-
Cisco Internet Streamer CDS 3.3 Command Reference
-
Preface
-
Command-Line Interface Command Surmmary
-
Cisco Internet Streamer CDS 3.3 Software Commands, aaa through line
-
Cisco Internet Streamer CDS 3.3 Software Commands, lls through show statistics content-mgr
-
Cisco Internet Streamer CDS 3.3 Software Commands, show statistic distribution through write
-
Acronyms
-
Standard Tme Zones
-
Index
-
Feedback
Table Of Contents
Cisco Internet Streamer CDS Release 3.3 Software Commands
acquirer (Global configuration)
bandwidth (Global configuration)
bandwidth (interface configuration)
content-mgr disk-info force-reset
Cisco Internet Streamer CDS Release 3.3 Software Commands
This chapter contains an alphabetical listing of all the commands in Cisco Internet Streamer CDS Release 3.3 software. The Internet Streamer CDS software CLI is organized into the following command modes:
•
EXEC mode—For setting, viewing, and testing system operations. It is divided into two access levels, user and privileged. To use the privileged access level, enter the enable command at the user access level prompt and then enter the privileged EXEC password when you see the password prompt.
•
•
•
See Chapter 1 "Command-Line Interface Command Summary," for a complete discussion of using CLI command modes.
Table 2-1 summarizes the Internet Streamer CDS commands and indicates the command mode for each command. The same command may have different effects when entered in a different command mode, and for this reason, they are listed and documented separately. In Table 2-1, when the first occurrence is entered in EXEC mode, the second occurrence is entered in Global configuration mode. When the first occurrence is entered in Global configuration mode, the second occurrence is entered in interface configuration mode.
The Internet Streamer CDS software device mode determines whether the Internet Streamer CDS device is functioning as a Service Engine (SE), CDS Manager (CDSM), or Service Router (SR). The commands available from a specific CLI mode are determined by the Internet Streamer CDS device mode in effect. Table 2-1 also indicates the device mode for each command. All indicates that the command is available for every device mode.
Note
Note
Table 2-1 CLI Commands
Specifies accounting, authentication and authorization methods.
Global configuration
All
Configures the access control list entries.
Global configuration
SE
Configures the content acquirer.
Privileged-level EXEC
SE
Enables authentication when the acquirer obtains content through a proxy server.
Global configuration
SE
Starts and stops the acquisition and distribution database cleanup process and the content acquisition and distribution process.
Privileged-level EXEC
SE
Configures alarms.
Global configuration
All
Configures an area as an NSSA1 .
OSPF configuration
SR
Defines an area as a stub area.
OSPF configuration
SR
Configures the CISCO-ENTITY-
ASSET-MIB.Global configuration
All
Enables and configures the Authorization server.
Global configuration
SE
Sets the allowable bandwidth usage and its duration for the Movie Streamer and WMT2 streaming media.
Global configuration
SE
Sets the specified interface bandwidth to 10, 100, or 1000 Mbps.
Interface configuration
All
Configures the EXEC, login, and MOTD3 banners.
Global configuration
All
Configures the maximum pacing bit rate for the Movie Streamer and configures WMT bit-rate settings.
Global configuration
SE
Identifies physical devices by blinking their LED(s).
Privileged-level EXEC
All
Configures a bootstrap node IP address.
SRP configuration
SR
Specifies the cache commands.
Global configuration
SE
Modifies the capability configuration.
Global configuration
SE
Changes the directory.
User-level EXEC and privileged-level EXEC
All
Enables the CDN Selector for third-party service selection.
Global Configuration
SR
Manages the Internet Streamer CDNFS4 .
Privileged-level EXEC
SE
Configures the CDSM IP address and primary or standby role settings.
Global configuration
All
Clears the HTTP object cache.
Privileged-level EXEC
SE, SR
Clears the URL content.
Privileged-level EXEC
SE, SR
Clears the IP configuration.
Privileged-level EXEC
All
Clears the IPv6 configuration.
Privileged-level EXEC
All
Clears the IS-IS Routing for IP.
Privileged-level EXEC
SR
Clears the syslog messages saved in the disk file.
Privileged-level EXEC
All
Clears the Service Router.
Privileged-level EXEC
SR
Clears the SRP database while it is offline.
Privileged-level EXEC
SR
Deletes a single descriptor or all descriptors from the service routing layer.
Privileged-level EXEC
SR
Removes a neighbor Proximity Engine from the neighbor list of the local Proximity Engine.
Privileged-level EXEC
SR
Deletes a resource from a descriptor in the service routing layer.
Privileged-level EXEC
SR
Deletes a single route entry from the DHT routing table of the local Proximity Engine.
Privileged-level EXEC
SR
Clears the statistics.
Privileged-level EXEC
All
Clears and archives the working transaction logs.
Privileged-level EXEC
SE, SR
Clears the connections (login) of authenticated users.
Privileged-level EXEC
All
Clears the WMT streams.
Privileged-level EXEC
SE
Manages the system clock.
Privileged-level EXEC
All
Sets the summer daylight saving time of day and time zone.
Global configuration
All
Configures the CMS5 -embedded database parameters.
Privileged-level EXEC
All
Schedules the maintenance and enables the Centralized Management System on a given node.
Global configuration
All
Enters configuration mode from privileged EXEC mode.
Privileged-level EXEC
All
Configures the Content Manager.
Global configuration
SE
Forces the Content Manager to reset the disk share memory information.
User-level EXEC and privileged-level EXEC
SE
Supports multiple origin servers within a content origin.
Global configuration
SE
Copies the configuration or image files to and from the CD-ROM, flash memory, disk, or remote hosts.
Privileged-level EXEC
All
Copies a file.
User-level EXEC and privileged-level EXEC
All
Configures the debugging options.
Privileged-level EXEC
All
Displays information related to the BGP process.
Privileged-level EXEC
SR
Displays information related to the OSPF process.
Privileged-level EXEC
SR
Debugs the transport layer of proximity process.
Privileged-level EXEC
SR
Turns on proximity debugging information.
Privileged-level EXEC
SR
Displays information related to the IS-IS process.
Privileged-level EXEC
SR
Turns on SRP debugging information.
Privileged-level EXEC
SR
Deletes a file.
User-level EXEC and privileged-level EXEC
All
Deletes a directory and its subdirectories.
User-level EXEC and privileged-level EXEC
All
Configures the mode of operation on a device.
Global configuration
All
Displays the list of files in a directory.
User-level EXEC and privileged-level EXEC
All
Enables a VIP for direct server return.
Global configuration
SE, SR
Turns off the privileged EXEC commands.
Privileged-level EXEC
All
Allocates the disks among the CDNFS and sysfs file systems.
Privileged-level EXEC
All
Configures how the disk errors should be handled.
Global configuration
All
Reschedules and refreshes the content redistribution through multicast for all delivery services or a specified delivery service ID or name.
Privileged-level EXEC
SE
Resolves a host or domain name to an IP address.
User-level EXEC and privileged-level EXEC
All
Sets the domain ID for the SRP.
SRP configuration
SR
Accesses the privileged EXEC commands.
User-level EXEC and privileged-level EXEC
All
Changes the enable password.
Global configuration
All
Exits configuration and privileged EXEC modes.
Global configuration
All
Configures the length of time that an inactive Telnet or SSH7 session remains open.
Global configuration
All
Exits from interface, Global configuration, or privileged EXEC modes.
All
All
Sets the expert-mode password.
Global configuration
All
Configures up to a maximum of eight external IP addresses.
Global configuration
All
Searches for a particular pattern in a file.
Privileged-level EXEC
All
Enables and configures Flash Media Streaming.
Global configuration
SE, SR
Sets the flooding threshold for SRP multicast.
SRP configuration
SR
Redirects requests to different CDNs based on the geographic location of the client.
Global configuration
SR
Captures lossless gigabit packets and writes them to disk.
Privileged-level EXEC
SE
Obtains online help for the command-line interface.
Global configuration and user-level EXEC
All
Configures the device network name.
Global configuration
All
Installs a new version of the caching application.
Privileged-level EXEC
All
Configures a Gigabit Ethernet or port channel interface. Provides access to interface configuration mode.
Global configuration
All
Configures the Internet Protocol.
Global configuration
All
Configures the interface Internet Protocol.
Interface configuration
All
Creates and modifies the access lists for controlling access to interfaces or applications. Provides access to ACL configuration mode.
Global configuration
All
Sets the router priority, which helps determine the designated router for this network.
Interface configuration mode under OSPF configuration
SR
Configures unicast static routes for the Proximity Engine.
Global configuration
SR
Specifies the interfaces to be used for routing IS-IS.
Interface configuration mode under IS-IS configuration mode
SR
Specifies the default gateway's IPv6 address.
Global configuration
SE
Configures IS-IS routing for IP.
Interface configuration mode under IS-IS configuration
SR
Configures a Proximity Engine to act as a Level 1 (intra-area) router, as both a Level 1 router and a Level 2 (interarea) router, or as an inter-area router only.
IS-IS configuration
SR
Configures the kernel.
Global configuration
All
Creates a key ID and enters into key ID configuration submode.
Key chain submode
SR
Creates a key string to be used for authentication.
Key ID configuration submode
SR
Creates a key chain and enters into key chain configuration submode.
Global configuration
SR
Turns on LACP.
Interface configuration
All
Specifies the terminal line settings.
Global configuration
All
Displays the files in a long-list format.
