections and rejects incoming TLS/TCP client connections when the device is in locked state.
unlock
Unlocks the device.
Command Mode Privileged User
Related Commands show admin state displays the current administrative state
Example This example locks the device after 50 seconds and closes existing TLS/TCP connections:
- 187 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
# admin state lock graceful 50 disconnect-client-connections
admin streaming
This command stops or starts audio streaming of Music on Hold (MoH) from an external media player connected to an FXS port.
Syntax admin streaming {start|stop}
Command
start {<FXS Port>|all}
stop {<FXS Port>|all}
Description
Starts audio streaming on a specific FXS port or all FXS ports.
Stops audio streaming on a specific FXS port or all FXS ports.
Command Mode Basic and Privileged User
Example This example starts audio streaming on FXS port 1:
admin streaming start 1
copy
This command downloads and uploads files from and to the device, respectively.
Syntax # copy <File Type> {from|to} {<URL>|console|usb:///<Filename>}
Command File Type aux-package
Description Defines the file type as an auxiliary package file,
- 188 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command
call-progress-tones from
cas-table from
cli-script {from|to} configuration-pkg {from|to} debug-file to
Description
allowing you to download or upload a batch of auxiliary files, using a TAR (Tape ARchive) file (.tar). The TAR file can contain any number and type of Auxiliary files, for example, a Dial Plan file and a CPT file.
Defines the file type as a Call Progress Tones (CPT) file. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as a Channel Associated Signaling (CAS) table file. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as a CLI script file.
Defines the file type as a Configuration Package file (.tar.gz), which includes all files.
Defines the file type as a debug file and copies the file from the device to a destination. The debug file contains the following information:
Exception information, indicating the specific point in the code where the crash occurred and a list of up to 50 of the most recent SNMP alarms that were raised by the device before it crashed.
Latest log messages that were recorded prior to the crash.
Core dump. The core dump is included only if core dump generation is enabled, no IP address has been configured, and the device has sufficient memory on its flash memory.
May include additional application-proprietary debug information. The debug file is saved as a zipped file with the following file name: "debug_ <device name>_ver_<firmware version>_mac_ <MAC address>_<date>_<time>". For example, debug_acMediant_ver_700-8-4_mac_ 00908F099096_1-03-2015_3-29-29.
- 189 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command dial-plan from firmware from incremental-ini-file from ini-file {from|to}
mt-firmware prerecorded-tones from redundant-debug-file to
sbc-wizard from
Description
Defines the file type as a Dial Plan file. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as a firmware file (.cmp). Note: After the .cmp file is loaded to the device, it's automatically saved to the device's flash memory with a device reset.
Defines the file type as an ini file, whereby parameters that are not included in the ini file remain at their current settings. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as an ini file, whereby parameters that are not included in the ini file are restored to default values. Note: The file can be uploaded to or downloaded from the device.
Defines the file type as a firmware file (.cmp) for Media Transcoders (MT) in the Media Transcoding Cluster feature.
Defines the file type as a Prerecorded Tones (PRT) file. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as a debug file of the Redundant device in the High-Availability (HA) system, and copies the file from the device to a destination. Note: The file can only be downloaded from the device (see the command 'from' below).
Defines the file type as a SBC Wizard Configuration Template file, which is used by the Configuration Wizard. Note: The file can only be uploaded to the device (see the command 'from' below).
- 190 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command startup-script from storage-history
tls-cert from tls-private-key from tls-root-cert from user-info from vmc-firmware voice-prompts web-favicon from
web-logo from
Description
Defines the file type as a Startup CLI script file.
Defines the file type as a locally stored Call Detail Record (CDR) file. Define the name of the service. To view services, run the command show storagehistory services. Currently supported service: cdrstorage-history
Defines the file type as a TLS certificate file. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as a TLS private key file. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as a TLS trusted root certificate file. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as a User Info file. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as a firmware file (.cmp) for Media Components (MC) in the Media Cluster feature.
Defines the file type as a Voice Prompts (VP) file. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as an icon file associated with the device's URL saved as a favorite bookmark on your browser's toolbar when using the device's Web interface. Note: The file can only be uploaded to the device (see the command 'from' below).
Defines the file type as an image file, which is displayed as the logo in the device's Web interface. Note: The file can only be uploaded to the device (see the command 'from' below).
- 191 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command Download/Upload from to File Location URL
console
usb:///<file name>
Description
Downloads a file to the device.
Uploads a file from the device to a specified destination.
Defines the URL from which / to which to upload / download the file. Can be: HTTP HTTPS TFTP
Displays the current .ini configuration file on the CLI console. Note: The command is applicable only to the .ini configuration file (copy ini-file to).
Uploads the file from a USB stick, connected to the device, to the device, or downloads the file from the device to a USB stick connected to the device. Note: The command is applicable only to devices that provide a USB port interface.
Command Mode Privileged User
Related Commands erase dir write
Note When you load a file to the device, you must run the write command to save the file to
flash memory, otherwise, the file is deleted when the device resets or powers off. For more information on the different file types, refer to the User's Manual.
- 192 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
During firmware file (.cmp) load, a message is displayed showing load progress information. The message is also displayed in the console of all other users that are currently connected to the device through CLI. The message forcibly stops the users from performing further actions, preventing them from interrupting the load process. Below shows an example of such a message:
# copy firmware from http://10.3.1.2:1400/tftp/SIP_F7.20A.140.226.cmp % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 40.7M 100 40.7M 0 0 1288k 0 0:00:32 0:00:32 --:--:-- 1979k Firmware file http://10.3.1.2:1400/tftp/SIP_F7.20A.140.226.cmp was loaded. (user: Admin, IP local) The system will reboot when done DO NOT unplug/reset the device ............................................................. Firmware process done. Restarting now... Restarting......
The displayed information includes: %: Percentage of total bytes downloaded and uploaded; downloaded is displayed only
when downloading a file (i.e., copy from command) Total: Total bytes downloaded and uploaded. %: Percentage of downloaded bytes (copy from command only). Received: Currently downloaded bytes (copy from command only). %: Percentage of uploaded bytes (copy to command only). Xferd: Currently uploaded bytes (copy to command only). Average Dload: Average download speed in bytes/sec (copy from command only). Speed Upload: Average upload speed in bytes/sec (copy to command). Time Spent: Elapsed time. Time Left: Time remaining for the file upload/download to complete. Current Speed: Current upload/download speed in bytes/sec. Example Copying firmware file from an HTTP server:
# copy firmware from http://192.169.11.11:80/SIP_F7.20A.260.002.cmp
Displaying (copying) the ini configuration file to the CLI console:
- 193 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
# copy ini-file to console Auxilliary file batch:
# copy myauxfiles.tar from http://www.exmaple.com/auxiliary Copying CLI-based configuration from TFTP server:
# copy cli-script from tftp://192.168.0.3/script1.txt Upgrading the device's firmware from a source URL file:
# copy firmware from http://www.exmaple.com/firmware.cmp Copying the dial plan file:
copy dial-plan from http://10.4.2.2/MyHistoryFiles/
dir
This command displays the device's current auxiliary files directory. Syntax
# dir
Command Mode Privileged User
Example Displaying the device's current auxiliary files directory:
# dir directory listing: call-progress-tones [usa_tones_13.dat] 9260 Bytes cas-table [Earth_Calling.dat] 43852 Bytes tls-private-key [pkey.pem] 940 Bytes tls-cert [server.pem] 643 Bytes
- 194 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
erase
This command deletes an Auxiliary file from the device's memory.
Syntax # erase <Auxiliary File>
Note View files using the dir command. To make sure the file type is correctly entered, copy it from the dir command output. The erase command only deletes the file from the device's RAM (and from the device's
current usage). To delete the file permanently (from flash memory), enter the write command after issuing the dir command.
Command Mode Privileged User
Related Commands dir write
Example Viewing Auxilliary files:
# dir directory listing: call-progress-tones [usa_tones_13.dat] 9260 Bytes cas-table [Earth_Calling.dat] 43852 Bytes tls-private-key [pkey.pem] 940 Bytes tls-cert [server.pem] 643 Bytes
Erasing the CPT file from flash memory:
# erase call-progress-tones # write
- 195 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
ethernet
This command configures ITU- T's Y.1731 feature which delivers fault and performance management to service providers managing extensive networks.
Syntax # ethernet
Command
Description
cfm lck {start level <1-7>period <1,60>|stop}
Configures Connectivity Fault Management (CFM) and Locked Signal (LCK).
level (Configures the maintenance level for sending LCK frames)
period (Configure the LCK transmission period: 1 second or 60 seconds)
y1731 1dm{domain <Domain Name>mpid<Endpoint ID>level <1-7>}|loss
Configures ITU-T's Y.1731 feature's Frame Delay to a single delay measurement (1DM).
domain (the name of the domain)
mpid (endpoint
- 196 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command
Description
identifier)
level (Configures the maintenance level for sending frames)
loss (Configures ITU-T's Y.1731 feature's frame loss measurement)
Command Mode Privileged User
Example This example configures starting Ethernet CFM and LCK, level 1, period 60:
# ethernet cfm lck start level 1 period 60
This example configures ITU-T's Y.1731 Frame Delay to a single delay measurement (1DM) whose domain is MIKE, endpoint ID 1, level 1.
# ethernet y1731 1dm domain MIKE mpid 1 level 1
nslookup
This command queries the Domain Name System (DNS) to obtain domain name mapping or IP address mapping.
Syntax
nslookup <Hostname> [source voip interface vlan <VLAN ID>] [type {a|aaaa|naptr|srv}
- 197 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command Hostname source voip interface vlan type
Description Defines the host name. (Optional) Configures a VLAN ID (1 -3999).
(Optional) Defines the type of DNS: a (Use a Host address) aaaa (Use an IPv6 Address) naptr (Use NAPTR - Naming Authority PoinTeR) srv (Use Server selection)
Note The DNS server must be configured for this command to function. The DNS server can be configured using: Internal DNS table: configure network> dns dns-to-ip Internal SRV table : configure network> dns srv2ip IP Interfaces table: configure network> interface network-if
Command Mode Basic and Privileged User
Example Looking up the IP address of Google:
nslookup google.com google.com resolved to 216.58.213.174
output-format
This command enables the output of certain show commands to be displayed in JSON format.
Syntax output-format
- 198 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command json plain
Description Displays the output in JSON format. Displays the output in regular plain text format.
Note
The JSON format is supported only by certain show commands. For filtering the output, see the first, last, range and descending commands in Section Common CLI Commands on page 8.
Command Mode
Basic User and Privileged User
Example
The example displays only the first two calls and in JSON format:
output-format json show voip calls history sbc first 2 { "History" : [ {
"CallEndTime": "08:21:41.376 UTC Wed Mar 28 2018", "IpGroup": "Linux", "Caller": "sipp", "Callee": "service", "Direction": "Incoming", "Duration": "00:00:17", "RemoteIP": "10.33.5.141", "TermReas": "NORMAL_CALL_CLEAR", "SessionId": "3c71d9:152:621" }, { "CallEndTime": "08:21:41.366 UTC Wed Mar 28 2018", "IpGroup": "Linux", "Caller": "sipp", "Callee": "service", "Direction": "Outgoing", "Duration": "00:00:17", "RemoteIP": "10.33.5.141", "TermReas": "NORMAL_CALL_CLEAR", "SessionId": "3c71d9:152:621" }
- 199 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
] }
ping
This command sends (pings) ICMP echo request messages to a remote destination (IP address or FQDN) to check connectivity. Pings have an IP and ICMP header, followed by a struct timeval and then an arbitrary number of "pad" bytes used to fill out the packet. Ping works with both IPv4 and IPv6.
Syntax
ping {<IPv4 Address>|ipv6 <IPv6 Address>|<Hostname>} [ethernet mpid] [source data {interface|source-address|vrf}] [repeat <Echo Requests>] [size <Payload Size>] [summarized]
Command <IPv4 Address> ipv6 <IPv6 Address> <Hostname> ethernet mpid <Endpoint ID> domain <CFM Domain Name> source voip interface
repeat size
Description
Configures an IPv4 IP address in dotteddecimal notation or as a hostname.
Configures an IPv6 address as X:X::X:X or as a hostname.
Configures a hostname or FQDN (.g., abc.com).
Configures a Layer-2 ping - Ethernet Connectivity Fault Management (CFM) per IEEE 802.1ag. This is a loopback message.
(Optional) Defines the interface from where you want to ping. This can be one of the following: vlan (configures the VLAN ID) name (configures the IP network
interface name)
(Optional) Defines the number (1-300) of echo requests.
(Optional) Defines the payload size (0-max packet size).
- 200 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command source data interface
source data source-address
Description
(Optional) Specifies the interface from where you want to send the ping packet. The source IP address is selected automatically. bvi (bridge interface) cellular (Cellular 3G interface) gigabitethernet (Gigabit Ethernet
interface) gre (GRE tunnel interface) ipip (IPIP tunnel interface) ipipv6 (IPIPv6 tunnel interface) ipv6ip (IPv6IP tunnel interface l2tp (L2TP tunnel interface) loopback (PPPoE interface) pppoe (PPPoE interface) pptp (PPTP tunnel interface) vlan (VLAN interface) vti (VTI tunnel interface)
(Optional) Specifies the source interface (IP address of the interface) from where you want to send the ping packet. gigabitethernet (Gigabit Ethernet
interface) gre (GRE tunnel interface) ipip (IPIP tunnel interface) ipipv6 (IPIPv6 tunnel interface) ipv6ip (IPv6IP tunnel interface l2tp (L2TP tunnel interface) loopback (PPPoE interface) pppoe (PPPoE interface) pptp (PPTP tunnel interface) vlan (VLAN interface)
- 201 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command source data vrf summarized
Description vti (VTI tunnel interface) (Optional) Specifies the VRF name from where you want to send the ping packet. Displays a summary of the ping results.
Command Mode Basic and Privileged User
Example Pinging an FQDN:
ping corp.abc.com source voip interface vlan 1
Sending 3 ICMP packets with 555 bytes payload size to 10.4.0.1 via interface VLAN 1:
ping 10.4.0.1 source data interface vlan 1 repeat 3 size 555 PING 10.4.0.1 (10.4.0.1): 555 data bytes 563 bytes from 10.4.0.1: icmp_seq=0 ttl=255 time=1.3 ms 563 bytes from 10.4.0.1: icmp_seq=1 ttl=255 time=1.1 ms 563 bytes from 10.4.0.1: icmp_seq=2 ttl=255 time=1.2 ms --- 10.4.0.1 ping statistics --3 packets transmitted, 3 packets received, 0 packet loss round-trip min/avg/max = 1.1/1.2/1.3 ms
Pinging an IPv6 destination address:
ping ipv6 2001:15::300
pstn
This command initiates a manual switchover between D-channels (primary and backup) pertaining to the same Non-Facility Associated Signaling (NFAS) group.
Syntax # pstn nfas-group-switch-activity <NFAS Group Number>
- 202 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Note The command is applicable only devices supporting digital PSTN interfaces.
Command Mode Privileged User
Example # pstn nfas-group-switch-activity 2
reload
This command resets the device with or without saving the configuration to flash memory.
Syntax # reload
Command if-needed
now
without-saving [in <Minutes>|graceful <Seconds>]
Description
Resets the device only if you have configured parameters that require a device reset for their new settings to take effect.
Resets the device immediately and saves configuration (including Auxiliary files) to flash memory.
Resets the device without saving configuration to flash memory. (Optional) You can configure a delay time before reset occurs:
in: Resets the device only after a userdefined period (in minutes). Use this before making changes to sensitive settings. If your changes cause the device to lose connectivity, wait for the device to restart with the previous working configuration.
graceful: Resets the device within a user-
- 203 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command
Description
defined graceful period (in seconds) to allow currently active calls (if any) to end. During this graceful period, no new calls are accepted. If all currently active calls end before the graceful period expires, the device resets immediately (instead of waiting for the graceful period to expire). If there are active calls when the graceful period expires, the device terminates the calls and resets.
To cancel the delayed reset, use the no reload command.
Command Mode Privileged User
Related Command write
Example This example resets the device only if there are parameters that have been modified which require a reset to take affect:
# reload if-needed
run-startup-script
This command executes a loaded startup script.
Syntax # run-startup-script
Command Mode Privileged User
- 204 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
srd-view
This command access a specific SRD (tenant) view. To facilitate configuration of the MultiTenancy feature through the CLI, the administrator can access a specific tenant view. Once in a specific tenant view, all configuration commands apply only to that specific tenant and the tenant's name (SRD name) forms part of the CLI prompt. Only table rows (indexes) belonging to the viewed tenant can be modified. New table rows are automatically associated with the viewed tenant (i.e., SRD name).
Syntax srd-view <SRD Name>
Command Mode Basic and Privileged User
Note To exit the tenant view, enter the following command:
no srd-view
Example Accessing the 'itsp' tenant view:
srd-view itsp (srd-itsp)#
system-snapshot
This command is for managing snapshots that are can be used for system recovery. The device can maintain up to 10 snapshots. If 10 snapshots exist and you create a new one, the oldest snapshot is removed to accommodate the newly created snapshot.
Syntax # system-snapshot
- 205 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command
Description
create <Snapshot Name> [force]
Creates a snapshot of the system. If no name is defined, a default name is given to the snapshot. If you enter the force command, the device overrides the oldest snapshot with this one if the maximum number of system snapshots has been reached.
The final snapshot name is in the following format: <Snapshot Name><Version>-<Creation Time>
The device's version is automatically added as well as the date and time of the snapshot creation.
default <Snapshot Name>
Defines the default rescue snapshot. If no name is specified, the current snapshot is made default.
delete <Snapshot Name>
Deletes a snapshot.
load <Snapshot Name>
Recovers the device by loading a snapshot. If no name is entered, the default snapshot is loaded.
rename <existing name> <new name>
Modifies the name of a snapshot.
show
Displays all saved snapshots. The default system snapshot is shown with an asterisk (*).
Command Mode Privileged User
Note The command is applicable only to Mediant 9000 and Mediant SE/VE.
Example This example creates a snapshot of the system with the name "My-Snapshot":
# system-snapshot create My-Snapshot
- 206 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
telnet
This command invokes a Telnet session from the device towards a remote host for remote management. A remote administrator can access the device's CLI from the WAN leg while performing the full authentication process. The administrator can then invoke Telnet sessions towards other devices in the LAN to manage them. No special pin-holes or forwarding rules need be declared to manage them.
Syntax
# telnet <Address> <Port> [source data [interface|source-address|vrf]]
Command
Descriptio n
Address
Remote host IP address.
Port
(Optional)
Remote
host port
number.
interface {bvi|cellular|gigabitethern|gre|ipip|ipipv6|ipv6ip | l2tp|loopback|pppoe|pptp|vlan|vti}
Defines the source interface and ID to bind to.
source-address interface {bvi|cellular|gigabitethern| gre|ipip|ipipv6|ipv6ip|l2tp|loopback|pppoe|pptp|vl an| vti}
Defines the source address interface to bind to.
vrf
Defines
the virtual
routing
forwardin
g (VRF)
name.
- 207 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example Invoking a Telnet session to a device located on the LAN:
# telnet 11.11.11.201 23 source data interface vlan 1 Invoking a Telnet session to a device located on the WAN using a WAN interface:
# telnet 10.10.10.2 23 source data interface gigabitethernet 0/0 Invoking a Telnet session to a device located on the WAN using VRF:
# telnet 10.10.10.2 23 source data vrf Test
traceroute
This command performs a traceroute and displays the route (path) and packet transit delays across an IP network, for diagnostic purposes.
Syntax
traceroute <Destination IP Address|Hostname> [interface name <Interface Name>|vlan <VLAN ID> <Source IP Address>] [proto udp|icmp]
Command
Description
Destination IP Address The IP address or hostname to which the trace is sent. or Hostname
interface name Name of the interface.
vlan
Defines the VLAN ID.
proto {icmp|udp}
Defines the protocol type. The default is UDP. IPv4 traceroute also supports icmp protocol type.
Note Supports both IPv4 and IPv6 addresses.
- 208 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
In IPv4, it supports hostname resolution as well. Sends three requests to each hop on the way to the destination.
Command Mode Basic and Privileged User
Example Examples of using this command: IPv6:
traceroute ipv6 2014:6666::dddd 1 2014:7777::aa55 (2014:7777::aa55) 2.421 ms 2.022 ms 2.155 ms 2 2014:6666::dddd (2014:6666::dddd) 2.633 ms 2.481 ms 2.568 ms Traceroute: Destination reached
IPv4:
traceroute 10.3.0.2 1 1 (10.4.0.1) 2.037 ms 3.665 ms 1.267 ms 2 1 (10.3.0.2) 1.068 ms 0.796 ms 1.070 ms Traceroute: Destination reached
undebug
This command disables debugging Border Gateway Protocol (BGP) functions.
Syntax # undebug
Command
all bgp
bgp {events|filters| fsm|keepalives|updates zebra}
Description
Disables debugging all BGP functions.
Disables debugging specified BGP functions. Disables BGP events. Disables BGP filters. Disables BGP FSM information. Disables BGP keepalives.
- 209 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command
vrf <VRF Table Name> {all|bgp <events|filters|fsm| keepalives|updates| zebra>}
Description
Disables BGP updates. Disables BGP Zebra information.
Disables debugging specified functions in the MSBR's VRF (Virtual Routing and Forwarding) table. Disables VRF events. Disables VRF filters. Disables VRF FSM information. Disables VRF keepalives. Disables VRF updates. Disables VRF Zebra information.
Command Mode Privileged User
Related Commands debug
Example This example disables debugging all BGP functions:
# undebug all bgp All possible debugging has been turned off
usb
This command allows maintenance on USB sticks plugged into the device.
Syntax # usb
- 210 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Command list remove
Description Displays files located on the USB. Safely removes a USB stick that is plugged into the device.
Command Mode Privileged User
Note The command is applicable only devices that provide USB port interfaces.
write
This command saves the device's current configuration to flash memory or optional, restores the device to factory defaults.
Syntax # write
Command
(Carriage Return)
factory
Description Saves configuration to flash memory .
Restores the device's configuration to factory defaults.
Command Mode Privileged User
Note The write command does not reset the device. For parameters that require a reset for
their settings to take effect, use the reload now command instead, or use it after the write command. The write factory command erases all current network configuration and thus, remote connectivity to the device (Telnet/SSH) may fail immediately after you run this command. When the write factory command is run, Auxiliary files are also erased.
- 211 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Related Commands reload now
Example Saving the configuration to flash memory:
# write Writing configuration...done
write-and-backup
This command saves the device's configuration file to flash memory and uploads it to a specified destination. The feature provides a method to back up your saved configuration.
Syntax # write-and-backup to {<URL>|usb}
Command URL usb
Description
Defines the destination as a URL (TFTP or HTTP/S) to a remote server.
Defines the destination to a folder on a USB storage stick plugged in to the device.
Command Mode Privileged User
Note The USB option applies only to devices with USB interfaces. The configuration of the backed-up file is based only on CLI commands. The device first saves the configuration file to flash memory and then sends the file to the
configured destination.
Related Commands write
Example
- 212 -
CHAPTER 8 General Root Commands
MSBR | CLI Reference Guide
Saving a device's configuration to flash memory and sends it to a HTTP remote server: # write-and-backup to http://www.example.com/configuration.txt
Saving a device's configuration to flash memory and sends it to the plugged-in USB stick: # write-and-backup to usb:///configuration.txt
- 213 -
Part III
System-Level Commands
CHAPTER 9 Introduction
MSBR | CLI Reference Guide
9 Introduction
This part describes the commands located on the System configuration level. The commands of this level are accessed by entering the following command at the root prompt:
Syntax
# configure system (config-system)#
This level includes the following commands:
Command
Description
additional-mgmt-if
See additional-mgmt-if on page 217
automatic-update
See automatic-update on page 218
cli-settings
See cli-settings on page 227
clock
See clock on page 230
configuration-version
See configuration-version on page 231
cwmp
See cwmp on page 232
feature-key
See feature-key on page 236
floating-license
See floating-license on page 237
http-services
See http-services on page 239
ldap
See ldap on page 244
mgmt-access-list
See mgmt-access-list on page 250
mgmt-auth
See mgmt-auth on page 251
ntp
See ntp on page 253
packetsmart
See packetsmart on page 254
performance-profile
See performance-profile on page 255
radius
See radius on page 257
sbc-performance-settings See sbc-performance-settings on page 260
- 215 -
CHAPTER 9 Introduction
MSBR | CLI Reference Guide
Command snmp user user-defined-failure-pm web welcome-msg
Description See snmp on page 261 See user on page 267 See user-defined-failure-pm on page 270 See web on page 271 See welcome-msg on page 273
Command Mode Privileged User
- 216 -
CHAPTER 10 additional-mgmt-if
MSBR | CLI Reference Guide
10 additional-mgmt-if
This command configures the Additional Management Interfaces table, which lets you define additional management interfaces.
Syntax (config-system)# additional-mgmt-if <Index> (additional-mgmt-if-<Index>)#
Command Index https-only-val {http-andhttps|https-only|use-globaldefinition} interface-name
tls-context-name
Description
Defines the table row index.
Defines the protocol required for accessing the management interface.
Assigns an IP network interface (from the IP Interfaces table) to the management interface.
Assigns a TLS Context (from the TLS Contexts table) to the management interface.
Command Mode Privileged User
Example This example configures an additional management interface on IP network interface "ITSP", using TLS certification and HTTPS:
(config-system)# additional-mgmt-if 0 (additional-mgmt-if-0)# interface-name ITSP (additional-mgmt-if-0)# tls-context-name ITSP (additional-mgmt-if-0)# https-only-val https-only (additional-mgmt-if-0)# activate
- 217 -
CHAPTER 11 automatic-update
MSBR | CLI Reference Guide
11 automatic-update
This command configures the Automatic Update feature.
Syntax (config-system)# automatic-update (auto-update)#
Command
Description
File
Automatically uploads specified files to the device from a
remote server. For more information, see Files on the
next page.
aupd-gracefulshutdown <Seconds>
Enables the graceful lock period for Automatic Update and defines the period.
crc-check {off|regular|voiceconf-ordered}
Enables the device to run a Cyclic Redundancy Check (CRC) on the downloaded configuration file to determine whether the file content (regardless of file timestamp) has changed compared to the previously downloaded file. Depending on the CRC result, the device installs or discards the downloaded file.
regular: CRC considers order of lines in the file (i.e., same text must be on the same lines).
voice-conf-ordered: CRC ignores the order of lines in the file (i.e., same text can be on different lines).
credentials
Defines the username and password for digest (MD5 cryptographic hashing) and basic access authentication with the HTTP server on which the files to download are located for the Automatic Update feature.
http-user-agent
Defines the information sent in the HTTP User-Agent header. For more information, see http-user-agent on page 222.
predefined-time
Defines the time of day in the format hh:mm (i.e., hour:minutes).
run
Triggers the Automatic Update feature.
Note: The command does not replace the activate command
- 218 -
CHAPTER 11 automatic-update
MSBR | CLI Reference Guide
Command
Description
run-on-reboot {off|on}
Enables the Automatic Update feature to run when the device resets (or powers up).
template-files-list
Defines the type of files in the file template to download from a provisioning server for the Automatic Update process. For more information, see template-files-list on page 223.
template-url
Defines the URL address of the provisioning server on which the file types, specified in the file template using the template-files-list command are located for download for the Automatic Update process. For more information, see template-url on page 224.
tftp-block-size
Defines the TFTP block size according to RFC 2348.
update-firmware {off|on}
Enables automatic update of the device's software file (.cmp).
update-frequency
Defines the interval (in minutes) between subsequent Automatic Update processes.
verify-certificate {off|on}
Enables verification of the server certificate over HTTPS. The device authenticates the certificate against the trusted root certificate store of the associated TLS Context. Only if authentication succeeds does the device allow communication.
verify-certsubject-name {off|on}
Enables verification of the SSL Subject Name (Common Name) in the server's certificate when using HTTPS. If the server's URL contains a hostname, the device validates the server's certificate subject name (CN/SAN) against this hostname (and not IP address); otherwise, the device validates the server's certificate subject name against the server's IP address
Command Mode Privileged User
Files
This command automatically uploads specified files to the device from a remote server.
- 219 -
CHAPTER 11 automatic-update
MSBR | CLI Reference Guide
Syntax
(config-system)# automatic-update (auto-update)#
Command auto-firmware call-progress-tones cas-table cli-script dial-plan dial-plan-csv feature-key firmware
mt-firmware
prerecorded-tones startup-script
Description
Defines the URL path to a remote server from where the software file (.cmp) can be loaded. This is based on timestamp.
Defines the URL path to a remote server from where the Call Progress Tone (CPT) file can be loaded.
Defines the URL path to a remote server from where the Channel Associated Signaling (CAS) file can be loaded.
Defines the URL path to a remote server from where the CLI Script file can be loaded.
Defines the URL path to a remote server from where the Dial Plan file can be loaded.
Defines the URL path to a remote server from where the Dial Plan file (.csv) can be loaded.
Defines the URL path to a remote server from where the License Key file can be loaded.
Defines the URL path to a remote server from where the software file (.cmp) file can be loaded. Note: This is a one-time file update; once loaded, the device does not load it again.
Defines the URL path to a remote server from where the software file (.cmp) for the MT device, participating in the Media Transcoding Cluster, can be loaded.
Defines the URL path to a remote server from where the Prerecorded Tone file can be loaded.
Defines the URL path to a remote server from where the Startup Script file can be loaded.
- 220 -
CHAPTER 11 automatic-update
MSBR | CLI Reference Guide
Command tls-cert tls-private-key tls-root-cert user-info vmc-firmware
vmt-firmware
voice-configuration voice-prompts web-favicon
web-logo
Description
Defines the URL path to a remote server from where the TLS certificate file can be loaded.
Defines the URL path to a remote server from where the TLS private key file can be loaded.
Defines the URL path to a remote server from where the TLS root CA file can be loaded.
Defines the URL path to a remote server from where the User Info file can be loaded.
Defines the URL path to a remote server from where the software file (.cmp) for the Media Component (MT), participating in the Media Cluster, can be loaded.
Defines the URL path to a remote server from where the software file (.cmp) for the vMT device, participating in the Media Transcoding Cluster, can be loaded.
Defines the URL path to a remote server from where the voice configuration file can be loaded.
Defines the URL path to a remote server from where the Voice Prompts file can be loaded.
Defines the URL path to a remote server from where the favicon image file for the favorite bookmark on your Web browser's toolbar associated with the device's URL, can be loaded.
Defines the URL path to a remote server from where the logo image file for the Web interface can be loaded.
Command Mode Privileged User
Note The URL can be IPv4 or IPv6. If IPv6, enclose the address in square brackets: URL with host name (FQDN) for DNS resolution into an IPv6 address:
- 221 -
CHAPTER 11 automatic-update
MSBR | CLI Reference Guide
http://[FQDN]:<port>/<filename> URL with IPv6 address:
http://[IPv6 address]:<port>/<filename>
Example Automatic update of a CLI script file:
# configure system (config-system)# automatic-update (auto-update)# cli-script "http://192.168.0.199/cliconf.txt" Note: Changes to this parameter will take effect when applying the 'activate' or 'exit' command (automatic-update)# activate
http-user-agent
This command configures the information sent in the HTTP User-Agent header in HTTP Get requests.
Syntax
(config-system)# automatic-update (auto-update)# http-user-agent <String>
Command Mode Privileged User
Note Refer to the User's Manual for detailed information on configuring the string using placeholders (e.g., "<NAME>", "<MAC>", "<VER>", and "<CONF>").
Example Configuring HTTP User-Agent header using placeholders:
(config-system)# automatic-update (auto-update)# http-user-agent ITSPWorld-<NAME>;<VER>(<MAC>)
- 222 -
CHAPTER 11 automatic-update
MSBR | CLI Reference Guide
Above configuration may generate the following in the header: User-Agent: ITSPWorld-Mediant;7.20.200.001(00908F1DD0D3)
template-files-list
This command configures which type of files in the file template to download from a provisioning server for the Automatic Update process. For more information on file templates, refer to the User's Manual.
Syntax
(config-system)# automatic-update (auto-update)# template-files-list <File Types>
Command <File Types>
Description
Defines the file types: ini: ini file init: ini template file cli: CLI Script file clis: CLI Startup Script file acmp: CMP file based on timestamp vp: Voice Prompts (VP) file (applies only to Mediant 1000B) usrinf: User Info file cmp: CMP file fk: Feature Key file cpt: Call Progress Tone (CPT) file prt: Prerecorded Tones (PRT) file cas: CAS file (applies only to Digital PSTN supporting devices) dpln: Dial Plan file amd: Answering Machine Detection (AMD) file sslp: SSL/TLS Private Key file sslr: SSL/TLS Root Certificate file sslc: SSL/TLS Certificate file
- 223 -
CHAPTER 11 automatic-update
MSBR | CLI Reference Guide
Command Mode Privileged User
Note The file types must be separated by commas, but without spaces.
Related Commands template-url
Example Specifying the ini, License Key, and CPT file types to download:
(config-system)# automatic-update (auto-update)# template-files-list ini,fk,cpt
template-url
This command configures the URL address of the provisioning server on which the file types, specified in the file template using the template-files-list command are located for download during the Automatic Update process. For more information on file templates, refer to the User's Manual.
Syntax
(config-system)# automatic-update (auto-update)# template-url <URL>/<File Name <FILE>>
Command
Description
<URL>
Defines the URL address of the provisioning server (HTTP/S, FTP, or TFTP).
File Name <FILE>
Defines the file name using the <FILE> placeholder. The placeholder is replaced by the following hard-coded strings, depending on file type as configured by the template-files-list command:
File Type (template-files-list)
Hard-coded String
ini
device.ini
init
deviceTemplate.ini
- 224 -
CHAPTER 11 automatic-update
MSBR | CLI Reference Guide
Command cli clis acmp vp usrinf cmp fk cpt prt cas dpln amd sslp sslr sslc
Description cliScript.txt cliStartupScript.txt autoFirmware.cmp vp.dat (applies only to Mediant 1000B) userInfo.txt firmware.cmp fk.ini cpt.dat prt.dat cas.dat (applies only to Digital PSTN devices) dialPlan.dat amd.dat pkey.pem root.pem cert.pem
Command Mode Privileged User
Related Commands template-files-list
Example Specifying the URL of an HTTP server at 10.8.8.20 from which the files specified in the file template can be downloaded:
#(config-system)# automatic-update (auto-update)# template-url http://10.8.8.20/Site1_<FILE>
- 225 -
CHAPTER 11 automatic-update
If the template file list is configured as follows: (auto-update)# template-files-list ini,fk,cpt
the device sends HTTP requests to the following URLs: http://10.8.8.20/Site1_device.ini http://10.8.8.20/Site1_fk.ini http://10.8.8.20/Site1_cpt.data
MSBR | CLI Reference Guide
- 226 -
CHAPTER 12 cli-settings
MSBR | CLI Reference Guide
12 cli-settings
This command configures various CLI settings.
Syntax (config-system)# cli-settings (cli-settings)#
Command default-windowheight
idle-timeout {off|on} password-obscurity {off|on}
Description
Defines the number (height) of output lines displayed in the CLI terminal window. This applies to all new CLI sessions and is preserved after device resets. The valid value range is -1 (default) and 0-65535:
A value of -1 means that the parameter is disabled and the settings of the CLI command windowheight is used.
A value of 0 means that all the CLI output is displayed in the window. If the window is too small to display all the lines, the window displays all the lines by automatically scrolling down the lines until the last line (i.e., the "--MORE--" prompt is not displayed).
A value of 1 or greater displays that many output lines in the window and if there is more output, the "--MORE--" prompt is displayed. For example, if you configure the parameter to 4, up to four output lines are displayed in the window and if there is more output, the "--MORE--" prompt is displayed (at which you can press the spacebar to display the next four output lines).
Note: You can override this parameter for a specific CLI session and configure a different number of output lines, by using the window-height CLI command in the currently active CLI session.
Defines the maximum duration (in minutes) that a CLI session may remain idle, before being disconnected.
Displays passwords in encrypted (obscured) format in the output of the show running-config command. The word "obscured" is also shown to
- 227 -
CHAPTER 12 cli-settings
MSBR | CLI Reference Guide
Command
Description
indicate that it's an encrypted password. Below shows an example of an obscured password configured for a Remote Web Service (http-remote-services):
rest-password 8ZybmJHExMTM obscured
privilege-password
Defines the password for the privilege (Enable) mode.
ssh {off|on}
Enables secure access using SSH.
ssh-acl
Assigns an Access List entry (client) permitted to access the SSH interface. The Access List is configured by the access-list command.
ssh-admin-key
Defines the RSA public key (hexadecimal) for SSH client login.
ssh-last-loginmessage {off|on}
Enables the display of the last address from which the user logged into the SSH server.
ssh-max-binarypacket-size
Defines the maximum SSH binary packet size.
ssh-max-loginattempts
Defines the maximum number of SSH login attempts.
ssh-max-payload-size Defines the maximum size of the SSH payload (in bytes).
ssh-max-sessions
Defines the maximum number of SSH sessions.
ssh-port
Defines the local port for SSH.
ssh-require-publickey {off|on}
Enables SSH authentication via RSA public key.
ssh-red-device-port
Defines the proxy SSH port number on the active device for accessing the redundant device's embedded SSH server from the active device for downloading files from the redundant device.
Note: The command is applicable only to device's in HA mode.
telnet-mode {disable|enable|sslonly}
Enables Telnet access to the device.
- 228 -
CHAPTER 12 cli-settings
MSBR | CLI Reference Guide
Command
Description
telnet-acl
Assigns an Access List entry (client) permitted to access the Telnet interface. The Access List is configured by the access-list command.
telnet-port
Defines the local port number for Telnet.
telnet-max-sessions Defines the maximum number of Telnet sessions.
verify-telnet-cert {disable|require}
Enables or disables verification of peer (client) certificate by Telnet server.
window-height {0|165535|automatic}
Defines the height of the CLI terminal window for the current CLI session only:
0: All the CLI output lines are displayed. If the window is too small to display all the lines, the window displays all the lines by automatically scrolling down the lines until the last line (i.e., the "-- MORE--" prompt is not displayed).
1-65535: Defines the number of lines to display in the window.
automatic: Whenever you manually change the height of the window (i.e., by dragging with the mouse), the new size is automatically saved.
Note: The window height can be configured for all sessions using the CLI command, default-windowheight.
Command Mode Privileged User
Example The example configures the CLI terminal window height to 15 lines:
(config-system)# cli-settings (cli-settings)# window-height 15
- 229 -
CHAPTER 13 clock
MSBR | CLI Reference Guide
13 clock
This command configures the date and time of the device.
Syntax (config-system)# clock (clock)#
Command date
date-headertime-sync
date-headertime-syncinterval summer-time time
utc-offset
Description
Defines the date in the format dd/mm/yyyy (i.e., day/month/year).
Enables the device to obtain its date and time for its internal clock from the SIP Date header in 200 OK messages received in response to sent REGISTER messages.
Defines the minimum time (in seconds) between synchronization updates using the SIP Date header method for clock synchronization.
Configures daylight saving time.
Defines the current time in the format hh:mm:ss (i.e., hour:minutes:seconds).
Defines the time zone (offset from UTC) in seconds.
Command Mode Privileged User
Example This example configures the date of the device.
(config-system)# clock (clock)# date 23/11/2016
- 230 -
CHAPTER 14 configuration-version
MSBR | CLI Reference Guide
14 configuration-version
This command configures the ini file version number when saving the device's configuration to an ini file. The version number appears in the file as: "INIFileVersion = <number>"
Syntax (config-system)# configuration-version <Number>
Command Mode Privileged User
Example This example configures the ini file version to 72101:
(config-system)# configuration-version 72101
- 231 -
CHAPTER 14 cwmp
MSBR | CLI Reference Guide
14 cwmp
This command configures TR-069.
Syntax (config-system)# cwmp (cwmp-tr069)#
Command
Description
acs-password
Defines the login password that the <device> uses for authenticated access to the ACS.
acs-url
Defines the URL address of the ACS to which the <device> connects. For example, http://10.4.2.1:10301/acs/.
acs-url-provisioning-mode {automatic|manual}
Defines the method for configuring the URL of the TR-069 ACS.
acs-user-name
Defines the login username that the <device> uses for authenticated access to the ACS.
conf-change-notification {off|on}
Enables the device to notify the TR-069 ACS of device configuration changes.
connection-request-password
Defines the connection request password used by the ACS to connect to the <device>.
connection-request-user-name
Defines the connection request username used by the ACS to connect to the <device>.
cwmp-acl <ACL Name>
Applies an ACL rule to TR-069 management.
data-model
Defines the TR-069 Data Model:
{device|internetgatewaydevice} device: Device (TR-181)
internetgatewaydevice: TR-098
default-inform-interval
Defines the inform interval (in seconds) at
- 232 -
CHAPTER 14 cwmp
MSBR | CLI Reference Guide
Command
Description
which the <device> periodically communicates with the ACS.
delete-device-log
Deletes the device's CWMP log records.
disable-provisioning-codelimitation
Disables reject ACS set request when configuration mode is Manual.
display-device-log
Displays the device log records received by the ACS.
ipv6 enable
Enables the use of an IPv6 or IPv4 address for the ACS. To allow only an IPv4 address: no ipv6 enable
For a full description, refer to the User's Manual.
period-inform-enable {off|on}
Enables the device to send periodic inform messages to the ACS.
port
Defines the local HTTP/S port used for TR069.
send-connection-request
The device sends a connection request event toward the ACS.
service {off|on}
Enables <device> management through TR-069.
socket-receive-timeout
TR-069 socket receive timeout.
source data {sourceaddress|vrf}
Defines the source interface through which the device connects (binds) to the TR-069 ACS. This can be the main VRF (default), a non-default VRF , or the Loopback interface:
Loopback interface:
(cwmp-tr069)# source data source-address interface loopback <Index>
Main VRF:
- 233 -
CHAPTER 14 cwmp
MSBR | CLI Reference Guide
Command
Description
(cwmp-tr069)# source data
Non-default VRF:
tcp-fragment {off|on} tls-context <TLS Context ID> tr069-cwmp-wait-interval
verify-certificate {off|on}
(cwmp-tr069)# source data vrf <VRF name>
Note:
Configuring the source data doesn't require a device reset.
After you configure the source data, the device's TR-069 service disconnects from the ACS and closes all sockets (server and client). It then tries to connect to the ACS through the new source interface.
If you have configured a VRF or Loopback interface that doesn't exist, the 'ACS Connection Status' read-only field in the Web interface displays "Waiting for external IP address".
Connection URL and external IP address (with path) are changed according to source data.
Enables the device to send outgoing TR069 packets with the DF (Don't Fragment) flag in the IP header.
Assigns a TLS Context for TR-069 management.
Defines the minimum interval (in seconds) that the <device> waits before attempting again to communicate with the ACS after the previous communication attempt failed.
Enables verification of the certificate during the TR-069 connection.
- 234 -
CHAPTER 14 cwmp
MSBR | CLI Reference Guide
Command verify-common-name {off|on}
Description
Enables verification of the common name during the TR-069 connection.
Command Mode Privileged User
Example This example enables TR-069.
(config-system)# cwmp (cwmp-tr069)# service on
- 235 -
CHAPTER 15 feature-key
MSBR | CLI Reference Guide
15 feature-key
This command updates the License Key.
Syntax (config-system)# feature-key <"License Key">
Command Mode Privileged User
Note You must enclose the License Key string in quotes ("...").
Example This example updates the License Key:
(config-system)# feature-key "r6wmr5to25smaB12d21aiSl94yMCf3lsfjBjagcch1kq9AZ9MJqqCOw44ywFcMlIbi BaeNcsjh878ld1f2wKbY3IXJj1SOlcbiBfc6FBj1fROlJ9XvAw8k1IXdoFcOpeQJp2e 0sti1s0blNecypomhgU5yTlPREPQtl2e1wpiNgx7lRfeyXV?2s9@coFcOhdayWjWh QuJeIgb5VbfyENc2w46O6OG3lf7NJnbkF5mxkka5xccyoVedYq1gMc"
- 236 -
CHAPTER 16 floating-license
MSBR | CLI Reference Guide
16 floating-license
This command enables the Floating License License model and configures an Allocation Profile for the model.
Syntax (config-system)# floating-license (floating-license)#
Command allocation-media-sessions
allocation-profile {custom|registered-users|siptrunking} allocation-registered-users
allocation-signaling-sessions
floating-license {off|on} limit-media-sessions
limit-registered-users
limit-signaling-sessions
limit-transcoding-sessions
Description Defines media session capacity for the customized Allocation Profile. Defines the Allocation Profile type.
Defines registered user capacity for the customized Allocation Profile. Defines SIP signaling capacity for the customized Allocation Profile. Enables the Floating License License. Defines a media session limit for the customized Allocation Profile. Defines a registered user limit for the customized Allocation Profile. Defines a signaling capacity limit for the customized Allocation Profile. Defines a transcoding session limit for the customized Allocation Profile.
Command Mode Privileged User
Example
- 237 -
CHAPTER 16 floating-license
MSBR | CLI Reference Guide
This example enables the Floating License License and configures it for the factory default Allocation Profile that is suited for SIP Trunking applications:
(config-system)# floating-license (floating-license)# floating-license on (floating-license)# allocation-profile sip-trunking
- 238 -
CHAPTER 17 http-services
MSBR | CLI Reference Guide
17 http-services
This command configures Web (HTTP) services.
Syntax (config-system)# http-services (http-client-services)#
Command
Description
http-remoteservices
Defines the HTTP Remote Services table for REST. For more information, see http-remote-services on the next page.
remote-monitoring {off|on}
Enables the device to send monitoring reports to a remote monitoring server when the device is located behind NAT.
remote-monitoralarms
Enables the device to send a remote monitoring report of currently active alarms to the monitoring server.
remote-monitor-kpi
Enables the device to send a remote monitoring report of performance monitoring statistics to the monitoring server.
remote-monitorregistration
Enables the device to send a remote monitoring report of users registered with the device to the monitoring server.
remote-monitorreporting-period
Defines the time interval (in seconds) between each remote monitoring report that is sent to the monitoring server.
remote-monitorstatus
Enables the device to send a remote monitoring report of its status to the monitoring server.
rest-debug-mode {03}
Defines the level of debug messages of HTTP services, which are sent to Syslog. 0 blocks all messages; 3 is the most detailed level.
routing-qos-status {disable|enable}
Enables QoS-based routing by the routing server.
routing-qos-status- Defines the rate (in sec) at which the device sends QoS
rate
reports to the routing server.
- 239 -
CHAPTER 17 http-services
MSBR | CLI Reference Guide
Command
Description
routing-servergroup-status {disable|enable}
Enables the reporting of the device's topology status (using the REST TopologyStatus API command) to HTTP remote hosts.
routing-server-
Enables the synchronization of the device's registration
registration-status database with remote HTTP hosts.
Command Mode Privileged User
http-remote-services
This command configures the Remote Web Services table, which lets you define Web-based (HTTP/S) services provided by third-party, remote HTTP/S hosts.
Syntax
(config-system)# http-services (http-client-services)# http-remote-services <Index> (http-remote-services-<Index>)#
Command
Description
Index
Defines the table row index.
http-login-needed {disable|enable}
Enables the use of AudioCodes proprietary REST API Login and Logout commands for connecting to the remote host.
http-persistent-connection {disable|enable}
Configures whether the HTTP connection with the host remains open or is only opened per request.
http-policy {round-robin|stickynext|sticky-primary}
Defines the mode of operation when you have configured multiple remote hosts (in the HTTP Remote Hosts table) for a specific remote Web service.
http-policy-between-groups {sticky-primary|sticky-next}
Defines the mode of operation between groups of hosts, which are
- 240 -
CHAPTER 17 http-services
MSBR | CLI Reference Guide
Command
Description
configured in the HTTP Remote Hosts table for the specific remote Web service.
http-remote-hosts
Defines the HTTP Remote Hosts table, which lets you define remote HTTP hosts per Remote Web Service. The table is a "child" of the Remote Web Services table. For more information, see http-remote-hosts on the next page.
rest-ka-timeout
Defines the duration (in seconds) in which HTTP-REST keep-alive messages are sent by the device if no other messages are sent.
rest-message-type {callstatus|general|qos|registrationstatus|remotemonitoring|routing|topologystatus}
Defines the type of service provided by the HTTP remote host.
rest-name
Defines the name to easily identify the row.
rest-password
Defines the password for HTTP authentication.
rest-path
Defines the path (prefix) to the REST APIs.
rest-timeout
Defines the TCP response timeout (in seconds) from the remote host.
rest-tls-context
Assigns a TLS context (if HTTPS).
rest-user-name
Defines the username for HTTP authentication.
rest-verify-certificates {disable|enable}
Enables certificate verification when connection with the host is based on HTTPS.
verify-cert-subject-name
Enables the verification of the TLS
- 241 -
CHAPTER 17 http-services
MSBR | CLI Reference Guide
Command {disable|enable}
Description
certificate subject name (Common Name / CN or Subject Alternative Name / SAN) when connection with the host is based on HTTPSthat is used in the incoming connection request from the OVOC server.
Command Mode Privileged User
Example This example configures an HTTP service for routing:
(config-system)# http-services (http-client-services)# http-remote-services 0 (http-client-services-0)# rest-message-type routing (http-client-services-0)# rest-name ARM
http-remote-hosts
This command configures the HTTP Remote Hosts table, which lets you define remote HTTP hosts per Remote Web Service. The table is a "child" of the Remote Web Services table.
Syntax
(config-system)# http-services (http-client-services)# http-remote-services <Index> (http-client-services-<Index>)# http-remote-hosts <Index> (http-remote-hosts-<Index>/<Index>)#
Command
Index
group-id <0-4>
hostpriorityin-group
Description Defines the table row index. Defines the host's group ID.
Defines the priority level of the host within the assigned group.
- 242 -
CHAPTER 17 http-services
MSBR | CLI Reference Guide
Command
Description
<0-9>
restaddress
Defines the IP address or FQDN of the remote HTTP host.
restinterface
Defines the IP network interface to use.
rest-port Defines the port of the remote HTTP host.
rest-name Configures an arbitrary name to identify the host.
resttransporttype {resthttp|resthttps}
Defines the HTTP protocol.
Command Mode Privileged User
Example This example configures an HTTP remote host "ARM" at 10.15.7.8:
(config-system)# http-services (http-client-services)# http-remote-services 0 (http-client-services-0)# http-remote-hosts 1 (http-remote-hosts-0/1)# rest-address 10.15.7.8 (http-remote-hosts-0/1)# rest-interface 0 (http-remote-hosts-0/1)# rest-servers ARM (http-remote-hosts-0/1)# rest-transport-type rest-http
- 243 -
CHAPTER 18 ldap
MSBR | CLI Reference Guide
18 ldap
This command configures LDAP and includes the following subcommands:
Syntax (config-system)# ldap
Command ldap-configuration ldap-server-groups settings
Description See ldap ldap-configuration below See ldap ldap-server-groups on page 247 See ldap settings on page 248
Command Mode Privileged User
ldap ldap-configuration
This command configures the LDAP Servers table, which lets you define LDAP servers.
Syntax (config-system)# ldap ldap-configuration <Index> (ldap-configuration-<Index>)#
Command
Description
Index
Defines the table row index.
bind-dn
Defines the LDAP server's bind Distinguished Name (DN) or username.
domain-name Defines the domain name (FQDN) of the LDAP server.
interface
Defines the interface on which to send LDAP queries.
ldapserverssearch-dns
Defines the LDAP Search DN table, which lets you define LDAP base paths per LDAP Servers table. For more information, see ldap ldapservers-search-dns on page 246.
max-
Defines the duration (in msec) that the device waits for LDAP server
- 244 -
CHAPTER 18 ldap
MSBR | CLI Reference Guide
Command
Description
respondtime
responses.
mgmt-attr
Defines the LDAP attribute name to query, which contains a list of groups to which the user is a member of.
mgmt-ldapgroups
Defines the Management LDAP Groups table, which lets you define an access level per management groups per LDAP Servers table. For more information, ldap mgmt-ldap-groups on the next page.
password
Defines the user password for accessing the LDAP server during connection and binding operations.
servergroup
Assigns the LDAP server to an LDAP Server Group, configured in the LDAP Server Groups table.
server-ip
Defines the LDAP server's IP address.
server-port Defines the LDAP server's port.
tls-context Assigns a TLS Context if the connection with the LDAP server is TLS.
use-tls {no|yes}
Enables the device to encrypt the username and password (for Control and Management related queries) using TLS when sending them to the LDAP server.
verifycertificate {no|yes}
Enables certificate verification when the connection with the LDAP server uses TLS.
Command Mode Privileged User
Example This example configures an LDAP server with IP address 10.15.7.8 and password "itsp1234":
(config-system)# ldap ldap-configuration 0 (ldap-configuration-0)# server-ip 10.15.7.8 (ldap-configuration-0)# password itsp1234
- 245 -
CHAPTER 18 ldap
MSBR | CLI Reference Guide
ldap ldap-servers-search-dns
This command configures the LDAP Search DN table, which lets you define LDAP base paths, per LDAP Servers table.
Syntax
(config-system)# ldap ldap-configuration <Index> (ldap-configuration-<Index>)# ldap-servers-search-dns <Index> (ldap-servers-search-dns-<Index>/<Index>)#
Command Index base-path
Description Defines the table row index. Defines the base path Distinguished Name (DN).
Command Mode Privileged User
Example This example configures the LDAP base path "OU=NY,DC=OCSR2,DC=local":
(config-system)# ldap ldap-configuration 0 (ldap-configuration-0)# ldap-servers-search-dns 1 (ldap-servers-search-dns-0/1)# base-path OU=NY,DC=OCSR2,DC=local
ldap mgmt-ldap-groups
This command configures the Management LDAP Groups table, which lets you define an access level per management groups per LDAP Servers table.
Syntax
(config-system)# ldap ldap-configuration <Index> (ldap-configuration-<Index>)# mgmt-ldap-groups <Index> (mgmt-ldap-groups-<Index>/<Index>)#
- 246 -
CHAPTER 18 ldap
MSBR | CLI Reference Guide
Command Index groups level
Description Defines the table row index. Defines the Attribute names of the groups in the LDAP server. Defines the access level of the group(s).
Command Mode Privileged User
Example This example configures the LDAP server with monitor access level:
(config-system)# ldap ldap-configuration 0 (ldap-configuration-0)# mgmt-ldap-groups 1 (mgmt-ldap-groups-0/1)# level monitor
ldap ldap-server-groups
This command configures the LDAP Server Groups table, which lets you define LDAP Server Groups. An LDAP Server Group is a logical configuration entity that contains up to two LDAP servers.
Syntax
(config-system)# ldap ldap-server-groups <Index> (ldap-server-groups-<Index>)#
Command
Description
Index
Defines the table row index.
cache-entry-removaltimeout
Defines the cache entry removal timeout.
cache-entry-timeout
Defines the cache entry timeout.
search-dn-method
Defines the method for querying the DN objects
{parallel|sequentialy} within each LDAP server.
server-search-method
Defines the method for querying between the two
- 247 -
CHAPTER 18 ldap
MSBR | CLI Reference Guide
Command
Description
{parallel|sequentialy} LDAP servers in the group.
server-type {control|management}
Configures whether the servers in the group are used for SIP-related LDAP queries (Control) or management login authentication-related LDAP queries (Management).
Command Mode Privileged User
Example This example configures the LDAP Server Group for management-login authentication LDAP queries and where the search between the servers is done one after the other:
(config-system)# ldap ldap-server-groups 0 (ldap-server-groups-0)# server-type management (ldap-server-groups-0)# server-search-method sequentialy
ldap settings
This command configures various LDAP settings.
Syntax (config-system)# ldap settings (ldap)#
Command auth-filter
cache {clearall|refresh-entry} enable-mgmt-login {off|on} entry-removal-timeout
Description Defines the filter (string) to search the user during the authentication process. Configures LDAP cache actions.
Enables the device to use LDAP for authenticating management interface access. Defines the duration (in hours) after which an entry is removed from the LDAP cache.
- 248 -
CHAPTER 18 ldap
MSBR | CLI Reference Guide
Command
Description
entry-timeout
Defines the duration (minutes) an entry in the LDAP cache is valid.
ldap-cache-enable {off|on}
Enables the LDAP cache.
ldap-search-servermethod {parallel|sequentialy}
Defines the search method in the LDAP servers if more than one LDAP server is configured.
ldap-service {off|on} Enables the LDAP service.
search-dns-in-parallel {parallel|sequentialy}
Configures whether DNs should be checked in parallel or sequentially when there is more than one search DN.
Command Mode Privileged User
Example This example enables the LDAP cache and sets the valid duration of a cached entry to 1200 minutes.
(config-system)# ldap settings (ldap)# ldap-cache-enable on (ldap)# entry-timeout 1200
- 249 -
CHAPTER 19 mgmt-access-list
MSBR | CLI Reference Guide
19 mgmt-access-list
This command configures the Access List table, which lets you restrict access to the device's management interfaces (Web and CLI) by specifying IP addresses of management clients that are permitted to access the device.
Syntax (config-system)# mgmt-access-list <Index> (mgmt-access-list <Index>)# ip-address <IP address>
Command Mode Privileged User
Example This example allows the host at IP address 10.11.12.120 to connect to the management interface:
(config-system)# mgmt-access-list 0 (mgmt-access-list 0)# ip-address 10.11.12.120
- 250 -
CHAPTER 20 mgmt-auth
MSBR | CLI Reference Guide
20 mgmt-auth
This command configures various management settings.
Syntax (config-system)# mgmt-auth (mgmt-auth)#
Command
Description
default-access-level
Defines the device's default access level when the LDAP/RADIUS response doesn't include an access level attribute for determining the user's management access level.
local-cache-mode {absolute-expirytimer|reset-expiry-uponaccess}
Defines the password's local cache timeout to reset after successful authorization.
local-cache-timeout
Defines the locally stored login password's expiry time, in seconds. When expired, the request to the Authentication server is repeated.
obscure-password-mode {off|on}
Enables the device to enforce obscured (i.e., encrypted) passwords whenever you create a new management user or modify the password of an existing user (Local Users table) through CLI (configure system > user). For more information, see the command configure system > user > password.
timeout-behavior
Defines the device to search in the Local Users
{VerifyAccessLocally|deny- table if the Authentication server is inaccessible.
access}
use-local-users-db {always|when-no-authserver}
Configures when to use the Local Users table in addition to the Authentication server.
Command Mode
- 251 -
CHAPTER 20 mgmt-auth
Privileged User
Example This example configures the device's default access level as 200:
(config-system)# mgmt-auth (mgmt-auth)# default-access-level 200
MSBR | CLI Reference Guide
- 252 -
CHAPTER 21 ntp
MSBR | CLI Reference Guide
21 ntp
This command configures Network Time Protocol (NTP) for updating the device's date and time.
Syntax (config-system)# ntp (ntp)#
Command
Description
auth-key-id
Defines the NTP authentication key identifier (string) for authenticating NTP messages.
auth-key-md5
Defines the authentication key (string) shared between the device (client) and the NTP server, for authenticating NTP messages.
ntp-as-oam {off|on}
Defines the location of the Network Time Protocol (NTP).
primary-server Defines the NTP server FQDN or IP address.
secondaryserver
Defines the NTP secondary server FQDN or IP address.
update-interval Defines the NTP update time interval (in seconds).
Command Mode Privileged User
Example This example configures an NTP server with IP address 10.15.7.8 and updated every hour (3,600 seconds):
(config-system)# ntp (ntp)# primary-server 10.15.7.8 (ntp)# update-interval 3600
- 253 -
CHAPTER 22 packetsmart
MSBR | CLI Reference Guide
22 packetsmart
This command configures the device to send voice traffic data to BroadSoft's BroadCloud PacketSmart solution for monitoring and assessing the network in which the device is deployed.
Syntax (config-system)# packetsmart
Command
enable
monitor voip interface-if
network voip interface-if
server address [port]
Description Enables the PacketSmart feature. Defines the IP network interface ID for voice traffic.
Defines the IP network interface ID for communication with PacketSmart. Defines the PacketSmart server address and port.
Command Mode Privileged User
Note PacketSmart is applicable only to the Mediant 5xx and Mediant 8xx series.
Example This example configures PacketSmart server IP address 10.15.7.8:
(config-system)# packetsmart enable (config-system)# packetsmart monitor voip interface-if 0 (config-system)# packetsmart network voip interface-if 0 (config-system)# packetsmart server address 10.15.7.8
- 254 -
CHAPTER 23 performance-profile
MSBR | CLI Reference Guide
23 performance-profile
This command configures the Performance Profile table, which configures thresholds of performance-monitoring call metrics for Major and Minor severity alarms.
Syntax (config-system)# performance-profile <Index> (performance-profile-<Index>)#
Command Index entity {global|ip-group|srd} hysteresis
ip-group-name major-threshold minimum-samples
minor-threshold pmtype {acd|asr|ner} srd-name window-size
Description
Defines the table row index.
Defines the entity.
Defines the amount of fluctuation (hysteresis) from the configured threshold in order for the threshold to be considered as crossed.
Defines the IP Group (string).
Defines the Major threshold.
Calculates the performance monitoring (only if at least 'minimum samples' is configured in the command 'windowsize' (see below).
Defines the Minor threshold.
Defines the type of performance monitoring.
Defines the SRD (string).
Configures how often performance monitoring is calculated (in minutes).
Command Mode Privileged User
Example
- 255 -
CHAPTER 23 performance-profile
MSBR | CLI Reference Guide
This example configures a Performance Profile based on the ASR of a call, where the Major threshold is configured at 70%, the Minor threshold at 90% and the hysteresis for both thresholds at 2%:
(config-system)# performance-profile 0 (performance-profile-0)# entity ip-group (performance-profile-0)# ip-group-name ITSP (performance-profile-0)# pmtype asr (performance-profile-0)# major-threshold 70 (performance-profile-0)# minor-threshold 90 (performance-profile-0)# hysteresis 2
- 256 -
CHAPTER 24 radius
MSBR | CLI Reference Guide
24 radius
This command configures Remote Authentication Dial-In User Service (RADIUS) settings to enhance device security.
Syntax (config-system)# radius
Command radius servers radius settings
Description See radius servers below See radius settings on the next page
radius servers
This command configures the RADIUS Servers table, which configures RADIUS servers.
Syntax (config-system)# radius servers <Index> (servers-<Index>)#
Command Index acc-port auth-port ip-address shared-secret
Description Defines the table row index. Defines the RADIUS server's accounting port. Defines the RADIUS server's authentication port. Defines the RADIUS server's IP address. Defines the shared secret between the RADIUS client and the RADIUS server.
Command Mode Privileged User
Example This example configures a RADIUS server with IP address 10.15.7.8:
- 257 -
CHAPTER 24 radius
MSBR | CLI Reference Guide
(config-system)# radius servers 0 (servers-0)# ip-address 10.15.7.8
radius settings
This command configures various RADIUS settings.
Syntax (config-system)# radius settings (radius)#
Command
Description
double-decode-url {off|on}
Enables an additional decoding of authentication credentials that are sent to the RADIUS server via URL.
enable {off|on}
Enables or disables the RADIUS application.
enable-mgmt-login {off|on}
Uses RADIUS for authentication of management interface access.
local-cache-mode {0|1}
Defines the capability to reset the expiry time of the local RADIUS password cache.
local-cache-timeout
Defines the expiry time, in seconds of the locally stored RADIUS password cache.
nas-id-attribute
Defines the RADIUS NAS Identifier attribute.
source data {interface|sourceaddress} <Interface> <slot/port>.<VLAN ID>
Defines the source interface for RADIUS.
timeout-behavior
Configures device behavior when RADIUS times out.
vsa-access-level
Defines the 'Security Access Level' attribute code in the VSA section of the RADIUS packet that the device should relate to.
- 258 -
CHAPTER 24 radius
MSBR | CLI Reference Guide
Command vsa-vendor-id
Description
Defines the vendor ID that the device should accept when parsing a RADIUS response packet.
Command Mode Privileged User
Example This example demonstrates configuring VSA vendor ID:
(config-system)# radius settings (radius)# vsa-vendor-id 5003
- 259 -
CHAPTER 25 sbc-performance-settings
MSBR | CLI Reference Guide
25 sbc-performance-settings
This command defines a service for optimization of CPU core allocation.
Syntax (config-system)# sbc-performance-settings (sbc-performance-settings)# sbc-performance-profile {optimized-for-sip|optimizedfor-srtp|optimized-for-transcoding}
Command Mode Privileged User
Note For the command to take effect, a device reset with a burn to flash is required. The command is applicable only to Mediant 9000 and Mediant VE/SE.
Example This example specifies CPU core allocation optimization for SRTP:
(config-system)# sbc-performance-settings (sbc-performance-settings)# sbc-performance-profile optimized-for-srtp
- 260 -
CHAPTER 26 snmp
MSBR | CLI Reference Guide
26 snmp
This command configures Simple Network Management Protocol (SNMP).
Syntax (config-system)# snmp
Command alarm-customization settings trap trap-destination v3-users
Description See snmp alarm-customization below See snmp settings on the next page See snmp trap on page 264 See snmp trap-destination on page 264 See snmp v3-users on page 265
Command Mode Privileged User
snmp alarm-customization
This command configures the Alarms Customization table, which customizes the severity level of SNMP trap alarms.
Syntax (config-system)# snmp alarm-customization <Index> (alarm-customization-<Index>)#
Command
Description
Index
Defines the table row index.
alarm-customized-severity {critical|indeterminate|major|minor|suppre ssed|warning}
Defines the new (customized) severity of the alarm.
alarm-original-severity
Defines the original
- 261 -
CHAPTER 26 snmp
MSBR | CLI Reference Guide
Command
Description
{critical|default|indeterminate|major|mino severity of the alarm
r|warning}
according to the MIB.
name <0-199>
Defines the SNMP alarm that you want to customize. The alarm is configured using the last digits of the alarm's SNMP OID. For example, configure the parameter to "12" for the acActiveAlarmTableO verflow alarm (OID is 1.3.6.1.4.15003.9.10.1 .21.2.0.12).
Command Mode Privileged User
Example This example customizes the acActiveAlarmTableOverflow alarm severity from major to warning level:
(config-system)# snmp alarm-customization 0 (alarm-customization-0)# name 1 (alarm-customization-0)# alarm-original-severity major (alarm-customization-0)# alarm-customized-severity warning
snmp settings
This command configures various SNMP settings.
Syntax (config-system)# snmp settings (snmp)#
- 262 -
CHAPTER 26 snmp
MSBR | CLI Reference Guide
Command activate-keep-alive-trap [interval] delete-ro-communitystring delete-rw-communitystring disable {no|yes} engine-id
port
ro-community-string rw-community-string snmp-acl {community string} snmp-transport-type {IPv4|IPv6} sys-contact
sys-location sys-name
sys-oid
trusted-managers {0-4} <IP Address>
Description Enables a keep-alive trap for the agent behind NAT. Deletes the read-only community string.
Deletes the read-write community string.
Enables SNMP. Defines the SNMP Engine ID. 12 HEX Octets in the format: xx:xx:...:xx Defines the port number for SNMP requests and responses. Configures a read-only community string. Configures a read-write community string. Sets the configuration.
Defines the IP address version of the SNMP trap destinations. Defines the contact person for this managed node (string) . Defines the physical location of the node (string). Defines the sysName as descibed in MIB-2 (string). Defines the base product system OID - SNMP SysOid (string). Defines the IP address of Trusted SNMP Managers.
Command Mode Privileged User
Example
- 263 -
CHAPTER 26 snmp
MSBR | CLI Reference Guide
This example configures the SysOID:
(config-system)# snmp settings (snmp)# sys-oid 1.3.6.1.4.1.5003.10.10.2.21.1.3
snmp trap
This command configures SNMP traps.
Syntax (config-system)# snmp trap (snmp-trap)#
Command auto-send-keepalive {disable|enable} community-string manager-host-name
reset-communitystring
Description
Invokes a keep-alive trap and sends it every 9/10 of the time configured by the parameter NatBindingDefaultTimeout.
Defines the community string used in traps.
Defines the FQDN of the remote host that is used as an SNMP Trap Manager.
Returns to the default trap community string.
Command Mode Privileged User
Example This example configures the FQDN of the remote host used as the SNMP Trap Manager:
(config-system)# snmp trap (snmp-trap)# manager-host-name John
snmp trap-destination
This command configures the SNMP Trap Destinations table, which configures SNMP trap destinations (Managers).
- 264 -
CHAPTER 26 snmp
MSBR | CLI Reference Guide
Syntax
(config-system)# snmp trap-destination <Index> (trap-destination-<Index>)#
Index ip-address
Command
port
reset-trap-user send-trap {disable|enable}
trap-user
Description
Defines the table row index.
Defines the SNMP manager's IP address.
Defines the SNMP manager's port.
Returns to the default trap user.
Enables the sending of traps to the SNMP manager.
SNMPv3 USM user or SNMPv2 user to associate with this trap destination.
Command Mode Privileged User
Example This example demonstrates configuring a trap destination:
(config-system)# snmp trap-destination 0 (trap-destination 0)# ip-address 10.13.4.145 (trap-destination 0)# send-trap
snmp v3-users
This command configures the SNMPv3 Users table, which configures SNMPv3 users.
Syntax
- 265 -
CHAPTER 26 snmp
MSBR | CLI Reference Guide
(config-system)# snmp v3-users <Index> (v3-users-<Index>#
Command Index auth-key
auth-protocol {md5|none|sha-1} group {readonly|readwrite|trap} priv-key
priv-protocol {3des|aes128|des|none} username
Description Defines the table row index. Defines the authentication key. The hex string should be in xx:xx:xx... format (string). Defines the authentication protocol.
Defines the group that this user is associated with.
Defines the privacy key. The hex string should be in xx:xx:xx... format. Defines the privacy protocol (string).
Defines the name of the SNMP user. Must be unique in the scope of SNMPv3 users and community strings.
Command Mode Privileged User
Example This example configures an SNMPv3 user:
(config-system)# snmp v3-users 0 (v3-users-0)# username JaneD
- 266 -
CHAPTER 27 user
MSBR | CLI Reference Guide
27 user
This command configures the Local Users table, which configures management user accounts.
Syntax (config-system)# user <Username> (user-<Username>#
Command
Description
block-duration <Time>
Defines the duration (in seconds) for which the user is blocked when the user exceeds a user-defined number of failed login attempts.
cli-sessionlimit <Max. Sessions>
Defines the maximum number of concurrent CLI sessions logged in with the same username-password.
password <displayed password>|<Enter key for hidden password>
Defines the user's password.
To show the password as you type, type the password command and then the password.
To hide the password as you type, type the password command, press the Enter key, and then type the password.
Note:
For obscured (encrypted) passwords, do one of the following:
After typing the password command, paste (or type) the obscured password, and then type the obscured command, for example:
(config-system)# user John Configure new user John (user-John)# password db6bce85685c6634f6115456a083ea753f6d 17bc228ffa3ea306a4ec6f7f66e405b3904b 8476465cca64 962af33cafd1 obscured
To generate an encrypted password, configure the password through the Web interface, and then save the device's configuration to an ini file. As the ini file displays
- 267 -
CHAPTER 27 user
MSBR | CLI Reference Guide
Command
Description
passwords in obscured format by default, simply copyand-past the encrypted password from the ini file into the CLI.
After typing the password command, press Enter, and then type the password, which is hidden when you type. This method is typically used when you don't have an obscured password; the device converts your typed password (e.g., "1234") into an obscured password. For example:
(config-system)# user John Configure new user John (user-John)# password
Please enter hidden password (press CTRL+C to exit):
To enforce password configuration in obscured format, use the command obscure-password-mode on.
The device displays all configured passwords as encrypted (obscured) in its CLI outputs.
password-age <Days>
Defines the validity duration (in days) of the password.
privilege {admin|master|s ec-admin|user}
Defines the user's privilege level.
public-key
Defines a Secure Socket Shell (SSH) public key for RSA publickey authentication (PKI) of the remote user when logging into the device's CLI through SSH.
session-limit <Max. Sessions>
Defines the maximum number of concurrent Web sessions logged in with the same username-password.
session-timeout <Number>
Defines the duration (in minutes) of inactivity of a logged-in user, after which the user is automatically logged off the Web session.
status {failedlogin|inactivit y|new|valid}
Defines the status of the user.
- 268 -
CHAPTER 27 user
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example configures a new user "John" and hides the password when typed:
(config-system)# user John Configure new user John (user-John)# password
Please enter hidden password (press CTRL+C to exit): New password successfully configured!
- 269 -
CHAPTER 27 user-defined-failure-pm
MSBR | CLI Reference Guide
27 user-defined-failure-pm
This command configures the User Defined Failure PM table, which lets you configure userdefined Performance Monitoring (PM) SNMP MIB rules for SBC calls.
Syntax (config-system)# user-defined-failure-pm <Index> (user-defined-failure-pm-<Index>)#
Command Index description internal-reason
method {invite| register} sip-reason user-definedfailure-pm {1-26}
Description Defines the table row index. Defines a descriptive name for the rule. Defines the failure reason(s) that is generated internally by the device to count. Defines the SIP method to which the rule is applied.
Defines the SIP failure reason(s) to count. Defines the ID of the SNMP MIB group that you want to configure.
Command Mode Privileged User
Example This example configures a user- defined Performance Monitoring (PM) SNMP MIB group (#1)that counts SIP 403 responses due to INVITE messages:
(config-system)# user-defined-failure-pm 0 (user-defined-failure-pm-0)# method -invite (user-defined-failure-pm-0)# sip-reason 403 (user-defined-failure-pm-0)# user-defined-failure-pm 1
- 270 -
CHAPTER 28 web
MSBR | CLI Reference Guide
28 web
This command configures various Web interface settings.
Syntax (config-system)# web (web)#
Command
Description
dns-rebinding-
Enables protection against DNS rebinding attacks.
protection-enabled
enforce-passwordcomplexity {0|1}
Enforces definition of a complex login password.
http-auth-mode {basic|digesthttp-only| digestwhen-possible}
Selects HTTP basic (clear text) or digest (MD5) authentication for the Web interface.
http-port
Defines the device's LAN HTTP port for Web interface access.
https-cipherstring
Defines the cipher string for HTTPS.
https-port
Defines the device's LAN HTTPS port for secure Web interface access.
min-web-passwordlen
Defines the minimum length (number of characters) of the management user's login password when password complexity is enabled (using the [EnforcePasswordComplexity] parameter).
req-client-cert {off|on}
Enables requirement of client certificates for HTTPS Web interface connections.
secured-connection {http-andhttps|https-only}
Defines the protocol (HTTP or HTTPS) for accessing the Web interface.
Command Mode Privileged User
- 271 -
CHAPTER 28 web
MSBR | CLI Reference Guide
Note For more information on the commands, refer to the User's Manual.
Example This example enables requirement of client certificates for HTTPS Web interface connections:
(config-system)# web (web)# req-client-cert on
- 272 -
CHAPTER 29 welcome-msg
MSBR | CLI Reference Guide
29 welcome-msg
This command configures a banner message, which is displayed when you connect to the device's management interfaces (Web and CLI).
Syntax (config-system)# welcome-msg <Index> (welcome-msg-<Index>)# text <Message>
Command Index text <Message> display
Description Defines the table row index. Defines the message (string) for the row. Displays the banner message.
Command Mode Privileged User
Note The message string must not contain spaces between characters. Use hyphens to separate words.
Example This example configures a banner message:
(config-system)# welcome-msg 0 (welcome-msg-0)# text Hello-World-of-SBC (welcome-msg-0)# activate (welcome-msg-0)# exit (config-system)# welcome-msg 1 (welcome-msg-1)# text Configure-Me (welcome-msg-1)# activate
This example displays the message:
(config-system)# welcome-msg display welcome-msg 0
- 273 -
CHAPTER 29 welcome-msg
MSBR | CLI Reference Guide
text "Hello-World-of-SBC" welcome-msg 1 text "Configure-Me"
The message is displayed when you connect to the device's management interface:
Hello-World-of-SBC Configure-Me Username: Admin
- 274 -
Part IV
Troubleshoot-Level Commands
CHAPTER 30 Introduction
MSBR | CLI Reference Guide
30 Introduction
This part describes the commands located on the Troubleshoot configuration level. The commands of this level are accessed by entering the following command at the root prompt:
Syntax
# configure troubleshoot (config-troubleshoot)#
This level includes the following commands:
Command
Description
activity-log
See activity-log on page 277
activity-trap
See activity-trap on page 279
cdr
See cdr on page 280
cdr-server
See cdr-server on page 288
pstn-debug
See pstn-debug on page 290
fax-debug
See fax-debug on page 291
logging
See logging on page 292
max-startup-fail-attempts See max-startup-fail-attempts on page 295
pstn-debug
See pstn-debug on page 296
startup-n-recovery
See startup-n-recovery on page 297
syslog
See syslog on page 298
test-call
See test-call on page 300
Command Mode Privileged User
- 276 -
CHAPTER 31 activity-log
MSBR | CLI Reference Guide
31 activity-log
This command configures event types performed in the management interface (Web and CLI) to report in syslog messages or in an SNMP trap.
Syntax (config-troubleshoot)# activity-log (activity-log)#
Command
Description
action-execute {on|off}
Enables logging notifications on actions executed events.
cli-commands-log {on|off}
Enables logging of CLI commands.
config-changes {on|off}
Enables logging notifications on parameters-valuechange events.
device-reset {on|off} Enables logging notifications on device-reset events.
files-loading {on|off}
Enables logging notifications on auxiliary-filesloading events.
flash-burning {on|off}
Enables logging notifications on flash-memoryburning events.
login-and-logout {on|off}
Enables logging notifications on login-and-logout events.
sensitive-configchanges {on|off}
Enables logging notifications on sensitiveparameters-value-change events.
software-update {on|off}
Enables logging notifications on device-softwareupdate events.
unauthorized-access {on|off}
Enables logging notifications on non-authorizedaccess events.
Command Mode Privileged User
Related Command
- 277 -
CHAPTER 31 activity-log
MSBR | CLI Reference Guide
activity-trap - enables an SNMP trap to report Web user activities show activity-log displays logged activities
Example This example enables reporting of login and logout attempts:
(config-troubleshoot)# activity-log (activity-log)# login-and-logout on
- 278 -
CHAPTER 32 activity-trap
MSBR | CLI Reference Guide
32 activity-trap
This command enables the device to send an SNMP trap to notify of Web user activities in the Web interface.
Syntax (config-troubleshoot)# activity-trap {on|off}
Command Mode Privileged User
Related Command activity-log - configures the activity types to report.
Example This example demonstrates configuring the activity trap:
(config-troubleshoot)# activity-trap on
- 279 -
CHAPTER 33 cdr
MSBR | CLI Reference Guide
33 cdr
This command provides sub-commands that configure various settings for CDRs.
