|
|
To set the padding on a specific output character, use the padding line configuration command. To return padding to the default, use the no form of this command.
padding ascii-number count
ascii-number | ASCII decimal representation of the character. |
count | Number of null bytes sent after that character, up to 255 padding characters in length. |
Padding is not configured.
Line configuration
Use this command if the device attached is an old terminal that requires padding after certain characters (such as ones that scrolled or moved the carriage).
The following example pads a Return (ASCII decimal 13) with 25 null bytes.
Switch(config)# line console Switch(config-line)# padding 13 25
terminal padding
To specify the PNNI local node index of the parent node, use the parent PNNI node configuration command.
parent node-index
node-index | Index number of the PNNI local node to which the command applies, in the range of 1 to 8. |
PNNI node configuration
This command specifies the local node index of the parent node to be instantiated in the PNNI hierarchy by this switching system when this node is elected peer group leader.
The following example shows how to enter PNNI node configuration mode and specify a node.
Switch# configure terminal Switch(config)# atm router pnni Switch(config-atm-router)# node 1 Switch(config-pnni-node)#
The following example shows how to specify a local node index of 2 for the parent node.
Switch(config-pnni-node)# parent 2
To define the generation of a parity bit, use the parity line configuration command. To specify no parity bit, use the no form of this command.
parity {none | even | odd | space | mark}
none | No parity. |
even | Even parity. |
odd | Odd parity. |
space | Space parity. |
mark | Mark parity. |
none
Line configuration
This command pertains to the auxiliary port only.
The following example changes the default of no parity to even parity.
Switch(config)# line aux 0
Switch(config-line)# parity even
terminal parity
To specify a password on a line, use the password line configuration command. To remove the password, use the no form of this command.
password [0 | 7] password
0 | Specifies an unencrypted password. |
7 | Specifies a hidden password. |
password | Case-sensitive character string that specifies the line password. |
no
Line configuration
The first character cannot be a number. The string can contain any alphanumeric characters, including spaces, up to 80 characters. You cannot specify the password in the format number-space-anything. The space after the number causes problems. For example, hello 21 is a legal password, but 21 hello is not. The password checking is case sensitive. For example, the password Secret is different from the password secret.
When an EXEC is started on a line with password protection, the EXEC prompts for the password. If the user enters the correct password, the EXEC prints its normal privileged prompt. The user can try three times to enter a password before the EXEC exits and returns the terminal to the idle state.
The following example removes the password from virtual terminal lines 1 to 4.
Switch(config)# line vty 1 4
Switch(config-line)# no password
Use the ping atm interface atm privileged EXEC command to check connectivity of the switch.
ping atm interface atm card/subcard/port vpi [vci] {[ip-address ip-address] | [seg-loopback]
card/subcard/port | Card number, subcard number, and port number of the specified ATM interface. |
vpi | Virtual path identifier. |
vci | Virtual channel identifier. |
ip-address | IP address of the destination node. |
seg-loopback | Send OAM segment loopback. |
prefix | ATM address prefix of the destination node. |
end-loopback | Send OAM ping to end loopback. |
Privileged EXEC
To check reachability and network connectivity, use ping (privileged) or ping (user) command. You can use either an IP-address or an ATM-address prefix as a ping destination. You can also ping a neighbor switch by selecting the segment loopback option. Note that ip-address, atm-prefix, and seg-loopback options are mutually exclusive. In privilege extended command mode, you can select various other parameters such as repeat count, timeout value, and so on.
The following example shows using the ping command in normal mode.
Switch# ping atm interface atm 1/2/3 100 200 atm-prefix 0000a345454545454545464646
The following example shows using the ping command in extended command mode.
Switch# ping Protocol [ip]: atm Interface [card/sub-card/port]: 1/1/3 VPI [0]: 200 VCI [0]: 100 Send OAM-Segment-Loopback ? [no]: Target IP address: Target NSAP Prefix: Repeat count [5]: Timeout in seconds [5]:
Use the ping privileged EXEC command to diagnose basic network connectivity on IP networks.
ping [ip] {host | address}
host | Host name of system to ping. |
address | Address of system to ping. |
Privileged EXEC
The ping program sends an echo request packet to an address, then awaits a reply. Ping output can help you evaluate path-to-host reliability, delays over the path, and whether the host can be reached or is functioning.