User-level EXEC and privileged-level EXEC
All
Configures the community values that are associated with a Proximity Engine.
BGP configuration
SR
Configures the router to send a syslog message when an IS-IS neighbor goes up or down.
BGP, IS-IS and OSPF configuration
SR
Configures syslog9 .
Global configuration
All
Enables logging of BGP neighbor resets.
BGP configuration
SR
Lists the files and subdirectories in a directory.
User-level EXEC and privileged-level EXEC
All
Sets the maximum transmission unit MTU10 size of IS-IS LSPs.
IS-IS configuration
SR
Makes a directory.
User-level EXEC and privileged-level EXEC
All
Makes a file (for testing).
User-level EXEC and privileged-level EXEC
All
Changes the CDE250 platform model number after a remanufacturing or rescue process.
User-level EXEC and privileged-level EXEC
All
Enables and configures the Movie Streamer server.
Global configuration
SE
Configures multicast options.
Global configuration
SE
Generate multicast packets and tests connectivity through multicast routers.
User-level EXEC and privileged-level EXEC
SE, CDSM
Sets the interface maximum transmission unit packet size.
Interface configuration
All
Configures the BGP neighbors.
BGP configuration
SR
IS-IS configuration
SR
Displays the transmit and receive activity on an interface.
Privileged-level EXEC
SE
Displays the rate of change of netstat statistics.
Privileged-level EXEC
SE
Defines the interfaces on which OSPF runs and defines the area ID for those interfaces.
OSPF configuration
SR
Negates a Global configuration command or sets its defaults.
Global configuration
All
Negates an interface command or sets its defaults.
Interface configuration
All
Configures the Network Time Protocol server.
Global configuration
All
Sets the NTP software clock.
Privileged-level EXEC
All
Sends the echo packets.
User-level EXEC and privileged-level EXEC
All
Pings the SRP ring.
User-level EXEC and privileged-level EXEC
SR
Pings the IPv6 address.
User-level EXEC and privileged-level EXEC
SE
Configures the port channel load balancing options.
Global configuration
All
Configures a primary interface for the Internet Streamer CDS network to be a Gigabit Ethernet or port channel interface.
Global configuration
All
Enables a BGP proximity algorithm option for the Proximity Engine.
Global configuration
SR
Enables the Proximity Engine.
Global Configuration
SR
Displays the present working directory.
User-level EXEC and privileged-level EXEC
All
Configures the RADIUS authentication.
Global configuration
All
Enables RCP.
Global configuration
All
Halts a device and performs a cold restart.
Privileged-level EXEC
All
Renames a file.
User-level EXEC and privileged-level EXEC
All
Restores a device to its manufactured default status.
Privileged-level EXEC
All
Removes a directory.
User-level EXEC and privileged-level EXEC
All
Configures a BGP routing process.
Global configuration
SR
Enables the IS-IS routing protocol and specifies an IS-IS process.
Global configuration
SR
Enables the OSPF13 routing process.
Global configuration
SR
Enters SRP configuration mode.
Global configuration
SR
Configures the Real-Time Streaming Protocol-related parameters.
Global configuration
SE
Sets the rules by which the SE filters HTTP, HTTPS, and RTSP traffic.
Global configuration
SE
Checks the errors in a script or executes a script.
Privileged-level EXEC
All
Specifies the type of service.
Privileged-level EXEC
All
Configures service routing.
Global configuration
All
Configures the basic configuration settings and a set of commonly used caching services.
Privileged-level EXEC
All
Displays the accounting, authentication, and authorization configuration.
User-level EXEC and privileged-level EXEC
All
Displays the access control list configuration.
User-level EXEC and privileged-level EXEC
SE
Displays the acquirer delivery service information and progress for a specified delivery service number or name.
User-level EXEC and privileged-level EXEC
SE
Displays information on various types of alarms, their status, and history.
User-level EXEC and privileged-level EXEC
All
Displays the Address Resolution Protocol entries.
User-level EXEC and privileged-level EXEC
All
Displays the authentication configuration.
User-level EXEC and privileged-level EXEC
All
Displays the Authorization Server status.
User-level EXEC and privileged-level EXEC
SE
Displays the bandwidth allocated to a particular device.
User-level EXEC and privileged-level EXEC
SE, SR
Displays information on various types of banners.
User-level EXEC and privileged-level EXEC
All
Displays the SE bit-rate configuration.
User-level EXEC and privileged-level EXEC
SE, SR
Displays a list of cached contents.
User-level EXEC and privileged-level EXEC
SE
Displays cache-route information for various Protocol Engines.
User-level EXEC and privileged-level EXEC
SE
Displays information for the Cap-X profile ID.
User-level EXEC and privileged-level EXEC
SE
Displays the status of the CDN Selector.
User-level EXEC and privileged-level EXEC
SR
Displays the Internet Streamer CDS network file system information.
User-level EXEC and privileged-level EXEC
CDSM, SE
Displays the system clock.
User-level EXEC and privileged-level EXEC
All
Displays the Centralized Management System protocol, embedded database content, maintenance status, and other information.
User-level EXEC and privileged-level EXEC
All
Displays all content entries in the CDS.
User-level EXEC and privileged-level EXEC
SE
Displays all content management information in the CDS.
User-level EXEC and privileged-level EXEC
SE
Displays information about the NAS14 mount.
User-level EXEC and privileged-level EXEC
SE
Displays the state of each debugging option.
User-level EXEC and privileged-level EXEC
All
Displays the debug flags that are turned on for the SRP.
Privileged-level EXEC
SR
Displays the configured or current mode of a CDSM, SE, or SR device.
User-level EXEC and privileged-level EXEC
All
Displays the Direct Server return information.
User-level EXEC and privileged-level EXEC
SE, SR
Displays the disk configurations.
User-level EXEC and privileged-level EXEC
All
Displays the distribution information for a specified delivery service.
User-level EXEC and privileged-level EXEC
SE
Displays the flash memory information.
User-level EXEC and privileged-level EXEC
All
Displays the Flash Media Streaming information.
User-level EXEC and privileged-level EXEC
SE, SR
Displays the caching configuration of the FTP15 .
User-level EXEC and privileged-level EXEC
All
Displays the system hardware information.
Privileged-level EXEC
All
Displays the IP domain name, name servers, IP addresses, and host table.
User-level EXEC and privileged-level EXEC
All
Displays the hardware interface information.
User-level EXEC and privileged-level EXEC
All
Displays the system inventory information.
User-level EXEC and privileged-level EXEC
All
Displays the information about access lists that are defined and applied to specific interfaces or applications.
Privileged-level EXEC
All
Displays the contents of a particular host in the BGP routing table.
User-level EXEC and privileged-level EXEC
SR
Displays the contents of the BGP routing table.
User-level EXEC and privileged-level EXEC
SR
Displays BGP routes that match a specified BGP community string.
User-level EXEC and privileged-level EXEC
SR
Displays information relating to all IPV4 unicast routes in the BGP routing table.
User-level EXEC and privileged-level EXEC
SR
Displays memory usage information of the running BGP daemon.
User-level EXEC and privileged-level EXEC
SR
Displays information about the TCP and BGP connections to neighbors.
User-level EXEC and privileged-level EXEC
SR
Displays the next-hop database information in the BGP routing table.
User-level EXEC and privileged-level EXEC
SR
Displays the status of all BGP connections.
User-level EXEC and privileged-level EXEC
SR
Displays the IP interface state and its address and mask for all interfaces.
User-level EXEC and privileged-level EXEC
SR
Displays general information about OSPF routing processes.
User-level EXEC and privileged-level EXEC
SR
Displays general information about OSPF border routers.
User-level EXEC and privileged-level EXEC
SR
Displays information specific to the OSPF database for a specific router.
User-level EXEC and privileged-level EXEC
SR
Displays OSPF-related interface information.
User-level EXEC and privileged-level EXEC
SR
Displays memory usage of the OSPF process.
User-level EXEC and privileged-level EXEC
SR
Displays OSPF neighbor information.
User-level EXEC and privileged-level EXEC
SR
Displays a list of all LSAs16 requested by a router.
User-level EXEC and privileged-level EXEC
SR
Displays a list of all LSAs waiting to be re-sent.
User-level EXEC and privileged-level EXEC
SR
Displays the OSPF RSPF route for OSPF routes.
User-level EXEC and privileged-level EXEC
SR
Displays OSPF RSPF17 from specific routers.
User-level EXEC and privileged-level EXEC
SR
Displays OSPF traffic statistics.
User-level EXEC and privileged-level EXEC
SR
Displays the proximity algorithm options currently in use by this Proximity Engine.
User-level EXEC and privileged-level EXEC
SR
Displays the interface addresses and hostnames of the proximity servers currently in use by this Proximity Engine.
User-level EXEC and privileged-level EXEC
SR
Displays details of all the routing protocol instances that are clients of the RIB.
User-level EXEC and privileged-level EXEC
SR
Displays the memory usage information of the RIB.
User-level EXEC and privileged-level EXEC
SR
Displays IP recursive next-hop information from the RIB.
User-level EXEC and privileged-level EXEC
SR
Displays IP RIB route information.
User-level EXEC and privileged-level EXEC
SR
Displays unresolved next-hop information from the RIB.
User-level EXEC and privileged-level EXEC
SR
Displays the IP routing table.
Privileged-level EXEC
All
Displays IP static route information.
User-level EXEC and privileged-level EXEC
SR
Displays IPv6 information.