Syntax (config-troubleshoot)# cdr (cdr)#
Command
Description
aaa-indications {accountingonly|none}
Configures which Authentication, Authorization and Accounting indications to use.
call-duration-units {centiseconds|deciseconds|milliseconds|seconds}
Defines the units of measurement for the call duration field in CDRs.
call-end-cdr-sip-reasonsfilter
Defines SIP release cause codes that if received for the call, the devicedoes not sent Call-End CDRs for the call.
call-end-cdr-zero-durationfilter {off|on}
Enables the device to not send Call-End CDRs if the call's duration is zero (0).
call-failure-internal-reasons
Defines the internal response codes (generated by the device) that you want the device to consider as call failure, which is indicated by the optional 'Call Success' field in the sent CDR.
call-failure-sip-reasons
Defines the SIP response codes that you want the device to consider as call failure, which is indicated by the optional 'Call Success' field in the sent CDR.
call-success-internal-reasons
Defines the internal response codes (generated by the device) that you want the device to consider as call success, which is indicated by the optional 'Call Success' field in the sent CDR.
call-success-sip-reasons
Defines the SIP response code that you want the device to consider as call success,
- 280 -
CHAPTER 33 cdr
MSBR | CLI Reference Guide
Command
Description
which is indicated by the optional 'Call Success' field in the sent CDR.
call-transferred-afterconnect
Defines if the device considers a call as a success or failure when the internal response (generated by the device) "RELEASE_BECAUSE_CALL_TRANSFERRED" (807) is generated after call connect (SIP 200 OK).
call-transferred-beforeconnect
Defines if the device considers a call as a success or failure when the internal response (generated by the device) "RELEASE_BECAUSE_CALL_TRANSFERRED" (807) is generated before call connect (SIP 200 OK).
cdr-file-name
Defines the filename using format specifiers for locally stored CDRs.
cdr-format
Customizes the CDR format (see cdrformat on page 283).
cdr-history-privacy [disable| hide-caller-and-callee]
Enables the device to hide (by displaying an asterisk) the values of the Caller and Callee fields in CDRs that are displayed by the device: SBC CDR History table (Web), Gateway CDR History table (Web), show voip calls history (CLI), and show voip calls active (CLI).
cdr-report-level {connectand-end-call|endcall|none|start-and-end-andconnect-call|start-and-endcall}
Defines the call stage at which media- and signaling-related CDRs are sent to a Syslog server.
cdr-seq-num {off|on}
Enables sequence numbering of SIP CDR syslog messages.
cdr-servers-bulk-size
Defines the maximum number of locally stored CDR files (i.e., batch of files) that the device sends to the remote server in each transfer operation.
- 281 -
CHAPTER 33 cdr
MSBR | CLI Reference Guide
Command cdr-servers-send-period
cdr-srvr-ip-adrr compression-format {gzip|none|zip} enable {off|on} file-size files-num rotation-period media-cdr-rprt-level {end|none|start-andend|start-end-andupdate|update-and-end} no-user-response-afterconnect
no-user-response-beforeconnect
non-call-cdr-rprt {off|on}
Description
Defines the periodic interval (in seconds) when the device checks if a locally stored CDR file is available for sending to the remote CDR server.
Defines the syslog server IP address for sending CDRs.
Defines the file compression type for locally stored CDRs.
Enables or disables the RADIUS application.
Defines the maximum size per locally stored CDR file, in KB.
Defines the maximum number of locally stored CDR files.
Defines the interval size for locally stored CDR files, in minutes.
Enables media-related CDRs of SBC calls to be sent to a Syslog server and configures the call stage at which they are sent.
Defines if the device considers a call as a success or failure when the internal response (generated by the device) "GWAPP_NO_USER_RESPONDING" (18) is received after call connect (SIP 200 OK).
Defines if the device considers a call as a success or failure when the internal response (generated by the device) "RELEASE_BECAUSE_CALL_TRANSFERRED" (807) is generated before call connect (SIP 200 OK).
Enables creation of CDR messages for noncall SIP dialogs (such as SUBSCRIBE, OPTIONS, and REGISTER).
- 282 -
CHAPTER 33 cdr
MSBR | CLI Reference Guide
Command
radius-accounting {endcall|connect-and-endcall|start-and-end-call}
rest-cdr-http-server
rest-cdr-report-level {connect-and-endcall|connect-only|endcall|none|start-and-end-andconnect-call|start-and-endcall}
time-zone-format
Description Configures at what stage of the call RADIUS accounting messages are sent to the RADIUS accounting server.
Defines the REST server (by name) to where the device sends CDRs through REST API.
Enables signaling-related CDRs to be sent to a REST server and defines the call stage at which they are sent.
Defines the time zone string (only for display purposes).
Command Mode Privileged User
Example This example configures the call stage at which CDRs are generated:
(config-troubleshoot)# cdr (cdr)# cdr-report-level start-and-end-call
cdr-format
This command customizes the format of CDRs for gateway (Gateway CDR Format table) and SBC (SBC CDR Format table) calls.
Syntax
(config-troubleshoot)# cdr (cdr)# cdr-format
Command gw-cdr-format
Value See gw-cdr-format on the next page
- 283 -
CHAPTER 33 cdr
MSBR | CLI Reference Guide
Command sbc-cdr-format show-title
Value See sb-cdr-format on the next page See show-title on page 286
Command Mode Privileged User
gw-cdr-format
This command customizes the format of CDRs for gateway (Gateway CDR Format table) calls.
Syntax (config-troubleshoot)# cdr (cdr)# cdr-format gw-cdr-format <Index> (gw-cdr-format-<Index>)#
Command Index cdr-type {local-storagegw|radius-gw|syslog-gw} col-type
radius-id radius-type {standard|vendor-specific} title
Value Defines the table row index. Defines the type of CDRs that you want customized. Defines the CDR field (column) that you want to customize. Defines the ID of the RADIUS Attribute. Defines the RADIUS Attribute type.
Configures a new name for the CDR field name.
Command Mode Privileged User
Example
- 284 -
CHAPTER 33 cdr
MSBR | CLI Reference Guide
This example changes the CDR field name "call-duration" to "Phone-Duration" for Syslog messages:
(config-troubleshoot)# cdr (cdr)# cdr-format gw-cdr-format 0 (gw-cdr-format-0)# cdr-type syslog-media (gw-cdr-format-0)# col-type call-duration (gw-cdr-format-0)# title Phone-Duration
sb-cdr-format
This command customizes the format of CDRs for SBC (SBC CDR Format table) calls.
Syntax
(config-troubleshoot)# cdr (cdr)# cdr-format sbc-cdr-format <Index> (sbc-cdr-format-<Index>)#
Command
Value
Index
Defines the table row index.
cdr-type {localstoragegw|radiusgw|syslog-gw}
Defines the type of CDRs that you want customized.
col-type
Defines the CDR field (column) that you want to customize.
radius-id
Defines the ID of the RADIUS Attribute.
radius-type {standard|vendorspecific}
Defines the RADIUS Attribute type.
title
Configures a new name for the CDR field name.
Command Mode Privileged User
Example
- 285 -
CHAPTER 33 cdr
MSBR | CLI Reference Guide
This example changes the CDR field name "connect-time" to "Call-Connect-Time=" and the RADIUS Attribute to 281 for RADIUS messages:
(cdr)# cdr-format sbc-cdr-format 0 (sbc-cdr-format-0)# cdr-type radius-sbc (sbc-cdr-format-0)# col-type connect-time (sbc-cdr-format-0)# title Call-Connect-Time= (sbc-cdr-format-0)# radius-type vendor-specific (sbc-cdr-format-0)# radius-id 281
show-title
This command displays CDR column titles of a specific CDR type.
Syntax (config-troubleshoot)# cdr (cdr)# cdr-format show-title
Command local-storagegw local-storagesbc syslog-gw syslog-media syslog-sbc
Value Displays CDR column titles of locally stored Gateway CDRs.
Displays CDR column titles of locally stored SBC CDRs.
Displays CDR column titles of Syslog Gateway CDRs. Displays CDR column titles of Syslog media CDRs. Displays CDR column titles of Syslog SBC CDRs.
Command Mode Privileged User
Example This example displays column titles of Syslog Gateway CDRs:
(config-troubleshoot)# cdr (cdr)# cdr-format show-title syslog-gw |GWReportType |Cid |SessionId |LegId|Trunk|BChan|ConId|TG |EPTyp |Orig
- 286 -
CHAPTER 33 cdr
MSBR | CLI Reference Guide
|SourceIp |DestIp |TON |NPI |SrcPhoneNum |SrcNumBeforeMap |TON |NPI |DstPhoneNum |DstNumBeforeMap |Durat|Coder |Intrv|RtpIp |Port |TrmSd|TrmReason |Fax |InPackets |OutPackets|PackLoss |RemotePackLoss|SIPCallId |SetupTime |ConnectTime |ReleaseTime |RTPdelay |RTPjitter|RTPssrc |RemoteRTPssrc |RedirectReason |TON |NPI |RedirectPhonNum |MeteringPulses |SrcHost |SrcHostBeforeMap |DstHost |DstHostBeforeMap |IPG (name) |LocalRtpIp |LocalRtpPort |Amount |Mult |TrmReasonCategory|RedirectNumBeforeMap|SrdId (name) |SIPInterfaceId (name) |ProxySetId (name) |IpProfileId (name) |MediaRealmId (name)|SigTransportType|TxRTPIPDiffServ | TxSigIPDiffServ|LocalRFactor|RemoteRFactor|LocalMosCQ|RemoteMosCQ|Sig SourcePort|SigDestPort|MediaType |AMD| % |SIPTrmReason|SIPTermDesc |PstnTermReason|LatchedRtpIp |LatchedRtpPort |LatchedT38Ip |LatchedT38Port |CoderTranscoding
- 287 -
CHAPTER 33 cdr-server
MSBR | CLI Reference Guide
33 cdr-server
This command configures the SBC CDR Remote Servers table, which configures remote SFTP servers to where the device sends the locally stored CDRs.
Syntax (config-troubleshoot)# cdr-server (cdr-server-<Index>)#
Command Index address connect-timeout <1-600> max-transfer-time <1-65535> name password port priority <0-10> remote-path
username
Value Defines the table row index. Defines the address of the server. Defines the connection timeout (in seconds) with the server. Defines the maximum time (in seconds) allowed to spend for each individual CDR file transfer process. Defines an arbitrary name to easily identify the rule. Defines the password for authentication with the server. Defines the SSH port number of the server. Defines the priority of the server. Defines the directory path to the folder on the server where you want the CDR files to be sent. Defines the username for authentication with the server.
Command Mode Privileged User
Example This example configures an SFTP server at index 0:
(config-troubleshoot)# cdr-server 0 (cdr-server-0)# name CDR-Server (cdr-server-0)# address 170.10.2.5
- 288 -
CHAPTER 33 cdr-server
(cdr-server-0)# password 1234 (cdr-server-0)# username sftp-my (cdr-server-0)# remote-path /cdr (cdr-server-0)# name CDR-Server (cdr-server-0)# name CDR-Server (cdr-server-0)# activate
MSBR | CLI Reference Guide
- 289 -
CHAPTER 33 pstn-debug
MSBR | CLI Reference Guide
33 pstn-debug
This command enables PSTN debugging, which is sent to a Syslog server.
Syntax # pstn-debug {off|on}
Note To disable PSTN debugging, type pstn-debug off.
Command Mode Privileged User
Related Commands To configure the PSTN trace level, use the command: configure voip > interface > trace-level
Example Enables PSTN debugging:
# pstn-debug on
- 290 -
CHAPTER 34 fax-debug
MSBR | CLI Reference Guide
34 fax-debug
This command configures fax / modem debugging.
Syntax (config-troubleshoot)# fax-debug
Command
Description
level {basic|detail} Defines the fax / modem debug level.
max-sessions
Configures debugging the maximum number of fax / modem sessions.
off
Disables fax / modem debugging.
on
Enables fax / modem debugging.
Command Mode Privileged User
Example This example configures fax / modem debug basic level:
(config-troubleshoot)# fax-debug level basic (config-troubleshoot)# on
- 291 -
CHAPTER 35 logging
MSBR | CLI Reference Guide
35 logging
This command configures logging and includes the following subcommands: logging-filters (see logging-filters below) settings (see settings on the next page)
logging-filters
This command configures the Logging Filters table, which configures filtering rules of debug recording packets, Syslog messages, and Call Detail Records (CDR). The table allows you to enable and disable configured Log Filter rules. Enabling a rule activates the rule, whereby the device starts generating the debug recording packets, Syslog messages, or CDRs.
Syntax
(config-troubleshoot)# logging logging-filters <Index> (logging-filters-<Index>)#
Command
Description
Index
Defines the table row index.
filter-type {any|classification|fxsfxo|ip-group| ip-to-ip-routing|ip-totel|ip-trace|sip-interface|srd|tel-toip|trunk-bch|trunk-group-id|trunkid|user}
Type of logging filter.
log-dest {debug-rec|localstorage|syslog}
Log destination.
log-type {cdr-only|none|pstntrace|signaling|signalingmedia|signaling-media-pcm}
Log type.
mode {disable|enable}
Enables or disables the log rule.
value
Value of log filter (string).
Command Mode Privileged User
- 292 -
CHAPTER 35 logging
MSBR | CLI Reference Guide
Note To configure the PSTN trace level per trunk, use the following command: configure voip >
interface > trace-level To configure PSTN traces for all trunks (that have been configured with a trace level), use
the following command: debug debug-recording <Destination IP Address> pstn-trace To send the PSTN trace to a Syslog server (instead of Wireshark), use the following
command: configure troubleshoot > pstn-debug
Example
This example configures a Logging Filter rule (Index 0) that sends SIP signaling syslog messages of IP Group 1 to a Syslog server:
(config-troubleshoot)# logging logging-filters 0 (logging-filters-0)# filter-type ip-group (logging-filters-0)# log-dest syslog (logging-filters-0)# log-type signaling (logging-filters-0)# mode enable (logging-filters-0)# value 1
settings
This command configures debug recording settings.
Syntax (config-troubleshoot)# logging settings (logging-settings)#
Command dbg-rec-dest-ip
dbg-rec-dest-port
dbg-rec-status {start|stop}
Description
Defines the destination IP address for debug recording.
Defines the destination UDP port for debug recording.
Starts and stops debug recording.
Command Mode
- 293 -
CHAPTER 35 logging
MSBR | CLI Reference Guide
Privileged User
Example This example configures the debug recoding server at 10.13.28.10 and starts the recording:
(config-troubleshoot)# logging settings (logging-settings)# dbg-rec-dest-ip 10.13.28.10 (logging-settings)# dbg-rec-status start
- 294 -
CHAPTER 36 max-startup-fail-attempts
MSBR | CLI Reference Guide
36 max-startup-fail-attempts
This command defines the number of consecutive failed device restarts (boots), after which the device automatically restores its software and configuration based on (by loading) the default System Snapshot.
Syntax (config-troubleshoot)# max-startup-fail-attempts {1-10}
Command Mode Privileged User
Note The command is applicable only to Mediant 9000 and Mediant SE/VE.
Example This example defines automatic recovery to be triggered after three consecutive failed restart attempts:
(config-troubleshoot)# max-startup-fail-attempts 3
- 295 -
CHAPTER 37 pstn-debug
37 pstn-debug
This command enables or disables PSTN debugging. Syntax
(config-troubleshoot)# pstn-debug {on|off}
Command Mode Privileged User Example This example enables PSTN debugging:
(config-troubleshoot)# pstn-debug on
MSBR | CLI Reference Guide
- 296 -
CHAPTER 38 startup-n-recovery
MSBR | CLI Reference Guide
38 startup-n-recovery
This command is for performing various management tasks.
Syntax (config-troubleshoot)# startup-n-recovery (startup-n-recovery)#
Command
Description
enable-kernel-dump {coredump|disable|exceptioninfo}
Enables kernel dump mode.
system-console-mode {rs232|vga}
Defines the access mode for the console
Command Mode Privileged User
Note The command is applicable only to Mediant 9000 and Mediant SE/VE.
Example This example configures the console mode to RS-232:
(config-troubleshoot)# startup-n-recovery (startup-n-recovery)# system-console-mode rs232 (startup-n-recovery)# activate
- 297 -
CHAPTER 39 syslog
MSBR | CLI Reference Guide
39 syslog
This command configures syslog debugging. Syntax
(config-troubleshoot)# syslog (syslog)#
Command debug-level {basic|detailed|no-debug}
debug-level-high-threshold
log-level {alert| critical| debug| error| fatal| info| notice| warning}
specific-debug-names-list
syslog {on|off} syslog-cpu-protection {on|off}
- 298 -
Description
Defines the SIP media gateway's debug level.
Defines the threshold for auto-switching of debug level.
Defines the minimum severity level of messages included in the Syslog message that is generated by the device
Configures a specific debug names list (string).
Enables or disables syslog messages.
Enables or disables downgrading the debug level when CPU idle is
CHAPTER 39 syslog
Command
syslog-ip syslog-optimization {disable|enable}
syslog-port
system-log-size
Command Mode Privileged User Example This example disables syslog:
(config-troubleshoot)# syslog (syslog)# debug-level no-debug
MSBR | CLI Reference Guide
Description
dangerously low.
Defines the syslog server's IP address.
Enables or disables bundling debug syslog messages for performance.
Defines the syslog server's port number.
Defines the local system log file size (in Kbytes).
- 299 -
CHAPTER 40 test-call
MSBR | CLI Reference Guide
40 test-call
This command configures test calls.
Syntax (config-troubleshoot)# test-call
Command settings test-call-table
Value See settings below See test-call-table on the next page
Command Mode Privileged User
settings
This command configures various test call settings.
Syntax (config-troubleshoot)# test-call settings (test-call)#
Command testcall-dtmfstring
testcall-id
Description
Configures a DTMF string (tone) that is played for answered test calls.
Defines the incoming test call prefix that identifies it as a test call.
Command Mode Privileged User
Example This example configures a test call ID:
- 300 -
CHAPTER 40 test-call
MSBR | CLI Reference Guide
(config-troubleshoot)# test-call (test-call)# testcall-id 03
test-call-table
This command configures the Test Call Rules table, which allows you to test SIP signaling (setup and registration) and media (DTMF signals) of calls between a simulated phone on the device and a remote IP endpoint.
Syntax
(config-troubleshoot)# test-call test-call-table <Index> (test-call-table-<Index>)#
Command
Description
Index
Defines the table row index.
allowed-audio-coders-group-name
Assigns an Allowed Audio Coders Group, configured in the Allowed Audio Coders Groups table, which defines only the coders that can be used for the test call.
allowed-coders-mode {notconfigured|preference|restriction|restrictionand-preference}
Defines the mode of the Allowed Coders feature for the Test Call.
application-type {gw|sbc}
Application type.
auto-register {disable|enable}
Automatic register.
bandwidth-profile
Bandwidth Profile.
- 301 -
CHAPTER 40 test-call
call-duration
Command
call-party {called|caller} called-uri calls-per-second dst-address
dst-transport {not-configured|sctp|tcp| tls|udp} endpoint-uri
ip-group-name max-channels
media-security-mode {as-is|both|notconfigured|rtp|srtp}
offered-audio-coders-group-name
password
MSBR | CLI Reference Guide
Description
Call duration in seconds (-1 for auto, 0 for infinite).
Test call party.
Called URI.
Calls per second.
Destination address and optional port.
Destination transport type.
Endpoint URI ('user' or 'user@host').
IP Group.
Maximum concurrent channels for session.
Defines the handling of RTP and SRTP
Assigns a Coder Group, configured in the Coder Groups table, whose coders are added to the SDP Offer in the outgoing Test Call.
Password for registration.
- 302 -
CHAPTER 40 test-call
Command play {disable|dtmf|prt} play-dtmf-method {inband|notconfigured|rfc2833}
play-tone-index
qoe-profile
route-by {dst-address|ip-group} schedule-interval
sip-interface-name test-duration
test-mode {continuous|once} user-name
Command Mode Privileged User
Example
- 303 -
MSBR | CLI Reference Guide
Description
Playback mode.
Defines the method used by the devicefor sending DTMF digits that are played to the called party when the call is answered.
Defines a tone to play from the installed PRT file.
Quality of Experience (QOE) Profile.
Routing method.
0 disables scheduling, any positive number configures the interval between scheduled calls (in minutes).
SIP Interface.
Test duration (minutes).
Test mode.
User name for registration.
CHAPTER 40 test-call
MSBR | CLI Reference Guide
This example partially configures a test call rule that calls endpoint URI 101 at IP address 10.13.4.12:
(config-troubleshoot)# test-call test-call-table 0 (test-call-table-0)# called-uri 101 (test-call-table-0)# route-by dst-address (test-call-table-0)# dst-address 10.13.4.12
- 304 -
Part V
Network-Level Commands
CHAPTER 41 Introduction
MSBR | CLI Reference Guide
41 Introduction
This part describes the commands located on the Network configuration level. The commands of this level are accessed by entering the following command at the root prompt:
# configure network (config-network)#
This level includes the following commands:
Command access-list bind vrf dhcp-server dns hostname interface nat-translation network-dev network-settings nqm ovoc-tunnel-settings physical-port poe-table qos sctp security-settings static tftp-server
Description See access-list on page 308 See bind vrf on page 310 See dhcp-server on page 312 See dns on page 318 See hostname on page 323 See interface on page 324 See nat-translation on page 325 See network-dev on page 327 See network-settings on page 328 See nqm on page 329 See ovoc-tunnel-settings on page 334 See physical-port on page 335 See poe-table on page 336 See qos on page 337 See sctp on page 339 See security-settings on page 341 See static on page 343 See tftp-server on page 345
- 306 -
CHAPTER 41 Introduction
Command Mode Privileged User
MSBR | CLI Reference Guide
- 307 -
CHAPTER 42 access-list
MSBR | CLI Reference Guide
42 access-list
This command configures the Firewall table, which lets you define firewall rules that define network traffic filtering rules.
Syntax (config-network)# access-list <Index> (access-list-<Index>)#
Command Index allow-type {allow|block}
byte-burst byte-rate
end-port network-interface-name
packet-size prefixLen
protocol source-ip
src-port
start-port use-specific-interface {disable|enable}
Description
Defines the table row index.
Defines the firewall action if the rule is matched.
Defines the allowed traffic burst in bytes.
Defines the allowed traffic bandwidth in bytes per second.
Defines the destination ending port.
Defines the IP Network Interface (string) for which the rule applies.
Defines the maximum allowed packet size.
Defines the prefix length of the source IP address (defining a subnet).
Defines the IP user-level protocol.
Defines the source IP address from where the packets are received.
Defines the source port from where the packets are received.
Defines the destination starting port.
Use the rule for a specific interface or for all interfaces.
Command Mode
- 308 -
CHAPTER 42 access-list
MSBR | CLI Reference Guide
Privileged User
Example This example configures a firewall rule allowing a maximum packet size of 1500 bytes on the "ITSP" network interface:
(config-network)# access-list (access-list-0)# use-specific-interface enable (access-list-0)# network-interface-name ITSP (access-list-0)# allow-type allow (access-list-0)# packet-size 1500
- 309 -
CHAPTER 42 bind vrf
MSBR | CLI Reference Guide
42 bind vrf
This command provides support for binding the management servers (Web HTTP and HTTPS, Telnet, SSH, and SNMP) to a network source which can be a defined VRF, source address, or network interface.
Syntax
bind vrf <VRF Name> management-servers [Server Name] bind vrf all-vrfs management-servers [Server Name] bind source-address interface <Interface ID> management-servers [Server Name] bind interface <Interface ID> management-servers [Server Name]
Arguments
Description
VRF Name Defines the VRF name.
Interface ID Defines the interface ID.
Server name
Management server that binds to network source. Available servers to bind are: http https snmp ssh telnet If no server is specified, all management servers will be bind.
Default Main VRF (default routing table)
Command Modes Enable
Example To bind all management servers to all VRFs:
(config-network)# bind vrf all-vrfs management-servers
- 310 -
CHAPTER 42 bind vrf
MSBR | CLI Reference Guide
To bind the SNMP management server to the source address of VLAN 1 interface:
(config-network)# bind source-address interface vlan 1 management-servers snmp
To remove an existing bind (return to default bind), use the no command:
(config-network)# no bind source-address interface vlan 1 managementservers snmp
- 311 -
CHAPTER 43 dhcp-server
MSBR | CLI Reference Guide
43 dhcp-server
This command configures DHCP and includes the following subcommands: delete-client (see dhcp-server delete-client below) option (see dhcp-server option on the next page) server (see dhcp-server server on the next page) static-ip (see dhcp-server static-ip on page 316) vendor-class (see dhcp-server vendor-class on page 317)
dhcp-server delete-client
This command removes IP addresses of DHCP clients leased from a DHCP server.
Syntax (config-network)# dhcp-server delete-client
Command all-dynamic all-static black-list ip <IP Address> mac
Description Removes all dynamic leases. Removes all static lease reservations. Clears the blacklist of conflicting IP addresses. Removes a specified leased IP address. Removes a specified lease MAC address.
Command Mode Privileged User
Example This example removes the leased IP address 10.13.2.10:
(config-network)# dhcp-server delete-client ip 10.13.2.10
- 312 -
CHAPTER 43 dhcp-server
MSBR | CLI Reference Guide
dhcp-server option
This command configures the DHCP Option table, which lets you define additional DHCP Options that the DHCP server can use to service the DHCP client. These DHCP Options are included in the DHCPOffer response sent by the DHCP server. The table is a "child" of the DHCP Servers table.
Syntax
(config-network)# dhcp-server option <Index> (option-<Index>)#
Command
Description
Index
Defines the table row index.
dhcp-server-number Defines the index of the DHCP Servers table.
expand-value {no|yes}
Enables the use of the special placeholder strings, "<MAC>" and "<IP>" for configuring the value.
option
Defines the DHCP Option number.
type {ascii|hex|ip} Defines the format (type) of the DHCP Option value.
value
Defines the DHCP option value.
Command Mode Privileged User
Example This example configures an additional DHCP Option 159 for the DHCP server configured in Index 0:
(config-network)# dhcp-server option 0 (option-0)# dhcp-server-number 0 (option-0)# option 159
dhcp-server server
This command configures the DHCP Servers table, which defines DHCP servers.
- 313 -
CHAPTER 43 dhcp-server
MSBR | CLI Reference Guide
Syntax
(config-network)# dhcp-server server <Index> (server-<Index>)#
Command
Description
Index
Defines the table row index.
boot-file-name
Defines the name of the boot file image for the DHCP client.
dns-server-1
Defines the IP address (IPv4) of the primary DNS server that the DHCP server assigns to the DHCP client.
dns-server-2
Defines the IP address (IPv4) of the secondary DNS server that the DHCP server assigns to the DHCP client.
end-address
Defines the ending IP address (IPv4 address in dotted-decimal format) of the IP address pool range used by the DHCP server to allocate addresses.
expand-boot-file-name {no|yes}
Enables the use of the placeholders in the boot file name, defined in 'boot-file-name'.
lease-time
Defines the duration (in minutes) of the lease time to a DHCP client for using an assigned IP address.
name
Defines the name of the DHCP server.
netbios-node-type {broadcast|hybrid|mixed|peerto-peer}
Defines the NetBIOS (WINS) node type.
netbios-server
Defines the IP address (IPv4) of the NetBIOS WINS server that is available to a Microsoft DHCP client.
network-if
Assigns a network interface to the DHCP server.
ntp-server-1
Defines the IP address (IPv4) of the primary
- 314 -
CHAPTER 43 dhcp-server
MSBR | CLI Reference Guide
Command ntp-server-2 override-router-address
sip-server sip-server-type {dns|IP} start-address
subnet-mask tftp-server-name time-offset
Description
NTP server that the DHCP server assigns to the DHCP client.
Defines the IP address (IPv4) of the secondary NTP server that the DHCP server assigns to the DHCP client.
Defines the IP address (IPv4 in dotteddecimal notation) of the default router that the DHCP server assigns the DHCP client.
Defines the IP address or DNS name of the SIP server that the DHCP server assigns the DHCP client.
Defines the type of SIP server address.
Defines the starting IP address (IPv4 address in dotted-decimal format) of the IP address pool range used by the DHCP server to allocate addresses.
Defines the subnet mask (for IPv4 addresses) for the DHCP client.
Defines the IP address or name of the TFTP server that the DHCP server assigns to the DHCP client.
Defines the Greenwich Mean Time (GMT) offset (in seconds) that the DHCP server assigns to the DHCP client.
Command Mode Privileged User
Example This example configures a DHCP server with a pool of addresses for allocation from 10.13.1.0 to 10.13.1.5 and a lease time of an hour:
- 315 -
CHAPTER 43 dhcp-server
MSBR | CLI Reference Guide
(config-network)# dhcp-server server (server-0)# start-address 10.13.1.0 (server-0)# end-address 10.13.1.5 (server-0)# lease-time 60
dhcp-server static-ip
This command configures the DHCP Static IP table, which lets you define static IP addresses for DHCP clients. The table is a "child" of the DHCP Servers table.
Syntax
(config-network)# dhcp-server static-ip <Index> (static-ip-<Index<)#
Command Index dhcp-servernumber ip-address
mac-address
Description
Defines the table row index.
Associates the DHCP Static IP table entry with a DHCP server that you already configured.
Defines the "reserved", static IP address (IPv4) to assign the DHCP client.
Defines the DHCP client by MAC address (in hexadecimal format).
Command Mode Privileged User
Example This example configures the DHCP client whose MAC address is 00:90:8f:00:00:00 with a static IP address 10.13.1.6:
(config-network)# dhcp-server static-ip 0 (static-ip-0)# dhcp-server-number 0 (static-ip-0)# ip-address 10.13.1.6 (static-ip-0)# mac-address 00:90:8f:00:00:00
- 316 -
CHAPTER 43 dhcp-server
MSBR | CLI Reference Guide
dhcp-server vendor-class
This command configures the DHCP Vendor Class table, which lets you define Vendor Class Identifier (VCI) names (DHCP Option 60).
Syntax
(config-network)# dhcp-server vendor-class <Index> (vendor-class-<Index>)#
Command Index dhcp-servernumber vendor-class
Description Defines the table row index. Associates the DHCP Vendor Class entry with a DHCP server that you configured. Defines the value of the VCI DHCP Option 60.
Command Mode Privileged User
Example This example configures the vendor class identifier as "product-ABC":
(config-network)# dhcp-server vendor-class 0 (vendor-class-0)# dhcp-server-number 0 (vendor-class-0)# vendor-class product-ABC
- 317 -
CHAPTER 44 dns
MSBR | CLI Reference Guide
44 dns
This command configures DNS and includes the following subcommands: dns-to-ip (see dns dns-to-ip on the next page) override (see dns override on the next page) settings (see dns settings on page 320) srv2ip (see dns srv2ip on page 321)
Syntax (config-network)# dns <Index>
Command
Description
Index
Defines the table row index.
dns-to-ip Defines the internal DNS table for resolving host names into IP addresses.
override Defines the DNS override interface.
settings Configures DNS settings.
srv2ip
Defines the SRV to IP internal table. The table defines the internal SRV table for resolving host names into DNS A-Records. Three different ARecords can be assigned to a host name. Each A-Record contains the host name, priority, weight and port.
Command Mode Privileged User
Example This example configures the SRV to IP internal table:
configure network (config-network)# dns srv2ip 0 (srv2ip-0)#
- 318 -
CHAPTER 44 dns
MSBR | CLI Reference Guide
dns dns-to-ip
This command configures the Internal DNS table, which lets you resolve hostnames into IP addresses.
Syntax
(config-network)# dns dns-to-ip <Index> (dns-to-ip-<Index>)#
Command Index
domain-name
first-ipaddress
second-ipaddress
third-ipaddress
Description
Defines the table row index.
Defines the host name to be translated.
Defines the first IP address (in dotted-decimal format notation) to which the host name is translated.
Defines the second IP address (in dotted-decimal format notation) to which the host name is translated.
Defines the third IP address (in dotted-decimal format notation) to which the host name is translated.
Command Mode Privileged User
Example This example configures the domain name "proxy.com" with a resolved IP address of 210.1.1.2:
(config-network)# dns dns-to-ip 0 (dns-to-ip-0)# domain-name proxy.com (dns-to-ip-0)# first-ip-address 210.1.1.2
dns override
This command configures the DNS override interface, which overrides the Internal DSN table settings.
Syntax
- 319 -
CHAPTER 44 dns
MSBR | CLI Reference Guide
(config-network)# dns override interface <String> data interface <ID>
Command Mode Privileged User
Example This example configures the DNS override interface:
configure network (config-network)# dns override interface ITSP-1
dns settings
This command configures the default primary and secondary DNS servers.
Syntax (config-network)# dns settings (dns-settings)#
Command
dns-default-primaryserver-ip
dns-default-secondaryserver-ip
Description
Defines the IP address of the default primary DNS server.
Defines the IP address of the default secondary DNS server.
Command Mode Privileged User
Example This example configures the IP address of the default primary DNS server to 210.1.1.2:
(config-network)# dns settings (dns-settings)# dns-default-primary-server-ip 210.1.1.2
- 320 -
CHAPTER 44 dns
MSBR | CLI Reference Guide
dns srv2ip
This command configures the Internal SRV table, which lets you resolve hostnames into DNS A-Records.
Syntax
(config-network)# dns srv2ip <Index> (srv2ip-<Index>)#
Command Index dns-name-1 dns-name-2 dns-name-3 domain-name port-1 port-2 port-3 priority-1 priority-2 priority-3 transport-type {udp|tcp|tls} weight-1 weight-2 weight-3
Description Defines the table row index. Defines the first, second or third DNS A-Record to which the host name is translated.
Defines the host name to be translated. Defines the port on which the service is to be found.
Defines the priority of the target host. A lower value means that it is more preferred.
Defines the transport type. Configures a relative weight for records with the same priority.
Command Mode Privileged User
- 321 -
CHAPTER 44 dns
Example This example configures DNS SRV to IP address 208.93.64.253:
(config-network)# dns srv2ip 0 (srv2ip-0)# domain-name proxy.com (srv2ip-0)# transport-type tcp (srv2ip-0)# dns-name-1 208.93.64.253
MSBR | CLI Reference Guide
- 322 -
CHAPTER 45 hostname
MSBR | CLI Reference Guide
45 hostname
This command configures the product name, which is displayed in the management interfaces (as the prompt in CLI, and in the Web interface).
Syntax (config-network)# hostname <String>
Command Mode Privileged User
Example This example configures the product name from "Mediant" to "routerABC":
Mediant(config-network)# hostname routerABC
- 323 -
CHAPTER 46 interface
MSBR | CLI Reference Guide
46 interface
This command configures network interfaces and includes the following sub-commands: osn (see interface osn below)
interface osn
This command configures the Open Solutions Network (OSN) interface.
Syntax (config-network)# interface osn (conf-sys-if-OSN)#
Command native-vlan
shutdown
Description
Defines the OSN Native VLAN ID. When set to 0 (default), the OSN uses the device's OAMP VLAN ID. When set to any other value, it specifies a VLAN ID configured in the Ethernet Devices table and which is assigned to a Media and/or Control application in the IP Interfaces table.
Disables the Ethernet port of the internal switch that interfaces between the Gateway/SBC and OSN.
Command Mode Privileged User
Example This example configures the network interfaces:
(config-network)# interface osn (conf-sys-if-OSN)# native-vlan 1
- 324 -
CHAPTER 47 nat-translation
MSBR | CLI Reference Guide
47 nat-translation
This command configures the NAT Translation table, which lets you define network address translation (NAT) rules for translating source IP addresses per VoIP interface (SIP control and RTP media traffic) into NAT IP addresses (global - public) when the device is located behind NAT.
Syntax
(config-network)# nat-translation <Index> (nat-translation-<Index>)#
Command
Description
Index
Defines the table row index.
src-endport
Defines the optional ending port range (0-65535) of the IP interface, used as matching criteria for the NAT rule.
srcinterfacename
Assigns an IP network interface (configured in the IP Interfaces table) to the rule. Outgoing packets sent from the specified network interface are NAT'ed.
src-start- Defines the optional starting port range (0-65535) of the IP interface,
port
used as matching criteria for the NAT rule.
targetend-port
Defines the optional ending port range (0-65535) of the global address.
target-ip- Defines the global (public) IP address. address
target-
Defines the optional starting port range (0-65535) of the global address.
start-port
Command Mode Privileged User
Example This example configures a NATed IP address (202.1.1.1) for all traffic sent from IP network interface "voice":
- 325 -
CHAPTER 47 nat-translation
# configure network (config-network)# nat-translation 0 (nat-translation-0)# src-interface-name voice (nat-translation-0)# target-ip-address 202.1.1.1
MSBR | CLI Reference Guide
- 326 -
CHAPTER 48 network-dev
MSBR | CLI Reference Guide
48 network-dev
This command configures the Ethernet Devices table, which lets you define Ethernet Devices. An Ethernet Device represents a Layer-2 bridging device and is assigned a unique VLAN ID and an Ethernet Group (Ethernet port group).
Syntax
(config-network)# network-dev <Index> (network-dev-<Index>)#
Index mtu
Command
name tagging {tagged|untagged} underlying-if vlan-id
Description Defines the table row index. Defines the Maximum Transmission Unit (MTU) size. Configures a name for the Ethernet Device. Configures VLAN tagging for the Ethernet Device.
Assigns an Ethernet Group to the Ethernet Device. Configures a VLAN ID for the Ethernet Device.
Command Mode Privileged User
Example This example configures an Ethernet Device with VLAN ID 2 for Ethernet Group 0 and untagged:
(config-network-0)# network-dev (network-dev-0)# name VLAN 2 (network-dev-0)# vlan-id 2 (network-dev-0)# underlying-if 0 (network-dev-0)# tagging untagged
- 327 -
CHAPTER 49 network-settings
MSBR | CLI Reference Guide
49 network-settings
This command configures the network settings.
Syntax (config-network)# network-settings (network-settings)#
Command
hostname
icmp-disableredirect {0|1}
icmp-disableunreachable {0|1}
osn-internal-vlan {off|on}
Description
Defines the device's hostname.
Enables sending and receiving of ICMP Redirect messages.
Enables sending of ICMP Unreachable messages.
Enables a single management platform when the device is deployed as a Survivable Branch Appliance (SBA) in a Microsoft Skype for Business environment. It allows configuration and monitoring of the Gateway/SBC device through the SBA Management Interface.
Command Mode Privileged User
Example This example sending and receiving of ICMP Redirect messages:
(config-network)# network-settings (network-settings)# icmp-disable-redirect 1
- 328 -
CHAPTER 50 nqm
MSBR | CLI Reference Guide
50 nqm
This command configures the device to monitor the quality of the network path (network quality monitoring - NQM) between it and other AudioCodes devices. The path monitoring is done by sending packets from a "sender" device to a "responder" device and then calculating the round-trip time (RTT), packet loss (PL), and jitter. The command includes the following subcommands: probing-table (see nqm probing-table below) responder-table (see nqm responder-table on the next page) sender-table (see nqm sender-table on page 331)
NQM is applicable only to Mediant 800 MSBR.
nqm probing-table
This command configures the polling attributes (duration and frequency).
Syntax (config-network)# nqm probing-table < Index > (probing-table-<Index>)# < Command>
Command
Description
duration
Configures the duration of the probing session (in seconds).
frequency
Configures the time interval between the start of two consecutive probing sessions (in seconds).
historyentries
Configures the number of probing result entries to keep in the history file.
life-span Configures the life span of this probe (in seconds).
probe-name Configures a descriptive name for this probe.
start-time Configures the start time of this probe.
Command Mode Privileged User
- 329 -
CHAPTER 50 nqm
Example This example configures a row in the Probing table:
(config-network)# nqm probing-table 0 (probing-table-0)# probe-name voip_probe_1 (probing-table-0)# start-time now
nqm responder-table
This command adds a responder (IP address and port).
Syntax (config-network)# nqm responder-table < Index > (responder-table-<Index>)# < Command>
active {0|1}
Command
local-port {3900|3910|3920|3930|3940| 3950|3960|3970|3980|3990}
responder-name
source-interface-name
Command Mode Privileged User
- 330 -
MSBR | CLI Reference Guide
Description Enables the Responder. Configures the local transport layer port number. Configures a descriptive name for the Responder. Configures a name for the source interface to listen on for incoming NQM packets.
CHAPTER 50 nqm
MSBR | CLI Reference Guide
Example This example configures a row in the Responder table:
(config-network)# nqm responder-table 0 (responder-table-0)# responder-name vmain_office_voip_responder_1 (responder-table-0)# local-port 3900; (responder-table-0)# exit
nqm sender-table
This subcommand adds a sender (including RTT, PL, and jitter thresholds; associates probing definition; responder address; local interface).
Syntax
(config-network)# nqm sender-table < Index > (sender-table-<Index>)# < Command>
Command active {0|1} cq-mos-threshold
jitter-threshold lq-mos-threshold
packet-interval
packet-timeout
packet-tos
Description
Enables the Sender.
Configures the minimum allowable Conversation Quality MOS.
Configures the maximum allowable Jitter (msec).
Configures the minimum allowable Listener Quality MOS.
Configures the interval between each packet transmitting (msec).
Configures the receive timeout on expected packets.
Configures the TOS value in the IP header.
- 331 -
CHAPTER 50 nqm
MSBR | CLI Reference Guide
payload-size
Command
pl-threshold
probe-name
rtt-threshold
sender-name
source-interface-name
target-ip-address
target-port {3900|3910|3920|3930| 3940|3950|3960|3970|3980|3990}
Description
Configures the size of the IP payload (bytes).
Configures the maximum allowable Packet Loss.
Configures the name of the corresponding probe in the Probing table.
Configures the maximum allowable Round Trip Time (msec).
Configures a descriptive name for the Sender.
Configures a name for the source interface.
Configures the target IP address.
Configures the target transport layer port number.
Command Mode Privileged User
Example This example configures a row in the Sender table to define a sender termination:
(config-network)# nqm sender-table 0 (sender-table-0)# sender-name main_office_voip_checker_1 (sender-table-0)# set target-ip 10.4.3.98 (sender-table-0)# set target-port 3900
A responder termination defined by the pair <target IP address, target port> can be defined only once for a single sender line; multipile senders can't be defined to send packets to the same responder termination.
- 332 -
CHAPTER 50 nqm
MSBR | CLI Reference Guide
(sender-table-0)# probe-name voip_probe_1
A single row in the Probing table may be shared by several senders, thereby sharing and simplifying common attributes.
- 333 -
CHAPTER 50 ovoc-tunnel-settings
MSBR | CLI Reference Guide
50 ovoc-tunnel-settings
This command configures WebSocket tunnel connection settings for communication between the device and OVOC.
Syntax (config-network)# ovoc-tunnel-settings (ovoc-tunnel-settings)#
Command address password path secured {off|on} username verify-server {off|on}
Description
Defines the address of the WebSocket tunnel server (OVOC).
Defines the password for connecting the device to the WebSocket tunnel server (OVOC).
Defines the path of the WebSocket tunnel server.
Enables secured (HTTPS) WebSocket tunneling connection.
Defines the username for connecting the device to the WebSocket tunnel server (OVOC).
Enables the device to verify the TLS certificate that is used in the incoming WebSocket tunneling connection request from OVOC.
Command Mode Privileged User
Example This example configures the WebSocket server's address to 200.1.10.20:
(config-network)# ovoc-tunnel-settings (ovoc-tunnel-settings)# address 200.1.10.20
- 334 -
CHAPTER 51 physical-port
MSBR | CLI Reference Guide
51 physical-port
This command configures the Physical Ports table, which lets you define the device's Ethernet ports.
Syntax (config-network)# physical-port <Index> (physical-port-<Index>)#
Command
Description
Index
Defines the table row index.
port-description
Configures a textual description of the port.
speed-duplex {1000baset-fullduplex|1000baset-half-duplex|100basetfull-duplex|100baset-halfduplex|10baset-full-duplex|10basethalf-duplex|auto-negotiation}
Defines the speed and duplex mode of the port.
Command Mode Privileged User
Example This example configures port 0 to auto-negotiation:
(config-network)# physical-port 0 (physical-port-0)# speed-duplex auto-negotiation
- 335 -
CHAPTER 52 poe-table
MSBR | CLI Reference Guide
52 poe-table
This command configures the Power Over Ethernet Settings table, which lets you enable power on the Ethernet lines (PoE).
Syntax (config-network)# poe-table < Index > (poe-table-<Index>)# < Command >
Command port-at-enable {disable|enable} port-enable {disable|enable} port-max-power
Description Enables PoE according to IEEE 802.3at.
Enables PoE port. Configures the PoE port's maximum power.
Command Mode Privileged User
Note This command is applicable only to Mediant 800 MSBR.
Example This example enables PoE on port 0:
(config-network)# poe-table 0 (poe-table-0)# port-enable enable (poe-table-0)# port-max-power 4000
- 336 -
CHAPTER 53 qos
MSBR | CLI Reference Guide
53 qos
This command configures Quality of Service (QoS) and includes the following subcommands: application-mapping (see qos vlan-mapping below) vlan-mapping (see qos application-mapping below)
qos vlan-mapping
This command configures the QoS Mapping table, which lets you define DiffServ-to-VLAN priority mapping (IEEE 802.1p) for Layer 3 and Layer-2 QoS.
Syntax (config-network)# qos vlan-mapping <Index> (vlan-mapping-<Index>)#
Command Index diff-serv {0-63} vlan-priority {0-7}
Description Defines the table row index. Defines the DiffServ value. Defines the VLAN priority level.
Command Mode Privileged User
Example This example maps DiffServ 60 to VLAN Priority (Class of Service) level 0:
(config-network)# qos vlan-mapping 0 (vlan-mapping-0)# diff-serv 60 (vlan-mapping-0)# vlan-priority 0
qos application-mapping
This command configures the QoS Settings table, which lets you define Layer-3 Class-of-Service QoS.
Syntax
- 337 -
CHAPTER 53 qos
MSBR | CLI Reference Guide
(config-network)# qos application-mapping (app-map)#
Command
Description
bronze-qos {0-63} Defines the DiffServ value for the Bronze CoS content (OAMP applications).
control-qos {063}
Defines the DiffServ value for Premium Control CoS content (Call Control applications).
gold-qos {0-63}
Defines the DiffServ value for the Gold CoS content (Streaming applications).
media-qos {0-63} Defines the DiffServ value for Premium Media CoS content.
Command Mode Privileged User
Example This example maps DiffServ 60 to VLAN Priority (Class of Service) level 0:
(config-network)# qos application-mapping (app-map)# gold-qos 63
- 338 -
CHAPTER 53 sctp
MSBR | CLI Reference Guide
53 sctp
This command configures Stream Control Transmission Protocol (SCTP) settings.
Syntax (config-network)# sctp (sctp)#
Command heartbeat-interval
initial-rto max-associationretransmit max-data-chunksbefore-sack max-data-tx-burst max-path-retransmit
maximum-rto minimum-rto timeout-before-sack
Description
Defines the SCTP heartbeat Interval (in seconds), where a heartbeat is sent to an idle destination to monitor reachability every time the interval expires.
Defines the initial retransmission timeout (RTO) in msec for all the destination addresses of the peer.
Defines the maximum number of consecutive association retransmissions before the peer is considered unreachable and the association is closed.
Defines after how many received packets is Selective Acknowledgement (SACK) sent.
Defines the maximum number of DATA chunks (packets) that can be transmitted at one time (in a burst).
Defines the maximum number of path retransmissions per remote transport address before it is considered as inactive.
Defines the maximum retransmission timeout (RTO) in msec for all the destination addresses of the peer.
Defines the minimum retransmission timeout (RTO) in msec for all the destination addresses of the peer.
Defines the timeout (msec) since the packet was received after which SACK is sent (i.e., delayed SACK).
Command Mode Privileged User
- 339 -
CHAPTER 53 sctp
MSBR | CLI Reference Guide
Note SCTP is applicable only to Mediant 90xx and Mediant Software.
Related Commands show sctp
Example This example configures the SCTP heartbeat interval to 60 seconds:
(config-network)# sctp (sctp)# heartbeat-interval 60
- 340 -
CHAPTER 54 security-settings
MSBR | CLI Reference Guide
54 security-settings
This command configures various TLS certificate security settings.
Syntax (config-network)# security-settings (network-security)#
Command
Description
PEERHOSTNAMEVERIFICATIONMODE {0|1|2}
Enables the device to verify the Subject Name of a TLS certificate received from SIP entities for authentication and establishing TLS connections:
0 = Disable (default)
1 = Verify Subject Name only when acting as a client for the TLS connection.
2 = Verify Subject Name when acting as a server or client for the TLS connection.
SIPSREQUIRECLIENTCERTIFICATE {off|on}
Defines the device's mode of operation regarding mutual authentication and certificate verification for TLS connections.
off = Disable
Device acts as a client: Verification of the server's certificate depends on the VerifyServerCertificate parameter.
Device acts as a server: The device does not request the client certificate.
on = Enable
Device acts as a client: Verification of the server certificate is required to establish the TLS connection.
Device acts as a server: The device requires the receipt and verification of the client certificate to establish the TLS connection.
- 341 -
CHAPTER 54 security-settings
MSBR | CLI Reference Guide
Command
Description
Note: For the parameter to take effect, a device reset is required.
fips140mode {off|on}
Enables FIPS 140-2 conformance mode for TLS. Note: Applicable only to specific products.
tls-re-hndshk-int
Defines the time interval (in minutes) between TLS Re-Handshakes initiated by the device.
tls-rmt-subs-name
Defines the Subject Name that is compared with the name defined in the remote side certificate when establishing TLS connections.
tls-vrfy-srvr-cert {off|on}
Enables the device, when acting as a client for TLS connections, to verify the Server certificate. The certificate is verified with the Root CA information.
Command Mode Privileged User
Example This example enables the device to verify the Server certificate with the Root CA information:
(config-network)# security-settings (network-security)# tls-vrfy-srvr-cert on
- 342 -
CHAPTER 55 static
MSBR | CLI Reference Guide
55 static
This command configures the Static Routes table, which lets you define static IP routing rules.
Syntax (config-network)# static <Index> (static-<Index>)#
Command Index description destination device-name
gateway
preferred-sourceinterface-name
prefix-length
Description
Defines the table row index.
Configures a name for the rule.
Defines the IP address of the destination host/network.
Associates an IP network interface through which the static route's Gateway is reached. The association is done by assigning the parameter the same Ethernet Device that is assigned to the IP network interface in the IP Interfaces table.
Defines the IP address of the Gateway (next hop) used for traffic destined to the subnet/host defined in 'destination' / 'prefix-length'.
Defines a specific local source IP address for outgoing packets using the static route, by assigning an IP Interface listed in the IP Interfaces table. The IP address configured for the assigned IP Interface is used.
Defines the Classless Inter-Domain Routing (CIDR)-style representation of a dotted-decimal subnet notation of the destination host/network.
Command Mode Privileged User
Example This example configures a static routing rule to specify the gateway (10.15.7.22) in order to reach 10.1.1.10:
- 343 -
CHAPTER 55 static
(config-network)# static (static-0)# destination 10.1.1.0 (static-0)# prefix-length 24 (static-0)# device-name vlan1 (static-0)# gateway 10.15.7.22
MSBR | CLI Reference Guide
- 344 -
CHAPTER 56 tftp-server
MSBR | CLI Reference Guide
56 tftp-server
This command configures the device's TFTP server.
Syntax (config-network)# tftp-server
Command enable files
Description Enables the TFTP server. Manages TFTP files.
Command Mode Privileged User
Example This example enables the TFTP server:
(config-network)# tftp-server enable
- 345 -
CHAPTER 57 tls
MSBR | CLI Reference Guide
57 tls
This command configures the TLS Contexts table, which lets you define TLS certificates, referred to as TLS Contexts.
Syntax (config-network)# tls <Index> (tls-<Index>)#
Index certificate
Command
ciphers ciphers-client
ciphers-client-tls13
ciphers-server
ciphers-server-tls13
dh-key-size {1024|2048|3072}
Description
Defines the table row index.
Certification actions see certificate on page 349.
Displays ciphers.
Defines the supported cipher suite for TLS clients.
Defines the supported cipher suite for TLS 1.3 clients.
Defines the supported cipher suite for the TLS server (in OpenSSL cipher list format).
Defines the supported cipher suite for the TLS 1.3 server (in OpenSSL cipher list format).
Defines the DiffieHellman (DH) key size (in bits).
- 346 -
CHAPTER 57 tls
Command
dtls-version {dtls-v1.0| dtls-v1.2| unlimited} key-exchange-groups
name ocsp-default-response {allow|reject}
ocsp-port
MSBR | CLI Reference Guide
Description
Note:
For supported key sizes, refer to the User's Manual.
1024 is not recommended (it's not displayed as an optional value in the CLI, but it can be configured).
Defines the Datagram Transport Layer Security (DTLS) version, which is used to negotiate keys for WebRTC calls.
Defines the groups that are supported for key exchange, ordered from most preferred to least preferred.
Defines a descriptive name, which is used when associating the row in other tables.
Determines whether the device allows or rejects peer certificates if it cannot connect to the OCSP server.
Defines the OCSP server's TCP port number.
- 347 -
CHAPTER 57 tls
MSBR | CLI Reference Guide
Command
Description
ocsp-server {disable|enable}
Enables or disables certificate checking using OCSP.
ocsp-server-primary
Defines the IP address (in dotteddecimal notation) of the primary OCSP server.
ocsp-server-secondary
Defines the IP address (in dotteddecimal notation) of the secondary OCSP server (optional).
private-key {delete|generate|import}
Private key actions see private-key on page 351.
public-key display
Displays the public key of the certificate.
require-strict-cert {off|on}
Enables the validation of the extensions (keyUsage and extentedKeyUsage) of peer certificates.
tls-renegotiation {disable|enable}
Enables multiple TLS renegotiations (handshakes) initiated by the client (peer) with the device.
tls-version {tls-v1.0|tls-v1.0_1.1|tlsv1.0_1.1_1.2|tls-v1.0_1.1_1.2_1.3|tls-v1.0_ 1.2|tls-v1.1|tls-v1.1_1.2|tls-v1.1_1.2_ 1.3||tls-v1.2|tls-v1.2_1.3|tls-v1.3 |unlimited}
Defines the supported SSL/TLS protocol version. Clients attempting to communicate with the device using a different TLS version
- 348 -
CHAPTER 57 tls
MSBR | CLI Reference Guide
Command
Description
are rejected.
trusted-root {clear-andimport|delete|detail|export|import|summary}
Trusted root certificate actions see trusted-root on page 352.
Command Mode Privileged User
Example This example configures a TLS Context with TLS Ver. 1.2:
(config-network)# tls 1 (tls-1)# name ITSP (tls-1)# tls-version tls-v1.2 (tls-1)# activate
certificate
This subcommand lets you do various actions on TLS certificates.
Syntax (tls-<Index>)# certificate
Command Index alternative-name-add {dns|email|ip-addr|uri}
alternative-name-clear
create-self-signed
Description
Defines the table row index.
Defines the Subject Alternative Name (SAN) fields, which can be a DNS, e-mail, IP address or URI.
Deletes all the Subject Alternative Name (SAN) fields.
Creates a self-signed certificate (by the device) with the current key.
- 349 -
CHAPTER 57 tls
MSBR | CLI Reference Guide
Command
Description
delete
Deletes the certificate.
detail
Displays certificate information.
export
Displays the certificate in the console ("BEGIN CERTIFICATE" to "END CERTIFICATE").
import
Imports a certificate. Type the certificate after the command.
signature-algorithm {sha1|sha-256|sha-512}
Defines the signature algorithm.
signing-request
Creates a certificate signing request to send to the CA.
status
Displays active status of certificate (e.g., expiration day).
subject {clear|copy|display|fieldset}
Operations on the certification subject name.
Command Mode
Privileged User
Example
This example displays information on a TLS certificate:
(config-network)# tls 0 (tls-0)# certificate details Certificate:
Data: Version: 1 (0x0) Serial Number: 0 (0x0)
Signature Algorithm: sha1WithRSAEncryption Issuer: CN=ACL_5967925 Validity Not Before: Jan 5 07:26:31 2010 GMT Not After : Dec 31 07:26:31 2029 GMT Subject: CN=ACL_5967925 Subject Public Key Info:
- 350 -
CHAPTER 57 tls
MSBR | CLI Reference Guide
Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) Modulus: 00:aa:1f:fa:82:5b:2b:2f:26:08:64:96:cb:50:a9: c2:5b:ec:57:66:58:16:aa:17:79:0a:0f:77:5d:dd: 15:88:3c:b1:f7:c4:c4:b9:e8:a9:af:88:0f:fa:5e: 85:be:1c:34:c1:15:5d:b5:07:93:e2:0d:2f:5e:2f: 7e:f3:5c:ee:bf:c5:ac:43:8a:7b:f2:3e:0d:1b:c4: 84:2e:07:53:b4:52:af:c8:d0:23:0b:f9:a2:ac:72: 2e:f1:65:59:f1:0b:7a:d2:77:cd:e8:c9:5e:81:93: 0b:f5:f2:93:85:5e:06:c5:9a:b8:3d:81:d9:b7:e7: 4b:44:fe:9e:fd:53:e6:7d:d1 Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption 3e:f5:97:07:96:e4:36:27:19:8b:e7:7d:5d:04:8c:ba:46:d8: d7:31:6c:75:2b:3a:c8:4d:6b:cb:56:d0:29:21:d1:7b:8b:79: 57:6e:35:71:8e:e6:eb:5d:17:77:ac:b6:ec:20:6d:6a:9b:17: 9a:28:17:e1:a1:d5:11:7e:a4:95:04:df:15:cb:84:e0:3a:7d: bd:15:2c:62:2e:f2:40:2f:00:6d:ba:28:16:fe:bd:87:86:d0: 4b:a0:c0:a6:06:b8:22:4d:67:ed:af:1d:83:83:ae:92:c4:06: f3:e2:e5:8c:17:66:3c:ed:80:f0:96:a3:e0:95:e3:88:9e:61: d7:b8
private-key
This subcommand lets you do various actions on private keys.
Syntax (tls-<Index>)# private-key
Command
Description
delete
Deletes the private key.
generate {1024|2048|4096} password
Generates new private key based on private key size (bit RSA key) with an optional password (passphrase) to encrypt the private key file, and generates a self-signed certificate.
import {password|withoutpassword}
Imports a private key file, with an optional passphrase. Type the private key in the console.
- 351 -
CHAPTER 57 tls
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example deletes a private key:
(config-network)# tls 0 (tls-0)# private-key delete Private key deleted.
trusted-root
This subcommand lets you do various actions on the Trusted Root Certificate Store.
Syntax (tls-<Index>)# trusted-root
Command
Description
clear-and-import
Deletes all trusted root certificates and imports new ones. Type the certificate directly in the console.
delete {<number>|all} Deletes a specific trusted root certificates or all.
detail <number>
Displays the details of a specific trusted root certificate.
export
Displays the trusted root certificate in the console.
import
Imports a trusted root certificate. Type the certificate after the command.
summary
Displays a summary of the trusted root certificate.
Command Mode Privileged User
Example This example displays a summary of the root certificate:
- 352 -
CHAPTER 57 tls
MSBR | CLI Reference Guide
(config-network)# tls 0
(tls-0)# trusted-root summary
1 trusted certificates.
Num Subject
Issuer
Expires
------------------------------------------------------------------
1 ilync15-DC15-CA ilync15-DC15-CA 11/01/2022
- 353 -
Part VI
VoIP-Level Commands
CHAPTER 58 Introduction
MSBR | CLI Reference Guide
58 Introduction
This part describes the commands located on the voice-over-IP (VoIP) configuration level. The commands of this level are accessed by entering the following command at the root prompt:
# configure voip (config-voip)#
This level includes the following commands:
Command application coders-and-profiles gateway ids interface ip-group media message proxy-set qoe realm sbc sip-definition sip-interface srd
Description See application on page 356 See coders-and-profiles on page 425 See gateway on page 357 See ids on page 442 See interface on page 447 See ip-group on page 457 See media on page 463 See message on page 477 See proxy-set on page 485 See qoe on page 489 See realm on page 497 See sbc on page 501 See sip-definition on page 532 See sip-interface on page 557 See srd on page 560
Command Mode Privileged User
- 355 -
CHAPTER 59 application
MSBR | CLI Reference Guide
59 application
This command enables the SBC application.
Syntax (config-voip)# application (sip-application)#
Command enable-sbc{off|on}
Description Enables / disables the SBC application.
Command Mode Privileged User
Example This example shows how to enable the SBC application:
(config-voip)# application (sip-application)# enable-sbc on
- 356 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
60 gateway
This command configures the gateway and includes the following subcommands: advanced (see advanced below) analog (see analog on the next page) digital (see digital on page 373) dtmf-supp-service (see dtmf-supp-service on page 384) manipulation (see manipulation on page 393) routing (see routing on page 410) trunk-group (see trunk-group on page 419) trunk-group-setting (see trunk-group-setting on page 420) voice-mail-setting (see voice-mail-setting on page 422)
advanced
This command configures advanced gateway parameters.
Syntax
(config-voip)# gateway advanced (gw-settings)#
Command enable-rai {off|on}
forking-handling {parallelhandling|sequentialhandling} forking-timeout
Description
Enables generation of an RAI (Resource Available Indication) alarm if the device's busy endpoints exceed a user-defined threshold.
Defines how the device handles the receipt of multiple SIP 18x forking responses for Telto-IP calls.
Defines the timeout (in seconds) that is started after the first SIP 2xx response has been received for a User Agent when a Proxy server performs call forking (Proxy server forwards the INVITE to multiple SIP User Agents).
- 357 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
reans-info-enbl {off|on}
Enables the device to send a SIP INFO message with the On-Hook/Off-Hook parameter when the FXS phone goes on-hook during an ongoing call and then off-hook again, within the user-defined regret timeout.
register-by-served-tg-status
Defines if the device sends a registration request (SIP REGISTER) to a Serving IP Group (SIP registrar), based on the Trunk Group's status (in-service or out-of-service) for ISDN PRI and CAS.
tel2ip-no-ans-timeout
Defines the time (in seconds) that the device waits for a 200 OK response from the called party (IP side) after sending an INVITE message, for Tel-to-IP calls.
time-b4-reordr-tn
Defines the delay interval (in seconds) from when the device receives a SIP BYE message (i.e., remote party terminates call) until the device starts playing a reorder tone to the FXS phone.
Command Mode Privileged User
analog
This command configures analog parameters.
Syntax (config-voip)# gateway analog
Command authentication automatic-dialing call-forward
Description See authentication on the next page See automatic-dialing on page 360 See call-forward on page 361
- 358 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command call-waiting caller-display-info enable-caller-id enable-did fxo-setting fxs-setting keypad-features metering-tones reject-anonymous-calls tone-index
Description See call-waiting on page 362 See caller-display-info on page 363 See enable-caller-id on page 364 See enable-did on page 365 See fxo-setting on page 366 See fxs-setting on page 368 See keypad-features on page 368 See metering-tones on page 370 See reject-anonymous-calls on page 371 See tone-index on page 372
Command Mode Privileged User
authentication
This command configures the Authentication table, which lets you define an authentication username and password per FXS and FXO port.
Syntax (config-voip)# gateway analog authentication <Port> (authentication-<Port>)#
Command port password user-name
Description Defines the port. Defines the password for authenticating the port. Defines the user name for authenticating the port.
Command Mode Privileged User
- 359 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Note To view the port-module numbers and port type, enter the display command at the index prompt, for example:
(authentication-0)# display
Example This example configures authentication credentials for a port:
(config-voip)# gateway analog authentication 0 (authentication-0)# password 1234 (authentication-0)# user-name JDoe
automatic-dialing
This command configures the Automatic Dialing table, which lets you define telephone numbers that are automatically dialed when FXS or FXO ports go off-hook.
Syntax
(config-voip)# gateway analog automatic-dialing <Index> (automatic-dialing-<Index>)#
Command
Description
Index
Defines the table row index.
auto-dial-status
Enables automatic dialing.
{disable|enable|hotline}
dst-number hotline-dial-tone-duration
Defines the destination telephone number to automatically dial.
Defines the duration (in seconds) after which the destination phone number is automatically dialed.
Command Mode Privileged User
- 360 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Note To view the port-module numbers and port type, enter the display command at the index prompt, for example:
(automatic-dialing-0)# display
Example This example configures automatic dialing where the number dialed is 9764401:
(config-voip)# gateway analog automatic-dialing 0 (automatic-dialing-0)# auto-dial-status enable (automatic-dialing-0)# dst-number 9764401
call-forward
This command configures the Call Forward table, which lets you define call forwarding per FXS or FXO port for IP-to-Tel calls.
Syntax
(config-voip)# gateway analog call-forward <Index> (call-forward-<Index>)#
Command
Description
Index
Defines the table row index.
destination
Defines the telephone number or URI (<number>@<IP address>) to where the call is forwarded.
no-reply-time
If you have set type for this port to no-answer or onbusy-or-no-answer, then configure the number of seconds the device waits before forwarding the call to the specified phone number.
type {deactivate|dontdisturb|no-answer|onbusy|on-busy-or-noanswer|unconditional}
Defines the condition upon which the call is forwarded.
Command Mode
- 361 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Privileged User
Note To view the port-module numbers and port type, enter the display command at the index prompt, for example:
(call-forward-0)# display
Example This example configures unconditional call forwarding to phone 9764410:
(config-voip)# gateway analog call-forward 0 (call-forward-0)# destination 9764410 (call-forward-0)# type unconditional (call-forward-0)# activate
call-waiting
This command configures the Call Waiting table, which lets you enable call waiting per FXS port.
Syntax
(config-voip)# gateway analog call-waiting <Index> (call-waiting-<Index>)#
Command
Description
Index
Defines the table row index.
enable-call-waiting {disable|enable|not- Enables call waiting for
configure}
the port.
Command Mode Privileged User
Note
- 362 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
To view the port-module numbers and port type, enter the display command at the index prompt, for example:
(call-waiting-0)# display
Example This example enables call waiting:
(config-voip)# gateway call-waiting 0 (call-waiting-0)# enable-call-waiting enable (call-waiting-0)# activate
caller-display-info
This command configures the Caller Display Information table, which lets you define caller identification strings (Caller ID) per FXS and FXO port.
Syntax
(config-voip)# gateway analog caller-display-info <Index> (caller-display-info-<Index>)#
Command Index display-string presentation {allowed|restricted}
Description Defines the table row index. Defines the Caller ID string. Enables the sending of the caller ID string.
Command Mode Privileged User
Note To view the port-module numbers and port type, enter the display command at the index prompt, for example:
(caller-display-info-0)# display
- 363 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Example This example configures caller ID as "Joe Do":
(config-voip)# gateway caller-display-info 0 (caller-display-info-0)# display-string Joe Doe (caller-display-info-0)# presentation allowed (caller-display-info-0)# activate
enable-caller-id
This command configures the Caller ID Permissions table, which lets you enable Caller ID generation for FXS interfaces and detection for FXO interfaces, per port.
Syntax
(config-voip)# gateway analog enable-caller-id <Index> (enable-caller-id-<Index>)#
Command
Description
Index
Defines the table row index.
caller-id {disable|enable|notconfigured}
Enables Caller ID.
Command Mode Privileged User
Note To view the port-module numbers and port type, enter the display command at the index prompt, for example:
(enable-caller-id-0)# display
Example This example enables caller ID:
- 364 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
(config-voip)# gateway enable-caller-id 0 (enable-caller-id-0)# caller-id enable (enable-caller-id-0)# activate
enable-did
This command configures the Enable DID table, which lets you enable support for Japan NTT 'Modem' DID.
Syntax
(config-voip)# gateway analog enable-did <Index> (enable-did-<Index>)#
Command
Description
Index
Defines the table row index.
did {disable|enable|notconfigured}
Enables DID.
Command Mode Privileged User
Note To view the port-module numbers and port type, enter the display command at the index prompt, for example:
(enable-did-0)# display
Example This example enables Japan DID:
(config-voip)# gateway enable-did 0 (enable-did-0)# did enable (enable-did-0)# activate
- 365 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
fxo-setting
This command configures various FXO parameters.
Syntax (config-voip)# gateway analog fxo-setting (gw-analog-fxo)#
Command
Description
answer-supervision {disable|enable}
Enables sending a SIP 200 OK when speech, fax or modem is detected.
dialing-mode {onestage|two-stages}
Global parameter configuring the dialing mode for IP-to-Tel (FXO) calls.
disc-on-bsy-tone-c {off|on} Global parameter enabling call disconnection when a busy tone is detected.
disc-on-dial-tone {off|on}
Determines whether the device disconnects a call when a dial tone is detected from the PBX.
fxo-autodial-play-bsytn {off|on}
Determines whether the device plays a busy / reorder tone to the PSTN side if a Tel-to-IP call is rejected by a SIP error response (4xx, 5xx or 6xx). If a SIP error response is received, the device seizes the line (off-hook), and then plays a busy / reorder tone to the PSTN side (for the duration defined by the parameter TimeForReorderTone).
fxo-dbl-ans {off|on}
Enables FXO Duoble Answer.{@}all incoming TEL2IP call are refused.
fxo-number-of-rings
Defines the number of rings before the device's FXO interface answers a call by seizing the line.
fxo-ring-timeout
Defines the delay (in 100 msec) for generating INVITE after RING_START detection. The valid range is 0 to 50.
fxo-seize-line {off|on}
If not set, the FXO will not seize the line.
- 366 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command fxo-voice-delay-on-200ok
ground-start-use-ring {off|on} guard-time-btwn-calls
psap-support {off|on} reorder-tone-duration
ring-detection-tout rings-b4-det-callerid snd-mtr-msg-2ip {disable|enable} time-wait-b4-dialing waiting-4-dial-tone {disable|enable}
Description
Defines the time (in msec) that the device waits before opening the RTP (voice) channel with the FXO endpoint, after receiving a 200 OK from the IP side.
Ground start use regular ring.
Defines the time interval (in seconds) after a call has ended and a new call can be accepted for IP-to-Tel calls.
Enables the PSAP Call flow.
Global parameter configuring the duration (in seconds) that the device plays a busy or reorder tone before releasing the line.
Defines the timeout (in seconds) for detecting the second ring after the first detected ring.
Number of rings after which the Caller ID is detected.
Send metering messages to IP on detection of analog metering pulses.
Defines the delay before the device starts dialing on the FXO line.
Determines whether or not the device waits for a dial tone before dialing the phone number for IP-to-Tel calls.
Command Mode Privileged User
Example This example configures two rings before Caller ID is sent:
- 367 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
(config-voip)# gateway fxo-setting (gw-analog-fxo)# rings-b4-det-callerid 2 (gw-analog-fxo)# activate
fxs-setting
This command configures various FXS parameters.
Syntax (config-voip)# gateway analog fxs-setting (gw-analog-fxs)#
Command
Description
fxscallidcat-brazil
Enable Interworking of Calling Party Category (cpc) from INVITE to FXS Caller ID first digit for Brazil Telecom.
fxsoffhooktimeoutalarm
Defines the duration (in seconds) of an FXS phone in off-hook state after which the device sends the SNMP alarm, acAnalogLineLeftOffhookAlarm.
maxstreamingcalls
Defines the maximum concurrent on-held sessions to which the device can play Music on Hold (MoH) originating from an external media (audio) source connected to an FXS port.
Command Mode Privileged User
Example This example configures a maximum of 10 streaming sessions for MoH:
(config-voip)# gateway fxs-setting (gw-analog-fxs)# max-streaming-calls 10 (gw-analog-fxs)# activate
keypad-features
This command configures phone keypad features.
- 368 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Syntax
(config-voip)# gateway analog keypad-features (gw-analog-keypad)#
Command
Description
blindtransfer
Defines the keypad sequence to activate blind transfer for established Tel-to-IP calls
caller-idrestrictionact
Defines the keypad sequence to activate the restricted Caller ID option
cw-act
Defines the keypad sequence to activate the Call Waiting option
cw-deact
Defines the keypad sequence to deactivate the Call Waiting option
fwd-busy-orno-ans
Defines the keypad sequence to activate the forward on 'busy or no answer' option
fwddeactivate
Defines the keypad sequence to deactivate any of the call forward options
fwd-dnd
Defines the keypad sequence to activate the Do Not Disturb option
fwd-no-answer Defines the keypad sequence to activate the forward on no answer option
fwd-on-busy
Defines the keypad sequence to activate the forward on busy option
fwd-
Defines the keypad sequence to activate the immediate call
unconditional forward option
hotline-act
Defines the keypad sequence to activate the delayed hotline option
hotline-deact Defines the keypad sequence to deactivate the delayed hotline option
idrestrictiondeact
Defines the keypad sequence to deactivate the restricted Caller ID option
- 369 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
key-portconfigure
Defines the keypad sequence for configuring a telephone number for the FXS phone.
reject-anony- Defines the keypad sequence to activate the reject anonymous call call-activate option, whereby the device rejects incoming anonymous calls.
reject-anonycalldeactivate
Defines the keypad sequence that de-activates the reject anonymous call option.
Command Mode Privileged User
Example This example configures the call forwarding on-busy or no answer keypad sequence:
(config-voip)# gateway keypad-features (gw-analog-keypad)# fwd-busy-or-no-ans 567 (gw-analog-keypad)# activate
metering-tones
This command configures metering tones settings.
Syntax (config-voip)# gateway analog metering-tones (gw-analog-mtrtone)#
Command
gen-mtr-tones {aoc-sipinterworking|disable|internaltable|sip-interval-provided|sip-rawdata-incr-provided|sip-raw-dataprovided}
metering-type {12-kHz-sinusoidalbursts|16-kHz-sinusoidalbursts|polarity-reversal-pulses}
Description Defines the method for automatically generating payphone metering pulses.
Defines the metering method for generating pulses (sinusoidal metering burst
- 370 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description frequency) by the FXS port.
Command Mode Privileged User
Example This example configures metering tone to be based the Charge Codes table:
(config-voip)# gateway analog metering-tones (gw-analog-mtrtone)# gen-mtr-tones internal-table (gw-analog-mtrtone)# activate
reject-anonymous-calls
This command configures the Reject Anonymous Call Per Port table, which lets the device reject incoming anonymous calls per FXS port.
Syntax
(config-voip)# gateway analog reject-anonymous-calls <Index> (reject-anonymous-calls-<Index>)#
Command Index reject-calls {disable|enable}
Description Defines the table row index. Enables rejection of anonymous calls.
Command Mode Privileged User
Note To view the port-module numbers and port type, enter the display command at the index prompt, for example:
(reject-anonymous-calls-0)# display
- 371 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Example This example configures metering tone to be based the Charge Codes table:
(config-voip)# gateway analog reject-anonymous-calls 0 (reject-anonymous-calls-0)# reject-calls enable (reject-anonymous-calls-0)# activate
tone-index
This command configures the Tone Index table, which lets you define distinctive ringing tones and call waiting tones per calling (source) and called (destination) number (or prefix) for IP-toTel calls.
Syntax
(config-voip)# gateway analog tone-index <Index> (tone-index-<Index>)#
Command Index dst-pattern fxs-port-first fxs-port-last priority src-pattern
Description Defines the table row index. Defines the prefix of the called number. Defines the first port in the FXS port range. Defines the last port in the FXS port range. Defines the index of the distinctive ringing and call waiting tones. Defines the prefix of the calling number.
Command Mode Privileged User
Example This example configures distinctive tone Index 12 for FXS ports 1-4 for called prefix number "976":
(config-voip)# gateway analog tone-index 0 (tone-index-0)# fxs-port-first 1
- 372 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
(tone-index-0)# fxs-port-last 4 (tone-index-0)# dst-pattern 976 (tone-index-0)# priority 12 (tone-index-0)# activate
digital
This command configures the various digital parameters.
Syntax (config-voip)# gateway digital
Command rp-network-domains settings
Description See rp-network-domains below See settings on the next page
Command Mode Privileged User
rp-network-domains
This command configures user-defined MLPP network domain names (namespaces), which is used in the AS-SIP Resource-Priority header of the outgoing SIP INVITE request . The command also maps the Resource-Priority field value of the SIP Resource-Priority header to the ISDN Precedence Level IE.
Syntax
(config-voip)# gateway digital rp-network-domains <Index> (rp-network-domains-<Index>)#
Command Index ip-to-tel-interworking {disable|enable} name
Description Defines the table row index. Enables IP-to-Tel interworking.
Defines a name.
- 373 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example configures supplementary service for port 2:
(config-voip)# gateway digital rp-network-domains 0 (rp-network-domains-0)# ip-to-tel-interworking enable (rp-network-domains-0)# name dsn (rp-network-domains-0)# activate
settings
This command configures various digital settings.
Syntax (config-voip)# gateway digital settings (gw-digital-settings>)#
Command 911-location-id-in-ni2 {off|on} add-ie-in-setup
add-pref-to-redir-nb amd-tiemout b-ch-negotiation {any| exclusive| preferred} binary-redirect {off|on}
blind-xfer-add-prefix {off|on} blind-xfer-disc-tmo
Description Enables 911 Location Id in NI2 protocol.
Additional information element to send in ISDN Setup message. Prefix added to Redirect phone number. AMD Detection Timeout <msec>. ISDN B-Channel negotiation mode.
Search for Redirect number coded in binary 4 bit style. Add keying sequence for performing blind transfer as transfer number prefix. Maximum time (milliseconds) to wait for disconnect from Tel before performing
- 374 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
as-sndhook-flsh cic-support {off|on} cid-notification {off|on}
cind-mode {none|r2-chargeinfo-int} cisco-sce-mode {off|on}
clir-reason-support {off|on}
connect-on-progress-ind {off|on}
copy-dst-on-empty-src {off|on}
cp-dst-nb-2-redir-nb {cpafter-ph-num-manipulation| cp-b4-ph-num-manipulation| dont-copy} cpc-mode { argentina-r2| brazil-r2| none} cut-through-enable {off|on}
cut-thru-reord-dur
dflt-call-prio dflt-cse-map-isdn2sip
Description blind transfer. Hookflash forwarding. Enables CIC -> ISDN TNS IE interworking. If NO PRESENTATION arrived from PSTN and this parameter enabled, presentation is allowed. If this parameter is disabled, presentation is restricted. Charge Indicator Mode.
In use with G.729 - if enabled and SCE=2 then AnnexB=no. Enables sending of Reason for Non Notification of Caller Id. FXS: generate Caller Id signals during ringing FXO: collect Caller Id and use it in Setup message. In case there is an empty source number from PSTN the source number will be the same as the destination. Copy Destination Number to Redirect Number.
Calling Party Category Mode.