To abnormally terminate a ping session, enter the escape sequence---by default, Ctrl-^ X. You enter the default by simultaneously pressing and releasing the Ctrl, Shift, and 6 keys, and then pressing the X key.
Table 15-1 describes the test characters that the ping facility sends.
| Char | Meaning |
|---|---|
! | Each exclamation point indicates receipt of a reply. |
. | Each period indicates the network server timed out while waiting for a reply. |
U | A destination unreachable error PDU was received. |
C | A congestion experienced packet was received. |
I | User-interrupted test. |
? | Unknown packet type. |
& | Packet lifetime exceeded. |
After you enter the ping command in privileged mode, the system prompts for the ip keyword.
If you enter a host name or address on the same line as the ping command, the default action is taken as appropriate for the protocol type of that name or address.
While the precise dialog varies somewhat from protocol to protocol, all are similar to the ping session using default values shown in the following display.
Switch# ping Protocol [ip]: Target IP address: 192.31.7.27 Repeat count [5]: Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.31.7.27, timeout is 2 seconds: !!!!! Success rate is 100 percent, round-trip min/avg/max = 1/2/4 ms
Table 15-2 describes the default ping fields shown in the display.
| Field | Description |
|---|---|
Protocol [ip]: | Prompts for a supported protocol. Enter appletalk, clns, ip, novell, apollo, vines, decnet, or xns. Default: ip. |
Target IP address: | Prompts for the IP address or host name of the destination node you plan to ping. If you have specified a supported protocol other than IP, enter an appropriate address for that protocol here. Default: none. |
Repeat count [5]: | Number of ping packets that are sent to the destination address. Default: 5. |
Datagram size [100]: | Size of the ping packet (in bytes). Default: 100 bytes. |
Timeout in seconds [2]: | Timeout interval. Default: 2 (seconds). |
Extended commands [n]: | Specifies whether or not a series of additional commands is displayed. |
Sweep range of sizes [n]: | Allows you to vary the sizes of the echo packets being sent. This capability is useful for determining the minimum sizes of the MTUs configured on the nodes along the path to the destination address. Packet fragmentation contributing to performance problems can then be reduced. |
!!!!! | Each exclamation point (!) indicates receipt of a reply. A period (.) indicates the network server timed out while waiting for a reply. Other characters might be displayed in the ping output, depending on the protocol type. |
Success rate is 100 percent | Percentage of packets successfully echoed back to the switch. Anything less than 80 percent is usually considered problematic. |
round-trip min/avg/max = 1/2/4 ms | Round-trip travel time intervals for the protocol echo packets, including minimum/average/maximum (in milliseconds). |
Use the ping user EXEC command to diagnose basic network connectivity on IP networks.
ping [protocol] {host | address}
protocol | Protocol keyword is ip. |
host | Host name of system to ping. |
address | Address of system to ping. |
EXEC
The user-level ping feature provides a basic ping facility for users who do not have system privileges. This feature allows the switch to perform the simple default ping functionality for a number of protocols. Only the nonverbose form of the ping command is supported for user-level pings.
If the system cannot map an address for a host name, it returns an "%Unrecognized host or address" error message.
To abnormally terminate a ping session, enter the escape sequence---by default, Ctrl-^ X. You enter the default by simultaneously pressing and releasing the Ctrl, Shift, and 6 keys and then pressing the X key.
Table 15-3 describes the test characters that the ping facility sends.
| Char | Meaning |
|---|---|
! | Each exclamation point indicates receipt of a reply. |
. | Each period indicates the network server timed out while waiting for a reply. |
U | A destination unreachable error PDU was received. |
C | A congestion experienced packet was received. |
I | User-interrupted test. |
? | Unknown packet type. |
& | Packet lifetime exceeded. |
The following display shows sample ping output when you ping the IP host named james.