User-level EXEC and privileged-level EXEC
All
Displays IS-IS adjacencies.
User-level EXEC and privileged-level EXEC
SR
Displays one or all the destinations to which the router knows how to route CLNS packets.
User-level EXEC and privileged-level EXEC
SR
Displays the IS-IS link-state database.
User-level EXEC and privileged-level EXEC
SR
Displays the router-name-to-system-ID mapping table entries for an IS-IS router.
User-level EXEC and privileged-level EXEC
SR
Displays information about the IS-IS interfaces.
User-level EXEC and privileged-level EXEC
SR
Displays the Intermediate IS-IS RSPF route for IS-IS learned routes.
User-level EXEC and privileged-level EXEC
SR
Displays the Intermediate IS-IS RSPF route for IS-IS learned routes.
User-level EXEC and privileged-level EXEC
SR
Displays memory usage information for an IS-IS instance.
User-level EXEC and privileged-level EXEC
SR
Displays summary information about an IS-IS instance.
User-level EXEC and privileged-level EXEC
SR
Displays IS-IS RRM18 information.
User-level EXEC and privileged-level EXEC
SR
Displays how often and why the router has run a full SPF19 calculation.
User-level EXEC and privileged-level EXEC
SR
Displays SRM20 information for an IS-IS process.
Privileged-level EXEC
SR
Displays SSN21 information for an IS-IS process.
User-level EXEC and privileged-level EXEC
SR
Displays the key chains in the system.
User-level EXEC and privileged-level EXEC
SR
Displays LACP information.
User-level EXEC and privileged-level EXEC
All
Displays the system logging configuration.
User-level EXEC and privileged-level EXEC
All
Displays the Movie Streamer configuration.
User-level EXEC and privileged-level EXEC
SE
Displays whether or not the multicast sender and receiver are enabled.
User-level EXEC and privileged-level EXEC
SE
Displays the Network Time Protocol configuration status.
User-level EXEC and privileged-level EXEC
All
Displays the process status.
User-level EXEC and privileged-level EXEC
All
Displays the scheduled programs.
User-level EXEC and privileged-level EXEC
SE
Displays the RADIUS server information.
User-level EXEC and privileged-level EXEC
All
Displays RCP information
User-level EXEC and privileged-level EXEC
All
Displays the RTSP configurations.
User-level EXEC and privileged-level EXEC
SE
Displays the Rules Template configuration information.
User-level EXEC and privileged-level EXEC
SE
Displays the current operating configuration.
User-level EXEC and privileged-level EXEC
All
Displays the Service Router configuration.
User-level EXEC and privileged-level EXEC
All
Displays the services-related information.
User-level EXEC and privileged-level EXEC
All
Displays the SNMP parameters.
User-level EXEC and privileged-level EXEC
All
Displays the descriptor-related information saved in the descriptor database.
Privileged-level EXEC
SR
Displays SRP leafset information.
Privileged-level EXEC
SR
Displays SRP memory usage information.
Privileged-level EXEC
SR
Displays multicast database information for an SRP process.
Privileged-level EXEC
SR
Displays SRP neighbor information.
Privileged-level EXEC
SR
Displays the basic configurations for SRP.
Privileged-level EXEC
SR
Displays the replica-set information for a Proximity Engine.
Privileged-level EXEC
SR
Displays route information for a Proximity Engine to its neighbor nodes on the same DHT network.
Privileged-level EXEC
SR
Displays SRP multicast group subscriber information.
Privileged-level EXEC
SR
Displays the Secure Shell status and configuration.
User-level EXEC and privileged-level EXEC
All
Displays the information related to the standby interface.
User-level EXEC and privileged-level EXEC
All
Displays the startup configuration.
User-level EXEC and privileged-level EXEC
All
Displays accounting, authentication, and authorization statistics.
User-level EXEC and privileged-level EXEC
All
Displays the access control list statistics.
User-level EXEC and privileged-level EXEC
SE
Displays the SE acquirer delivery service statistics.
User-level EXEC and privileged-level EXEC
SE
Displays admission control statistics.
User-level EXEC and privileged-level EXEC
SE, CDSM
Displays the Authentication Server statistics.
User-level EXEC and privileged-level EXEC
SE
Displays the statistics for the CDN Selector.
User-level EXEC and privileged-level EXEC
SR
Displays the SE Internet Streamer CDS network file system statistics.
User-level EXEC and privileged-level EXEC
SE
Displays the Content Manager statistics.
User-level EXEC and privileged-level EXEC
SE
Displays the simplified statistics for content distribution components.
User-level EXEC and privileged-level EXEC
SE
Displays the statistics for Flash Media Streaming.
User-level EXEC and privileged-level EXEC
SE
Displays the Internet Control Message Protocol statistics.
User-level EXEC and privileged-level EXEC
All
Displays the Internet Protocol statistics.
User-level EXEC and privileged-level EXEC
All
Displays IS-IS traffic counters.
User-level EXEC and privileged-level EXEC
SR
Displays statistics for the Movie Streamer.
User-level EXEC and privileged-level EXEC
SE
Displays the Internet socket connection statistics.
User-level EXEC and privileged-level EXEC
All
Displays the RADIUS authentication statistics.
User-level EXEC and privileged-level EXEC
All
Displays the delivery service replication status and related statistical data.
User-level EXEC and privileged-level EXEC
CDSM, SR
Displays the Service Router statistics.
User-level EXEC and privileged-level EXEC
SR
Displays the services statistics.
User-level EXEC and privileged-level EXEC
All
Displays the SNMP statistics.
User-level EXEC and privileged-level EXEC
All
Displays SRP statistics information.
Privileged-level EXEC
SR
Displays the Service Engine TACACS+ authentication and authorization statistics.
User-level EXEC and privileged-level EXEC
All
Displays the Transmission Control Protocol statistics.
User-level EXEC and privileged-level EXEC
All
Displays the transaction log export statistics.
User-level EXEC and privileged-level EXEC
SE
Displays the User Datagram Protocol statistics.
User-level EXEC and privileged-level EXEC
All
Displays the Web Engine statistics.
User-level EXEC and privileged-level EXEC
SE
Displays the Windows Media Technologies statistics.
User-level EXEC and privileged-level EXEC
SE
Displays TACACS+ authentication protocol configuration information.
User-level EXEC and privileged-level EXEC
All
Displays the system information for Cisco technical support.
User-level EXEC and privileged-level EXEC
All
Displays the Telnet services configuration.
User-level EXEC and privileged-level EXEC
All
Displays the transaction logging information.
User-level EXEC and privileged-level EXEC
SE
Displays the URL signature information.
User-level EXEC and privileged-level EXEC
SE
Displays the user identification number and username information.
User-level EXEC and privileged-level EXEC
All
Displays the specified users.
User-level EXEC and privileged-level EXEC
All
Displays the software version.
User-level EXEC and privileged-level EXEC
All
Displays the Web Engine information.
User-level EXEC and privileged-level EXEC
SE
Displays the WMT configuration.
User-level EXEC and privileged-level EXEC
SE
Shuts down the specified interface.
Interface configuration
All
Shuts down the device (stops all applications and operating system).
Privileged-level EXEC
All
Configures the community access string to permit access to the SNMP.
Global configuration
All
Specifies the text for the MIB object sysContact.
Global configuration
All
Enables the SNMP traps.
Global configuration
All
Defines a user security model group.
Global configuration
All
Specifies the hosts to receive SNMP traps.
Global configuration
All
Specifies the path for the MIB object sysLocation.
Global configuration
All
Configures the SNMP inform request.
Global configuration
All
Defines a user who can access the SNMP engine.
Global configuration
All
Defines an SNMPv222 MIB view.
Global configuration
All
Configure Splunk Universal Forwarder monitoring,
Global configuration
SE, SR
Dumps socket statistics.
Privileged-level EXEC
SE
Configures the SSH service parameters.
Global configuration
All
Configures the streaming interface.
Global configuration
SE
Saves the sysreport to a user-specified file.
Privileged-level EXEC
SE
Configures TACACS+ server parameters.
Global configuration
All
Dumps the TCP traffic on the network.
Privileged-level EXEC
All
Searches all TCP connections.
Privileged-level EXEC
SE
Enables and disables TCP timestamp.
Global configuration
All
Starts the Telnet client.
User-level EXEC and privileged-level EXEC
All
Enables the Telnet services.
Global configuration
All
Sets the terminal output commands.
User-level EXEC and privileged-level EXEC
All
Tests the accessibility of a URL using FTP, HTTP, or HTTPS.
User-level EXEC and privileged-level EXEC
SE, SR
Displays a dynamic real-time view of a running CDS.
Privileged-level EXEC
All
Traces the route to a remote host.
User-level EXEC and privileged-level EXEC
All
Traces the route of the SRP ring.
User-level EXEC and privileged-level EXEC
SR
Traces the route to a remote IPv6-enabled host.
User-level EXEC and privileged-level EXEC
SE, SR
Forces archiving of the working log file to make a transaction log file.
Privileged-level EXEC
All
Configures and enables the transaction logging parameters.
Global configuration
SE
Displays a file.
User-level EXEC and privileged-level EXEC
All
Displays the last several lines of a file.
User-level EXEC and privileged-level EXEC
All
Disables debugging functions.
Privileged-level EXEC
All
Configures the URL signature.
Global configuration
SE
Establishes the username authentication.