Enable call connection without OnHook/Off-Hook process 'Cut-Through'. Duration of reorder tone played after release from IP side for CutThrogh application SIP Default Call Priority. Common cause value to use for most ISDN
- 375 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
release causes.
dig-oos-behavior {alarm| block| d-channel| default| service| service-anddchannel}
Digital OOS Behavior.
disc-call-pi8-alt-rte {off|on}
If set to 1 and ISDN DISCONNECT with PI is received, 183 with SDP will be sent toward IP only if no IP-to-Tel alternative route exists.
disc-on-bsy-tone-c {off|on}
Disconnect Call on Busy Tone Detection CAS.
disc-on-bsy-tone-I {off|on}
Disconnect Call on Busy Tone Detection ISDN.
dscp-4-mlpp-flsh
RTP DSCP for MLPP Flash.
dscp-4-mlpp-flsh-ov {dscp-4mlpp-flsh-ov}
RTP DSCP for MLPP Flash Override.
dscp-4-mlpp-flsh-ov-ov
RTP DSCP for MLPP Flash-OverrideOverride.
dscp-4-mlpp-immed
RTP DSCP for MLPP Immediate.
dscp-for-mlpp-prio
RTP DSCP for MLPP Priority.
dscp-for-mlpp-rtn
RTP DSCP for MLPP Routine.
dst-number-plan {Private| e164-public| not-included| unknown}
Enforce this Q.931 Destination Number Type.
dst-number-type {abbreviated| international-level2regional| national-level1regional| network-pisnspecific| not-included| subscriber-level0-regional| unknown}
Enforce this Q.931 Destination Number Type.
dtmf-used {off|on}
Send DTMFs on the Signaling path (not on
- 376 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
e911-mlpp-bhvr {routine| standard} early-amd {off|on} early-answer-timeout
epn-as-cpn-ip2tel {off|on} epn-as-cpn-tel2ip {off|on} etsi-diversion {off|on}
fallback-transfer-to-tdm {off|on} fax-rerouting-delay
fax-rerouting-mode {connectand-delay| disabled| progress-and-delay| withoutdelay} first-call-waiting-tone-id format-dst-phone-number {remove-params| transparent}
gw-app-sw-wd {off|on}
Description
the Media path).
Defines the MLPP E911 Preemption mode.
If set to 1, AMD detection is started on PSTN alerting otherwise on connect.
Max time (in seconds) to wait from sending Setup message to PSTN to receiving Connect message from PSTN.
Use endpoint number as calling number for IP-to-Tel.
Use endpoint number as calling number for Tel-to-IP.
Use supplementary service ETSI Diverting Leg Information 2 to send redirect number.
Disable fallback from ISDN call transfer to TDM.
Defines the time interval (in sec) to wait for CNG detection to re-route call to fax destinations.
Enables the detection of the fax CNG tone in incoming calls, before sending the INVITE.
Defines the index of the first Call Waiting tone in the Call Progress Tones file.
Defines if the destination phone number that the device sends to the Tel side (for IP-to-Tel calls) includes the user-part parameters (e.g., 'password' and 'phonecontext') of the destination URI received in the incoming SIP INVITE message.
Uses the software watchdog for gateway
- 377 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
tasks.
gw-dest-src-id
Defines gateway H.323-ID source field.
ign-isdn-disc-w-pi {off|on}
Enable ignoring of ISDN Disconnect messages with PI 1 or 8.
isdn-ignore-18x-without-sdp {off|on}
Enables interworking SIP 18x without SDP and ISDN Q.931 Progress/Alerting messages.
isdn-ntt-noid-interworkingmode {both|ip2tel|none|tel2ip}
Defines SIP-ISDN interworking between NTT Japan's No-ID cause in the Facility information element (IE) of the ISDN Setup message, and the calling party number (display name) in the From header of the SIP INVITE message.
isdn-send-progress-for-te {off|on}
Defines whether the device sends Q.931 Progress messages to the ISDN trunk if the trunk is configured as User side (TE) and/or Network (NT) side, for IP-to-Tel calls.
ignore-alert-after-earlymedia {off|on}
Interwork of Alert from ISDN to SIP.
ignore-bri-los-alarm {off|on} Ignore LOS alarms for BRI user side trunk.
ip-to-cas-ani-dnis-del
IP to CAS list of ANI and DNIS delimiters.
isdn-facility-trace {off|on} Enable ISDN Facility Trace.
isdn-subaddr-frmt {ascii| bcd| user-specified}
ISDN SubAdress format.
isdn-tnl-ip2tel {disable| using-body| using-header}
Enable ISDN Tunneling IP to Tel.
isdn-tnl-tel2ip {disable|using-body| usingheader}
Enable ISDN Tunneling Tel to IP.
isdn-trsfr-on-conn {alert| connect}
Send TBCT/ECT/RLT request only when second leg call is connected.
- 378 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
isdn-xfer-complete-cause
If such a cause received in ISDN DISCONNECT message of the first leg, NOTIFY 200 is sent toward IP.
iso8859-charset {arabic| center-euro| cyrillic| hebrew| no-accented| northeuro| south-euro| turkish| west-euro}
ISO 8859 Character Set Part.
isub-number-of-digits
Number of digits that will be taken from end of phone number as Subaddress.
local-time-on-connect {always-send-local-time| dont-send-local-time| sendlocal-time-only-if-missing}
0 - Don't Send Local Date and Time,1 Send Local Date and Time Only If Missing,2 - Always Send Local Date and Time
max-message-length
Limit the maximum length in KB for SIP message.
media-ip-ver-pref {ipv4-only| ipv6-only| prefer-ipv4| prefer-ipv6}
Select the preference of Media IP version.
mfcr2-category
MFC/R2 Calling Party's category.
mfcr2-debug {off|on}
Enable MFC-R2 protocol debug.
mlpp-dflt-namespace {cuc| dod| drsn| dsn| interworking| uc| user-def}
MLPP Default Namespace.
mlpp-dflt-srv-domain
MLPP Default Service Domain String (6 Hex Digits).
mlpp-norm-ser-dmn
MLPP Normalized Service Domain String (6 Hex Digits).
mlpp-nwrk-id
Sets the Network identifier value which is represented as the first 2 octets in the MLPP service domain field. values are [1999].
mrd-cas-support
Enable/Disable MRD CAS behavior.
- 379 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command mx-syslog-lgth
ni2-cpc
notification-ip-group-id np-n-ton-2-redirnb
number-type-and-plan
overlap-used pi-4-setup-msg
play-l-rbt-isdn-trsfr play-rb-tone-xfer-success preemp-tone-dur prefix-to-ext-line q850-reason-code-2play-usertone qsig-path-replacement
qsig-tunneling qsig-tunneling-mode
qsig-xfer-update r2-for-brazil-telecom
Description
Maximum length used for bundling syslog at debug level 7.
Enables NI2 calling party category translation to SIP.
IP Group ID for notification purposes.
Add NPI and TON as prefix to Redirect number.
If selected, ISDN Type & Plan relayed from IP. Otherwise, ISDN Type & Plan are set to 'Unknown'.
Enables Overlap mode.
Progress Indicator for ISDN Setup Message.
Play local RBT on TBCT/ECT/RLT transfer.
Play RB tone on transfer success.
Preemption Tone Duration.
Prefix to dial for external line.
Q850 Reason Code which cause playing special PRT Tone.
0 - Enable IP to QSIG transfer,1 - Enable QSIG to IP Transfer
Enables QSIG Tunneling over SIP.
Defines the format of encapsulated QSIG message data in the SIP message MIME body.
Enable QSIG Transfer Update.
Enable Interworking of Calling Party Category (cpc) from sip INVITE to MFCR2 category for Brazil Telecom.
- 380 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command rekey-after-181 replace-tel-to-ip-calnum-to restarts-after-so rls-ip-to-isdn-on-pro-cause
rmv-calling-name rmv-cli-when-restr rtcp-act-mode rtp-only-mode
send-screen-to-ip send-screen-to-isdn send-screen-to-isdn-1
send-screen-to-isdn-2
Description
Send re-INVITE after 181 with new SRTP keys.
Maximum Time to wait between call setup and Facility with Redirecting Number for replacing calling number (msec).
Enable sending restarts to PSTN on channels experienced mismatch in CONNID usage.
Defines whether to disconnect call while receiving ISDN PROGRESS with Cause 0 never, 1- disconnect if not Early media,2 always
If set to 1 - Removes Calling Name from IP>TEL calls.
Removes CLI from IP->TEL calls if received CLI is restricted
RTCP activation policy.
immediately. -1 - takes the RTPONLYMODE global value per gatewa0 - regular call establishment. 1 - The RTP channel open for Rx & Tx. 2-The RTP channel open only for Tx 3 -The RTP channel open only for Rx
Override screening indicator value in Setup messages to IP
Override screening indicator value in Setup messages to ISDN
Overrides the screening indicator for the first calling party number when the device includes two calling party numbers in the outgoing ISDN Setup message for IP-to-Tel ISDN calls.
Overrides the screening indicator for the second calling party number when the device includes two calling party numbers
- 381 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
in the outgoing ISDN Setup message for IPto-Tel ISDN calls.
setup-ack-used
Enable SetupAck messages for overlap mode
silence-supp-in-sdp
SilenceSupp in SDP used for fax VBD
src-number-plan
if defined, enforce this Q.931 Source Number Plan
src-number-type
if defined, enforce this Q.931 Source Number Type
swap-rdr-n-called-nb
Swap Redirect and Called numbers
tdm-over-ip-initiate-time
Time between first INVITE issued within the same trunk (msec)
tdm-over-ip-min-calls
Minimum connected calls for trunk activation, if 0 - trunk is always active
tdm-over-ip-retry-time
Time between call release and new INVITE (msec)
tdm-tunneling
Enable gateway to maintain a permanent RTP connection
tel-to-ip-dflt-redir-rsn
Tel2IP Default Redirect Reason
third-party-transcoding
Enables Third Party Call Control Transcoding functionality
time-b4-reordr-tn
Delay time before playing Reorder tone
transparent-on-data-call
In case the transfer capability of a call from ISDN is data open with transparent coder
trk-alrm-disc-timeout
Trunk alarm call disconnect timeout in seconds
trkgrps-to-snd-ie
Configure trunk groups on which to send additional IE
trunk-restart-mode-on-powerup Trunk Restart Mode on Power Up.
- 382 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command trunk-status-reporting use-to-header-as-called-num user-info user-info-file-name usr2usr-hdr-frmt
uui-ie-for-ip2tel uui-ie-for-tel2ip wait-befor-pstn-rel-ack wait-for-busy-time warning-tone-duration xfer-across-trunk-groups xfer-cap-for-data-calls
xfer-prefix-ip2tel
Description
When TrunkGroup #1 is present and active response to options and/or send keepalive to associated proxy(ies)
Use the user part of To header URL as called number (IP->TEL)
Provides a link to the user information file, to be downloaded using Automatic Update.
The file name to be loaded using TFTP
(0): X-UserToUser, (1): format: User-toUserUser with protocol discriminator, (2): format: User-to-User with 'encoding=hex' at the end, (3): format: User-to-User with text presentation
Enable User-User IE to pass in Setup from IP to ISDN
Enable User-User IE to pass in Setup from ISDN to IP
Defines the timeout (in milliseconds) to wait for the release ACK from the PSTN before releasing the channel.
Time to wait to detect busy and reorder tones. Currently used in semi supervised PBX transfer
OfHook Warning Tone Duration [Sec]
if set ECT RLT 2BCT call transfer is allowed across different trunks and trunkgroups
0: ISDN Transfer Capability for data calls will be 64k unrestricted (data), 1:ISDN Transfer Capabilityfor Data calls will be set according to ISDNTransferCapability parameter
Defines the prefix that is added to the
- 383 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
destination number received in the SIP Refer-To header (for IP-to-Tel calls).
Command Mode Privileged User
dtmf-supp-service
This command configures the DTMF supplementary services.
Syntax (config-voip)# gateway dtmf-supp-service
Command charge-code dtmf-and-dialing isdn-supp-serv supp-service-settings
Description See charge-code below See dtmf-and-dialing on the next page See isdn-supp-serv on page 387 See supp-service-settings on page 389
Command Mode Privileged User
charge-code
This command configures the Charge Codes table, which lets you define metering tones.
Syntax (config-voip)# gateway dtmf-supp-service charge-code <Index> (charge-code-<Index>)#
Index
Command
Description Defines the table row index.
- 384 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
charge-code-name
Defines a descriptive name.
end-time-1, end-time-2, end-time3, end-time-4
Defines the end of the time period in a 24 hour format.
pulse-interval-1, pulse-interval2, pulse-interval-3, pulse-interval4
Defines the time interval between pulses (in tenths of a second).
pulses-on-answer-1, pulses-onanswer-2, pulses-on-answer-3, pulses-onanswer-4
Defines the number of pulses that the device generates upon call answer.
Command Mode Privileged User
Example This example configures a Charge Code:
(config-voip)# gateway dtmf-supp-service charge-code 0 (charge-code-0)# charge-code-name INT (charge-code-0)# end-time-1 04 (charge-code-0)# pulse-interval-1 2 (charge-code-0)# activate
dtmf-and-dialing
This command configures DTMF and dialing parameters.
Syntax (config-voip)# gateway dtmf-supp-service dtmf-and-dialing (gw-dtmf-and-dial)#
Command auto-dtmf-mute
Description Enables automatic muting of DTMF digits when
- 385 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
out-of-band DTMF transmission is used.
char-conversion
Configures Unicode-to-ASCII character conversion rules.
dflt-dest-nb
Defines the default destination phone number which is used if the received message doesn't contain a called party number and no phone number is configured in the Trunk Group table.
dial-plan-index
Defines the Dial Plan Index.
digitmapping
Defines the digit map pattern used to reduce the dialing period when ISDN overlap dialing for digital interfaces.
dt-duration
Defines the duration, in seconds, that the dial tone is played, for digital interfaces, to an ISDN terminal.
dtmf-inter-digitthreshold
Defines the threshold of the received DTMF InterDigitTime, in milliseconds.
first-dtmf-option-type
Defines the first preferred transmit DTMF negotiation method.
hook-flash-option
Defines the hook-flash transport type.
hotline-dt-dur
Defines the duration, in seconds, of the hotline dial tone.
isdn-tx-overlap
Enables ISDN overlap dialing for IP-to-Tel calls.
min-dg-b4-routing
Defines the minimum number of overlap digits to collect - for ISDN overlap dialing - before sending the first SIP message for routing Tel-to-IP calls.
mxdig-b4-dialing
Defines the maximum number of collected destination number digits that can be received.
oob-dtmf-format
Defines the DTMF Out-of-Band transport method.
rfc-2833-in-sdp
Global parameter that enables the device to declare the RFC 2833 'telephony-event' parameter in the SDP.
second-dtmf-option-type Defines the second preferred transmit DTMF
- 386 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
special-digit-rep
special-digits strict-dial-plan telephony-eventspayload-type-tx time-btwn-dial-digs
Description
negotiation method.
Defines the representation for `special' digits`*' and `#'. that are used for out-of-band DTMF signaling using SIP INFO/NOTIFY.
Determines whether the asterisk*. and pound#. digits can be used in DTMF.
Enables Strict Dial Plan.
Defines the Tx RFC 2833 DTMF relay dynamic payload type for outbound calls.
Analog: Defines the time, in seconds, that the device waits between digits that are dialed by the user. ISDN overlap dialing: Defines the time, in seconds, that the device waits between digits that are received from the PSTN or IP during overlap dialing.
Command Mode Privileged User
isdn-supp-serv
This command configures the Supplementary Services table, which lets you define supplementary services for endpoints (FXS and ISDN BRI) connected to the device.
Syntax (config-voip)# gateway dtmf-supp-service isdn-supp-serv <Index> (isdn-supp-serv-<Index>)#
Command
Index
caller-id-enable {allowed|notconfigured|restricted}
Description Defines the table row index. Enables the receipt of Caller ID.
- 387 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command caller-id-number cfu-to_phone-number cfb-to_phone-number cfnr-to_phone-number local-phone-number module no-reply-time phone-number port presentation-restricted {allowed|notconfigured|restricted} user-id
user-password
Description
Defines the caller ID name of the endpoint (sent to the IP side).
Defines the phone number for BRI Call Forward Unconditional (CFU) services.
Defines the phone number for BRI Call Forward Busy (CFB) services.
Defines the phone number for BRI Call Forward No Reply (CFNR) services.
Configures a local telephone extension number for the endpoint.
Defines the device's module number to which the endpoint is connected.
Defines the timeout, in seconds.
Configures a global telephone extension number for the endpoint.
Defines the port number on the module to which the endpoint is connected.
Determines whether the endpoint sends its Caller ID information to the IP when a call is made.
Defines the User ID for registering the endpoint to a third-party softswitch for authentication and/or billing.
Defines the user password for registering the endpoint to a third-party softswitch for authentication and/or billing.
Command Mode Privileged User
Example This example configures supplementary service for port 2:
- 388 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
(config-voip)# gateway dtmf-supp-service isdn-supp-serv 0 (isdn-supp-serv-0)# phone-number +15032638005 (isdn-supp-serv-0)# local-phone-number 402 (isdn-supp-serv-0)# module 1 (isdn-supp-serv-0)# port 2 (isdn-supp-serv-0)# user-id JoeD (isdn-supp-serv-0)# user-password 1234 (isdn-supp-serv-0)# caller-id-enable allowed (isdn-supp-serv-0)# activate
supp-service-settings
This command configures supplementary services.
Syntax (config-voip)# gateway dtmf-supp-service supp-service-settings (gw-suppl-serv)#
Command
Description
3w-conf-mode
Defines the mode of operation for three-way conferencing.
3w-confnonalloc-prts
Define the ports that are not affected by three-way conferencing.
aoc-support
Enables AoC-D and AoC-E from ISDN to SIP.
as-subsipgroupid
IP Group ID for AS subscribe purposes.
blind-transfer Keying sequence for performing blind transfer.
call-forward
Enable Call Forward service.
call-holdremnd-rng
Call-hold reminder ring maximum ringing time, in seconds.
call-prio-mode Priority mode.
call-waiting
Enables Call Waiting service.
caller-id-type Defines the Caller ID standard.
cfb-code
Supplementary Service code for activating Call Forward Busy.
- 389 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
cfbdeactivationcode
Supplementary Service code for deactivating Call Forward Busy.
cfe-ring-tone- Ringtone type for Call forward notification. id
cfnr-code
Supplementary Service code for activating Call Forward No Reply.
cfnrdeactivationcode
Supplementary Service code for deactivating Call Forward No Reply.
cfu-code
Supplementary Service code for activating Call Forward Unconditional.
cfudeactivationcode
Supplementary Service code for deactivating Call Forward Unconditional.
conf-id
Identification of conference call used by SIP INVITE.
connectednumber-plan
Enforces Q.931 Connected Number Type.
connectednumber-type
Enforces Q.931 Connected Number Type.
dtmf-duringhold
Enables playing DTMF to Tel during hold.
enable-3w-conf Enables 3-way conferencing feature.
enable-caller- FXS: Generate Caller ID; FXO: Collect Caller ID information. id
enable-mwi
Enables MWI.
enabletransfer
Enables Call Transfer service.
estb-conf-code Control Key activation for 3-way conference.
flash-key-seq- Flash key sequence. style
- 390 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
flash-key-seq- Flash key sequence timeout. tmout
held-timeout
Maximum time allowed for call to be retrieved from IP, in seconds.
hold
Enables Call Hold service.
hold-format
Call hold format.
hold-to-isdn
Enables Hold/Retrieve from and to ISDN.
hook-flashcode
If Rx during session, act as if hook flash Rx from Tel side.
ignore-isdnsubaddress
Ignores ISDN Subaddress.
isdn-xfercompletetimeout
Max time, in seconds, to wait for transfer response from PSTN.
mlpp-diffserv DiffServ value for MLPP calls.
music-on-hold Enables playing Music On Hold.
mute-dtmf-inoverlap
In overlap mode if set mute in-band DTMF till destination number is received.
mwi-analoglamp
Enables MWI using an analog lamp 110 Volt.
mwi-display
Enables MWI using Caller ID interface.
mwi-ntftimeout
Defines the maximum duration (timeout) that a message waiting indication (MWI) is displayed on endpoint equipment (phones' LED, screen notification or voice tone).
mwi-qsigparty-num
Party Number from msgCentreId in MWIactivate and MWIdeactivate.
mwi-srvr-ipaddr
MWI server IP address.
mwi-srvrtransp-type
MWI server transport type.
- 391 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
mwi-subs-expr- MWI service subscription expiration time, in seconds. time
mwi-subsipgrpid
IP Group ID for MWI subscribe purposes.
mwi-subs-rtry- MWI service subscriptions retry time after last subscription
time
failure, in seconds.
mx-3w-confonboard
Max on-board conference calls.
nb-of-cw-ind
Number of call waiting indications to be played to the user.
nrt-sub-retry- NRT subscribe retry time. time
nrtsubscription
Enable subscription for Call forward ringtone indicator services.
precedenceringing
Index of the first Call RB tone in the call-progress tones file.
qsigcalltransferreverseenddesignation
QSIG Call Transfer Reverse End Designation.
reminder-ring {disable| enable}
Enables the reminder ring.
send-all-cdrs- Send only chosen coder or all supported coders. on-rtrv
shouldsubscribe
Related to Subscribe/UnSubscribe buttons.
snd-isdn-seraftr-restart
ISDN SERVICE message is sent after restart.
sttr-toneduration
Time for playing confirmation tone before normal dial tone is played (msec).
subscribe-tomwi
Enable subscription for MWI service.
- 392 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
time-b4-cw-ind Time before call waiting indication is sent to a busy line, in seconds.
time-betweencw
Time between one call waiting indication to the next, in seconds.
transferprefix
Prefix added to the called number of a transferred call.
waiting-beepdur
Call Waiting tone beep length (msec).
Command Mode Privileged User
Example This example enables the reminder ring feature:
(config-voip)# gateway dtmf-supp-service supp-service-settings (gw-suppl-serv)# reminder-ring enable (gw-suppl-serv)# reminder-ring enable
manipulation
This subcommand configures the gateway's advanced parameters.
Syntax (config-voip)# gateway manipulation
Command
calling-name-mapip2tel
calling-name-maptel2ip
cause-map-isdn2isdn
Description See calling-name-map-ip2tel on the next page See calling-name-map-tel2ip on page 395 See cause-map-isdn2isdn on page 396
- 393 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
cause-map-isdn2sip
See cause-map-isdn2sip on page 397
cause-map-sip2isdn
See cause-map-sip2isdn on page 398
dst-number-map-ip2tel See dst-number-map-ip2tel on page 399
dst-number-map-tel2ip See dst-number-map-tel2ip on page 400
phone-context-table
See phone-context-table on page 401
redirect-number-mapip2tel
See redirect-number-map-ip2tel on page 402
redirect-number-maptel2ip
See redirect-number-map-tel2ip on page 404
settings
See settings on page 405
src-number-map-ip2tel See src-number-map-ip2tel on page 407
src-number-map-tel2ip See src-number-map-tel2ip on page 409
Command Mode Privileged User
calling-name-map-ip2tel
This command configures the Calling Name Manipulation for IP-to-Tel Calls table, which lets you define manipulation rules for manipulating the calling name (i.e., caller ID) in SIP messages for IP-to-Tel calls.
Syntax
(config-voip)# gateway manipulation calling-name-map-ip2tel <Index> (calling-name-map-ip2tel-<Index>)#
Command
Index
calling-namepattern
Description Defines the table row index. Defines the caller name (i.e., caller ID) prefix.
- 394 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
dst-hostpattern
Defines the Request-URI host name prefix of the incoming SIP INVITE message.
dst-pattern
Defines the destination (called) telephone number prefix and/or suffix.
manipulationname
Defines a descriptive name, which is used when associating the row in other tables.
num-of-digits- Defines the number of characters that you want to keep from
to-leave
the right of the calling name.
prefix-to-add
Defines the number or string to add at the front of the calling name.
remove-fromleft
Defines the number of characters to remove from the left of the calling name.
remove-fromright
Defines the number of characters to remove from the right of the calling name.
src-hostpattern
Defines the URI host name prefix of the incoming SIP INVITE message in the From header.
src-ip-address Defines the source IP address of the caller for IP-to-Tel calls.
src-pattern
Defines the source (calling) telephone number prefix and/or suffix.
suffix-to-add
Defines the number or string to add at the end of the calling name.
Command Mode Privileged User
calling-name-map-tel2ip
This command configures the Calling Name Manipulation for Tel-to-IP Calls table, which lets you define manipulation rules for manipulating the calling name (i.e., caller ID) in SIP messages for Tel-to-IP calls.
Syntax
- 395 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
(config-voip)# gateway manipulation calling-name-map-tel2ip <Index> (calling-name-map-tel2ip-<Index>)#
Command Index calling-namepattern dst-pattern
manipulationname num-of-digitsto-leave prefix-to-add
remove-fromleft remove-fromright src-pattern
src-trunkgroup-id suffix-to-add
Description
Defines the table row index.
Defines the caller name (i.e., caller ID) prefix.
Defines the destination (called) telephone number prefix and/or suffix.
Defines a descriptive name, which is used when associating the row in other tables.
Defines the number of characters that you want to keep from the right of the calling name.
Defines the number or string to add at the front of the calling name.
Defines the number of characters to remove from the left of the calling name.
Defines the number of characters to remove from the right of the calling name.
Defines the source (calling) telephone number prefix and/or suffix.
Defines the source Trunk Group ID from where the Tel-to-IP call was received.
Defines the number or string to add at the end of the calling name.
Command Mode Privileged User
cause-map-isdn2isdn
This command configures the Release Cause ISDN to ISDN table, which lets you define ISDN ITU-T Q.850 release cause code (call failure) to ISDN ITU-T Q.850 release cause code mapping rules.
- 396 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Syntax
(config-voip)# gateway manipulation cause-map-isdn2isdn <Index> (cause-map-isdn2isdn-<Index>)#
Command
Index
map-q850cause
orig-q850cause
Description Defines the table row index. Defines the ISDN Q.850 cause code to which you want to change the originally received cause code. Defines the originally received ISDN Q.850 cause code.
Command Mode Privileged User
Example This example maps ISDN cause code 127 to 16:
(config-voip)# gateway manipulation cause-map-isdn2isdn 0 (cause-map-isdn2isdn-0)# orig-q850-cause 127 (cause-map-isdn2isdn-0)# map-q850-cause 16 (cause-map-isdn2isdn-0)# activate
cause-map-isdn2sip
This command configures the Release Cause Mapping from ISDN to SIP table, which lets you define ISDN ITU-T Q.850 release cause code (call failure) to SIP response code mapping rules.
Syntax
(config-voip)# gateway manipulation cause-map-isdn2sip <Index> (cause-map-isdn2sip-<Index>)#
Command Index
Description Defines the table row index.
- 397 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command q850-causes sip-response
Description Defines the ISDN Q.850 cause code. Defines the SIP response code.
Command Mode Privileged User
Example This example maps ISDN cause code 6 to SIP code 406:
(config-voip)# gateway manipulation cause-map-isdn2sip 0 (cause-map-isdn2sip-0)# q850-causes 6 (cause-map-isdn2sip-0)# sip-response 406 (cause-map-isdn2sip-0)# activate
cause-map-sip2isdn
This command configures the Release Cause Mapping from SIP to ISDN table, which lets you define SIP response code to ISDN ITU-T Q.850 release cause code (call failure) mapping rules.
Syntax
(config-voip)# gateway manipulation cause-map-sip2isdn <Index> (cause-map-sip2isdn-<Index>)#
Command Index q850-causes sip-response
Command Mode Privileged User
Example
Description Defines the table row index. Defines the ISDN Q.850 cause code. Defines the SIP response code.
- 398 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
This example maps SIP code 406 to ISDN cause code 6:
(config-voip)# gateway manipulation cause-map-sip2isdn 0 (cause-map-sip2isdn-0)# q850-causes 6 (cause-map-sip2isdn-0)# sip-response 406 (cause-map-sip2isdn-0)# activate
dst-number-map-ip2tel
This command configures the Destination Phone Number Manipulation for IP-to-Tel Calls table, which lets you define manipulation rules for manipulating the destination number for IPto-Tel calls.
Syntax
(config-voip)# gateway manipulation dst-number-map-ip2tel <Index> (dst-number-map-ip2tel-<Index>)#
Command
Description
Index
Defines the table row index.
dst-host-pattern
Defines the Request-URI host name prefix of the incoming SIP INVITE message.
dst-pattern
Defines the destination (called) telephone number prefix and/or suffix.
is-presentationrestricted
Enables caller ID.
manipulation-name Defines a descriptive name, which is used when associating the row in other tables.
npi
Defines the Numbering Plan Indicator (NPI).
num-of-digits-to- Defines the number of digits that you want to keep from the
leave
right of the phone number.
prefix-to-add
Defines the number or string that you want added to the front of the telephone number.
remove-from-left
Defines the number of digits to remove from the left of the telephone number prefix.
- 399 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
remove-from-right Defines the number of digits to remove from the right of the telephone number prefix.
src-host-pattern
Defines the URI host name prefix of the incoming SIP INVITE message in the From header.
src-ip-address
Defines the source IP address of the caller.
src-ip-group-name Defines the IP Group to where the call is sent.
src-pattern
Defines the source (calling) telephone number prefix and/or suffix.
suffix-to-add
Defines the number or string that you want added to the end of the telephone number.
ton
Defines the Type of Number (TON).
Command Mode Privileged User
dst-number-map-tel2ip
This command configures the Destination Phone Number Manipulation for IP-to-Tel Calls table, which lets you define manipulation rules for manipulating the destination number for Tel-to-IP calls.
Syntax
(config-voip)# gateway manipulation dst-number-map-tel2ip <Index> (dst-number-map-tel2ip-<Index>)#
Command Index dest-ipgroup-name dst-pattern
is-
Description Defines the table row index. Defines the IP Group to where the call is sent.
Defines the destination (called) telephone number prefix and/or suffix. Enables caller ID.
- 400 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
presentationrestricted
manipulation- Defines a descriptive name, which is used when associating the row
name
in other tables.
npi
Defines the Numbering Plan Indicator (NPI).
num-ofdigits-toleave
Defines the number of digits that you want to keep from the right of the phone number.
prefix-to-add Defines the number or string that you want added to the front of the telephone number.
remove-fromleft
Defines the number of digits to remove from the left of the telephone number prefix.
remove-fromright
Defines the number of digits to remove from the right of the telephone number prefix.
src-pattern
Defines the source (calling) telephone number prefix and/or suffix.
src-trunkgroup-id
Defines the source Trunk Group for Tel-to-IP calls.
suffix-to-add Defines the number or string that you want added to the end of the telephone number.
ton
Defines the Type of Number (TON).
Command Mode Privileged User
phone-context-table
This command configures the Phone Contexts table, which lets you define rules for mapping the Numbering Plan Indication (NPI) and Type of Number (TON) to the SIP 'phone-context' parameter, and vice versa.
Syntax
- 401 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
(config-voip)# gateway manipulation phone-context-table <Index> (phone-context-table-<Index>)#
Index context
Command
npi {e164-public|notincluded|private|unknown}
ton
Description Defines the table row index. Defines the SIP 'phone-context' URI parameter. Defines the NPI.
Defines the TON.
Command Mode Privileged User
Example This example maps NPI E.164 to "context= na.e.164.nt.com":
(config-voip)# gateway manipulation phone-context-table 0 (phone-context-table-0)# npi e164-public (phone-context-table-0)# context na.e.164.nt.com (phone-context-table-0)# activate
redirect-number-map-ip2tel
This command configures the Redirect Number IP- to- Tel table, which lets you define manipulation rules for manipulating the redirect number received in SIP messages for IP-to-Tel calls.
Syntax
(config-voip)# gateway manipulation redirect-number-map-ip2tel <Index> (redirect-number-map-ip2tel-<Index>)#
Index
Command
Description Defines the table row index.
- 402 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command dst-host-pattern
dst-pattern
is-presentation-restricted {allowed|not-configured|restricted} manipulation-name
npi {e164-public|notincluded|private|unknown} num-of-digits-to-leave
prefix-to-add
redirect-pattern remove-from-left
remove-from-right
src-host-pattern src-ip-address
Description
Defines the Request-URI host name prefix, which appears in the incoming SIP INVITE message.
Defines the destination (called) telephone number prefix.
Enables caller ID.
Defines a descriptive name, which is used when associating the row in other tables.
Defines the Numbering Plan Indicator (NPI).
Defines the number of digits that you want to retain from the right of the redirect number.
Defines the number or string that you want added to the front of the redirect number.
Defines the redirect telephone number prefix.
Defines the number of digits to remove from the left of the redirect number prefix.
Defines the number of digits to remove from the right of the redirect number prefix.
Defines the URI host name prefix of the caller.
Defines the IP address of the
- 403 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
caller.
suffix-to-add
Defines the number or string that you want added to the end of the redirect number.
ton {abbreviated|international-level2regional|national-level1regional|network-pstn-specific|notincluded|subscriber-level0regional|unknown}
Defines the Type of Number (TON).
Command Mode Privileged User
redirect-number-map-tel2ip
This command configures the Redirect Number IP- to- Tel table, which lets you define manipulation rules for manipulating the redirect number received in SIP messages for IP-to-Tel calls.
Syntax
(config-voip)# gateway manipulation redirect-number-map-tel2ip <Index> (redirect-number-map-tel2ip-<Index>)#
Index dst-pattern
Command
is-presentation-restricted {allowed|not-configured|restricted}
manipulation-name
Description
Defines the table row index.
Defines the destination (called) telephone number prefix.
Enables caller ID.
Defines a descriptive name, which is used when associating the row in other tables.
- 404 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command npi {e164-public|notincluded|private|unknown} num-of-digits-to-leave
prefix-to-add
redirect-pattern remove-from-left
remove-from-right
src-trunk-group-id
suffix-to-add
ton {abbreviated|internationallevel2-regional|national-level1regional|network-pstn-specific|notincluded|subscriber-level0regional|unknown}
Description
Defines the Numbering Plan Indicator (NPI).
Defines the number of digits that you want to retain from the right of the redirect number.
Defines the number or string that you want added to the front of the redirect number.
Defines the redirect telephone number prefix.
Defines the number of digits to remove from the left of the redirect number prefix.
Defines the number of digits to remove from the right of the redirect number prefix.
Defines the Trunk Group from where the Tel call is received.
Defines the number or string that you want added to the end of the redirect number.
Defines the Type of Number (TON).
Command Mode Privileged User
settings
This command configures the Redirect Number IP- to- Tel table, which lets you define manipulation rules for manipulating the redirect number received in SIP messages for IP-to-Tel
- 405 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
calls.
Syntax (config-voip)# gateway manipulation settings (gw-manip-settings)#
Command
Description
add-cic
If add carrier identification code as prefix.
add-ph-cntxt- Adds the phone context to src/dest phone number as prefix. as-pref
add-prefixfor-isdn-hlcfax
If set and incoming ISDN SETUP contains High Layer Compatability IE with Facsimile, prefix FAX will be added to received Calling number.
alt-map-telto-ip
Enables different number manipulation rules for redundant calls.
ip2tel-redir- Set the IP-to-TEL Redirect Reason. reason
map-ip-to-
if set to 1, manipulate destination number from REFER-TO in TDM
pstn-refer-to blind transfer.
prefix-2-ext- FXS: If enabled (1) and Prefix2ExtLine is detected, it is added to the
line
dial number as prefix
prfm-ip-totel-dst-map
Perform Additional IP2TEL Destination Manipulation
prfm-ip-totel-src-map
Perform Additional IP2TEL Source Manipulation
swap-tel-toip-phone-num
Swaps calling and called numbers received from Tel side.
tel-to-ipdflt-redirrsn
Tel-to-IP Default Redirect Reason.
tel2ip-dstnb-map-dialindex
Tel to IP Destination Number Mapping Dial Plan Index.
- 406 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
tel2ip-redir- Tel-to-IP Redirect Reason. reason
tel2ip-srcnb-map-dialindex
Tel to IP Source Number Mapping Dial Plan Index.
tel2ip-srcnb-map-dialmode
Tel to IP Source Number Mapping Dial Plan Mode.
use-refer-byfor-callingnum
If set to 1, use a number from Referred-By URI, as a calling number in outgoing Q.931 SETUP.
Command Mode Privileged User
src-number-map-ip2tel
This command configures the Source Phone Number Manipulation for IP-to-Tel Calls table, which lets you define manipulation rules for manipulating the source number for IP-to-Tel calls.
Syntax
(config-voip)# gateway manipulation src-number-map-ip2tel <Index> (src-number-map-ip2tel-<Index>)#
Command Index dst-host-pattern
dst-pattern
is-presentation-restricted
Description
Defines the table row index.
Defines the Request-URI host name prefix of the incoming SIP INVITE message.
Defines the destination (called) telephone number prefix and/or suffix.
Enables caller ID.
- 407 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
{allowed|notconfigured|restricted}
manipulation-name
Defines a descriptive name, which is used when associating the row in other tables.
npi {e164-public|notincluded|private|unknown}
Defines the Numbering Plan Indicator (NPI).
num-of-digits-to-leave
Defines the number of digits that you want to keep from the right of the phone number.
prefix-to-add
Defines the number or string that you want added to the front of the telephone number.
remove-from-left
Defines the number of digits to remove from the left of the telephone number prefix.
remove-from-right
Defines the number of digits to remove from the right of the telephone number prefix.
src-host-pattern
Defines the URI host name prefix of the incoming SIP INVITE message in the From header.
src-ip-address
Defines the source IP address of the caller.
src-ip-group-name
Defines the IP Group to where the call is sent.
src-pattern
Defines the source (calling) telephone number prefix and/or suffix.
suffix-to-add
Defines the number or string that you want added to the end of the telephone number.
ton {abbreviated|international- Defines the Type of Number (TON). level2-regional|national-level1-
- 408 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
regional|network-pstnspecific|notincluded|subscriber-level0regional|unknown}
Description
Command Mode Privileged User
src-number-map-tel2ip
This command configures the Source Phone Number Manipulation for Tel-to-IP Calls table, which lets you define manipulation rules for manipulating the source number for Tel-to-IP calls.
Syntax
(config-voip)# gateway manipulation src-number-map-tel2ip <Index> (src-number-map-tel2ip-<Index>)#
Index dst-pattern
Command
is-presentation-restricted {allowed|not-configured|restricted}
manipulation-name
npi {e164-public|notincluded|private|unknown}
num-of-digits-to-leave
prefix-to-add
Description
Defines the table row index.
Defines the destination (called) telephone number prefix and/or suffix.
Enables caller ID.
Defines a descriptive name, which is used when associating the row in other tables.
Defines the Numbering Plan Indicator (NPI).
Defines the number of digits that you want to keep from the right of the phone number.
Defines the number or string
- 409 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
remove-from-left
remove-from-right
src-pattern
src-trunk-group-id suffix-to-add
ton {abbreviated|internationallevel2-regional|national-level1regional|network-pstn-specific|notincluded|subscriber-level0regional|unknown}
Description
that you want added to the front of the telephone number.
Defines the number of digits to remove from the left of the telephone number prefix.
Defines the number of digits to remove from the right of the telephone number prefix.
Defines the source (calling) telephone number prefix and/or suffix.
Defines the source Trunk Group for Tel-to-IP calls.
Defines the number or string that you want added to the end of the telephone number.
Defines the Type of Number (TON).
Command Mode Privileged User
routing
This subcommand configures gateway routing.
Syntax (config-voip)# gateway routing
- 410 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command alt-route-cause-ip2tel alt-route-cause-tel2ip fwd-on-bsy-trk-dst gw-routing-policy ip2tel-routing settings tel2ip-routing
Description See alt-route-cause-ip2tel below See alt-route-cause-tel2ip on the next page See fwd-on-bsy-trk-dst on the next page See gw-routing-policy on page 413 See ip2tel-routing on page 414 See settings on page 416 See tel2ip-routing on page 417
Command Mode Privileged User
alt-route-cause-ip2tel
This command configures the Reasons for IP-to-Tel Alternative Routing table, which lets you define ISDN Q.931 release cause codes that if received from the Tel side, the device reroutes the IP-to-Tel call to an alternative Trunk Group.
Syntax
(config-voip)# gateway routing alt-route-cause-ip2tel <Index> (alt-route-cause-ip2tel-<Index>)#
Command Index rel-cause
Description Defines the table row index. Defines a Q.931 release code.
Command Mode Privileged User
Example This example configures an ISDN release code 17 for alternative routing:
- 411 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
(config-voip)# gateway routing alt-route-cause-ip2tel 0 (alt-route-cause-ip2tel-0)# rel-cause 17 (alt-route-cause-ip2tel-0)# activate
alt-route-cause-tel2ip
This command configures the Reasons for Tel-to-IP Alternative Routing table, which lets you define SIP response codes that if received from the IP side, the device reroutes the call to an alternative destination.
Syntax
(config-voip)# gateway routing alt-route-cause-tel2ip <Index> (alt-route-cause-tel2ip-<Index>)#
Command Index rel-cause
Description Defines the table row index. Defines a SIP response code.
Command Mode Privileged User
Example This example configures a SIP response code 406 for alternative routing:
(config-voip)# gateway routing alt-route-cause-ip2tel 0 (alt-route-cause-tel2ip-0)# rel-cause 406 (alt-route-cause-tel2ip-0)# activate
fwd-on-bsy-trk-dst
This command configures the Forward on Busy Trunk Destination table, which lets you define alternative routing rules for forwarding (i.e., call redirection) IP-to-Tel calls to an alternative IP destination using SIP 3xx responses.
Syntax
(config-voip)# gateway routing fwd-on-bsy-trk-dst <Index> (fwd-on-bsy-trk-dst-<Index>)#
- 412 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command Index forward-dst
trunk-groupid
Description Defines the table row index. Defines the alternative IP destination for the call used if the Trunk Group is busy or unavailable. Defines the Trunk Group ID to where the IP call is destined.
Command Mode Privileged User
Example This example configures 10.15.7.96 as the alternative destination for calls destined for Trunk Group 1:
(config-voip)# gateway routing fwd-on-bsy-trk-dst 0 (fwd-on-bsy-trk-dst-0)# forward-dst 10.15.7.96 (fwd-on-bsy-trk-dst-0)# trunk-group-id 1 (fwd-on-bsy-trk-dst-0)# activate
gw-routing-policy
This command configures the Routing Policies table, which lets you edit the default Routing Policy rule.
Syntax
(config-voip)# gateway routing gw-routing-policy <Index> (gw-routing-policy-<Index>)#
Command Index lcr-call-length
lcr-default-cost
Description
Defines the table row index.
Defines the average call duration (in minutes) and is used to calculate the variable portion of the call cost.
Defines whether routing rules in the Tel-to-IP Routing table that are not assigned a Cost Group
- 413 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
lcr-enable {disabled|enabled} ldap-srv-group-name name
Description
are considered a higher cost or lower cost route compared to other matched routing rules that are assigned Cost Groups.
Enables the Least Cost Routing (LCR) feature for the Routing Policy.
Assigns an LDAP Server Group to the Routing Policy.
Defines a descriptive name, which is used when associating the row in other tables.
Command Mode Privileged User
Example This example configures a Routing Policy "ITSP", which uses LDAP Servers Group "ITSP-LDAP":
(config-voip)# gateway routing gw-routing-policy 0 (gw-routing-policy-0)# name ITSP (gw-routing-policy-0)# ldap-srv-group-name ITSP-LDAP (gw-routing-policy-0)# activate
ip2tel-routing
This command configures the IP-to-Tel Routing table, which lets you define IP-to-Tel routing rules.
Syntax
(config-voip)# gateway routing ip2tel-routing <Index> (ip2tel-routing-<Index>)#
Command
Index
call-setup-rulesset-id
Description Defines the table row index. Assigns a Call Setup Rule Set ID to the routing rule.
- 414 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
dst-host-pattern
Defines the prefix or suffix of the called (destined) telephone number.
dst-phone-pattern
Defines the Request-URI host name prefix of the incoming INVITE message.
dst-type {trunk|trunkgroup}
Defines the type of Tel destination.
ip-profile-name
Assigns an IP Profile to the call.
route-name
Defines a descriptive name, which is used when associating the row in other tables.
src-host-pattern
Defines the prefix of the URI host name in the From header of the incoming INVITE message.
src-ip-address
Defines the source IP address of the incoming IP call.
src-ip-group-name
Assigns an IP Group from where the SIP message (INVITE) is received.
dst-phone-pattern
Defines the prefix or suffix of the calling (source) telephone number.
src-sipinterface-name
Defines the SIP Interface on which the incoming IP call is received.
trunk-group-id
Defines the Trunk Group ID to where the incoming SIP call is sent.
trunk-id
Defines the Trunk to where the incoming SIP call is sent.
Command Mode Privileged User
Example This example configures a routing rule that routes calls from IP Group "ITSP" to Trunk Group 1:
(config-voip)# gateway routing ip2tel-routing 0 (ip2tel-routing-0)# name PSTN-to-ITSP
- 415 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
(ip2tel-routing-0)# src-ip-group-name ITSP (ip2tel-routing-0)# trunk-group-id 1 (ip2tel-routing-0)# activate
settings
This command configures gateway routing parameter.
Syntax (config-voip)# gateway routing settings (gw-routing-settings)#
Command
Description
alt-routing-tel2ip Enables Alternative Routing Tel to IP.
alt-rte-tel2ipkeep-alive
Time interval between OPTIONS Keep-Alive messages for IP connectivity (seconds).
alt-rte-tel2ipmethod
Tel to IP Alternative Routing Connectivity Method.
alt-rte-tel2ipmode
Methods used for Alternative Routing operation.
alt-rte-toneduration
Alternative Routing Tone Duration (milliseconds).
empty-dst-w-bch-nb Replace empty destination number (received from Tel side) with port number.
gw-routing-server Enables Gateway Routing Server.
ip-dial-plan-name
Assigns a Dial Plan (by name) for tag-based IP-to-Tel routing rules.
ip-to-tel-tagging- IP-to-Tel Tagging Destination Dial Plan Index. dst
ip-to-tel-tagging- IP-to-Tel Tagging Source Dial Plan Index. src
ip2tel-rmv-rte-tbl Remove prefix defined in IP to Trunk Group table (IP-to-Tel calls).
- 416 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
ip2tel-rte-mode
Defines order between routing incoming calls from IP side and performing manipulations.
mx-all-dly-4-altrte
The maximum delay that will not prevent normal routing (msec).
mx-pkt-loss-4-alt- The maximum percentage of packet loss that will not
rte
prevent normal routing.
npi-n-ton-to-cldnb
Add NPI and TON as prefix to called number.
npi-n-ton-to-cngnb
Add NPI and TON as prefix to calling number.
probability-onqos-problem
If QoS problem, a call has this probability (in percentage) to continue in order to reevaluate the QoS.
redir-nb-si-to-tel Override screening indicator value of the redirect number in Setup messages to PSTN interface..
src-ip-addr-input Source IP address input.
src-manipulation
Describes the hdrs containing source nb after manipulation.
tel-dial-plan-name Assigns a Dial Plan (by name) for tag-based IP-to-Tel routing rules.
tel2ip-rte-mode
Defines order between routing incoming calls from Tel side and performing manipulations.
tgrp-routing-prec TGRP Routing Precedence.
trk-id-as-prefix
Add Trunk/Port as nb prefix.
trkgrpid-prefix
Add Trunk Group ID as prefix.
Command Mode Privileged User
tel2ip-routing
This command configures the Tel-to-IP Routing table, which lets you define Tel-to-IP routing rules.
- 417 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Syntax
(config-voip)# gateway routing tel2ip-routing <Index> (tel2ip-routing-<Index>)#
Command
Description
Index
Defines the table row index.
call-setup-rules-set-id Assigns a Call Setup Rule Set ID to the routing rule.
charge-code-name
Assigns a Charge Code to the routing rule for generating metering pulses (Advice of Charge).
cost-group-id
Assigns a Cost Group to the routing rule for determining the cost of the call (i.e., Least Cost Routing or LCR).
dest-ip-group-name
Assigns an IP Group to where you want to route the call.
dest-sip-interface-name Assigns a SIP Interface to the routing rule.
dst-ip-address
Defines the IP address (in dotted-decimal notation or FQDN) to where the call is sent.
dst-phone-pattern
Defines the prefix and/or suffix of the called (destination) telephone number.
dst-port
Defines the destination port to where you want to route the call.
forking-group
Defines a Forking Group number for the routing rule.
ip-profile-name
Assigns an IP Profile to the routing rule in the outgoing direction.
route-name
Defines a descriptive name, which is used when associating the row in other tables.
dst-phone-pattern
Defines the prefix and/or suffix of the calling (source) telephone number.
src-trunk-group-id
Defines the Trunk Group from where the call is received.
- 418 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
transport-type {not-
Defines the transport layer type used for routing
configured|tcp|tls|udp} the call.
Command Mode Privileged User
Example This example configures a routing rule that routes calls from Trunk Group 1 to IP Group "ITSP":
(config-voip)# gateway routing tel2ip-routing 0 (tel2ip-routing-0)# name ITSP-to-PSTN (tel2ip-routing-0)# src-trunk-group-id 1 (tel2ip-routing-0)# dest-ip-group-name ITSP (tel2ip-routing-0)# activate
trunk-group
This command configures the Trunk Group table, which lets you define Trunk Groups.
Syntax (config-voip)# gateway trunk-group <Index> (trunk-group-<Index>)#
Command
Description
Index
Defines the table row index.
first-b-channel
Defines the first channel/port (analog module) or Trunk Bchannel (digital module).
first-phone-number Defines the telephone number(s) of the channels.
first-trunk-id
Defines the starting physical Trunk number in the Trunk Group.
last-b-channel
Defines the last channel/port (analog module) or Trunk Bchannel (digital module).
last-trunk-id
Defines the ending physical Trunk number in the Trunk
- 419 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
module tel-profile-name trunk-group-id
Description Group. Defines the telephony interface module / FXS blade for which you want to define the Trunk Group. Assigns a Tel Profile to the Trunk Group. Defines the Trunk Group ID for the specified channels.
Command Mode Privileged User
Example This example configures Trunk Group 1 for Trunk 1, channels 1-30:
(config-voip)# gateway trunk-group 0 (trunk-group-0)# first-b-channel 1 (trunk-group-0)# last-b-channel 30 (trunk-group-0)# first-trunk-id 1 (trunk-group-0)# trunk-group-id 1 (trunk-group-0)# activate
trunk-group-setting
This command configures the Trunk Group Settings table, which lets you define various settings per Trunk Group.
Syntax
(config-voip)# gateway trunk-group-setting <Index> (trunk-group-setting-<Index>)#
Command
Description
Index
Defines the table row index.
channel-select-mode {alwaysascending|alwaysdescending|channel-cyclic-
Defines the method by which IP-to-Tel calls are assigned to the channels of the Trunk Group.
- 420 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
ascending|cyclicdescending|dst-numberascending|dst-number-cyclicascending|dst-phonenumber|not-configured|ringto-hunt-group|select-trunkby-supp-serv-table|srcphone-number|trunk-channelcyclic-ascending|trunkcyclic-ascending}
contact-user
Defines the user part for the SIP Contact URI in INVITE messages, and the From, To, and Contact headers in REGISTER requests.
dedicated-connection-mode {connection-per-endpoint| reuse-connection}
Enables the use of a dedicated TCP socket for SIP traffic (REGISTER, re-REGISTER, SUBSCRIBE, and INVITE messages) per FXS analog channel (endpoint).
gateway-name
Defines the host name for the SIP From header in INVITE messages, and the From and To headers in REGISTER requests.
mwi-interrogation-type {none|not-configured|resultnot-used|use-activateonly|use-result}
Defines message waiting indication (MWI) QSIG-to-IP interworking for interrogating MWI supplementary services.
registration-mode {dontregister|not-configured|peraccount|per-endpoint|pergateway}
Defines the registration method of the Trunk Group.
serving-ip-group-name
Assigns an IP Group to where the device sends INVITE messages for calls received from the Trunk Group.
trunk-group-id
Defines the Trunk Group ID that you want to configure.
trunk-group-name
Defines a descriptive name, which is used when associating the row in other tables.
used-by-routing-server {not- Enables the use of the Trunk Group by a
- 421 -
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command used|used}
Description routing server for routing decisions.
Command Mode Privileged User
Example This example configures channel select method to ascending for Trunk Group 1:
(config-voip)# gateway gateway trunk-group-setting 0 (trunk-group-setting-0)# trunk-group-name PSTN (trunk-group-0)# trunk-group-id 1 (trunk-group-0)# channel-select-mode always-ascending (trunk-group-0)# activate
voice-mail-setting
This command configures the voice mail parameters.
Syntax (config-voip)# gateway voice-mail-setting (gw-voice-mail)#
Command
Description
dig-to-ignore-dig-pattern
A digit (0-9,A-D,* or #) that if received as Src (S) or Redirect (R), the digit is ignored and not added to that number. Used in DTMF VoiceMail.
disc-call-dig-ptrn
Disconnect call if digit string is received from the Tel side during session.
enable-smdi {SMDI_PROTOCOL_ BELCORE|SMDI_PROTOCOL_ERICSSON|SMDI_ PROTOCOL_NEC_ICS|SMDI_PROTOCOL_NONE}
Enables the Simplified Message Desk Interface (SMDI).
ext-call-dig-ptrn
Digit pattern to indicate external
- 422 -
CHAPTER 60 gateway
Command
fwd-bsy-dig-ptrn-ext
fwd-bsy-dig-ptrn-int
fwd-dnd-dig-ptrn-ext
fwd-dnd-dig-ptrn-int
fwd-no-ans-dig-ptrn-ext
fwd-no-ans-dig-ptrn-int
fwd-no-rsn-dig-ptrn-ext
fwd-no-rsn-dig-ptrn-int
int-call-dig-ptrn
line-transfer-mode mwi-off-dig-ptrn
mwi-on-dig-ptrn
- 423 -
MSBR | CLI Reference Guide
Description
call (PBX to voice mail)
Digit pattern to indicate Call Forward on busy (PBX to voice mail)
Digit pattern to indicate Call Forward on busy (PBX to voice mail)
Digit pattern to indicate Call Forward on Do Not Disturb (PBX to voice mail)
Digit pattern to indicate Call Forward on Do Not Disturb (PBX to voice mail)
Digit pattern to indicate Call Forward on no answer (PBX to voice mail)
Digit pattern to indicate Call Forward on no answer (PBX to voice mail)
Digit pattern to indicate Call Forward with no reason (PBX to voice mail)
Digit pattern to indicate Call Forward with no reason (PBX to voice mail)
Digit pattern to indicate internal call (PBX to voice mail)
Line transfer mode.
Digit pattern to notify PBX about no messages waiting for extension (added as prefix)
Digit pattern to notify PBX about messages waiting for extension
CHAPTER 60 gateway
MSBR | CLI Reference Guide
Command
Description
(added as prefix)
mwi-source-number
Phone number sent as source number toward PSTN for MWI setup.
mwi-suffix-pattern
MWI suffix code to notify PBX about messages waiting for extension (added as suffix to the extension number)
smdi-timeout
SMDI timeout.
vm-interface {dtmf|etsi|ip2ip|ni2|none|qsig|qsigmatra| qsig-siemens|setup-only|smdi}
Method of communication between PBX and the device that is used instead of legacy voicemail.
Command Mode Privileged User
Example
(config-voip)# gateway voice-mail-setting (gw-voice-mail)# vm-interface dtmf (gw-voice-mail)# activate
- 424 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
61 coders-and-profiles
This command configures coders and profiles.
Syntax (config-voip)# coders-and-profiles
Command allowed-audio-codersgroups allowed-video-codersgroups audio-coders-groups ip-profile tel-profile
Description See allowed-audio-coders-groups below
See allowed-video-coders-groups on page 427
See audio-coders-groups on page 428 See ip-profile on page 430 See tel-profile on page 438
allowed-audio-coders-groups
This command configures the Allowed Audio Coders Groups table, which lets you define Allowed Audio Coders Groups for SBC calls . The table is a "parent" of the Allowed Audio Coders table.
Syntax
(config-voip)# coders-and-profiles allowed-audio-coders-groups <Index> (allowed-audio-coders-groups-<Index>)#
Command
Description
Index
Defines the table row index.
allowed-
Defines the Allowed Audio Coders table. For more information, see
audio-coders allowed-audio-coders on the next page.
codersgroup-name
Defines a name for the Allowed Audio Coders Group.
Command Mode
- 425 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Privileged User
Example This example configures the name "ITSP" for the Allowed Audio Coders Group:
(config-voip)# coders-and-profiles allowed-audio-coders-groups 0 (allowed-audio-coders-groups-0)# coders-group-name ITSP (allowed-audio-coders-groups-0)# activate
allowed-audio-coders
This command configures the Allowed Audio Coders table, which lets you define Allowed Audio Coders for SBC calls. The table is a "child" of the Allowed Audio Coders Groups table.
Syntax
(config-voip)# coders-and-profiles allowed-audio-coders-groups <Index> (allowed-audio-coders-groups-<Index>)# allowed-audio-coders <Index> (allowed-audio-coders-<Index>/<Index>)#
Command Index coder user-defined-coder
Description Defines the table row index. Defines a coder from a list. Defines a user-defined coder.
Command Mode Privileged User
Example This example configures the Allowed Audio Coders table with G.711:
(config-voip)# coders-and-profiles allowed-audio-coders-groups 0 (allowed-audio-coders-groups-0)# allowed-audio-coders 1 (allowed-audio-coders-0/1)# coder g711-alaw (allowed-audio-coders-0/1)# activate
- 426 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
allowed-video-coders-groups
This command configures the Allowed Video Coders Groups table, which lets you define Allowed Video Coders Groups for SBC calls . The table is a "parent" of the Allowed Video Coders table.
Syntax
(config-voip)# coders-and-profiles allowed-video-coders-groups <Index> (allowed-video-coders-groups-<Index>)#
Command Index allowed-video-coders coders-group-name
Description Defines the table row index.
Defines a name for the Allowed Video Coders Group.
Command Mode Privileged User
Example This example configures the name "ITSP" for the Allowed Video Coders Group:
(config-voip)# coders-and-profiles allowed-video-coders-groups 0 (allowed-video-coders-groups-0)# coders-group-name ITSP (allowed-video-coders-groups-0)# activate
allowed-video-coders
This command configures the Allowed Video Coders table, which lets you define Allowed video coders for SBC calls. The table is a "child" of the Allowed Video Coders Groups table.
Syntax
(config-voip)# coders-and-profiles allowed-video-coders-groups <Index> (allowed-video-coders-groups-<Index>)# allowed-video-coders <Index> (allowed-video-coders-<Index>/<Index>)#
- 427 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Command Index user-defined-coder
Description Defines the table row index. Defines a user-defined video coder.
Command Mode Privileged User
Example This example configures the Allowed Video Coders table with G.711:
(config-voip)# coders-and-profiles allowed-video-coders-groups 0 (allowed-video-coders-groups-0)# allowed-video-coders 1 (allowed-video-coders-0/1)# user-defined-coder mpeg2 (allowed-video-coders-0/1)# activate
audio-coders-groups
This command configures the Audio Coders Groups table, which lets you define Audio Coders Groups. The table is a "parent" of the Coder Groups table.
Syntax
(config-voip)# coders-and-profiles audio-coders-groups <Index> (audio-coders-groups-<Index>)#
Command
Index
audiocoders
codersgroupname
Description Defines the table row index. Defines the Coder Groups table, which lets you define audio coders. For more information, see audio-coders on the next page. Defines a name for the Coders Group.
Command Mode Privileged User
- 428 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Example This example configures the name "ITSP" for the Coders Group table:
(config-voip)# coders-and-profiles audio-coders-groups 0 (audio-coders-groups-0)# coders-group-name ITSP (audio-coders-groups-0)# activate
audio-coders
This command configures the Coder Groups table, which lets you define audio coders. The table is a "child" of the Audio Coders Groups table.
Syntax
(config-voip)# coders-and-profiles audio-coders-groups <Index> (audio-coders-groups-<Index>)# audio-coders <Index> (audio-coders-<Index>/<Index>)#
Command Index coder-specific
name p-time
payload-type
rate silence-suppression {disable|enable|enable-noadaptation|not-configured}
Description
Defines the table row index.
Defines additional settings specific to the coder.
Defines the coder type.
Defines the packetization time (in msec) of the coder.
Defines the payload type if the payload type (i.e., format of the RTP payload) of the coder is dynamic.
Defines the bit rate (in kbps) of the coder.
Enables silence suppression for the coder.
Command Mode Privileged User
- 429 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Example
This example configures the Audio Coders table with G.711:
(config-voip)# coders-and-profiles audio-coders-groups 0 (audio-coders-groups-0)# audio-coders 1 (audio-coders-0/1)# name g711-alaw (audio-coders-0/1)# rate 64 (audio-coders-0/1)# p-time 20 (audio-coders-0/1)# silence-suppression enable (audio-coders-0/1)# activate
ip-profile
This command configures the IP Profiles table, which lets you define IP Profiles.
Syntax (config-voip)# coders-and-profiles ip-profile <Index (ip-profile-<Index>)#
Command
Description
Index
Defines the table row index.
add-ie-in-setup
Configures an additional information element to send in ISDN Setup message.
allowed-audio-codersgroup-name
Defines the SBC Allowed Audio Coders Group Name (this references a table that contains a list of allowed audio coders).
allowed-video-codersgroup-name
Defines the SBC Allowed Video Coders Group Name (this references a table that contains a list of allowed video coders).
amd-max-greeting-time Defines the AMD Max Greeting Time.
amd-max-post-silence- Defines the AMD Max Post Silence Greeting Time. greeting-time
amd-mode
Configures AMD (Answering Machine Detector) mode.
amd-sensitivity-level Determines the AMD level of detection sensitivity.
- 430 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Command
Description
amd-sensitivityparameter-suite
Determines the serial number of the AMD sensitivity suite.
call-limit
Defines the maximum number of concurrent calls per IP Profile.
cng-mode
Defines the CNG Detector Mode.
coders-group
Defines the Coders Group Name.
copy-dst-to-redirectnumber {aftermanipulation|beforemanipulation|disable}
Enables the device to copy the called number, received in the SIP INVITE message, to the redirect number in the outgoing Q.931 Setup message, for IPto-Tel calls.
data-diffserv
Defines the DiffServ value of MSRP traffic in the IP header's DSCP field.
disconnect-on-broken- Defines the behavior when receiving an RTP broken
connection
notification.
early-answer-timeout
Defines the maximum time (in seconds) to wait from sending a setup message to the PSTN to receiving a connect message from the PSTN.
early-media
Enables Early Media.
echo-canceller
Enables echo cancellation (i.e., echo from voice calls is removed).
enable-early-183
Enables Early 183.
enable-hold
Enables Call Hold service.
enable-qsig-tunneling Enables QSIG Tunneling over SIP.
enable-symmetric-mki Enables symmetric MKI negotiation.
fax-sig-method
Configures using H.323/Annex D procedure for real time FAX relay.
first-tx-dtmf-option
Defines the first priority DTMF methods, offered during the SIP negotiation.
generate-srtp-keys
Configures generating new SRTP keys on SRTP negotiation mode.
- 431 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Command
Description
ice-mode
Configures ICE Mode.
input-gain
Defines the voice TDM Input Gain.
ip-preference
Configures Profile Preference - the priority of the IP Profile.
is-dtmf-used
Enables sending DTMFs on the Signaling path (not on the Media path).
jitter-buffer-maxdelay
Defines the maximum delay (in msec) for the Dynamic Jitter Buffer.
jitter-bufferminimum-delay
Defines the minimum delay (in msec) for the Dynamic Jitter Buffer.
jitter-bufferoptimization-factor
Defines the Dynamic Jitter Buffer frame error-delay optimization factor.
local-held-tone-index Defines the user-defined Held tone by index number as it appears in the PRT file.
local-ringback-toneindex
Defines the user-defined ringback tone by index number as it appears in the PRT file.
media-ip-versionpreference
Defines the preference of the Media IP version.
media-securitybehaviour
Defines the gateway behavior when receiving offer/response for media encryption.
mki-size
Defines the size (in bytes) of the Master Key Identifier (MKI) in transmitted SRTP packets. The
nse-mode
Enables Cisco compatible fax and modem bypass mode.
play-held-tone
Defines the SBC Play Held Tone.
play-rbt-to-ip
Enables a ringback tone playing towards IP.
profile-name
Configures a Profile Name (string).
prog-ind-to-ip
Determines whether to send the Progress Indicator to IP.
- 432 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Command
Description
reliable-heldtonesource
Defines the SBC Reliable Held Tone Source.
remote-hold-Format
Defines the SBC Remote Hold Format.
reset-srtp-upon-rekey
Resets SRTP State Upon Re-key.
rtp-ip-diffserv
Defines the RTP IP DiffServ.
rtp-redundancy-depth
Defines the RTP Redundancy Depth - enables the device to generate RFC 2198 redundant packets.
rx-dtmf-option
Defines the supported receive DTMF negotiation method.
sbc-2833dtmf-payload Defines the SBC RFC2833 DTMF Payload Type Value.
sbc-adapt-rfc2833-bw- Adapts RFC 2833 BW to Voice coder BW. voice-bw
sbc-allowed-codersmode
Defines the SBC Allowed Coders Mode.
sbc-allowed-mediatypes
Defines the SBC allowed media types (comma separated string).
sbc-alternative-dtmfmethod
Defines the SBC Alternative DTMF Method. For legs where RFC 2833 is not negotiated successfully, the device uses this parameter to determine the Alternative DTMF Method.
sbc-assert-identity
Defines the device's privacy handling of the Passerted-Identity header. This indicates how the outgoing SIP message asserts identity.
sbc-diversion-mode
Defines the device's handling of the Diversion header.
sbc-dm-tag
Defines the tag to work without media anchoring.
sbc-enforce-mki-size Defines SBC Enforce MKI Size.
sbc-enhanced-plc {disable|enable}
Enables PLC.
sbc-ext-coders-group- Defines the SBC Extension Coders Group Name.
- 433 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Command
Description
name
sbc-fax-answer-mode
Defines the coders included in the outgoing SDP answer (sent to the calling fax).
sbc-fax-behavior
Defines the offer negotiation method.
sbc-fax-coders-group- Defines the supported fax coders. name
sbc-fax-offer-mode
Defines if the fax coders sent in the outgoing SDP offer.
sbc-fax-reroutingmode
Enables the re-routing of incoming SBC calls that are identified as fax calls.
sbc-generate-noop
Enables the device to send RTP or T.38 No-Op packets during RTP or T.38 silence periods (SBC calls only).
sbc-generate-rtp
Generates silence RTP packets.
sbc-handle-xdetect
Defines the support of X-Detect handling.
sbc-history-info-mode Defines the device's handling of the History-Info header.
sbc-isup-bodyhandling
Defines the ISUP Body Handling.
sbc-isup-variant
Defines the ISUP Variant.
sbc-jittercompensation
Defines the SBC Jitter Compensation.
sbc-keep-routingheaders
Keeps the Record-Route and in-dialog Route headers from incoming request in the outgoing request.
sbc-keep-user-agent
Keeps the User-Agent header from the incoming request in the outgoing request.
sbc-keep-via-headers
Keeps the VIA headers from incoming request in the outgoing request.
sbc-max-call-duration Limits the call time duration (minutes).
sbc-max-opusbandwidth
Defines the maximum bandwidth for OPUS [bps].
- 434 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Command
Description
sbc-media-securitybehaviour
Defines the transcoding method between SRTP and RTP.
sbc-media-securitymethod
Defines the SRTP method SDES/DTLS.
sbc-msrp-emptymessage-format
On an active MSRP leg, enables the device to add the Content-Type header to the first empty (i.e., no body) MSRP message that is used to initiate the MSRP connection.
sbc-msrp-offer-setup- Defines the device's MSRP role in SDP offer-answer
role
negotiations ('a=setup' line) for MSRP sessions.
sbc-msrp-re-inviteupdate-supp
Defines if the SIP UA (MSRP endpoint) associated with this IP Profile supports the receipt of re-INVITE and UPDATE SIP messages.
sbc-multi-answers
Enables the SBC to respond with multiple answers within the same dialog (non-standard).
sbc-multi-early-diag
Enables the SBC to respond with multiple SIP dialogs (forking).
sbc-play-rbt-totransferee
Plays Ring Back Tone to transferred side on call transfer.
sbc-prack-mode
Defines the LEG's related PRACK behavior.
sbc-preferred-ptime
Defines the SBC Preferred Ptime.
sbc-rfc2833-behavior Affects the RFC 2833 SDP offer/answer negotiation.
sbc-rmt-3xx-behavior Defines the SBC Remote 3xx Behavior.
sbc-rmt-can-playringback
Configures remote endpoint capability to play a local ringback tone.
sbc-rmt-delayed-offer Configures SBC remote delayed offer support.
sbc-rmt-early-mediaresp
Defines the SBC remote early media response type.
sbc-rmt-early-mediartp
Defines the SBC remote early media RTP mode.
- 435 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Command sbc-rmt-early-mediasupp sbc-rmt-mltple-18xsupp sbc-msrp-re-inviteupdate-supp sbc-rmt-re-invitesupp sbc-rmt-referbehavior sbc-rmt-renegotiateon-fax-detect sbc-rmt-replacesbehavior
sbc-rmt-rfc3960-supp
sbc-rmt-rprsntation
sbc-rmt-update-supp sbc-rtcp-feedback sbc-rtcp-mode sbc-rtcp-mux sbc-rtp-red-behav sbc-sdp-handle-rtcp sbc-sdp-ptime-ans sbc-sdp-removecrypto-lifetime sbc-send-multipledtmf-methods
Description Defines SBC remote early media support.
Defines SBC remote multiple 18x support.
Defines if the remote MSRP endpoint supports the receipt of re-INVITE and UPDATE SIP messages. Defines SBC remote re-INVITE support.
Defines SBC remote refer behavior.
Defines if remote renegotiate when fax is detected.
Defines how the SBC manages REFER/INVITE with Replaces. Defines the SBC remote RFC 3960 gateway model support. Defines how to represent the SBC's contact information to the remote side. Defines SBC remote UPDATE support. Defines RTCP feedback support. Defines the SBC RTCP mode. Defines support of RTP-RTCP multiplexing. Defines SBC RTP redundancy behavior. Defines SBC SDP Handle RTCP. Defines SBC SDP Ptime answer. Defines SBC SDP Remove Crypto Lifetime.
Enables the device to send DTMF digits out-of-band (not with audio stream) using both the SIP INFO and
- 436 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Command
Description
RFC 2833 methods for the same call on the leg to which this IP Profile is associated.
sbc-session-expiresmode
Defines SBC behavior with 'Session-Expires' header.
sbc-use-silence-supp Defines SBC to use Silence Suppression.
sbc-usr-reg-time
Defines the duration (in seconds) of the periodic registrations between the user and the device (the device responds with this value to the user).
sbc-usr-tcp-nat-regtime
Defines the duration (in seconds) of the periodic registrations between the user and the device when the user registers over TCP and is behind NAT.
sbc-usr-udp-nat-regtime
Defines the duration (in seconds) of the periodic registrations between the user and the device when the user registers over UDP and is behind NAT.
sbc-voice-qualityenhancement
Activates Voice Quality Enhancement.
second-tx-dtmf-option Defines the second priority DTMF methods, offered during the SIP negotiation.
signaling-diffserv
Defines the SIP Signaling DiffServ.
transcoding-mode
Defines the voice transcoding mode between the two SBC legs for the SBC application.
voice-volume
Defines the voice TDM output gain.
vxx-transport-type
Defines the Vxx modem transport type.
Command Mode Privileged User
Example This example shows how to configure an IP Profile:
- 437 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
(config-voip)# coders-and-profiles ip-profile 0 (ip-profile-0)# group-name ITSP (ip-profile-0)# activate
tel-profile
This command configures the Tel Profiles table, which lets you define Tel Profiles.
Syntax (config-voip)# coders-and-profiles tel-profile <Index> (tel-profile-<Index>)#
Command
Description
Index
Defines the table row index.
call-
Defines the call priority mode.
priority-mode
coders-group Defines the coders group name.
currentdisconnect
Enables current disconnect.
dial-planindex
Defines the dial plan index.
digitdelivery
Enables automatic digit delivery to the Tel side after the line is offhooked or seized.
digital-cutthrough
Enables a call connection without the On-Hook/Off-Hook process 'Cut-Through'.
disconnecton-busy-tone
Releases the call if the gateway receives a busy or fast busy tone before the call is answered.
dtmf-volume
Defines the DTMF generation volume.
early-media
Enables early media.
echocanceller
Enables echo cancellation (i.e., echo from voice calls is removed).
echo-
Configures EC NLP mode.
- 438 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Command
Description
cancellernlp-mode
enable-911psap
Enables 911 PSAP.
enable-agc
Activates AGC (Automatic Gain Control).
enable-didwink
Enables support for DID lines using Wink.
enable-voice- Enables voice mail delay. mail-delay
fax-sigmethod
Configures using H.323/Annex D procedure for real time FAX relay.
flash-hookperiod
Defines the flashhook detection and generation period (in msec).
fxo-doubleanswer
Enables FXO double answer. All incoming TEL2IP call are refused.
fxo-ringtimeout
Defines the delay (in 100 msec) for generating an INVITE after RING_ START is detected.
input-gain
Defines the TDM input gain.
ip2telcutthrough_ call_behavior
Enables a call connection without an On-Hook/Off-Hook process.
is-two-stage- Configures Dialing Mode - One-Stage (PBX Pass-thru) or Two-Stage. dial
jitterbuffermaximum-delay
Defines the maximum delay (in msec) for the Dynamic Jitter Buffer.
jitterbufferminimum-delay
Defines the minimum delay (in msec) for the Dynamic Jitter Buffer.
jitterbufferoptimization-
Defines the Dynamic Jitter Buffer frame error-delay optimization factor.
- 439 -
CHAPTER 61 coders-and-profiles
MSBR | CLI Reference Guide
Command
Description
factor
mwi-analoglamp
Enables MWI support using an analog lamp (110 Volt).
mwi-display
Enables MWI support using Caller ID interface.
mwi-ntftimeout
Defines the maximum duration (timeout) that a message waiting indication (MWI) is displayed on endpoint equipment (phones' LED, screen notification or voice tone).
play-bsytone-2tel
Configures Don't play, Play Busy or Reorder tone when disconnecting ISDN call and Send PI=8, Play before disconnect.
polarityrvrsl
Enables Polarity Reversal.
profile-name Defines the Profile Name (string).
prog-ind-toip
Determines whether to send the Progress Indicator to IP.
rtp-ipdiffserv
Defines the RTP IP DiffServ.
signalingdiffserv
Defines the SIP Signaling DiffServ.
swap-teltoip- Swaps Tel to IP phone numbers. phone-numbers
telpreference
Defines the Profile Preference - the priority of the Tel Profile.
time-forreorder-tone
Defines the duration of the reorder tone that plays before the FXO releases the line [seconds].
voice-volume Defines the voice TDM output gain.
Command Mode Privileged User
Example This example configures a Tel Profile:
- 440 -
CHAPTER 61 coders-and-profiles
(config-voip)# coders-and-profiles tel-profile 0 (tel-profile-0)# profile-name PSTN (tel-profile-0)# activate
MSBR | CLI Reference Guide
- 441 -
CHAPTER 62 ids
MSBR | CLI Reference Guide
62 ids
This command configures the Intrusion Detection System (IDS) feature, which detects malicious attacks on the device and reacts accordingly.
Syntax (config-voip)# ids
Command global-parameters match policy
Description See global-parameters below See match on the next page See policy on page 444
Command Mode Privileged User
global-parameters
This command configures various IDS parameters.
Syntax (config-voip)# ids global-parameters (sip-security-ids-settings)#
Command alarm-clearperiod
enable-ids {off|on}
excludedresponses
Description Defines the interval (in seconds) after which an IDS alarm is cleared from the Active Alarms table if no thresholds are crossed during this time.
Enables the IDS feature.
Defines the SIP response codes that are excluded form the IDS count for SIP dialog establishment failures.
Command Mode
- 442 -
CHAPTER 62 ids
MSBR | CLI Reference Guide
Privileged User
Example This example enables IDS:
(config-voip)# ids global-parameters (sip-security-ids-settings)# enable-ids on
match
This command configures the IDS Matches table, which lets you implement your configured IDS Policies.
Syntax
(config-voip)# ids match <Index> (match-<Index>)#
Command Index policy proxy-set sip-interface subnet
Description Defines the table row index. Assigns an IDS Policy. Assigns a Proxy Set(s) to the IDS Policy. Assigns a SIP Interface(s) to the IDS Policy. Defines the subnet to which the IDS Policy is assigned.
Command Mode Privileged User
Example This example configures an IDS Match that applies IDS Policy "DOS" to SIP Interfaces 1 through 2:
(config-voip)# ids match 0 (match-0)# policy DOS (match-0)# sip-interface 1-2 (match-0)# activate
- 443 -
CHAPTER 62 ids
MSBR | CLI Reference Guide
policy
This command configures the IDS Policies table, which lets you define IDS Policies. The table is a parent of the IDS Rule table.
Syntax
(config-voip)# ids policy <Index> (policy-<Index>)#
Command Index description name
rule
Description
Defines the table row index.
Defines a brief description for the IDS Policy.
Defines a descriptive name, which is used when associating the row in other tables.
Defines the IDS Rule table, which lets you define IDS rules per IDS Policy. The table is a child of the IDS Policies table. For more information, see rule below.
Command Mode Privileged User
Example This example configures Trunk Group 1 for Trunk 1, channels 1-30:
(config-voip)# ids policy 0 (policy-0)# name DOS (policy-0)# activate
rule
This command configures the IDS Rule table, which lets you define IDS rules. The table is a child of the IDS Policies table.
Syntax
- 444 -
CHAPTER 62 ids
(config-voip)# ids policy <Index> (policy-<Index>)# ids rule <Index> (rule-<Index>/<Index>)#
Command Index critical-alrm-thr
deny-period
deny-thr
major-alrm-thr
minor-alrm-thr
reason {abnormalflow|any|authfailure|connectionabuse|establishfail|malformed-msg} threshold-scope {global |ip|ip-port} threshold-window
Command Mode Privileged User Example
MSBR | CLI Reference Guide
Description Defines the table row index. Defines the threshold that if crossed a critical severity alarm is sent. Defines the duration (in sec) to keep the attacker on the blacklist, if configured using deny-thr. Defines the threshold that if crossed, the device blocks (blacklists) the remote host (attacker). Defines the threshold that if crossed a major severity alarm is sent. Defines the threshold that if crossed a minor severity alarm is sent. Defines the type of intrusion attack.
Defines the source of the attacker to consider in the device's detection count. Defines the threshold interval (in seconds) during which the device counts the attacks to check if a threshold is crossed.
- 445 -
CHAPTER 62 ids
MSBR | CLI Reference Guide
This example configures this IDS policy rule: If 15 malformed SIP messages are received within a period of 30 seconds, a minor alarm is sent. Every 30 seconds, the rule's counters are cleared. If more than 25 malformed SIP messages are received within this period, the device blacklists for 60 seconds the remote IP host from where the messages were received:
(config-voip)# ids policy 0 (policy-0)# ids rule 1 (rule-0/1)# reason malformed-msg (rule-0/1)# threshold-scope ip (rule-0/1)# threshold-window 30 (rule-0/1)# deny-thr 25 (rule-0/1)# deny-period 60 (rule-0/1)# minor-alrm-thr 15 (rule-0/1)# major-alrm-thr 20 (rule-0/1)# critical-alrm-thr 25 (rule-0/1)# activate
- 446 -
CHAPTER 63 interface
63 interface
This command configures the PSTN interfaces.
Syntax (config-voip)# interface
Command bri e1-t1 fxs-fxo
Description See bri below See e1-t1 on page 450 See fxs-fxo on page 453
Command Mode Privileged User
bri
This command configures BRI interfaces.