Switch# ping james Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.31.7.27, timeout is 2 seconds: !!!!! Success rate is 100 percent, round-trip min/avg/max = 1/3/4 ms
To enable CHAP or PAP and to enable an AAA authentication method on an interface, use the ppp authentication interface configuration command. To disable this authentication, use the no form of this command.
ppp authentication {chap | pap} [if-needed] [list-name] | Caution If you use a list-name value that was not configured with the aaa authentication ppp command, you disable PPP on this interface. |
chap | Enables CHAP on a serial interface. |
pap | Enables PAP on a serial interface. |
if-needed | Used with TACACS and extended TACACS. Does not perform CHAP or PAP authentication if the user has already provided authentication. This option is available only on asynchronous interfaces. |
list-name | Used with AAA/TACACS+. Specifies the name of a list of AAA methods of authentication to use. If no listname is specified, the system uses the default. Lists and defaults are created with the aaa authentication ppp command. |
PPP authentication is not enabled.
Interface configuration
Once you have enabled CHAP or PAP, the local switch requires a password from remote devices. If the remote device does not support CHAP or PAP, no traffic is passed to that device.
If you are using autoselect on a TTY line, you probably want to use the ppp authentication command to turn on PPP authentication for the corresponding interface.
If you specify the if-needed option, PPP authentication is not required when the user has already provided authentication. This option is useful if you are using the autoselect command, but it cannot be used with AAA/TACACS+.
The list-name argument can be used only when AAA/TACACS+ is initialized and cannot be used with the if-needed argument.
The following example enables CHAP on interface 3/1/0 and uses the authentication list MIS-access.
Switch(config)# interface 3/1/0
Switch(config-if)# encapsulation ppp
Switch(config-if)# ppp authentication chap MIS-access
aaa authentication ppp
aaa new-model
auto-ferf
ppp use-tacacs
username
To enable TACACS for PPP authentication, use the ppp use-tacacs interface configuration command. To disable TACACS for PPP authentication, use the no form of this command.
ppp use-tacacs [single-line]
single-line | Accept the username and password in the username field. This option applies only when using CHAP authentication. |
TACACS is not used for PPP authentication.
Interface configuration
This is a per-interface command. Use this command only when you have set up an extended TACACS server. This command requires the new extended TACACS server.
When CHAP authentication is being used, the ppp use-tacacs command with the single-line option specifies that if a username and password are specified in the username separated by an asterisk (*), a standard TACACS login query is performed using that username and password. If the username does not contain an asterisk, normal CHAP authentication is performed using TACACS.
This feature is useful when integrating TACACS with other authentication systems that require a clear-text version of the user's password. Such systems include one-time password systems, token card systems, Kerberos, and others.
| Caution Normal CHAP authentications prevent the clear-text password from being transmitted over the interface. When you use the single-line option, passwords cross the interface in the clear. |
If the username and password are contained in the CHAP password, the CHAP secret is not used by the Cisco system. Because most PPP clients require that a secret be specified, you can use any arbitrary string; the Cisco system ignores it.
In the following example, asynchronous serial interface 1 is configured to use TACACS for CHAP authentication.
Switch(config)# interface serial 1 Switch(config-if)# ppp authentication chap Switch(config-if# ppp use-tacacs
In the following example, asynchronous serial interface 1 is configured to use TACACS for PAP authentication.
Switch(config)# interface async 1 Switch(config-if)# ppp authentication pap Switch(config-if)# ppp use-tacacs
ppp authentication
tacacs-server extended
tacacs-server host
To configure the precedence of different types of reachable addresses, use the precedence ATM router PNNI configuration command. To return to the default precedence value for a particular reachable address type, use the no form of this command.
precedence [pnni-remote-exterior | pnni-remote-exterior-metrics | pnni-remote-internal |
pnni-remote-exterior | Sets the priority for the remote exterior prefixes without metrics. The default is 4. |
pnni-remote-exterior-metrics | Sets the priority for the remote exterior prefixes with metrics. The default is 2. |
pnni-remote-internal | Sets the priority for the remote internal prefixes without metrics. The default is 2. |
pnni-remote-internal-metrics | Sets the priority for the remote internal prefixes with metrics. The default is 2. |
static-local-exterior | Sets the priority for the static exterior prefixes without metrics. The default is 3. |
static-local-exterior-metrics | Sets the priority for the static exterior prefixes with metrics. The default is 2. |
static-local-internal-metrics | Sets the priority for the static internal prefixes with metrics. The default is 2. |
value_2-4 | Specifies the precedence of a reachable address type. Smaller values take precedence over larger values. The range of values is 2, 3, or 4. |
See the syntax descriptions.