Global configuration
All
Configures the Web Engine.
User-level EXEC
SE
Configures the Web Engine caching parameters and disables revalidation.
Global configuration
SE
Displays the current user's name.
User-level EXEC and privileged-level EXEC
All
Configures the WMT.
Global configuration
SE
Writes or erases the startup configurations to NVRAM or to a terminal session, or writes the MIB persistence configuration to disk.
Privileged-level EXEC
All
1 NSSA = not-so-stubby area
2 WMT = Windows Media Technologies
3 MOTD = message-of-the-day
4 CDNFS = CDS network file system
5 CMS = centralized management system
6 Commands used to access configuration modes.
7 SSH = secure shell
8 Link Aggregation Control Protocol
9 syslog = system logging
10 MTU = maximum transmission unit
11 NET = network entity title
12 CLNS = Connectionless Network Service
13 OSPF = Open Shortest Path First
14 Network-attached Storage
15 FTP = File Transfer Protocol
16 LSAs = link-state advertisements
17 RSPF = reverse shortest path first
18 RRM = received routing message
19 SPF = Shortest Path First
20 SRM = send routing message
21 SSN = send sequence number
22 SNMPv2 = SNMP Version 2
aaa
To specify accounting, authentication, and authorization methods, use the aaa command in global configuration mode. To selectively disable options, use the no form of this command.
aaa {accounting {commands {0 {start-stop tacacs + | stop-only tacacs+} | 15 {start-stop tacacs + | stop-only tacacs+}} | exec {start-stop tacacs + | stop-only tacacs+} | system {start-stop tacacs + | stop-only tacacs+}} | authentication {enable {primary | secondary | tertiary} | radius {primary | secondary | tertiary} | tacacs+ {primary | secondary | tertiary}} | login {fail-over server-unreachable | local {primary | secondary | tertiary} | radius {primary | secondary | tertiary} | tacacs+ {primary | secondary | tertiary}} | authorization {commands {0 tacacs+ [if-authenticated] | 15 tacacs+ [if-authenticated]} | config-commands | console | exec {local {primary | secondary | tertiary} | radius {primary | secondary | tertiary} | tacacs+ {primary | secondary | tertiary}}}}
no aaa {accounting {commands {0 {start-stop tacacs + | stop-only tacacs+} | 15 {start-stop tacacs + | stop-only tacacs+}} | exec {start-stop tacacs + | stop-only tacacs+} | system {start-stop tacacs + | stop-only tacacs+}} | authentication {enable {enable {primary | secondary | tertiary} | radius {primary | secondary | tertiary} | tacacs+ {primary | secondary | tertiary}} | login {fail-over server-unreachable | local {primary | secondary | tertiary} | radius {primary | secondary | tertiary} | tacacs+ {primary | secondary | tertiary}} | authorization {commands {0 tacacs+ [if-authenticated] | 15 tacacs+ [if-authenticated]} | config-commands | console | exec {local {primary | secondary | tertiary} | radius {primary | secondary | tertiary} | tacacs+ {primary | secondary | tertiary}}}}
Syntax Description
Defaults
aaa authorization config-commands: disabled
Command Modes
Global configuration
Usage Guidelines
The aaa accounting commands command enables accounting using TACACS+ for normal and supper users.
The aaa accounting exec command enables accounting records for user EXEC terminal sessions on the Tacacs+ server, including username, date, start, and stop times.
The aaa accounting system command enables accounting of the system events, such as system reboot, NIC interface up or down, accounting configuration enabled or disabled, and using TACACS+.
The aaa authentication login command enables authentication using TACACS+ or the RADIUS server to determine if the user has access permission on the SE. The local authentication uses the local database for authentication, if configured. This can be enabled to provide a fallback in case of TACACS+ or Radius server failure.
If there are multi-authentication methods configured, the SE tries to authenticating the user through all configured methods, one by one, until one of them succeeds. The authentication order complies with the priority specified (primary, secondary, then tertiary). If the primary is empty, the secondary is considered as primary, and so on.
If the configured TACACS+ or Radius server is unreachable, use the aaa authentication login fail-over server-unreachable command to switch off the TACACS+ or Radius server, and enable fail-over to use the local password file for authentication.
The aaa authentication enable command enables authentication using TACACS+ or the RADIUS server to determine if the normal user can enter the privileged exec mode. Alternatively, the enable authentication method uses the local database (the enable password) for authentication.
The aaa authorization command enables authorization using the TACACS+ server to determine if the specified user can execute commands or not. In case the configured TACACS+ server is unreachable, the if-authenticated option can switch off the TACACS+ server and authorization is granted to anyone who is authenticated.
Note
CTRL+C, CTRL+Z, exit, end, and all of configuration commands for entering submode, for example, interface GigabitEthernet 1/0.
The aaa authorization config-commands command reestablishes the default created when the aaa authorization commands command was issued.
If the aaa authorization commands level method command is enabled, all commands, including configuration commands, are authorized using the method specified for the specified user. To bypass the configuration commands, using the no aaa authorization config-commands command stops the network access server from attempting configuration command authorization.
After the no form of this command is entered, AAA authorization of configuration commands is completely disabled. Take care before entering the no form of this command because it potentially reduces the amount of administrative control on configuration commands.
Use the aaa authorization config-commands command if, after using the no form of this command, you need to reestablish the default set by the aaa authorization commands level method command.
Note
The aaa authorization console command applies authorization to a console. To disable the authorization, use the no form of this command.
The no aaa authorization console command is the default, and the authorization that is configured on the console line always succeeds. If you do not want the default, you need to configure the aaa authorization console command.
The aaa authorization exec command enables authorization using the TACACS+ or RADIUS server to determine if the user can startup an exec (shell). The local authentication uses the local database for authorization, if configured. This can be enabled to provide a fallback in case the TACACS+ or Radius server fails.
If you are trying to disable the aaa authorization exec command, at least one authorization method must be selected (local is the default). At least one authentication method must be selected for login.
Note
Examples
The following configures accounting commands for a normal user using Tacacs+ hosts:
ServiceEngine(config)# aaa accounting commands 0 start-stop tacacs+The following example enables/disables authentication for login:
ServiceEngine(config)# aaa authentication loginThe following example applies authorization to a console:
ServiceEngine(config)# aaa authorization consoleRelated Commands
enable password
Changes the password.
show aaa
Shows the AAA configuration for a different service.
show statistics aaa
Shows the AAA statistics.
access-lists
To configure access control list (ACL) entries, use the access-lists command in Global configuration mode. To remove access control list entries, use the no form of this command.
access-lists {300 {deny groupname {any [position number] | groupname [position number]}} | {permit groupname {any [position number] | groupname [position number]}} | enable}
no access-lists {300 {deny groupname {any [position number] | groupname [position number}} | {permit groupname {any [position number] | groupname [position number]}} | enable}
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
You can configure group authorization using an ACL only after a user has been authenticated against an LDAP HTTP-request Authentication Server. The use of this list configures group privileges when members of the group are accessing content provided by an SE. You can use the ACL to allow the users who belong to certain groups or to prevent them from viewing specific content. This authorization feature offers more granular access control by specifying that access is only allowed to specific groups.
Use the access-lists enable Global configuration command to enable the use of the ACL.
Use the access-lists 300 command to permit or deny a group from accessing the Internet using an SE. For instance, use the access-lists 300 deny groupname marketing command to prevent any user from the marketing group from accessing content through an SE.
At least one login authentication method, such as local, TACACS+, or RADIUS, must be enabled.
Note
The ACL contains the following feature enhancements and limitations:
•
•
•
•
Note
•
•
For Windows-based user groups, append the domain name in front of the group name in the form domain or group as follows:
For Windows NT-based user groups, use the domain NetBIOS name.
Wildcards
The access-list command does not use a netmask; it uses a wildcard bitmask. The source and destination IP and wildcard usage is as follows:
•
–
–
–
•
To specify the source wildcard, use a 32-bit quantity in four-part dotted decimal format. Place 1s in the bit positions you want to ignore.
Note
Examples
The following example shows how to display the configuration of the ACL by using the show access-lists 300 command:
ServiceEngine# show access-lists 300Access Control List Configuration---------------------------------Access Control List is enabledGroupname-based List (300)1. permit groupname techpubs2. permit groupname acme13. permit groupname engineering4. permit groupname sales5. permit groupname marketing6. deny groupname anyThe following example shows how to display statistical information for the ACL by using the show statistics access-lists 300 command:
ServiceEngine# show statistics access-lists 300Access Control Lists Statistics-----------------------------------------Groupname and username-based List (300)Number of requests: 1Number of deny responses: 0Number of permit responses: 1The following example shows how to reset the statistical information for the ACL by using the clear statistics access-lists 300 command:
ServiceEngine# clear statistics access-lists 300ServiceEngine(config)# access-lists 300 permit groupname acme1 position 2Related Commands
show access-lists 300
Displays the ACL configuration.
show statistics access-list 300
Displays the ACL statistics.
acquirer (EXEC)
To start or stop content acquisition on a specified acquirer delivery service, use the acquirer command in EXEC configuration mode. You can also use this command to verify and correct the Last-Modified-Time attribute in content acquired using the Cisco Internet Streamer CDS software.
acquirer {check-time-for-old-content [delivery-service-id delivery-service-num | delivery-service-name delivery-service-name] | [correct [delivery-service-id delivery-service-num | delivery-service-name delivery-service-name]] | start-delivery-service {delivery-service-id delivery-service-num | delivery-service-name delivery-service-name} | stop-delivery-service {delivery-service-id delivery-service-num | delivery-service-name delivery-service-name} | test-url url [use-http-proxy url | use-smb-options smb-options]}
Syntax Description
Defaults
If you do not specify the delivery service, this command applies to all delivery services assigned to the Content Acquirer.