Syntax (config-voip)# interface bri <Slot (Module)/Port> (bri <Slot/Port>)#
Command b-ch-negotiation
call-re-rte-mode
clock-priority
dig-oos-behavior
isdn-bits-cc-behavior
- 447 -
MSBR | CLI Reference Guide
Description ISDN B-Channel negotiation mode. Call Rerouting Mode for Trunk. Sets the trunk priority for auto-clock fallback. Setting Digital OOS Behavior Sets the ISDN Call Control
CHAPTER 63 interface
Command
isdn-bits-incoming-calls-behavior isdn-bits-ns-behavior isdn-bits-ns-extension-behavior isdn-bits-outgoing-calls-behavior isdn-layer2-mode isdn-termination-side isdn-xfer-cab local-isdn-rbt-src
ovrlp-rcving-type pi-in-rx-disc-msg
pi-to-isdn
- 448 -
MSBR | CLI Reference Guide
Description
Layer (Layer 4) behavior options.
Sets the ISDN incoming calls behavior options.
Sets the ISDN Network Layer (Layer 3) behavior options.
Sets additional ISDN Network Layer (Layer 3) behavior options.
Sets the ISDN outgoing calls behavior options.
Sets the ISDN layer2 mode.
Sets the ISDN termination side.
Send transfer capability to ISDN side on setup message.
If the ringback tone source is not IP, who should supply the Ringback tone.
Select reception type of overlap dialing from ISDN side
Configure PIForDisconnectMsg to overwrite PI value received in ISDN Disconnect message
Override the value of progress indicator to ISDN side in ALERT PROGRESS
CHAPTER 63 interface
MSBR | CLI Reference Guide
Command
Description
and PROCEEDING messages
play-rbt-to-trk
Enable ringback tone playing towards trunk side.
protocol
Sets the PSTN protocol to be used for this trunk.
pstn-alrt-timeout
Max time (in seconds) to wait for connect from PSTN
rmv-calling-name
Remove Calling Name For Trunk.
tei-assign-trigger
Bit-field defines when TEI assignment procedure is invoked
tei-config-p2mp
TEI value for P2MP BRI trunk.
tei-config-p2p
TEI value for P2P BRI trunk.
tei-remove-trigger
Bit-field defines when TEI should be removed.
trace-level {full-isdn| full-isdn-withduplications| layer3| layer3-noduplications| no-trace| q921-raw-data| q931| q931-q921-raw-data| q931-raw-data}
Defines the BRI trunk trace level. Note:
To configure and start a PSTN trace per trunk, use the following command: configure troubleshoot > logging logging-filters.
To start a PSTN trace for all trunks that have been configured with the trace-level
- 449 -
CHAPTER 63 interface
MSBR | CLI Reference Guide
Command trk-xfer-mode-type
Description
command option, use the following command: debug debug-recording <IP Address> pstn-trace.
To send PSTN traces to a Syslog server (instead of Wireshark), use the following command: configure troubleshoot > pstndebug.
Type of transfer the PSTN/PBX supports.
Command Mode Privileged User
Example This example configures BRI to NI2 ISDN protocol type (51):
(config-voip)# interface bri 2/1 (bri 2/1)# protocol 51 (bri 2/1)# activate
e1-t1
This command configures E1/T1 interfaces.
Syntax (config-voip)# interface e1-t1 <Slot (Module)/Port> (e1-t1 <Slot/Port>)#
Command b-ch-negotiation
Description ISDN B-Channel negotiation mode
- 450 -
CHAPTER 63 interface
MSBR | CLI Reference Guide
Command
Description
b-channel-nego-fortrunk
ISDN B-Channel negotiation mode for trunk.
call-re-rte-mode
Call Rerouting Mode for Trunk.
cas-channel-index
Defines the CAS Protocol Table index per channel.
cas-delimiters-types Defines the digits string delimiter padding usage for the specific trunk.
cas-dial-plan-name
Defines the Dial Plan name that will be used on the specific trunk.
cas-table-index
Indicates the CAS Protocol file to be used on the specific Trunk.
clock-master
Defines the trunk clock source.
clock-priority
Defines the trunk priority for auto-clock fallback.
dig-oos-behavior
Defines Digital OOS Behavior
framing
Defines the physical framing method to be used for this trunk.
isdn-bits-ccbehavior
Defines the ISDN Call Control Layer (Layer 4) behavior options.
isdn-bits-incomingcalls-behavior
Defines the ISDN incoming calls behavior options.
isdn-bits-nsbehavior
Defines the ISDN Network Layer (Layer 3) behavior options.
isdn-bits-nsextension-behavior
Sets additional ISDN Network Layer (Layer 3) behavior options.
isdn-bits-outgoingcalls-behavior
Sets the ISDN outgoing calls behavior options.
isdn-japan-ntttimer-t305
Defines a timeout (in seconds) that the device waits before sending an ISDN Release message after it has sent a Disconnect message, if no SIP message (e.g., 4xx response) is received within the timeout.
isdn-nfas-dchannel- Defines the ISDN NFAS D-channel type.
- 451 -
CHAPTER 63 interface
MSBR | CLI Reference Guide
Command
Description
type
isdn-nfas-groupnumber
Defines the group number of the ISDN NFAS group.
isdn-nfas-interface- Defines the ISDN NFAS Interface ID. Applicable only if the
id
NS_EXPLICIT_INTERFACE_ID behavior bit is set.
isdn-terminationside
Defines the ISDN termination side.
isdn-xfer-cab
Send transfer capability to ISDN side on setup message.
line-build-out-loss Defines the line build out loss to be used for this trunk.
line-build-outoverwrite
Overwrites the Framer's XPM register values which control the line pulse shape.
line-build-out-xpm0
Controls the Framer's XPM0 register value (line pulse shape control).
line-build-out-xpm1
Defines the Framer's XPM1 register value (line pulse shape control).
line-build-out-xpm2
Defines the Framer's XPM2 register value (line pulse shape control).
line-code
Defines the line code type to be used for this trunk.
local-isdn-rbt-src
If the ringback tone source is not IP, who should supply the Ringback tone.
ovrlp-rcving-type
Defines reception type of overlap dialing from ISDN side
pi-in-rx-disc-msg
Configure PIForDisconnectMsg in order to overwrite PI value received in ISDN Disconnect message
pi-to-isdn
Override the value of progress indicator to ISDN side in ALERT PROGRESS and PROCEEDING messages
play-rbt-to-trk
Enable ringback tone playing towards trunk side. Refer to User's Manual for details
protocol
Defines the PSTN protocol to be used for this trunk.
pstn-alrt-timeout
Defines max. time (in seconds) to wait for connect from
- 452 -
CHAPTER 63 interface
MSBR | CLI Reference Guide
Command
Description
PSTN
rmv-calling-name
Removes Calling Name For Trunk.
trace-level {fullisdn| full-isdnwith-duplications| layer3| layer3-noduplications| notrace| q921-rawdata| q931| q931q921-raw-data| q931raw-data}
Defines the PSTN trace level. Note:
To configure and start a PSTN trace per trunk, use the following command: configure troubleshoot > logging logging-filters.
To start a PSTN trace for all trunks that have been configured with the trace-level command option, use the following command: debug debug-recording <IP Address> pstn-trace.
To send PSTN traces to a Syslog server (instead of Wireshark), use the following command: configure troubleshoot > pstn-debug.
trk-xfer-mode-type
Defines the type of transfer the PSTN/PBX supports
Command Mode Privileged User
Example This example configures E1/T1 to E1 EURO ISDN protocol type (1):
(config-voip)# interface e1-t1 1/1 (e1-t1 1/1)# protocol 1 (e1-t1 1/1)# activate
fxs-fxo
This command configures FXS and FXO interfaces.
Syntax (config-voip)# interface fxs-fxo (fxs-fxo)#
- 453 -
CHAPTER 63 interface
MSBR | CLI Reference Guide
Command
Description
analog-port-enable
Enables the analog port.
bellcore-calleridtype-one-substandard
Selects the sub-standard of the Bellcore Caller ID type.
bellcore-vmwi-typeone-standard
Defines the Bellcore VMWI standard.
caller-id-timingmode
Defines the Analog Caller ID Timing Mode.
caller-id-type
Defines the Caller ID standard.
current-disconnectduration
Defines the current-disconnect duration (in msec).
defaultlinepolarity-state
Sets the default line polarity state.
disable-analog-autocalibration
Determines whether to enable the analog Autocalibration in the DAA.
enable-analog-dcremover
Determines whether to enable the analog DC remover in the DAA.
enable-fxo-currentlimit
Enables loop current limit to a maximum of 60mA (TBR21) or disables the FXO line current limit.
etsi-callerid-typeone-sub-standard
Selects the number denoting the ETSI CallerID Type 1 sub-standard.
etsi-vmwi-type-onestandard
Selects the number denoting the ETSI VMWI Type 1 Standard.
far-end-disconnecttype
Sets the source for the acEV_FAR_END_DISCONNECTED event.
flash-hook-period
Defines the flashhook detection and generation period (in msec).
fxo-countrycoefficients
Line characteristic (AC and DC) according to country.
fxo-dc-termination
Defines the FXO line DC termination.
- 454 -
CHAPTER 63 interface
MSBR | CLI Reference Guide
Command fxs-countrycoefficients fxs-line-testing <Module/Port> {66|70} fxs-rx-gain-control
fxs-tx-gain-control
metering-on-time metering-type min-flash-hook-time
mwi-indication-type
polarity-reversaltype rx-gain-control
time-to-sampleanalog-line-voltage tx-gain-control
wink-time
Description
Defines the line characteristic (AC and DC) according to country.
Performs an FXS line test for a specified FXS port and coefficient type (66 for TBR21 and 70 for USA).
Defines gain\attenuation of the FXS Rx path between 17db and 18db.
Defines gain\attenuation of the FXS Tx path between 22db and 10db.
Defines the metering signal duration to be detected
Defines the metering method for charging pulses.
Defines the minimal time (in msec) for detection of a flash hook event (for FXS only).
Defines the type of (MWI) Message Waiting Indicator (for FXS only).
Defines type of polarity reversal signal used for network far-end answer and disconnect indications.
Defines gain attenuation of the FXO Rx path between 15db and 12db.
Defines the time to sample the analog line voltage after offhook, for the current disconnect threshold.
Defines gain attenuation of the FXO Tx path between 15db and 12db.
Defines time elapsed between two consecutive polarity reversals.
Command Mode Privileged User
Example This example enables FXS port 1 in Module 2:
- 455 -
CHAPTER 63 interface
(config-voip)# interface fxs-fxo (fxs-fxo)# analog-port-enable 1/2 (fxs-fxo)# activate
MSBR | CLI Reference Guide
- 456 -
CHAPTER 64 ip-group
MSBR | CLI Reference Guide
64 ip-group
This command configures the IP Groups table, which lets you define IP Groups.
Syntax (config-voip)# ip-group <Index> (ip-group-<Index>)#
Command Index always-use-route-table {disable|enable} always-use-source-addr {disable|enable}
authentication-method-list
authentication-mode {sbc-asclient|sbc-as-server|userauthenticates} bandwidth-profile cac-profile
call-setup-rules-set-id classify-by-proxy-set {disable|enable}
contact-user
Description
Defines the table row index.
Defines the Request-URI host name in outgoing INVITE messages.
Enables the device to always send SIP requests and responses, within a SIP dialog, to the source IP address received in the previous SIP message packet.
Defines SIP methods received from the IP Group that must be challenged by the device when the device acts as an Authentication server.
Defines the authentication mode.
Assigns a Bandwidth Profile rule.
Assigns a Call Admission Control Profile.
Assigns a Call Setup Rule Set ID.
Enables classification of incoming SIP dialogs (INVITEs) to Server-type IP Groups based on Proxy Set (assigned using the IPGroup_ProxySetName parameter).
Defines the user part of the From, To,
- 457 -
CHAPTER 64 ip-group
MSBR | CLI Reference Guide
Command
dst-uri-input dtls-context inbound-mesg-manipulation-set internal-media-realm-name
ip-profile-name local-host-name max-num-of-reg-users
Description
and Contact headers of SIP REGISTER messages, and the user part of the Contact header of INVITE messages received from this IP Group and forwarded by the device to another IP Group.
Defines the SIP header in the incoming INVITE to use as a call matching characteristic based on destination URIs.
Assigns a TLS Context (certificate) to the IP Group, which is used for DTLS sessions (handshakes) with the IP Group.
Assigns a Message Manipulation Set (rule) to the IP Group for SIP message manipulation on the inbound leg.
Assigns an "internal" Media Realm to the IP Group. This is applicable when the device is deployed in a Microsoft Teams environment. The device selects this Media Realm (instead of the Media Realm assigned by the media-realm-name command) if the value of the X-MS-UserLocation header in the incoming SIP message is "Internal" and the teams-localmedia-optimizationhandling command is configured to any value other than none.
Assigns an IP Profile to the IP Group.
Defines the host name (string) that the device uses in the SIP message's Via and Contact headers.
Defines the maximum number of users in this IP Group that can register with the device.
- 458 -
CHAPTER 64 ip-group
MSBR | CLI Reference Guide
Command media-realm-name msg-man-user-defined-string1
msg-man-user-defined-string2
name oauth-http-service
outbound-mesg-manipulation-set password
proxy-keepalive-use-ipg {disable|enable} proxy-set-name
qoe-profile re-routing-mode {not-
Description
Assigns a Media Realm to the IP Group.
Defines a value for the SIP user part that can be used in Message Manipulation rules configured in the Message Manipulations table.
Defines a value for the SIP user part that can be used in Message Manipulation rules configured in the Message Manipulations table.
Defines a descriptive name, which is used when associating the row in other tables.
Assigns a Remote Web Service to the IP Group for OAuth-based authentication of incoming SIP requests.
Assigns a Message Manipulation Set (rule) to the IP Group for SIP message manipulation on the outbound leg.
Defines the shared password for authenticating the IP Group, when the device acts as an Authentication server.
Enables the device to apply certain IP Group settings to keep-alive SIP OPTIONS messages that are sent by the device to the proxy server.
Assigns a Proxy Set to the IP Group. All INVITE messages destined to the IP Group are sent to the IP address configured for the Proxy Set.
Assigns a Quality of Experience Profile rule.
Defines the routing mode after a call
- 459 -
CHAPTER 64 ip-group
MSBR | CLI Reference Guide
Command
Description
configured|proxy|routingtable|standard}
redirection (i.e., a 3xx SIP response is received) or transfer (i.e., a SIP REFER request is received).
registration-mode {noregistrations|sbsinitiates|user-initiates}
Defines the registration mode for the IP Group.
sbc-alt-route-reasons-set
Assigns an Alternative Reasons Set to the IP Group.
sbc-client-forking-mode {parallel|sequential|sequentialavailable-only}
Defines call forking of INVITE messages to up to five separate SIP outgoing legs for User-type IP Groups.
sbc-dial-plan-name
Assigns a Dial Plan to the IP Group.
sbc-keep-call-id
Enables the device to use the same call identification (SIP Call-ID header value) received in incoming messages for the call identification in outgoing messages.
sbc-operation-mode {b2bua|callstateful-proxy|microsoftserver|not-configured}
Defines the device's operational mode for the IP Group.
sbc-psap-mode {disable|enable}
Enables E9-1-1 emergency call routing in a Microsoft Skype for Business environment.
sbc-server-auth-type {accordingto-globalparameter|locally|remotelyaccording-draftsterman|remotely-by-oauth}
Defines the authentication method when the device, as an Authentication server, authenticates SIP requests from the IP Group.
sbc-user-stickiness {disable|enable}
Enables SBC user registration "stickiness" to a registrar.
sip-connect
Defines the IP Group as a registered server that represents multiple users.
sip-group-name
Defines the SIP Request-URI host name in INVITE and REGISTER
- 460 -
CHAPTER 64 ip-group
MSBR | CLI Reference Guide
Command
Description
messages sent to the IP Group, or the host name in the From header of INVITE messages received from the IP Group.
sip-source-host-name
Defines the hostname of the URI in certain SIP headers, overwriting the original host part of the URI.
src-uri-input
Defines the SIP header in the incoming INVITE that is used for call matching characteristics based on source URIs.
srd-name
Assigns an SRD to the IP Group.
tags
Assigns Dial Plan tags for routing and manipulation.
teams-local-media-optimizationhandling {none| sbc-decides| teams-decides}
Enables and defines media optimization handling when the device is deployed in a Microsoft Teams environment. The handling is based on Microsoft proprietary SIP headers, X-MS-UserLocation and XMS-MediaPath.
teams-local-mo-initial-behavior {direct-media| external| internal}
Defines how the central SBC device (proxy SBC scenario) initially sends the received INVITE message with the SDP Offer to Teams when the device is deployed in a Microsoft Teams environment for Media Optimization.
topology-location {down|up}
Defines the display location of the IP Group in the Topology view of the Web interface.
type {gateway|server|user}
Defines the type of IP Group
use-requri-port {disable|enable}
Enables the device to use the port indicated in the Request-URI of the incoming message as the destination port when routing the message to the IP Group.
- 461 -
CHAPTER 64 ip-group
MSBR | CLI Reference Guide
Command used-by-routing-server {notused|used} username
uui-format {disable|enable}
Description
Enables the IP Group to be used by a third-party routing server for call routing decisions.
Defines the shared username for authenticating the IP Group, when the device acts as an Authentication server.
Enables the generation of the Avaya UCID value, adding it to the outgoing INVITE sent to this IP Group.
Command Mode Privileged User
Example This example configures a Server-type IP Group called "ITSP":
(config-voip)# ip-group 0 (ip-group-0)# name ITSP (ip-group-0)# type server (ip-group-0)# media-realm-name ITSP (ip-group-0)# activate
- 462 -
CHAPTER 65 media
MSBR | CLI Reference Guide
65 media
This command configures media.
Syntax (config-voip)# media
Command fax-modem ipmedia rtp-rtcp security settings tdm voice
Description See fax-modem below See ipmedia on page 466 See rtp-rtcp on page 467 See security on page 469 See settings on page 471 See tdm on page 473 See voice on page 475
Command Mode Privileged User
fax-modem
This command configures fax parameters.
Syntax (config-voip)# media fax-modem (media-fax-modem)#
Command FaxRelayTimeoutSec
Description
A channel during fax relay session cannot relatch on another RTP/RTCP/T38 stream until no T38 packets arrived from or sent to current stream during the timeout (sec).
- 463 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command
Description
V1501AllocationProfile Defines the V.150.1 profile.
caller-id-transporttype
Defines the Caller ID Transport type.
ced-transfer-mode
Defines the CED transfer mode.
cng-detector-mode
Defines the fax CNG tone detector mode.
coder
Defines the Fax/Modem bypass coder.
ecm-mode
Enables ECM (Error Correction Mode) during T.38 Fax Relay.
enhanced-redundancydepth
Defines the number of repetitions to be applied to control packets when using T.38 standard.
fax-cng-mode
0-Does not send a SIP re-INVITE, 1-Sends T.38 reINVITE upon detection of fax CNG tone, 2-Sends T.38 re-INVITE upon detection of fax CNG tone or v8cn signal
fax-transport-mode {bypass|disable|eventsonly|t.38-relay}
Defines the Fax over IP transport method.
max-rate
Limits the maximum transfer rate of the fax during T.38 Fax Relay session.
modem-bypass-outputgain
Defines the modem bypass output gain [dB].
packing-factor
Defines the number of 20 msec payloads to be generated in a single RTP fax/modem bypass packet.
redundancy-depth
Determines the depth of redundancy for non-V.21 T.38 fax packets.
sprt-transportchannel0-max-payloadsize
Defines the V.150.1 SPRT transport channel 0 max payload size.
sprt-transportchannel2-max-payloadsize
Defines the V.150.1 SPRT transport channel 2 max payload size.
- 464 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command
Description
sprt-transportchannel2-max-windowsize
Defines the V.150.1 SPRT transport channel 2 max window size.
sprt-transportchannel3-max-payloadsize
Defines the V.150.1 SPRT transport channel 3 max payload size.
sse-redundancy-depth
Defines the V.150.1 SSE redundancy depth.
v1501-sse-payload-type- Defines the received V.1501.1 SSE RTP payload type. rx
v21-modem-transporttype
Sets the V.21 modem transport method.
v22-modem-transporttype
Defines the V.22 modem transport method.
v23-modem-transporttype
Defines the V.23 modem transport method.
v32-modem-transporttype
Defines the V.32 modem transport method.
v34-modem-transporttype
Defines the V.34 modem transport method.
version
Defines the T.38 fax relay version.
Command Mode Privileged User
Example This example configures the fax transport type to T.38:
(config-voip)# media fax-modem (media-fax-modem)# fax-transport-mode t.38-relay (media-fax-modem)# activate
- 465 -
CHAPTER 65 media
MSBR | CLI Reference Guide
ipmedia
This command configures various IP-media parameters.
Syntax (config-voip)# media ipmedia (media-ipmedia)#
Command
Description
agc-disablefast-adaptation
Disables the AGC (Automatic Gain Control) Fast Adaptation mode.
agc-enable
Activates the AGC (Automatic Gain Control).
agc-gain-slope Defines the AGC convergence rate.
agc-max-gain
Defines the maximum signal gain of the AGC [dB].
agc-min-gain
Defines the minimum signal gain of the AGC [dB].
agc-redirection
Redirects the AGC output towards the TDM instead of towards the network.
agc-targetenergy
Defines the target signal energy level of the AGC [-dBm]
energydetector-enable
Activates the Energy Detector.
energydetectorredirection
Redirect the Energy Detector towards the network instead of TDM.
energydetectorsensitivity
Defines the Energy Detector's sensitivity.
energydetectorthreshold
Defines the ED's (Energy Detector's) threshold according to the formula: -44 + (EDThreshold * 6) [- dBm].
ipm-detectorsenable
Enables DSP IP Media Detectors.
- 466 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example enables AD:
(config-voip)# media ipmedia (media-ipmedia)# answer-detector-enable on (media-ipmedia)# activate
rtp-rtcp
This command configures various RTP-RTCP parameters.
Syntax (config-voip)# media rtp-rtcp (media-rtp-rtcp)#
Command
Description
AnalogSignalTransportType
Defines the analog signal transport type.
EnableStandardSIDPayloadType
Defines the Silence Indicator (SID) packets that are sent and received are according to RFC 3389.
L1L1ComplexTxUDPPort
Defines the Source UDP port for the outgoing UDP Multiplexed RTP packets, for Complex-Multiplex RTP mode
RTPFWInvalidPacketHandling
Defines the way an invalid packet should be handled.
RTPPackingFactor
Defines the number of DSP payloads for generating one RTP packet.
RtpFWNonConfiguredPTHandling Defines the the way a packet with nonconfigured payload type should be handled.
VQMONBURSTHR
Defines the voice quality monitoring excessive burst alert threshold
- 467 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command VQMONDELAYTHR VQMONEOCRVALTHR VQMONGMIN base-udp-port com-noise-gen-nego disable-rtcp-randomization fax-bypass-payload-type jitter-buffer-minimum-delay jitter-buffer-optimizationfactor modem-bypass-payload-type publication-ip-group-id remote-rtp-b-udp-prt rtcp-interval rtcp-xr-coll-srvr rtcp-xr-rep-mode
Description
Defines the voice quality monitoring excessive delay alert threshold
Defines the voice quality monitoring - end of call low quality alert threshold
Defines the voice quality monitoring minimum gap size (number of frames)
Defines the lower boundary of UDP ports to be used by the board.
CN payload type is used and being negotiate
Defines the RTCP report intervals.
Defines the Fax Bypass (VBD) Mode payload type.
Defines the Dynamic Jitter Buffer Minimum Delay [msec]
Defines the Dynamic Jitter Buffer attack/decay performance.
Defines the Modem Bypass (VBD) Payload type.
Defines the IP Group to where the device sends RTCP XR reports.
Defines the Remote Base UDP Port For Aggregation
Defines the time interval between the adjacent RTCP report (in msec).
Defines the RTCP-XR server IP address
0:rtcpxr is not sent over SIP at all{@}1:rtcpxr is sent over sip when call ended{@}2:rtcpxr is sent over sip when on periodic interval and when call ended{@}3:rtcpxr is sent over sip when media segment ended and when call ended
- 468 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command rtcpxr-collect-servtransport rtp-redundancy-depth
rtp-redundancy-payload-type
sbc-rtcpxr-report-mode
udp-port-spacing {10|4|5} voice-quality-monitoringenable
Description Defines the RtcpXrEsc transport type
Defines the redundancy depth of RTP redundancy packets. Defines the RTP Redundancy packet's Payload Type field. 0:rtcpxr is not sent over SIP at all,1:rtcpxr is sent over sip when call ended Defines the UDP port spacing. Defines the voice quality monitoring (RTCPXR) mode.
Command Mode Privileged User
Example This example configures UDP port spacing:
(config-voip)# media rtp-rtcp (media-rtp-rtcp)# udp-port-spacing 5 (media-rtp-rtcp)# activate
security
This command configures various security parameters.
Syntax (config-voip)# media security (media-security)#
Command aria-protocol-support {off|on}
Description
Enables ARIA media encryption
- 469 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command
media-sec-bhvior {mandatory|preferable|preferable-singlemedia}
media-security-enable {off|on}
offer-srtp-cipher {aes-256-cm-hmac-sha132|aes-256-cm-hmac-sha1-80|aes-cm-128-hmacsha1-32|aes-cm-128-hmac-sha1-80|all|aria-cm128-hmac-sha1-80|aria-cm-192-hmac-sha180|not-configured} rtcp-encryption-disable-tx {disable|enable}
rtp-authentication-disable-tx {disable|enable}
rtp-encryption-disable-tx {disable|enable}
srtp-tnl-vld-rtcp-auth {off|on}
srtp-tnl-vld-rtp-auth {srtp-tnl-vld-rtcpauth|srtp-tnl-vld-rtp-auth}
Description
algorithm.
Defines the device behavior when receiving offer/response for media encryption.
Enables the media security protocol (SRTP).
Defines the offered SRTP cipher suite.
On a secured RTP session, disables encryption on transmitted RTCP packets.
On a secured RTP session, disables authentication on transmitted RTP packets.
On a secured RTP session, disables encryption on transmitted RTP packets.
Validates SRTP Tunneling Authentication for RTCP.
Validates SRTP Tunneling
- 470 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command srtp-tx-packet-mKi-size rsymmetric-mki
Description
Authentication for RTP.
Defines the size of the Master Key Identifier (MKI) in transmitted SRTP packets.
Enables symmetric MKI negotiation.
Command Mode Privileged User
Example This example enables SRTP:
(config-voip)# media security (media-security)# media-security-enable on (media-security)# activate
settings
This command configures various media settings.
Syntax (config-voip)# media settings (media-settings)#
Command AmrOctetAlignedEnable G729EVLocalMBS
G729EVMaxBitRate
Description Defines the AMR payload format. Defines the maximum generation bitrate of the G729EV coder for a specific channel. Defines the maximum generation bitrate for
- 471 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command
Description
all participants in a session using G729EV coder.
G729EVReceiveMBS
Defines the maximum generation bitrate of the G729EV coder to be requested from the other party.
NewRtcpStreamPackets
Defines the minimal number of continuous RTCP packets, allowing latching an incoming RTCP stream.
NewRtpStreamPackets
Defines the minimal number of continuous RTP packets, allowing latching an incoming RTP stream.
NewSRTPStreamPackets
Defines the minimal number of continuous RTP packets, allowing latching an incoming RTP stream during SRTP session.
NewSRtcpStreamPackets
Defines the minimal number of continuous RTCP packets, allowing latching an incoming RTCP stream during SRTP session.
TimeoutToRelatchRTCPMsec
If a channel latched on an incoming RTCP stream, it cannot relatch onto another one until no packets of the old stream arrive during the timeout (msec).
TimeoutToRelatchRTPMsec
A channel during RTP session cannot relatch onto another RTP/RTCP/T38 stream until no RTP packets arrived from current stream during the timeout (msec).
TimeoutToRelatchSRTPMsec
A channel during SRTP session cannot relatch on another RTP/RTCP/T38 stream until no RTP packets arrived from current stream during the timeout (msec).
TimeoutToRelatchSilenceMsec
A channel in silence mode during RTP/SRTP session cannot relatch on another RTP/RTCP/T38 stream until no packets arrived from current stream during the timeout (msec).
cot-detector-enable
Enables COT (Continuity Tones) detection and
- 472 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command
disable-nat-traversal {0|1|2|3|4} inbound-media-latch-mode silk-max-average-bitrate silk-tx-inband-fec
Description generation. Defines the NAT mode.
Defines the handling of incoming media packets from non-expected address/port. Defines the SILK coder maximal average bit rate. Enables the SILK FEC (Forward Error Correction).
Command Mode Privileged User
Example This example defines the NAT mode so that NAT traversal is performed only if the UA is located behind NAT:
(config-voip)# media settings (media-settings)# disable-nat-traversal 0 (media-settings)# activate
tdm
This command configures various TDM clock synchronization and bus.
Syntax (config-voip)# media tdm (media-tdm)#
Command
TDMBusClockSource {MVIP|atmoc12|atm-oc3|atm-oc3-b|bits|h110A|h110-b|internal|net-reference1|net-reference-2|network|network-
Description
Defines the clock source on which the device synchronizes.
- 473 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command b|network-ds3-1|network-ds32|network-ds3-3|sc-2m|sc-4m|sc-8m} bus-type {analog|ext|framers|h110|mvip|nobus|pstn-sw|qslac|sc} idle-abcd-pattern
idle-pcm-pattern
pcm-law-select {alaw|automatic|mulaw}
pstn-bus-auto-clock {off|on}
pstn-bus-auto-clock-reverting {off|on} tdm-bus-auto-fallback {holdover| internal} tdm-bus-local-reference <Trunk ID>
Description
Defines the TDM bus interface.
Defines ABCD (CAS) pattern applied on signaling bus before it is changed.
Defines the PCM pattern applied to the E1/T1 timeslot (Bchannel) when the channel is closed and during silence periods when Silence Compression is used.
Defines the type of PCM companding law in the input/output TDM bus.
Enables the PSTN Trunk AutoFallback feature.
Enables the PSTN Trunk AutoFallback Reverting feature.
Defines the fallback clock (when auto clock on).
Defines the Trunk ID for the clock synchronization source of the device.
Command Mode Privileged User
Example This example defines the clock source as internal and uses Trunk Group ID 1:
- 474 -
CHAPTER 65 media
MSBR | CLI Reference Guide
(config-voip)# media tdm (media-tdm)# TDMBusClockSource internal (media-tdm)# tdm-bus-local-reference 1 (media-tdm)# activate
voice
This command configures various voice settings.
Syntax (config-voip)# media voice (media-voice)#
Command
Description
acoustic-echosuppressor-attenuationintensity
Defines acoustic echo suppressor signals identified as echo attenuation intensity.
acoustic-echosuppressor-enable {off| on}
Enables network acoustic echo suppressor.
acoustic-echosuppressor-max-erl
Defines acoustic echo suppressor max ratio between signal level and returned echo from phone [dB].
acoustic-echosuppressor-maxreference-delay
Defines acoustic echo suppressor max reference delay [10 ms].
acoustic-echosuppressor-minreference-delay
Defines acoustic echo suppressor min reference delay [10 ms].
caller-id-transporttype
Defines the Caller ID Transport type.
default-dtmf-signalduration
Defines the time to play DTMF (in msec).
dtmf-detector-enable
Enables the detection of DTMF signaling.
dtmf-generation-twist
Defines a delta between the high and low frequency
- 475 -
CHAPTER 65 media
MSBR | CLI Reference Guide
Command
dtmf-transport-type
dtmf-volume echo-canceller-enable echo-canceller-type input-gain inter-digit-interval mf-transport-type
mfr1-detector-enable voice-volume
Description components in the DTMF signal [db]. Defines the transport method of DTMFs over the network. Defines the DTMF generation volume [-dbm]. Enables the Echo Canceller. Defines the Echo Canceller type. Defines the TDM input gain [dB]. Defines the time between DTMFs played (in msec). Defines the method for transport MFs over the network. Enables the detection of MF-R1 signaling. Defines the voice TDM output gain [dB]
Command Mode Privileged User
Example This example enables the Acoustic Echo Suppressor:
(config-voip)# media voice (media-voice)# acoustic-echo-suppressor-enable on (media-voice)# activate
- 476 -
CHAPTER 66 message
MSBR | CLI Reference Guide
66 message
This command configures SIP message manipulation tables.
Syntax (config-voip)# message
Command
Description
call-setup-rules
See call-setup-rules below
message-manipulations See message-manipulations on page 479
message-policy
See message-policy on page 480
pre-parsing-manip-sets See pre-parsing-manip-sets on page 482
settings
See settings on page 483
Command Mode Privileged User
call-setup-rules
This command configures the Call Setup Rules table, which lets you define Call Setup rules. Call Setup rules define various sequences that are run upon the receipt of an incoming call (dialog) at call setup, before the device routes the call to its destination.
Syntax
(config-voip)# message call-setup-rules <Index> (call-setup-rules-<Index>)#
Command Index action-subject
Description
Defines the table row index.
Defines the element (e.g., SIP header, SIP parameter, SIP body, or Dial Plan tag) upon which you want to perform the action if the condition,
- 477 -
CHAPTER 66 message
MSBR | CLI Reference Guide
Command
Description
configured in the 'Condition' parameter (see above) is met.
action-type {add|add-prefix|addsuffix|exit|modify|none|remove|removeprefix|remove-suffix|run-rules-set}
Defines the type of action to perform.
action-value
Defines a value that you want to use in the action.
attr-to-get
Defines the Attributes of the queried LDAP record that the device must handle (e.g., retrieve value).
request-key
Defines the key to query.
condition
Defines the condition that must exist for the device to perform the action.
request-target
Defines the request target.
request-type {dial-plan|enum|httpget|http-post-notify| http-postquery|ldap|none}
Defines the type of request.
row-role {use-current-condition|useprevious-condition}
Determines which condition must be met for this rule to be performed.
rules-set-id
Defines a Set ID for the rule.
rules-set-name
Defines an arbitrary name to easily identify the row.
Command Mode Privileged User
Example This example replaces (manipulates) the incoming call's source number with a number retrieved from the AD by an LDAP query. The device queries the AD server for the attribute
- 478 -
CHAPTER 66 message
MSBR | CLI Reference Guide
record, "telephoneNumber" whose value is the same as the received source number (e.g., "telephoneNumber =4064"). If such an Attribute exists, the device retrieves the number of the Attribute record, "alternateNumber" and uses this number as the source number:
(config-voip)# message call-setup-rules 0 (call-setup-rules-0)# query-type ldap (call-setup-rules-0)# query-target LDAP-DC-CORP (call-setup-rules-0)# attr-to-query `telephoneNumber=' + param.call.src.user (call-setup-rules-0)# attr-to-get alternateNumber (call-setup-rules-0)# row-role use-current-condition (call-setup-rules-0)# condition ldap.attr. alternateNumber exists (call-setup-rules-0)# action-subject param.call.src.user (call-setup-rules-0)# action-type modify (call-setup-rules-0)# action-value ldap.attr. alternateNumber (call-setup-rules-0)# activate
message-manipulations
This command configures the Message Manipulations table, which lets you define SIP Message Manipulation rules.
Syntax
(config-voip)# message message-manipulations <Index> (message-manipulations-<Index>)#
Command
Description
Index
Defines the table row index.
action-subject
Defines the SIP header upon which the manipulation is performed.
action-type {add|add-prefix|addsuffix|modify|normalize|remove|removeprefix|remove-suffix}
Defines the type of manipulation.
action-value
Defines a value that you want to use in the manipulation.
condition
Defines the condition that must exist for the rule to be
- 479 -
CHAPTER 66 message
MSBR | CLI Reference Guide
Command manipulation-name
manipulation-set-id message-type row-role
Description
applied.
Defines a descriptive name, which is used when associating the row in other tables.
Defines a Manipulation Set ID for the rule.
Defines the SIP message type that you want to manipulate.
Determines which message manipulation condition (configured by the 'Condition' parameter) to use for the rule.
Command Mode Privileged User
Example This example adds ";urgent=1" to the To header if the URL of the Request-URI in the INVITE message equals "120":
(config-voip)# message message-manipulations 0 (message-manipulations-0)# message-type invite.request (message-manipulations-0)# condition header.request.uri.url=='120' (message-manipulations-0)# action-subject header.to (message-manipulations-0)# action-type modify (message-manipulations-0)# action-value header.to +';urgent=1' (message-manipulations-0)# activate
message-policy
This command configures the Message Policies table, which lets you define SIP Message Policy rules.
Syntax
- 480 -
CHAPTER 66 message
MSBR | CLI Reference Guide
(config-voip)# message message-policy <Index> (message-policy-<Index>)#
Command Index body-list
body-list-type {policyblacklist|policywhitelist} max-body-length max-header-length max-message-length max-num-bodies
max-num-headers method-list
method-list-type {policyblacklist|policywhitelist} name
send-rejection {policydrop|policy-reject}
signature-db-enable {disabled|enabled}
Description
Defines the table row index.
Defines the SIP body type (i.e., value of the Content-Type header) to blacklist or whitelist.
Defines the policy (blacklist or whitelist) for the SIP body specified in the 'Body List' parameter (above).
Defines the maximum SIP message body length.
Defines the maximum SIP header length.
Defines the maximum SIP message length.
Defines the maximum number of bodies (e.g., SDP) in the SIP message.
Defines the maximum number of SIP headers.
Defines SIP methods (e.g., INVITE\BYE) to blacklist or whitelist.
Defines the policy (blacklist or whitelist) for the SIP methods specified in the 'Method List' parameter (above).
Defines a descriptive name, which is used when associating the row in other tables.
Defines whether the device sends a SIP response if it rejects a message request due to the Message Policy.
Enables the use of the Malicious Signature database (signature-based detection).
Command Mode Privileged User
- 481 -
CHAPTER 66 message
MSBR | CLI Reference Guide
Example This example configures the maximum number of bodies in SIP messages to two:
(config-voip)# message message-policy 0 (message-policy-0)# name ITSP-Message (message-policy-0)# max-num-bodies 2 (message-policy-0)# activate
pre-parsing-manip-sets
This command configures the Pre-Parsing Manipulation Set table, which lets you define PreParsing Manipulation Sets. The table is a parent of the Pre-Parsing Manipulation Rules table.
Syntax
(config-voip)# message pre-parsing-manip-sets <Index> (pre-parsing-manip-sets-<Index>)#
Command
Description
Index
Defines the table row index.
name
Defines a descriptive name, which is used when associating the row in other tables.
preparsingmaniprules
Defines the Pre-Parsing Manipulation Rules table, which lets you define PreParsing Manipulation rules. The table is a child of the Pre-Parsing Manipulation Set table. For more information, see pre-parsing-manip-rules on the next page.
Command Mode Privileged User
Example This example configures the maximum number of bodies in SIP messages to two:
(config-voip)# message pre-parsing-manip-sets 0 (pre-parsing-manip-sets-0)# name ITSP-PreManip (pre-parsing-manip-sets-0)# activate
- 482 -
CHAPTER 66 message
MSBR | CLI Reference Guide
pre-parsing-manip-rules
This command configures the Pre-Parsing Manipulation Rules table, which lets you define PreParsing Manipulation rules. The table is a child of the Pre-Parsing Manipulation Set table.
Syntax
(config-voip)# message pre-parsing-manip-sets <Index> (pre-parsing-manip-sets-<Index>)# pre-parsing-manip-rules <Index> (pre-parsing-manip-rules-<Index>/<Index>)#
Command Index message-type
pattern
replace-with
Description
Defines the table row index.
Defines the SIP message type to which you want to apply the rule.
Defines a pattern, based on regex, to search for (match) in the incoming message.
Defines a pattern, based on regex, to replace the matched pattern.
Command Mode Privileged User
Example This example replaces the user part (if exists) in the From header URL with "1000", for INVITE messages:
(config-voip)# message pre-parsing-manip-sets 0 (pre-parsing-manip-sets-0)# pre-parsing-manip-rules 1 (pre-parsing-manip-rules-0/1)# message-type invite.request (pre-parsing-manip-rules-0/1)# pattern From: *<sip:([^@]+)(@\S*) (pre-parsing-manip-rules-0/1)# replace-with `From: <sip:' + `1000' + $2 (pre-parsing-manip-rules-0/1)# activate
settings
This command configures various manipulation options.
- 483 -
CHAPTER 66 message
MSBR | CLI Reference Guide
Syntax
(config-voip)# message settings (sip-message-settings)#
Command
Description
inboundmap-set
Assigns a Manipulation Set ID for manipulating for manipulating all inbound INVITE messages (Gateway only) or incoming responses of requests that the device initiates.
outboundmap-set
Assigns a Manipulation Set ID for manipulating for manipulating all outbound INVITE messages (Gateway only) or outgoing responses of requests that the device initiates.
Command Mode Privileged User
Example This example assigns Manipulation Set ID 2 for manipulating incoming responses of requests that the device initiates:
(config-voip)# message settings (sip-message-settings)# inbound-map-set 2
- 484 -
CHAPTER 67 proxy-set
MSBR | CLI Reference Guide
67 proxy-set
This command configures the Proxy Sets table, which lets you define Proxy Sets. The table is a parent of the Proxy Address table.
Syntax (config-voip)# proxy-set <Index> (proxy-set-<Index>)#
Command
Description
Index
Defines the table row index.
accept-dhcp-proxy-list
Enables the device to obtain the Proxy Set's address(es) from a DHCP server using DHCP Option 120.
classification-input {ip- Defines how the device classifies incoming IP
only|ip-port-transport}
calls to the Proxy Set.
dns-resolve-method {arecord|ms-lync|naptr|notconfigured|srv}
Defines the DNS query record type for resolving the proxy server's host name (FQDN) into an IP address.
fail-detect-rtx
Defines the maximum number of UDP retransmissions that the device sends to an offline proxy, before the device considers the proxy as being offline.
gwipv4-sip-int-name
Assigns an IPv4-based SIP Interface for Gateway calls to the Proxy Set.
gwipv6-sip-int-name
Assigns an IPv6-based SIP Interface for Gateway calls to the Proxy Set.
is-proxy-hot-swap {disable|enable}
Enables the Proxy Hot-Swap feature, whereby the device switches to a redundant proxy upon a failure in the primary proxy (no response is received).
keepalive-fail-resp
Defines SIP response codes that if any is received in response to a keep-alive message using SIP OPTIONS, the device considers the proxy as down.
- 485 -
CHAPTER 67 proxy-set
MSBR | CLI Reference Guide
Command
Description
priority <0-65535>
Defines the priority of the proxy server.
min-active-serv-lb
Defines the minimum number of proxies in the Proxy Set that must be online for the device to consider the Proxy Set as online, when proxy load balancing is used.
proxy-enable-keep-alive {disable|usingoptions|using-options-onactive-server|usingregister}
Enables the device's Proxy Keep-Alive feature, which checks communication with the proxy server.
proxy-ip
Defines the Proxy Address table, which defines addresses for the Proxy Set. The table is a child of the Proxy Sets table. For more information, see proxy-ip on the next page.
proxy-keep-alive-time
Defines the interval (in seconds) between keepalive messages sent by the device when the Proxy Keep-Alive feature is enabled (see the 'Proxy Keep-Alive' parameter in this table).
proxy-load-balancingmethod {disable|randomweights|round-robin}
Enables load balancing between proxy servers of the Proxy Set.
proxy-name
Defines a descriptive name, which is used when associating the row in other tables.
proxy-redundancy-mode {homing|notconfigured|parking}
Determines whether the device switches from a redundant proxy to the primary proxy when the primary proxy becomes available again.
sbcipv4-sip-int-name
Assigns an IPv4-based SIP Interface for SBC calls to the Proxy Set.
sbcipv6-sip-int-name
Assigns an IPv6-based SIP Interface for SBC calls to the Proxy Set.
srd-name
Assigns an SRD to the Proxy Set.
success-detect-int
Defines the interval (in seconds) between each keep-alive retries (as configured by the 'Success Detection Retries' parameter) that the device
- 486 -
CHAPTER 67 proxy-set
MSBR | CLI Reference Guide
Command success-detect-retries
tls-context-name weight <0-65535>
Description
performs for offline proxies.
Defines the minimum number of consecutive, successful keep-alive messages that the device sends to an offline proxy, before the device considers the proxy as being online.
Assigns a TLS Context (SSL/TLS certificate) to the Proxy Set.
Defines the weight of the proxy server.
Command Mode Privileged User
Example This example configures proxy keep-alive and redundancy:
(config-voip)# proxy-set 0 (proxy-set-0)# proxy-enable-keep-alive using-options (proxy-set-0)# is-proxy-hot-swap enable (proxy-set-0)# proxy-redundancy-mode homing (proxy-set-0)# activate
proxy-ip
This command configures the Proxy Address table, which defines addresses for the Proxy Set. The table is a child of the Proxy Sets table.
Syntax
(config-voip)# proxy-set <Index> (proxy-set-<Index>)# proxy-ip <Index> (proxy-ip-<Index>/<Index>)#
Index
Command
Description Defines the table row index.
- 487 -
CHAPTER 67 proxy-set
MSBR | CLI Reference Guide
Command proxy-address
transport-type {notconfigured|tcp|tls|udp}
Description
Defines the address of the proxy.
Defines the transport type for communicating with the proxy.
Command Mode Privileged User
Example This example configures address 201.10.5.1 for the Proxy Set:
(config-voip)# proxy-set 0 (proxy-set-0)# proxy-ip 1 (proxy-ip-0/1)# proxy-address 201.10.5.1 (proxy-ip-0/1)# transport-type udp (proxy-ip-0/1)# activate
- 488 -
CHAPTER 68 qoe
MSBR | CLI Reference Guide
68 qoe
This command configures Quality of Experience (QoE).
Syntax (config-voip)# qoe
Command additional-parameters
bw-profile qoe-profile qoe-settings quality-of-servicerules
Description See additional-parameters call-flow-report on page 491 See bw-profile below See qoe-profile on page 491 See qoe-settings on page 495 See quality-of-service-rules on page 494
Command Mode Privileged User
bw-profile
This command configures the Bandwidth Profile table, which lets you define Bandwidth Profiles.
Syntax (config-voip)# qoe bw-profile <Index> (bw-profile-<Index>)#
Command Index egress-audiobandwidth egress-video-
Description Defines the table row index. Defines the major (total) threshold for outgoing audio traffic (in Kbps). Defines the major (total) threshold for outgoing video traffic (in
- 489 -
CHAPTER 68 qoe
MSBR | CLI Reference Guide
Command
Description
bandwidth
Kbps).
generate-alarms Enables the device to send an SNMP alarm if a bandwidth {disable|enable} threshold is crossed.
hysteresis
Defines the amount of fluctuation (hysteresis) from the configured bandwidth threshold in order for the threshold to be considered as crossed (i.e., avoids false reports of threshold crossings).
ingress-audiobandwidth
Defines the major (total) threshold for incoming audio traffic (in Kbps).
ingress-videobandwidth
Defines the major (total) threshold for incoming video traffic (in Kbps).
minor-threshold
Defines the Minor threshold value, which is the lower threshold located between the Yellow and Green states.
name
Defines a descriptive name, which is used when associating the row in other tables.
total-egressbandwidth
Defines the major (total) threshold for video and audio outgoing bandwidth (in Kbps).
total-ingressbandwidth
Defines the major (total) threshold for video and audio incoming bandwidth (in Kbps).
Command Mode Privileged User
Example This example configures a Bandwidth profile where the Major (total) bandwidth threshold is configured to 64,000 Kbps, the Minor threshold to 50% (of the total) and the hysteresis to 10% (of the total):
(config-voip)# qoe bw-profile 0 (bw-profile-0)# egress-audio-bandwidth 64000 (bw-profile-0)# minor-threshold 50 (bw-profile-0)# hysteresis 10 (bw-profile-0)# activate
- 490 -
CHAPTER 68 qoe
MSBR | CLI Reference Guide
additional-parameters call-flow-report
This command enables the device to send SIP messages (in XML fomat) to OVOC for displaying SIP call dialog sessions as call flow diagrams.
Syntax
(config-voip)# qoe additional-parameters (qoe)# call-flow-report {off|on}
Command Mode Privileged User
Default off
Example This example enables the sending of SIP messages to OVOC for call flow diagrams:
(config-voip)# qoe additional-parameters (qoe)# call-flow-report on
qoe-profile
This command configures the Quality of Experience Profile table, which defines a name for the Quality of Experience Profile. The table is a parent of the Quality of Experience Color Rules table.
Syntax
(config-voip)# qoe qoe-profile <Index> (qoe-profile-<Index>)#
Index name
Command
Description Defines the table row index. Defines a descriptive name, which is used when
- 491 -
CHAPTER 68 qoe
MSBR | CLI Reference Guide
Command
Description
associating the row in other tables.
qoe-color-rules
Defines the Quality of Experience Color Rules table, which defines a name for the Quality of Experience Profile. The table is a child of the Quality of Experience Profile table. For more information, see qoe-colorrules below.
sensitivity-level {high|low|medium|userdefined}
Defines the pre-configured threshold profile to use.
Command Mode Privileged User
Example This example configures a Quality of Experience Profile named "QOE-ITSP" and with a predefined high sensitivity level:
(config-voip)# qoe qoe-profile 0 (qoe-profile-0)# name QOE-ITSP (qoe-profile-0)# sensitivity-level high (qoe-profile-0)# activate
qoe-color-rules
This command configures the Quality of Experience Color Rules table, which defines a name for the Quality of Experience Profile. The table is a child of the Quality of Experience Profile table.
Syntax
(config-voip)# qoe qoe-profile <Index> (qoe-profile-<Index>)# qoe-color-rules <Index> (qoe-color-rules-<Index>/<Index>)#
Command Index direction {device-
Description Defines the table row index. Defines the monitoring direction.
- 492 -
CHAPTER 68 qoe
MSBR | CLI Reference Guide
Command
Description
side|remote-side}
major-hysteresis-red
Defines the amount of fluctuation (hysteresis) from the Major threshold, configured by the 'Major Threshold (Red)' parameter for the threshold to be considered as crossed.
major-threshold-red
Defines the Major threshold value, which is the upper threshold located between the Yellow and Red states. To consider a threshold crossing:
minor-hysteresis-yellow
Defines the amount of fluctuation (hysteresis) from the Minor threshold, configured by the 'Minor Threshold (Yellow)' parameter for the threshold to be considered as crossed.
minor-threshold-yellow
Defines the Minor threshold value, which is the lower threshold located between the Yellow and Green states.
monitored-parameter {delay|jitter|mos|packetloss|rerl}
Defines the parameter to monitor and report.
sensitivity-level {highsensitivity|lowsensitivity|medsensitivity|user-defined}
Defines the sensitivity level of the thresholds.
Command Mode Privileged User
Example This example configures a Quality of Experience Color Rule for MOS, where a Major alarm is considered if MOS is less than 2:
(config-voip)# qoe qoe-profile 0 (qoe-profile-0)# qoe-color-rules 1 (qoe-color-rules-0/1)# monitored-parameter mos (qoe-color-rules-0/1)# major-threshold-red 20
- 493 -
CHAPTER 68 qoe
(qoe-color-rules-0/1)# major-hysteresis-red 0.1 (qoe-color-rules-0/1)# activate
MSBR | CLI Reference Guide
quality-of-service-rules
This command configures the Quality of Service Rules table, which lets you define Quality of Service rules.
Syntax
(config-voip)# qoe quality-of-service-rules <Index> (quality-of-service-rules-<Index>)#
Command
Description
Index
Defines the table row index.
alt-ip-profile-name
Assigns a different IP Profile to the IP Group or call (depending on the 'Rule Metric' parameter) if the rule is matched.
calls-reject-duration
Defines the duration (in minutes) for which the device rejects calls to the IP Group if the rule is matched.
ip-group-name
Assigns an IP Group.
rule-action {alternative-ip- Defines the action to be done if the rule is
profile|reject-calls]
matched.
rule-metric {acd|asr|bandwidth|ner|poorinvoice-quality|voicequality}
Defines the performance monitoring call metric to which the rule applies if the metric's threshold is crossed.
severity {major|minor}
Defines the alarm severity level.
Command Mode Privileged User
Example This example configures a Quality of Service rule that rejects calls to IP Group "ITSP" if bandwidth severity is Major:
- 494 -
CHAPTER 68 qoe
MSBR | CLI Reference Guide
(config-voip)# qoe quality-of-service-rules 0 (quality-of-service-rules-0)# ip-group-name ITSP (quality-of-service-rules-0)# rule-action reject-calls (quality-of-service-rules-0)# rule-metric bandwidth (quality-of-service-rules-0)# severity major (quality-of-service-rules-0)# activate
qoe-settings
This command configures the OVOC server to where the devicesends QoE data.
Syntax (config-voip)# qoe qoe-settings 0 (qoe-settings-0)#
Command
Description
interface
Defines the IP network interface on which the quality experience reports are sent.
keep-alive-time <0-64>
Defines the interval (in seconds) between every consecutive keep-alive message that the device sends to the OVOC server.
report-mode {during-call|endcall}
Defines at what stage of the call the device sends the QoE data of the call to the OVOC server.
secondary-servername
Defines the IP address or FQDN (hostname) of the secondary OVOC server to where the quality experience reports are sent.
tls{off|on}
Enables a TLS connection with the OVOC server.
server-name
Defines the IP address or FQDN (hostname) of the primary OVOC server to where the quality experience reports are sent.
tls-context-name
Assigns a TLS Context or certificate (configured in the TLS Contexts table) for the TLS connection with the OVOC server.
verify-certificate Enables TLS verification of the certificate provided by
{off|on}
OVOC.
- 495 -
CHAPTER 68 qoe
MSBR | CLI Reference Guide
Command
verifycertificatesubject-name {off|on}
Description
Enables subject name (CN/SAN) verification of the certificate provided by OVOC.
Command Mode Privileged User
Note Only one table row (index) can be configured.
Example This example configures the IP address of OVOC as 10.15.7.89 and uses IP network interface OAMP for communication:
(config-voip)# qoe qoe-settings 0 (qoe-settings-0)# server-name 10.15.7.89 (qoe-settings-0qoe)# interface OAMP (qoe-settings-0qoe)# activate
- 496 -
CHAPTER 69 realm
MSBR | CLI Reference Guide
69 realm
This command configures the Media Realms table, which lets you define a pool of SIP media interfaces, termed Media Realms.
Syntax (config-voip)# realm <Index> (realm-<Index>#
Command
Description
Index
Defines the table row index.
bw-profile
Assigns a Bandwidth Profile to the Media Realm.
ipv4if
Assigns an IPv4 interface to the Media Realm.
ipv6if
Assigns an IPv6 interface to the Media Realm.
is-default {disable|enable} Defines the Media Realm as the default Media Realm.
name
Defines a descriptive name, which is used when associating the row in other tables.
port-range-start
Defines the starting port for the range of media interface UDP ports.
qoe-profile
Assigns a QoE Profile to the Media Realm.
realm-extension
Defines the Media Realm Extension table, which lets you define Media Realm Extensions per Media Realm. The table is a child of the Media Realm table. For more information, see realm-extension on the next page.
remote-media-subnet
Defines the Remote Media Subnets table, which lets you define destination subnets for media (RTP/SRTP) traffic on a specific Media Realm. The table is a child of the Media Realm table. For more information, see remotemedia-subnet on page 499.
- 497 -
CHAPTER 69 realm
MSBR | CLI Reference Guide
Command
Description
session-leg
Defines the number of media sessions for the configured port range.
tcp-port-range-end
Defines the ending port of the range of media interface TCP ports for media (RTP, RTCP and T.38) and MSRP traffic.
tcp-port-range-start
Defines the starting port of the range of media interface TCP ports for media (RTP, RTCP and T.38) and MSRP traffic.
topology-location {down|up]
Defines the display location of the Media Realm in the Topology view of the Web interface.
Command Mode Privileged User
Example This example configures a Media Realm for IPv4 network interface "Voice", with port start from 5061 and with 10 sessions:
(config-voip)# realm 0 (realm-0)# name ITSP (realm-0)# ipv4if Voice (realm-0)# port-range-start 5061 (realm-0)# session-leg 10 (realm-0)# activate
realm-extension
This command configures the Media Realm Extension table, which lets you define Media Realm Extensions. A Media Realm Extension defines a port range with the number of sessions for a specific Media-type network interface (configured in the IP Interfaces table). The table is a child of the Media Realm table.
Syntax
- 498 -
CHAPTER 69 realm
MSBR | CLI Reference Guide
(config-voip)# realm <Index> (realm-<Index># realm-extension <Index> (realm-extension-<Index>/<Index>)#
Command Index ipv4if ipv6if port-range-start session-leg
Description
Defines the table row index.
Assigns an IPv4 network interface (configured in the IP Interfaces table) to the Media Realm Extension.
Assigns an IPv6 network interface (configured in the IP Interfaces table) to the Media Realm Extension.
Defines the first (lower) port in the range of media UDP ports for the Media Realm Extension.
Defines the number of media sessions for the port range.
Command Mode Privileged User
Example This example configures a Media Realm Extension where two sessions are for interface "Voice":
(config-voip)# realm 0 (realm-0)# realm-extension 1 (realm-extension-0/1)# ipv4if Voice (realm-extension-0/1)# session-leg 2 (realm-extension-0/1)# activate
remote-media-subnet
This command configures the Remote Media Subnets table, which lets you define destination subnets for media (RTP/SRTP) traffic on a specific Media Realm. The table is a child of the Media Realm table.
Syntax
- 499 -
CHAPTER 69 realm
MSBR | CLI Reference Guide
(config-voip)# realm <Index> (realm-<Index># remote-media-subnet <Index> (remote-media-subnet-<Index>/<Index>)#
Command Index address-family {ipv4|ipv6} bw-profile
dst-ip-address name
prefix-length
qoe-profile
Description Defines the table row index. Defines the IP address protocol.
Assigns a Bandwidth Profile to the Remote Media Subnet. Defines the IP address of the destination. Defines a descriptive name, which is used when associating the row in other tables. Defines the subnet mask in Classless Inter-Domain Routing (CIDR) notation. Assigns a Quality of Experience Profile to the Remote Media Subnet.
Command Mode Privileged User
Example This example configures a Remote Media Subnet for international calls to 201.10.5.1 assigned Bandwidth Profile "INT":
(config-voip)# realm 0 (realm-0)# remote-media-subnet 1 (remote-media-subnet-0/1)# name INT-Calls (remote-media-subnet-0/1)# dst-ip-address 201.10.5.1 (remote-media-subnet-0/1)# bw-profile INT (remote-media-subnet-0/1)# activate
- 500 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
70 sbc
This command configures SBC tables.
Syntax (config-voip)# sbc
Command classification dial-plan external-media-source malicious-signaturedatabase manipulation routing cac-profile settings
Description See classification below See dial-plan <Index> on page 504 See external-media-source on page 507 See malicious-signature-database on page 508
See manipulation on page 509 See routing on page 514 See cac-profile on page 524 See settings on page 526
Command Mode Privileged User
classification
This command configures the Classification table, which lets you define Classification rules.
Syntax (config-voip)# sbc classification <Index> (classification-<Index>)#
Index
Command
Description Defines the table row index.
- 501 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
action-type {allow|deny }
Defines a whitelist or blacklist for the matched incoming SIP dialog.
classification-name
Defines a descriptive name, which is used when associating the row in other tables.
dest-routing-policy
Assigns a Routing Policy to the matched incoming SIP dialog.
dst-host
Defines the prefix of the destination Request-URI host name as a matching characteristic for the incoming SIP dialog.
dst-user-name-pattern
Defines the prefix of the destination Request-URI user part as a matching characteristic for the incoming SIP dialog.
ip-group-selection {src-ip-group|taggedip-group}
Defines how the incoming SIP dialog is classified to an IP Group.
ip-group-tag-name
Defines the source tag of the incoming SIP dialog.
ip-profile-id
Assigns an IP Profile to the matched incoming SIP dialog.
message-condition-name
Assigns a Message Condition rule to the Classification rule as a matching characteristic for the incoming SIP dialog.
src-host
Defines the prefix of the source URI host name as a matching characteristic for the incoming SIP dialog.
src-ip-address
Defines a source IP address as a matching characteristic for the incoming SIP dialog.
src-ip-group-name
Assigns an IP Group to the matched incoming SIP dialog.
src-port
Defines the source port number as a matching characteristic for the incoming SIP dialog.
src-sip-interface-name Assigns a SIP Interface to the rule as a matching characteristic for the incoming SIP dialog.
src-transport-type
Defines the source transport type as a matching
- 502 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command {any|tcp|tls|udp} src-user-name-pattern
srd-name
Description
characteristic for the incoming SIP dialog.
Defines the prefix of the source URI user part as a matching characteristic for the incoming SIP dialog.
Assigns an SRD to the rule as a matching characteristic for the incoming SIP dialog.
Command Mode Privileged User
Example This example configures a Classification rule whereby calls received from IP address 201.2.2.10 are classified as received from IP Group "ITSP":
(config-voip)# sbc classification 0 (classification-0)# classification-name ITSP (classification-0)# src-ip-group-name ITSP (classification-0)# src-ip-address 201.2.2.10 (classification-0)# activate
dial-plan
This command configures Dial Plans.
Syntax (config-voip)# sbc dial-plan
Command
Description
<Index>
Defines the Dial Plan table row index (see dial-plan <Index> on the next page).
dial-planrule
Defines the Dial Plan Rule table, which defines the dial plans (rules) per Dial Plan. The table is a child of the Dial Plan table. For more information, see dial-plan-rule <Index> on page 505.
export-csv-to Exports all Dial Plans (without their Dial Plan Rules) as a .csv file
<URL>
from the device to a remote server.
- 503 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
import-csvfrom <URL>
Description
Imports Dial Plans (without their Dial Plan Rules) to the device from a .csv file on a remote server. It deletes all existing Dial Plan Rules.
Command Mode Privileged User
Example This example exports all Dial Plans to a remote server:
(config-voip)# sbc dial-plan export-csv-to tftp://172.17.137.52/11.csv
dial-plan <Index>
This command configures the Dial Plan table, which defines the name of the Dial Plan. The table is a parent of the Dial Plan Rule table.
Syntax
(config-voip)# sbc dial-plan <Index> (dial-plan-<Index>)#
Command <Index> name
Description Defines the Dial Plan table row index. Defines a name for the Dial Plan.
Command Mode Privileged User
Example This example configures a Dial Plan with the name "ITSP":
(config-voip)# sbc dial-plan 0 (dial-plan-0)# name ITSP (dial-plan-0)# activate
- 504 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
dial-plan-rule
This command provides various commands for Dial Plan Rules.
Syntax
(config-voip)# sbc dial-plan <Dial Plan Index> (dial-plan-<Dial Plan Index>)# dial-plan-rule {<Dial Plan Rule Index>|export-csvto|import-csv-from}
Command
Description
<Dial Plans Rule Index>
Defines the Dial Plan Rules table (see dial-plan-rule <Index> below) for the specified Dial Plan.
export-csv-to Exports all the Dial Plan Rules of the Dial Plan as a .csv file to a
<URL>
remote server.
import-csvfrom <URL>
Imports all the Dial Plan Rules into the Dial Plan from a .csv file on a remote server. All the previously configured Dial Plan Rules of the Dial Plan are deleted.
Command Mode Privileged User
Example This example exports the Dial Plan Rules of Dial Plan #0 to a remote TFTP server:
(config-voip)# sbc dial-plan 0 (dial-plan-0)# dial-plan-rule export-csv-to tftp://172.17.137.52/My-Dial-Plan.csv
dial-plan-rule <Index>
This command configures the Dial Plan Rule table, which defines the dial plans (rules) per Dial Plan. The table is a child of the Dial Plan table.
Syntax
(config-voip)# sbc dial-plan <Dial Plan Index> (dial-plan-<Dial Plan Index>)# dial-plan-rule <Dial Plan Rule Index> (dial-plan-rule-<Index>/<Index>)#
- 505 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command <Dial Plan Rule Index> name
prefix tag
Description Defines the Dial Plan Rule table row index.
Defines a descriptive name, which is used when associating the row in other tables. Defines the prefix number of the source or destination number. Defines a tag.
Command Mode Privileged User
Example This example configures a Dial Plan rule for Dial Plan #0, for calls received with prefix "1" with the name "ITSP":
(config-voip)# sbc dial-plan 0 (dial-plan-0)# name dial-plan-rule 1 (dial-plan-rule-0/1)# name INT (dial-plan-rule-0/1)# prefix 1 (dial-plan-rule-0/1)# activate
dial-plan dial-plan-rule
This command exports and imports Dial Plan Rules of a specified Dial Plan.
Syntax (config-voip)# sbc dial-plan dial-plan-rule
Command
Description
export-csv-to <Dial Plan Index> <URL>
Exports all the Dial Plan Rules of the specified Dial Plan as a .csv file to a remote server.
import-csvfrom <Dial Plan Index>
Imports all the Dial Plan Rules into the specified Dial Plan, from a .csv file on a remote server. All the previously configured Dial Plan Rules of the specified Dial Plan are deleted.
- 506 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command <URL>
Description
Command Mode Privileged User
Example This example exports the Dial Plan Rules of Dial Plan #0 to a remote TFTP server:
(config-voip)# sbc dial-plan dial-plan-rule export-csv-to 0 tftp://172.17.137.52/MyDial-Plan.csv
external-media-source
This command configures the External Media Source table, which defines an external media source for playing Music on Hold (MoH) to call parties that have been placed on-hold.
Syntax
(config-voip)# sbc external-media-source <Index> (external-media-source-<Index>)#
Command Index dst-uri
ip-groupname src-uri
Description
Defines the table row index. Only Index 0 is supported.
Defines the destination URI (user@host) of the SIP To header contained in the INVITE message that the device sends to the external media source.
Assigns an IP Group from the IP Groups table.
Defines the source URI (user@host) of the SIP From header contained in the INVITE message that the device sends to the external media source.
Command Mode Privileged User
- 507 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Example This example configures an external media source for MoH:
(config-voip)# sbc sbc external-media-source 0 (external-media-source-0)# ip-group-name MoH-Player (external-media-source-0)# activate
malicious-signature-database
This command configures the Malicious Signature table, which lets you define Malicious Signature patterns.
Syntax
(config-voip)# sbc malicious-signature-database <Index> (malicious-signature-database-<Index>)#
Command Index name
pattern
Description Defines the table row index. Defines a descriptive name, which is used when associating the row in other tables. Defines the signature pattern.
Command Mode Privileged User
Example This example configures a Malicious Signature for the SIP scan attack:
(config-voip)# sbc malicious-signature-database 0 (malicious-signature-database-0)# name SCAN (malicious-signature-database-0)# pattern header.user-agent.content prefix 'sipscan' (malicious-signature-database-0)# activate
- 508 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
manipulation
This command configures SBC manipulation tables.
Syntax (config-voip)# sbc manipulation
Command
ip-inboundmanipulation
ip-outboundmanipulation
Description See ip-inbound-manipulation below
See ip-outbound-manipulation on page 511
Command Mode Privileged User
ip-inbound-manipulation
This command configures the Inbound Manipulations table, which lets you define IP-to-IP Inbound Manipulation rules. An Inbound Manipulation rule defines a manipulation sequence for the source or destination SIP URI user part of inbound SIP dialog requests.
Syntax
(config-voip)# sbc manipulation ip-inbound-manipulation <Index> (ip-inbound-manipulation-<Index>)#
Index dst-host
Command
dst-user-name-pattern
Description
Defines the table row index.
Defines the destination SIP URI host name - full name, typically located in the Request URI and To headers.
Defines the prefix of the destination SIP URI user name, typically located in the RequestURI and To headers.
- 509 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command is-additional-manipulation {disable|enable}
leave-from-right
manipulated-uri {destination|source} manipulation-name
prefix-to-add
purpose {normal|routing-inputonly|shared-line} remove-from-left
remove-from-right
request-type {all|invite|inviteand-register|invite-andsubscribe|register|subscribe} routing-policy-name src-host
src-ip-group-name
Description
Determines whether additional SIP URI user part manipulation is done for the table entry rule listed directly above it.
Defines the number of characters that you want retained from the right of the user name.
Determines whether the source or destination SIP URI user part is manipulated.
Defines an arbitrary name to easily identify the manipulation rule.
Defines the number or string that you want added to the front of the user name.
Defines the purpose of the manipulation:
Defines the number of digits to remove from the left of the user name prefix.
Defines the number of digits to remove from the right of the user name prefix.
Defines the SIP request type to which the manipulation rule is applied.
Assigns a Routing Policy to the rule.
Defines the source SIP URI host name - full name (usually in the From header).
Defines the IP Group from where the incoming INVITE is received.
- 510 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command src-user-name-pattern
suffix-to-add
Description
Defines the prefix of the source SIP URI user name (usually in the From header).
Defines the number or string that you want added to the end of the user name.
Command Mode Privileged User
Example This example configures an Inbound Manipulation rule that adds prefix "40" to the URI if the destination hostname is "abc.com":
(config-voip)# sbc manipulation ip-inbound-manipulation 0 (ip-inbound-manipulation-0)# manipulation-name ITSP-MAN (ip-inbound-manipulation-0)# dst-host abc.com (ip-inbound-manipulation-0)# prefix-to-add 40 (ip-inbound-manipulation-0)# manipulated-uri destination (ip-inbound-manipulation-0)# activate
ip-outbound-manipulation
This command configures the Outbound Manipulations table, which lets you define IP-to-IP Outbound Manipulation rules. An Outbound Manipulation rule defines a manipulation action for the SIP Request-URI user part (source or destination) or calling name of outbound SIP dialog requests.
Syntax
(config-voip)# sbc manipulation ip-outbound-manipulation <Index> (ip-outbound-manipulation-<Index>)#
Command Index calling-name-pattern
Description
Defines the table row index.
Defines the prefix of the calling name (caller ID). The calling name appears
- 511 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
in the SIP From header.
dest-tags
Assigns a prefix tag to denote destination URI user names corresponding to the tag configured in the associated Dial Plan.
dst-host
Defines the destination SIP URI host name - full name, typically located in the Request-URI and To headers.
dst-ip-group-name
Defines the IP Group to where the INVITE is to be sent.
dst-user-name-pattern
Defines the prefix of the destination SIP URI user name, typically located in the Request-URI and To headers.
is-additional-manipulation {disable|yes}
Determines whether additional manipulation is done for the table entry rule listed directly above it.
leave-from-right
Defines the number of digits to keep from the right of the manipulated item.
manipulated-uri {destination|source}
Defines the element in the SIP message that you want manipulated.
manipulation-name
Defines a descriptive name, which is used when associating the row in other tables.
message-condition-name
Assigns a Message Condition rule as a matching characteristic. Message Condition rules define required SIP message formats.
prefix-to-add
Defines the number or string to add in the front of the manipulated item.
privacy-restriction-mode {dontchange-privacy|removerestriction|restrict|transparent}
Defines user privacy handling (i.e., restricting source user identity in outgoing SIP dialogs).
- 512 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command re-route-ip-group-name
remove-from-left
remove-from-right
request-type {all|invite|inviteand-register|invite-andsubscribe|register|subscribe} routing-policy-name src-host
src-ip-group-name src-tags
src-user-name-pattern
suffix-to-add trigger {3xx|3xx-orrefer|any|initial-only|refer}
Description
Defines the IP Group that initiated (sent) the SIP redirect response (e.g., 3xx) or REFER message.
Defines the number of digits to remove from the left of the manipulated item prefix.
Defines the number of digits to remove from the right of the manipulated item prefix.
Defines the SIP request type to which the manipulation rule is applied.
Assigns a Routing Policy to the rule.
Defines the source SIP URI host name - full name, typically in the From header.
Defines the IP Group from where the INVITE is received.
Assigns a prefix tag to denote source URI user names corresponding to the tag configured in the associated Dial Plan.
Defines the prefix of the source SIP URI user name, typically used in the SIP From header.
Defines the number or string to add at the end of the manipulated item.
Defines the reason (i.e., trigger) for the re-routing of the SIP request.
Command Mode Privileged User
Example
- 513 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
This example configures an Outbound Manipulation rule that removes two digits from the right of the destination URI if the calling name prefix is "WEI":
(config-voip)# sbc manipulation ip-outbound-manipulation 0 (ip-outbound-manipulation-0)# manipulation-name ITSP-OOUTMAN (ip-outbound-manipulation-0)# calling-name-pattern WEI (ip-outbound-manipulation-0)# manipulated-uri destination (ip-outbound-manipulation-0)# remove-from-right 2 (ip-outbound-manipulation-0)# activate
routing
This command configures SBC routing.
Syntax (config-voip)# sbc routing
Command condition-table ip-group-set ip2ip-routing sbc-alt-routing-reasons sbc-routing-policy
Description See condition-table below See ip-group-set on the next page See ip2ip-routing on page 517 See alt-routing-reasons on page 520 See sbc-routing-policy on page 523
Command Mode Privileged User
condition-table
This command configures the Message Conditions table, which lets you define Message Condition rules. A Message Condition defines special conditions (requisites) for incoming SIP messages.
Syntax
(config-voip)# sbc routing condition-table <Index> (condition-table-<Index>)#
- 514 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
Index
Defines the table row index.
condition Defines the condition of the SIP message.
name
Defines a descriptive name, which is used when associating the row in other tables.
Command Mode Privileged User
Example This example configures a Message Condition rule whose condition is that a SIP Via header exists in the message:
(config-voip)# sbc routing condition-table 0 (condition-table-0)# name ITSP (condition-table-0)# condition header.via.exists (condition-table-0)# activate
ip-group-set
This command configures the IP Group Set table, which lets you define IP Group Sets. An IP Group Set is a group of IP Groups used for load balancing of calls, belonging to the same source, to a call destination (i.e., IP Group). The table is a parent of the IP Group Set Member table.
Syntax
(config-voip)# sbc routing ip-group-set <Index> (ip-group-set-<Index>)#
Command
Description
Index
Defines the table row index.
ip-group-set-member
conf Defines igures the IP Group Set Member table, which lets you assign IP Groups to IP Group Sets. The table is a child of the IP Group Set table. For more information, see ip-group-setmember on the next page.
- 515 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
name
Defines a descriptive name, which is used when associating the row in other tables.
policy {homing|randomweight|roundrobin}
Defines the load-balancing policy.
tags
Defines tags.
Command Mode Privileged User
Example This example configures an IP Group Set where the IP Group load-balancing is of homing type:
(config-voip)# sbc routing ip-group-set 0 (ip-group-set-0)# name ITSP (ip-group-set-0)# policy homing (ip-group-set-0)# activate
ip-group-set-member
This command configures the IP Group Set Member Table, which lets you assign IP Groups to IP Group Sets. The table is a child of the IP Group Set table.
Syntax
(config-voip)# sbc routing ip-group-set <Index> (ip-group-set-<Index>)# ip-group-set-member <Index> (ip-group-set-member-<Index>/<Index>)#
Command Index ip-group-name weight {1-9}
Description Defines the table row index. Assigns an IP Group to the IP Group Set. Defines the weight of the IP Group.
- 516 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example configures an IP Group Set Member with IP Group "SIP-Trunk":
(config-voip)# sbc routing ip-group-set 0 (ip-group-set-0)# ip-group-set-member 1 (ip-group-set-member-0/1)# ip-group-name SIP-Trunk (ip-group-set-member-0/1)# weight 9 (ip-group-set-member-0/1)# activate
ip2ip-routing
This command configures the IP-to-IP Routing table, which lets you define SBC IP-to-IP routing rules.
Syntax
(config-voip)# sbc routing ip2ip-routing <Index> (ip2ip-routing-<Index>)#
Command Index alt-route-options {alt-routeconsider-inputs|alt-route-ignoreinputs|group-member-considerinputs|group-member-ignoreinputs|route-row}
call-setup-rules-set-id
cost-group
dest-sip-interface-name
Description
Defines the table row index.
Determines whether this routing rule is the main routing rule or an alternative routing rule (to the rule defined directly above it in the table).
Assigns a Call Setup Rule Set ID to the routing rule.
Assigns a Cost Group to the routing rule for determining the cost of the call.
Defines the destination SIP Interface to where the call is
- 517 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command dest-tags
dst-address
dst-host
dst-ip-group-name dst-port dst-transport-type {tcp|tls|udp} dst-type {all-users|destinationtag|dial-plan|dstaddress|enum|gateway|huntgroup|internal|ip-group|ip-groupset|ldap|request-uri|routing-server} dst-user-name-pattern
group-policy {forking|sequential} internal-action
Description
sent.
Assigns a prefix tag to denote destination URI user names corresponding to the tag configured in the associated Dial Plan.
Defines the destination address to where the call is sent.
Defines the host part of the incoming SIP dialog's destination URI (usually the Request-URI).
Defines the IP Group to where you want to route the call.
Defines the destination port to where the call is sent.
Defines the transport layer type for sending the call.
Determines the destination type to which the outgoing SIP dialog is sent.
Defines the prefix of the incoming SIP dialog's destination URI (usually the Request URI) user part. You can use special notations for denoting the prefix. T
Defines whether the routing rule includes call forking.
Defines a SIP response code (e.g., 200 OK) or a redirection
- 518 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
response (with an optional Contact field indicating to where the sender must resend the message) that the device sends to the sender of the incoming SIP dialog (instead of sending the call to another destination). The parameter is applicable only when the 'Destination Type' parameter in this table is configured to Internal.
ipgroupset-name
Assigns an IP Group Set to the routing rule.
message-condition-name
Assigns a SIP Message Condition rule to the IP-to-IP Routing rule.
re-route-ip-group-name
Defines the IP Group that initiated (sent) the SIP redirect response (e.g., 3xx) or REFER message.
request-type {all|invite|invite-andregister|invite-andsubscribe|options|register|subscribe}
Defines the SIP dialog request type (SIP Method) of the incoming SIP dialog.
route-name
Defines a descriptive name, which is used when associating the row in other tables.
routing-tag-name
Defines a routing tag name.
sbc-routing-policy-name
Assigns a Routing Policy to the rule.
src-host
Defines the host part of the incoming SIP dialog's source URI (usually the From URI).
src-ip-group-name
Defines the IP Group from where the IP call is received (i.e., the IP Group that sent the
- 519 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
SIP dialog).
src-tags
Assigns a tag to denote source URI user names corresponding to the tag configured in the associated Dial Plan.
src-user-name-pattern
Defines the prefix of the user part of the incoming SIP dialog's source URI (usually the From URI).
trigger {3xx|3xx-or-refer|any|brokenconnection|fax-rerouting|initialonly|refer}
Defines the reason (i.e., trigger) for re-routing (i.e., alternative routing) the SIP request.
Command Mode Privileged User
Example This example configures a routing rule for calls from IP Group "IPBX" to IP Group "ITSP":
(config-voip)# sbc routing ip2ip-routing 0 (ip2ip-routing-0)# route-name IPPBX-TO-SIPTRUNK (ip2ip-routing-0)# src-ip-group-name IPBX (ip2ip-routing-0)# dst-type ip-group (ip2ip-routing-0)# dst-ip-group-name ITSP (ip2ip-routing-0)# activate
alt-routing-reasons
This command configures the Alternative Reasons Set table, which lets you define a name for a group of SIP response codes for call release (termination) reasons that initiate alternative routing. The table is a parent of the Alternative Reasons Rules table, which defines the response codes.
Syntax
- 520 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
(config-voip)# sbc routing alt-route-reasons-set <Index> (alt-route-reasons-set-<Index>)#
Command Index alt-routereasons-rules
description name
Description
Defines the table row index.