ATM router PNNI configuration
The following naming convention for the precedence option keywords is used.
The LightStream 1010 switch route selection algorithm chooses routes to particular destinations using the longest match-reachable address prefix known to the switch. When there are multiple reachable address types associated with the longest match-reachable address prefix, the route selection algorithm first attempts to find routes to reachable address types of greatest precedence. Among multiple routes to the same longest match-reachable address prefix with the same reachable address type, routes with the least total administrative weight are preferred.
Use the precedence command to change the default values for the different types of reachable addresses.
Local internal reachable addresses, whether learned through ILMI or as static routes, are given the highest priority (level 1).
To set the privilege level for a command, use the privilege level global configuration command. To revert to default privileges for a given command, use the no form of this command.
privilege mode level level command [type]
command | Command to which privilege level is associated. |
level | Privilege level to be associated with the specified command. You can specify up to 16 privilege levels, using numbers 0 through 15. |
mode | Configuration mode. Refer to the Router Products Command Reference publication for more information. |
type | Refer to Table 15-4 for a list of optional keywords. |
Level 15 is the level of access permitted by the enable password.
Level 1 is normal EXEC-mode user privileges.
Global configuration
The alias command shows the acceptable options for the mode argument in the privilege level global configuration command.
The password for the privilege level defined using the privilege level global configuration mode is configured using the enable password command.
Level 0 can be used to specify a more limited subset of commands for specific users or lines. For example, you can allow user "guest" to only use the show users and exit commands.
If you set a command to a privilege level, all commands that have a syntax that is a subset of the syntax of that command are also set to that level. For example, when you set the command show ip route to level 15 and do not set show and show ip commands to a different level, they are also set to the privilege level 15.
Table 15-4 shows the optional keywords you specify to set the privileged level.
| Type | Description |
|---|---|
acctng-file | Configure ATM accounting file. |
acctng-sel | Configure ATM accounting selection. |
atm-router | ATM router configuration mode. |
atmsig_e164_table_mode | ATMSIG E164 table. |
configure | Global configuration mode. |
exec | Exec mode. |
interface | Interface configuration mode. |
lane | ATM LAN Emulation LECS Configuration Table. |
line | Line configuration mode. |
map-class | Map class configuration mode. |
map-list | Map list configuration mode. |
null-interface | Null interface configuration mode. |
pnni-router-node | PNNI router node configuration mode. |
route-map | Route map configuration mode. |
In the following example, the configure command in global configuration mode is assigned a privilege level of 14. Only users who know the level 14 password are able to use the configure command.
Switch# privilege exec level 14 configure
Switch# enable password level 14 pswd14
configure
enable password
privilege level (line)
To set the default privilege level for a line, use the privilege level line configuration command. To restore the default user privilege level to the line, use the no form of this command.
privilege level level
level | Privilege level to be associated with the specified line. |
Level 15 is the level of access permitted by the enable password.
Level 1 is normal EXEC-mode user privileges.
Line configuration
The privilege level that is set using this command can be overridden by a user logging in to the line and enabling a different privilege level. The user can lower the privilege level by using the disable command. If they know the password to a higher privilege level, they can use that password to enable the higher privilege level.
Level 0 can be used to specify a more limited subset of commands for specific users or lines. For example, you can allow user "guest" to only use the show users and exit commands.
You might specify a high level of privilege for your console line if you are able to restrict who uses that line.
In the following example, the auxiliary line is configured for privilege level 5. Anyone using the auxiliary line has privilege level 5 by default.