Command Modes
EXEC configuration mode.
Usage Guidelines
The acquirer is a software agent that gathers delivery service content before it is distributed to the receiver SEs in an Internet Streamer CDS network. The acquirer maintains a task list, which it updates after receiving a notification of changes in its delivery service configuration.
The acquirer stores the Last-Modified-Time attribute in the local time format. Content acquired using earlier software releases has a Last-Modified-Time attribute that is incorrect if used with later versions of the Internet Streamer CDS software, which use GMT format.
Correct the Last-Modified-Time attributes for content acquired with earlier releases by entering the following command from the privileged EXEC prompt:
acquirer check-time-for-old-content correct [delivery-service-id delivery-service-num delivery-service-name delivery-service-name]
This command changes the Last-Modified-Time attributes for content in all delivery services assigned to the Content Acquirer unless you specify the delivery service ID or name.
SEs identify changes in the Last-Modified-Time attribute and download content only when changes have occurred.
Use the acquirer start-delivery-service command to immediately start acquisition tasks for the selected delivery service. Use the acquirer stop-delivery-service command to immediately stop all acquisition tasks for the selected delivery service.
Use the acquirer test-url url command in EXEC configuration mode to test whether a URL is accessible or not. The actual content is dumped into the /dev/null path.
Examples
The following example shows how the acquirer starts acquiring content on delivery service 86:
ServiceEngine# acquirer start-delivery-service delivery-service-id 86ServiceEngine# acquirer start-delivery-service delivery-service-name corporateThe following example shows how the acquirer stops acquiring content on delivery service 86:
ServiceEngine# acquirer stop-delivery-service delivery-service-id 86ServiceEngine# acquirer stop-delivery-service delivery-service-name corporateThe following example shows how the acquirer test-url command is used to test a URL:
ServiceEngine# acquirer test-url http://172.16.150.26--05:16:41-- http://10.107.150.26=> `/dev/null'Connecting to 10.107.150.26:80... connected.HTTP request sent, awaiting response... 200 OKLength: 1,722 [ text/html ]100% [ ====================================> ] 1,722 1.64M/s ETA 00:0002:45:40 (1.64 MB/s) - `/dev/null' saved [ 1722/1722 ]Related Commands
acquirer (Global configuration)
To provide authentication when the acquirer obtains content through a proxy server, use the acquirer command in Global configuration mode. To disable acquirer proxy authentication, use the no form of this command.
acquirer proxy authentication {outgoing {hostname | ip-address} port-num} username | password password}
no acquirer proxy authentication {outgoing {hostname | ip-address} port-num} username | password password}
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
Use the acquirer proxy authentication outgoing Global configuration command to configure authentication when you enable content acquisition through a proxy server. First configure the proxy host and the port using the http proxy outgoing host Global configuration command. The maximum number of outgoing proxies allowed is eight. When you remove an outgoing proxy using the no http outgoing proxy command, the authentication information associated with that proxy is automatically removed.
Use the acquirer proxy authentication transparent command for transparent caches in the Internet Streamer CDS network that require authentication.
The acquirer supports a proxy with basic authentication. Content acquisition through a proxy server is supported only for HTTP and not for HTTPS or FTP. Also, authentication is only supported for a single proxy server in a chain, so if multiple proxy servers in a chain require authentication, the request fails.
Acquisition through a proxy server can be configured when the Content Acquirer cannot directly access the origin server because the origin server is set up to allow access only by a specified proxy server. When a proxy server is configured for Content Acquirer content acquisition, the acquirer contacts the proxy server instead of the origin server, and all requests to that origin server go through the proxy server.
Note
There are three ways to configure the proxy server: through the CDSM GUI. If you need to configure the SE to use the proxy for both caching and prepositioned content, use the CLI to configure the proxy. The CLI command is a Global configuration command that configures the entire SE to use the proxy. If only the acquirer portion of the SE needs to use the proxy for acquiring the prepositioned content, use the manifest file or specify the outgoing proxy. When you configure the proxy server in the manifest file, you are configuring the acquirer to use the proxy to fetch the content for a particular delivery service.
Note
You can also configure a proxy for fetching the manifest file by using the CDSM GUI (the Creating New Delivery Service or Modifying Delivery Service window). When you configure a proxy server in the CDSM GUI, the proxy configuration is valid only for acquiring the manifest file and not for acquiring the delivery service content. Requests for the manifest file go through the proxy server, and requests for the content go directly to the origin server.
Tip
Examples
The following example shows the authentication configuration for a transparent proxy server with basic authentication:
ServiceEngine(config)# acquirer proxy authentication transparent 192.168.1.1 8080 mynameRelated Commands
acquisition-distribution
To start or stop the content acquisition and distribution process, use the acquisition-distribution command in EXEC configuration mode.
acquisition-distribution {database-cleanup {start | stop} | start | stop}
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
When you use the acquisition-distribution database-cleanup command, the acquisition and distribution database is checked to ensure that all prepositioned content is available in Cisco Network File System (CDNFS). If any prepositioned content is found to be missing from CDNFS, the content is replicated to all SEs in the Internet Streamer CDS network. Content Acquirers assigned to a delivery service acquire the content directly from the origin server and replicate the content through the delivery service either by unicast or multicast transmission to other SEs in the delivery service. Receiver SEs obtain the content from forwarder SEs either by unicast or multicast. In the case of a disk00 failure, when the database is stored on disk00 in an internal file system (/state), the recovery of the acquisition and distribution database is done automatically. You should run the acquisition and distribution database cleanup if a failure occurs or if you have to replace a disk drive other than disk00.
Examples
The following example shows how to start the acquisition and distribution database cleanup process:
ServiceEngine# acquisition-distribution database-cleanup startThe following example shows how to start the acquisition and distribution process:
ServiceEngine# acquisition-distribution startThe following example shows how to stop the acquisition and distribution process:
ServiceEngine# acquisition-distribution stopRelated Commands
alarm
To configure alarms, use the alarm command in Global configuration mode. To disable alarms, use the no form of this command.
alarm {admin-shutdown-alarm enable | overload-detect {clear 1-999 [raise 10-1000] | enable | raise 10-1000 [clear 1-999]}}
no alarm {admin-shutdown-alarm enable | overload-detect {clear 1-999 [raise 10-1000] | enable | raise 10-1000 [clear 1-999]}}
Syntax Description
Defaults
admin-shutdown-alarm: disabled
raise: 10 alarms per second
clear: 1 alarm per second
Command Modes
Global configuration (config) mode.
Usage Guidelines
The alarm admin-shutdown-alarm command must be enabled for an admin-shutdown alarm to take effect. If an admin-shutdown alarm occurs, disabling this option does not clear the outstanding alarm properly. There are two ways to avoid this situation:
•
•
When multiple applications running on an SE experience problems at the same time, numerous alarms are set off simultaneously, and an SE may stop responding. Use the alarm overload-detect command to set an overload limit for the incoming alarms from the node Health Manager. If the number of alarms exceeds the maximum number of alarms allowed, an SE enters an alarm overload state until the number of alarms drops down to the number defined in the clear.
When an SE is in the alarm overload state, the following events occur:
•
•
•
•
Note
Examples
The following example shows how to generate a linkdown alarm when an interface shuts down:
ServiceEngine(config)# alarm admin-shutdown-alarm enableThe following example shows how to enable the detection of alarm overload:
ServiceEngine(config)# alarm overload-detect enableThe following example shows how to set the threshold for triggering the alarm overload at 100 alarms per second:
ServiceEngine(config)# alarm overload-detect raise 100The following example shows how to set the level for clearing the alarm overload at 10 alarms per second:
ServiceEngine(config)# alarm overload-detect clear 10Related Commands
show alarms
Displays information on various types of alarms, their status, and history.
show alarm status
Displays the status of various alarms and alarm overload settings.
area nssa
To configure an area as a not-so-stubby area (NSSA), use the area nssa router configuration command. To remove the NSSA distinction from the area, use the no form of this command.
area area-id nssa
no area area-id nssa
Syntax Description
area-id
Identifier of the area for which authentication is to be enabled. The identifier can be specified as either a decimal value or an IP address (ID range is from 0 to 4294967295).
Command Default
No NSSA area is defined.
Command Modes
OSPF configuration (config-ospf) mode.
Usage Guidelines
This command is used to configure an area as a NSSA. The area ID range is given as 0 to 4294967295, but area 0 cannot be configured as an NSSA area.
Examples
In the following example area 1 is configured as an NSSA area:
ServiceRouter(config)# router ospfServiceRouter(config-ospf)# network 192.168.20.0 0.0.0.255 area 1ServiceRouter(config-ospf)# area 1 nssaServiceRouter(config-ospf)#area stub
To define an area as a stub area, use the area stub router configuration command. To disable this function, use the no form of this command
area area-id stub
no area area-id stub
Syntax Description
area-id
Identifier for the stub area. The identifier can be specified as either a decimal value or an IP address (ID range is from 0 to 4294967295).
Command Default
No stub area is defined.
Command Modes
OSPF configuration (config-ospf) mode.