Defines the Alternative Reasons Rules table, which defines SIP response codes for the Alternative Reasons Set. The table is a child of the Alternative Reasons Set table. For more information, see alt-route-reasons-rules below.
Defines a description for the Alternative Reasons Set.
Defines a name for the Alternative Reasons Set, which is used when associating the row in other tables.
Command Mode Privileged User
Example This example configures an Alternative Reasons Set called "MyCodes":
(config-voip)# sbc routing alt-route-reasons-set 0 (alt-route-reasons-set-0)# name MyCodes (alt-route-reasons-set-0)# activate
alt-route-reasons-rules
This command configures the Alternative Reasons Rules table, which lets you define SIP response codes per Alternative Reasons Set. The table is a child of the Alternative Reasons Set table.
Syntax
(config-voip)# sbc routing alt-route-reasons-set <Index> (alt-route-reasons-set-<Index>)# alt-route-reasons-rules <Index> (alt-route-reasons-rules-<Index/Index>)
- 521 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
Index
Defines the table row index.
rel-cause-code {400-bad-req|402payment-req|403-forbidden|404-notfound|405-method-not-allowed|406-notacceptable|408-req-timeout|409conflict|410-gone|413-req-toolarge|414-req-uri-too-long|415-unsupmedia|420-bad-ext|421-ext-req|423session-interval-too-small|480unavail|481-transaction-notexist|482-loop-detected|483-too-manyhops|484-address-incomplete|485ambiguous|486-busy|487-reqterminated|488-not-acceptablehere|491-req-pending|493undecipherable|4xx|500-internalerr|501-not-implemented|502-badgateway|503-service-unavail|504server-timeout|505-version-notsupported|513-message-toolarge|5xx|600-busy-everywhere|603decline|604-does-not-existanywhere|606-not-acceptable|6xx|805admission-failure|806-media-limitsexceeded|850-signalling-limitsexceeded}
Defines a SIP response code for triggering the device's alternative routing mechanism.
Command Mode Privileged User
Example This example configures alternative routing when SIP response code 606 (Not Acceptable) is received:
(config-voip)# sbc routing alt-route-reasons-set 0 (alt-route-reasons-set-0)# alt-route-reasons-rules 0 (alt-route-reasons-rules-0/0)# rel-cause-code 606-not-acceptable (alt-route-reasons-rules-0/0)# activate
- 522 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
sbc-routing-policy
This command configures the Routing Policies table, which lets you define Routing Policy rules.
Syntax (config-voip)# sbc routing sbc-routing-policy <Index> (sbc-routing-policy-<Index>)#
Index
Command
lcr-call-length
lcr-default-cost {highest-cost|lowest-cost}
lcr-enable {disabled|enabled} ldap-srv-group-name
Description
Defines the table row index.
Defines the average call duration (in minutes) and is used to calculate the variable portion of the call cost.
Defines whether routing rules in the IP-to-IP Routing table that are not assigned a Cost Group are considered a higher cost or lower cost route compared to other matched routing rules that are assigned Cost Groups.
Enables the Least Cost Routing (LCR) feature for the Routing Policy.
Assigns an LDAP Server Group to the Routing Policy.
- 523 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
name
Command
Description
Defines a descriptive name, which is used when associating the row in other tables.
Command Mode Privileged User
Example This example configures a Routing Policy for "ITSP" that is assigned LDAP Server Group "AD":
(config-voip)# sbc routing sbc-routing-policy 0 (sbc-routing-policy-0)# name ITSP (sbc-routing-policy-0)# ldap-srv-group-name AD (sbc-routing-policy-0)# activate
cac-profile
This command configures the Call Admission Control Profile table, which lets you define CAC profiles for call admission control (CAC) rules.
Syntax
(config-voip)# sbc cac-profile <Index> (cac-profile-<Index>)#
Command
Description
Index
Defines the table row index.
cac-rule
Defines the Call Admission Control Rule table, which lets you define CAC rules per Call Admission Control Profile. The table is a child of the Call Admission Control Profile table. For more information, see cac-rule on the next page.
name
Defines a descriptive name, which is used when associating the row in other tables.
Command Mode
- 524 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Privileged User
Example This example configures a Call Admission Control Profile called "ITSP-CAC":
(config-voip)# sbc cac-profile 0 (cac-profile-0)# name ITSP-CAC (cac-profile-0)# activate
cac-rule
This command configures the Call Admission Control Rule table, which lets you define Call Admission Control (CAC) rules per Call Admission Control Profile.
Syntax
(config-voip)# sbc cac-profile <Index> (cac-profile-<Index>)# cac-rule <Index> (cac-rule-<Index>/<Index>)#
Index limit
Command
limit-per-user
max-burst
max-burst-per-user
rate
rate-per-user
request-direction {both|inbound|outbound}
Description
Defines the table row index.
Defines the maximum number of concurrent SIP dialogs.
Defines the maximum number of concurrent SIP dialogs per user.
Defines the maximum number of tokens (SIP dialogs) that the "bucket" can hold.
Defines the maximum number of tokens (SIP dialogs) that the "bucket" can hold per user.
Defines the maximum number of SIP dialogs per second for the token bucket.
Defines the maximum number of SIP dialogs per second per user for the token bucket.
Defines the call direction of the SIP request to which the rule applies.
- 525 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
request-type {all|invite|other|subscribe}
Defines the SIP dialog-initiating request type to which you want to apply the rule (not the subsequent requests that can be of different type and direction).
reservation
Defines the guaranteed (minimum) call capacity.
Command Mode Privileged User
Example This example configures an Admission Rule that limits concurrent dialogs to 50:
(config-voip)# sbc cac-profile 0 (cac-profile-0)# cac-rule 1 (cac-rule-0/1)# limit 50 (cac-rule-0/1)# activate
settings
This command configures various SBC settings.
Syntax (config-voip)# sbc settings (sbc-settings)#
Command auth-chlng-mthd
auth-qop
early-media-brokenconnection-timeout enable-gruu
Description
Set to 0 to use a www-authenticate header or 1 to send a proxy-authenticate header in the message
Set to 0 to offer auth, 1 to offer auth-int or 2 to offer auth, auth-int, or 3 to not offer any QOP.
Defines the timeout for RTP broken connection on early media (msec).
Obtain and use GRUU (Global Routable
- 526 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
UserAgentURIs).
end-point-callpriority
Defines the ports call priority.
enforce-media-order
Arrange media lines according to the previous offeranswer (required by RFC 3264).
enforce-media-order
Enforces media order according to RFC 3264.
gw-direct-routeprefix
Defines the prefix for call redirection from SBC to Gateway.
keep-contact-user-in- Keeps original Contact User in REGISTER requests. reg
lifetime-of-nonce
Defines the lifetime of the nonce in seconds.
media-channels
Defines the number of channels associated with media services (announcements, conferencing).
min-session-expires
Defines the the minimum amount of time that can occur between session refresh requests in a dialog before the session is considered timed out.
min-session-expires
Defines the minimal value for session refresh.
no-rtp-detectiontimeout
Defines the timeout for RTP detection after call connect (msec).
num-of-subscribes
Defines the active SUBSCRIBE sessions limit.
p-assert-id
0 - As Is,1- Add P-Asserted-Identity Header, 2 - Remove P-Asserted-Identity Header
pns-register-timeout
Defines the maximum time (in seconds) that the device waits for a SIP REGISTER refresh message from the user, before it forwards an incoming SIP dialoginitiating request (e.g., INVITE) to the user.
pns-reminder-period
Defines the time (in seconds) before the user's registration with the device expires, at which the device sends an HTTP message to the Push Notification Server to trigger it into sending a push notification to the user to remind the user to send a REGISTER refresh message to the device.
- 527 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command reserve-dsp-on-sdpoffer {off|on} sas-notice
sbc-100trying-uponreinvite sbc-3xx-bhvt
sbc-broadworkssurvivability sbc-bye-auth
sbc-db-route-mode sbc-dialog-infointerwork sbc-dialog-subscroute-mode sbc-direct-media {off|on} sbc-diversion-uritype sbc-dtls-mtu sbc-emerg-condition sbc-emerg-rtpdiffserv sbc-emerg-sigdiffserv sbc-fax-detectiontimeout
Description Enables the device to reserve (guarantee) DSP resources for a call on the SDP Offer. If enabled - when SBC needs to terminates a REGISTER request, it adds a body (survivability notice) to the 200OK response. Defines if the device sends a SIP 100 Trying response upon receipt of a re-INVITE request. Defines how the device passes Contact in 3xx responses. Indicates how the registration database is provisioned.
Allows the media to remain active upon receipt of a 401/407 response by sending a releaseNackEvent, rather than releaseEvent. Defines the database binding mode for routing search. Changes the WAN call identifiers in the dialog-info body of NOTIFY messages to LAN call identifiers. Determines where in-dialog refresh subscribes are sent. Enables direct media.
Defines which URI to use for Diversion header.
Defines the DTLS max transmission unit. Defines the Emergency Message Condition. Defines the RTP DiffServ value for Emergency calls.
Defines the Signaling DiffServ value for Emergency calls. Defines the maximum time for fax detection (seconds).
- 528 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
sbc-forking-handling- Defines the handling method for 18X response to
mode
forking.
sbc-gruu-mode
Defines the GRUU behavior.
sbc-keep-call-id
Keeps original call Id for outgoing messages.
sbc-max-fwd-limit
Defines the limit of the Max-Forwards header.
sbc-media-sync
Enables media sync process.
sbc-mx-call-duration Defines the call duration limit.
sbc-no-alert-timeout
Defines the maximum time to wait for connect (seconds).
sbc-preemption-mode
Defines the SBC Preemption mode.
sbc-preferences
Defines the coders combination in the outgoing message.
sbc-prxy-rgstr-time
Defines the duration (in seconds) in which the user is registered in the proxy DB, after the REGISTER was forwarded by the device.
sbc-rand-expire
Defines the upper limit for the number of seconds the SBC detracts from the Expires value in Register and Subscribe responses.
sbc-refer-bhvr
Defines handling of Refer-To in REFER requests.
sbc-rgstr-time
Defines the Expires value.
sbc-routing-timeout
Defines the maximum duration (in seconds) that the device is prepared to wait for a response from external servers when a routing rule is configured to query an external server (e.g., LDAP server) on whose response the device uses to determine the routing destination.
sbc-rtcp-mode
Defines the RTCP mode.
sbc-server-auth-mode Defines the authentication mode.
sbc-sess-exp-time
Defines the session refresh timer for requests in a dialog.
- 529 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command sbc-session-refreshpolicy sbc-shareline-regmode sbc-subs-try sbc-surv-rgstr-time
sbc-usr-reg-gracetime sbc-usr-rgstr-time sbc-xfer-prefix send-invite-to-all
session-expires-time short-call-seconds
sip-topology-hidingmode
transcoding-mode
Description
Defines whether Remote or SBC should be refresher when SBC terminates the Session Expire refreshing.
Defines the registration handling mode in case of shared line manipulation.
If enabled, 100 Trying response will be sent for SUBSCRIBE and NOTIFY.
Defines the duration of the periodic registrations between the user and the SBC, when the SBC is in survivability state.
Defines the additional grace time (in seconds) added to the user's timer in the database.
Defines the Expires value SBC responds to user with.
Defines the prefix for routing and manipulations when URL database is used.
Disable - SBC sends INVITE according to the RequestURI. Enabled-if the Request-URI is of specific contact, SBC sends the INVITE to all contacts under the parent AOR.
Defines the SIP session - refreshed (using INVITE) each time this timer expires (seconds).
Defines the duration (in seconds) of an SBC call for it to be considered a short call and thus, included in the count of the performance monitoring SNMP MIBs for short calls.
Enables the device to overwrite the host part in SIP headers concerned with the source of the message with the IP address of the device's IP Interface, and SIP headers concerned with the destination of the message with the destination IP address, unless the relevant host name parameters of the IP Group ('SIP Group Name' and 'SIP Source Host Name') are configured.
Defines the transcoding mode.
- 530 -
CHAPTER 70 sbc
MSBR | CLI Reference Guide
Command
Description
unclassified-calls
Allows unclassified incoming calls.
uri-comparisonexcluded-params
Defines which URI parameters are excluded when the device compares the URIs of two incoming dialoginitiating SIP requests (e.g., INVITEs) to determine if they were sent from a user that is registered in the device's registration database (registered AOR and corresponding Contact URI), during Classification.
xfer-success-time-out Defines the maximum time (in msec) to wait for release an original call on transfer.
Command Mode Privileged User
Example This example enables Direct Media:
(config-voip)# sbc settings (sbc-settings)# sbc-direct-media on (sbc-settings)# activate
- 531 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
71 sip-definition
This command configures various SIP settings.
Syntax (config-voip)# sip-definition
Command account least-cost-routing costgroup proxy-and-registration settings sip-recording
Description See account below See least-cost-routing cost-group on page 534 See proxy-and-registration on page 536 See settings on page 541 See sip-recording on page 554
Command Mode Privileged User
account
This command configures the Accounts table, which lets you define user registration accounts.
Syntax (config-voip)# sip-definition account <Index> (account-<Index>)#
Command Index account-name application-type {gw|sbc} contact-user
Description Defines the table row index. Defines an arbitrary name to easily identify the row. Defines the application type.
Defines the AOR username.
- 532 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
Description
host-name
Defines the Address of Record (AOR) host name.
password
Defines the digest MD5 Authentication password.
re-register-on-invitefailure
Enables the device to re-register an Account upon the receipt of specific SIP response codes (e.g., 403, 408, and 480) for a failed INVITE message which the device routed from the Account to a remote user agent (UA).
reg-by-served-ipgstatus {reg-always| reg-if-online}
Defines the device's handling of Account registration based on the connectivity status of the Served IP Group.
reg-event-packagesubscription {disable|enable}
Enables the device to subscribe to Reg Event Package service with the registrar, which provides notifications of registration state changes, for the Registrar Stickiness feature.
register {disable|gin|reg}
Enables registration.
registrar-search-mode {by-ims-spec|currentserver}
Defines the method for choosing an IP address (registrar) in the Proxy Set (associated with the Serving IP Group) to which the Account initially registers and performs registration refreshes, when the Register Stickiness feature is enabled.
registrar-stickiness {disable|enable|enablefor-non-registerrequests}
Enables the "Registrar Stickiness" feature, whereby the device always routes SIP requests of a registered Account to the same registrar server to where the last successful REGISTER request was routed.
served-ip-group-name
Defines the IP Group (e.g., IP-PBX) that you want to register and/or authenticate upon its behalf.
served-trunk-group
Defines the Trunk Group that you want to register and/or authenticate.
serving-ip-group-name
Defines the IP Group (Serving IP Group) to where the device sends the SIP REGISTER requests (if enabled) for registration and authentication (of the Served IP Group).
udp-port-assignment
Enables the device to dynamically allocate local SIP
- 533 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command {disable|enable}
user-name
Description
UDP ports to Accounts using the same Serving IP Group, where each Account is assigned a unique port on the device's leg interfacing with the Accounts' Serving IP Group.
Defines the digest MD5 Authentication username.
Command Mode Privileged User
Example This example configures an Account with a username and password that registers IP Group "IPBX" with IP Group "ITSP":
(config-voip)# sip-definition account 0 (account-0)# user-name JoeD (account-0)# password 1234 (account-0)# register reg (account-0)# served-ip-group-name IPPBX (account-0)# serving-ip-group-name ITSP (account-0)# activate
least-cost-routing cost-group
This command configures Least Cost Routing (LCR). This command configures the Cost Groups table, which lets you define Cost Groups. A Cost Group defines a fixed call connection cost and a call rate (charge per minute.
Syntax
(config-voip)# sip-definition least-cost-routing cost-group <Index> (cost-group-<Index>)#
Command
Description
Index
Defines the table row index.
cost-group- Defines a descriptive name, which is used when associating the row in
name
other tables.
- 534 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
Description
cost-grouptime-bands
Defines the Time Band table, which lets you define Time Bands per Cost Group. The table is a child of the Cost Groups table. For more information, see cost-group-time-bands below.
defaultconnectioncost
Defines the call connection cost (added as a fixed charge to the call) for a call outside the time bands.
default-
Defines the call charge per minute for a call outside the time bands.
minute-cost
Command Mode Privileged User
Example This example configures LCR "INT" with default connection cost of 10 and minute cost of 1:
(config-voip)# sip-definition least-cost-routing cost-group 0 (cost-group-0)# cost-group-name INT (cost-group-0)# default-connection-cost 10 (cost-group-0)# default-minute-cost 1 (cost-group-0)# activate
cost-group-time-bands
This command configures the Time Band table, which lets you define Time Bands per Cost Group. A Time Band defines a day and time range (e.g., from Saturday 05:00 to Sunday 24:00) and a fixed call connection charge and call rate per minute for this interval. The table is a "child" of the Cost Groups table.
Syntax
(config-voip)# sip-definition least-cost-routing cost-group <Index> (cost-group-<Index>)# cost-group-time-bands <Index> (cost-group-time-bands-<Index>/<Index>)#
Command Index
Description Defines the table row index.
- 535 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command connection-cost end-time
minute-cost start-time
Description
Defines the call connection cost during the time band.
Defines the day and time of day until when this time band is applicable.
Defines the call cost per minute charge during the time band.
Defines the day and time of day from when this time band is applicable.
Command Mode Privileged User
Example This example configures an LCR time band between Saturday 1 am to Sunday midnight with connection cost of 1 and minute cost of 0.5:
(config-voip)# sip-definition least-cost-routing cost-group 0 (cost-group-0)# cost-group-time-bands 1 (cost-group-time-bands-0/1)# start-time SAT:01:00 (cost-group-time-bands-0/1)# end-time SUN:23:59 (cost-group-time-bands-0/1)# connection-cost 1 (cost-group-time-bands-0/1)# minute-cost 0.5 (cost-group-time-bands-0/1)# activate
proxy-and-registration
This command configures various SIP proxy and registration settings.
Syntax (config-voip)# sip-definition proxy-and-registration (sip-def-proxy-and-reg)#
Command
Description
add-init-rte-hdr Defines if the initial Route header is added to REGISTER request.
- 536 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
Description
always-use-proxy Sends all messages to proxy servers
authenticationmode
Defines the Authentication mode.
challengecaching
SIP Challenge caching mode
cnonce-4-auth
Defines the Cnonce parameter used for authentication.
dns-query
Defines the DNS query type.
enable-proxy
Defines if SIP proxy is used.
enableregistration
Enables Proxy registration.
expl-un-reg
Enables if explicit unregister needed.
fallback-torouting
Enables fallback to internal Tel-to-IP Routing table if Proxy is not responding.
gen-reg-int
Defines the time interval in seconds for generating registers.
gw-name
Defines the Gateway name.
gw-registration- Defines the Gateway registration name. name
ip-addrr-rgstrr Defines the SIP Registrar IP address.
max-gen-reg-rate Defines the max. generated Register requests per interval.
maxregistrationbackoff-time
Defines the Backoff mechanism that is applied between failed registration attempts initiated by the device.
mutualauthentication
Defines the Mutual Authentication mode.
nb-of-rtx-b4hot-swap
Defines the number of retransmissions before Hotswap is done.
options-userpart
Defines the OPTIONS user part string for all gateways.
- 537 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
Description
password-4-auth Defines the password for authentication.
ping-pong-keepalive [off|on]
Enables Ping-Pong for Keep-Alive to proxy via reliable connection.
ping-pong-keepalive-time
Defines the Ping Keep-Alive, which is sent (using CRLFCRLF) each time this timer expires (seconds).
prefer-routingtable
Enables preference of Routing table.
proxy-dns-query Defines the DNS proxy query type.
proxy-ip-lstrfrsh-time
Defines the interval between refresh of proxies list (seconds).
proxy-name
Defines the SIP proxy name.
re-registration- Defines the percentage of RegistrationTime when new
timing
REGISTER requests are sent.
redirect-infacility
Enables search for Redirect number in Facility IE.
redundancy-mode Defines the Redundancy mode.
redundantrouting-m
Defines the mode of redundant routing.
reg-on-connfailure
Enables re-registration on TCP/TLS connection failure.
reg-on-invitefail
Enable re-register upon INVITE transaction failure.
registrar-name
Defines the SIP Registrar name.
registrartransport
Defines the Registrar transport type.
registrationretry-time
Defines the time in which the device tries to register after last registration failure (seconds).
registrationtime
Defines the time in which registration to Gatekeeper/Proxy is valid.
- 538 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
Description
registrationtime-thres
Defines the registration time threshold.
rte-tbl-4-hostnames
Enables always use routing table even though proxy is available.
set-oos-on-regfailure
Defines whether to deactivate endpoint service on registration failure.
should-register Defines the Register/UnRegister entities.
sip-reroutingmode
Defines the routing mode after receiving 3xx response or transfer.
subscriptionmode
Defines the Subscription mode.
trusted-proxy
Defines whether the proxy is a trusted node.
use-gw-name-for- Enables use of Gateway name (instead of IP address) in Keep-
opt
Alive OPTIONS messages.
use-proxy-ip-as- Enables use of the Proxy IP as Host in From and To headers. host
user-info
Defines the User Info tables (see user-info below).
user-name-4-auth Defines the username for authentication.
Command Mode Privileged User
Example This example enables ping-pong keep-alive:
(config-voip)# sip-definition proxy-and-registration (sip-def-proxy-and-reg)# ping-pong-keep-alive on (sip-def-proxy-and-reg)# activate
user-info
This command configures the User Info tables.
- 539 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Syntax
(config-voip)# sip-definition proxy-and-registration (sip-def-proxy-and-reg)# user-info
Command
Description
find
Searches an entry in the User Info table.
gw-user-info {0499|export-csv-to <URL>|find-by <Column and Value>|import-csvfrom URL>|new}
Defines and performs various actions on the Gateway User Info table:
Accesses a specific table row index. Exports the User Info table as a .csv file to a URL Searches a row entry by column {display-
name|global-phone-num|password|pbxext|username}
Imports a User Info file (.csv) from a URL Defines a new entry in the table
sbc-user-info {0499|export-csv-to <URL>|find-by <Column and Value>|import-csvfrom <URL>|new}
Defines and performs various actions on the SBC User Info table: Accesses a specific table row index. Exports the User Info table as a .csv file to a URL Searches a row entry by column {ip-group-
name|local-user|password|username} Imports a User Info file (.csv) from a URL Defines a new entry in the table
Command Mode Privileged User
Example This example searches for the user "Joe":
(config-voip)# sip-definition proxy-and-registration (sip-def-proxy-and-reg)# user-info sbc-user-info find-by local-user Joe sbc-user-info 2
- 540 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
local-user "Joe" username "" password "" ip-group-name "MoH Users"
push-notification-servers
This command configures the Push Notification Servers table, which defines Push Notification Services.
Syntax
(config-voip)# sip-definition push-notification-servers <Index> (push-notification-servers-<Index>)#
Command protocol {acproprietary} provider remote-http-service
Description
Defines the protocol for exchanging information between the device and the Push Notification Server.
Defines the name of the Push Notification Service.
Assigns a Remote Web Service, which defines the URL address (and other related parameters) of the HTTPbased Push Notification Server.
Command Mode Privileged User
Example This example configures a Push Notification Service provided by Android's Firebase Cloud Messaging (FCM) at Index #0:
(config-voip)# sip-definition push-notification-servers 0 (push-notification-servers-0)# provider fcm (push-notification-servers-0)# protocol ac-proprietary (push-notification-servers-0)# remote-http-service PNS-Android
settings
This command configures various SIP settings.
- 541 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Syntax
(config-voip)# sip-definition settings (sip-def-settings)#
Command
Description
100-to-18x-timeout
Defines the time between 100 response and 18x response.
183-msg-behavior
Sends ALERT to ISDN upon 183 receive.
1st-call-rbt-id
Defines the index of the first call ringback tone in the Call-Progress Tones file.
3xx-use-alt-route
Enables use of Alternative Route Reasons Table for 3xx.
FarEndDisconnectSilenceMethod Defines the far disconnect silence detection method.
FarEndDisconnectSilencePeriod Defines the silence period detection time.
aaa-indications
Defines the Authentication, Authorization and Accounting indications to use.
accounting-port
Defines the RADIUS accounting port.
accounting-server-ip
Defines the RADIUS accounting server IP.
add-empty-author-hdr
Enables empty Authorization header to be added to Register request.
amd-beep-detection
Defines the AMD beep detection mode.
amd-mode
Defines the AMD mode.
anonymous-mode
Defines the "anonymous" mode.
app-sip-transport-type
Defines the SIP transport type.
application-profile
Defines the Application Profile.
broken-connection-eventtimeout
Defines the duration the RTP connection should be broken before the Broken Connection event is issued [100ms].
- 542 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
Description
busy-out
Enables trunks to be taken out of service in case of LAN down.
call-num-plybck-id
Defines the Calling Number Play Back ID.
call-pickup-key
Defines the key sequence for call pickup.
call-transfer-using-reinvites Enables Call Transfer using re-INVITEs.
calls-cut-through
Enables call connection without onhook/off-hook process 'Cut-Through'.
cdr-report-level
Defines the CDR report timing.
cdr-srvr-ip-adrr
Defines the Syslog server IP address for sending CDRs.
coder-priority-nego
Defines the coder priority in SDP negotiation.
crypto-life-time-in-sdp
Disables Crypto life time in SDP.
current-disc
Enables disconnect call upon detection of current disconnect signal.
default-record-uri
Defines the default record location URI used by Media Ctrl.
delay-after-reset
Defines the Gateway delay time after reset (seconds).
delay-b4-did-wink
Defines the delay between off-hook detection and Wink generation (FXS).
delayed-offer
Enables sending INVITE message with/without SDP offer.
dflt-release-cse
Defines the release cause sent to IP or Tel when device initiates release.
dfrnt-port-after-hold
Enables use of different RTP port after hold.
did-wink-enbl
Enables DID lines using Wink.
digit-delivery-2ip
Enables automatic digit delivery to IP after
- 543 -
CHAPTER 71 sip-definition
Command
digit-delivery-2tel digit-pttrn-on-conn disc-broken-conn disc-on-silence-det disp-name-as-src-nb display-default-sip-port e911-callback-timeout e911-gateway emerg-calls-regrt-t-out emerg-nbs emrg-spcl-rel-cse enable enable-did enable-ptime enable-sips enbl-non-inv-408 enum-service-domain
MSBR | CLI Reference Guide
Description call is connected.
Enables automatic digit delivery to Tel after line is off-hooked or seized.
Enables Play Code string to Tel when connect message received from IP.
Defines the behavior when receiving RTP broken notification.
Enables disconnect calls on a configured silence timeout.
Enables display name to be used as source number.
Enables default port 5060 shown in the headers.
Defines the maximum time for an E911 ELIN callback to be valid (minutes).
Enables E911 to NG911 gateway and ELIN handling.
Defines the regret time for Emergency calls.
Defines emergency numbers.
set configuration
Enables RADIUS.
Enables DID.
Enables requirement of ptime parameter in SDP.
Enables SIP secured URI usage.
Enables sending 408 responses for nonINVITE transactions.
Defines the ENUM domain for ENUM
- 544 -
CHAPTER 71 sip-definition
Command
fake-tcp-alias fax-re-routing fax-sig-method filter-calls-to-ip force-generate-to-tag {disable|enable} force-rport
forking-delay-time-invite
graceful-bsy-out-t-out gw-mx-call-duration handle-reason-header hist-info-hdr ignore-remote-sdp-mki immediate-trying ip-security ldap-display-nm-attr
MSBR | CLI Reference Guide
Description
resolution.
Enables enforcement reuse of TCP/TLS connection.
Enables rerouting of fax calls to fax destination.
Defines fax signaling method.
Enables filtering of calls to IP.
Enables the device to generate the 'tag' parameter's value in the SIP To header for SBC calls.
Enables responses sent to the UDP port from where the Request was sent, even if RPORT parameter was not received in the Via header.
Defines the forking delay time (in seconds) to wait before sending INVITE of second forking call.
Defines the Graceful Busy Out timeout in seconds.
Limits the device call time duration (minutes).
Enables History-Info header support.
Ignores MKI if present in the remote SDP
Enables immediate trying sent upon INVITE receive.
Defines the mode to handle calls based on ip-addr defined in ip2tel-rte-tbl.
Defines the name of the attribute which represents the user display name in the Microsoft AD database.
- 545 -
CHAPTER 71 sip-definition
Command ldap-mobile-nm-attr
ldap-ocs-nm-attr
ldap-pbx-nm-attr
ldap-primary-key ldap-private-nm-attr
ldap-secondary-key max-491-timer max-nb-of-act-calls media-cdr-rprt-level message-policy-rejectresponse-type microsoft-ext mn-call-duration ms-mx-rcrd-dur mult-ptime-format mx-call-duration
MSBR | CLI Reference Guide
Description
Defines the name of the attribute which represents the user Mobile number in the Microsoft AD database.
Defines the name of the attribute which represents the user OCS number in the Microsoft AD database.
Defines the name of the attribute which represents the user PBX number in the Microsoft AD database.
Defines the name of the query primary key in the Microsoft AD database.
Defines the name of the attribute which represents the user Private number in the Microsoft AD database.
Defines the name of the query secondary key in the Microsoft AD database.
Defines the maximum timer for next request transmission after 491 response.
Defines the limit of number of concurrent calls.
Defines the Media CDR reports,
Defines the response type returned when a message is rejected according to the Message Policy.
Enables Microsoft proprietary Extension to modify called-nb.
Defines the minimum call duration.
Defines the maximum record duration supported by Microsoft.
Defines the format of multiple ptime (ptime per coder) in outgoing SDP.
Defines the call time duration limit
- 546 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
mx-pr-dur-ivr-dia net-node-id network-isdn-xfer no-audio-payload-type non-call-cdr-rprt number-of-active-dialogs oos-behavior opus-max-avg-bitrate overload-sensitivity-level p-assrtd-usr-name p-preferred-id-list
play-bsy-tone-2tel play-rbt2ip play-rbt2tel polarity-rvrsl
prack-mode
Description
(minutes).
Defines the maximum duration for an IVR dialog.
Defines the Network Node ID.
Rejects ISDN transfer requests.
Defines the NoAudio payload type.
Enables CDR message for all non-call dialogs.
Defines the number of concurrent nonresponded dialogs.
Defines the Out-Of-Service Behavior for FXS.
Defines the Opus Max Average Bitrate (bps).
Defines when to enter overload state.
Defines the user part of the user url in the P-Asserted-Identity header.
Defines the number of P-Preferred-Identity SIP headers included in the outgoing SIP message when the header contains multiple values.
Enables play Busy Tone to Tel.
Enables ringback tone playing towards IP.
Enables ringback tone playing towards Tel side.
Enables FXO Connect/Disconnect call upon detection of polarity reversal signal. FXS: generates the signal.
Defines the PRACK mode for 1XX reliable responses.
- 547 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
Description
prog-ind-2ip
Defines the whether to send the Progress Indicator to IP.
pstn-alert-timeout
Defines the max time (in seconds) to wait for connect from PSTN.
q850-cause-for-sit-ic
Defines the release cause for SIT IC.
q850-cause-for-sit-ro
Defines the release cause for SIT RO.
q850-cause-for-sit-vc
Defines the release cause for SIT VC.
qos-effective-period
Defines the QoS period - if during this period [in seconds], no updated QOS info received, the old QOS info is discarded. if QOS poor, and no calls allowed, after this period, calls will be allowed again
qos-samples-to-avarage
Defines the number of samples to average.
qos-statistics-in-release-msg Defines whether to add statistics to call release.
radius-accounting
Defines the when RADIUS Accounting messages are sent.
rai-high-threshold
Defines the percentage of active calls to send 'Almost out of resources' RAI.
rai-loop-time
Defines the time period to check call resources (seconds).
rai-low-threshold
Defines the percentage of active calls to send 'Resources OK' RAI.
reanswer-time
Defines the time to wait between phone hang up and call termination.
reason-header
Enables Reason header in outgoing messages.
record-uri-type
Defines the type of default record URI used by Media Ctrl.
rej-cancel-after-conn
Defines whether or not reject Cancel request after connect.
- 548 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
Description
reject-on-ovrld
If set to false (0), a 503 response will not be sent on overload.
rel-cause-map-fmt
Defines the release cause mapping format.
release-cause-for-sit-nc
Defines the release cause for SIT NC.
reliable-conn-persistent
If set to 1 - AllTCP/TLS connections are set as persistent and will not be released.
remote-party-id
Enables the Remote-Party-ID header.
remove-to-tag-in-fail-resp
Removes to-tag in final reject response for setup INVITE transaction.
rep-calling-w-redir
Replaces Calling Number with Redirect Number ISDN to IP.
replace-nb-sign-w-esc
Replaces the number sign (#) with the escape character %23 in outgoing SIP messages.
reset-srtp-upon-re-key
Resets SRTP State Upon Re-key.
resource-prio-req
Indicates whether or not Require header is able to contain the resource-priority tag.
retry-aftr-time
Retry After time for the proxy to be in state Unavailable.
rfc4117-trnsc-enbl
Enables transcoding call.
rport-support
Enables Rport option in Via header.
rtcp-attribute
Enables RCTP attribute in the SDP.
rtcp-xr-coll-srvr
Defines the RTCP-XR server IP address.
rtcp-xr-rep-mode
0:rtcpxr is not sent over SIP at all {@}1:rtcpxr is sent over sip when call ended{@}2:rtcpxr is sent over sip when on periodic interval and when call ended {@}3:rtcpxr is sent over sip when media segment ended and when call ended
rtcpxr-collect-serv-transport Defines the RtcpXrEsc transport type.
- 549 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command rtp-only-mode
rtp-rdcy-nego-enbl sbc-rtcpxr-report-mode sdp-ecan-frmt sdp-session-owner sdp-ver-nego
sec-call-src
self-check-audit send-180-for-call-waiting sess-exp-disc-time session-exp-method {reinvite|update} sig-cpu-usage-threshold silk-max-avg-bitrate
Description
On RTP only mode there is no signaling protocol (for media parameters negotiation with the remote side). The channel is open immediately. 0 - regular call establishment. 1 - The RTP channel open for Rx & Tx. 2- The RTP channel open only for Tx 3 -The RTP channel open only for Rx
Enables RTP Redundancy negotiation.
0:rtcpxr is not sent over SIP at all,1:rtcpxr is sent over sip when call ended
Defines echo canceller format for outgoing SDP.
Defines the SDP owner string.
Handle SDP offer/answer if SDP version was increased, otherwise takes SDP offer/answer parameters from last agreement (derived from previous SDP negotiations).
Defines from where the second calling number is taken from (in an incoming INVITE request).
Defines if resources self-check audit is used.
Sends 180 for call waiting.
Defines the minimum time factor before the session expires.
Determines the Method to refresh the SIP session.
Defines the signaling cpu usage threshold alarm (percentage)
Defines the Silk max average bitrate (bps).
- 550 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command single-dsp-transcoding sip-dst-port sip-hold-behavior sip-max-rtx sip-nat-detect sip-remote-reset
sip-t38-ver sip-uri-for-diversion-header sit-q850-cause skype-cap-hdr-enable src-hdr-4-called-nb
src-nb-as-disp-name
src-nb-preference t1-re-tx-time t2-re-tx-time
Description
Enables single DSP for G.711 to LBR coder.
Defines the default SIP destination port (usually 5060).
if set to 1, handle re-INVITE with a=recvonly as a=inactive
Defines the maximum number of retransmissions.
If not set, the incoming request will be always processed as user NOT behind NAT
Enables remote management of device by receiving NOTIFY request with specific event type.
Defines the SIP T.38 Version.
Use Tel uri or Sip uri for Diversion header.
Defines the release cause for SIT.
0 (default): Disable, 1:Add special header with capabilities for Skype
Select source header for called number (IP>TEL), either from the user part of To header or the P-Called-Party-ID header.
if set to 1 Use source number as display name if empty.if set to 2 always use source number as display name .{@}if set to 3 use the source number before manipulation, if empty.
Defines from where the source number is taken (in an incoming INVITE request).
Defines the SIP T1 timeout for retransmission.
Defines the SIP T2 timeout for retransmission.
- 551 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command t38-fax-mx-buff t38-mx-datagram-sz t38-sess-imm-strt t38-use-rtp-port tcp-keepalive-interval
tcp-keepalive-retry
tcp-keepalive-time
tcp-timeout tel-to-ip-call-forking-mode time-between-did-winks tr104-voice-profile-name trans-coder-present uri-for-assert-id use-aor-in-refer-to-header
use-dst-as-connected-num
Description
Defines the fax max buffer size in T.38 SDP negotiation.
Defines the T.38 coder max datagram size.
T.38 Fax Session Immediate Start (Fax behind NAT)
Defines the T.38 packets received on RTP port.
Defines the interval between subsequent keep-alive probes, regardless of what the connection has exchanged in the meantime.
Defines the number of unacknowledged probes to send before considering the connection down and notifying the application layer.
Defines the interval between the last data packet sent (simple ACKs are not considered data) and the first keepalive probe.
Defines the SIP TCP time out.
Defines the Tel-to-IP call forking mode.
Defines the time between first and second Wink generation (FXS).
Defines the TR-104 Voice Profile Name.
Defines the Transparent code presentation.
Enables use of Tel uri or Sip uri for PAsserted or P-Preferred headers.
If enabled, we will use URI from To/From headers in Refer-To header. If disabled, we will take the URI from Contact
Enables use of destination as connected
- 552 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
use-dtg use-tgrp-inf user-agent-info
user-inf-usage user-phone-in-from user-phone-in-url usr-def-subject verify-rcvd-requri
verify-rcvd-via
websocket-keepalive
x-channel-header zero-sdp-behavior
Description number. Enables use of DTG parameter. Enables use of Tgrp information. Defines the string that is displayed in the SIP Header 'User-Agent' or 'Server'. Enables User-Information usage. Adds 'User=Phone' to From header. Adds User=Phone parameter to SIP URL. Defines the SIP subject. Defines whether to verify Request URI Header in requests. Defines whether to verify Source IP with IP in top-most Via. Defines the period at which web socket PING messages are sent. Enables X-Channel header. Zero connection information in SDP behavior
Command Mode Privileged User
Example This example configures unlimited call duration:
(config-voip)# sip-definition settings (sip-def-settings)# mx-call-duration 0 (sip-def-settings)# activate
- 553 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
sip-recording
This command configures SIPRec.
Syntax (config-voip)# sip-definition sip-recording
Command settings sip-rec-routing
Description See settings below See sip-rec-routing on the next page
Command Mode Privileged User
settings
This command configures various SIPRec settings.
Syntax (config-voip)# sip-definition sip-recording settings (sip-rec-settings)#
Command
Description
siprec-metadataformat {legacy|rfc7865}
Defines the format of the recording metadata that is included in SIP messages sent to the SRS.
siprec-serverdest-username
Defines the username of the SIPRec server (SRS).
siprec-timestamp {localtime|utc}
Defines the device's time format (local or UTC) in SIP messages that are sent to the SRS.
video-rec-synctimeout
Defines the video synchronization timeout (in msec), which is applicable when the device also records the video stream of audio-video calls for SIPRec.
- 554 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example configures the metadata format so that it's according to RFC 7865:
(config-voip)# sip-definition sip-recording settings (sip-rec-settings)# siprec-metadata-format RFC7865 (sip-rec-settings)# activate
sip-rec-routing
This command configures the SIP Recording Rules table, which lets you define SIP-based media recording rules. A SIP Recording rule defines call routes that you want to record.
Syntax
(config-voip)# sip-definition sip-recording sip-rec-routing <Index> (sip-rec-routing-<Index>)#
Command
Description
Index
Defines the table row index.
caller {both|peerparty|recordedparty}
Defines which calls to record according to which party is the caller.
condition-name
Assigns a Message Condition rule to the SIP Recording rule.
peer-ip-group-name Defines the peer IP Group that is participating in the call.
peer-trunk-group-id Defines the peer Trunk Group that is participating in the call (applicable only to Gateway calls).
recorded-dstpattern
Defines calls to record based on destination number or URI.
recorded-ip-groupname
Defines the IP Group participating in the call and the recording is done on the leg interfacing with this IP Group.
- 555 -
CHAPTER 71 sip-definition
MSBR | CLI Reference Guide
Command
recorded-srcpattern
srs-ip-group-name
srs-red-ip-groupname
Description Defines calls to record based on source number or URI.
Defines the IP Group of the recording server (SRS). Defines the IP Group of the redundant SRS in the activestandby pair for SRS redundancy.
Command Mode Privileged User
Example This example records calls between IP Groups "ITSP" and "IPBX", sending them to IP Group "SIPREC" (SRS):
(config-voip)# sip-definition sip-recording sip-rec-routing 0 (sip-rec-routing-0)# recorded-ip-group-name ITSP (sip-rec-routing-0)# peer-ip-group-name IPBX (sip-rec-routing-0)# srs-ip-group-name SIREC (sip-rec-routing-0)# caller both (sip-rec-routing-0)# activate
- 556 -
CHAPTER 72 sip-interface
MSBR | CLI Reference Guide
72 sip-interface
This command configures the SIP Interfaces table, which lets you define SIP Interfaces. A SIP Interface represents a Layer-3 network in your deployment environment, by defining a local, listening port number and type (e.g., UDP), and assigning an IP network interface for SIP signaling traffic.
Syntax
(config-voip)# sip-interface <Index> (sip-interface-<Index>)#
Command
Description
Index
Defines the table row index.
additional-udp-ports
Defines a port range for the device's local, listening and source ports for SIP signaling traffic over UDP and is used to assign a specific local port to each SIP entity (e.g., PBX) communicating with a common SIP entity (e.g., proxy server).
additional-udp-portsmode [always-open|openwhen-used]
Defines the mode of operation for the Additional UDP Port feature.
application-type {gw|sbc}
Defines the application for which the SIP Interface is used.
block-un-reg-users {acpt-all|acpt-regusers|acpt-reg-userssame-src|not-conf}
Defines the blocking (reject) policy for incoming SIP dialog-initiating requests (e.g., INVITE messages) from registered and unregistered users belonging to the SIP Interface.
cac-profile
Assigns a Call Admission Control Profile.
call-setup-rules-set-id Assigns a Call Setup Rule Set ID.
classification_fail_ response_type
Defines the SIP response code that the device sends if a received SIP request (OPTIONS, REGISTER, or INVITE) fails the SBC Classification process.
enable-un-auth-registrs {disable|enable|notconf}
Enables the device to accept REGISTER requests and register them in its registration database from new users that have not been authenticated by a
- 557 -
CHAPTER 72 sip-interface
MSBR | CLI Reference Guide
Command
Description
proxy/registrar server (due to proxy down) and thus, re-routed to a User-type IP Group.
encapsulating-protocol {none|websocket}
Defines the type of incoming traffic (SIP messages) expected on the SIP Interface.
interface-name
Defines a descriptive name, which is used when associating the row in other tables.
max-reg-users
Defines the maximum number of users belonging to the SIP Interface that can register with the device.
media-realm-name
Assigns a Media Realm to the SIP Interface.
message-policy-name
Assigns a SIP message policy to the SIP interface.
network-interface
Assigns a Control-type IP network interface to the SIP Interface.
pre-classificationmanset
Assigns a Message Manipulation Set ID to the SIP Interface.
pre-parsing-man-set
Assigns a Pre-Parsing Manipulation Set to the SIP Interface. T
sbc-direct-media {disable|enable|enablesame-nat}
Enables direct media (RTP/SRTP) flow (i.e., no Media Anchoring) between endpoints associated with the SIP Interface.
sctp-port
Defines the local SCTP port on which the device listens for inbound SCTP connections (i.e., SIP signaling over SCTP).
Note: The parameter is applicable only to Mediant 90xx and Mediant Software.
sctp-second-networkinterface
Assigns an additional IP network interface (Controltype) to the SIP Interface, which serves as the secondary (alternative) local IP address for SCTP multi-homing.
Note: The parameter is applicable only to Mediant 90xx and Mediant Software.
srd-name
Assigns an SRD to the SIP Interface.
tcp-keepalive-enable
Enables the TCP Keep-Alive mechanism with the IP
- 558 -
CHAPTER 72 sip-interface
MSBR | CLI Reference Guide
Command {disable|enable} tcp-port
tls-context-name
tls-mutual-auth {disable|enable|notconfigured} tls-port
topology-location {down|up} udp-port
used-by-routing-server {not-used|used}
Description
entity on this SIP Interface.
Defines the device's listening port for SIP signaling traffic over TCP.
Assigns a TLS Context (SSL/TLS certificate) to the SIP Interface.
Enables TLS mutual authentication for the SIP Interface (when the device acts as a server).
Defines the device's listening port for SIP signaling traffic over TLS.
Defines the display location of the SIP Interface in the Topology view.
Defines the device's listening and source port for SIP signaling traffic over UDP.
Enables the SIP Interface to be used by a third-party routing server for call routing decisions.
Command Mode Privileged User
Example This example configures SBC SIP Interface "ITSP" that uses IP network interface "Voice" and Media Realm "ITSP":
(config-voip)# sip-interface 0 (sip-interface-0)# interface-name ITSP (sip-interface-0)# network-interface Voice (sip-interface-0)# application-type sbc (sip-interface-0)# udp-port 5080 (sip-interface-0)# media-realm-name ITSP (sip-interface-0)# activate
- 559 -
CHAPTER 73 srd
MSBR | CLI Reference Guide
73 srd
This command configures the SRDs table, which lets you define signaling routing domains (SRD). The SRD is a logical representation of an entire SIP-based VoIP network (Layer 5) consisting of groups of SIP users and servers.
Syntax
(config-voip)# srd <Index> (srd-<Index>)#
Command
Description
Index
Defines the table row index.
block-un-regusers {acptall|acpt-regusers|acpt-regusers-same-src}
Defines the blocking (reject) policy for incoming SIP dialoginitiating requests (e.g., INVITE messages) from registered and unregistered users belonging to the SRD.
cac-profile
Assigns a Call Admission Control Profile.
enable-un-authregistrs {disable|enable}
Enables the device to accept REGISTER requests and register them in its registration database from new users that have not been authenticated by a proxy/registrar server (due to proxy down) and thus, re-routed to a User-type IP Group.
max-reg-users
Defines the maximum number of users belonging to the SRD that can register with the device.
name
Defines a descriptive name, which is used when associating the row in other tables.
sbc-dial-planname
Assigns a Dial Plan.
sbc-operationmode {b2bua|callstatefulproxy|microsoftserver}
Defines the device's operational mode for the SRD.
sbc-routingpolicy-name
Assigns a Routing Policy to the SRD.
- 560 -
CHAPTER 73 srd
MSBR | CLI Reference Guide
Command
Description
type {isolated|shared}
Defines the sharing policy of the SRD, which determines whether the SRD shares its SIP resources (SIP Interfaces, Proxy Sets, and IP Groups) with all other SRDs (Shared and Isolated).
used-by-routingserver {notused|used}
Enables the SRD to be used by a third-party routing server for call routing decisions.
Command Mode Privileged User
Example This example configures SRD "ITSP" with max. registered users at 20:
(config-voip)# srd 0 (srd-0)# name ITSP (srd-0)# max-reg-users 20 (srd-0)# activate
- 561 -
Part VII
Data-Router Level Commands
CHAPTER 74 Introduction
MSBR | CLI Reference Guide
74 Introduction
This part describes the commands located on the Data configuration level, which configures the data- router functionality. The commands of this level are accessed by entering the following command at the root prompt:
Syntax # configure data (config-data)#
Command Mode Privileged User
- 563 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
75 WAN Access Commands
General WAN Commands
interface
This command enters a specific interface configuration. Use the no form of this command to delete a specific interface.
Syntax
interface atm <group/subinterface[.vlanID[.vlanID]]> interface bvi <bridge interface> interface cellular <slot/port> interface dot1radio <wifi interface> interface dsl <slot/port> interface e1 <slot/port> interface efm [<slot/port>.vlanID} interface fastEthernet <slot/port> interface fiber <slot/port> [.vlanID][.vlanID]> interface gigabitEthernet <slot/port[.vlanID]> interface gigabitEthernet <slot/port> interface gre <Tunnel GRE ID> interface ipip <Tunnel IPIP ID> interface l2tp <L2TP ID> interface loopback <Loopback interface ID> interface multilink <Multilink interface ID> interface serial <slot/port> interface shdsl <slot/port> interface pppoe <PPPoE interface ID> interface pptp <PPTP ID> interface t1 <slot/port> interface vlan <vlanID> interface vti <VTI interface ID>
Command slot port atm
Description Defines the module slot index as shown on the front panel. Defines the port index within the selected module. Defines the DSL group and subinterface number, separated by a slash (e.g., 0/0), (Vlan ID and second vlanID are optional).
- 564 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command
Description
bridge interface
Defines the Bridge Virtual Interface for Layer 3.
bvi
Defines the BVI bridge interface (1-255).
dot1radio
Defines the Wi-Fi interface (1-4).
dsl
Defines the ADSL/VDSL interface and slot/port.
e1
Defines the E1 slot and port.
efm
Defines the EFM interface slot and port (Vlan ID is optional).
fastEthernet Defines the FastEthernet interface slot and port.
fiber interface
Defines the fibre interface (Vlan ID and second vlanID are optional).
l2tp id
Defines the L2TP ID (0 - 99).
loopback
Defines the Loopback interface ID (1 - 20).
interface id
multilink
Defines the Multilink interface ID (0 - 255).
interface id
pppoe
Defines the PPPoE interface ID (0 - 7).
pptp
Defines the PPTP ID (0 - 99).
serial <slot/port>
Defines the serial interface slot/port.
shdsl
Defines the SHDSL interface slot/port.
t1
Defines the T1 slot and port.
tunnel gre id
Defines the Tunnel GRE ID (1 - 255).
vti
Defines the VTI interface (1-255).
vlanID (VLAN Defines the VLAN ID for Layer 3 interfaces available via the LAN
interface)
switch.
vlanID
Defines the VLAN ID for a Layer 3 sub interface.
- 565 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example enters a specific interface configuration for the VLAN 6 menu.
(config-data)#interface vlan 6 This example configures a bridge interface.
(config-data)#interface bvi 10
interface vti
This command defines the VTI interface.
Syntax interface vti <vti interface id>
Command vti interface id
Description Defines the VTI interface ID (1-255).
Default NA
Command Mode Privileged User
Example This example defines the VTI interface.
(config-data)#interface vti 10
- 566 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
interface vlan
This command defines the VLAN ID.
Syntax interface vlan <vlan id>
Command vlan id
Description Defines the VLAN ID {1-3999[.vlanID}.
Default NA
Command Mode Privileged User
Example This example defines the VLAN ID.
(config-data)#interface vlan 200.100
interface t1
This command defines the T1 interface slot and port.
Syntax interface t1 [slot/port]
Command t1
Description Defines the T1 interface slot and port.
Default NA
Command Mode
- 567 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Privileged User
Example This example defines the T1 slot and port.
(config-data)#interface t1 2/2
interface serial
This command defines the serial interface slot and port.
Syntax interface serial [slot/port]
Command [slot/port]
Description Defines the serial interface slot and port.
Default NA
Command Mode Privileged User
Example This example defines the serial slot and port.
(config-data)#interface serial 2/2
interface loopback
This command defines the loopback interface identifier.
Syntax interface loopback <loopback interface id>
- 568 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command loopback interface id
Description Defines the loopback interface identifier (1-20).
Default NA
Command Mode Privileged User
Example This example defines the loopback interface identifier.
(config-data)#interface loopback 10
interface multilink
This command defines the multilink interface identifier.
Syntax interface multilink <multilink interface id>
Command multilink interface id
Description Defines the multilink interface identifier (0-255).
Default NA
Command Mode Privileged User
Example This example defines the multilink interface identifier.
(config-data)#interface multilink 100
- 569 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
interface gigabitethernet
This command defines the GigabitEthernet interface slot and port.
Syntax interface gigabitEthernet [slot/port.vlanID]
Command
Description
slot/port[.vlanID Defines the GigabitEthernet interface slot and port (Vlan ID
[.vlanID]]
and second vlanID are optional).
Default NA
Command Mode Privileged User
Example This example enters a specific interface configuration for the WAN Interface menu.
(config-data)#interface gigabitEthernet 0/0 This example enters a specific interface configuration for the sub-Interface 3 menu.
(config-data)#interface gigabitEthernet 0/0.3 This example enters a specific interface configuration for the GigabitEthernet Physical Port
3 menu. (config-data)#interface gigabitEthernet 4/3
interface fastethernet
This command defines the FastEthernet interface slot and port.
Syntax
- 570 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
interface fastethernet [slot/port]
Command slot/port[.vlanID [.vlanID]]
Description
Defines the FastEthernet interface slot and port.
Default NA
Command Mode Privileged User
Example This example enters a specific interface configuration for the FastEthernet Physical Port 3 menu.
(config-data)#interface fastEthernet 5/3
interface efm
This command defines the EFM interface slot and port.
Syntax interface efm [slot/port.vlanID]
Command slot/port.vlanID
Description Defines the EFM interface slot and port.
Default NA
Command Mode Privileged User
Example
- 571 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
This example defines the EFM interface slot and port. (config-data)#interface efm 5/3.1
interface e1
This command defines the E1 interface slot and port.
Syntax interface E1 [slot/port]
Command slot/port.vlanID
Description Defines the E1 interface slot and port.
Default NA
Command Mode Privileged User
Example This example defines the E1 interface slot and port.
(config-data)#interface e1 5/3
interface bvi
This command defines the BVI bridge interface.
Syntax interface bvi [bridge interface id]
Command bridge interface ID
Description Defines the BVI bridge interface.
- 572 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example configures a bridge interface.
(config-data)#interface bvi 10
interface pppoe
This command creates a PPP-over-Ethernet (RFC 2516) interface.
Syntax interface pppoe <PPPoE Interface ID>
Command PPPoE Interface ID
Description Defines the PPPoE Interface ID in the range of 0-7.
Default NA
Command Mode Privileged User
Example This example creates a PPP-over-Ethernet interface.
(config-data)# interface pppoe 2
- 573 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
ip address
This command defines the primary IP address on the specified Layer 3 interface. Use the no form of this command to remove a configured IP address.
Syntax ip address <ip address> <subnet mask>
Command
Description
ip
Specifies a valid IPv4 address. IP addresses should be expressed in dotted
address decimal notation (for example, 10.1.2.3).
<subnet mask>
Specifies the subnet mask that corresponds to a range of IP addresses. Subnet masks should be expressed in dotted decimal notation (e.g., 255.255.255.0).
Default NA
Command Mode Privileged User
Example This example configures the IP address of 10.4.2.3 255.255.0.0 on VLAN 6.
(conf-if-VLAN 6)#ip address 10.4.2.3 255.255.0.0
vrrp
This command provides for automatic assignment of available routers to participating hosts. This increases the availability and reliability of routing paths through automatic default gateway selections on a LAN. The protocol achieves this by creating virtual routers, comprised of master and backup routers. VRRP routers use multicast to notify its presence in the LAN (never forwarding outside of the LAN). VRRP is based on RFC 2338, 3768.
Syntax
- 574 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
vrrp <VRID> ip <ip address> vrrp <VRID> ip <ip address> secondary vrrp <VRID> priority <priority> vrrp <VRID> preempt vrrp <VRID> advertisement-timer <time in seconds>
Command ip address secondary priority preempt time in seconds
Description Sets the primary IP address for the VRID. Sets secondary IP address for the VRID. Sets the priority for VRID. The range is 1-254. Sets preemption for lower priority Master. Sets interval timer for advertising the Master VRID
Default NA
Command Mode Privileged User
Example The following is an example of how this command can be used.
# configure data )config-data)# interface VLAN 1 )conf-if-VLAN 1)# vrrp 1 ip 10.100.1 (conf-if-VLAN 1)# vrrp 1 prioity 200
description
This command sets the description on the specified interface.
Syntax description <string>
- 575 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command
Description
string Specifies the interface description using an alphanumerical string (up to 255 characters).
Default NA
Note Use inverted commas when using the space character as part of the description. The string is limited to 255 characters.
Command Mode Privileged User
Example This example sets the description on VLAN 6.
(conf-if-VLAN 6)# description vlan 6 interface
duplex
This command configures the duplex mode on the specified Layer 2 interface.
Syntax
duplex half duplex full duplex auto
Command half full auto
Description Forces half duplex operation. Forces full duplex operation. Enables AUTO duplex configuration.
Default
- 576 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Duplex is set to auto.
Command Mode Privileged User
Example This example forces full duplex operation on GigabitEthernet 4/2.
(conf-if-GE 4/2)# duplex full
bind
This command binds VoIP applications (SIP & RTP) to a specific WAN interface.
Syntax
bind interface <ifname> <slot/port.vlanId> oamp bind source-address interface <ifname> <slot/port.vlanId> oamp bind vrf string oamp bind vrf all-vrfs
Command all-vrfs
Description Enables to bind command to applications (e.g., OAMP).
ifname
Interface Type
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99]
- 577 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
ifname vlan loopback bvi
Interface Type Vlan ID Loopback ID Bridge interface
Interface ID [1-3999] [1-5] [1-255]
Default NA
Note This command automatically sets up port forwarding & static NAT rules for VOIP traffic. See Media realm and SIP interface for port definition.
Command Mode Privileged User
Related Commands bind
Example This example will automatically create the necessary firewall rules to enable SIP signaling & RTP on the WAN interface GigabitEthernet 0/0. Ports should be pre-configured via Media realm and SIP interface.
(config-system)# bind interface gigabitethernet 0/0 oamp
Cellular 3G/4G Modem Configuration Commands
This section defines 3G/4G cellular modem configuration.
interface cellular 0/0
On Mediant 800 MSBR devices with the appropriate hardware revision, this command allows defining an Internet connection via a cellular 3G modem connected to the USB port. The command creates the cellular interface and enters the "conf-cellular" CLI context, where additional settings are available.
Syntax
- 578 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
interface cellular 0/0
Default By default, the cellular interface is not configured.
Note The shutdown, route default, napt, ppp user, ppp authentication commands are applicable in the "conf-cellular" CLI context.
Command Mode Privileged User
Example This example defines a cellular interface:
(config-data)# interface cellular 0/0 (conf-cellular)#
adv
This command enables advanced configurations.
Syntax adv
Command Mode Privileged User
Example This example sets the device to advanced configuration:
(config-data)# interface cellular 0/0 (conf-cellular)# adv (adv-cell-config)#
- 579 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
hdlc
This command sets the HDLC framing link type for PPP mode.
Syntax hdlc asynchronous | synchronous
Command asynchronous synchronous
Description Sets the HDLC asynchronous framing. Set HDLC synchronous framing (default)
Default The default setting is "synchronous".
Command Mode Privileged User
Example This example sets the HDLC asynchronous framing:
(config-data)# interface cellular 0/0 (conf-cellular)# adv (adv-cell-config)# hdlc asynchronous
modem-details
This command sets the modem Vendor ID number and Product ID number configuration, according to the connected USB device. It can be used with "option" driver update and/or, "USB modeswitch" commands.
Syntax
modem-details default-product-id [default product id - HEX] modem-details modem-product-id [modem product id - HEX] modem-details vendor-id [product id - HEX]
- 580 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command
Description
default-product-id Sets the default Product-ID (as 4 HEX digits) when the
- HEX
dongle is plugged in.
modem-product id - Sets the modem Product-ID (as 4 HEX digits) when the
HEX
dongle is plugged in.
vendor-id - HEX
Sets the supported Vendor ID (as 4 HEX digits) when the dongle is plugged in.
Command Mode Privileged User
Example This example sets the supported Vendor ID:
(config-data)# interface cellular 0/0 (conf-cellular)# adv (adv-cell-config)# modem-details vendor-id AAFF
option
This command sets the "option" serial driver support using the parameters set in the modemdetails sub-menu (Vendor-id/Modem product-id). The USB device manufacturer should advise that it is able to work with the "option" driver.
Syntax option enable
Command Mode Privileged User
Example This example enables serial driver support:
(config-data)# interface cellular 0/0 (conf-cellular)# adv
- 581 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
(adv-cell-config)# modem-details vendor-id AAFF (adv-cell-config)# modem-details product-id 12AB (adv-cell-config)# modem-details default-product-id 34BC (adv-cell-config)# option enable
Setting modem details is mandatory before running the command "option enable":
(adv-cell-config)# option enable Please set all modem details to enable option driver support
usb-modeswitch
This command sets the USB modeswitch settings. When a USB device is plugged in for the first time, it might perform like a flash storage. The MSBR should make the storage device disappear and changes it to a communications device to work with it under the Cellular interface.
The usb_modeswitch command can send a provided message to the device, to initiate the mode switching. Using the parameters in the "modem- details" command, and the usbmodeswitch sub-menu, it changes the device "default-product-id" to the "modem-product-id" and the "default-vendor id" to "vendor-id".
Syntax
usb-modeswitch configuration-id [index] usb-modeswitch enable usb-modeswitch message [message text}
Command configuration-id
configurationid index enable message message text
Description Defines an optional configuration-id to the modeswitch parameters Defines the Configuration index.
Enables the USB modeswitch. Defines an optional USB modeswitch message. Defines the actual USB modeswitch message text.
Command Mode Privileged User
- 582 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Example This example enables the USB modeswitch on the following modem-details:
(config-data)# interface cellular 0/0 (conf-cellular)# adv (adv-cell-config)# modem-details vendor-id AAFF (adv-cell-config)# modem-details product-id 12AB (adv-cell-config)# modem-details default-product-id 34BC (adv-cell-config)# usb-modeswitch enable Setting modem details is mandatory before running the command "usbmodeswitch enable": (adv-cell-config)# usb-modeswitch enable Please set all modem details to enable USB modeswitch operation
apn
This command sets the Access Point Name (APN) used by the cellular interface.
Syntax apn <apn-string>
Default The default APN is "uinternet".
Command Mode Privileged User
Note The command is applicable only to PPP-based cellular modems.
Example This example sets the APN:
(config-data)# interface cellular 0/0 (conf-cellular)# apn internetg
- 583 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
backup monitoring
This command selects which of the device's other interfaces, needs to be monitored. This command configures the cellular 3G connection in "backup" mode, where the connection is initiated only if another interface goes down. To return to "primary" mode where the cellular 3G connection is always up use the "no" form of this command. This command is available in the "conf-cellular" configuration context.
Syntax
backup monitoring <if-type> <if-index>
Command if-type if-index
Description Defines the Interface Type, e.g. GigabitEthernet or ATM Defines the Interface Index, e.g. 0/0
Default The default operation mode is primary WAN, i.e. "no backup monitoring".
Command Mode Privileged User
Example This example sets cellular backup mode:
(config-data)# interface cellular 0/0 (conf-cellular)# backup monitoring GigabitEthernet 0/0
conditional-apn
This command defines the variable APN by operator name.
Syntax conditional-apn operator <Name> apn <APN for specified Operator>
- 584 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Note The command is applicable only to PPP-based cellular modems.
Example This example configures a conditional APN.
(config-data)# interface cellular 0/0 (conf-cellular)# conditional-apn operator ITSP-1 apn ORANGE
crypto
This command defines encryption and decryption of the cellular interface.
Syntax crypto
Command map <tag> vpn-client <IP Address> vpn-server map
Description Assigns a Crypto Map. . Connects to a VPN server. Creates a VPN server.
Command Mode Privileged User
Example This example connects the cellular interface to VPN server 100.1.3.4:
(config-data)# interface cellular 0/0 (conf-cellular)# crypto vpn-client 100.1.3.4
- 585 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
firewall
This command enables a firewall on the cellular interface.
Syntax firewall enable
Command Mode Privileged User
Example This example enables the firewall on the cellular interface:
(config-data)# interface cellular 0/0 (conf-cellular)# firewall enable
initstr
This command sets the initialization string for the cellular modem.
Syntax initstr <init-string>
Default The default initialization string is "AT&F".
Command Mode Privileged User
Note The command is applicable only to PPP-based cellular modems.
Example This example sets the initialization string:
- 586 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
(config-data)# interface cellular 0/0 (conf-cellular)# initstr ATC0D0
mode
This command defines the mode of the cellular modem (PPP or DHCP).
Syntax mode
dhcp ppp
Command
Description
Defines the cellular interface as Ethernet using DHCP.
Defines the cellular interface as PPP using IPCP.
Default ppp
Note The integrated cellular modem (LTE) supports only the DHCP mode. The integrated cellular modem is applicable only to Mediant 500L MSBR.
Command Mode Privileged User
Example This example defines the cellular interface as PPP:
(config-data)# interface cellular 0/0 (conf-cellular)# mode ppp
mtu
This command defines the Maximum Transmission Unit (MTU) of the cellular interface. The value is usually negotiated automatically.
- 587 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Syntax mtu
<128 - 9999> auto
Command
Description
Defines MTU in bytes.
MTU is defined automatically.
Default auto.
Command Mode Privileged User
Example This example defines MTU automatically.
(config-data)# interface cellular 0/0 (conf-cellular)# mtu auto
napt
This command enables the NAPT mode. This setting is mandatory unless your service provider supports routable addresses for your LAN hosts.
Syntax napt
Command Mode Privileged User
Note The command is applicable only to PPP-based cellular modems.
- 588 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
pcui
This command defines the PCUI port index for communication with the MSBR.
Syntax pcui <port index> pcui send <send text> expect <expect text> reboot
Command port index send text expect text reboot (optional)
Description Defines the TTY port index. Defines the AT command format. Defines the expected string to match. Reboot on match. (optional)
Command Mode Privileged User
Note The command is applicable only to PPP-based cellular modems.
Example This example sets the PCUI port index for communication with the MSBR.
(config-data)# interface cellular 0/0 (conf-cellular)# pcui send AT+CSQ expect OK reboot
Use the "show data cellular pcui" command to see the output from the PCUI port.
phone
This command sets the telephone number (dial-string) used by the cellular interface.
Syntax phone <phone-string>
- 589 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Default The default phone number is "*99#".
Command Mode Privileged User
Note The command is applicable only to PPP-based cellular modems.
Example This example sets the phone number:
(config-data)# interface cellular 0/0 (conf-cellular)# phone *99#
pin
This command sets the 4-digit Personal Identification Number (PIN) code required for the SIM card installed in the modem. Use the "no" form of this command to remove the PIN. This command is available in the "conf-cellular" configuration context.
Syntax pin <code>
Default The default setting is "no pin".
Command Mode Privileged User
Example This example sets the PIN code:
- 590 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
(config-data)# interface cellular 0/0 (conf-cellular)# pin 1234
ppp user
This command defines the username and password for authentication of the PPP connection for PPP over cellular interface.
Syntax ppp user <Username>
Command obscured-pass pass
Description Copy the password from existing configuration Defines the password for the PPP connection.
Command Mode Privileged User
Note The command is applicable only to PPP-based cellular modems.
Example This example configures a PPP username "JohnD" and password "1234".
(config-data)# interface cellular 0/0 (conf-cellular)# ppp user JohnD pass 1234
ppp authentication
This command enables PPP authentication and defines the supported authentication protocols for PPP over cellular interface.
Syntax ppp authentication <protocol>
- 591 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command
Description
pap
Defines the Password Authentication Protocol as PPP authentication
protocol. This is for normal login -when a connection has been made the
host sends the username and password.
chap
Defines the Challenge Handshake Authentication Protocol as PPP authentication protocol. With CHAP, the authenticator (i.e. the server) sends a randomly generated "challenge" string to the client, along with its hostname. The client uses the hostname to look up the appropriate secret, combines it with the challenge, and encrypts the string using a one-way hashing function. The result is returned to the server along with the client's hostname.
mschap
Defines the Microsoft Challenge Handshake Authentication Protocol as PPP authentication protocol.
mschap2
Defines the Microsoft Challenge Handshake Authentication Protocol 2 as PPP authentication protocol.
Default All four authentication protocols are set as on (no limit is placed on which and how many authentication is used - all four can be activated on the same interface). You can disable some protocol using "no ppp authentication <protocol>" command
Command Mode Privileged User
Note The command is applicable only to PPP-based cellular modems. For disabling authentication protocol, use the command "no ppp authentication <protocol>".
Example This example disables the authentication protocol.
(config-data)# interface cellular 0/0 (conf-cellular)# no ppp authentication chap
profile
This command defines a profile for cellular modems that use DHCP.
- 592 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Syntax profile
Command apn obscured-pass
password user
Description Defines the APN for the profile. Defines an obscured password for the profile. Defines a password for the profile. Defines a username for the profile.
Note This command is applicable only to the integrated cellular modem (LTE). The integrated cellular modem is applicable only to Mediant 500L MSBR.
Command Mode Privileged User
Example This example defines a username for the cellular interface profile:
(config-data)# interface cellular 0/0 (conf-cellular)# profile (cell-profile-config)# user ITSP-A
sms
This command provides support for sending an SMS text message through a 3G cellular connection. Cellular connectivity is achieved by attaching a third-party, 3G cellular modem to the device's USB port.
Syntax
sms <mobile number> "<message text>"
- 593 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command
<mobile number>
<message text>
Description Defines the destination phone number.
Defines the message text which can include up to 127 characters and must be enclosed in double quotes (").
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example sends a text message to a mobile phone.
(config-data)# interface cellular 0/0 (conf-cellular)# shutdown (conf-cellular)# sms 0546342171 "Hello John Doe!"
tty
This command selects the serial instance (TTY) for the cellular modem. Most modems provide multiple serial interfaces for diagnostic purposes, usually only one is appropriate for Internet access. TTY is the serial port used to communicate with the modem (which is typically determined automatically). However, in case the device cannot communicate with the serial modem, you can use a different serial port (according to the Linux guide provided by the manufacturer of the cellular dongle modem). Setting "tty first" will use the first responsive serial interface. Setting "tty last" will use the highest numbered interface (default). Alternatively, a serial interface can be selected by number. The recommended setting for Sierra Wireless 308 modems is "tty 2". The recommended setting for Huawei E160 / E182E modems is "tty 0". The recommended setting for all other modems is the default "tty last".
Syntax
tty <tty-value>
- 594 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command <tty-value>
Description
Defines the "first", "last" or a number between 0 and 11. If set to first, the first responsive serial interface is used. If set to last, the highest numbered interface is used.
Default The default TTY value is "last".
Command Mode Privileged User
Note The command is applicable only to PPP-based cellular modems.
Example This example sets the TTY instance:
(config-data)# interface cellular 0/0 (conf-cellular)# tty 0
vendor
This command defines the vendor and model specific settings of the cellular modem. These are specific commands used by external dongles that don't follow the norm.
Syntax vendor <Vendor ID>
Command Mode Privileged User
Note The command is applicable only to PPP-based cellular modems.
Example
- 595 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
This example defines the vendor of the cellular modem.
(config-data)# interface cellular 0/0 (conf-cellular)# vendor netgear 341u
ADSL/VDSL Commands
The following describes ADSL/VDSL commands.
interface dsl 0/0
Asymmetric Digital Subscriber Line (ADSL) and VDSL (Very high-speed DSL) are popular WAN access technologies using copper wire pairs. On appropriate hardware variants of the device, this command defines the physical properties of the ADSL/VDSL interface. Once the physical layer is configured: For ADSL, proceed to ATM interfaces using the command interface atm. For VDSL, proceed to configure EFM using the command interface efm. The DSL interface automatically detects the signal on the interface and based on the signal
it chooses the DLS mode (ADSL or VDSL).
Syntax
interface dsl <slot>/<port>
Command
Description
<slot> Defines the location of the ADSL/VDSL hardware mezzanine. Must be 0.
<port> Defines the location of the ADSL/VDSL hardware mezzanine. Must be 0.
Default By default, the DSL interface is not defined.
Command Mode Privileged User.
Example The example below describes how to define the DSL interface.
- 596 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
(config data)# interface dsl 0/0
Fiber Optic Commands
The commands below describe Fiber Optic.
interface fiber
This command enters a specific interface configuration. Use the no form of this command to delete a specific interface.
Syntax interface fiber <slot/port> interface fiber <slot/port[.vlanID]>
Command slot port vlanID
Description Defines the module slot index as shown on the front panel. Defines the port index within the selected module. Defines the VLAN ID for a Layer 3 sub interface.
Default NA
Command Mode Privileged User
Example This example enters a specific interface configuration for the WAN Interface menu.
(config-data)#interface fiber 0/3 This example enters a specific interface configuration for the sub-Interface 3 menu.
(config-data)#interface fiber 0/3.3
- 597 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
SHDSL Commands
The commands below describe SHDSL.
interface SHDSL 0/0
Symmetric High-speed Digital Subscriber Line (SHDSL, sometimes called G.SHDSL) is a popular WAN access technology using copper wire pairs. The purpose of this command is to configure physical-layer properties of SHDSL, such as the number of wire-pairs in use. See the sub-commands "mode" and "group" for additional information. Once the physical layer is configured, proceed to ATM interfaces using the command "interface atm".
Syntax
interface shdsl <slot>/<port>
Command
Description
slot
Defines the location of the SHDSL hardware mezzanine. Must be 0.
port
Defines the location of the SHDSL hardware mezzanine.
Default The system will attempt to detect the correct configuration automatically, by sensing line connectivity and negotiating connection parameters with the Internet Service Provider.
Command Mode Privileged User
Example The example below describes how to define the SHDSL interface.
(config-data)# interface shdsl 0/0
mode
This command selects the SHDSL mode of operation (ATM or EFM).
- 598 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Syntax
interface shdsl 0/0 mode {atm|efm}
Command atm efm
Description Selects ATM mode of operation. Selects Ethernet-in-the-First-Mile (EFM) operation.
Default The default setting is ATM.
Command Mode Privileged User
Example This example defines ATM on the SHDSL interface:
(conf-shdsl)# mode atm
group
This command defines an SHDSL group of wires. Use the "no" form of this command to delete a previously-defined group.
Syntax
interface shdsl 0/0 [no] group <group-id>
Command <group-id>
Description Defines the range as 0 to 3.
Default
By default, four SHDSL groups are defined, each with a single wire-pair; the system will attempt to detect changes on the physical medium and adapt configuration accordingly.
- 599 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example defines one group:
(conf-shdsl)# group 0
pairs
This command selects the wire-pairs which participate in an SHDSL group.
Syntax
interface shdsl 0/0 group <group-id> pairs <list of wire-pair numbers>
Command
list of wire-pair numbers
Description
Defines the wire-pair numbers (0 to 3), separated by commas. Examples:
pairs 0
Defines a simple two-wire connection using the first wire pair.
pairs 0,1 Defines a multiple pair (m-pair) connection using wire pairs.
pairs 0,1,2,3
Defines a multiple pair (m-pair) connection using all four wire-pairs. Pair 0 is the master pair for this group.
Default By default, four SHDSL groups are defined, each with a single wire-pair; the system will attempt to detect changes on the physical medium and adapt configuration accordingly.
Command Mode Privileged User
Example
- 600 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
This example defines a group of two wire-pairs: (conf-shdsl-0)# pairs 0,1
termination
This command selects the type of line termination on an SHDSL group.
Syntax
interface shdsl 0/0 group <group-id> termination {cpe|co}
Command
Description
cpe
Selects STU-R mode (SHDSL Remote Terminal)
co
Selects STU-C mode (SHDSL Central Office Terminal)
Note: CO mode is unsupported and available for diagnostic purposes only;
the system cannot be used as a DSLAM.
Default The default is CPE mode.
Command Mode Privileged User
Example This example defines CPE mode:
(conf-shdsl-0)# termination cpe
linerate
This command selects the line rate of each wire-pair in an SHDSL group.
Syntax
- 601 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
interface shdsl 0/0 group <group-id> linerate auto linerate kbps <min-rate> <max-rate>
Command
Description
auto
Automatically negotiates the Line rate. Up to 5696 Kbps per wire-pair.
<min-rate> Defines the minimum line rate in kilobits per second. The lowest supported rate is 432 Kbps.
<max-rate> Defines the maximum line rate in kilobits per second. The highest supported rate is 5696 Kbps.
Default The default is setting is auto.
Command Mode Privileged User
Example This example selects automatic line rate:
(conf-shdsl-0)# linerate auto
annex
This command selects the regional annex (as defined in ITU-T Recommendation G.991.2) for an SHDSL group.
Syntax
interface shdsl 0/0 group <group-id> annex {a|b}
Command a
Description Selects G.991.2 regional annex A / F.
- 602 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command b
Description Selects G.991.2 regional annex B / G.
Default The default setting is annex a.
Command Mode Privileged User
Note Annex F is identical to Annex A, with extended line rates up to 5696 Kbps. Similarly, Annex G is identical to Annex B with extended line rates up to 5696 Kbps.
Example This example selects regional annex A:
(conf-shdsl-0)# annex a
interface atm
This command defines an ATM sub-interface for Internet access over SHDSL. An ATM subinterface provides IP services over a Permanent Virtual Circuit (PVC) defined by the ATM network administrator.
Syntax
interface atm <group-id>/<sub-id>
Command
Description
groupid
Defines the number of the SHDSL group (0-3) defined by the "group" command.
sub-id
Defines the sub-interface number (0 to 7). Note: The system supports up to a total of eight ATM interfaces in all SHDSL groups.
Default
- 603 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
By default, no ATM interfaces are defined.
Command Mode Privileged User
Example This example defines an ATM interface:
(config-data)# interface atm 0/0
pvc
This command defines the Permanent Virtual Circuit (PVC) associated with an ATM subinterface.
Syntax
interface atm <group-id>/<sub-id> pvc <vpi>/<vci>
Command <vpi> <vci>
Description Defines the Virtual Path Identifier code (0 to 256). Defines the Virtual Connection Identifier code (32 to 65535).
Default By default, no ATM interfaces are defined.
Command Mode Privileged User
Example This example defines an ATM interface with VPI 8, VCI 48:
(conf-atm0/0)# pvc 8/48
- 604 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
encapsulation
This command defines the type of IP encapsulation used on an ATM sub-interface.
Syntax
interface atm <group-id>/<sub-id> encapsulation {ipoa|ethoa|pppoa}-{mux|snap} encapsulation pppoe encapsulation pppoe-mux
Command
Description
ipoa
Selects the IP-over-ATM, in RFC 2684 "Routed" mode.
ethoa Selects the Ethernet-over-ATM, in RFC 2684 "Bridged" mode.
pppoa Selects PPP over ATM client (defined in RFC 2364)
snap
Selects AAL5 LLC/SNAP mode. A LLC header is used to describe the type of payload transmitted
mux
Selects AAL5 VC-multiplexed mode, data is not prepended with an LLC header
pppoe
Selects PPPoE over ATM in LLC/SNAP mode (i.e., PPPoE client on top of ethoasnap encapsulation)
pppoe- Selects PPPoE over ATM in VC-multiplexed mode (PPPoE client on top of
mux
ethoa-mux encapsulation)
Default By default, no ATM interfaces are defined.
Command Mode Privileged User
Example This example defines an ATM interface with RFC 2684 "Routed" encapsulation, with LLC/SNAP headers:
(conf-atm0/0)# encapsulation ipoa-snap
- 605 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
ubr / cbr / vbr
This command defines the ATM service class for an ATM sub-interface.