Switch(config)# line aux 0 Switch(config-line)# privilege level 5
To set PTSE origination and request parameters (including significant change determination parameters), use the ptse PNNI node configuration command. To revert to the default values, use the no form of this command.
ptse [lifetime-factor percentage-factor] [min-ptse-interval tenths-of-seconds]
min-ptse-interval | Specifies the minimum interval between updates of any given PTSE. This means new instances of a PTSE are not issued more often than every min-ptse-interval seconds. The default value is 1 second. The minimum value is 0.1 seconds. |
tenths-of-seconds | Specifies the time of the interval in tenths of seconds. Ten tenths-of-seconds equals one second. |
lifetime-factor | Specifies an initial lifetime of self-originated PTSEs as a percentage of the refresh-interval. The default is 200 percent. |
percentage-factor | Specifies the percentage factor of the refresh interval, from 101 to 1000. The value 100 represents a quantity equal to the refresh interval. |
refresh-interval | Specifies the period the system updates self-originated PTSEs. The default is 1800. |
request | Specifies the maximum number of PTSEs requested in one request packet. The default is 32. |
number | Specifies the PTSE requests using an integer. |
acr-mt | Specifies the available cell rate minimum threshold which is the minimum change of available cell rate considered significant, as a percentage of the maximum cell rate. The default is 3 percent. |
acr-pm | Specifies the available cell rate proportional multiplier, which is the percentage of change from the current available cell rate considered significant. The default is 50 percent. |
cdv-pm | Specifies the cell delay variation proportional multiplier, which is the percentage of change from the current cell delay variation considered significant. The default is 25 percent. |
ctd-pm | Specifies the maximum cell transfer delay proportional multiplier, which is the percentage of change from the current maximum cell transfer delay considered significant. The default is 50 percent. |
percent | Specifies the significant change threshold percent, from 1 to 99. |
See the syntax descriptions.
PNNI node configuration
Lowering refresh-interval time causes PNNI to reoriginate PTSEs more frequently, allowing insignificant changes to be advertised sooner at the cost of more PNNI traffic. Note that significant changes are advertised immediately.
Decreasing the lifetime-factor lowers the initial lifetime of PTSE, which means PTSEs of a PNNI node that has stopped functioning are removed from the database sooner. Lowering min-ptse-interval allows PNNI to update PTSEs quickly when changes happen rapidly in the network. This should be adjusted carefully so that you do not overload switch processors. In a normal situation, these parameters are not changed from their default values.
The significant change parameters define the level of changes in metrics that triggers PNNI to update and send its PTSEs. It applies to all PTSE types that include metrics: for example, horizontal link, up link, external reachable address, and nodal state parameters. Any change in administrative weight or cell loss ratio is considered significant.
For more information, refer to the LightStream 1010 ATM Switch Software Configuration Guide.
The following script shows how to access the ptse node-level subcommand.
Switch# configure terminal Switch(config)# atm router pnni Switch(config-atm-router)# node 1 Switch(config-pnni-node)# ptse refresh-interval 1900
show atm pnni local-node
show atm pnni resource-info
To purge all previous call failure records collected for this signalling diagnostics filter table entry, use the purge command. To disable purging, use the no format.
purgeThis command has no arguments or keywords.
This command has no default.
Diagnostics configuration
The following example shows the purge command.
Switch(config)# purge
To show the current setting of the cd command, use the pwd EXEC command.
pwdThis command has no arguments or keywords.
This command has no default.
EXEC
Use the pwd command to show what device is specified as the system's default device by the cd command. For all EXEC commands that have an optional device: argument, the system uses the device specified by the cd command when you omit the optional device: argument.
For example, the dir command contains an optional device: argument and displays a list of files on a Flash memory device. When you omit this device: argument, the system shows a list of the files on the Flash device specified by the cd command.
The following example shows that the present working device specified by the cd command is slot 0 of the ASP card.
Switch# pwd Switch# slot0
The following example uses the cd command to change the present working device to slot 1 of the ASP card and then uses the pwd command to display that present working device.
Switch# cd slot1: Switch# pwd Switch# slot1
Similarly, the following example uses the cd command to change the present working device to bootflash and then uses the pwd command to display that present working device.
Switch# cd bootflash: Switch# pwd Switch# bootflash
Posted: Fri Feb 5 16:10:02 PST 1999
Copyright 1989-1999©Cisco Systems Inc.