Usage Guidelines
This command is used to define an area as a stub area. The area ID range is given as 0 to 4294967295, but area 0 cannot be configured as a stub area.
Examples
The following example shows how to configure area 1 as a stub area:
ServiceRouter(config)# router ospfServiceRouter(config-ospf)# network 192.168.20.0 0.0.0.255 area 1ServiceRouter(config-ospf)# area 1 stubServiceRouter(config-ospf)#asset
To configure the CISCO-ENTITY-ASSET-MIB, use the asset command in Global configuration mode. To remove the asset tag name, use the no form of this command.
asset tag name
no asset tag name
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Examples
The following example shows how to configure a tag name for the asset tag string:
ServiceEngine(config)# asset tag entitymibauthsvr
To enable and configure the Authorization server, use the authsvr command in Global configuration mode. To disable the Authorization server, use the no form of this command.
authsvr {enable | location-server {cache-timeout num | enable | primary ip addr port num [ service-name name ] [ retry num ] [ timeout num ] | secondary ip addr port num [ service-name name ] [ retry num ] [ timeout num ] | server-type [ maxmind-restful-hosted [ http | https ] service name | quova-restful-gds | quova-restful-hosted [ http [ api-key key | shared-secret secret ] ] ]} | unknown-server allow}
no authsvr {enable | location-server {cache-timeout num | enable | primary ip addr port num [ service-name name ] [ retry num ] [ timeout num ] | secondary ip addr port num [ service-name name ] [ retry num ] [ timeout num ] | server-type [ maxmind-restful-hosted [ http | https ] service name | quova-restful-gds | quova-restful-hosted [ http [ api-key key | shared-secret secret ] ] ]} | unknown-server allow}
Syntax Description
Defaults
authsvr: enabled
cache-timeout: 691200 seconds or 8 days.
unknown-server: blocked
Command Modes
Global configuration (config) mode.
Usage Guidelines
Changing the primary or secondary Geo-Location server configuration requires a restart of the authsvr for the configuration change to take effect. To restart the authsvr, disable it by entering the no authsvr enable and then re-enable it by entering the authsvr enable command.
The no authsvr unknown-server allow command causes all blocked requests to increment the authsvr block statistic.
Examples
The following example shows how to enable the Authorization server:
ServiceEngine(config)# authsvr enableAuthserver is enabledRelated Commands
bandwidth (Global configuration)
To set an allowable bandwidth usage limit and its duration for Cisco Streaming Engine Windows Media Technology (WMT) streaming media, use the bandwidth command in Global configuration mode. To remove individual options, use the no form of this command.
bandwidth {movie-streamer {incoming bandwidth | outgoing bandwidth {default | max-bandwidth start-time day hour end-time day hour}} | wmt {incoming bandwidth | outgoing bandwidth}}
no bandwidth {movie-streamer {incoming bandwidth | outgoing bandwidth {default | max-bandwidth start-time day hour end-time day hour}} | wmt {incoming bandwidth | outgoing bandwidth}}
Syntax Description
movie-streamer
Configures the maximum pacing bit rate, in kilobits per second (kbps), for the Movie Streamer.
incoming
Configures the duration of allowable incoming bandwidth settings for WMT.
bandwidth
Bandwidth size for the Movie Streamer, in kbps. The range is from 0 to 2147483647.
outgoing
Configures the duration of allowable outgoing bandwidth settings for WMT.
default
Specifies the default value for bandwidth if the scheduled bandwidth is not configured.
max-bandwidth
Specifies the maximum value of bandwidth, in kbps.
start-time
Specifies the start time for this bandwidth setting.
day
Day of the week.
hour
Time to start (hh:mm). The range is from 00 to 23:00 to 59.
end-time
Specifies the end time for this bandwidth setting.
wmt
Configures the duration of allowable bandwidth settings for WMT. For more information, see the "Configuring Incoming and Outgoing WMT Bandwidth" section.
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
With the various types of traffic originating from a device, every type of traffic, such as streaming media, HTTP, and metadata, consumes network resources. Use the bandwidth command to limit the amount of network bandwidth used by the WMT streaming media.
The content services bandwidth includes the bandwidth allocation for WMT. WMT bandwidth settings apply to WMT streaming of live, cached, and prepositioned content.
For each type of bandwidth, you can specify the amount of bandwidth to be used for a particular time period. This type is called scheduled bandwidth. The default bandwidth is the amount of bandwidth associated with each content service type when there is no scheduled bandwidth. In centrally managed deployments (the SEs are registered with a CDSM), if the SE is assigned to a device group and no default bandwidth has been configured for the SE itself, the device group default bandwidth settings are applied. However, if the default bandwidth has been configured for the SE, then that setting overrides the device group settings. If the SE is a member of multiple device groups, the most recently updated default bandwidth settings are applied.
The maximum bandwidth specifies the upper limit for the allowable bandwidth. The total bandwidth configured for all content services must not exceed the bandwidth limits specified for any SE platform model in the Internet Streamer CDS network. In addition, the license keys configured for WMT further restrict the maximum bandwidth available for each SE model.
Configuring Incoming and Outgoing WMT Bandwidth
The bandwidth between the WMT proxy server (the SE) and the WMT client is called the WMT outgoing bandwidth.
The bandwidth between the WMT proxy and the origin streaming server is called the incoming bandwidth. Because the bandwidth from the edge to the outside IP WAN is limited, you must specify a per session limit (the maximum bit rate per request) for each service that is running on the SE and that consumes the incoming bandwidth (for example, the WMT streaming service), and an aggregate limit (the maximum incoming bandwidth.) You need to control the outgoing bandwidth based on the WMT license that is configured on the SE.
The bandwidth wmt outgoing and bandwidth incoming commands enable you to specify a WMT incoming and an outgoing bandwidth as follows:
•
If the specified outgoing bandwidth is above the limit specified by the WMT license, then a warning message is displayed. However, the specified outgoing bandwidth setting is applied to the SE because the outgoing bandwidth may be configured before the WMT licenses are enabled or an enabled WMT license may be changed to a higher value at a later time.
•
Related Commands
bandwidth (interface configuration)
To configure an interface bandwidth, use the bandwidth command in interface configuration mode. To restore default values, use the no form of this command.
bandwidth {10 | 100 | 1000}
no bandwidth {10 | 100 | 1000}
Syntax Description
10
Sets the bandwidth to 10 megabits per second (Mbps).
100
Sets the bandwidth to 100 Mbps.
1000
Sets the bandwidth to 1000 Mbps. This option is not available on all ports.
Defaults
None
Command Modes
Interface configuration (config-if) mode.
Usage Guidelines
The bandwidth is specified in Mbps. The 1000 Mbps option is not available on all ports. On an SE model that has an optical Gigabit Ethernet interface, you cannot change the bandwidth of this interface. Therefore, Gigabit Ethernet interfaces run only at 1000 Mbps. For newer models of the SE that have a Gigabit Ethernet interface over copper, this restriction does not apply; you can configure these Gigabit Ethernet interfaces to run at 10, 100, or 1000 Mbps.
You can configure the Gigabit Ethernet interface settings (bandwidth, and duplex settings) if the Gigabit-over-copper-interface is up or down. If the interface is up, it applies the specific interface settings. If the interface is down, the specified settings are stored and then applied when the interface is brought up. For example, you can specify any of the following commands for a Gigabit-over-copper-interface, which is currently down, and have these settings automatically applied when the interface is brought up:
ServiceEngine(config-if)#bandwidth 10ServiceEngine(config-if)#bandwidth 100ServiceEngine(config-if)#bandwidth 1000You cannot configure the Gigabit Ethernet interface settings on an optical Gigabit Ethernet interface.
Examples
The following example shows how to set an interface bandwidth to 10 Mbps:
ServiceEngine(config-if)# bandwidth 10The following example shows how to restore default bandwidth values on an interface:
ServiceEngine(config-if)# no bandwidthRelated Commands
interface
Configures a Gigabit Ethernet or port channel interface. Provides access to interface configuration mode.
banner
To configure the EXEC, login, and message-of-the-day (MOTD) banners, use the banner command in Global configuration mode. To disable the banner feature, use the no form of this command.
banner {enable | exec {message line | message_text} | login {message line | message_text} | motd {message line | message_text}}
no banner {enable | exec [message] | login [message] | motd [message]}
Syntax Description
Defaults
Banner support is disabled by default.
Command Modes
Global configuration (config) mode.
Usage Guidelines
You can configure the following three types of banners in any Internet Streamer CDS software device mode:
•
•
•
Note
After you configure the banners, enter the banner enable command to enable banner support on the SE. Enter the show banner command in EXEC configuration mode to display information about the configured banners.
Note
Examples
The following example shows how to enable banner support on the SE:
ServiceEngine(config)#banner enableThe following example shows how to use the banner motd message command to configure the MOTD banner. In this example, the MOTD message consists of a single line of text.
ServiceEngine(config)#banner motd message This is an Internet Streamer CDS 2.3 deviceThe following example shows how to use the banner motd message global command to configure a MOTD message that is longer than a single line. In this case, the SE translates the \n portion of the message to a new line when the MOTD message is displayed to the user.
ServiceEngine(config)#banner motd message "This is the motd message. \nThis is an Internet Streamer CDS 2.3 device\n"The following example shows how to use the banner login message command to configure a MOTD message that is longer than a single line. In this case, SE A translates the \n portion of the message to a new line in the login message that is displayed to the user.