Syntax
interface atm <group-id>/<sub-id> ubr <peak-kbps> cbr <peak-kbps> vbr <peak-kbps> <sustained-kbps> <burst-cells>
Command
Description
ubr
Defines Unspecified Bit Rate; no bandwidth is reserved for this
interface. Traffic may be limited by a peak rate.
cbr
Defines Constant Bit Rate; bandwidth is reserved according to the
specified rate. Traffic cannot exceed the specified rate.
vbr
Defines Variable Bit Rate; bandwidth is reserved according to the
configured sustained rate. Traffic may exceed the sustained rate up to
the peak rate, but is further limited by a maximum number of burst
cells.
<peak-kbps> Defines the Maximum data rate in kilobits per second
<sustained- Defines the Sustained data rate in kilobits per second kbps>
<burstcells>
Defines the maximum number of cells allowed in excess of the sustained rate
Default The default setting is UBR with unlimited traffic rate.
Command Mode Privileged User
Example This example defines an ATM interface with a constant bit-rate traffic class, allowing bandwidth of 4 megabits per second:
- 606 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
(conf-atm0/0)# cbr 4096
ppp user
This command defines the PPPoA / PPPoE username and password for an ATM sub-interface.
Syntax interface atm <group-id>/<sub-id> ppp user <username> pass <password>
Command <username> <password>
Description Defines the PPP user name. Defines the PPP password.
Default This command has no defaults.
Command Mode Privileged User
Example This example defines a PPPoA ATM interface:
(conf-atm0/0)# ppp user admin pass 12345
T1 WAN Commands
This section describes the commands for the T1 WAN interface. The T1 WAN interface is one of three WAN interfaces of the Mediant 500 MSBR and Mediant 800 MSBR. The other WAN interfaces are SHDSL and the Ethernet WAN interface (see the relevant sections above). The T1 WAN interface supports up to two physical T1 ports; 0 and 1. This section includes the following topics: T1 Physical Interfaces. See below. Serial Interfaces. See Serial Interfaces on page 614.
- 607 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Multilink Interfaces (MLP over T1 WAN). See Multilink Interfaces (MLP over T1 WAN) on page 625.
The commands described in the previous sections are also applicable to the T1 WAN interface.
T1 Physical Interfaces
This section describes the WAN T1 Physical Interface commands.
You can configure the WAN T1 physical interface and the WAN serial interface on the same physical WAN port, where the same identifier <slot>-<port> is specified for both interfaces. In the examples described in this section and in section 41.5.15, <slot> / <port> is specified as either `0/0' and `0/1'.
channel-group
This command specifies the active TDM slots within the T1 frames.
Syntax channel-group <slot number>,<slot number> channel-group <slot number>-<slot number>
Command <slot number>
Description Defines the slot number within the range 1-24.
Default By default all slots are active à 1-24.
Command Mode Privileged User
Example This example sets active slots 2, 4 and 17, 18, 19 on t1 port 0/0.
(conf-if-t1 0/0)# channel-group 2, 4, 17-19
clock-source
This command specifies the clock source on the current T1 interface.
- 608 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Syntax clock-source <source>
Command <source>
Description
Defines the source of the clock: `internal' clock is taken locally from WIC itself `line' clock is taken from the line i.e., from the remote side
Default By default, the clock source is `line'.
Command Mode Privileged User
Example This example sets clock source to the internally generated on T1 Port 0/1:
(conf-if-t1 0/1)# clock-source internal
framing-method
This command specifies the framing method on the current T1 interface.
Syntax framing-method <framing mode>
Command <framing mode>
Description
Defines the framing method: `esf' extended super frame (F24) `sf' superframe (D4)
Default By default, the framing method is `esf'.
- 609 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example sets the framing method to superframe (D4) on t1 port 0/0:
(conf-if-t1 0/0)# framing-method sf
line-code
This command specifies the line coding on the current T1 interface.
Syntax line-code <line code>
Command <line code>
Description
Defines the line code: `ami' Alternate Mark Inversion encoding `b8zs' Bipolar Eight Zero Substitution encoding
Default By default, the framing method is `bz8s'.
Command Mode Privileged User
Example This example sets the line code to `ami' on t1 port 0/1:
(conf-if-t1 0/1)# line-code ami
line-buildout-loss
This command specifies the buildout loss on the current T1 interface.
Syntax
- 610 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
line-buildout-loss <loss>
Command <loss>
Description
Defines the line buildout loss [dB]: 0 dB -7.5 dB -15 dB -22.5 dB
Default By default, the line buildout loss is 0 dB.
Command Mode Privileged User
Example This example sets the line buildout loss to -7.5 dB on t1 port 0/0:
(conf-if-t1 0/0)# line-buildout-loss -7.5
max-cable-loss
This command specifies the loss due to cable length on the current T1 interface.
Syntax max-cable-loss <loss>
Command <loss>
Description
Defines the cable loss [dB]: 0.6 dB Cable length 0-133ft 1.2 dB Cable length 134-266ft 1.8 dB Cable length 267-399ft 2.4 dB Cable length 400-533ft 3 dB Cable length 534-655ft
- 611 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Default By default, the maximum cable loss is 0.6 dB.
Command Mode Privileged User
Example This example sets the cable loss to 3 dB on T1 Port 0/1:
(conf-if-t1 0/1)# max-cable-loss 3
loopback
This command specifies loopback on the current T1 WAN interface.
Syntax loopback <traffic source> <loopback location> loopback <traffic source> <loopback location> <timeout>
Command <traffic source>
<loopback location> <timeout>
Description
Defines the traffic source to be looped back: `remote' loopback ingress traffic. `local' loopback egress traffic.
Defines where the loop is performed in the T1 WAN Interface: `line' loop is done in the csu.
On the local loopback only. Specifies the timeout (in seconds) after the local loopback releases. Default timeout is 180 seconds.
Default By default, there is no loopback.
Command Mode Privileged User
- 612 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Example This example set the remote line loopback on T1 Port 0/0.
(conf-if-t1 0/0)# loopback remote line
ber-test
This command specifies the Bit Error Rate test on the current T1 WAN interface.
Syntax The syntax for this command includes several variations:
ber-test <channels group> <error rate> <pattern type> ber-test <channels group> <error rate> <pattern type> <timeout> ber-test <channels group> <error rate> <pattern type> forever
Command
Description
<channels Specifies the slot number within the range 1-24, on which the BER test
group>
runs. (See channel-group command for examples).
<error rate>
Specifies the rate of injected errors to the BER interface: 0 no errors injected. 1 inject errors in rate of 10-1. 2 inject errors in rate of 10-2. 3 inject errors in rate of 10-3. 4 inject errors in rate of 10-4. 5 inject errors in rate of 10-5. 6 inject errors in rate of 10-6. 7 inject errors in rate of 10-7.
<pattern type>
Specifies the pattern type: `1-2' - select 01 Sequence as BER pattern `1-4' - select 0001 Sequence as BER pattern `1-8' - select 00000001 Sequence as BER pattern `3-24' - select 3 '1's with 21 '0's Sequence as BER pattern `all-0' - select all 0 Sequence as BER pattern `all-1' - select all 1 Sequence as BER pattern `qrss' - select Quasi-Random Signal Sequence as BER pattern
- 613 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command
Description
<timeout>
Specifies the time that the BER test will run for, in seconds. The default value is 180 seconds. For running the BER test with no time limitation, select the `forever' value for this field.
Default By default, the BER test is not active.
Note This command is supported on the T1-WAN interface only. The user needs to make a loopback at the FarEnd, to have synchronous BER test patterns. Running the BER test with an error rate of 10-1 might cause the data not to synchronize.
So the BER won`t count bits or errors.
Command Mode Privileged User
Example This example starts the BER test for Channels 1-20 and Channel 22, with error rate of 10-3 and pattern type QRSS, which has no timeout:
(conf-if-t1 0/0)# ber-test 1-20, 22 3 qrss forever
This example starts the BER test for Channels 1,2 and 10-15, no errors injected, pattern type 324, and default timeout (180 seconds):
(conf-if-t1 0/0)# ber-test 1, 2, 10-15 0 3-24
Serial Interfaces
This section describes the WAN serial interface commands.
You can configure the WAN serial interface and the WAN T1 physical interface on the same physical WAN port, where the same identifier <slot>-<port> is specified for both interfaces. In the examples described in this section and in Section 41.5.14, <slot> / <port> is specified as either `0/0' and `0/1'.
- 614 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
serial-protocol
This command specifies the encapsulating protocol on the serial interface.
Syntax serial-protocol <protocol>
Command
protocol *bundle id parameter is for mlp only.
Description
Defines the encapsulating protocol: `hdlc' set hdlc protocol `ppp' set ppp protocol `mlp' set multilink ppp protocol and associates
the serial interface to a logical bundle id.
Default By default, there is no encapsulating protocol set on the serial interface.
Command Mode Privileged User
Example This example sets PPP as the encapsulating protocol on the serial interface 0/0:
(conf-if-serial 0/0)#serial-protocol ppp
To remove the protocol, type `no' at the prefix of the command. This example sets HDLC as the encapsulating protocol on the serial interface 0/0:
(conf-if-serial 0/0)#serial-protocol hdlc
To remove the protocol, type `no' at the prefix of the command. This example sets MLP as the encapsulating protocol on the serial interface 0/1 and associates the serial interface to a logical bundle identified by id 0:
(conf-if-serial 0/1)#serial-protocol mlp 0
- 615 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
To remove the protocol, type `no' at the command prefix.
ip address (HDLC over T1)
This command specifies the IP address and subnet mask of the HDLC serial interface.
Syntax ip address <a.b.c.d> <e.f.g.h>
Command a.b.c.d e.f.g.h
Description Defines the static local IP address set on this HDLC serial interface. Defines the static subnet mask set on this HDLC serial interface.
Default By default, the IP address is 1.1.1.1 and the subnet mask is 255.255.255.0.
Command Mode Privileged User
Example This example sets IP address 223.4.5.6 on HDLC encapsulated serial interface 0/0:
(conf-if-serial-hdlc 0/0)# ip address 223.4.5.6 255.255.255.252
ip dns-server (HDLC over T1)
This command specifies the primary and secondary DNS servers to be used by this HDLC serial interface.
Syntax ip dns-server <a.b.c.d> [e.f.g.h]
Command a.b.c.d e.f.g.h
Description Defines the IP address of the primary DNS server. Defines the IP address of the secondary DNS server.
- 616 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Default By default, no DNS servers are defined for the HDLC serial interface.
Command Mode Privileged User
Example This example sets IP address 223.4.5.6 on the HDLC encapsulated serial interface 0/0:
(conf-if-serial-hdlc 0/0)# ip dns-server 10.1.1.10 10.1.1.11
ip mtu (HDLC over T1)
This command specifies the maximum transfer unit value to be used by this HDLC serial interface.
Syntax ip mtu <mode> <value>
Command <mode>
<value>
Description
Defines the mtu mode to be used: `automatic' Sets to default value 1500 bytes. `manual' Sets manually according to the following value.
Defines the MTU in manual mode (68-1500).
Default By default the mtu is set to 1500 bytes.
Command Mode Privileged User
Example This example sets the mtu to 1400 bytes:
- 617 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
(conf-if-serial-hdlc 0/0)# ip mtu manual 1400
ip address (PPP over T1)
This command specifies the IP addressing mode of the PPP serial interface.
Syntax ip address <mode> <a.b.c.d> <e.f.g.h>
Command
Description
Mode
Defines the PPP IP addressing modes: `automatic' IP address will be accepted from peer during IPCP negotiation. `manual' set local static IP address and optional subnet mask. `unnumbered' use unnumbered mode (PPP serial interface uses LAN interface ip address).
a.b.c.d Defines the static local IP address set on this PPP serial interface relevant for manual mode only.
e.f.g.h Defines the optional static subnet mask set on this PPP serial interface relevant for manual mode only.
Default By default the IP addressing is automatic.
Command Mode Privileged User
Example This example sets IP address 223.4.5.6 on PPP encapsulated serial interface 0/0:
(conf-if-serial-ppp 0/0)# ip address manual 223.4.5.6 This example sets IP addressing mode to automatic on PPP encapsulated serial interface 0/0:
(conf-if-serial-ppp 0/0)# ip address automatic
- 618 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
ip dns-server (PPP over T1)
This command specifies the primary and secondary DNS servers to be used by this PPP serial interface.
Syntax ip dns-server <mode> <a.b.c.d> <e.f.g.h>
Command
Description
mode
Defines the DNS servers addressing modes: `automatic' DNS servers' IP addresses will be accepted from peer during PPP negotiation. `manual' set static DNS servers' IP address
a.b.c.d Defines the IP address of the primary DNS server - relevant only for manual mode.
e.f.g.h Defines the IP address of the optional secondary DNS server- relevant only for manual mode.
Default By default no DNS servers are defined for the PPP serial interface.
Command Mode Privileged User
Example This example sets the static DNS servers' IP addresses on the PPP encapsulated serial interface 0/0:
(conf-if-serial-ppp 0/0)# ip dns-server manual 10.1.1.10 10.1.1.11
ip mtu (PPP over T1)
This command specifies the maximum transfer unit value to be used by this PPP serial interface.
Syntax
- 619 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
ip mtu <mode> <value>
Command mode
value
Description
Defines the MTU mode to be used: `automatic' Set to default value 1500 bytes. `manual' Set manually according to following value.
Defines the MTU in manual mode (68-1500).
Default By default, the MTU is set to 1500 bytes.
Command Mode Privileged User
Example This example sets the mtu to 1400 bytes:
(conf-if-serial-ppp 0/0)# ip mtu manual 1400
authentication chap (PPP/MLP over T1)
This command enables Challenge Handshake Authentication Protocol (CHAP) to be used by this PPP/MLP serial interface.
Syntax authentication chap
Command `no' at prefix of command
Description Disables CHAP on this PPP/MLP serial interface.
Default By default CHAP is enabled
Command Mode
- 620 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Privileged User
Example This example enables CHAP:
(conf-if-serial-ppp 0/0)# authentication chap
authentication pap (PPP/MLP over T1)
This command enables Password Authentication Protocol (PAP) to be used by this PPP/MLP serial interface.
Syntax authentication pap
Command `no' at prefix of command
Description Disables PAP on this PPP/MLP serial interface.
Default By default, PAP is enabled.
Command Mode Privileged User
Example This example enables PAP on the MLP serial interface 0/0:
(conf-if-serial-mlp 0/0)# authentication pap
authentication ms-chap (PPP/MLP over T1)
This command enables Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) to be used by this PPP/MLP serial interface
Syntax authentication ms-chap
- 621 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command
`no' at prefix of command
Description
Disables MS-CHAP on this PPP/MLP serial interface.
Default By default, MS-CHAP is enabled.
Command Mode Privileged User
Example This example enables MS-CHAP:
(conf-if-serial-ppp 0/0)# authentication ms-chap
authentication ms-chap2 (PPP/MLP over T1)
This command enables Microsoft Challenge Handshake Authentication Protocol Version 2 (MSCHAP2) to be used by this PPP/MLP serial interface.
Syntax authentication ms-chap2
Command
`no' at prefix of command
Description
Disables MS-CHAP2 on this PPP/MLP serial interface.
Default By default, MS-CHAP2 is enabled.
Command Mode Privileged User
Example This example describes MS-CHAP2:
- 622 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
(conf-if-serial-ppp 0/0)# authentication ms-chap2
authentication username (PPP/MLP over T1)
This command sets the username to be used by this PPP/MLP serial interface during the authentication phase of the PPP negotiation.
Syntax authentication username <username>
Command username
Description Defines the username string
Default By default, the username is set to `user'.
Command Mode Privileged User
Example This example sets the username on the PPP serial interface 0/0:
(conf-if-serial-ppp 0/0)# authentication username JohnA
authentication password (PPP/MLP over T1)
This command sets the password to be used by this PPP/MLP serial interface during the authentication phase of the PPP negotiation.
Syntax authentication password <password>
Command <password>
Description Defines the password string
- 623 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Default By default, password is set to `password'.
Command Mode Privileged User
Example This example sets the password on the MLP serial interface 0/1:
(conf-if-serial-mlp 0/1)# authentication password qwerty
multilink bundle-id (MLP over T1)
This command associates the current MLP serial interface to a virtual bundle id. Setting more than one serial interface to the same bundle id bonds both interfaces under the same virtual bundle.
You can configure an identical virtual bundle for the MLP over T1 serial WAN interface and the Multilink WAN interface, where <bundle-id> is specified for both interfaces. In the example below, <bundle-id> is specified as `8'.
Syntax multilink bundle-id <id>
Command <id>
Description Defines the bundle-id (0-255).
Default No default value exists; you must specify a bundle id.
Command Mode Privileged User
Example This example associates a MLP serial interface 0/1 to logical bundle 0:
- 624 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
(conf-if-serial-mlp 0/1)#multilink bundle-id 8
Multilink Interfaces (MLP over T1 WAN)
This section describes the Multilink interfaces commands. The multilink interface holds all relevant data characteristics for a virtual bundle of MLP interface/s.
napt
This command sets the NAPT (Network Address Port Translation) on the Multilink interface.
Syntax napt
Default By default T1 interfaces use NAPT.
Command Mode Privileged User
Example This example sets the Multilink interface 0 to use NAPT:
(conf-if-multilink 0)#napt
ppp bundle-id
This command associates the current multilink interface with a virtual bundle id number.
You can configure an identical virtual bundle for the multilink WAN interface and the MLP over T1 serial WAN interface, where the identifier <bundle-id> is specified for both interfaces. In the example below, <bundle-id> is specified as `8'.
Syntax ppp bundle-id <id>
- 625 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command <id>
Description Defines the bundle-id (0-255).
Default By default, the bundle id is set to the multilink interface number.
Command Mode Privileged User
Example This example associates a multilink interface 1 with virtual bundle id 8:
(conf-if-multilink 1)# ppp bundle-id 8
ppp fragments-enable
This command will cause each transmitted packet to be fragmented among the virtual bundle's serial interfaces, thus reaching maximum bandwidth utilization.
Syntax ppp fragments-enable
Command
`no' at prefix of command
Description
Disables fragmentation on this multilink interface.
Default By default, fragmentation is disabled.
Command Mode Privileged User
Example This example enables fragmentation on interface multilink 0: To disable fragmentation, type `no' at the command prefix.
- 626 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
(conf-if-multilink 0)# fragments-enable
ppp mrru
This command sets the maximum reconstructed receive unit that is negotiated during the ppp session setup.
Syntax ppp mrru <size>
Command <size>
Description Defines the mru size (68-1500).
Default By default, mrru is set to 1500 bytes.
Command Mode Privileged User
Example This example sets the mrru to 500 bytes on multilink interface 1:
(conf-if-multilink 1)# ppp mrru 500
ip address
This command specifies the IP addressing mode of this multilink interface.
Syntax ip address <mode> <a.b.c.d> <e.f.g.h>
Command
Description
mode
Defines the MLP IP addressing modes as follows: `automatic' IP address will be accepted from peer during PPP negotiation. `manual' set local static IP address and optional subnet mask.
- 627 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command
Description
`unnumbered' use unnumbered mode (MLP serial interface uses LAN interface ip address).
a.b.c.d Defines the static local IP address set on this MLP multilink interface relevant for manual mode only.
e.f.g.h Defines the optional static subnet mask set on this MLP multilink interface relevant for manual mode only.
Default By default the IP addressing is automatic.
Command Mode Privileged User
Example This example sets the IP address 223.4.5.6 on multilink interface 0:
(conf-if-multilink 0)# ip address manual 223.4.5.6 This example sets the IP addressing mode to automatic on multilink interface 0:
(conf-if-multilink 0)# ip address automatic
ip dns-server
This command specifies the primary and secondary DNS servers to be used by this multilink interface.
Syntax ip dns-server <mode> <a.b.c.d> <e.f.g.h>
Command
Description
mode
The DNS servers addressing modes are: `automatic' DNS servers' IP addresses will be accepted from peer during PPP negotiation.
- 628 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command
Description
`manual' Sets static DNS servers' IP address
a.b.c.d Specifies the IP address of the primary DNS server - relevant only for the manual mode.
e.f.g.h Specifies the IP address of the optional secondary DNS server- relevant only for the manual mode.
Default By default, no DNS servers are defined for the multilink interface.
Command Mode Privileged User
Example This example sets static DNS servers' IP addresses on multilink interface 0:
(conf-if-multilink 0)# ip dns-server manual 10.1.1.10 10.1.1.11
Backup Group Commands
The commands below describe Backup Group.
backup-group
A backup group defines a set of interfaces so that only one of the interfaces is active at any given moment. Other interfaces in the group are automatically disabled. By default, the interface marked as "priority 1" will be activated; if the active interface loses connectivity, the device attempts to bring up the next interface in the group. As soon as the higher-priority interface regains connectivity, the lower-priority interface will be disabled. To associate interfaces with a backup group, use the "backup monitoring group" command in interface context.
Syntax
backup-group <group-name> [ primary-wan ] description <desc-text> exit
- 629 -
CHAPTER 75 WAN Access Commands
MSBR | CLI Reference Guide
Command
Description
groupname
Defines the name of the backup group.
primarywan
Marks the group as controlling the primary WAN connection. This setting affects SIP connectivity; when the primary WAN interface changes, registration will be performed via the new interface. This is an optional field.
desctext
A description of the backup group.
Default By default, no backup groups are defined.
Command Mode Privileged User
Example This example defines a backup group:
(config-data)# backup-group abc primary-wan (backup-group)# description WAN-group
backup monitoring group
This command associates an interface with a backup group. Interfaces in a backup group are automatically enabled and disabled based on the connectivity status of other interfaces in the group. See the command "backup-group" for additional information. To remove an interface from a backup group, use the "no" form of this command.
Syntax
backup monitoring group <group-name> priority {1|2|3}
Command
Description
group-name Name of the backup group (defined by the backup-group command).
1, 2, 3
Sets the interface priority in the backup group.
- 630 -
CHAPTER 75 WAN Access Commands
Default By default, interfaces are not associated with a backup group. Command Mode This command is available in interface configuration context. Example This example associates an interface with a backup group:
(conf-atm0/0)# backup monitoring group abc priority 1
MSBR | CLI Reference Guide
- 631 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
76 Layer-2 (LAN) Commands
Wi-Fi Commands
The following describes Wi-Fi commands.
radio shutdown
This command provides support for enabling or disabling Wi-Fi functionality. The no radio shutdown disables the Wi-Fi interface.
Syntax radio shutdown no radio shutdown
Default This command is applicable to Mediant 500 MSBR and Mediant 800/B MSBR.
Command Mode Privileged User
Example This example enables Wi-Fi functionality on the device.
(config-data)# radio shutdown
Data Services Commands
The following describes Data Services commands.
DNS Server
The following describes the DNS Server commands.
ip dns server
This command enables the DNS server on all Layer 3 interfaces. Use the no form of this command to disable the DNS server on all Layer 3 interfaces.
Syntax
- 632 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
ip dns server all auto ip dns server all static no ip dns server all auto
Command
Description
auto
Automatically sets the DNS server address by the response from the DHCP server. The interface must be set to obtain IP addresses from DHCP.
static Statically sets the DNS server address by the configuration.
Default NA
Related Commands ip host The ip dns server command is also available from the interface configuration sub-directory. See dns-server.
Command Mode Privileged User
Example This example enables a static DNS server for all Layer 3 interfaces:
(config-data)# ip dns server all static
ip host
This command adds an entry to the IP hostname table for all Layer 3 interfaces. Use the no form of this command to delete an entry from the IP Hostname table for all Layer 3 interfaces. The following are the relevant specifications: RFC 1034 RFC 1035 RFC 2782 (SRV) RFC 3403 (NAPTR)
Syntax
- 633 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
ip host <name> <ip address> <ttl> <tracking ID> ip host <name> srv <priority> <weight> <port> <target> <ttl> ip host <name> naptr <order> <preference> <flags> regexp <regexp> <ttl> ip host <name> naptr <order> <preference> <flags> service <service> regexp <regexp> <ttl> ip host <name> naptr <order> <preference> <flags> service <service> replacement <replacement> <ttl>
Command
Description
name
Specifies the name of the host. Up to 63 characters.
ip address Specifies the host's IPv4 (dotted decimal notation) or IPv6 address.
ttl
Defines Time-To-Live in seconds, range 0-2147483647.
priority
Defines the priority a non-negative number with a range 0-65535.
weight
Defines the weight a non-negative number with a range 0-65535.
port
Non-negative number, range 0-65535.
target
Domain name, up to 256 characters.
order
Non-negative number, range 0-65535.
preference Non-negative number, range 0-65535.
flags
Currently four flags are defined: "S", "A", "U", and "P" (characterstring).
service
Up to 64 characters and must start with an alphabetic (characterstring).
tracking ID
If Tracking ID is configured, this DNS record is resolved only if the DNS server is unreachable. This is only relevant when a DNS server is configured. If not entered, the DNS record is always resolved.
regexp
Up to 256 characters (character-string).
replacement Domain name, up to 256 characters.
Default NA
Related Commands
- 634 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
ip dns server
Command Mode Privileged User
Examples: This example adds an entry with name `abcd' and ip address `10.44.1.1' to the IP Hostname table for all Layer 3 interfaces:
(config data)# ip host abcd 10.44.1.1 3600
This example (taken from RFC 2782) for adding SRV entry to the DNS server table for all Layer 3 interfaces:
(config data)# ip host _foobar._tcp srv 0 1 9 old-slow-box.example.com 3600
This example (taken from RFC 3403) for adding NAPTR entry to the DNS server table for all Layer 3 interfaces:
(config data)# ip host example.com naptr 100 50 A service z3950+N2L+N2C replacement cidserver.example.com 3600
ip flow-export
This command defines the host/port to send flow statistics to. IP flow (NetFlow) is a feature that gives the ability to collect IP network traffic. The NetFlow records are generated from the firewall statistics. Since the NetFlow information is taken from the firewall, you must activate firewall capabilities on the monitored interface.
Syntax
ip flow-export enable ip flow-export destination <a.b.c.d> <port> ip flow-export version <version number> enable ip flow-export source-address interface <interface name> <interface-id>
Command
Description
enable
Enables IP flow statistics.
destination Specifies the NetFlow Destination server IP address.
- 635 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command port
sourceaddress version number a.b.c.d
Description Defines the NetFlow server port number (1-65535). The default port is 2055. Sets the source of the NetFlow packets. If not specified, the source will be set according to the routing table interface. Enables NetFlow version number (5 or 9).
Defines the Netflow IP address.
Interface Name
Interface Type
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
loopback
Loopback ID
bvi
Bridge interface
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default NA
Command Mode Privileged User
Example
- 636 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
This example enables IP flow statistics. (config-data)# ip flow-export enable
ip fastpath
This command defines Acceleration settings.
Syntax ip fastpath unilateral-timeout <seconds>
Command
Description
seconds Defines Timeout in seconds (0 means connections will never time out).
Default NA
Command Mode Privileged User
Example This example sets the connections so that they don't time out.
(config-data)# ip fastpath unilateral-timeout 0
dns-view
This command defines a DNS view.
Syntax dns-view <view name>
Command view name
Description Defines the DNS view name.
- 637 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example defines a DNS view.
(config-data)# dns-view view1
set server address
This command defines the DNS server to where the queries matching this DNS view are forwarded.
Syntax # set server address <server ip address>
Command
Description
server ip address
Defines the server IP address which is one of the device's DNS server's IP address (configured as part of an interface properties); otherwise, the device will not forward to it.
Default NA
Command Mode Privileged User
Example This example defines the DNS server to where the queries matching this DNS view are forwarded.
- 638 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
(config-data)# dns-view view1 (dns-view-view1)# set server interface 1.10.1.1
match source-address
This command defines the DNS queries by source address for the DNS view.
Syntax # match source address <source IP address of DNS query> <source netmask of DNS query>
Default NA
Command Mode Privileged User
Example This example defines the DNS queries by source address for the DNS view.
(config-data)# dns-view view1 (dns-view-view1)# match source address 1.1.1.1 12.1.1.1
set server interface
This command defines the interface associated with the DNS server.
Syntax # set server interface <interface name> <slot / port /ID>
Command
Description
<interface name>
Defines the interface name which is the name of the interface that is configured with the desired DNS server (static or dynamic). This allows configuration of name servers received dynamically by DHCP or PPP.
Default
- 639 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
NA
Command Mode Privileged User
Example This example defines the interface.
(config-data)# dns-view view1 (dns-view-view1)# set server interface gigabitethernet 0/0
ip name-server
This command defines the DNS relay server's address on all Layer 3 interfaces. Use the no form of this command to the undefined DNS relay server's address on all Layer 3 interfaces.
Syntax
ip name-server <first ip address> all ip name-server <first ip address> [<second ip address>|all]
Command
Description
first ip address
Specifies the primary DNS server address. Specifies a valid IPv4 (dotteddecimal notation) or IPv6 address.
second ip address
Specifies the secondary DNS server address. This field is not required when specifying a single IP address. It specifies a valid IPv4 (dotted-decimal notation) or IPv6 address.
all
Apply to all interfaces.
Default NA
Related Commands This command is also available from the interface configuration sub-directory.
Command Mode
- 640 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Privileged User
Example This example defines DNS relay servers 10.4.1.1 and 10.4.1.2 for all Layer 3 interfaces:
(config data)# ip name-server 10.4.1.1 10.4.1.2
ip max-conn
This command defines the maximum number of firewall connections per IP address.
Syntax ip max-conn <number>
Command
Description
number Sets the maximum number of firewall connections per IP address. (20020000)
Default NA
Command Mode Privileged User
Example This example sets the maximum number of firewall connections per IP address to 500:
(config data)# ip max-conn 500
DHCP Server
The following describes DHCP Server commands.
ip dhcp-server
This command enables the specified address of the DHCP relay server to be used on the specified interface or on all Layer 3 interfaces. It also provides support for the device to act as a DHCP server for Lync-enabled IP phones, by supporting DHCP Options 120 and 43. DHCP
- 641 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Option 120 enables SIP clients to discover a domain name system (DNS) FQDN (Fully-Qualified
Domain Name) of a SIP server (SIP Server Discovery). For detailed information on DHCP Option
120, see RFC 3361. DHCP Option 43 enables devices to discover the Microsoft Lync Server
Certificate Provisioning service. For detailed information on how to configure DHCP Option 120
and
DHCP
Option
43,
see
http://technet.microsoft.com/en-
us/library/gg412828%28v=ocs.14%29.aspx.
Use the no form of this command to disable the address of the DHCP relay server on a specific interface or on all Layer 3 interfaces.
Not all the commands in this section have a no form. See the details in the commands syntax below. The no form for the ip dhcp-server <ip address> command is used to disable the DHCP relay server.
Syntax
# ip dhcp-server <ip address>{<interface> <interface ID>} # ip dhcp-server all <interface> <interface ID>
# no ip dhcp-server <ip address>
# ip dhcp-server network <first ip address> <last ip address> <subnet mask> # ip dhcp-server dns-server <dns ip address> # ip dhcp-server netbios-name-server <wins ip address> # ip dhcp-server lease <days> <hours> <minutes>
# ip dhcp-server boot-file-name <boot file name> # no ip dhcp-server boot-file-name
# ip dhcp-server domain-name <domain name> # no ip dhcp-server domain-name
# ip dhcp-server netbios-node-type <wins node type> # no ip dhcp-server netbios-node-type
# ip dhcp-server ntp-server <ntp ip address> # ip dhcp-server tftp-server <tftp ip address>
# ip dhcp-server tftp-server-name <tftp name> # no ip dhcp-server tftp-server-name
# ip dhcp-server time-offset <time offset> # no ip dhcp-server time-offset
- 642 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
# ip dhcp-server provide-host-name # no ip dhcp-server provide-host-name
# ip dhcp-server sip-server <FQDN of SIP server Option 120) # ip dhcp-server lync-cert-provisioning <Microsoft Lync Server Certificate Provisioning service Option 43>
# ip dhcp-server option82
Command
Description
ip address
Specifies a valid IPv4 address. IP addresses should be expressed in dotted decimal notation (for example, 10.1.2.3). Specifies a valid IPv4 address for the DHCP relay server.
first ip address last ip address subnet mask
Specifies the address pool of the DHCP relay server (valid IPv4 address). IP addresses should be expressed in dotted decimal notation.
dns ip address
Specifies a valid IPv4 address for the dns server. IP addresses should be expressed in dotted decimal notation (for example, 10.1.2.3). This parameter is optional.
wins ip address
Specifies a valid IPv4 address for wins server. IP addresses should be expressed in dotted decimal notation (for example, 10.1.2.3). This parameter is optional.
days hours minutes
Specifies the number of days and/or hours and/or minutes for server leases. This parameter is optional (default is 1 hour).
boot file name
Specifies the name of the configuration file that the DHCP client should download from the TFTP server. This parameter is optional. (BOOTP / DHCP Option 67).
domain name
Specifies the domain name that client should use when resolving hostnames via DNS. This parameter is optional. (BOOTP / DHCP Option 15).
wins node type
Specifies the NetBIOS (WINS) node type (i.e. 1 = B-node, 2 = Pnode, 4 = M-node, 8 = H-node). This parameter is optional. (BOOTP / DHCP Option 46).
- 643 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command
Description
ntp ip address
Specifies a valid IPv4 address for NTP server. IP addresses should be expressed in dotted decimal notation (for example, 10.1.2.3). This parameter is optional. (BOOTP / DHCP Option 42).
tftp ip address
Specifies a valid IPv4 address for TFTP server. IP addresses should be expressed in dotted decimal notation (for example, 10.1.2.3). This parameter is optional. (BOOTP / DHCP Option 150).
tftp name
Specifies a TFTP server name. This parameter is optional. (BOOTP / DHCP Option 66).
time offset
Specifies the offset of the client's subnet in seconds from Coordinated Universal Time (UTC). A positive offset indicates a location east of the zero meridian and a negative offset indicates a location west of the zero meridian. This parameter is optional. (BOOTP / DHCP Option 2).
tr069-acsserver-name
Supports sending a DHCP response with the URL of an AutoConfiguration Server (ACS) in reply to a DHCP request received from a client with the "dslforum.org" string in the Vendor Class Identifier (DHCP option 60). The device sends the URL in the Vendor Specific Information (DHCP option 43).
This is applicable when the device is configured as a DHCP server and is used for TR-069 provisioning.
Note: This command is applicable only to data-router functionality.
option82
Enables support for DHCP Option 82. This option is received from a DHCP relay agent that forwards client-originated DHCP packets to the device (acting as a DHCP server). When enabled, the device simply "echos" the information of Option 82 back to the DHCP client. The feature is enabled for the interface on which the DHCPv4 server is configured.
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255]
- 644 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
ipip l2tp pppoe pptp vlan loopback bvi
Interface Type (ifname) Tunnel IPIP ID L2TP ID PPPoE interface ID PPTP ID Vlan ID Loopback ID Bridge interface
Interface ID [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default NA
Related Commands This command is also available from the interface configuration sub-directory.
Command Mode Privileged User
Example This example configures the DHCP relay address of 10.1.2.3 on VLAN 5:
# config data (config-data)# ip dhcp-server 10.1.2.3 vlan 5
The following is an example of how to use tr069-acs-server-name parameter.
# config data (config-data)# interface vlan 10 (conf-if-VLAN 10)# ip dhcp-server tr069-acs-server-name srv_1
option
This command configures the Dynamic Host Configuration Protocol (DHCP) Server options. Use the no form of this command to remove the options.
- 645 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Syntax
option <DHCP option code> {ascii string|hex string|ip address} no option code <DHCP option code>
Command
Description
DHCP option code
Defines the DHCP option code.
ascii string
Defines an NVT ASCII character string. ASCII character strings that contain white space must be deliminated by quotation marks.
hex string
Defines dotted-hexadecimal data. Each byte in hexadecimal character strings is two hexadecimal digits - each byte can be separated by a period, colon, or white space.
ip address
Defines an IP address.
Default The default instance number is 0.
Command Mode DHCP pool configuration
Related Commands ip dhcp pool
Usage Guidelines: DHCP provides a framework for passing configuration information to hosts on a TCP/IP network. Configuration parameters and other control information are carried in tagged data items that are stored in the options field of the DHCP message. The data items themselves are also called options. The current set of DHCP options are documented in RFC 2131, Dynamic Host Configuration Protocol.
Examples:
- 646 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
This example configures DHCP Option 19, which specifies whether the client should configure its IP layer for packet forwarding. A value of "0" means disable IP forwarding; a value of "1" means enable IP forwarding. IP forwarding is enabled in This example: (config-data)# ip dhcp pool gigabitethernet 0/0
# option code 19 hex 01
This example configures DHCP option 72, which specifies the World Wide Web servers for DHCP clients. World Wide Web servers 172.16.3.252 and 172.16.3.253 are configured in This example:
# option code 72 ip 172.16.3.252 172.16.3.253
service dhcp
This command enables the DHCP server on the specified interface or on all Layer 3 interfaces. Use the no form of this command to disable DHCP server on a specific interface or on all Layer 3 interfaces.
Syntax
service dhcp all service dhcp gigabitethernet [slot/port.vlanID] service dhcp vlan <vlan id>
Command
Description
all
Enables/disables all interfaces.
slot/port.vlanID Defines the GigabitEthernet interface slot and port (Vlan ID is optional).
vlan id
Defines the VLAN interface.
Default All interfaces are disabled.
Note This command enables/disables the DHCP server created via the "ip dhcp pool" command.
Related Commands
- 647 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Ip dhcp pool The service dhcp command is also available from the interface configuration sub-directory.
Command Mode Privileged User
Example This example enables the DHCP server on VLAN 5:
(config data)# service dhcp vlan 5
DHCPv4 Client
This section describes DHCPv4 client commands
ip address dhcp
This command enables a DHCP client on the specified interface. Use the no form of this command to disable DHCP client functionality.
Syntax ip address dhcp no ip address dhcp
Default NA
Note The interface's IP address will be acquired via DHCP.
Command Mode Privileged User
Example This example configures a DHCP client on VLAN 6.
- 648 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
(config-data)# interface vlan 6 (conf-if-VLAN 6)# ip address dhcp
ip dhcp-client class-id
This command enables configuration of DHCP Option 60 (Vendor Class Identifier) to be sent by the client.
Syntax ip dhcp-client class-id <string>
Command
Description
string
The "vendor class id" string (Option 60) to be sent in the DHCP negotiation.
Default Option 60 is not sent by default
Command Mode Privileged User
Related Commands ip address dhcp
Example This example configures a new VLAN interface, enables DHCP, and sets the vendor class string to "MSBR".
(config-data)# interface vlan 3 (conf-if-VLAN 3)# ip address dhcp (conf-if-VLAN 3)# ip dhcp-client class-id "MSBR" (conf-if-VLAN 3)# no shutdown (conf-if-VLAN 3)# exit
ip dhcp-client default-route
This command configures the device to accept the gateway received via DHCP as the default route on this interface.
- 649 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Use the "no" form of this command to disregard the gateway received via DHCP. Syntax
ip dhcp-client default-route track <track id>
Command defaultroute
track id
Description
Defines the gateway received via DHCP as the default route on this interface.
Defines a track ID, the default route depends on. The range is 1-100.
Default no ip dhcp-client default-route
Command Mode Privileged User
Related Commands ip address dhcp
Example This example configures a new vlan interface, enables dhcp & default gateway
(config-data)# interface vlan 3 (conf-if-VLAN 3)# ip address dhcp (conf-if-VLAN 3)# ip dhcp-client default-route track 1 (conf-if-VLAN 3)# no shutdown (conf-if-VLAN 3)# exit
ip dhcp-client authentication
This command configures authentication of DHCPv4 messages between the client and server.
Syntax ip dhcp-client authentication key-id <ID> key-string|obscured-key-string <Key Name>
- 650 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command key-id key-string
Description
Command Mode Privileged User
Example This example configures authentication for DHCPv4 messages on VLAN 3.
(config-data)# interface vlan 3 (conf-if-VLAN 3)# ipv6 dhcp-client authentication key-id 3 obscured-key-string 8JKQkJybmw== (conf-if-VLAN 3)# no shutdown (conf-if-VLAN 3)# exit
ip dhcp-source-address
This command allows the user to configure the DHCP relay source address. This command is valid only in case of DHCP relay (remote).
Syntax
ip dhcp-source-address all <ip address> ip dhcp-source-address <interface name> <ip address>
Command
Description
ip address
Specifies a valid IPv4 address. IP addresses should be expressed in dotted decimal notation (for example, 10.1.2.3). Specifies a valid IPv4 address for the DHCP relay source address.
all
Enables all interfaces.
interface Defines the interface naming on the interface command.
name
Enables the specified interface.
Default NA
- 651 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Functional notes The address should be of one of the local interfaces.
Command Mode Privileged User
Related Commands The dhcp- source- address parameter takes effect only when the DHCP Relay server is configured. See the ip dhcp-server command.
Example This example configures vlan 5 to relay DHCP requests to 10.5.5.11, source address on the relayed packets will be set to 10.4.4.11:
(config-data)# ip dhcp-server 10.5.5.11 vlan 5 (config-data)# ip dhcp-source-address vlan 5 10.4.4.11
ip dhcp pool
This command assigns a pool on a specified interface and enters the pool configuration.
Syntax ip dhcp pool <interface name> <interface ID>
Command <interface name>
Description Defines interface naming on the interface command.
Interface Name
Interface Type
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255]
- 652 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Interface Name ipip l2tp pppoe pptp vlan loopback bvi
Interface Type Tunnel IPIP ID L2TP ID PPPoE interface ID PPTP ID Vlan ID Loopback ID Bridge interface
Interface ID [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default NA
Related Commands service dhcp The ip dhcp pool command is also available from the interface configuration sub-directory. See ip dhcp-server.
Command Mode Privileged User
Example This example enters IP DHCP POOL on VLAN 5.
(config data)# ip dhcp pool vlan 5
boot-file-name This command defines the name of the configuration file that the DHCP client should download from the TFTP server on the specified interface.
Syntax boot-file-name <boot file name> no boot-file-name
- 653 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command
Description
boot file name
Specifies the name of the configuration file that the DHCP client should download from the TFTP server. This parameter is optional. (BOOTP / DHCP Option 67).
Default NA
Functional notes NA
Command Mode Privileged User
Related Commands This command is also available from the interface configuration sub-directory. See ip dhcpserver.
Example This example sets the name of the configuration file that should be downloaded.
(dhcp-conf-VLAN 5)# boot-file-name my-config
This example clears this parameter.
(dhcp-conf-VLAN 5)# no boot-file-name
domain-name This command defines the domain name that client should use when resolving hostnames via DNS on the specified interface.
Syntax domain-name <domain name> no domain-name
- 654 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command
Description
domain Specifies the domain name that client should use when resolving hostnames
name
via DNS. This parameter is optional. (BOOTP / DHCP Option 15).
Default NA
Functional notes NA
Command Mode Privileged User
Related Commands This command is also available from the interface configuration sub-directory. See ip dhcpserver.
Example This example sets the domain name.
(dhcp-conf-VLAN 5)# domain-name domain.name.com
This example clears the domain name. (dhcp-conf-VLAN 5)# no domain-name
dns-server This command defines the DNS servers for the DHCP pool on the specified interface.
Syntax dns-server <ip address>
Command
Description
<ip
Specifies a valid IPv4 address. IP addresses should be expressed in dotted
address> decimal notation (for example, 10.1.2.3).
- 655 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example enters the ip dhcp pool on VLAN 5 and sets the DNS server to 10.1.2.3.
(dhcp-conf-VLAN 5)#dns-server 10.1.2.3
lease This command defines the address lease time assigned to the DHCP pool on the specified interface.
Syntax lease <days> [hours] [minutes]
Command <days> <hours> <minutes>
Description Sets the number of days (mandatory). Range is 0 to 365. Sets the number of hours. Range is 0 to 23. Sets the number of minutes. Range is 0 to 59.
Default By default, the lease time is set to 1 hour.
Related Commands This command is also available from the interface configuration sub-directory. See ip dhcpserver.
Command Mode Privileged User
- 656 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Example This example enters ip dhcp pool on VLAN 5 and sets the lease time to 5 hours and 15 minutes.
(dhcp-conf-VLAN 5)# lease 0 5 15
netbios-name-server This command defines a NetBIOS Windows Internet Naming Service (WINS) name servers assigned to the DHCP pool on the specified interface.
Syntax netbios-name-server <ip address>
Command
Description
<ip
Specifies a valid IPv4 address. IP addresses should be expressed in dotted
address> decimal notation (e.g., 10.1.2.3).
Default NA
Related Commands This command is also available from the interface configuration sub-directory. See ip dhcp-server.
Command Mode Privileged User
Example This example enters ip dhcp pool on VLAN 5 and sets the NetBIOS name server to 10.1.2.3.
(dhcp-conf-VLAN 5)# netbios-name-server 10.1.2.3
netbios-node-type This command specifies the NetBIOS (WINS) node type (i.e. 1 = B-node, 2 = P-node, 4 = Mnode, 8 = H-node) on the specified interface.
- 657 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Syntax
netbios-node-type <wins node type> no netbios-node-type
Command
Description
<wins node type>
Specifies the NetBIOS (WINS) node type (i.e. 1 = B-node, 2 = P-node, 4 = Mnode, 8 = H-node). This parameter is optional. (BOOTP / DHCP Option 46).
Default NA
Functional notes NA
Command Mode Privileged User
Related Commands This command is also available from the interface configuration sub-directory. See ip dhcpserver.
Example This example sets the WINS note type to B-node (= 1).
(dhcp-conf-VLAN 5)# netbios-node-type 1
This example clears this parameter. (dhcp-conf-VLAN 5)# no netbios-node-type
network This command defines the network address and mask for the DHCP pool. This command is mandatory for assigning dhcp pool on the interface.
- 658 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Syntax network <first ip> <last ip> <mask>
Command
Description
<first ip>
First IP address in the range for this pool. Specifies a valid IPv4 address. IP addresses should be expressed in dotted decimal notation (for example, 10.1.2.3).
<last ip>
Last IP address in the range for this pool. Specifies a valid IPv4 address. IP addresses should be expressed in dotted decimal notation (for example, 10.1.2.3).
<mask>
Specifies the subnet mask that corresponds to a range of IP addresses. Subnet masks should be expressed in dotted decimal notation (for example, 255.255.255.0).
Default NA
Related Commands This command is also available from the interface configuration sub-directory.
Command Mode Privileged User
Example This example enters ip dhcp pool on VLAN 5 and sets the Network addresses and mask for the pool.
(dhcp-conf-VLAN 5)#network 10.4.60.1 10.4.60.5 255.255.0.0
override-router-address This command overrides the router address assigned to the DHCP pool on the specified interface.
Syntax
- 659 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
override-router-address <IP Address>
Command <ip address>
Description
Specifies a valid IPv4 address. IP addresses should be expressed in dotted decimal notation (e.g., 10.1.2.3).
Default NA
Command Mode Privileged User
Related Commands This command is also available from the interface configuration sub-directory.
Examples: This example overrides the router address to 10.1.2.3.
(dhcp-conf-VLAN 5)# override-router-address 10.1.2.3
provide-host-name This command enables the device to provide host name if not specified by client on the specified interface. Use the no form of this command to disable this behavior.
Syntax provide-host-name no provide-host-name
Default The device provides host name if not specified by the client.
Functional notes NA
- 660 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Related Commands This command is also available from the interface configuration sub-directory. See ip dhcpserver.
Example This example will enable the device to provide a host name.
(dhcp-conf-VLAN 5)# provide-host-name
This example disables this behavior. (dhcp-conf-VLAN 5)# no provide-host-name
tftp-server This command defines a TFTP server assigned to the DHCP pool on the specified interface.
Syntax tftp-server <tftp ip address>
Command
Description
tftp ip address
Specifies a valid IPv4 address for TFTP server. IP addresses should be expressed in dotted decimal notation (for example, 10.1.2.3). This parameter is optional. (BOOTP / DHCP Option 150).
Default NA
Functional notes NA
Command Mode Privileged User
- 661 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Related Commands This command is also available from the interface configuration sub-directory. See ip dhcpserver.
Example This example sets the TFTP server IP address.
(dhcp-conf-VLAN 5)# tftp-server 10.4.4.1
tftp-server-name This command defines a TFTP server name assigned to the DHCP pool on the specified interface.
Syntax tftp-server-name <tftp name> no tftp-server-name
Command
Description
tftp name
Specifies a TFTP server name. This parameter is optional. (BOOTP / DHCP Option 66).
Defaults NA
Functional notes NA
Command Mode Privileged User
Related Commands This command is also available from the interface configuration sub-directory. See ip dhcpserver.
Example
- 662 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
This example sets the TFTP server name. (dhcp-conf-VLAN 5)# tftp-server-name servername
This example clears the TFTP server name. (dhcp-conf-VLAN 5)# no tftp-server-name
time-offset This command defines the offset of the client's subnet in seconds from Coordinated Universal Time (UTC) on the specified interface.
Syntax time-offset <time offset> no time-offset
Command
Description
time offset
Specifies the offset of the client's subnet in seconds from Coordinated Universal Time (UTC). A positive offset indicates a location east of the zero meridian and a negative offset indicates a location west of the zero meridian. This parameter is optional. (BOOTP / DHCP Option 2).
Default NA
Functional notes NA
Command Mode Privileged User
Related Commands This command is also available from the interface configuration sub-directory. See ip dhcpserver.
Example
- 663 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
This example sets the offset time to 500 seconds. (dhcp-conf-VLAN 5)# time-offset 500
This example removes this parameter. (dhcp-conf-VLAN 5)# no time-offset
service dhcp
This command enables the DHCP server on the interface. Use the no form of this command to disable the DHCP server.
Syntax
service dhcp no service dhcp
Default The DHCP server is disabled.
Note This command enables/disables the DHCP server created via the ip dhcp pool and ip dhcpserver commands.
Related Commands ip dhcp pool, Ip dhcp-server The service dhcp command is also available from the main data configuration directory (see ip dhcp pool and ip dhcp-server).
Command Mode Privileged User
Example This example enables the DHCP server on VLAN 5:
(conf-if-VLAN 5)# service dhcp
- 664 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
DHCPv6 Client
This section describes DHCPv6 client commands
ipv6 dhcp-client authentication
This command configures authentication of DHCPv6 messages between the client and server.
Syntax ipv6 dhcp-client authentication realm <Realm Name> key-id <ID> keystring|obscured-key-string <Key Name>
Command realm key-id key-string
Description
DHCP realm name. Enables re-use of the same key-id for different operators.
A number used by both client and server to identify the key used in signature calculation.
Defines the key used to sign the messages.
Command Mode Privileged User
Example This example configures authentication for DHCPv6 messages on VLAN 3.
(config-data)# interface vlan 3 (conf-if-VLAN 3)# ipv6 dhcp-client authentication realm real_new key-id 3 obscured-key-string 8JKQkJybmw== (conf-if-VLAN 3)# no shutdown (conf-if-VLAN 3)# exit
ipv6 dhcp-client ntp-server opt56
This command configures the device as a DHCPv6 client to send DHCP Option 56 (NTP Server) to the DHCP server to request the address of the NTP server.
Syntax
- 665 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
ipv6 dhcp-client ntp-server opt56
Command Mode Privileged User
Example This example configures the DHCPv6 client to send Option 56.
(config-data)# interface vlan 3 (conf-if-VLAN 3)# ipv6 dhcp-client ntp-server opt56 (conf-if-VLAN 3)# no shutdown (conf-if-VLAN 3)# exit
ipv6 dhcp-client pd
This command configures the DHCPv6 client to request an IPv6 prefix from a DHCPv6 server. This is referred to as prefix delegation.
Syntax ipv6 dhcp-client pd {<Prefix Length>|rapid-commit}
Command <Prefix Length> rapid-commit
Description
Defines the prefix length
Enables the DHCPv6 client to obtain configuration parameters from a server through a rapid two-message exchange (solicit, reply).
Command Mode Privileged User
Example This example enables prefix delegation for a DHCPv6 client through VLAN 3.
(config-data)# interface vlan 3 (conf-if-VLAN 3)# ipv6 dhcp-client pd 10
- 666 -
CHAPTER 76 Layer-2 (LAN) Commands
(conf-if-VLAN 3)# no shutdown (conf-if-VLAN 3)# exit
MSBR | CLI Reference Guide
ipv6 dhcp-client prefix-len-128
This command changes the prefix length of an IPv6 address that has been acquired through DHCP to 128 bit (instead of the default, 64).
Syntax ipv6 dhcp-client prefix-len-128
Default 64 (use the no command)
Note The interface's IP address is acquired via DHCP.
Command Mode Privileged User
Example This example configures a DHCP client on VLAN 6.
(config-data)# interface vlan 6 (conf-if-VLAN 6)# ipv6 dhcp-client prefix-len-128
ipv6 dhcp-client vendor-class enterprise
This command configures the DHCPv6 Option 124, which indicates that the device is manufactured (vendor) by or supports this enterprise's actions.
Syntax ipv6 dhcp-client vendor-class enterprise {<number> <string>|audc|broadband}
Command <Number> <String>
Description Defines the Enterprise Number as registered with IANA,
- 667 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command audc broadband
Description
and the string identifying the enterprise.
Sets AudioCodes Enterprise Number 4923 and string "audiocodes.com".
Sets Broadband (ADSL) forum Enterprise Number 3561 and string "dslforum.org".
Command Mode Privileged User
Example This example configures the DHCP vendor class as that of AudioCodes.
(config-data)# interface vlan 3 (conf-if-VLAN 3)# ipv6 dhcp-client vendor-class audc (conf-if-VLAN 3)# no shutdown (conf-if-VLAN 3)# exit
ipv6 dhcp-client vendor-specific
This command enables the device as a DHCPv6 client to exchange vendor-specific information with the DHCP server, which is done using the DHCP Vendor-Specific Information Option.
Syntax ipv6 dhcp-client vendor-specific
Command Mode Privileged User
Example This example enables the DHCP Vendor-Specific Information Option.
(config-data)# interface vlan 3 (conf-if-VLAN 3)# ipv6 dhcp-client vendor-specific
- 668 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
(conf-if-VLAN 3)# no shutdown (conf-if-VLAN 3)# exit
shutdown
This command disables the specified interface. Use the no form of this command to enable the interface.
Syntax shutdown no shutdown
Default When creating a new interface, it is disabled by default.
Command Mode Privileged User
Example This example enables VLAN 6.
(conf-if-VLAN 6)# no shutdown
mtu
This command configures the Maximum Transmission Unit (MTU) on the specified interface.
Syntax
mtu auto mtu dhcp mtu <mtu value>
Command auto dhcp
Description Sets MTU automatically. Sets MTU by DHCP.
- 669 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command mtu value
Description Sets the MTU value. Range is 68 to 1500.
Default MTU is set to auto (usually 1500).
Command Mode Privileged User
Example This example sets the MTU value to 770 bytes on VLAN 6.
(config-data)# interface vlan 6 (conf-if-VLAN 6)# mtu 770
layer_2_only
This command allows the device's underlying interfaces (e.g., Gigabit Ethernet) using PPPoE to start the establishment of the PPPoE connection after Layer 2 of the underlying interface (e.g., when the cable is connected). This is instead of waiting for the PPPoE process to start after Layer 3 of the underlying interface has established.
Syntax
layer-2-only
Default By default, this is disabled.
Command Mode Privileged User
Example This example enables this feature on the Gigabit Ethernet interface 0/0 using PPPoE:
- 670 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
# configure data (config-data)# interface pppoe 0 (conf-pppoe-0)# underlying gigabitethernet 0/0 ((conf-pppoe-0)# layer-2-only
ip tcp adjust-mss
This command configures the Maximum Segment Size (MSS) on a specific interface.
Syntax ip tcp adjust-mss <mss value>
Command mss value
Description Sets the MSS value. Range is 0- 65535.
Note MSS-value of 0 indicates that no MSS has been set.
Command Mode Privileged User
Example This example configures the tunnel interface.
# configure data (config-data)# interface gre 1 (conf-if-GRE 1)# ip tcp adjust-mss 500
speed
This command configures the speed on the specified switchport interface.
Syntax
speed 10 speed 100 speed auto
- 671 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command 10 100 auto
Description Forces 10 Mbps operation. Forces 100 Mbps operation. Automatically detects switchport speed.
Default Speed is set to auto.
Command Mode Privileged User
Example This example sets the speed to 100 on GigabitEthernet 4/2.
(conf-if-GE 4/2)# speed 100
Switch Port Interface Commands
The following describes Switch Port Interface commands.
switchport mode
This command configures the VLAN Trunking mode.
Syntax switchport mode access switchport mode trunk switchport mode transparent
Command access trunk transparent
Description Sets the port to access mode. Sets the port to trunk mode. Set the port to transparent mode (Q-in-Q)
- 672 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Default Switchport mode is set to trunk.
Command Mode Privileged User
Example This example sets the switchport mode to static access on GigabitEthernet 4/2:
(config-data)# interface gigabitethernet 0/1 (conf-if-GE 0/1)# switchport mode access
switchport access vlan
This command configures the specified switch port interface as a static-access member of a VLAN.
Syntax switchport access vlan <vlan id>
Command <vlan id>
Description Defines a valid VLAN interface ID. Range is 1 to 3999.
Default A single VLAN interface is available (VLAN 1).
Note If the port is in the trunk mode, this command will not alter the switchport mode to `Access'. Instead it will save the value to be applied when the port does switch to Access mode.
Command Mode Privileged User
Related Commands switchport mode
- 673 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Example This example sets the switchport mode to static access and makes the GigabitEthernet interface 4/2 port a member of VLAN 3:
(config-data)# interface gigabitethernet 4/2 (conf-if-GE 4/2)# switchport access vlan 3
switchport trunk allowed vlan
This command is used to configure the VLANs available on the trunk (when the interface is in trunking mode).
Syntax
switchport trunk allowed vlan add <vlan id> switchport trunk allowed vlan remove <vlan id>
Command add remove <vlan id>
Description Adds an entry to the list of allowed VLANs. Removes an entry from the list of allowed VLANs. Specifies a valid VLAN interface ID. Range is 1 to 3999.
Default NA
Note VLAN ID values range from 1 to 3999.
Command Mode Privileged User
Related Commands switchport mode
Example This example adds VLAN 3 to the VLAN trunk defined for GigabitEthernet 4/2:
- 674 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
(conf-if-GE 4/2)# switchport trunk allowed vlan add 3
switchport trunk native vlan
This command sets the native VLAN to the interface when set to Trunking mode.
Syntax switchport trunk native vlan <vlan id>
Command <vlan id>
Description Specifies a valid VLAN interface ID. Range is 1 to 3999.
Default This is set to VLAN 1 (the default VLAN).
Note VLAN ID values range from 1 to 3999. Configure which VLAN the interface uses as its native VLAN when in Trunking mode.
Packets from this VLAN leaving the interface will not be tagged with the VLAN number. Any untagged packets received on the interface are considered to be tagged with VLAN ID.
Command Mode Privileged User
Related Commands switchport mode
Example This example sets the native VLAN on GigabitEthernet 4/2 to 3.
(config-data)# interface gigabitethernet 4/2 (conf-if-GE 4/2)# switchport trunk native vlan 3
- 675 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
network
This command allows selecting whether an interface is logically part of the LAN or part of the WAN. QoS and NAPT functions handle traffic routed from LAN interfaces to WAN interfaces; port forwarding rules (static NAPT) work only on WAN interfaces; and the default firewall policy prevents inbound packets from WAN interfaces unless solicited by an active connection.
Syntax
network {lan|wan}
Command lan wan
Description Define a LAN interface. Define a WAN interface.
Default VLAN interfaces default to LAN; all other interfaces default to WAN.
Command Mode This command is available in interface configuration context.
Example This example defines a LAN interface:
(config-data)# interface atm 0/0 (conf-atm0/0)# network lan
IP Destination Reachability
The following describes IP Destination Reachability commands.
track
This command is used to define a tracking destination to be used by static routes or other configured elements. The configured track is testing the reachability of the defined destination through the defined source interface by sending probe packets to the destination and wait for replies.
- 676 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Syntax
track <track id> {icmpecho | icmp6echo} <destination address> <source interface> <interface ID> [source-ip-interface <interface>] [interval <value>] [retries <value>]
Command
Description
icmpecho
Tracking is done by sending ICMP probes and monitors the replies.
icmpv6echo Tracking is done by sending ICMPv6 probes and monitors the replies
track id
Defines the track identifier to be used by other entities.
track protocol type
Defines the reachability by sending ping packets of either IPv4 or IPv6 (currently only probe type).
destination Defines the ip address of the tracked destination in the format of
address
a.b.c.d for IPv4 and X:X::X:X for IPv6.
source interface
Defines the interface name and ID.
source IP interface
Defines an interface whose IP address is used as the source ip address for the probes.
interval <value>
Defines the option to define interval between probes in seconds Range is 1-3600. (Default value is 5 seconds).
retries <value>
Defines the option to define retries of probes before track state is moved to "down". Range is 0 20. (Default value is 3).
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99]
- 677 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
pppoe pptp vlan loopback bvi
Interface Type (ifname) PPPoE interface ID PPTP ID Vlan ID Loopback ID Bridge interface
Interface ID [1-3] [0-99] [1-3999] [1-5] [1-255]
Default N/A
Command Mode Privileged User
Related Commands show data track brief, ip route
Examples:
This example defines Track ID 5 for destination 10.30.4.5 from interface GigabitEthernet 0/0.
(config-data)# track 5 icmpecho 10.30.4.5 GigabitEthernet 0/0
This example defines Track ID 5 for destination 10.30.4.5 from interface GigabitEthernet 0/0 and source ip address of interface loopback 1.
(config-data)# track 5 IcmpEcho 10.30.4.5 GigabitEthernet 0/0 source-ipinterface loopback 1
Some more examples using this command.
# show data track brief
Track Type
State Max round trip time (m.s)
1 ICMP reachability Up 37
Get the time of up to last 10 Track states:
- 678 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
# show data track 1 history
Track history: New state Date and Time [MM-DD-YYYY@hh:mm:ss]
Up
08-28-2015@18:17:40
Down
08-28-2015@18:25:30
Up
08-28-2015@18:26:2
bfd neighbor This command is used to define a BFD neighbor. To set BFD OSPF timers, see ip ospf bfd on page 829.
Syntax
bfd neighbor <neighbor id> <ip address> <interface ID> interval <value> min_rx <value> multiplier <value> [multihop]
Command
Description
neighbor id
(1-20) Neighbor identifier
ip address Address of the remote BFD device
interface id
Name and number of the outgoing interface
interval
(200-30000) Desired interval for outgoing bfd messages in milliseconds. The interval will be increased if the remote system requires it.
min_rx
(200-30000) Minimal interval between bfd messages in milliseconds. The remote system will use this interval for sending messages in case its interval is lower.
multiplier (1-20) Maximum number of packets that can be missed before the session status is considered down.
multihop
Set the neighbor to multihop mode in case the remote device is not on the local LAN.
Default N/A
Command Mode
- 679 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Privileged User
Related Commands show data bfd neighbors, ip route
Example This example configures a BFD neighbor with ip address 192.168.0.100 on vlan 1
(config-data)# bfd neighbor 1 192.168.0.100 vlan 1 interval 200 min_rx 200 multiplier 3
ip reassembly
This command defragments received fragmented IP packets from an interface and then reassembles the packets before forwarding them. The Wireshark packet analyzer is typically used to identify fragmented frames. This capability is applied per interface and therefore, the CLI command must be set for the relevant IP interface. By default, this capability is disabled per interface.
Syntax
ip reassembly no ip reassembly
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example The following is an example of how this command can be used.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ip reassembly
service tcp keepalives
This command controls the tcp keepalive functionality of newly created sockets.
- 680 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Syntax
service tcp keepalives enable service tcp keepalives interval <interval> service tcp keepalives probe <probe> service tcp keepalives time <time>
Command
Description
enable
Enables the TCP keepalive. The default value is "Disabled".
interval Defines the interval between sub sequential keepalive probes in seconds. The default value is 75 seconds. The range is1-65355.
probe
Defines the number of unacknowledged probes to send before considering the connection inactive and notifying the application layer. The default value is 9 probes. The range is 1-65355.
time
Defines the interval between the last data packet sent and the first keepalive probe. The default value is 7200 seconds. The range is 1-65355.
Note This command is applicable only to data-router functionality. The default values are active only if keep-alive is enabled.
Command Mode Privileged User
Example This example enables tcp keepalives.
(config-data)# service tcp keepalives enable
ip dns randomization
This command supports DNS queries source port and Query ID randomization. The purpose is to prevent DNS spoofing attacks. There are two modes of operation: Forwarding Plan DNS proxy.
- 681 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
In Forwarding Plan mode (where an external DNS server on the MSBR's WAN side is advertised), only the source port will be randomized. In DNS proxy mode (where MSBR itself is configured as DNS server on its LAN side), both DNS Query ID and source port used on the MSBR's WAN side, will be randomized.
Syntax
# ip dns randomization
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example activates the randomization feature on all DNS queries outgoing from the MSBR to the WAN side.
(config-data)# ip dns randomization
Port Monitoring Commands
Port monitoring allows the user to reflect traffic from each Ethernet LAN port to any other single LAN or microprocessor port. Monitoring of traffic is useful when trying to analyze the traffic or when debugging network problems. The device allows monitoring of egress traffic, ingress traffic, or both directions.
port-monitor
This command configures source ports. This is performed after you have chosen your destination port.
Syntax port-monitor <type> <slot/port> <direction>
- 682 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command
Description
Type
Defines the source Interface type FastEthernet/GigabitEthernet.
slot/port Defines the source Interface slot number and port number.
direction Defines the monitoring direction (ingress, egress, or both-direction).
Related Commands port-monitor-save-after-reset
Example This example defines a key to a peer ip.
(conf-if-GE 4/3)# port-monitor GigabitEthernet 4/1 ingress (conf-if-GE 4/3)# port-monitor FastEthernet 5/2 egress (conf-if-GE 4/3)# port-monitor GigabitEthernet 4/4 both-direction
port-monitor-save-after-reset
This command saves your port monitoring (mirroring) configuration (see the port-monitor command in Section port-monitor on the previous page) so that it is maintained even after a device reset.
Syntax
port-monitor-save-after-reset
Related Commands port-monitor
Example This example configures port monitoring and saves the configuration defines a key to a peer ip.
(conf-if-GE 4/3)# port-monitor GigabitEthernet 4/4 both-direction (conf-if-GE 4/3)# exit (config-data)# port-monitor-save-after-reset
- 683 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Spanning Tree Commands
The section below describes Spanning Tree commands.
Spanning Tree General Commands
The sub-section below describes Spanning Tree General commands.
spanning-tree
This command enables / disables the spanning tree in the system.
Syntax spanning-tree no spanning-tree
Command Mode Privileged User
Example This example enables the spanning-tree:
(config data)# spanning-tree
spanning-tree priority
This command sets the priority of the device.
Syntax spanning-tree priority <value>
Command <value>
Description The range is 0 - 61440 in multiples of 4096
Default 32768
- 684 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Note Under configure terminal.
Command Mode Privileged User
Example This example sets the device priority to 4096.
(config data)# spanning-tree priority 4096
spanning-tree hello-time
This command sets the hello_time spanning-tree parameter of the device.
Syntax spanning-tree hello-time <value>
Command <value>
Description The range is 1-10 seconds.
Default 2 seconds
Note Under configure terminal
Command Mode Privileged User
Example This example sets the hello-time to 1 second:
(config data)# spanning-tree hello-time 1
- 685 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
spanning-tree max-age
This command sets the maximum-age spanning-tree parameter of the device.
Syntax spanning-tree max-age <value>
Command <value>
Description The range is 6 - 40 seconds.
Default 20 seconds
Note Under configure terminal (FORWARD_DELAY-1)X2 >= MAX_AGE
Command Mode Privileged User
Example This example sets the max-age to 10:
(config data)# spanning-tree max-age 10
spanning-tree forward-delay
This command sets the forward-delay spanning-tree parameter of the device.
Syntax spanning-tree forward-delay <value>
Command <value>
Description Defines the time set in the range of 4 30 seconds.
- 686 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Default 15 seconds
Note Under configure terminal (FORWARD_DELAY-1)X2 >= MAX_AGE
Command Mode Privileged User
Example To set the device forward-delay to 5:
(config data)# spanning-tree forward-delay 5
Spanning Tree Interface Commands
The sub-section below describes Spanning Tree Interface commands.
spanning-tree
This command enables/disables the spanning tree on a specific interface.
Syntax spanning-tree no spanning-tree
Default NA
Note Under configure terminal
Command Mode Privileged User
- 687 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Examples: To enable the spanning-tree on interface 5/1:
(conf-if-FE 5/1)# spanning-tree To disable the spanning-tree on interface 5/1:
(conf-if-FE 5/1)# no spanning-tree
spanning-tree priority
This command sets the priority of the interface.
Syntax spanning-tree priority <value>
Command <value>
Description Sets the value in the range of 0-240. Must be a multiple of 16.
Default NA
Note Under configure terminal
Command Mode Privileged User
Example This example sets the device priority to 16.
(conf-if-FE 5/1)# spanning-tree priority 16
spanning-tree cost
This command sets the cost of the interface.
- 688 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Syntax spanning-tree cost <value>
Command <value>
Description Defines the value in the range of 1-200,000,000.
Default NA
Note Under configure terminal
Command Mode Privileged User
Example This example sets the unit cost to 10000:
(conf-if-FE 5/1)# spanning-tree cost 10000
spanning-tree edge
This command sets the edge configuration of the interface.
Syntax
spanning-tree edge auto spanning-tree edge enable spanning-tree edge disable
Command auto/enable/disable
Description
Defines the value as: auto: auto detect enable: enable edge disable: disable edge
- 689 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example sets the unit edge to `auto':
(conf-if-FE 5/1)# spanning-tree edge auto
spanning-tree point-to-point
This command sets the point-to-point configuration of the interface.
Syntax
spanning-tree point-to-point auto spanning-tree point-to-point enable spanning-tree point-to-point disable
Command auto/enable/disable
Description
Defines the value as: auto: auto detect enable: enable point-to-point disable: disable point-to-point
Default NA
Note Under configure terminal.
Command Mode Privileged User
- 690 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Example This example sets the unit point-to-point to auto:
(conf-if-FE 5/1)# spanning-tree point-to-point auto
LLDP and LLDP-MED Commands
The Link Layer Discovery Protocol (LLDP) is a Layer-2 protocol that advertises or discovers neighbors on IEEE 802 local area networks. LLDP for Media Endpoint Devices (LLDP-MED) is an extension to LLDP that functions between endpoint devices and network devices.
lldp run
This command enables LLDP on LAN ports.
Syntax lldp run
Default NA
Command Mode Privileged User
Example This example enables LLDP on LAN ports:
(config-data)# lldp run
lldp holdtime
This command sets the aging timeout for LLDP peers.
Syntax lldp holdtime <seconds>
- 691 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command seconds
Description Sets the aging timeout for LLDP peers in seconds.
Default NA
Command Mode Privileged User
Example This example sets the aging timeout for LLDP peers to 10 seconds:
(config-data)# lldp holdtime 10
lldp location
This command sets the device's location.
Syntax
lldp location civic lldp location coordinate lldp location elin <ELIN emergency number> lldp location none
Command location
Description
Use one of the following: civic: Use RFC 4776 civic address coordinate: Use RFC3825 coordinate information elin: Use ELIN emergency number none: No location information
Default NA
Command Mode
- 692 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Privileged User
Example This example enables the use of the RFC 4776 civic address:
(config-data)# lldp location civic
lldp network-policy
This command sets the LLDP network policy.
Syntax lldp network-policy profile <profile number>
Command profile number
Description Defines the profile number (1-4).
Default NA
Command Mode Privileged User
Example This example sets the LLDP network policy profile to 1:
(config-data)# lldp network-policy profile 1
lldp timer
This command sets LLDP transmission interval.
Syntax lldp timer <transmission interval>
- 693 -
CHAPTER 76 Layer-2 (LAN) Commands
MSBR | CLI Reference Guide
Command transmission interval
Description Defines the transmission interval in seconds.
Default NA
Command Mode Privileged User
Example This example sets the LLDP transmission interval to 10 seconds:
(config-data)# lldp timer 10
- 694 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
77 Layer-3 Commands
IPv6 Commands
This version provides support for IPv6 (voice and data-routing functionalities) on the MSBR product series. This support is provided only if the Software License Key installed on the device includes the new Feature Key "IPv6" for enabling IPv6.
ipv6 enable
This command provides support for enabling IPv6 per data-router interface. When the IPv6 feature is included in the Software License Key, IPv6 is disabled per interface, by default. An IPv6-disabled interface will not have global IPv6 addresses enabled, nor will it have link-local addresses. The show data ipv6 route command does not display routes of IPv6 interfaces that are disabled, but the interface is displayed by the show running config command. Configuration of IPv6 addresses can be done at any stage, but will only be active if IPv6 is enabled on the required interface.
Syntax
# ipv6 enable # no ipv6 enable
Note This command is applicable only to data-router functionality. IPv6 support is available only if the installed Software License Key contains the IPv6
Feature Key. This flag does not replace the need of the Feature Key. By default, all data interfaces begin with IPv6 disabled.
Command Mode Privileged User
Example This example enables IPv6.
(config-data)# interface gigabitethernet 0/0 (config-if-GE 0/0)# ipv6 address 2010:18::40:81/640 (config-if-GE 0/0)# ipv6 enable
- 695 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
IPv6 Static Routes Commands
The following describes IPV6 Static Routes commands.
ipv6 route
This command provides support for configuring IPv6 static routes (destination prefix).
Syntax ipv6 route vrf <VRF anme> <IPv6 destination address>/<prefix> <IPv6 gateway address> <interface name> <interface ID> [<metric value>] [track <track ID>] [description <string>]
ipv6 route <IPv6 destination address>/<prefix> [<next hop>] <interface name> <interface ID> [<metric value>] [track <track ID>] [description <string>]
This syntax describes a route that depends also on the source prefix of the packets:
Ipv6 route [vrf <VRF name>] source <IP source prefix>|local-voip destination <IP destination prefix> [<next hop>] <interface type> <interface ID> [<metric value>] [track <track ID>] [output-vrf <name>] [description <string>]
Command VRF Name IPv6 source prefix or local-voip
IPv6 destination prefix next hop metric value
track id
output-vrf
Description Defines the vrf name. Defines the IP source prefix as X:X::X:X/M MSBR in single network mode can also be set with local-voip to define the route source address to all VoIP packets generated locally by the MSBR Defines an IPv6 prfix as X:X::X:X/M.
Defines the next hop for routing Defines the priority (0 - 255) of the route in the routing table. The smaller the value, the higher the priority of the route. Defines the option to make the route dependable on the configured track. (1-100) Defines the outout vrf, for route leaking between vrfs.
- 696 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command description
Description Defines a route description.
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
loopback
Loopback ID
bvi
Bridge interface
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Interface a.b.c.d
Description Defines the IP address.
Note This command is applicable only to data-router functionality. IPv6 support is available only if the installed Software License Key contains the IPv6
Feature Key.
Command Mode Privileged User
Example
- 697 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
This example configures an IPv6 static route.
(config-data)# ipv6 route 2001:10::/64 2050:8:: GigabitEthernet 0/0 1
The IPv6 static route can be displayed using the regular show running-config command or the following new IPv6 command:
# show data ipv6 route [<ipv6-address[prefix]>] [connected] [kernel] [static] [summary]
ipv6 access-list
This command adds an access list entry.
Syntax # ipv6 access-list resequence <ipv6 access-list name> <starting rule number> <step size>
# ipv6 access-list extended <extended IPv6 access-list number>
# ipv6 access-list <access-list ID> {deny|permit} <protocol> <address1> <address2>
# ipv6 access-list <access-list ID> {deny|permit} <protocol> <address1> <address2> <port desc>
# ipv6 access-list <access-list ID> {deny|permit} <protocol> <address1> <address2> <port desc> <postacl>
Command
Description
starting rule number Defines the starting rule number [1-2147483647].
step size
Defines the step size.
protocol
Can be any of the following: tcp udp ah esp gre
- 698 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command address1 address2
port desc
port number extended IPv6 access-list number
Description
icmp igmp ipv6 [0-255] ipv6 protocol number
Can be any of the following: any - any host host single host local A:B:C::D/P - Defines the network IPv6 address and
prefix.
Can be any of the following: any host local A:B:C::D/P - Defines the network IPv6 address and
prefix eq range
Can be any of the following: eq - Defines a single port range - Defines a range of ports dscp - Match by Differentiated Services Code Point
value and mask established - Accept connection log - Log matches stateless - Accept packet
Defines the port number [1-65535].
Defines the extended IPv6 access-list number in number (100-9999) or word format.
- 699 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command postacl
Description
dscp - Match by Differentiated Services Code Point value and mask
established - Accept connection log - Log matches stateless - Accept packet
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example adds an access list entry.
(config-data)# ipv6 access-list extended 100
Acquiring IPv6 Address from DHCPv6 Server
ipv6 address dhcp
This command provides support for configuring the device as a DHCPv6 client to obtain an IPv6 address from a DHCPv6 server, according to RFC 3315. The device as a DHCPv6 client also supports the Rapid Commit option. This option lets the device quickly obtain configuration parameters from the DHCP server through a rapid two-message exchange (solicit, reply), instead of the usual four-message exchange (solicit, advertise, request, reply). Use no ipv6 address to disable this command.
Syntax
# ipv6 address dhcp [rapid-commit] # no ipv6 address
Note This command is applicable only to data-router functionality. The installed Software License Key must contain the IPv6 Feature Key.
- 700 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Rapid Commit must be supported and enabled on the DHCP server as well. The received IPv6 address can be viewed using the show data interfaces <interface>
command.
Command Mode Privileged User
Example This example configures the device as a DHCPv6 client.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 address dhcp
Acquiring IPv6 Address from Router Advertisement
ipv6 address autoconfig
This command provides support for automatically acquiring an IPv6 address using stateless auto-configuration on a specified WAN interface. This is instead of using a DHCPv6 server for acquiring an IPv6 address.
Syntax # ipv6 address autoconfig
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example automatically acquires an IPv6 address.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 address autoconfig
- 701 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
IPv6 Router Advertisement Daemon Commands
This command provides support for the Router Advertisement Daemon for automatic configuration of IPv6 addresses, according to RFC 4861. The IPv6 Router Advertisement (RA) implements link-local advertisements of IPv6 router addresses and IPv6 routing prefixes, using the Neighbor Discovery Protocol (NDP), as specified in RFC 4861. The RA process is used for stateless auto-configuration of network hosts on IPv6 networks.
ipv6 nd managed-config-flag
This command sets the advertised "Managed address configuration" flag, which indicates hosts should use DHCPv6 for address configuration. The no option sets the value to default (0).
Syntax # ipv6 nd managed-config-flag # no ipv6 nd managed-config-flag
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example sets the advertised "Managed address configuration" flag.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 nd managed-config-flag
ipv6 nd other-config-flag
This command sets the advertised "Other configuration" flag (indicating hosts should use DHCPv6 for non-IPv6 address, e.g., NTP address). The no option sets the value to the default (0).
Syntax
- 702 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
# ipv6 nd other-config-flag # no ipv6 nd other-config-flag
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example sets the advertised "Other configuration" flag.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 nd other-config-flag
ipv6 nd ns-interval
This command sets the advertised "Retrans Timer" (interval between retransmitted Neighbor Solicitation messages) value. The no option disables retransmit advertisements.
Syntax # ipv6 nd ns-interval <1000-3600000 msec> # no ipv6 nd ns-interval
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example sets the advertised "Retrans Timer" value.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 nd ns-interval 1000
- 703 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ipv6 nd reachable-time
This command sets the advertised "Reachability time" (time a neighbor is considered reachable after receiving a reachability confirmation) value. The no option sets the value to default (0).
Syntax # ipv6 nd reachable-time <0-3600000 msec> # no ipv6 nd reachable-time
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example sets the advertised "Reachability time" value.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 nd reachable-time 2000
ipv6 nd router-preference
This command sets advertised "Router preference" value. The no option sets the value to default (Medium).
Syntax # ipv6 nd router-preference {High|Low|Medium (default)} # no ipv6 nd router-preference
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
- 704 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example This example sets the advertised "Router preference" value.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 nd router-preference High
ipv6 nd ra
The no version of this command removes the RA parameters from the database.
Syntax # no ipv6 nd ra
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example removes the RA parameters from the database.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# no ipv6 nd ra
ipv6 nd ra suppress
This command suppresses IPv6 Router Advertisements. The no version of this command enables IPv6 Router Advertisements.
Syntax # ipv6 nd ra suppress # no ipv6 nd ra suppress
Note This command is applicable only to data-router functionality.
- 705 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example suppresses IPv6 Router Advertisements.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 nd ra suppress
ipv6 nd ra lifetime
This command sets the advertised "Router Lifetime" value.
Syntax # ipv6 nd ra lifetime <0-9000 sec (default 1800)>
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example sets the advertised "Router Lifetime" value.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 nd ra lifetime 5000
ipv6 nd ra interval
This command sets the IPv6 Router Advertisement minimum / maximum interval.
Syntax # ipv6 nd ra interval <4-1800 sec> # ipv6 nd ra interval <4-1800 sec> <[3-(0.75*MaxRAInterval) sec]>
- 706 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Note This command is applicable only to data-router functionality. The minimum interval is set to 0.33 x maximum interval.
Command Mode Privileged User
Example This example sets the IPv6 Router Advertisement maximum interval..
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 nd ra interval 180
ipv6 nd prefix
This command sets the IPv6 prefix. Use the no form of this command to remove the prefix from database.
Syntax # ipv6 nd prefix <prefix> <valid lifetime> <preferred lifetime> <no-advertise> <onlink|off-link> <no-autoconfig|autonomous>
# no ipv6 nd prefix
Command <prefix>
<valid lifetime>
<preferred lifetime>
<off-link>
<noautoconfig>
Description Configures the IPv6 Routing Prefix Advertisement The valid range is 0-4294967295 seconds (default 86400). It can have the symbolic value of `infinity'. The valid range is 0-4294967295 seconds (default 14400). It can have the symbolic value of `infinity'. Do not use prefix for on-link determination Do not use prefix for auto-configuration
Note
- 707 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
This command is applicable only to data-router functionality. The IPv6 prefix must be /64. The off-link and no-autoconfig parameters can appear in any combination. Both
parameters can have the symbolic `infinity' value.
Command Mode Privileged User
Example This example sets the IPv6 prefix.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 nd prefix 8/64 10000 50000 on-link autonomous
ipv6 nd prefix <X:X::X:X> no-advertise
This command saves this prefix, but does not advertise it. The no option means the device advertises the prefix (default):
Syntax
# ipv6 nd prefix <X:X::X:X> no-advertise # no ipv6 nd prefix
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example saves the IPv6 prefix but does not advertise it.
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# ipv6 nd prefix 0:1::2:5 no advertise
- 708 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ipv6 dhcp-server dns-server <X:X::X:X>
This command configures the DNS server IPv6 address that is sent using the DHCP protocol to workstations on the LAN. If instead of an address the :: is used, the MSBR sends its own LAN address as the DNS server.
Syntax # ipv6 dhcp-server dns-server <X:X::X:X>
Note This command is only applicable to MSBR devices.
Command Mode Privileged User
Example: The following example saves the IPv6 prefix but does not advertise it.
(config-data)# interface vlan 1 (conf-if-GE 0/0)# ipv6 dhcp-server dns-server 2001::1
interface
This command enters the WAN interface that is connected to the WAN. The DHCPv6 client's default behavior is to set a default route through the interface running the client and connected to DHCPv6 server. However, that behavior can be overridden by the following CLI commands:
Syntax # interface <WAN interface>
Command Mode Privileged User
Example
- 709 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
In this example, a host is connected to the LAN interface of MSBR on VLAN 1 and the autocreated default route is cancelled.
MSBR# configure data MSBR(config-data)# interface vlan 1 MSBR(conf-if-VLAN 1)# no ipv6 nd autoconfig default-route
QoS Commands
The QoS Configuration commands include the following:
bandwidth (queue)
This command sets the maximum bandwidth of a queue.
Syntax
bandwidth <minimum bandwidth in kbps> bandwidth <minimum bandwidth in kbps> <maximum bandwidth in kbps> bandwidth percent <minimum bandwidth in percent> bandwidth percent <minimum bandwidth in percent> <maximum bandwidth in percent>
Command
minimum bandwidth in kbps
maximum bandwidth in kbps
minimum bandwidth in percent
maximum bandwidth in percent
Description
Defines the minimum bandwidth of the queue in kbps.
Defines the maximum bandwidth of the queue in kbps.
Defines the minimum bandwidth of the queue in percent (0-100).
Defines the maximum bandwidth of the queue in percent (0-100).
Default NA
Command Mode Privileged User
- 710 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example This example configures the wan output service map default queue minimum bandwidth to 60 percent of bandwidth and maximum bandwidth to 80 percent of bandwidth.
(conf-s-map-q)# bandwidth percent 60 80
bandwidth (service-map)
This command sets the maximum bandwidth of a service-map.
Syntax
bandwidth <bandwidth in kbps> bandwidth unlimited bandwidth automatic
Command
Description
< bandwidth in kbps > Defines the maximum bandwidth of the service-map.
unlimited
Defines the bandwidth is unlimited.
automatic
Defines the bandwidth is set automatically.
Default NA
Command Mode Privileged User
Example This example configures the wan output service map maximum bandwidth to 100000 kbps.
(conf-s-map)# bandwidth 100000
qos match-map
This command enters a specific match-map configuration. Use the no form of this command to delete a specific match-map.
- 711 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax
qos match-map input <match-map name> qos match-map output <match-map name> qos match-map input <match-map name> <interface type> <interface ID> qos match-map output <match-map name> <interface type> <interface ID>
Command match-map name interface name
Description Defines the name of the match map to configure Defines the interface naming on the interface command. If not chosen, match-map will apply to all interfaces.
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
loopback
Loopback ID
bvi
Bridge interface
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default NA
Command Mode Privileged User
- 712 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example This example enters a specific match-map input configuration that will apply to all interfaces.
(config data)# qos match-map input sip_incoming
This example enters a specific match-map input configuration that will apply only to the vlan 7 interface.
(config-data)# qos match-map output sip_outgoing vlan 7
match priority
This command defines the priority to match on the specified match-map. Use the no form of this command to remove a match priority.
Syntax match priority <priority value>
Command priority value
Description Defines a priority value to match (0-7).
Default NA
Command Mode Privileged User
Example This example configures the priority 5 match-map to match traffic with priority value 5.
# configure data (config-data)# qos match-map input qqq (conf-m-map)# match priority 5
- 713 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
match precedence
This command defines the precedence to match on the specified match-map. Use the no form of this command to remove a match precedence.
Syntax
match precedence routine match precedence priority match precedence network match precedence internet match precedence immediate match precedence flash-override match precedence flash match precedence critical match precedence <precedence value>
Command
Description
routine
Matches packets with routine precedence (0).
priority
Matches packets with priority precedence (1).
network
Matches packets with network control precedence (7).
internet
Matches packets with internetwork control precedence (6).
immediate
Matches packets with immediate precedence (2).
flash-override
Matches packets with flash override precedence (4).
flash
Matches packets with flash precedence (3).
critical
Matches packets with critical precedence (5).
<precedence value> Defines the precedence value (0-7).
Default NA
Command Mode Privileged User
Examples:
- 714 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
This example configures the precedence match-map to match traffic with flash precedence (3): (conf-m-map)# match precedence flash
match length packet
This command defines the packet length to match on the specified match-map. Use the no form of this command to remove a match packet length.
Syntax match length packet <min packet length> <max packet length>
Command min packet length max packet length
Description Defines the minimum packet length in bytes to match. Defines the maximum packet length in bytes to match.
Default NA
Command Mode Privileged User
Examples: This example configures the match-map to match traffic with packet length between 40 to 150 bytes.
(conf-m-map)# match length packet 40 150
match length data
This command defines the data length to match on the specified match-map. Use the no form of this command to remove a match data length.
Syntax match length data <min data length> <max data length>
- 715 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command min data length max data length
Description Defines the minimum data length in bytes to match. Defines the maximum data length in bytes to match.
Default NA
Command Mode Privileged User
Examples: This example configures the match-map to match traffic with data length between 40 to 150 bytes.
(conf-m-map)# match length data 40 150
match dscp
This command defines the dscp to match on the specified match-map. Use the no form of this command to remove a match dscp.
Syntax
match dscp ef match dscp default match dscp cs7 match dscp cs6 match dscp cs5 match dscp cs4 match dscp cs3 match dscp cs2 match dscp cs1 match dscp af43 match dscp af42 match dscp af41 match dscp af33 match dscp af32 match dscp af31 match dscp af23
- 716 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
match dscp af22 match dscp af21 match dscp af13 match dscp af12 match dscp af11 match dscp <dscp value>
Command ef default cs7 cs6 cs5 cs4 cs3 cs2 cs1 af43 af42 af41 af33 af32 af31 af23 af22 af21 af13 af12
Description Matches packets with EF dscp (101110) Matches packets with default dscp (000000) Matches packets with CS7(precedence 7) dscp (111000) Matches packets with CS6(precedence 6) dscp (110000) Matches packets with CS5(precedence 5) dscp (101000) Matches packets with CS4(precedence 4) dscp (100000) Matches packets with CS3(precedence 3) dscp (011000) Matches packets with CS2(precedence 2) dscp (010000) Matches packets with CS1(precedence 1) dscp (001000) Matches packets with AF43 dscp (100110) Matches packets with AF42 dscp (100100) Matches packets with AF41 dscp (100010) Matches packets with AF33 dscp (011110) Matches packets with AF32 dscp (011100) Matches packets with AF31 dscp (011010) Matches packets with AF23 dscp (010110) Matches packets with AF22 dscp (010100) Matches packets with AF21 dscp (010010) Matches packets with AF13 dscp (001110) Matches packets with AF12 dscp (001100)
- 717 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command af11 dscp value
Description Matches packets with AF11 dscp (001010) Defines the differentiated services codepoint value (0-63).
Default NA
Command Mode Privileged User
Example This example configures the dscp match-map to match traffic with AF31 dscp (011010).
(conf-m-map)# match dscp af31
match any
This command configures the specified match-map to match any packet.
Syntax match any
Default NA
Command Mode Privileged User
Example This example configures the match-map to match any packet.
(conf-m-map)# match any
- 718 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
match access-list
This command defines the access-list to match on the specified match-map. Use the no form of this command to remove a match access list.
Syntax match access-list <access-list name>
Command
< access-list >
Description
Defines the name of the access-list this match-map should match.
Default NA
Command Mode Privileged User
Example This example configures the sip_incoming match-map to match traffic from access-list acl_sip.
(conf-m-map)# match access-list acl_sip
set queue
This command defines the queue to set on the specified match-map. Use the no form of this command to remove a set queue.
Syntax set queue <queue name>
Command
queue name
Description
Defines the queue name that all traffic that matches this match-map belongs to.
Default
- 719 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
NA
Command Mode Privileged User
Example This example configures the sip_incoming match-map to belong to the sip_queue queue.
# configure data (config-data)# qos match-map input mmap3 (conf-m-map)# set queue sip_queue
qos service-map
This command enters a specific service-map configuration.
Syntax
qos service-map lan input qos service-map lan output qos service-map gigabitethernet <slot/port> {input|output} qos service-map atm <slot/port> {input|output} qos service-map cellular <slot/port> {input|output} qos service-map efm <slot/port> {input|output} qos service-map serial <slot/port> {input|output} qos service-map multilink <1-255> {input|output} qos service-map fiber <slot/port> {input|output}
Command input output slot/port
Description Defines inbound traffic Defines outgoing traffic Defines the interface slot and port
Default NA
Command Mode Privileged User
- 720 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example This example enters a LAN output service map.
(config-data)# qos service-map lan output
qos priority-retain
This command, when enabled, does not adjust 802.1p priority bits per the DSCP values.
Syntax qos priority-retain
Default NA
Command Mode Privileged User
Example This example does not adjust 802.1p priority bits per the DSCP values.
(config-data)# qos priority-retain
set precedence
This command defines the precedence to set on the specified match-map. Use the no form of this command to remove a set precedence.
Syntax set precedence routine set precedence priority set precedence network set precedence internet set precedence immediate set precedence flash-override set precedence flash
- 721 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
set precedence critical set precedence <precedence value>
Command
Description
routine
Matches packets with routine precedence (0).
priority
Matches packets with priority precedence (1).
network
Matches packets with network control precedence (7).
internet
Matches packets with internetwork control precedence (6).
immediate
Matches packets with immediate precedence (2).
flash-override
Matches packets with flash override precedence (4).
flash
Matches packets with flash precedence (3).
critical
Matches packets with critical precedence (5).
precedence value Defines the Precedence value (0-7).
Default NA
Command Mode Privileged User
Examples: This example configures the precedence match-map to set traffic that matches this match-map to the flash precedence (3):
# configure data (config-data)# qos match-map input mmap2 (conf-m-map)# set precedence flash
set dscp
This command defines the dscp to set on the specified match-map. Use the no form of this command to remove a set dscp.
Syntax
- 722 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
set dscp ef set dscp default set dscp cs7 set dscp cs6 set dscp cs5 set dscp cs4 set dscp cs3 set dscp cs2 set dscp cs1 set dscp af43 set dscp af42 set dscp af41 set dscp af33 set dscp af32 set dscp af31 set dscp af23 set dscp af22 set dscp af21 set dscp af13 set dscp af12 set dscp af11 set dscp <dscp value>
Command ef default cs7 cs6 cs5 cs4 cs3 cs2 cs1 af43 af42
Description Matches packets with EF dscp (101110). Matches packets with default dscp (000000). Matches packets with CS7(precedence 7) dscp (111000). Matches packets with CS6(precedence 6) dscp (110000). Matches packets with CS5(precedence 5) dscp (101000). Matches packets with CS4(precedence 4) dscp (100000). Matches packets with CS3(precedence 3) dscp (011000). Matches packets with CS2(precedence 2) dscp (010000). Matches packets with CS1(precedence 1) dscp (001000). Matches packets with AF43 dscp (100110). Matches packets with AF42 dscp (100100).
- 723 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command af41 af33 af32 af31 af23 af22 af21 af13 af12 af11 < dscp value>
Description Matches packets with AF41 dscp (100010). Matches packets with AF33 dscp (011110). Matches packets with AF32 dscp (011100). Matches packets with AF31 dscp (011010). Matches packets with AF23 dscp (010110). Matches packets with AF22 dscp (010100). Matches packets with AF21 dscp (010010). Matches packets with AF13 dscp (001110). Matches packets with AF12 dscp (001100). Matches packets with AF11 dscp (001100). Defines the differentiated services codepoint value (0-63).
Default NA
Command Mode Privileged User
Example This example configures the dscp match-map to set traffic that matches this match-map to the AF31 dscp (011010):
# configure data (config-data)# qos match-map input mmap2 (conf-m-map)# set dscp af31
set priority
This command defines the priority to set on the specified match-map. Use the no form of this command to remove a set priority.
- 724 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax set priority <priority value>
Command < priority value>
Description Defines the priority value. The range is between 0-7.
Default NA
Command Mode Privileged User
Example This example configures the match-map priority value to 5.
# configure data (config-data)# qos match-map input mmap3 (conf-m-map)# set priority 5
policy
This command defines the policy of the specified queue.
Syntax
policy fairness policy fifo policy random-detect policy strict-priority
Command
Description
fairness
Defines that the queue is configured with fairness policy.
fifo
Defines that the queue is configured with first in first out policy.
random-detect Defines that the queue is configured with random early detection policy.
- 725 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command
strictpriority
Description
Defines that the queue is configured with strict scheduling priority policy.
Default NA
Command Mode Privileged User
Example This example configures the wan output service map policy to fifo.
(conf-s-map-q)# policy fifo
priority
This command defines the priority to set on the specified queue.
Syntax priority <priority value>
Command priority value
Description Defines the priority value in the range of 0 to 7.
Default NA
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example
- 726 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
This example configures the wan output service map priority to 4. (conf-s-map-q)# priority 4
queue
This command enters a specific queue configuration. Use the no form of this command to delete a specific queue.
Syntax
queue <queue name> queue default
Command queue name default
Description Defines the name of the queue to configure. Defines the behavior of traffic when it doesn't match any queue.
Default NA
Command Mode Privileged User
Example This example enters a wan output service map queue called sip_wan_outgoing configuration menu.
(conf-s-map)# queue sip_wan_outgoing
This example enters a lan output service map default queue configuration menu.
(conf-s-map)# queue default
priority
This command provides support for scenarios where the device is used as a bridging device (Layer 2) and IEEE 802.1p priority marking for the bridged traffic is required. When this is used,
- 727 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
outgoing packets belonging to a specified VLAN interface are marked with the configured priority value.
Syntax priority <priority level>
Command
priority level
Description
Defines the priority level which can be any value from 0 (lowest) through 7 (highest).
Default NA
Command Mode Privileged User
Example This example sets the priority level to "7".
(config-data)# interface vlan 1 (conf-if-VLAN 1)# priority 7
Data Routing Commands
Each routing protocol is available only if it is included in the Feature key supplied with the system.
Border Gateway Protocol (BGP) is the main routing protocol of the Internet. It is used to distribute routing information among Autonomous Systems. (For more information, refer to the protocol's RFC at http://www.ietf.org/rfc/rfc1771.txt).
Open Shortest Path First Protocol (OSPF) is an Interior Gateway Protocol (IGP) used to distribute routing information within a single Autonomous System. (For more information, refer to the protocol's RFC at http://www.ietf.org/rfc/rfc2328.txt.)
The feature's routing engine is based on the Quagga GNU routing software package. By using the BGP and OSPF protocols, this routing engine enables the device to exchange routing information with other routers within and outside an Autonomous System.
- 728 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Static Routing Commands
Static Routing occurs when the router uses pre-defined, user-configured routing entries to forward traffic. Static routes are usually manually configured by the network administrator and added to the routing table. A common use of static routes is for providing an instruction on how to forward traffic when no other route exists. Static routes have a much lower administrative distance in the system than the dynamic routing protocols, and in most scenarios are prioritized over the dynamic routes.
ip route ip address
This command configures routing rules.
Syntax
ip route <ip address> <ip destination mask> [next-hop ip address] <interface> <interface ID> [<metric value>] [track <track id>] [bfd-neighbor <neighbor ID>] [output-vrf <vrf_id>] [description <string>]
Command ip address ip destination mask interface metric next-hop track output-vrf
bfd-neighbor desciption
Description Defines IP Destination prefix in the format of a.b.c.d. Defines the IP Destination prefix mask.
Defines source interface name and id. Defines the metric (priority) value for this route (0-255). Defines the next hop for routing Defines the track to be used for this route. Defines the output vrf name for route leaking between vrfs. Defines the ID of a BFD neighbor to attach the route to. Define a description name for this route
- 729 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
loopback
Loopback ID
bvi
Bridge interface
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default NA
Command Mode Privileged User
Example This example adds a route to 10.20.0.0/16 through gateway 10.10.0.1 and interface vlan 1:
(config-data)# ip route 10.20.0.0 255.255.0.0 10.10.0.1 vlan 1 This example adds a track dependent route:
(config-data)# ip route 10.30.5.0 255.255.255.0 10.8.0.1 vlan 4 track 2
ip route source
This command configures source-based routing to specific destinations. Source-based routing can include VLANs.
- 730 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax
ip route source < IP source prefix>|local-voip destination <IP source prefix> [nexthop ip address] <interface> <interface id> [<metric value>] [track <track id>] [bfdneighbor <neighbor ID>] [output-vrf <vrf_id>] [description <string>]
Command IP source prefix local-voip
IP source prefix next-hop metric value track id output-vrf bfdneighbor desciption
Description Defines the IP source prefix (a.b.c.d/p). MSBR in single network mode can also be set with local-voip to define the route source address to all VoIP packets generated locally by the MSBR Defines the ip destination prefix (a.b.c.d/p)
Defines the next hop for routing Defines the metric (priority) value for this route (0-255).
Defines the track ID (1-100). Defines the output vrf name for route leaking between vrfs. Defines the ID of a BFD neighbor to attach the route to.
Define a description name for this route
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3]
- 731 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
pptp vlan loopback bvi
Interface Type (ifname) PPTP ID Vlan ID Loopback ID Bridge interface
Interface ID [0-99] [1-3999] [1-5] [1-255]
Default NA
Note This command is applicable to Mediant MSBR devices.
Command Mode Privileged User
Example The following are examples of how this command can be used:
(config-data) # ip route source 10.3.0.0/16 destination 0.0.0.0/0 10.4.5.0 gre 18 track 10
ip redirects
This command enables Internet Control Message Protocol (ICMP) Redirect messages configuration.
Syntax
ip redirects send ip redirects receive
Command receive send
Description Enables receiving ICMP Redirect messages. Enables sending ICMP Redirect messages.
- 732 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example enables the receiving of ICMP Redirect messages:
(config-data)# ip redirects receive
ip port-triggering
This command enables the tftp and l2tp port-triggering.
Syntax ip port-triggering {l2tp|tftp}
Command l2tp tftp
Description Enables l2tp port-triggering. Enables tftp port-triggering.
Default NA
Command Mode Privileged User
Example This example enables l2tp port-triggering:
(config-data)# ip port-triggering l2tp
- 733 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ip port-map
This command enables Application-Level Gateway (ALG) configuration commands.
Syntax
ip port-map sip disable ip port-map sip <start_dest_port> [end_dest_port] ip port-map rtsp disable ip port-map rtsp <start_dest_port> [end_dest_port] ip port-map pptp disable ip port-map pptp <start_dest_port> [end_dest_port] ip port-map msn disable ip port-map msn <start_dest_port> [end_dest_port] ip port-map mgcp disable ip port-map mgcp <start_dest_port> [end_dest_port] ip port-map l2tp disable ip port-map l2tp <start_dest_port> [end_dest_port] ip port-map ike disable ip port-map ike <start_dest_port> [end_dest_port] ip port-map h323_ras disable ip port-map h323_ras <start_dest_port> [end_dest_port] ip port-map h323_cs disable ip port-map h323_cs <start_dest_port> [end_dest_port] ip port-map ftp disable ip port-map ftp <start_dest_port> [end_dest_port] ip port-map dns disable ip port-map dns <start_dest_port> [end_dest_port] ip port-map dhcpv6 disable ip port-map dhcp disable ip port-map aim disable ip port-map aim <start_dest_port> [end_dest_port]
Command start_dest_port end_dest_port
Description Defines the Destination Port (1-65535). Defines the End Destination Port (1-65535).
Default NA
Command Mode
- 734 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Privileged User
Example The following is an example of how this command is used:
(config-data)# ip port-map sip 1000 1200
Dynamic Routing Commands
The following commands relate to Dynamic Routing.
router bgp vrf
This command enables a BGP protocol process with the specified asn.
Syntax router bgp [vrf <VRF name>] <AS Number> [view <view name>] no router bgp asn
Command VRF name AS number View name
Description Defines the VRF name. Defines the Autonomous System number (1 - 65355). Defines the viewname.
Default NA
Command Mode Privileged User
Example This example enables the BGP protocol process with the specified ASnumber.
(config data)# router bgp vrf qwsa 100 view vname
- 735 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ip as-path
This command defines a new as-path access list.
Syntax ip as-path [vrf <VRF name>] access-list word {permit|deny} line ip as-path access-list word {permit|deny}line
no ip as-path access-list word no ip as-path access-list word {permit|deny}line
Command VRF name word permit deny line
Description Defines the VRF name. Defines the regular expression access list name. Specifies packets to forward. Specifies packets to reject. Defines regular expression to match the BGP as-path.
Default NA
Command Mode Privileged User
Example This example defines a new as-path access list.
(config data) # ip as-path access-list acc_list1 permit line 1
ip community-list
This command adds a community list entry.
Syntax
- 736 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ip community-list [vrf <VRF name>] <community list number standard> {permit|deny} [AA:NN] ip community-list <community list number expanded> {permit|deny} line ip community-list expanded name {permit|deny} line ip community-list standard name {permit|deny} [AA:NN] no ip community-list community-option
Command VRF name community list number standard community list number expanded expanded standard name line permit deny
Description Defines the VRF name. Defines community list number standard [199] Defines community list number expanded [100-500] Adds an expanded community list entry. Adds a standard community list entry. Defines a community list name. Defines an ordered list as a regular expression. Specifies a community to accept. Specifies a community to reject.
Default NA
Command Mode Privileged User
Example This example adds a community list entry.
(config data) # ip community-list standard comm1 permit
ip extcommunity-list standard
This command defines a new standard extcommunity-list.
- 737 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax
ip extcommunity-list standard name {permit|deny} [AA:NN][AA:NN] [AA:NN] [AA:NN] no ip extcommunity-list name no ip extcommunity-list standard name
Command
Description
VRF name
Defines the VRF table name.
name
Defines a community list name.
permit Specifies a community to accept.
deny
Specifies a community to reject.
AA:NN
Defines the extended community attribute in 'rt aa:nn_or_IPaddr:nn' OR 'soo aa:nn_or_IPaddr:nn' format.
Default NA
Command Mode Privileged User
Example This example defines a new standard extcommunity-list.
(config data) ip extcommunity-list standard comm1 permit
ip extcommunity-list vrf
This command defines a new standard extcommunity-list, associated with a defined VRF. To delete the extended community list, use the no form of this command.
Syntax
- 738 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ip extcommunity-list vrf <VRF name> <standard list number> {permit|deny} [AA:NN]
ip extcommunity-list vrf <VRF name> standard <extended list name> {permit|deny} [AA:NN][AA:NN][AA:NN][AA:NN]
ip extcommunity-list vrf <VRF name> <expanded list number> {permit|deny} [line]
ip extcommunity-list vrf <VRF name> expanded <extended list name> {permit|deny} [line]
no ip extcommunity-list <VRF name> <standard list number> {permit|deny} [AA:NN]
no ip extcommunity-list <VRF name> <extended list name> {permit|deny} [line]
no ip extcommunity-list <VRF name> expanded <extended list name> {permit|deny} [line]
no ip extcommunity-list <VRF name> standard <extended list name> {permit|deny} [AA:NN]
Command VRF name
name
standard list number
expanded list number
extended list name
permit
deny
AA:NN
Description Defines the VRF table name. Defines a community list name. Defines a standard list number from 1 to 99 that identifies one or more permit or deny groups of extended communities.
Defines an expanded list number from 100 to 500 that identifies one or more permit or deny groups of extended communities.
Defines Extended Community list name.
Specifies a community to accept. Specifies a community to reject. Defines the extended community attribute in 'rt aa:nn_or_IPaddr:nn' OR 'soo aa:nn_or_IPaddr:nn' format.
- 739 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command line
Description Defines an ordered list as a regular-expression.
Default NA
Command Mode Privileged User
Example This example defines a new standard extcommunity-list.
(config data) ip extcommunity-list vrf VRF_list1 18 permit 2
ip extcommunity-list expanded
This command defines a new expanded extcommunity-list.
Syntax
ip extcommunity-list expanded name {permit|deny} line ip extcommunity-list number-range-1 {permit|deny} line ip extcommunity-list number-range-2 {permit|deny} line ip extcommunity-list number-range-1 {permit|deny} [AA:NN][AA:NN] [AA:NN] [AA:NN] no ip extcommunity-list expanded name
Command name permit deny line numberrange-1
Description Defines a community list name. Specifies a community to accept. Specifies a community to reject. Defines a string expression of extended communities attribute. Defines a community number in AA:NN format or internet|local-AS, noadvertise, no-export - (1 - 99)
- 740 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command numberrange-2
AA:NN
Description
Defines a community number in AA:NN format or internet|local-AS, noadvertise, no-export - (100 - 500)
Defines the extended community attribute in 'rt aa:nn_or_IPaddr:nn' OR 'soo aa:nn_or_IPaddr:nn' format.
Default NA
Command Mode Privileged User
Example This example defines a new expanded extcommunity-list.
(config data) # ip extcommunity-list expanded commname permit
ip pim
This command configures Protocol Independent Multicast (PIM).
Syntax Sets static RP address for router, should be configured on all related PIM routers.
ip pim rp-address <ip> group <Multicast group prefix>
Sets router to be a candidate RP, chosen by priority. Sets router to be a candidate RP, Advertising Interval in seconds. When the interface is used, the RP candidate will be set to interface IP.
ip pim rp-candidate {IP|Interface} priority <0-255> time <0-3600>
Sets router to be a BSR candidate, chosen by priority when Interface is used the BSR candidate will be set to interface IP.
ip pim bsr-candidate {IP|Interface} priority <0-255>
- 741 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Sets threshold for moving to shortest path tree between the multicast server and the client.
infinity - Never switch to shortest path
packets Move to shortest path tree when number of packets threshold was crossed during the specified interval
rate - Move to shortest path tree when packet rate threshold was crossed during the specified interval
ip pim spt-threshold infinity OR ip pim spt-threshold packets <number of packets> interval <sec> OR ip pim spt-threshold rate <kpps> interval <sec>
Default NA
Command Mode Privileged User
Example This is an example of how this command can be used.
(config data) ip pim rp-address 10.12.15.91 group 100.1012.15
ip prefix-list
This command configures the IPv4 prefix-based filtering mechanism.
Syntax ip prefix-list <prefix list name> {permit|deny} [a.b.c.d/m|any] ip prefix-list <prefix list name> description ip prefix-list <prefix list name> seq <seqnumber> [permit|deny] [a.b.c.d/m|any] ip prefix-list <prefix list name> [vrf <VRF name>] [seq <prefix-list seq number>] {permit|deny}<prefix to filter> [le <len>] [ge <len>] no ip prefix-list <name>
- 742 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command
Description
a.b.c.d/m
Defines the IP prefix network/length.
any
Defines any prefix match.
description Defines up to 80 characters describing this prefix-list.
VRF name
Defines the vrf name.
prefix list Defines the name of a prefix list. name
seqnumber
Defines the sequence number. Range is [1-4294967295].
deny
Specifies the packets to reject.
permit
Specifies the packets to accept.
le <len>
The prefix list is applied if the prefix length is less than or equal to the le prefix length. Not used if "prefix to filter" is set to "any" (0-32).
ge <len>
The prefix list is applied if the prefix length is greater than or equal to the ge prefix length. Not used if "prefix to filter" is set to "any"(0-32).
Default NA
Command Mode Privileged User
Example This example configures prefix-based filtering mechanism
(config-data)# ip prefix-list iplist permit any
ipv6 prefix-list
This command configures the IPv6 prefix-based filtering mechanism.
Syntax
- 743 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ipv6 prefix-list <prefix list name> {deny|permit} [X:X::X:X/M] [le <maximum prefix length> ] [ge <minimum prefix length>]
ipv6 prefix-list <prefix list name> {deny|permit} any
ipv6 prefix-list <prefix list name> description <description field>
ipv6 prefix-list <prefix list name> seq <seqnumber> {deny|permit} [X:X::X:X/M] [le <maximum prefix length> ] [ge <minimum prefix length>]
ipv6 prefix-list <prefix list name> seq <seqnumber> {deny|permit}any
ipv6 prefix-list <prefix list name> vrf <VRF table name> {deny|permit} [X:X::X:X/M] [le <maximum prefix length> ] [ge <minimum prefix length>]
ipv6 prefix-list <prefix list name> vrf <VRF table name> {deny|permit} any
ipv6 prefix-list <prefix list name> vrf <VRF table name> description <description field>
ipv6 prefix-list <prefix list name> vrf <VRF table name> [seq <prefix-list seq number>] {deny|permit} [X:X::X:X/M] [le <maximum prefix length>] [ge <minimum prefix length>]
ipv6 prefix-list <prefix list name> vrf <VRF table name> [seq <prefix-list seq number>] {deny|permit} any
ipv6 prefix-list sequence-number [vrf <VRF table name>]
Command
Description
a.b.c.d/m
Defines the IP prefix network/length.
any
Defines any prefix match.
description Defines up to 80 characters describing this prefix-list.
VRF name
Defines the vrf name.
prefix list Defines the name of a prefix list. name
seqnumber
Defines the sequence number. Range is [1-4294967295].
deny
Specifies the packets to reject.
- 744 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command permit le <len>
ge <len>
Description
Specifies the packets to accept.
The prefix list is applied if the prefix length is less than or equal to the le prefix length. Not used if "prefix to filter" is set to "any".
The prefix list is applied if the prefix length is greater than or equal to the ge prefix length. Not used if "prefix to filter" is set to "any".
Default NA
Command Mode Privileged User
Example This example configures prefix-based filtering mechanism
(config-data)# ip prefix-list iplist permit any
key chain
This command configures the key string for RIPv2 authentication
Syntax key chain <name> [vrf <VRF name>] no router <name>
Command VRF name key chain name
Description Defines the vrf name. Defines the key chain name.
Default NA
Command Mode
- 745 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Privileged User
Example This example configures the key string for RIPv2 authentication.
(config-data)# key chain kcname
router-id
This command specifies the router ID (as an IP address)
Syntax router-id <a.b.c.d> [vrf <vrf name>] no ip router-id
Command a.b.c.d VRF name
Description Defines the local IP address Defines the vrf name (up to 64 bytes).
Default NA
Command Mode Privileged User
Example This example specifies the router ID as an IP address.
(config-data)# router-id 10.15.4.12
aggregate-address
This command specifies an aggregate address for both IPv4 and IPV6.
Syntax
- 746 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
aggregate-address a.b.c.d/M aggregate-address a.b.c.d/m summary-only aggregate-address a.b.c.d/m summary-only as-set aggregate-address a.b.c.d/m as-set aggregate-address a.b.c.d/m as-set summary-only aggregate-address a.b.c.d a.b.c.d aggregate-address a.b.c.d a.b.c.d summary-only aggregate-address a.b.c.d a.b.c.d summary-only as-set aggregate-address a.b.c.d a.b.c.d as-set aggregate-address a.b.c.d a.b.c.d as-set summary-only aggregate-address x:x::x:x/m
Command a.b.c.d a.b.c.d/m x:x::x:x/m as-set summary-only
Description Defines an IPv4 IP address or subnet mask. Defines an IPv4 IP address/network prefix. Defines an IPv6 aggregate address. Resulting routes include As Set. Defines aggregated routes are not announced.
Default NA
Command Mode Privileged User
Example This example specifies an aggregate address.
# configure data (config-data)# router bgp 1 (conf-router)# aggregate-address 10.21.3.150 255.255.0.0
redistribute kernel
This command redistributes the kernel route to the BGP process.
Syntax
- 747 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
redistribute kernel
Default NA
Command Mode Privileged User
Example This example redistributes the kernel route to the BGP process.
(config-data)# router bgp 1 (conf-router)# redistribute kernel
bgp scan-time
This command configures the background scanner interval.
Syntax bgp scan-time <scanner interval>
Command scanner interval
Description Defines the scanner interval in seconds (5-60).
Default NA
Command Mode Privileged User
Example This example configures the background scanner interval to 20 seconds.
- 748 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
# configure data (config-data)# router bgp 2 (conf-router)# bgp scan-time (20)
bgp router-id
This command overrides the configured router identifier.
Syntax bgp router-id a.b.c.d
Command a.b.c.d
Description Defines the manually configured router identifier.
Default NA
Command Mode Privileged User
Example This example overrides the configured router identifier.
# configure data (config-data)# router bgp 2 (conf-router)# bgp router-id 10.13.12.2
bgp log-neighbor-changes
This command logs BGP neighbor status changes (up or down) and resets for troubleshooting network connectivity problems.
Syntax bgp log-neighbor-changes
Default
- 749 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
NA
Command Mode Privileged User
Example This example logs BGP neighbor status changes.
# configure data (config-data)# router bgp 2 (conf-router)# bgp log-neighbor-changes
bgp graceful-restart
This command defines graceful restart capability parameters.
Syntax bgp graceful-restart [stalepath-time <delay value>]
Command delay value
Description Defines the delay value in seconds [1-3600].
Default NA
Command Mode Privileged User
Example This example defines graceful restart capability parameters.
# configure data (config-data)# router bgp 2 (conf-router)# bgp graceful-restart
- 750 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
bgp fast-external-failover
This command immediately resets a session if a link to a directly connected external peer goes down.
Syntax bgp fast-external-failover
Default NA
Command Mode Privileged User
Example This example resets a session if a link to a directly connected external peer goes down.
# configure data (config-data)# router bgp 2 (conf-router)# bgp fast-external-failover
bgp enforce-first-as
This command configures a BGP routing process to remove updates received from external BGP peers that do not list their Autonomous System (AS) number as the first AS path segment in the AS_PATH attribute of the incoming route.
Syntax bgp enforce-first-as
Default NA
Command Mode Privileged User
- 751 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example This example is an example of how this command is used.
# configure data (config-data)# router bgp 2 (conf-router)# bgp enforce-first-as
bgp deterministic-med
This command selects the best Multi_Exit_Disc (MED) path from paths advertised from the neighboring AS.
Syntax bgp deterministic-med
Default NA
Command Mode Privileged User
Example This example is an example of how this command is used.
# configure data (config-data)# router bgp 2 (conf-router)# bgp deterministic-med
bgp default local-preference
This command configures the default local preference value.
Syntax bgp default local-preference {ipv4-unicast|local-preference <local preference value>}
- 752 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command
local preference value
Description Defines the default local preference value [0-4294967295].
Default NA
Command Mode Privileged User
Example This example defines the default local preference value.
# configure data (config-data)# router bgp 2 (conf-router)# bgp default local-preference 100
bgp dampening
This command enables route-flap dampening. Flapping routes trigger instability in the routing table. Routers running BGP have a mechanism designed to reduce the destabilizing effect of flapping routes.
Syntax bgp dampening bgp dampening <half life time> bgp dampening [<half life time>] <re-use limit> [<start suppress> <suppress duration>
Command
Description
half life time
Defines the amount of time that must pass to decrease the penalty by one half [1-45].
re-use limit
Defines the value to start reusing a route [1 20000]. This value is compared to the penalty value to resolve route reusability. If the penalty is
- 753 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command
Description
greater than the suppress limit, the route is suppressed. Otherwise, it is reused.
start
Defines the value that specifies the penalty that will be used if a route is
suppress suppressed [1 20000].
suppress Defines the maximum duration in minutes that a route will be suppressed duration [1-255].
Default NA
Command Mode Privileged User
Example The following is an example of how this command is used.
# configure data (config-data)# router bgp 2 (conf-router)# bgp dampening 1 1000 1000 100
bgp confederation peers
This command splits an autonomous system into smaller autonomous systems or combines several autonomous systems into one.
Syntax
bgp confederation peers <AS number> bgp confederation peers <AS number> [<AS number>] [<AS number>][<AS number>]
Command
Description
AS
Defines the Autonomous System numbers for BGP peers that belong to the
number confederation [1-65535].
Default
- 754 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
NA
Command Mode Privileged User
Example This example specifies four other confederations as members of autonomous system 2.
# configure data (config-data)# router bgp 2 (conf-router)# bgp confederation identifier 65018 65020 65022 65024
bgp confederation identifier
This command splits an autonomous system into smaller autonomous systems or combines several autonomous systems into one.
Syntax bgp confederation identifier <AS number>
Command
Description
AS
Defines the Autonomous System numbers for BGP peers that belong to the
number confederation [1-65535].
Default NA
Command Mode Privileged User
Example This example specifies confederation 200 belongs to autonomous system 18.
# configure data (config-data)# router bgp 200 (conf-router)# bgp confederation identifier 18
- 755 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
bgp router-id
This command specifies the router-ID.
Syntax bgp router-id a.b.c.d no bgp router-id
Command a.b.c.d
Description Defines the Router Identifier.
Default Router identifier value is selected as the largest IP address of the interfaces.
Command Mode Privileged User
Example This example sets the Router Identifier.
(config data) # bgp router-id 10.13.22.130
bgp cluster-id
This command configures the Route-Reflector Cluster-id.
Syntax bgp cluster-id [a.b.c.d|Cluster id number] no bgp cluster-id
Command a.b.c.d
Cluster ID Number
Description
Defines the Route-Reflector Cluster-id in IP address format.
Defines the Route-Reflector Cluster-id as 32 bit quantity - Range [14294967295]
- 756 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Default Router identifier value is selected as the largest IP address of the interfaces.
Command Mode Privileged User
Example This example sets the Cluster ID.
(config-data)# router bgp 1 (conf-router)# bgp cluster-id 10.13.22.130
bgp client-to-client reflection
This command configures client-to-client route reflection.
Syntax bgp client-to-client reflection
Default NA
Command Mode Privileged User
Example This example configures client-to-client route reflection.
(config data) # bgp client-to-client reflection
bgp bestpath as-path
This command specifies that the length of confederation path sets and sequences that should be taken into account during the BGP best path decision process.
Syntax
- 757 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
bgp bestpath as-path {confed|ignore}
Command
Description
confed Compare path lengths including confederation sets & sequences in selecting a route.
ignore Ignores as-path length when selecting a router.
Default NA
Command Mode Privileged User
Example This example ignores as-path length in selecting a router.
(config data) # bgp bestpath as-path ignore
bgp bestpath compare-routerid
This command compares the router-id for identical EBGP paths.
Syntax bgp bestpath compare-routerid
Default NA
Command Mode Privileged User
Example This example compares the router-id for identical EBGP paths.
- 758 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(config data) # bgp bestpath compare-routerid
bgp bestpath med confed
This command allows BGP to select the best path when multiple BGP routes to the same destination exist.
Syntax bgp bestpath med confed [missing-as-worst]
Command missing-as-worst
Description Treats the missing MED as the least preferred one.
Default NA
Command Mode Privileged User
Example The following is an example of how to use the command.
(config data) # bgp med confed missing-as-worst
bgp bestpath med missing-as-worst
This command treats the missing Multi Exit Discriminator (MED) attribute in a path as having a value of infinity and as the least preferred one.
Syntax bgp bestpath med missing-as-worst [confed]
Command confed
Description Compares MEDs among confederation paths.
- 759 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example The following is an example of how to use the command.
(config data) # bgp bestpath med missing-as-worst confed
bgp always-compare-med
This command allows comparing MEDs from different neighbors.
Syntax bgp always-compare-med
Default NA
Command Mode Privileged User
Example The following is an example of how to use the command.
(config data) # bgp always-compare-med
distance
This command defines an administrative distance.
Syntax distance <admin distance> <a.b.c.d/M>
- 760 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command admin distance a.b.c.d/M
Description Defines the Administrative Distance [1-255]. Defines the IP source prefix.
Default NA
Command Mode Privileged User
Example This example sets the Administrative Distance to 90.
(config data) # distance 90
distance bgp
This command allows the use of external, internal, and local administrative distances that could be a better route than other external, internal, or local routes to a node.
Syntax distance bgp <external distance> <internal distance> <local routes>
Command external distance internal distance local routes
Description Defines distance for routes external to the AS [1-255]. Defines distance for routes internal to the AS [1-255]. Defines distance for local routes [1-255].
Default NA
Command Mode Privileged User
- 761 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example The following is an example of how to use this command.
(config data) # distance bgp 200 200 100
redistribute static
This command redistributes the static route to the BGP process.
Syntax redistribute static
Default NA
Command Mode Privileged User
Example This example redistributes the static route to the BGP process.
(config-data)# router bgp 1 (conf-router)# redistribute static
redistribute connected
This command redistributes the connected route to the BGP process.
Syntax redistribute connected redistribute connected route-map <Pointer to route-map entries>
Command pointer to route-map entries
Description Defines the Router Identifier.
- 762 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example redistributes the connected route to the BGP process.
(config-data)# router bgp 1 (conf-router)# redistribute connected
redistribute ospf
This command redistributes the OSPF route to the BGP process.
Syntax redistribute ospf [metric <metric value>] [route-map <string>] redistribute ospf [route-map <string>] [metric <metric value>]
Command metric value route-map string
Description Defines the metric value [0-4294967295]. Defines the Route Map reference.
Default NA
Command Mode Privileged User
Example This example redistributes the OSPF route to the BGP process.
- 763 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(config-data)# router bgp 1 (conf-router)# redistribute ospf
neighbor remote-as
This command creates a new neighbor who's remote -as is as number. This command must be the first command used when configuring a neighbor.
Syntax neighbor {<neighbor tag>|a.b.c.d|x:x::x:x} remote-as <AS number>
Command a.b.c.d|x:x::x:x neighbor tag AS number peer
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines the AS number <1-65535>. Defines this field as an IPv4 address.
Default NA
Command Mode Privileged User
Note In all neighbor commands, the neighbor ip-address/word maybe described as peer.
Example In This example, the router in AS-1, is trying to peer with AS-2 at 10.0.0.1.
(config-data)# router bgp 1 (conf-router)# neighbor 10.0.0.1 remote-as 2
neighbor shutdown
This command shuts down the peer.
- 764 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax neighbor {<neighbor tag>|a.b.c.d|x:x::x:x} shutdown
Command a.b.c.d|x:x::x:x neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example In This example, the peer is shutdown.
(config-data)# router bgp 1 (conf-router)# neighbor 10.30.5.118 shutdown
neighbor enforce-multihop
This command enforces BGP neighbors to perform a multihop.
Syntax neighbor {<neighbor tag>|a.b.c.d|x:x::x:x} enforce-multihop neighbor string enforce-multihop
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
- 765 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example The following is an example of how to use this command.
(config-data)# router bgp 1 (conf-router)# neighbor 10.21.5.120 enforce-multihop
neighbor dont-capability-negotiate
This command allows not to perform capability negotiation.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} dont-capability-negotiate
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example The following is an example of how to use this command.
(config-data)# router bgp 1 (conf-router)# neighbor 10.21.5.120 dont-capability-negotiate
neighbor disable-connected-check
This command enables one-hop away EBGP peer using a loopback address.
- 766 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} disable-connected-check
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example The following is an example of how to use this command.
(config-data)# router bgp 1 (conf-router)# neighbor 10.21.5.120 disable-connected-check
neighbor ebgp-multihop
This command allows ebgp neighbors that are not on directly connected networks.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} ebgp-multihop
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
- 767 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example allows an ebgp neighbor.
(config-data)# router bgp 1 (conf-router)# neighbor 10.21.5.120 ebgp-multihop
neighbor description
This command sets the description of the peer.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} description line
Command a.b.c.d|X:X::X:X neighbor tag line
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines the neighbor description (up to 80 characters).
Default NA
Command Mode Privileged User
Example This following example sets the description of the peer
(config-data)# router bgp 1 (conf-router)# neighbor 10.5.20.110 description main server
- 768 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
neighbor fall-over bfd
This command sets BFD for a Border Gateway Protocol (BGP).
Syntax neighbor {<neighbor tag>|a.b.c.d|x:x::x:x} fall-over bfd interval <value> min_rx <value> multiplier <value>
Command
Description
a.b.c.d|X:X::X:X Defines the IP address of the neighbor (IPv4 or IPv6).
neighbor tag
Defines the neighbor tag.
interval
Interval (in msec) for outgoing BFD messages. The interval is increased if the remote system requires it.
min_rx
Minimum interval (in msec) between BFD messages. The remote system uses this interval for sending messages in case its interval is lower.
multiplier
Maximum number of packets that can be missed before the session status is considered down.
Default NA
Command Mode Privileged User
Example This example sets BFD for a BGP.
(config-data)# router bgp 1 (conf-router)# neighbor 10.30.5.118 fall-over bfd interval 1000 min_rx 1000 multiplier 3
neighbor version
This command set the BGP version to match a neighbor.
- 769 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} version version
Command
Description
a.b.c.d|X:X::X:X Defines the IP address of the neighbor (IPv4 or IPv6).
neighbor tag
Defines the neighbor tag.
version
Defines the version. It can be either 4 or 4-. BGP version 4- is similar but the neighbor speaks the old Internet-Draft revision 00's Multiprotocol Extensions for BGP4.
Default 4
Command Mode Privileged User
Example In This example, the BGP version is set.
(config-data)# router bgp 1 (conf-router)# neighbor 10.5.20.110 version 4
neighbor interface ifname
This command sets up the ifname of the interface used for the connection. This command is deprecated and may be removed in a future release. Its use should be avoided.
Syntax
neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} interface ifname neighbor peer {<neighbor tag>|a.b.c.d|X:X::X:X} interface ifname
- 770 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command a.b.c.d|X:X::X:X neighbor tag Ifname
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines an Interface name
Default NA
Command Mode Privileged User
Example This example sets up the ifname of the interface used for the connection.
(config-data)# router bgp 1 (conf-router)# neighbor 10.5.20.100 interface vlan 4
neighbor next-hop-self
This command specifies an announced route's next hop as being equivalent to the address of the bgp router.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} next-hop-self no neighbor peer next-hop-self
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode
- 771 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Privileged User
Example This example specifies an announced route's next hop.
(config-data)# router bgp 1 (conf-router)# neighbor 10.12.50.103 next-hop-self
neighbor update-source
This command specifies the IPv4 source address to use for the BGP session to this neighbor.
Syntax
neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} update-source <interface> <interface ID> neighbor peer {<neighbor tag>|a.b.c.d|X:X::X:X} update-source
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999]
- 772 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
loopback bvi
Interface Type (ifname) Loopback ID Bridge interface
Interface ID [1-5] [1-255]
Default NA
Command Mode Privileged User
Example This example specifies the IPv4 source address to use.
(config-data)# router bgp 1 (conf-router)# neighbor 192.168.0.1 update-source vlan2
neighbor unsuppress-map
This command selectively advertises routes that were previously suppressed by the aggregateaddress command.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} unsuppress-map <map name>
Command a.b.c.d|X:X::X:X map name neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the name of the route map. Defines the neighbor tag.
Default NA
Command Mode Privileged User
- 773 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example This is an example of how this command can be used.
(config-data)# router bgp 1 (conf-router)# neighbor 10.14.3.118 unsuppress-map gmap
neighbor transparent-nexthop
This command is used to keep the nexthop value of the route, even if the peer is an external BGP peer.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} transparent-nexthop
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example This is an example of how this command can be used.
(config-data)# router bgp 1 (conf-router)# neighbor 10.14.3.11 transparent-nexthop
neighbor transparent-as
This command is used to specify not to append your AS path number even if the peer is an external BGP peer.
Syntax
- 774 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} transparent-as
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example This is an example of how this command can be used.
(config-data)# router bgp 1 (conf-router)# neighbor 10.14.3.11 transparent-as
neighbor timers
This command sets the timers for a specific BGP neighbor. Keepalive messages are sent by a router to inform another router that the BGP connection between the two is still active.
Syntax
neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} timers connect <timer> neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} timers <keepalive> <holdtime>
Command
Description
a.b.c.d|X:X::X:X Defines the IP address of the neighbor (IPv4 or IPv6).
neighbor tag
Defines the neighbor tag.
timer
Defines the connect timer (0-65535).
keepalive
Defines the frequency (in seconds) with which keepalive messages are sent to its peer (065535).
- 775 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command holdtime
Description
Defines the interval (in seconds) after not receiving a keepalive message (0-65535).
Default NA
Command Mode Privileged User
Example This is an example of how this command can be used.
(config-data)# router bgp 1 (conf-router)# neighbor 10.14.3.118 timers connect 500
neighbor soft-reconfiguration inbound
This command allows inbound soft reconfiguration for a neighbor.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} soft-reconfiguration inbound
Command a.b.c.d|X:X::X:X string
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example
- 776 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
This is an example of how this command can be used.
(config-data)# router bgp 1 (conf-router)# neighbor 10.14.3.118 soft-reconfiguration inbound
neighbor default-originate
This command announces default routes to the peer. The BGPD's default is to not announce the default route (0.0.0.0/0) even it is in the routing table.
Syntax
neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} default-originate [route map <route map name>] neighbor peer {<neighbor tag>|a.b.c.d|X:X::X:X} default-originate
Command a.b.c.d|X:X::X:X neighbor route map name
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines the route map name.
Default NA
Command Mode Privileged User
Example This example announces default routes to the peer.
(config-data)# router bgp 1 (conf-router)# neighbor 10.14.3.118 default-originate
neighbor capability route-refresh
This command advertises the route-refresh capability to this neighbor.
Syntax
- 777 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} capability route-refresh|dynamic neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} capability orf prefix-list {both|receive|send} neighbor peer {<neighbor tag>|a.b.c.d|X:X::X:X} default-originate
Command
Description
a.b.c.d|X:X::X:X Defines the IP address of the neighbor (IPv4 or IPv6).
neighbor string Defines the neighbor tag.
route-refresh
Advertises the route-refresh capability to this neighbor.
dynamic
Advertises the dynamic capability to this neighbor.
orf
Advertises the Outbound Route Filter (ORF) capability to the
peer.
prefix-list
Advertises the prefix list ORF capability to this neighbor.
both
Enables the capability to SEND and RECEIVE the ORF to/from this neighbor.
receive
Enables the capability to SEND the ORF to this neighbor.
send
Enables the capability to RECEIVE the ORF from this neighbor
Default NA
Command Mode Privileged User
Example This example announces default routes to the peer.
(config-data)# router bgp 1 (conf-router)# neighbor 10.14.3.118 capability route-refresh
neighbor port
This command defines the neighbor's BGP port.
- 778 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax
neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} port <port number> no neighbor a.b.c.d port <port number>
Command a.b.c.d|X:X::X:X neighbor tag port number
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines the port number (0 65535).
Default NA
Command Mode Privileged User
Example This example defines the neighbor's BGP port.
(config-data)# router bgp 1 (conf-router)# neighbor 10.14.3.118 port 100
neighbor send-community
This command sends the community attribute to the neighbor.
Syntax
neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} send-community {both|stabdard|extended} neighbor peer {<neighbor tag>|a.b.c.d|X:X::X:X} send-community
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
- 779 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command both standard extended
Description Sends standard and extended community attributes. Sends standard community attributes. Sends extended community attributes.
Default NA
Command Mode Privileged User
Example This example sends the community attribute to this neighbor.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.3.111 send-community
neighbor route-server-client
This command configures a neighbor as a Route Server client.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} route-server-client
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
- 780 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example This example configures a neighbor as a Route Server client.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.3.111 route-server-client
neighbor route-reflector-client
This command configures a neighbor as a Route Reflector client.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} route-reflector-client
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example This example configures a neighbor as a Route Reflector client.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.3.111 route-reflector-client
neighbor remove-private-AS
This command removes the private AS number from outbound updates.
Syntax
- 781 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} remove-private-AS neighbor string remove-private-AS
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example This example removes the private AS number from outbound updates.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.3.111 remove-private-AS
neighbor weight
This command specifies a default weight value for the neighbor's routes.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} weight weight neighbor peer {<neighbor tag>|a.b.c.d|X:X::X:X} weight weight
Command a.b.c.d|X:X::X:X neighbor tag weight
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines the weight value in the range of 0 65535.
Default NA
- 782 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example specifies a default weight value for the neighbor's routes.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.5.110 weight 1000
neighbor passive
This command enables open messages not to be sent to this neighbor.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} passive neighbor string passive
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example This example enables open messages not to be sent to this neighbor.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.5.110 passive
neighbor password
This command sets the password for the secured BGP session.
- 783 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax
neighbor {<neighbor tag> | a.b.c.d | X:X::X:X} [password String]
Command a.b.c.d | X:X::X:X neighbor tag password string
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines password for a neighbor.
Default NA
Command Mode Privileged User
Example This example sets a password for a secured session with neighor 10.15.5.110.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.5.110 password 12345678
neighbor override-capability
This command enables the override capability negotiation result.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} override-capability
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default
- 784 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
NA
Command Mode Privileged User
Example This example enables the override capability negotiation result.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.5.110 override-capability
neighbor maximum-prefix
This command specifies a maximum number of prefixes accepted from this peer.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} <prefix limit> [<threshold>] [restart <restart interval>|warning-only]
Command
Description
a.b.c.d|X:X::X:X Defines the IP address of the neighbor (IPv4 or IPv6).
neighbor tag
Defines the neighbor tag.
prefix limit
Defines the maximum number of prefix limits (1 4294967295).
threshhold
Defines the threshold value (%) at which to generate a warning message.
restart interval Defines the restart interval in minutes (1-65535).
warning only
Enables to only give a warning message when the limit has exceeded.
Default NA
Command Mode Privileged User
- 785 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example This example specifies the maximum number of prefixes accepted from this peer.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.5.110 maximum-prefix 10000
neighbor route-map name
This command applies a route-map on the neighbor.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} route-map name {in|out|export|import}
Command a.b.c.d|X:X::X:X neighbor tag name in out export import
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines the name of the route-map. Applies a map to incoming routes. Applies a map to outbound routes. Applies a map to routes coming from the route-server client. Applies a map to routes going into the client's table.
Default NA
Command Mode Privileged User
Example This example applies a route-map on the neighbor.
- 786 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(config-data)# router bgp 1 (conf-router)# neighbor 10.12.5.101 route-map routename in import
neighbor peer-group
This command joins a specific peer to peer group word.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} peer-group <peer group name>
Command a.b.c.d|X:X::X:X neighbor tag peer group name
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines the peer group name.
Default NA
Command Mode Privileged User
Example This example joins a specific peer to group1.
(config-data)# router bgp 1 (conf-router)# neighbor 10.12.5.101 peer-group group1
neighbor local-as
This command specifies a local Autonomous System number.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} local-as <AS number> [no-prepend]
- 787 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command a.b.c.d|X:X::X:X neighbor tag AS number no-prepend
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines a local AS number (1-65535). Does not prepend local-as to updates from BGP peers.
Default NA
Command Mode Privileged User
Example This example configures the router to not prepend the Autonomous System number 200 to routes that are received from external peers.
(config-data)# router bgp 1 (conf-router)# neighbor 10.12.5.10 remote-as 100 (conf-router)# neighbor 10.12.5.10 local-as 200 no-prepend
neighbor interface
This command defines the Layer 3 interface.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} interface <if name> <interface ID>
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
- 788 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
loopback
Loopback ID
bvi
Bridge interface
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default NA
Command Mode Privileged User
Example The following is an example of how to use this command.
(config-data)# router bgp 1 (conf-router)# neighbor 10.12.5.10 interface gre 100
neighbor strict-capability-match
This command strictly compares negotiation match.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} strict-capability-match neighbor peer {<neighbor tag>|a.b.c.d|X:X::X:X} strict-capability-match
- 789 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example This example strictly compares negotiation match.
(config-data)# router bgp 1 (conf-router)# neighbor 15.13.4.15 strict-capability-match
neighbor attribute-unchanged
This command allows for the BGP attribute to be propagated unchanged to this neighbor.
Syntax
neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} attribute-unchanged neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} attribute-unchanged [[as-path] [med] [next-hop]] neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} attribute-unchanged [[as-path] [nexthop] [med]] neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} attribute-unchanged [[next-hop] [aspath][med]] neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} attribute-unchanged [[next-hop] [med] [as-path]] neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} attribute-unchanged [[med] [next-hop] [as-path]] neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} attribute-unchanged [[med] [as-path] [next-hop]]
- 790 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command a.b.c.d|X:X::X:X neighbor tag as-path next-hop med
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines the AS-path attribute. Defines the Next Hop attribute. Defines the Med attribute.
Default NA
Command Mode Privileged User
Example The following is an example of how to use this command.
(config-data)# router bgp 1 (conf-router)# neighbor 15.13.4.15 attribute-unchanged
neighbor allowas-in
This command specifies the number of times that the AS path of a received route may contain the recipient BGP speaker's AS number and still be accepted.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} allowas-in [<number>]
Command a.b.c.d|X:X::X:X neighbor tag number
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines the number of occurrences of the AS number (1-10)
Default
- 791 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
NA
Command Mode Privileged User
Example The following is an example of how to use this command.
(config-data)# router bgp 1 (conf-router)# neighbor 15.13.4.15 allowas-in 5
neighbor advertisement-interval
This command defines the minimum interval between sending BGP routing updates.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} advertisement-interval <time>
Command a.b.c.d|X:X::X:X neighbor tag time
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Defines the time in seconds (0-600).
Default NA
Command Mode Privileged User
Example This example sets the minimum interval between sending BGP routing updates to 100.
(config-data)# router bgp 1 (conf-router)# neighbor 15.13.4.15 advertisement-interval 100
- 792 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
neighbor activate
This command enables the Address Family for the neighbor.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} activate
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
Default NA
Command Mode Privileged User
Example The following is an example of how to use this command.
(config-data)# router bgp 1 (conf-router)# neighbor 15.13.4.15 activate
neighbor prefix-list name
This command specifies a prefix-list for the peer.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} prefix-list name {in|out}
Command a.b.c.d|X:X::X:X neighbor tag
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag.
- 793 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command in out name
Description Filters incoming updates. Filters outgoing updates. Defines the name of the prefix list in string format.
Default NA
Command Mode Privileged User
Example This example specifies a prefix-list for the peer.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.5.110 prefix-list plist in
neighbor filter-list name
This command establishes BGP filters.
Syntax neighbor {<neighbor tag>|a.b.c.d|X:X::X:X} filter-list name [in|out]
Command a.b.c.d|X:X::X:X neighbor tag in out name
Description Defines the IP address of the neighbor (IPv4 or IPv6). Defines the neighbor tag. Filters incoming updates. Filters outgoing updates. Defines the as-path access list name.
Default
- 794 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
NA
Command Mode Privileged User
Example This example establishes BGP filters.
(config-data)# router bgp 1 (conf-router)# neighbor 10.15.5.100 filter-list flist in
network
This command enables the Address Family for the neighbor.
Syntax network a.b.c.d [backdoor][[mask <network mask>][route-map <route-map name>] network a.b.c.d/m [backdoor][route-map <route-map name>]
Command a.b.c.d a.b.c.d/M backdoor mask route-map route-map name network mask
Description Defines the IP address of the network. Defines the IP prefix network/length. Enables a BGP backdoor route. Enables a network mask. Enables a route-map to modify the attributes. Defines the name of the route-map. Defines a network mask in the format of a.b.c.d .
Default NA
Command Mode Privileged User
- 795 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example The following is an example of how to use this command.
(config-data)# router bgp 1 (conf-router)# network 15.13.4.15 backdoor
BGP Protocol
The following commands relate to BGP Protocol.
Route Map Configuration BGP Route Map Configuration includes the following commands:
route-map This command configures the order entry in route map name with a match policy of "permit" or "deny".
Syntax route-map <route map name> [vrf <VRF name>] {deny|permit} <order or sequence number of route map> no route-map <route map name>
Command VRF name Route map name order or sequence number of route map
Description Defines the vrf name. Defines the Route Map name. Defines the sequence to insert into/delete from existing route-map entry. Range is [1-65535].
Default NA
Command Mode Privileged User
Example
- 796 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
This example configures the order entry in route map rmname. (config-data)# route-map rmname permit 1
route-map-static This command configures the static route-map.
Syntax route-map-static <static route-map tag>
Command static route-map tag
Description Defines the static route-map tag.
Default NA
Command Mode Privileged User
Example This example configures the static route-map.
(config-data)# route-map-static srmap
match as-path This command defines the AS path access-list name.
Syntax match as-path word
Command word
Description Defines the as-path access-list name.
- 797 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example defines the AS path access-list name.
(config-data)# route-map rmap permit 1 (conf-router)# match as-path spname
set as-path prepend This command sets the as-path prepend string for the BGP as-path attribute.
Syntax set as-path prepend as-path
Command as-path
Description Defines the as-number in the range of 1 65535.
Default NA
Command Mode Privileged User
Example This example sets the as-path prepend string for the BGP as-path attribute.
(config-data)# route-map qqq permit 1 (conf-route-map)# set as-path prepend 1
- 798 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
OSPFv2 Protocol
The following describes OSPF Version 2 protocol commands.
General Configuration OSPF Version 2 is a routing protocol which is described in RFC 2328. OSPF is an IGP (Interior Gateway Protocol). Compared with RIP, OSPF can provide scalable network support and faster convergence times. OSPF is widely used in large networks such as ISP (Internet Service Provider) backbone and networks. OSPF General Configuration includes the following commands:
router ospf This command enables or disables the OSPF process.
Syntax
router ospf [vrf <VRF name>] no router ospf
Command VRF name
Description Defines the VRF name.
Default NA
Command Mode Privileged User
Example This example enables the OSPF process.
(config-data)# router ospf
OSPF Router Configuration OSPF Router Configuration includes the following commands:
- 799 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ospf router-id This command sets the router-ID of the OSPF process.
Syntax ospf router-id a.b.c.d no ospf router-id
Command a.b.c.d
Description Defines the Router-ID in IP address format.
Default NA
Command Mode Privileged User
Example This example sets router-ID of the OSPF process.
(config-data)# router ospf (conf-router)# ospf router-id 10.24.5.100
ospf abr-type This command sets the ospf abr-type.
Syntax ospf abr-type type no ospf abr-type type
Command no type
Description Disables the router-ID of the OSPF process. Refers to abr-type cisco (according to cisco implementation)
- 800 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command
Description
ibm (according to IBM implementation) shortcut (shortcut abr) standard (standard behavior RFC 2328) Note: "Cisco" and "IBM" types are equivalent.
Default NA
Command Mode Privileged User
Example This example sets the ospf abr-type according to the IBM implementation.
(config-data)# router ospf (conf-router)# ospf abr-type ibm
ospf rfc1583compatibility This command enables the rfc1583compatibility flag.
Syntax ospf rfc1583compatibility no ospf rfc1583compatibility
Default NA
Command Mode Privileged User
Example This example enables the rfc1583compatibility flag.
- 801 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(config-data)# router ospf (conf-router)# ospf rfc1583compatibility
log-adjacency-changes This command configures OSPF to log changes in adjacency.
Syntax log-adjacency-changes [detail] no log-adjacency-changes [detail]
Default NA
Command Mode Privileged User
Example This example configures OSPF to log changes in adjacency.
(config-data)# router ospf (conf-router) # log-adjacency-changes detail
passive-interface
This command suppresses routing updates on an interface.
Syntax
passive-interface GigabitEthernet <slot/port[.vlanID]> passive-interface GigabitEthernet <slot/port> passive-interface vlan <vlanID> no passive-interface interface
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
Interface ID [SLOT/PORT.VLANID]
- 802 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
cellular gre ipip l2tp pppoe pptp vlan loopback bvi
Interface Type (ifname) Cellular interface ID Tunnel GRE ID Tunnel IPIP ID L2TP ID PPPoE interface ID PPTP ID Vlan ID Loopback ID Bridge interface
Interface ID 0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default NA
Command Mode Privileged User
Example This example suppresses routing updates on an interface.
(config-data)# router ospf (conf-router)# passive-interface GigabitEthernet 0/0.4
timers throttle spf This command sets the initial delay, the initial-holdtime and the maximum-holdtime between when SPF is calculated and the event which triggered the calculation.
Syntax timers throttle spf delay initial-holdtime max-holdtime no timers throttle spf
- 803 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command delay
initialholdtime maximumholdtime
Description Defines a number between 0 600000 delay in milliseconds from 1st change received until SPF calculation.
Defines the initial holdtime between 0 600000 in milliseconds between consecutive SPF calculation.
Defines the maximum holdtime between 0 600000 in milliseconds.
Default NA
Command Mode Privileged User
Example This example sets the delay to 200 ms, the initial holdtime is set to 400 ms and the maximum holdtime is set to 10 seconds.
(config-data)# router ospf (conf-router) # timers throttle spf 200 400 10000
max-metric router-lsa This command sets the time (seconds) to advertise self as stub-router.
Syntax max-metric router-lsa {on-startup|on-shutdown} number max-metric router-lsa administrative no max-metric router-lsa [on-startup|on-shutdown|administrative]
Command on-startup on-shutdown number
Description Defines the time (seconds) to advertise self as stub-router. Defines the time (seconds) to wait till full shutdown. Defines the time (seconds) in the range of 5 86400.
- 804 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example sets the time (seconds) to advertise self as stub-router.
(config-data) router ospf (conf-router) # max-metric router-lsa administrative
auto-cost reference-bandwidth This command sets the reference bandwidth for cost calculations, where this bandwidth is considered equivalent to an OSPF cost of 1, specified in Mbits/s.
Syntax auto-cost reference-bandwidth number no auto-cost reference-bandwidth
Command
Description
number Defines the reference bandwidth in terms of megabits per second in the range of 1 4294967.
Default 100Mbit/s (i.e. a link of bandwidth 100Mbit/s or higher will have a cost of 1. Cost of lower bandwidth links will be scaled with reference to this cost).
Command Mode Privileged User
Example This example sets the reference bandwidth for cost calculations.
- 805 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(config-data)# router ospf (conf-router) # auto-cost reference-bandwidth 1000
network
This command specifies the OSPF enabled interface(s). If the interface has an address from range 192.168.1.0/24 then the command below enables ospf on this interface so the router can provide network information to the other ospf routers via this interface.
Syntax
network a.b.c.d/m area a.b.c.d network a.b.c.d/m area number no network a.b.c.d/m area a.b.c.d no network a.b.c.d/m area number
Command a.b.c.d/M area a.b.c.d number
Description Defines the OSPF network prefix. Defines the OSPF area ID in IP address format.
Defines the OSPF area ID as a decimal value in the range of 0 4294967295.
Default NA
Command Mode Privileged User
Example If the interface has an address from range 192.168.1.0/24, then the command below enables ospf on this interface so that the router can provide network information to the other ospf routers via this interface.
(config-data)# router ospf (conf-router) # network 192.168.1.0/24 area 0.0.0.0
- 806 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
area
This command summarizes intra-area paths from specified area in one Type-3 summary-LSA announced to other areas.
Syntax
area a.b.c.d range a.b.c.d/m area number range a.b.c.d/m no area a.b.c.d range a.b.c.d /m no area number range a.b.c.d/m
Command
Description
a.b.c.d
Defines the OSPF area in IP address format.
number
Defines the OSPF area ID as a decimal value in the range of 0 4294967295.
range
Summarizes routes matching address/mask (border routers only).
a.b.c.d/M Defines the area range prefix.
Default NA
Command Mode Privileged User
Example This example summarizes intra-area paths from the specified area in one Type-3 summary-LSA announced to other areas.
(config-data)# router ospf (conf-router)# area 0.0.0.10 range 10.0.0.0/8
area ip-address|number range a.b.c.d/m not-advertise This command filters intra area paths which are not advertised in other areas.
Syntax
- 807 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
area ip-address a.b.c.d range a.b.c.d/m not-advertise area number number range a.b.c.d/m not-advertise no area peer range a.b.c.d/m not-advertise
Command a.b.c.d number
a.b.c.d/M notadvertise
Description Defines the OSPF area in IP address format Defines the OSPF area ID as a decimal value. Range is in between 0 4294967295. Defines the area range prefix. Defines not to advertise this range.
Default NA
Command Mode Privileged User
Example This example filters intra area paths and is not advertised into other areas.
(config-data)# router ospf (conf-router)# area ip-address 10.21.5.100 range 10.0.0.0/8 not-advertise
area ip-address|number range a.b.c.d/m substitute a.b.c.d/M This command substitutes a summarized prefix with another prefix.
Syntax area ip-address a.b.c.d range a.b.c.d/m substitute a.b.c.d/m area number number range a.b.c.d/m substitute a.b.c.d/m no area a.b.c.d range a.b.c.d/m substitute a.b.c.d/m
- 808 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command
Description
a.b.c.d
Defines the OSPF area in IP address format.
number
Defines the OSPF area ID as a decimal value. The range is 0 4294967295.
a.b.c.d/m Defines the area range prefix.
substitute Announces the area range as another prefix.
a.b.c.d/m Announces network prefix instead of range.
Default NA
Command Mode Privileged User
Example This example substitutes a summarized prefix with another prefix.
(config-data)# router ospf (conf-router)# area ip-address 10.5.10.105 range 10.0.0.0/8 substitute 11.0.0.0/8
area ip-address|number shortcut
This command configures the area as Shortcut capable.
Syntax
area ip-address a.b.c.d shortcut {default|enable|disable} area number <number> shortcut no area ip-address a.b.c.d shortcut no area number <number> shortcut
Command
Description
a.b.c.d Defines the OSPF area in IP address format.
number Defines the OSPF area ID as a decimal value in the range of 0 4294967295.
- 809 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command
Description
default Sets the default shortcutting behavior
enable Enables shortcutting through the area
disable Disables shortcutting through the area
Default NA
Command Mode Privileged User
Example This example configures the area as Shortcut capable.
(config-data)# router ospf (conf-router)# area number 1000 shortcut enable
area ip-address|number stub
This command configures the area to be a stub area.
Syntax
area ip-address a.b.c.d stub area number number stub no area ip-address a.b.c.d stub no area number number stub
Command
Description
a.b.c.d Defines the OSPF area in IP address format.
Number Defines the OSPF area ID as a decimal value in the range of 0 4294967295.
Default NA
- 810 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example configures the area to be a stub area.
(config-data)# router ospf (conf-router)# area number 1000 stub
area ip-address|number stub no-summary
This command prevents an OSPFD ABR from injecting inter-area summaries into the specified stub area.
Syntax
area ip-address <a.b.c.d> stub no-summary area number number stub no-summary no area ip-address <a.b.c.d> stub no-summary no area number number stub no-summary
Command a.b.c.d number
nosummary
Description Defines the OSPF area in IP address format Defines the OSPF area ID as a decimal value in the range of 0 4294967295. Determines not to inject inter-area routes into the stub.
Default NA
Command Mode Privileged User
Example
- 811 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
This example prevents an OSPFD ABR from injecting inter-area summaries into the specified stub area.
(config-data)# router ospf (conf-router)# area number 1000 stub no-summary
area ip-address|number default-cost This command sets the cost of default-summary LSAs announced to stubby areas.
Syntax area ip-address <a.b.c.d> default-cost <0-16777215> area number number default-cost <0-16777215> no area ip-address <a.b.c.d> default-cost <0-16777215>
Command a.b.c.d number
<016777215>
Description Defines the OSPF area in IP address format. Defines the OSPF area ID as a decimal value in the range of 0 4294967295. Defines the stub's advertised default summary cost.
Default NA
Command Mode Privileged User
Example This example sets the cost of default-summary LSAs announced to stubby areas.
(config-data)# router ospf (conf-router)# area number 2000 default-cost 1000
area ip-address|number filter-list prefix NAME in/out This command filters Type-3 summary-LSAs to/from area using prefix lists.
- 812 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax
area ip-address <a.b.c.d> filter-list prefix NAME in area ip-address <a.b.c.d> filter-list prefix NAME out area number number filter-list prefix NAME in area number number filter-list prefix NAME out no area ip-address <a.b.c.d> filter-list prefix NAME in no area ip-address <a.b.c.d> filter-list prefix NAME out no area number number filter-list prefix NAME in no area number number filter-list prefix NAME out
Command a.b.c.d number prefix NAME in out
Description Defines the OSPF area in IP address format. Defines the range of the area number 0 4294967295. Filters prefixes between OSPF areas. Defines the IP prefix list name. Filters networks sent out to this area Filters networks sent out from this area
Default NA
Command Mode Privileged User
Example This example filters Type-3 summary-LSAs to/from area using prefix lists.
(config-data)# router ospf (conf-router)# area number 1000 filter-list prefix NAME in
area ip-address|number authentication This command specifies that simple password authentication should be used for the given area.
- 813 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax
area ip-address <a.b.c.d> authentication area number number authentication no area ip-address <a.b.c.d> authentication no area number number authentication
Command a.b.c.d number
Description Defines the OSPF area in IP address format. Defines the area number in the range of 0 4294967295.
Default NA
Command Mode Privileged User
Example This example specifies that simple password authentication should be used for the given area.
(config-data)# router ospf (conf-router)# area number 1000 authentication
area ip-address|number authentication message-digest This command specifies that OSPF packets must be authenticated with MD5 HMACs within the given area.
Syntax area ip-address <a.b.c.d> authentication message-digest area number number authentication message-digest
Command a.b.c.d number
Description Defines the OSPF area in IP address format. Defines the area number in the range of 0 4294967295.
- 814 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example specifies that OSPF packets must be authenticated with MD5 HMACs within the given area.
(config-data)# router ospf (conf-router)# area number 1000 authentication message-digest
redistribute kernel
This command redistributes routes of the specified protocol or kind into OSPF.
Syntax
redistribute kernel redistribute kernel route-map redistribute kernel metric-type {1|2} redistribute kernel metric-type {1|2} route-map word redistribute kernel metric <0-16777214> redistribute kernel metric-type {1|2} metric <0-16777214> metric <0-16777214> route-map word no redistribute kernel
Command metric metric-type 1|2 word
Description Defines the metric for redistributed routes Defines the OSPF exterior metric type for registered routes Sets the OSPF exterior type - 1- metric, 2-metrics Describes the pointer to route-map entries
Default NA
- 815 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example redistributes routes of the specified protocol or kind into OSPF.
(config-data)# router ospf (conf-router)# redistribute kernel
redistribute rip This command redistributes information from RIP.
Syntax redistribute rip [metric <default metric>] [route-map <pointer>] redistribute rip [route-map <pointer>][metric <default metric>] no redistribute rip
Command metric default metric route-map pointer
Description Defines the metric for redistributed routes. Defines the default metric [0-4294967295]. Defines the route map reference. Defines the pointer to route-map entries.
Default NA
Command Mode Privileged User
Example This example redistributes routes from RIP.
- 816 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(config-data)# router bgp 3 (conf-router)# redistribute rip
redistribute connected
This command redistributes routes of the specified protocol or kind into OSPF.
Syntax
redistribute connected redistribute connected route-map redistribute connected metric-type {1|2} redistribute connected metric-type {1|2} route-map word redistribute connected metric <0-16777214> redistribute connected metric-type {1|2} metric <0-16777214> metric <016777214> route-map word no redistribute connected
Command metric metric-type 1|2 word
Description Defines the metric for redistributed routes. Defines the OSPF exterior metric type for registered routes. Sets the OSPF exterior type - 1- metric, 2-metrics. Describes the pointer to route-map entries.
Default NA
Command Mode Privileged User
Example This example redistributes routes of the specified protocol or kind into OSPF.
(config-data)# router ospf (conf-router)# redistribute connected
- 817 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
redistribute static
This command redistributes routes of the specified protocol or kind into OSPF.
Syntax
redistribute static redistribute static route-map redistribute static metric-type {1|2} redistribute static metric-type {1|2} route-map word redistribute static metric <0-16777214> redistribute static metric-type {1|2} metric <0-16777214> metric <0-16777214> route-map word no redistribute static
Command metric Metric-type 1|2 word
Description Defines the metric for redistributed routes. Defines the OSPF exterior metric type for registered routes. Sets the OSPF exterior type - 1- metric, 2-metrics. Describes the pointer to route-map entries.