ServiceEngine(config)#banner login message "This is login banner. \nUse your password to login\n"The following example shows how to use the banner exec command to configure an interactive banner. The banner exec command is similar to the banner motd message commands except that for the banner exec command, the banner content is obtained from the command-line input that the user enters after being prompted for the input.
ServiceEngine(config)# banner execPlease type your MOTD messages below and end it with '.' at beginning of line:(plain text only, no longer than 980 bytes including newline)This is the EXEC banner.\nUse your Internet Streamer CDS username and password to log in to this SE.\n.Message has 99 characters.ServiceEngine(config)#Assume that the SE has been configured with the MOTD, login, and EXEC banners as shown in the previous examples. When a user uses an SSH session to log in to the SE, the user sees a login session that includes a MOTD banner and a login banner that asks the user to enter a login password as follows:
This is the motd banner.This is an Internet Streamer CDS 2.3 deviceThis is login banner.Use your password to login.Cisco SEadmin@ce's password:After the user enters a valid login password, the EXEC banner is displayed, and the user is asked to enter the Internet Streamer CDS username and password as follows:
Last login: Fri Oct 1 14:54:03 2004 from clientSystem Initialization Finished.This is the EXEC banner.Use your Internet Streamer CDS username and password to log in to this SE.After the user enters a valid Internet Streamer CDS username and password, the SE CLI is displayed. The CLI prompt varies depending on the privilege level of the login account. In the following example, because the user entered a username and password that had administrative privileges (privilege level of 15), the EXEC configuration mode CLI prompt is displayed:
ServiceEngine#Related Commands
bitrate
To configure the maximum pacing bit rate for large files for the Movie Streamer and to separately configure WMT bit-rate settings, use the bitrate command in Global configuration mode. To remove the bit-rate settings, use the no form of this command.
bitrate {movie-streamer bitrate | wmt {incoming bitrate | outgoing bitrate}}
no bitrate {movie-streamer bitrate | wmt {incoming | outgoing}}
Syntax Description
Defaults
movie-streamer bitrate: 1500 kbps
wmt incoming bitrate: 0 (no limit)
wmt outgoing bitrate: 0 (no limit)
Command Modes
Global configuration (config) mode.
Usage Guidelines
The WMT proxy has the ability to cache on-demand media files when the user requests these files for the first time. All subsequent requests for the same file are served by the WMT proxy using the RTSP protocol. The WMT proxy can also live-split a broadcast, which causes only a single unicast stream to be requested from the origin server in response to multiple client requests for the stream.
The bit rate between the proxy and the origin server is called the incoming bit rate. Use the bitrate command to limit the maximum bit rate per session for large files. The bitrate wmt incoming and bitrate wmt outgoing commands enable you to specify a WMT incoming and outgoing per session bit rate as follows:
•
•
Note
Variable WMT Bit Rates
A content provider can create streaming media files at different bit rates to ensure that different clients who have different connections—for example, modem, DSL, or LAN—can choose a particular bit rate. The WMT caching proxy can cache multiple bit-rate files or variable bit-rate (VBR) files, and based on the bit rate specified by the client, it serves the appropriate stream. Another advantage of creating variable bit-rate files is that you only need to specify a single URL for the delivery of streaming media.
Note
Examples
The following example shows how to configure an incoming bit rate for the Movie Streamer:
ServiceEngine(config)# bitrate movie-streamer incoming 100The following example shows how to configure an incoming bit rate for a file sent using WMT. Use the show wmt command to verify that the incoming bit rate has been modified.
ServiceEngine(config)# bitrate wmt incoming 300000ServiceEngine(config)# exitServiceEngine# show wmt--------- WMT Server Configurations -----------------WMT is enabledWMT disallowed client protocols: noneWMT bandwidth platform limit: 1000000 Kbits/secWMT outgoing bandwidth configured is 500000 Kbits/secWMT incoming bandwidth configured is 500000 Kbits/secWMT max sessions configured: 14000WMT max sessions platform limit: 14000WMT max sessions enforced: 14000 sessionsWMT max outgoing bit rate allowed per stream has no limitWMT max incoming bit rate allowed per stream has no limitWMT cache is enabledWMT cache max-obj-size: 25600 MBWMT cache revalidate for each request is not enabledWMT cache age-multiplier: 30%WMT cache min-ttl: 60 minutesWMT cache max-ttl: 1 daysWMT debug client ip not setWMT debug server ip not setWMT accelerate live-split is enabledWMT accelerate proxy-cache is enabledWMT accelerate VOD is enabledWMT fast-start is enabledWMT fast-start max. bandwidth per player is 3500 (Kbps)WMT fast-cache is enabledWMT fast-cache acceleration factor is 5WMT maximum data packet MTU (TCP) enforced is 1472 bytesWMT maximum data packet MTU (UDP) is 1500 bytesWMT client idle timeout is 60 secondsWMT forward logs is enabledWMT server inactivity-timeout is 65535WMT Transaction Log format is Windows Media Services 4.1 loggingRTSP Gateway incoming port 554--------- WMT HTTP Configurations -------------------WMT http extensions allowed:asf none nsc wma wmv nsclog--------- WMT Proxy Configurations ------------------Outgoing Proxy-Mode:--------------------MMS-over-HTTP Proxy-Mode:is not configured.RTSP Proxy-Mode:is not configured. ServiceEngine#Related Commands
blink
To identify physical devices by blinking their LED(s), use the blink command in EXEC configuration mode.
blink {disk name | interface {GigabitEthernet slot/port_num | TenGigabitEthernet slot/port_num}}
Syntax Description
Command Default
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The blink disk command submits IO to a disk, do not use this command in systems with live traffic.
Examples
The following example shows how to blink a disk:
ServiceRouter# blink disk disk00Blinking disk00 LED for 3 secondsThe following example shows how to blink a GigabitEthernet interface:
ServiceRouter# blink interface gigabitEthernet 1/0Blinking eth0 LED for 3 secondsbootstrap-node
To configure a bootstrap node IP address, use the bootstrap-node Service Routing Protocol (SRP) configuration command. To remove a bootstrap node address, use the no or default form of the command.
bootstrap-node ip-address
[no | default] bootstrap-node ip-address
Syntax Description
ip-address
Valid IP address for the bootstrap node. IP addresses 0.0.0.0 and 255.255.255.255 are not valid addresses for a bootstrap node.
Command Default
No bootstrap node address is configured.
Command Modes
SRP configuration (config-srp) mode.
Usage Guidelines
This command is used to set bootstrap nodes for an SRP. A Proximity Engine specifies one or more bootstrap nodes to join a DHT network. In a DHT network, the domain ID of the bootstrap nodes and the Proximity Engine must the same.
The first Proximity Engine in the network, which acts as the bootstrap node for others, does not have to configure the bootstrap node address itself. This is the only exception to configuring bootstrap nodes. All other nodes need to configure a bootstrap node address before they can join any network.
The no and default forms of the command remove a given bootstrap node from the list of available bootstrap nodes of a Proximity Engine. The port number for bootstrap node is 9000. The show srp process command lists configured bootstrap nodes.
A Proximity Engine cannot be its own bootstrap node. A maximum 25 bootstrap nodes are allowed.
Examples
The following example shows how to configure a bootstrap node address with the bootstrap-node command:
ServiceRouter# configure terminalEnter configuration commands, one per line. End with CNTL/Z.ServiceRouter(config)# router srpServiceRouter(config-srp)# bootstrap-node 192.168.6.91ServiceRouter(config-srp)# endServiceRouter#The following example shows how the show srp process command displays configured bootstrap nodes:
ServiceRouter# show srp processProcess:Domain: 0Node Id: 6b05858ab28345e62e9e614a48e1206445ec9ca0884fa0e827c1072f5fe8c5f5Port: 9000Interfaces running SRP:*GigabitEthernet 1/0Database Mirroring: Disabled# of storages requested for mirroring: 2# of storages used for mirroring : 1...ServiceRouter#Related Commands
domain
Sets the domain ID for the SRP.
router srp
Enters SRP configuration mode.
show srp process
Displays the basic configurations for SRP.
cache
To restrict the maximum number of contents in the CDS, use the cache command in Global configuration mode.
cache content {eviction-preferred-size {small | large} | eviction-protection {min-size-100MB {min-duration-1hr | min-duration-2hr | min-duration-3hr | min-duration-4hr}| min-size-1GB {min-duration-1hr | min-duration-2hr | min-duration-3hr | min-duration-4hr} | min-size-4GB {min-duration-1hr | min-duration-2hr | min-duration-3hr | min-duration-4hr} | min-size-500MB {min-duration-1hr | min-duration-2hr | min-duration-3hr | min-duration-4hr}}| max-cached-entries num
Syntax Description
Defaults
The max-cached-entries default is 2000000 entries.
Command Modes
Global configuration (config) mode.
Usage Guidelines
The Content Manager manages the caching, storage, and deletion of content.
Current priority favors small objects. The cache content eviction-preferred size command allows users to configure a preference for small or large objects in the Content Manager. Once a preference is specified, it only applies on contents made after the configurative; contents prior to configuration remain unchanged.
Addition and Deletion Processes
Previously, the Internet Streamer CDS software did not restrict adding new content to CDNFS as long as there was enough disk space for the asset. The cache content max-cached-entries command restricted the number of assets, but it was not a hard limit. New content was always added and the CDS would delete old content in an attempt to keep within the limits configured. The CDS could actually have more content than the configured limit, because the process to delete content is slower than the process to add content. The same situation applies to disk-usage based deletion, where deletion occurs when 90 percent of the CDNFS is used.