Default NA
Command Mode Privileged User
Example This example redistributes routes of the specified protocol or kind into OSPF.
(config-data)# router ospf (conf-router)# redistribute static
redistribute bgp This command redistributes routes of the specified protocol or kind into OSPF.
Syntax
- 818 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
redistribute bgp redistribute bgp route-map redistribute bgp metric-type {1|2} redistribute bgp metric-type {1|2} route-map word redistribute bgp metric <0-16777214> redistribute bgp metric-type {1|2} metric <0-16777214> metric <0-16777214> route-map word no redistribute bgp
Command metric metric-type 1|2 word
Description Defines the metric for redistributed routes Defines the OSPF exterior metric type for registered routes Sets the OSPF exterior type - 1- metric, 2-metrics Describes the pointer to route-map entries
Default NA
Command Mode Privileged User
Example This example redistributes routes of the specified protocol or kind into OSPF.
(config-data)# router ospf (conf-router)# redistribute bgp
timers bgp This command adjusts the BGP routing timers.
Syntax timers bgp <keepalive interval> <hold time>
- 819 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command keepalive interval hold time
Description Defines the Keepalive interval [0-65535]. Defines the Hold time.
Default NA
Command Mode Privileged User
Example This example adjusts the BGP routing timer.
(config-data)# router bgp 3 (conf-router)# timers bgp 100 200
default-information originate
This command originates an AS-External (type-5) LSA describing a default route into all external routing capable areas, of the specified metric and metric type.
Syntax
default-information originate default-information originate metric <0-16777214> default-information originate metric <0-16777214> metric-type {1|2} default-information originate metric <0-16777214> metric-type (1|2) route-map word default-information originate always default-information originate always metric <0-16777214> default-information originate always metric <0-16777214> metric-type {1|2} default-information originate always metric <0-16777214> metric-type {1|2}routemap word no default-information originate
Command always
Description Sets always advertise default route.
- 820 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This command distributes a default route.
(config-data)# router ospf (conf-router) # default-information originate
default-metric This command sets the metric of redistributed routes.
Syntax default-metric <0-16777214> no default-metric
Command <0-16777214>
Description Defines the default metric.
Default NA
Command Mode Privileged User
Example This example sets the metric of redistributed routes to 1000.
(config-data)# router ospf (conf-router)# default-metric 1000
- 821 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
distance
This command defines an OSPF administrative distance.
Syntax
distance <1-255> no distance <1-255> distance ospf {intra-area|inter-area|external} <1-255> no distance ospf
Command <1-255>
Description Defines the administrative distance.
Default NA
Command Mode Privileged User
Example This example defines an OSPF administrative distance of 100.
(config-data)# router ospf (conf-router)# distance 100
OSPF Interface Configuration OSPF Interface Configuration includes the following commands:
ip ospf authentication-key auth_key This command sets the OSPF authentication key to a simple password. After setting AUTH_ KEY, all OSPF packets are authenticated.
Syntax ip ospf authentication-key auth_key [a.b.c.d] no ip ospf authentication-key [a.b.c.d]
- 822 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command auth_key a.b.c.d
Description Defines the OSPF password (key). Address of the interface
Default NA
Command Mode Privileged User
Example This example sets the OSPF authentication key to a simple password.
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf authentication-key passx
ip ospf authentication message-digest This command specifies that MD5 HMAC authentication must be used on this interface.
Syntax ip ospf authentication message-digest [a.b.c.d]
Arguments a.b.c.d
Description Address of the interface.
Default NA
Command Mode Privileged User
Example This example specifies that MD5 HMAC authentication must be used on this interface.
- 823 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf authentication message-digest
ip ospf message-digest-key KEYID md5 KEY This command sets the OSPF authentication key to a cryptographic password.
Syntax ip ospf message-digest-key KEYID md5 KEY [a.b.c.d] no ip ospf message-digest-key
Command KEYID KEY a.b.c.d
Description Defines the KEYID in the range of 1 255. Defines the OSPF password. Address of the interface.
Default NA
Command Mode Privileged User
Example This example sets the OSPF authentication key to a cryptographic password.
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf message-digest-key 100 md5 ABCD1234
ip ospf cost This command sets the link cost for the specified interface.
Syntax ip ospf cost number [a.b.c.d] no ip ospf cost <cost> [a.b.c.d]
- 824 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command number a.b.c.d
Description Defines the cost in the range of 1 65535. Address of the interface.
Default NA
Command Mode Privileged User
Example This example sets the link cost for the specified interface and address.
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf cost 1000 10.10.10.1
ip ospf dead-interval
This command sets the number of seconds for RouterDeadInterval timer value used for Wait Timer and Inactivity Timer.
Syntax
ip ospf dead-interval number [a.b.c.d] ip ospf dead-interval minimal hello-multiplier <2-20> [a.b.c.d] no ip ospf dead-interval [a.b.c.d]
Command number <2-20> a.b.c.d
Description Defines the seconds in the range of 1- 65535. Defines the number of hellos to send each second. Address of the interface.
Default NA
- 825 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example sets the number of seconds for RouterDeadInterval timer value to 1000.
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf dead-interval 1000
ip ospf hello-interval This command sets the number of seconds for HelloInterval timer value.
Syntax ip ospf hello-interval number [a.b.c.d] no ip ospf hello-interval [a.b.c.d]
Command number a.b.c.d
Description Defines the number of seconds in the range of 1- 65535. Address of the interface.
Default NA
Command Mode Privileged User
Example This example sets HelloInterval timer value to 1000 seconds.
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf hello-interval 1000
ip ospf network This command explicitly sets the network type for the specified interface.
- 826 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax
ip ospf network {broadcast|non-broadcast|point-to-multipoint |point-to-point} no ip ospf network
Command broadcast non-broadcast point-to-multipoint point-to-point
Description Specifies the OSPF broadcast multi-access network. Specifies the OSPF NMBA network. Specifies the OSPF point-to-multipoint network. Specifies the OSPF point-to-point network.
Default NA
Command Mode Privileged User
Example This example explicitly sets the network type for the specified interface.
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf network point-to-point
ip ospf priority This command sets the RouterPriority integer value.
Syntax ip ospf priority number [a.b.c.d] no ip ospf priority [a.b.c.d]
Command number a.b.c.d
Description Defines the priority value in the range of 0-255. Address of the interface
- 827 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Default 1
Command Mode Privileged User
Example This example sets the RouterPriority integer value to 100.
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf priority 100
ip ospf retransmit-interval This command sets the number of seconds for RxmtInterval timer value. This value is used when retransmitting Database Description and Link State Request packets.
Syntax ip ospf retransmit-interval number [a.b.c.d] no ip ospf retransmit interval [a.b.c.d]
Command
Description
number
Defines the number of seconds for the RxmtInterval timer value. Range is 1 65535.
a.b.c.d Address of the interface.
Default 5 seconds
Command Mode Privileged User
Example This example sets the number of seconds for RxmtInterval timer value to 1000.
- 828 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf retransmit-interval 1000
ip ospf transmit-delay This command sets the number of seconds for InfTransDelay value.
Syntax ip ospf transmit-delay number [a.b.c.d] no ip ospf transmit-delay [a.b.c.d]
Command
Description
number
Defines number of seconds for the InfTransDelay value in the range of <165535>.
a.b.c.d Address of the interface
Default 1 second
Command Mode Privileged User
Example This example sets the number of seconds for InfTransDelay value to 1000.
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf transmit-delay 1000
ip ospf bfd This command sets the number of seconds for the InfTransDelay value.
Syntax ip ospf bfd interval <value> min_rx <value> multiplier <value>
- 829 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command
Description
interval
Defines the Interval (in msec) for outgoing BFD messages. The interval is increased if required by the remote system.
min_rx
Defines the interval (in msec) between BFD messages in milliseconds. The remote system uses this interval for sending messages if its interval is lower.
multiplier Defines the maximum number of packets that can be missed before the session status is considered down.
Command Mode Privileged User
Example This example enables BFD for OSPF on VLAN 1 with an interval and min_rx of 200 msec and multiplier value of 3
(config-data)# interface vlan1 (conf-if-VLAN 1)# ip ospf bfd interval 200 min_rx 200 multiplier 3
OSPF6 Protocol
The following describes OSPF protocol for IPv6 commands. router ospf6 This command enables or disables the OSPF6 process.
Syntax router ospf6 [vrf <VRF name>] no router ospf
Command VRF name
Description Defines the VRF name.
Default NA
- 830 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example enables the OSPF6 process.
(config-data)# router ospf6
area This command filters OSPFv6 area parameters.
Syntax area a.b.c.d filter-list prefix <ipv6 prefix-list name> {in|out} area a.b.c.d range [X:X::X:X/M] [advertise|not-advertise]
Command
Description
a.b.c.d
Defines the OSPFv6 area in IP address format.
filterlist
Filter networks between OSPFv6 areas.
prefix
Filter prefixes between OSPFv6 areas.
ipv6 prefixlist name
Defines the name of an IPv6 prefix-list
range
Defines the configured address range.
in
The IPv6 prefix list is applied to IPv6 prefixes advertised to the relevant
area from other areas.
out
The IPv6 prefix list is applied to IPv6 prefixes advertised out of the
relevant area to other areas.
advertise Set the address range status to "advertise" and generates a Type 3 summary link-state advertisement (LSA). (Optional)
not-
Set the address range status to "DoNotAdvertise". The Type 3 summary
advertise LSA is suppressed, and the component networks remain hidden from the
- 831 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command
Description other networks. (Optional)
Default NA
Command Mode Privileged User
Example This example filters intra area paths and is not advertised into other areas.
(config-data)# router ospf6 (conf-router)# area ip-address 10.21.5.100 range 10:0::0:0/8 not-advertise
interface This command selects an interface to configure.
Syntax interface <interface name> <interface ID> area a.b.c.d
Command area interface name
Description
Defines the OSPF6 area ID.
Defines the interface name as one of the following: bvi: Bridge interface cellular: Cellular 3G interface gigabitethernet: Gigabit Ethernet interface gre: GRE tunnel interface ipip: IPIP tunnel interface l2tp: L2TP tunnel interface loopback: PPPoE interface pppoe: PPPoE interface
- 832 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command a.b.c.d
Description pptp: PPTP tunnel interface vlan: VLAN interface vti: VTI tunnel interface Defines the OSPFv6 area in IP address format.
Default NA
Command Mode Privileged User
Example This example selects an interface to configure.
# configure data (config-data)# router ospf6 (conf-router)# interface gre 1 area 10.21.5.100
redistribute This command redistributes routes of the specified protocol or kind into OSPF6.
Syntax redistribute {bgp|connected|kernel|ripng|static} [route-map <route-map name>]
Command bgp connected kernel ripng static
Description Redistributes the bgp route. Redistributes the connected route. Redistributes the kernel route. Redistributes the ripng route. Redistributes the static route.
- 833 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command route-map name
Description Defines the route-map name.
Default NA
Command Mode Privileged User
Example This example redistributes the kernel route of the specified protocol or kind into OSPF6.
# configure data (config-data)# router ospf (conf-router)# redistribute kernel
Routing Information Protocol (RIP)
The following commands relate to Routing Information Protocol. General Configuration RIP General Configuration includes the following commands: router rip This command enables IPv4 RIP.
Syntax router rip [vrf <VRF name>] no router rip
Command VRF name
Description Defines the VRF name.
Default NA
- 834 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example enables RIP configuration mode.
(config-data)# router rip
router ripng This command enables IPv6 RIPng.
Syntax router ripng [vrf <VRF name>] no router ripng
Command VRF name
Description Defines the VRF name.
Default NA
Command Mode Privileged User
Example This example enables RIPng configuration mode.
(config-data)# router ripng
passive-interface This command sets the specified interface to passive mode. On passive mode interfaces, all receiving packets are processed as normal and ripd does not send either multicast or unicast RIP packets except to RIP neighbors specified with the neighbor command. The interface may
- 835 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
be specified as `default' to make ripd default to passive on all interfaces. The default is to be passive on all interfaces.
Syntax
passive-interface {ifname|default} no passive-interface ifname
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
loopback
Loopback ID
bvi
Bridge interface
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default NA
Command Mode Privileged User
Example This example sets the specified interface to passive mode.
(config-data)# router rip (conf-router)# passive-interface vlan 2
- 836 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ip split-horizon
This command controls the split- horizon on the interface. A Split horizon is a way of preventing a routing loop in a network. Information about the routing for a specific packet is never sent back in the direction from which it was received. Default is ip split-horizon. If you don't perform split-horizon on the interface, please specify no ip split-horizon.
Syntax
ip split-horizon no ip split-horizon
Default NA
Command Mode Privileged User
Example This example sets split horizon on the VLAN 2 interface.
(config-data)# interface vlan 2 (conf-if VLAN 2)# ip split-horizon
RIP Router Configuration RIP Router Configuration includes the following commands:
network network This command sets the RIP enable interface by network. The interfaces which have addresses matching the network are enabled. This group of commands either enables or disables RIP interfaces between numbers of a specified network address. For example, if the network for 10.0.0.0/24 is RIP enabled, this would result in all the addresses from 10.0.0.0 to 10.0.0.255 being enabled for RIP. The no network command disables RIP for the specified network.
Syntax
- 837 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
network network a.b.c.d/m no network network
Command a.b.c.d/m
Description Defines the IP prefix network/length
Default NA
Command Mode Privileged User
Example This example sets the RIP enable interface by network.
(conf-router)# network network 10.4.4.10/16
network ifname This command sets a RIP enabled interface by ifname. Both the sending and receiving of RIP packets will be enabled on the port specified in the network ifname command. The no network ifname command disables RIP on the specified interface.
Syntax network ifname no network ifname
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255]
- 838 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
l2tp pppoe pptp vlan loopback bvi
Interface Type (ifname) L2TP ID PPPoE interface ID PPTP ID Vlan ID Loopback ID Bridge interface
Interface ID [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default NA
Command Mode Privileged User
Example This example sets the RIP enable interface by ifname.
(conf-router)# network vlan 1
neighbor a.b.c.d This command is used to specify neighbors when a neighbor can't process multicast. In some cases, not all routers are able to understand multicasting, where packets are sent to a network or a group of addresses. In a situation where a neighbor cannot process multicast packets, it is necessary to establish a direct link between routers. The neighbor command allows the network administrator to specify a router as a RIP neighbor. The no neighbor a.b.c.d command will disable the RIP neighbor.
Syntax neighbor a.b.c.d no neighbor a.b.c.d
- 839 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command a.b.c.d
Description Defines the neighbor address.
Default NA
Command Mode Privileged User
Example This example specifies a neighbor.
(conf-router)# neighbor 10.4.4.4
version version This command sets the RIP version number.
Syntax version version no version
Command version
Description Defines the RIP version number "1" or "2"
Default "2" for send Both "1" and "2" for receive
Command Mode Privileged User
Example This example sets RIP Version 2.
- 840 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(conf-router) # version 2
redistribute kernel
This command redistributes routing information from kernel route entries into the RIP tables. The no redistribute kernel disables the routes.
Syntax
redistribute kernel redistribute kernel metric <0-16> redistribute kernel route-map [route-map] no redistribute kernel
Command metric route-map
Description Defines the Metric value (0 -16). Defines the pointer to route-map entries.
Default NA
Command Mode Privileged User
Example This example redistributes IPv4 routing information from kernel route entries.
# configure data (config-data)# router rip (conf-router)# redistribute kernel
redistribute static This command redistributes routing information from static route entries into the RIP tables. The no redistribute static command disables the routes.
Syntax
- 841 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
redistribute static redistribute static metric <metric value> redistribute static route-map [route-map] no redistribute static
Command metric route-map
Description Defines the metric value (0 - 4294967295). Defines the pointer to route-map entries.
Default NA
Command Mode Privileged User
Example This example redistributes routing information from static route entries.
# configure data (config-data)# router ospf (conf-router) # redistribute static
redistribute connected This command redistributes connected routes into the RIP tables. The no redistribute connected command disables the connected routes in the RIP tables. The connected route on a RIP- enabled interface is announced by default.
Syntax redistribute connected redistribute connected [metric <metric value>] redistribute connected [route-map [route-map]] no redistribute connected
- 842 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command metric value route-map
Description Defines the default metric value [0-4294967295]. Defines the pointer to route-map entries.
Default NA
Command Mode Privileged User
Example This example redistributes connected routes into the RIP tables.
(conf-router) # redistribute connected
redistribute ospf
This command redistributes routing information from ospf route entries into the RIP tables. no redistribute ospf disables the routes.
Syntax
redistribute ospf redistribute ospf metric <default metric> redistribute ospf route-map [route-map] no redistribute ospf
Command metric route-map
Description Defines the metric value [0-4294967295]. Defines the pointer to route-map entries.
Default NA
Command Mode
- 843 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Privileged User
Example This example redistributes ospf routes into the RIP tables.
(conf-router) # redistribute ospf
redistribute bgp
This command redistributes routing information from bgp route entries into the RIP tables. no redistribute bgp disables the routes.
Syntax
redistribute bgp redistribute bgp metric <0-16> redistribute bgp route-map [route-map] no redistribute bgp
Command metric route-map
Description Defines the metric value (0 -16). Defines the pointer to route-map entries.
Default NA
Command Mode Privileged User
Example This example redistributes bgp routes into the RIP tables.
(conf-router) # redistribute bgp
default-information originate This command distributes a default route.
- 844 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax default-information originate
Default NA
Command Mode Privileged User
Example This example distributes a default route. (conf-router)# default-information originate
distribute-list prefix This command filters the RIP path and can apply access-lists to a chosen interface.
Syntax distribute-list prefix [WORD] {in|out} ifname
WORD
Command
Description Prefix list name
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3]
- 845 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
pptp vlan loopback bvi
Interface Type (ifname) PPTP ID Vlan ID Loopback ID Bridge interface
Interface ID [0-99] [1-3999] [1-5] [1-255]
Default NA
Command Mode Privileged User
Example This example filters the RIP path for input packets of vlan 1.
(conf-router)# distribute-list prefix prefix1 in vlan 1
distance This command sets the default RIP distance to a specified value.
Syntax distance <1-255> [a.b.c.d/m] no distance <1-255> [a.b.c.d/m]
Command a.b.c.d/m
Description Defines the IP prefix network/length.
Default 120
Command Mode Privileged User
- 846 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example This example sets the default RIP distance to 150.
(conf-router)# distance 150
timers basic This command configures timers in the RIP protocol. The no timers basic command resets the timers to the default settings listed below.
Syntax timers basic [5-2147483647] no timers basic
Command 5-2147483647
Description Defines the Routing Table update timer value in seconds.
Default The default Routing table update timer value in seconds is 30.
Command Mode Privileged User
Example This example updates the timer value to 50 seconds.
(conf-router)# timers basic 50
RIP Interface Configuration RIP Interface Configuration includes the following commands:
ip rip split-horizon This command controls the split-horizon on the interface.
Syntax
- 847 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ip rip split-horizon [poisoned-reverse] no ip rip split-horizon
Default NA
Command Mode Privileged User
Example This example sets the split-horizon on VLAN 1.
(conf-if-VLAN 1)# ip rip split-horizon
ip rip send version version This interface command overrides the global rip version setting and selects which version of RIP packets are sent on this interface.
Syntax ip rip send version version
Command version
Description Defines the RIP version number "1" or "2".
Default Send packets according to the global version (Version 2).
Command Mode Privileged User
Example This example sets RIP Version 2 to send packets with.
(conf-if-VLAN 1)# ip rip send version 2
- 848 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ip rip receive version version This command overrides the global RIP version setting and selects which version of RIP packets are accepted on this interface.
Syntax ip rip receive version version
Command version
Description Defines the RIP version number "1" or "2".
Default Accept packets according to the global setting (1 and 2)
Command Mode Privileged User
Example This example sets RIP Version 2 to receive packets with.
(conf-if-VLAN 1)# ip rip receive version 2
ip rip authentication mode md5 This command sets the interface with RIPv2 MD5 authentication.
Syntax ip rip authentication mode md5 no ip rip authentication mode md5
Command Mode Privileged User
Example This example sets the interface with RIPv2 MD5 authentication.
- 849 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(conf-if-VLAN 1)# ip rip authentication mode md5
ip rip authentication mode text This command sets the interface with RIPv2 simple password authentication.
Syntax ip rip authentication mode text no ip rip authentication mode text
Command Mode Privileged User
Example This example sets the interface with RIPv2 simple text authentication.
(conf-if-VLAN 1)# ip rip authentication mode text
ip rip authentication string This command sets the authentication string.
Syntax ip rip authentication string string no ip rip authentication mode string
Command
Description
string Defines the authentication string which must be less than 16 characters.
Command Mode Privileged User
Example This example sets the authentication string.
- 850 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(conf-if-VLAN 1)# ip rip authentication string ripauthent
ip rip authentication key-chain This command sets the authentication key-chain.
Syntax ip rip authentication key-chain key-chain no ip rip authentication key-chain key-chain
Command key-chain
Description Defines the name of the key chain.
Command Mode Privileged User
Example This example sets the authentication key-chain.
(conf-if-VLAN 1)# ip rip authentication key-chain 120
IP Route Map Configuration RIP Route Map Configuration includes the following commands:
match community This command matches a BGP community list.
Syntax match community {<comm list std number>|<comm list exp number> |<comm list name>}
Command
comm list std number
Description
Defines the community list number (standard). Range is 199.
- 851 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command comm list exp number
comm list name
Description
Defines the community list number (expanded). Range is 100-500.
Defines the community list name.
Command Mode Privileged User
Example This example matches a BGP community list.
(config-data)# route-map ww permit 1 (conf-route-map)# match community commlist1
match extcommunity This command matches BGP/VPN extended community list.
Syntax match extcommunity {<comm list std number>|<comm list exp number> |<comm list name>}
Command
comm list std number
comm list exp number
comm list name
Description
Defines the extended community list number (standard). Range is 1-99.
Defines the extended community list number (expanded). Range is 100-500.
Defines the extended community list name.
Command Mode Privileged User
Example This example matches a BGP/VPN extended community list.
- 852 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(config-data)# route-map ww permit 1 (conf-route-map)# match extcommunity 1
match interface ifname This command matches values from the routing table.
Syntax match interface ifname
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
loopback
Loopback ID
bvi
Bridge interface
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Command Mode Privileged User
Example This example matches values from vlan 1.
(conf-route-map)# match interface vlan 1
- 853 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
match ip address prefix-list [WORD] This command matches the IP address of the route.
Syntax match ip address prefix-list plistname
Command plistname
Description Defines the prefix list string.
Command Mode Privileged User
Example This example matches entries of prefix-lists.
(conf-route-map)# match ip address prefix-list plist
match ip next-hop This command matches the next-hop address of a route.
Syntax match ip next-hop prefix-list plistname
Command plistname
Description Defines the prefix-list string.
Command Mode Privileged User
Example This example matches the next-hop address of a route.
- 854 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
(conf-route-map)# match ip next-hop prefix-list plist
match metric This command matches the metric value of RIP updates.
Syntax match metric <0-4294967295>
Command Mode Privileged User
Example This example matches the metric value of 100000.
(conf-route-map)# match metric 100000
set comm-list This command sets the BGP community list (for deletion).
Syntax set comm-list {<comm list std number>|<comm list exp number> |<comm list name>}
Command
comm list std number
comm list exp number
comm list name
Description
Defines the community list number (standard). Range is 199.
Defines the community list number (expanded). Range is 100-500.
Defines the community list name.
Command Mode Privileged User
- 855 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Example This example sets a BGP community list.
(config-data)# route-map ww permit 1 (conf-route-map)# set comm-list 100
set ip next-hop This command sets the next hop value in the RIPv2 protocol.
Syntax set ip next-hop a.b.c.d
Command a.b.c.d
Description Defines the IP address.
Command Mode Privileged User
Example This example sets the next hop to 10.4.4.28.
(conf-route-map)# set ip next-hop 10.4.4.28
set metric This command sets a metric value for matched routes when sending an announcement.
Syntax set metric <0-4294967295>
Command Mode Privileged User
Example
- 856 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
This example sets the metric value to 150000. (conf-route-map)# match metric 150000
redistribute connected
This command redistributes connected routes into the RIPng tables. The no redistribute connected command disables the connected routes in the RIP tables. The connected route on a RIP- enabled interface is announced by default.
Syntax
redistribute connected redistribute connected metric <0-16> redistribute connected route-map [route-map] no redistribute connected
Command metric route-map
Description Defines the metric value (0 -16). Defines the pointer to route-map entries.
Command Mode Privileged User
Example This example redistributes connected routes into the RIPng tables.
# configure data (config-data)# router ripng (conf-router)# redistribute connected
RIPng RIPng Router Configuration includes the following commands:
default-information originate This command distributes a default route.
- 857 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Syntax default-information originate
Default NA
Command Mode Privileged User
Example This example distributes a default route.
# configure data (config-data)# router ripng (conf-router)# default-information originate
default-metric This command sets the metric of redistributed routes.
Syntax default-metric <0-16777214> no default-metric
Command <0-16777214>
Description Defines the default metric.
Default NA
Command Mode Privileged User
Example
- 858 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
This example sets the metric of redistributed routes to 1000.
# configure data (config-data)# router ripng (conf-router)# default-metric 1000
distribute-list prefix This command filters the RIP path and can apply access-lists to a chosen interface.
Syntax distribute-list prefix [WORD] {in|out} ifname
WORD
Command
Description Prefix list name
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
loopback
Loopback ID
bvi
Bridge interface
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default NA
- 859 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example filters the RIP path for input packets of vlan 1.
# configure data (config-data)# router ripng (conf-router)# distribute-list prefix prefix1 in vlan 1
network ifname This command enables RIPng on a specified interface or network.
Syntax network ifname/[X:X::X:X/M] no network ifname/[X:X::X:X/M]
Interface Type (ifname)
[X:X::X:X/M]
IPv6 prefix network/length, e.g., 3ffe::/16
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
loopback
Loopback ID
bvi
Bridge interface
Interface ID
[SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
- 860 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Example This example sets the RIP enable interface by ifname.
# configure data (config-data)# router ripng (conf-router)# network vlan 1
passive-interface This command suppresses routing updates on an interface.
Syntax passive-interface ifname no passive-interface ifname
Interface Type (ifname)
Interface ID
gigabitethernet GigabitEthernet interface slot and port (VLAN [Slot/Port.VLAN
ID is optional)
ID]
cellular
Cellular interface ID
0/0
gre
Tunnel GRE ID
[1-255]
ipip
Tunnel IPIP ID
[1-255]
l2tp
L2TP ID
[0-99]
pppoe
PPPoE interface ID
[1-3]
pptp
PPTP ID
[0-99]
vlan
Vlan ID
[1-3999]
loopback
Loopback ID
[1-5]
- 861 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Interface Type (ifname)
bvi
Bridge interface
Interface ID [1-255]
Default NA
Command Mode Privileged User
Example This example sets the specified interface to passive mode.
# configure data (config-data)# router rip (conf-router)# passive-interface vlan 1
route This command sets up a static route.
Syntax route <route map tag> deny <sequence> route <route map tag> permit <sequence> route <route map tag> vrf <VRF table> deny|permit <sequence>
Command
Description
route map Defines the route map tag. tag
deny
Route map denies set operations.
permit
Route map permits set operations.
vrf
Associate with the defined VRF.
VRF table Defines the VRF table name.
sequence
Defines the sequence to insert to/delete from an existing route-map entry. Range is 1-65535.
- 862 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Interface Type (ifname)
Interface ID
gigabitethernet GigabitEthernet interface slot and port (VLAN [Slot/Port.VLAN
ID is optional)
ID]
cellular
Cellular interface ID
0/0
gre
Tunnel GRE ID
[1-255]
ipip
Tunnel IPIP ID
[1-255]
l2tp
L2TP ID
[0-99]
pppoe
PPPoE interface ID
[1-3]
pptp
PPTP ID
[0-99]
vlan
Vlan ID
[1-3999]
loopback
Loopback ID
[1-5]
bvi
Bridge interface
[1-255]
Default NA
Command Mode Privileged User
Example The following is an example of how this command can be used.
# configure data (config-data)# router ripng (conf-router)# route AAAtag deny 10
route-map This command sets up a route-map.
Syntax
- 863 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
route <rmap_name> in|out <ifname>
Command rmap_name in out
Description Defines the route map name. Defines the route map for input filtering. Defines the route map for output filtering.
Default NA
Command Mode Privileged User
Example The following is an example of how this command can be used.
# configure data (config-data)# router ripng (conf-router)# route AAAmap in vlan 2
timers basic This command configures timers in the RIPng protocol.
Syntax timers basic <routing_table_timer> <routing_timeout_timer> <garbage_collection_ timer>
Command
routing_table_ timer
routing_timeout_ timer
garbage_
Description
Defines the Routing Table Update Timer value in seconds. Range is 5-2147483647.
Defines the Routing Information Timeout Timer. Range is 065535.
Defines the Garbage Collection Timer. Range is 0-65535.
- 864 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command collection_timer
Description
Default The default Routing Table Update Timer value in seconds is 30. The default Routing Timeout Timer value in seconds is 180. The default Garbage Collection Timer.value in seconds is 120.
Command Mode Privileged User
Example This example updates the Routing Table Update Timer, Routing Timeout Timer, and Garbage Collection Timer.values to 50 seconds each.
# configure data (config-data)# router ripng (conf-router)# timers basic 50 50 50
redistribute bgp
This command redistributes routing information from bgp route entries into the RIPng tables. The no redistribute bgp disables the routes.
Syntax
redistribute bgp redistribute bgp metric <0-16> redistribute bgp route-map [route-map] no redistribute bgp
Command metric route-map
Description Defines the metric value (0 -16). Defines the pointer to route-map entries.
Default
- 865 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
NA
Command Mode Privileged User
Example This example redistributes bgp routes into the RIPng tables.
# configure data (config-data)# router ripng (conf-router)# redistribute bgp
redistribute kernel
This command redistributes routing information from kernel route entries into the RIPng tables. The no redistribute kernel disables the routes.
Syntax
redistribute kernel redistribute kernel metric <0-16> redistribute kernel route-map [route-map] no redistribute kernel
Command metric route-map
Description Defines the Metric value (0 -16). Defines the pointer to route-map entries.
Default NA
Command Mode Privileged User
Example This example redistributes IPv6 routing information from kernel route entries.
- 866 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
# configure data (config-data)# router ripng (conf-router)# redistribute kernel
redistribute ospf6
This command redistributes routing information from ospf6 route entries into the RIPng tables. The no redistribute ospf6 command disables the routes.
Syntax
redistribute ospf6 redistribute ospf6 metric <0-16> redistribute ospf6 route-map [route-map] no redistribute ospf6
Command metric route-map
Description Defines the metric value (0 -16). Defines the pointer to route-map entries.
Default NA
Command Mode Privileged User
Example This example redistributes ospf6 routes into the RIPng tables.
# configure data (config-data)# router ripng (conf-router)# redistribute ospf6
redistribute static This command redistributes routing information from static route entries into the RIPng tables. The no redistribute static command disables the routes.
Syntax
- 867 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
redistribute static redistribute static metric <0-16> redistribute static route-map [route-map] no redistribute static
Command metric route-map
Description Defines the metric value (0 -16). Defines the pointer to route-map entries.
Default NA
Command Mode Privileged User
Example This example redistributes routing information from static route entries.
# configure data (config-data)# router ripng (conf-router)# redistribute static
Virtual Routing and Forwarding (VRF) Commands
These commands implement dynamic routing protocols (BGP, OSPF, PIM, and RIP) with Virtual Routing and Forwarding (VRF) tagging. One BGP, one OSPF, one PIM, and one RIP protocol can be enabled per VRF table. Up to five dynamic routing protocols can be enabled in all defined VRF tables.
ip vrf
This command enables a dynamic routing protocol on a VRF.
Syntax
ip vrf <vrf-name> {enable bgp|ospf|pim|rip] no ip vrf <vrf-name>
- 868 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Command vrf-name
Description Defines the VRF name (up to 64 bytes).
Default NA
Note Up to 32 VRF's may be defined. A VRF which is associated with interfaces cannot be deleted (need first to disassociate the
interfaces).
Command Mode Privileged User
Related Commands ip route vrf, ip vrf forwarding, show ip vrf
Example This example defines a VRF called XXIP.
(config-data)# ip vrf XXIP
ip vrf forwarding This command associates an interface with a given vrf.
Syntax ip vrf forwarding <string> no ip vrf forwarding
Command string
Description Defines the VRF name.
Default Interface is not associated with vrf.
- 869 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Note This command is supported on all MSBR devices. The maximum number of interfaces per vrf is 20. The following interfaces are supported:
GigabitEthernet cellular gre ipip atm pppoe multilink vlan
Command Mode Privileged User
Related Commands ip vrf, show ip vrf
Example This example associate interface VLAN 4 with vrf data:
# configure data (config-data)# interface vlan 4 (conf-if-VLAN 4)# ip vrf forwarding data
ip route vrf The command adds a static route into a VRF.
Syntax The syntax of this command can include several interface types. The most common are as follows:
- 870 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
ip route vrf <vrf table name> <ip address> <prefix mask> [gw ip address] ifname <slot/port.VlanId> [metric value] [track <track id>] [bfd-neighbor <neighbor ID>] [output-vrf <name>] [description <string>]
This syntax describes a route that depends also on the source prefix of the packets:
ip route vrf <VRF name> source <IP source prefix>|local-voip destination <IP destination prefix> [<gateway>] <interface type> <interface ID> [<metric value>] [track <track ID>] [output-vrf <name>] [description <string>]
Command
Description
vrf table name
Defines the VRF table name.
IP source prefix or local-voip
Defines the IP source prefix (a.b.c.d/p). MSBR in single network mode can also be set with local-voip to define the route source address to all VoIP packets generated locally by the MSBR
IP destination prefix
Defines the IP destination prefix (a.b.c.d/p).
metric value
Defines the metric value for this route (0-255).
track
Defines the track to be used for this route.
track id
Defines the Track ID (1-100).
output-vrf
Adds the ability to route traffic received by one VRF from some other VRF. It is configured with the output-vrf option added to the static route configuration.
description Defines the description.
bfdneighbor
Defines the ID of a BFD neighbor to attach the route to.
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
Interface ID [SLOT/PORT.VLANID]
- 871 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
cellular gre ipip l2tp pppoe pptp vlan loopback bvi
Interface Type (ifname) Cellular interface ID Tunnel GRE ID Tunnel IPIP ID L2TP ID PPPoE interface ID PPTP ID Vlan ID Loopback ID Bridge interface
Interface ID 0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default N/A
Note A route that points to an interface that is not associated with the given vrf will be disabled.
Command Mode Privileged User
Related Commands ip vrf, show ip route vrf, show data ip
Example This example route packets received by vrf VOIP1, with destination prefix 10.4.0.0 from interface gi 0/0 (which belongs to vrf VOIP2) to the next hop 10.5.0.1:
(config-data)# ip route vrf VOIP1 10.4.0.0 255.255.0.0 10.5.0.1 gi 0/0 output-vrf VOIP2
- 872 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
GRE and IPIP Tunnel Interface Commands
The section describes the GRE and IPIP Tunnel Interface commands.
interface gre|ipip
This command enters a specific WAN tunnel interface configuration. Use the no form of this command to delete the interface.
Syntax interface gre <greID> interface ipip <ipipID>
Command greID ipipID
Description Assigns a gre tunnel interface id in the range of 1-255. Assigns an ipip tunnel interface id in the range of 1-255.
Default NA
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example enters a gre id 6 tunnel interface configuration:
(config data)# interface gre 6
napt
This command sets the NAPT (Network Address Port Translation) on the specified tunnel interface. Use the no form of this command to set route mode.
Syntax
- 873 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
napt
Default By default, napt is used.
Command Mode Privileged User
Example This example sets the NAPT on GRE 6.
# configure data (config-data)# interface gre 6 (conf-if-GRE 6)# napt
ip address
This command defines the local IP address of the specified tunnel interface. Use the no form of this command to remove a configured IP address.
Syntax ip address <ip address>
Command
Description
ip
Specifies a valid IPv4 address. IP addresses should be expressed in dotted
address decimal notation (for example, 10.1.2.3).
Default NA
Command Mode Privileged User
Example This example configures the IP address of 10.4.2.3 on interface GRE 6.
- 874 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
# configure data (config-data)# interface gre 6 (conf-if-GRE 6)# ip address 10.4.2.3
tunnel destination
This command defines the destination IP address of the specified tunnel interface. Use the no form of this command to remove a configured IP address.
Syntax tunnel destination <ip address>
Command
Description
ip
Specifies a valid IPv4 address. IP addresses should be expressed in dotted
address decimal notation (for example, 10.1.2.3).
Default NA
Command Mode Privileged User
Example This example configures the tunnel destination IP address of 10.4.2.50 on interface GRE 6.
(config-data)# interface gre 6 (conf-if-GRE 6)# tunnel destination 10.4.2.50
GARP Commands
This section describes the GARP commands.
garp timer
This command configures the GARP timer.
Syntax
- 875 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
garp timer <Time>
Command timer
Description Defines the time in seconds (1-3600, default is 60).
Default 60 (seconds)
Note This command is applicable only to data-router functionality. This command is applicable only to Gigabit Ethernet and fiber WAN interfaces (VLAN 1
only).
Command Mode Privileged User
Related Commands garp enable
Example This example configures the GARP timer to 6 seconds:
(config data)# garp timer 6
garp enable
This command enables GARP per interface.
Syntax garp enable no garp enable
Default Disabled
- 876 -
CHAPTER 77 Layer-3 Commands
MSBR | CLI Reference Guide
Note This command is applicable only to data-router functionality. This command is applicable only to Gigabit Ethernet and fiber WAN interfaces (VLAN 1
only).
Command Mode Privileged User
Related Commands garp timer
Example This example enables the GARP timer on the Gigabit 0/0 WAN interface:
(config-data)# interface gigabitethernet 0/0 (conf-if-GE 0/0)# garp enable
- 877 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
78 Security
The following describes Security commands.
ip synflood-protection
This command enables TCP SYN-flood protection.
Syntax ip synflood-protection {enable|rate}
Command enable rate
Description Enables this command. Defines the rate The rate (your number is multiples by ten)
Default NA
Command Mode Privileged User
Example This example enables TCP SYN-flood protection.
(config-data)# ip synflood-protection enable
web-restrict
This command blocks hostnames (Websites). You can block up to 100 hostnames.
Syntax web-restrict <Hostname>
Default NA
- 878 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example blocks access to the Website "google.com".
(config-data)# web-restrict google.com
VPN Commands
The following describes VPN commands.
IPSec (crypto)
The sub-section below describes the IPSec commands.
crypto isakmp identity
This command configures the local identity, which is used by the peers to identify each other during ISAKMP negotiations for the IKEv2 tunnel.
Syntax crypto isakmp identity [address|email|fqdn]
address
Command
email
fqdn
Description
Defines the identity as an IP address in dotted-decimal notation.
Defines (string) the identity as a fully qualified email address.
Defines (string) the identity as an FQDN.
Command Mode Enabled configuration mode.
Example This example configures a local identity by FQDN.
- 879 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
(config-data)# crypto isakmp identity fqdn abc.com
crypto isakmp keepalive
This command configures keep-alive settings for the IPSec tunnel.
Syntax crypto isakmp keepalive
Command
Description
retryinterval
Defines the dead peer keep-alive retry-interval in seconds (default is 50 sec).
threshold
Defines the time in seconds after which the device considers itself "dead" (default is 100 sec). The threshold should be a multiple of the retryinterval. For example, if you configure the retry-interval to 60 seconds, then configure the threshold to 120.
Command Mode crypto isakmp key are defined in enabled configuration mode.
Example This example defines a keep-alive retry interval of 60 seconds, and a threshold of 120 seconds after which the device considers itself "dead".
(config-data)# crypto isakmp keepalive retry-interval 60 (config-data)# crypto isakmp keepalive threshold 120
crypto isakmp key
This command, when used in global configuration mode, configures a preshared authentication key. To delete a preshared authentication key, use the no form of this command.
Syntax
crypto isakmp key <key-string> address <peer-address> no crypto isakmp key <key-string> address <peer-address>
- 880 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Command
Description
<keystring>
Specifies the preshared key. Use any combination of alphanumeric characters up to 20 bytes. This preshared key must be identical at both peers.
address Use this keyword if the remote peer Internet Security Association Key Management Protocol (ISAKMP) identity was set with its IP address.
peer- Specifies the IP address of the remote peer. address
Default There is no default preshared authentication key.
Command Mode crypto isakmp key are defined in enabled configuration mode.
Example This example defines a key to a peer ip.
(config-data)# crypto isakmp key 123456 address 100.100.100.2
crypto isakmp policy
This command, when used in global configuration mode, defines an Internet Key Exchange (IKE) policy. IKE policies define a set of parameters to be used during the IKE negotiation. To delete an IKE policy, use the no form of this command. This command invokes the Internet Security Association Key Management Protocol (ISAKMP) policy configuration (config-isakmp) command mode. While in the ISAKMP policy configuration command mode, some of the commands for which you can specify parameters, are as follows: encryption hash authentication group lifetime ike To exit config-isakmp command mode, type `exit'.
- 881 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
You can configure multiple IKE policies on each peer participating in IPSec. When the IKE negotiation begins, it tries to find a common policy configured on both peers.
Syntax
crypto isakmp policy <id> no crypto isakmp policy <id>
Command id
Description Uniquely identifies the IKE policy
This command puts you into the config-isakmp command mode.
(config-isakmp)# authentication <authentication method> (config-isakmp)# encryption <encryption algorithm> (config-isakmp)# hash <authentication algorithm> (config-isakmp)# lifetime <second> (config-isakmp)# group {1|2|3}
Command
Description
authentication {pre- Specifies the authentication method. share| rsa-sig}
encryption {3des|aes|des}
Specifies the encryption algorithm within an IKE policy.
3des: Defines ESP with the 168-bit DES encryption algorithm (3DES or Triple DES).
aes {128|192|256}: Defines ESP with the 128-bit, 192-bit, or 256-bit AES encryption algorithm
des: Defines ESP with the 56-bit DES encryption algorithm.
group {1|14|15|16|2|5}
Specifies the Diffie-Hellman group identifier within an IKE policy.
hash {md5| sha|sha256}
Specifies the hash algorithm within an IKE policy.
md5: Defines MD5 with the SHA (HMAC variant) authentication algorithm
sha: Defines ESP with the SHA (HMAC variant) authentication algorithm
sha256: Defines ESP with the 256-bit SHA
- 882 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Command
ike {v1|v2} lifetime <seconds>
Description (HMAC variant) authentication algorithm Defines the Internet Key Exchange (IKE) version. Specifies the lifetime of an IKE SA.
Default This command has no defaults.
Command Mode crypto isakmp key are defined in enabled configuration mode.
Example This example demonstrates how to configure an IKE policy:
(config-data)# crypto isakmp policy 50 (config-isakmp)# encryption aes 128 (config-isakmp)# authentication pre-share (config-isakmp)# hash sha (config-isakmp)# group 2 (config-isakmp)# ike v1 (config-isakmp)# lifetime 3600
crypto ipsec profile
This command configures an IPSec policy profile. To delete a IPSec policy profile, use the no form of this command.
Syntax
crypto ipsec profile <profile name> no crypto ipsec profile
Command profile name
Description Defines the profile name.
Command Mode
- 883 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
The crypto isakmp key is defined in enabled configuration mode.
Example This example configures an IPSec policy profile.
(config-data)# crypto ipsec profile p1name
crypto ipsec transform-set
This command, when used in global configuration mode, defines a transform set as acceptable combination of security protocols and algorithms for IPSec encapsulating security payload (ESP). To delete a transform set, use the no form of this command.
Syntax
crypto ipsec transform-set <transform-set-name> <transform> <transform> no crypto ipsec transform-set <transform-set-name>
Command
Description
transform- Specifies the name of the transform set to create (or modify). set-name
transform
Specifies two "transforms". These transforms define the IPSec security protocols and algorithms. Accepted transform values are described in the "transform table".
Transform Type
ESP Encryption Transform
Transform
Description
esp-des Defines ESP with the 56-bit DES encryption algorithm.
esp3des
Defines ESP with the 168-bit DES encryption algorithm (3DES or Triple DES).
esp-aes Defines ESP with the 128-bit AES encryption algorithm.
espnull
Defines null encryption algorithm.
- 884 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Transform Type Transform
Description
ESP Authentication Transform
espmd5hmac
Defines ESP with the MD5 (HMAC variant) authentication algorithm.
espshahmac
Defines ESP with the SHA (HMAC variant) authentication algorithm.
AH Transform
ah-md5- Defines AH with the MD5 (HMAC variant)
hmac
authentication algorithm.
ah-sha- Defines AH with the SHA (HMAC variant)
hmac
authentication algorithm.
This command puts you into the cfg-crypto-trans command mode
(cfg-crypto-trans)# mode <encapsulation-type>
Command
Description
encapsulationtype
Specifies the mode for a transform set: either tunnel or transport mode. If neither tunnel nor transport is specified, the default (tunnel mode) is assigned.
Default This command has no defaults.
Command Mode crypto ipsec transform-set are defined in enabled configuration mode.
Example This example demonstrates how to configure a transform set:
(config data)# crypto ipsec transform-set abc esp-3des esp-sha-hmac
crypto map
To create or modify a crypto map entry and enter the crypto map configuration mode, use the crypto map global configuration command. To delete a crypto map entry or set, use
- 885 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
the no form of this command.
Syntax crypto map <map-name> <index> ipsec-isakmp no crypto map <map-name> <index> ipsec-isakmp
Command map-name
Description Name that identifies the crypto map set
index
Uniquely number assigned to a crypto map entry
This command puts you into the config-crypto-map command mode:
(config-crypto-map)# set peer <peer-ip> (config-crypto-map)# set transform-set <set-name> (config-crypto-map)# set pfs {group1|group2|group5|same} (config-crypto-map)# set security-association lifetime seconds <#> (config-crypto-map)# match address <acl-name>
Command
Description
peer-ip
Specifies an IPSec peer in a crypto map entry.
set-name
Specifies which transform sets can be used with the crypto map entry. The set-name will be compare with all transform-sets prefix
group1|group2| group5|same
Specifies that IPSec should ask for PFS when requesting new SAs for this crypto map entry, or that IPSec requires PFS when receiving requests for new SAs:
group1 - Diffie-Hellman group 1
group2 - Diffie-Hellman group 2
group5 - Diffie-Hellman group 5
same - Same Diffie-Hellman group as phase 1
#
Specifies the lifetime of an IPSec SA.
acl-name
Specifies an extended access list for a crypto map entry. Only the first entry in the access list will be considered.
Default
- 886 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
IPSec SA lifetime default is 28800 seconds.
Command Mode crypto map defined in enabled configuration mode.
Example This example demonstrates how to configure a crypto map:
(config data)# crypto map LAN_VPN 20 ipsec-isakmp
L2TP and PPTP Tunnel Interface Commands
The following describes the L2TP and PPTP Tunnel Interface commands.
description
This command sets the description on the specified tunnel interface.
Syntax description <string>
Command
Description
string Specifies the interface description using an alphanumerical string (up to 255 characters).
Default NA
Note Use inverted commas when using the space character as part of the description. The string is limited to 255 characters.
Command Mode Privileged User
Example This example sets the description on L2TP 3.
- 887 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
(conf-if-L2TP 3)# description L2TP 3 interface
firewall enable
This command enables the firewall protection on the specified tunnel interface. Use the no form of this command to disable the firewall.
Syntax firewall enable
Default By default, firewall is enabled.
Command Mode Privileged User
Example This example enables the firewall on l2tp.
# configure data (config-data)# interface l2tp 1 (conf-if-L2TP 6)# firewall enable
lcp-echo
This command configures the interface echo parameters. The echo is needed to keep the fw state alive, otherwise it is deleted after two minutes idle time and the connection will be blocked. This configuration will make ppp discover broken link in (interval x fails) seconds.
Syntax lcp-echo <interval> <fails>
Command
Description
interval Defines the interval in seconds (default value is 6 seconds).
fails
Defines the number of failed intervals to discover broken link (default value is 5 intervals).
- 888 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Default NA
Command Mode Privileged User
Examples: This example sets the echo interval and fails parameters to 10 and 5 respectively on L2TP 6:
(conf-if-L2TP 6)# lcp-echo 10 5
interface l2tp|pptp
This command enters a specific WAN ppp tunnel interface configuration. Use the no form of this command to delete the interface.
Syntax
interface l2tp <ID> interface pptp <ID>
Command ID
Description Assigns the tunnel interface id in the range of 0-99.
Default NA
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example enters an l2tp id 5 tunnel interface configuration:
- 889 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
(config data)# interface l2tp 5
mtu
This command configures the interface Maximum Transmission Unit (MTU) on the specified tunnel interface.
Syntax
mtu auto mtu <mtu value>
Command auto value
Description Sets MTU automatically. Sets MTU value in the range of 68 to 1500.
Default MTU is set to auto (usually 1476).
Command Mode Privileged User
Example This example sets the MTU value to 770 bytes on l2tp 6.
(conf-if-L2TP 6)# mtu 770
napt
This command sets the NAPT (Network Address Port Translation) on the specified tunnel interface. Use the no form of this command to set route mode.
Syntax napt
Default
- 890 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
By default, NAPT is used.
Command Mode Privileged User
Example This example sets napt on l2tp 6.
(conf-if-L2TP 6)# napt
ppp user
This command defines the ppp username and password on the specified tunnel interface.
Syntax ppp user <username> pass <password>
Command username password
Description Defines the ppp username. Defines the ppp password.
Default NA
Command Mode Privileged User
Example This example sets the username and password on interface l2tp 6.
(conf-if-L2TP 6)# ppp user admin pass 1234
ppp authentication pap|chap|ms-chap|ms-chap-v2
This command enables several authentication protocols on the ppp protocol of the specified tunnel interface. Use the no form of this command to disable a specific authentication
- 891 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
protocol.
Syntax
ppp authentication pap ppp authentication chap ppp authentication ms-chap ppp authentication ms-chap-v2
Command pap chap ms-chap ms-chapv2
Description Defines the Password Authentication Protocol. Defines the Challenge Handshake Authentication Protocol. Defines the Microsoft Challenge Handshake Authentication Protocol. Defines the Microsoft Challenge Handshake Authentication Protocol Version 2.
Default By default, all protocols are enabled.
Command Mode Privileged User
Example This example disable the pap protocol on interface l2tp 3.
(conf-if-L2TP 3)# no ppp authentication pap
shutdown
This command disables the specified interface. Use the no form of this command to enable the interface.
Syntax shutdown no shutdown
No arguments exist for this command.
- 892 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Default When creating a new interface, it is disabled by default.
Command Mode Privileged User
Example This example enables L2TP 3.
# configure data (config data) # interface l2tp 3 (conf-if-L2TP 3)# no shutdown
tunnel destination
This command defines the end point host/ip address of the specified tunnel interface. Use the no form of this command to remove a configured IP address.
Syntax tunnel destination <host name>
Command
Description
host name
Specifies a host name or a valid IPv4 address. IP addresses should be expressed in dotted decimal notation (for example, 10.1.2.3).
Default NA
Command Mode Privileged User
Example This example configures the tunnel destination IP address of 10.4.2.50 on interface PPTP 6.
(conf-if-PPTP 6)# tunnel destination 10.4.2.50
- 893 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
l2tp-server
This command defines the L2TP VPN server.
Syntax l2tp-server
Command Mode Privileged User
Example This example defines the L2TP VPN server:
(config data)# l2tp-server no ppp encryption
ip range 192.168.0.70 192.168.0.80 ipsec key 123456 no shutdown exit
pptp-server
This command enables the Point-to-Point Tunneling Protocol (PPTP) VPN server.
Syntax pptp-server
Command Mode Privileged User
Example This example defines the L2TP VPN server:
(config data)# pptp-server
- 894 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
vpn-users
This command defines a VPN user.
Syntax vpn-users
Command Mode Privileged User
Example This example defines a VPN user:
(config data)# vpn-users (conf-vpnusers)user tom pass testpass
Port Security based on MAC Address
The following provides support for port access security based on MAC address. Only clients whose MAC addresses are defined for the device's port interface are allowed access to the port.
authentication static
This command defines a MAC address to allow access to one of the device's interfaces.
Syntax
# authentication static [mac <MAC address as xx:xx:xx:xx:xx:xx>|auto] # no authentication static [mac <MAC address as xx:xx:xx:xx:xx:xx>|auto]
Command
Description
auto
Enables the device to authorize the first MAC address to access the Ethernet port.
Note This command is applicable only to data-router functionality.
- 895 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example defines a MAC address to allow access to one of the device's interfaces:
(config-data)# interface GigabitEthernet 0/1 (config-if-GE 0/1)# authentication static mac 01:23:45:67:89:ab
Access Control List (ACL) Commands
The following describes ACL commands.
access-list
Access lists are used in several system components for classifying IP traffic based on parameters such as addresses, protocols and ports. The primary usage of access lists is for filtering unwanted traffic on the system's interfaces. Access list processing is sequential; for each traffic flow, the list is scanned from the top until a matching rule is found. When configuring an access list, rules should be entered in appropriate order. To attach an access list to an IP interface, see the "access-group" command documentation. To remove an access list, use the "no" format of the command.
Syntax
access-list <acl-id> {permit|deny} <protocol> <source-selector> <dest-selector> <options> <options>
For compatibility purposes, access lists numbered 1-99 and 1300-1999 are defined as limited ("basic") access lists. These access lists cannot contain protocol and port definitions.
Command
Description
acl-id
Defines the Access List name identifier for this access list. It can be a number or a name.
permit|deny
Defines the access to the packet: permit - Allows access to packets that match the criteria defined. deny - Blocks access to packets that match the source and destination IP addresses and service ports defined.
- 896 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Command protocol
sourceselector destselector
dscp options
Description
Defines a traffic protocol:
tcp
udp
icmp
igmp
esp
ah
gre
ip
ip protocol number [0 255]
Defines the source address and destination address of packets sent or received by the device. Select an address or a name from the list to apply the rule on the corresponding host, or Any to apply the rule on all the device's LAN hosts. Select traffic by IP addresses and ports, in one of the following formats: any - Defines all traffic. host a.b.c.d - Defines Traffic to/from single host, specified by the IP address. When an access list (see configure data > access-list) is created for management using the protocols SNMP, Telnet, SSH or CWMP, it is possible to use a DNS name instead of an IP address. In this case, an FQDN can be configured for the host. local- Defines the Local IP address. a.b.c.d - Traffic to/from a subnet, specified by an IP address and a mask (e.g., 0.0.255.255). Note: The eq and range parameters are only used if <protocol> is set to "tcp" or "udp". eq <port> - Defines traffic to/from a single port. range <start> <end> - Defines traffic to/from multiple ports, specified by range. If the port selector is not defined, the rule will match all ports.
The following options can be used: dscp - Match by Differentiated Services Code Point value and mask.
- 897 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Command options
Description
Defines the packets by matching the Differentiated Services Code Point (DSCP) field of the IP header. The format of this option is: dscp <c> mask <m> The packet's DSCP value is compared to <c> under bit mask <m> (both must be specified in hexadecimal). For example: dscp 10 mask 3F established -Accepts connections. stateless - Accepts packets. log - Logs matches. precedence - Matches by IP Precedence value (0 high 7 low) Note: "precedence" is applicable to MSBR devices Mediant 500, Mediant 500L and Mediant 800.
Defines one or more of the following options:
stateless: Traffic matching is stateless, i.e., it does not keep track of the connection state.
log: Traffic matching this rule will be logged.
established -Accepts connection
Default The default access list behavior is "deny", i.e. if a flow doesn't match any of the rules it is assumed to be unwanted traffic.
Related Commands SNMP Community strings can be associated with an ACL rule using the snmp-acl command.
Command Mode Privileged User
Example This example defines an access list which allows all TCP connections originating in a full subnet, with the exception of a single host:
(config-data)# access-list 2001 deny tcp host 10.31.4.50 any (config-data)# access-list 2001 permit tcp 10.31.0.0 0.0.255.255 any stateless
- 898 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
ip access-list extended
This command provides support for assigning an extended IP access-list number.
Syntax ip access-list extended <access list id>
Command
access list id
Description Defines the extended IP access-list number. The range is 100-9999.
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example defines an extended Access List with an access list number ID.
(config-data)# ip access-list extended 18
ip access-list standard
This command provides support for assigning a sequence number (ID) to an IP Access List rule and re-sorting the order of rules within an Access List.
Syntax ip access-list standard <access list id>
Command
Description
access list id Defines the standard IP access-list number. The range is 1-99.
Note This command is applicable only to data-router functionality.
- 899 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example defines an Access List with an access list number ID.
(config-data)# ip access-list standard 18
<rule id> deny|permit
This command defines a rule with a rule number for the Access List.
Syntax <rule id> {permit|deny} <rule options... >
Command rule id
Description Defines the Rule ID. The range is 1 to 2147483647.
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example defines a rule with a rule number for the Access List.
(config-data)# ip access-list standard 1 (config-std-nacl)# 1 permit any
ip access-list resequence
This command re-sequences rule numbering of a specific Access List.
Syntax
- 900 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
ip access-list resequence <access list id> <starting rule number> <step increment>
Command access list id
Description Defines the Starting Rule Number. The range is 1-2147483647.
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example shows a configuration of Access List ID 1 with two rules (numbers 10 and 20):
(config-data)# ip access-list standard 1 (config-std-nacl)# 10 permit any (config-std-nacl)# 20 permit host 3.3.3.3
To change the order of the rules so that the first rule is assigned number 100 and subsequent rules are assigned numbers incremented by 50:
(config-data)# ip access-list resequence 1 100 50
To view the rules and their changed sequence numbers:
# show data access-lists ... Standard IP access list 1 1 100 permit any (0 matches) 1 150 permit host 3.3.3.3 (0 matches)
ip access-group
This command associates an access list with an IP interface. Refer to the "access-list" command documentation for more information. To remove an access list association, use the no format of the command.
Syntax
- 901 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
ip access-group <acl-id> in ip access-group <acl-id> out no ip access-group <acl-id>
Command <acl-id> in out
Description Identifies the access list to use (number or name). The access list will control inbound traffic on the interface. The access list will control outbound traffic on the interface.
Default The default setting for IP interfaces is no access-group, i.e. unlimited traffic.
Command Mode This command is issued in interface context.
Example This example associates an access list with a VLAN interface:
(conf-if-VLAN 1)# ip access-group 2001 in
Firewall Commands
The following describes the Firewall commands.
firewall enable
This command enables the firewall protection on the specified tunnel interface. Use the no form of this command to disable the firewall.
Syntax firewall enable
Default By default, firewall is enabled.
- 902 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Command Mode Privileged User
Example This example enables the firewall on GRE 6.
# configure data (config-data)# interface gre 6 (conf-if-GRE 6)# firewall enable
mtu
This command configures the interface Maximum Transmission Unit (MTU) on the specified tunnel interface.
Syntax
mtu auto mtu <mtu value>
Command auto mtu value
Description Sets MTU automatically. Sets MTU value. Range is between 68 and 1500.
Default By default, MTU is set to auto (usually 1476).
Command Mode Privileged User
Example This example sets the MTU value to 770 bytes on GRE 6.
# configure data (config-data)# interface gre 6 (conf-if-GRE 6)# mtu 770
- 903 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
desc
This command sets the description on the specified tunnel interface.
Syntax desc <string>
Command
Description
string Specifies the interface description using an alphanumerical string (up to 255 characters).
Default NA
Note Use inverted commas when using the space character as part of the description. The string is limited to 255 characters.
Command Mode Privileged User
Example This example sets the description on GRE 6.
# configure data (config-data)# interface gre 6 (conf-if-GRE 6)# desc gre 6 interface
shutdown
This command disables the specified tunnel interface. Use the no form of this command to enable the interface.
Syntax
shutdown no shutdown
- 904 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
No arguments exist for this command.
Default When creating a new interface, it is disabled by default.
Command Mode Privileged User
Example This example enables GRE 6.
# configure data (config-data)# interface gre 6 (conf-if-GRE 6)# no shutdown
NAT Commands
The following describes NAT commands.
ip nat inside source static
NAT port-forwarding exposes a LAN service (IP address and port) to WAN users. The command creates a static translation rule, which maps a WAN port (on one or all WAN interfaces) to a LAN service.
To remove a port-forwarding rule, use the no format of the command.
Syntax
ip nat inside source static {tcp|udp} <lan-ip> <lan-port> <wan-ip> <wan-port> ip nat inside source static {tcp|udp} <lan-ip> <lan-port> <wan-ip> range <wan-portstart> <wan-port-end> ip nat inside source static {tcp|udp} <lan-ip> <lan-port> <if-name> <wan-port> ip nat inside source static {tcp|udp} <lan-ip> <lan-port> <if-name> range <wanport-start> <wan-port-end> ip nat inside source static {tcp|udp} <lan-ip> same <wan-ip> <wan-port> ip nat inside source static {tcp|udp} <lan-ip> same <wan-ip> range <wan-portstart> <wan-port-end> ip nat inside source static {tcp|udp} <lan-ip> same <if-name> <wan-port> ip nat inside source static {tcp|udp} <lan-ip> same <if-name> range <wan-portstart> <wan-port-end> ip nat inside source static ip <lan-ip> <wan-ip>
- 905 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
ip nat inside source static ip <lan-ip> <if-name> ip nat inside source static gre <lan-ip> <wan-ip> ip nat inside source static {tcp|udp} <lan-ip> <lan-port> <wan-ip> <wan-port> same <if-name> <wan-port> match <access list name>
Command
Description
tcp
Defines forwarding for a TCP port.
udp
Defines forwarding for a UDP port.
lan-ip Defines the IP address of LAN service host.
same
Sets the LAN port the same as the WAN port.
lanport
Defines the port number (1-65535) of the LAN service.
match
Applies an access list rule to the NAT port forwarding rule. For configuring access list (ACL), use the command: (config-data)# access-list
wan-ip Defines the WAN interface for this rule. Specify the IP address or 0.0.0.0 for all WAN interfaces.
wanport
Defines the port number on WAN interface.
range Performs port forwarding on a range of ports, rather than a single port.
aclname
Access-list defining the LAN hosts affected by the NAT rule.
ifname
WAN interface name and index, to which NAT will be performed.
poolname
IP address pool to be used on the WAN interface.
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
Interface ID [SLOT/PORT.VLANID]
- 906 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
cellular gre ipip l2tp pppoe pptp vlan loopback bvi
Interface Type (ifname) Cellular interface ID Tunnel GRE ID Tunnel IPIP ID L2TP ID PPPoE interface ID PPTP ID Vlan ID Loopback ID Bridge interface
Interface ID 0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default No port forwarding.
Command Mode Privileged User
Example The following example defines a port forwarding rule:
(config-data)# ip nat inside source static tcp 192.168.0.7 80 0.0.0.0 8080
The following example defines a port forwarding rule and applies an access list rule:
(config-data)# ip nat inside source static tcp 192.168.0.16 same gigabitethernet 0/0 8080 match PF-ACL
ip nat inside source static list
The command creates static NAT entries for LAN hosts. In this case, an access-list is used to define the LAN devices and an IP address pool defines the WAN addresses to be used.
Syntax
- 907 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
ip nat inside source list <acl-name> interface <if-name> ip nat inside source list <acl-name> interface <if-name> pool <pool-name> ip nat inside source list <acl-name> interface <if-name> pool <pool-name> port <wan-port-start> <wan-port-end>
Command
Description
tcp
Defines forwarding for a TCP port.
udp
Defines forwarding for a UDP port.
lan-ip Defines the IP address of LAN service host.
same
Sets the LAN port the same as the WAN port.
lanport
Defines the port number (1-65535) of the LAN service.
wan-ip Defines the WAN interface for this rule. Specify the IP address or 0.0.0.0 for all WAN interfaces.
wanport
Defines the port number on WAN interface.
range Performs port forwarding on a range of ports, rather than a single port.
aclname
Access-list defining the LAN hosts affected by the NAT rule.
ifname
WAN interface name and index, to which NAT will be performed.
poolname
IP address pool to be used on the WAN interface.
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255]
- 908 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
ipip l2tp pppoe pptp vlan loopback bvi
Interface Type (ifname) Tunnel IPIP ID L2TP ID PPPoE interface ID PPTP ID Vlan ID Loopback ID Bridge interface
Interface ID [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default No NAT rules are defined.
Command Mode Privileged User
Example The following example defines a port forwarding rule:
(config-data)# ip nat inside source list NAT-ACL-NAME interface GigabitEthernet 0/0
ip nat inside destination
This command defines a load-balancing configuration, where several LAN hosts are handling access requests from the WAN. To remove the NAT configuration, use the no format of the command.
Syntax ip nat inside destination <ip-addr> port <port-num> pool <pool-name>
Command
Description
ip-
Defines the global IP address (WAN side).
- 909 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Command
Description
addr
portnum
Defines the port number on the WAN IP address.
poolname
Defines the LAN hosts pool, which must be configured with the "ip nat pool <pool-name> rotary" command.
Default No NAT rules are defined.
Command Mode Privileged User
Example This example defines a NAT setup where a number of LAN hosts are handling requests to a single WAN port:
(config-data)# ip nat inside destination 212.36.145.5 port 8000 pool lanpool
ip nat pool
This command defines a collection of IP addresses to be used for NAT purposes. To remove a pool, use the no format of the command.
Syntax ip nat pool <pool-name> <start-ip> <end-ip> ip nat pool <pool-name> <start-ip> <end-ip> rotary
Command
Description
poolname
Defines the name of the pool.
start- Defines the starting IP address of the NAT address pool. ip
- 910 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Command
Description
end-ip Defines the last IP address of the NAT address pool.
rotary Indicates that the pool refers to LAN hosts participating in a load-balancing scheme. See "ip nat inside destination" for additional information.
Default No NAT pools are defined.
Command Mode Privileged User
Example This example defines a NAT pool consisting of one global IP address:
(config-data)# ip nat pool scarlet 212.34.156.1 212.34.156.1
ip nat translation
This command controls the life-time of dynamic NAT translations.
Syntax
ip nat translation udp-timeout <seconds> ip nat translation tcp-timeout <seconds> ip nat translation icmp-timeout <seconds>
Command
Description
<seconds> Defines the number of seconds after which an idle NAT translation will expire.
Default By default, UDP timeout is 120 seconds; TCP timeout is 432000 seconds (5 days); ICMP timeout is 6 seconds.
Command Mode Privileged User
- 911 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Example This example defines the lifetime of idle UDP connections:
(config-data)# ip nat translation udp-timeout 360
802.1x LAN Port-based Authentication Commands
The 802.1x commands provide the support for functioning as an IEEE 802.1X authenticator. IEEE 802.1X (EAP-over-LAN, or EAPOL) is a standard for port-level security on secure Ethernet switches (wired or wireless). When equipment is connected to a secure port, no traffic is allowed until the identity of the equipment is authenticated.
dot.1x lan-authentication enable
This command enables 802.1X LAN port authentication. The no version of this command disables the command.
Syntax dot1x lan-authentication enable no dot1x lan-authentication enable
Command Mode Privileged User
Example This example enables 802.1 X LAN port authentication.
(config-data)# dot1x lan-authentication enable
dot1x radius-server
This command defines the RADIUS server for 802.1X authentication.
Syntax dot1x radius-server host <a.b.c.d> auth-port <UDP port> key <shared secret value> dot1x radius-server host <a.b.c.d> auth-port <UDP port> obscured-key <shared
- 912 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
secret value> dot1x radius-server local
Command a.b.c.d UDP port shared secret value key obscured-key
Description Defines the RADIUS server IP address. Defines the UDP port to use. Defines the shared secret value string. Defines a shared secret. Copies a shared secret from existing configuration.
Command Mode Privileged User
Example This example defines an external RADIUS server.
(config-data)# dot1x radius-server host 10.3.4.250 auth-port 1812 key 123456
dot1x reauth-time
This command enables each port to be re-authenticated after a user-defined interval (in seconds), following a successful authentication.
Syntax dot1x reauth-time <seconds>
Command seconds
Description Defines the time to re-authenticate, in seconds.
Command Mode Privileged User
Example
- 913 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
This example defines the time to re-authenticate in 3600. (config-data)# dot1x reauth-time 3600
authentication dot1x
This command determines which client (based on MAC address) is allowed through a specific port after 802.1X authentication succeeds.
Syntax authentication dot1x {single-host|multi-host}
Command
Description
singlehost
Allows only the MAC address that successfully passed 802.1x authentication.
multi-host Any MAC address is allowed after 802.1x authentication succeeds.
Note The command is relevant for LAN interfaces only.
Command Mode Privileged User
Example The following is an example using this command.
(config-data)# interface GigabitEthernet 0/1 (conf-if-GE 0/1)# authentication dot1x single-host
802.1X On-board RADIUS Server Authentication Commands
The commands below provide support for an on-board RADIUS server that can be used for 802.1X wired (LAN) and wireless (Wi- Fi Protected Access II / WPA2) authentication. This supports both password-based authentication and certificate-based authentication.
dot1x local-user
This command defines the username and password.
- 914 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Syntax
# dot1x local-user <username> obscured-password <password text> # dot1x local-user <username> password <password text>
Command obscured-password password password text
Description Copy the password from an existing configuration. Enter password in plain text. Defines the actual password.
Command Mode Privileged User
Example This example defines the username and password.
(config-data)# dot1x local-user MD password 1234
interface dot11radio
This command defines the Wi-Fi interface.
Syntax # interface dot11radio <number>
Command Mode Privileged User
Example This example defines the Wi-Fi interface.
(config-data)# interface dot11radio 1
- 915 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
security 802.1x
This command enables on-board RADIUS server for 802.1X security.
Syntax # security 802.1x radius server local
Command Mode Privileged User
Example This example enables on-board RADIUS server for 802.1X security.
(config-data)# interface dot11radio 1 (config-if-dot11radio 1)# security 802.1x radius server local
security wpa
This command enables Wi-Fi security mode.
Syntax # security wpa mode 802.1x
Command Mode Privileged User
Example This example enables Wi-Fi security mode.
(config-data)# interface dot11radio 1 (config-if-dot11radio 1) # security wpa mode 802.1x
security mode
This command defines Wi-Fi security mode to WPA2.
- 916 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Syntax # security mode wpa2
Command Mode Privileged User
Example This example defines Wi-Fi security mode to WPA2.
(config-data)# interface dot11radio 1 (config-if-dot11radio 1)# security mode wpa2
no shutdown
This command enables the interface.
Syntax # no shutdown
Command Mode Privileged User
Example This example enables the interface.
(config-data)# interface dot11radio 1 (config-if-dot11radio 1)# no shutdown
Ethernet Commands
The following describes Ethernet commands.
ethernet l2tunnel
This command enables tunneling for different Layer-2 protocols.
- 917 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Syntax
# ethernet l2tunnel {cdp|dtp|hex <hex protocol>| lacp|lldp|pagp|pvstplus|stp|udld|vtp}
Command hex protocol cdp dtp hex lacp lldp pagp pvst-plus stp udld vtp
Description Hexadecimal protocol number Cisco Discovery Protocol Dynamic Trunking Protocol Ethernet protocol type in hexadecimal Link Aggregation Control Protocol Link Layer Discovery Protocol Port Aggregation Protocol Per-VLAN Spanning Tree Plus Spanning-Tree Protocol UniDirectional Link Detection VLAN Trunking Protocol
Command Mode Privileged User
Example This example enables tunneling for cdp.
(config-data)# ethernet l2tunnel cdp
ethernet cfm
This command enables tunneling for IEEE 802.1ag Ethernet Connectivity Fault Management (CFM) protocols.
Syntax
- 918 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
# ethernet cfm aging-time <time in minutes> # ethernet cfm debounce <packet number> # ethernet cfm mep
Command
Description
aging-time
Sets the remote MEP aging time
time in minutes
Defines the actual aging time in minutes [1-9999].
debounce
Sets the status-reflection debounce counter.
packet number Defines the number of port-down packets to receive before blocking ports.
Command Mode Privileged User
Example This example enables tunneling for cdp:
(config-data)# ethernet l2tunnel cdp
TACACS+ Commands
TACACS+ is a security protocol for centralized username and password verification. The following describes the TACACS+ commands.
tacacs-server
This command provides support for communicating with a TACACS+ server through the device's WAN interface.
Syntax
tacacs-server timeout <seconds> tacacs-server source data source-address interface <Interface ID> tacacs-server source data interface <Interface ID> tacacs-server source data vrf <vrfname> tacacs-server source voip tacacs-server port <port-number>
- 919 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
tacacs-server obscured-key <string> tacacs-server host <host-ip> tacacs-server key <string>
Command VRF name host-ip
port-num password seconds
obscuredkey
Description Defines the VRF name. Specifies the IP address of the TACACS+ server in the format a.b.c.d. Note: Up to two TACACS+ servers may be defined. Specifies the TCP port number for the TACACS+ service. Specifies the shared secret between the TACACS+ server and the device. Specifies how much time to wait for a TACACS+ response before failing the authentication. Copies the TACACS+ shared secret from an existing configuration.
Interface Type (ifname)
gigabitethernet GigabitEthernet interface slot and port (VLAN ID is optional)
cellular
Cellular interface ID
gre
Tunnel GRE ID
ipip
Tunnel IPIP ID
l2tp
L2TP ID
pppoe
PPPoE interface ID
pptp
PPTP ID
vlan
Vlan ID
loopback
Loopback ID
bvi
Bridge interface
Interface ID [SLOT/PORT.VLANID]
0/0 [1-255] [1-255] [0-99] [1-3] [0-99] [1-3999] [1-5] [1-255]
Default
- 920 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
By default, no TACACS+ servers are defined. The default TCP port is 49. The default timeout is 5 seconds. The default key is "MSBR".
Note This command is applicable to Mediant MSBR devices.
Command Mode Privileged User
Example The example below configures a TACACS+ server.
(config-data)# tacacs-server host 192.168.1.55 (config-data)# tacacs-server key Rumble
aaa authentication login tacacs+
This command enables usage of a TACACS+ server on the network to verify access to the device's Command-Line Interface. To disable TACACS+ and return to local username/password verification, use the no form of this command.
Syntax
aaa authentication login tacacs+ aaa authentication login tacacs+ local
Command
Description
local
Specifies that if the TACACS+ server does not respond, password verification should fall back to locally-defined values.
Default TACACS+ is disabled.
Command Mode
- 921 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Privileged User
Example The example below describes how to enable TACACS+ usage.
# configure data (config-data)# aaa authentication login tacacs+
The example below configures authorization and authentication in the MSBR to work with TACACS+:
# configure data (config-data)# aaa authentication login tacacs+ (config-data)# aaa authorization command tacacs+ (config-data)# tacacs-server host 192.162.0.199 (config-data)# tacacs-server key P@ssw0rd
aaa accounting exec start-stop tacacs+
This command enables TACACS+ for CLI session accounting. To disable TACACS+ session accounting, use the "no" form of this command.
Syntax aaa accounting exec start-stop tacacs+
Default TACACS+ is disabled.
Command Mode Privileged User
Example The example below enables TACACS+ usage for session accounting.
(config-data)# aaa accounting exec start-stop tacacs+
- 922 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
aaa authentication login tacacs+ allow-console-bypass authentication
This command allows bypassing TACACS+ authentication when a user is connected using the serial port. After login, non-privileged commands will be allowed without negotiating with the TACACS+ Server. This does not affect TACACS+ users.
Syntax aaa authentication login tacacs+ allow-console-bypass authentication
Default TACACS+ is disabled.
Command Mode Privileged User
Example The example below allows bypassing TACACS+ authentication when a user is connected using the serial port.
(config-data)# aaa authentication login tacacs+ allow-console-bypass authentication
aaa authentication login tacacs+ allow-console-bypass authentication authorization
This command allows bypassing TACACS+ enable authorization (privileged mode) when a user is connected using the serial port. After login, privileged commands will be allowed without negotiating with the TACACS+ Server. This will not affect TACACS+ users.
Syntax aaa authentication login tacacs+ allow-console-bypass authentication authorization
Default TACACS+ is disabled.
Command Mode
- 923 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Privileged User
Example The example below allows bypassing TACACS+ enable authorization (privileged mode) when a user is connected using the serial port.
(config-data)# aaa authentication login tacacs+ allow-console-bypass authentication authorization
aaa accounting command start-stop tacacs+
This command enables reporting of CLI start/stop times to a TACACS+ server on the network. To disable TACACS+ command accounting, use the "no" form of this command.
Syntax aaa accounting command start-stop tacacs+
Default TACACS+ is disabled.
Command Mode Privileged User
Example The example below enables TACACS+ usage for command accounting.
(config-data)# aaa accounting command start-stop tacacs+
aaa authorization command tacacs+
This command enables usage of a TACACS+ server on the network to authorize each CLI command entered. To disable TACACS+ per-command authorization, use the "no" form of this command.
Syntax aaa authorization command tacacs+
- 924 -
CHAPTER 78 Security
MSBR | CLI Reference Guide
Default TACACS+ is disabled.
Command Mode Privileged User
Example The example below enables TACACS+ usage for per-command authorization.
(config-data)# aaa authorization command tacacs+
aaa authorization enable if-authenticated tacacs+
This command enters Privileged User mode automatically if authenticated by TACACS+.
Syntax aaa authorization enable if-authenticated tacacs+
Default TACACS+ is disabled.
Command Mode Privileged User
Example The example below enters Privileged User mode automatically if authenticated by TACACS+.
(config-data)# aaa authorization enable if-authenticated tacacs+
- 925 -
CHAPTER 79 Performance Monitoring Commands
MSBR | CLI Reference Guide
79 Performance Monitoring Commands
The following describes commands for monitoring performance.
pm sample-interval
This command configures sample intervals for performance monitoring (PM) statistics.
Syntax # pm sample-interval seconds <first sample interval in seconds> # pm sample-interval minutes <second sample interval in minutes>
Note This command is applicable only to data-router functionality.
Command Mode Privileged User
Example This example configures the sample interval to 20 seconds.
(config-data)# pm sample-interval seconds 20
- 926 -
CHAPTER 79 Performance Monitoring Commands
This page is intentionally left blank.
MSBR | CLI Reference Guide
- 927 -
International Headquarters 1 Hayarden Street, Airport City Lod 7019900, Israel Tel: +972-3-976-4000 Fax: +972-3-976-4040 AudioCodes Inc. 200 Cottontail Lane Suite A101E Somerset NJ 08873 Tel: +1-732-469-0880 Fax: +1-732-469-2298
Contact us: https://www.audiocodes.com/corporate/offices-worldwide Website: https://www.audiocodes.com/
©2020 AudioCodes Ltd. All rights reserved. AudioCodes, AC, HD VoIP, HD VoIP Sounds Better, IPmedia, Mediant, MediaPack, What's Inside Matters, OSN, SmartTAP, User Management Pack, VMAS, VoIPerfect, VoIPerfectHD, Your Gateway To VoIP, 3GX, VocaNom, AudioCodes One Voice, AudioCodes Meeting Insights, AudioCodes Room Experience and CloudBond are trademarks or registered trademarks of AudioCodes Limited. All other products or trademarks are property of their respective owners. Product specifications are subject to change without notice.
Document #: LTRT-17968
madbuild