Content addition stops at 105 percent of the maximum object count or 95 percent of the CDNFS capacity (disk usage). For example, if the maximum number of objects has been configured as 20 million (which is the default value), the CDS starts deleting content if the object count reaches 20 million, but adding content is still allowed. Adding content stops when the maximum number of content objects reaches 21 million (105 percent of 20 million), which allows time for the content deletion process to reduce the number of objects in the CDS to the configured limit. Adding content resumes only after the number of objects is 20 million or less. The same logic applies to disk usage. The deletion process starts when disk usage reaches 93 percent, adding content stops when disk usage reaches 98 percent, and adding content resumes only after the disk usage percentage reaches 95 percent or less.
Note
For long-tail content (Windows Media Streaming, Flash Media Streaming, Movie Streamer, and progressive download), the maximum number of content objects can be configured with the default of 20 million on the HDD-based hardware models. Two of the HDD-based hardware models are the CDE220-2G2 and CDE250-2M0.
If adding content has been stopped because either the content count reached 105 percent of the limit or the disk usage reached 98 percent of capacity, the un-writable flag is set in the share memory and when the protocol engine calls create, FastCAL library looks into the share memory and denies the creation request. The protocol engine performs a bypass or cut-through operation.
The show cdnfs usage command shows the current status of whether the content is able to be cached or not. Following is an example of the output:
ServiceEngine# show cdnfs usageTotal number of CDNFS entries : 2522634Total space : 4656.3 GBTotal bytes available : 4626.0 GBTotal cache size : 2.4 GBTotal cached entries : 2522634Cache-content mgr status : CachableUnits: 1KB = 1024B; 1MB = 1024KB; 1GB = 1024MBIf the maximum object count is reached, the following is displayed:
Cache-content mgr status: Not cacheable on the following disk(s): [/disk00-06] [/disk01-06] [/disk02-01]105% of max obj count reached : [/disk00-06] [/disk01-06] [/disk02-01]If the disk usage reaches more than 98 percent, the following is displayed:
Cache-content mgr status: Not cacheable on the following disk(s): [/disk01-06] [/disk02-01]98% of disk usage reached: [/disk01-06] [/disk02-01]Eviction Protection
The Content Manager provides configurable eviction protection for some content. The Content Manager eviction algorithm is triggered when the disk usage reaches 93 percent or when the cached object count reaches the configured maximum object count. The eviction algorithm assigns a priority number to each content object based on an algorithm similar to the greedy-dual-size-frequency (GDSF) algorithm. The priority number is based on the size and usage of the object. Small objects are given preference over large objects; that is, they are less likely to be deleted.
To protect incoming large objects from getting a low priority and being deleted, use the cache content eviction-protection global configure command. The cache content eviction-protection command allows you to set the minimum content size (100 MB, 500 MB, 1 GB, and 4 GB) and the minimum age (1-4 hours for 100 MB size, 1, 4, 8, or 24 hours for all other sizes) of the content object to be protected from deletion. For example, to set the eviction protection for content objects larger than 100 MB that were ingested in the last two hours, you would enter the following command:
ServiceEngine(config)# cache content eviction-protection min-size-100MB min-duration-2hrsIf the content object being cached is larger than the configured size, it is inserted into a protection table along with the current time stamp. If the difference between the object's time stamp and the current time is greater than the configured time duration, the object is removed from the protection table. If the eviction algorithm is triggered, before it selects an object for deletion, it first looks at the protection table, and if the object is found, it is skipped for that iteration. The clear-cache-content command also checks the protection table before deleting an object. The clear-cache-all command does not check the eviction protection table; cache content is just deleted. As for relative cache content, content in the protection table might still be deleted if the relative content that is not protected is deleted. The eviction protection is disabled by default.
If the Content Manager eviction algorithm is not able to find any content to delete, a syslog message is sent to notify the administrator to revisit the configuration. Changing the settings of the cache content eviction-protection command only affect the content that are currently in the protection table and any new content that is added. Any object that is removed from the protection table prior to the configuration change is not brought back into the protection table.
Reloading the SE or entering the no cache content eviction-protection min-size-xx duration-xx command removes all entries in the eviction protection table.
Note
The show cache content command displays the eviction protection status and the number of elements in the eviction protection table.
Examples
The following example shows how to configure the cache content:
ServiceEngine# cache content max-cached-entries 1000The show cdnfs usage command shows the current status of whether the content is able to be cached or not. Following is an example of the output:
# show cdnfs usageTotal number of CDNFS entries : 2522634Total space : 4656.3 GBTotal bytes available : 4626.0 GBTotal cache size : 2.4 GBTotal cached entries : 2522634Cache-content mgr status : CachableUnits: 1KB = 1024B; 1MB = 1024KB; 1GB = 1024MBIf the maximum object count is reached, the following is displayed:
Cache-content mgr status : caching paused[ max count 105% of configured reached ]If the disk usage reaches more than 95 percent, the following is displayed:
Cache-content mgr status : caching paused[ disk max 95% of disk usage reached ]
Note
Related Commands
capability
To modify the capability configuration, use the capability command in Global configuration mode. To disable capability, use the no form of this command.
capability config profile number [add attrib {capability-url url | user-agent name} | description]
no capability config
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Related Commands
cd
To change from one directory to another directory, use the cd command in EXEC configuration mode.
cd directoryname
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
Use this command to maneuver between directories and for file management. The directory name becomes the default prefix for all relative paths. Relative paths do not begin with a slash (/). Absolute paths begin with a slash (/).
Examples
The following example shows how to use a relative path:
ServiceEngine(config)# cd local1The following example shows how to use an absolute path:
ServiceEngine(config)# cd /local1Related Commands
cdn-select
To enable the CDN Selector for third-party service selection, use the cdn-select command in Global configuration mode. To disable the CDN Selector, use the no form of this command.
cdn-select enable
no cdn-select enable
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
The cdn-select command enables the CDN Selector, which provides a method to do third-party service selection based on parameters like content type and geographic location.
Examples
The following example shows how to enable the CDN Selector:
ServiceRouter(config)# cdn-select enableServiceRouter(config)#The following example shows how to disable the CDN Selector:
ServiceRouter(config)# no cdn-select enableServiceRouter(config)#Related Commands
cdnfs
To browse the Internet Streamer CDS network file system (CDNFS), use the cdnfs browse command in EXEC configuration mode.
cdnfs {browse | cleanup {info | start force | stop}}
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The Internet Streamer CDS CDNFS stores the prepositioned Internet Streamer CDS network content to be delivered by all supported protocols.
Use the cdnfs browse command to browse the CDNFS directories and files. It does not display cached content for the Web Engine or Flash Media Streaming. It only caches content for Windows Media Streaming and Movie Streamer, and displays prefetched content. To display cached content, use the show cache content command.
ServiceEngine# cdnfs browse------ CDNFS interactive browsing ------dir, ls: list directory contentscd,chdir: change current working directoryinfo: display attributes of a filemore: page through a filecat: display a fileexit,quit: quit CDNFS browse shell/>dirwww.gidtest.com//>cd www.gidtest.com/www.gidtest.com/>dir764 Bytes index.html/www.gidtest.com/>info index.htmlCDNFS File Attributes:Status 3 (Ready)File Size 764 BytesStart Time nullEnd Time nullLast-modified Time Sun Sep 9 01:46:40 2001Internal path to data file: /disk06-00/d/www.gidtest.com/05/05d201b7ca6fdd41d491eaec7cfc6f14.0.data.htmlnote: data file actual last-modified time: Tue Feb 15 00:47:35 2005/www.gidtest.com/>Because the CDNFS is empty in this example, the ls command does not show any results. Typically, if the CDNFS contains information, it lists the websites as directories, and file attributes and content could be viewed using these subcommands.
The cdnfs cleanup command, which is used to cleanup unwanted entries in CDNFS, is deprecated in Release 2.6. in the following manner. When an SE is removed from a delivery service, the Content Manager removes all cache content for that delivery service. All prefetched content for that delivery service is removed by the Acquisition and Distribution process. However, if the Acquisition and Distribution process fails because of an SE being offline or for any other reason, then the cdnfs cleanup command is still required to remove the prefetched content.
In certain cases, the Acquirer is not notified by the Centralized Management System (CMS) about deleted channels, and it fails to clear all unified name space (UNS) content. In such cases, the cdnfs cleanup command can be used to clean up all UNS content associated with deleted channels.
Note
The cdnfs database recover command must be run when the cdnfs_db_corrupt alarm is raised. This alarm is raised when the Total Cached entries is more than Total CDNFS entries in the output for the show cdnfs usage command:
ServiceEngine# show cdnfs usageTotal number of CDNFS entries : 202Total space : 5037.9 GBTotal bytes available : 5019.5 GBTotal cache size : 21.0 GBTotal cached entries : 218Cache-content mgr status : CachableUnits: 1KB = 1024B; 1MB = 1024KB; 1GB = 1024MBThis occurs generally when an internal bookkeeping file is corrupted. With the server in the offloading status, enter the cdnfs database recover command to remove this inconsistency, then reload the server.
Examples
The following example shows the output of the cdnfs cleanup info command:
ServiceEngine# cdnfs cleanup infoGathering cleanup information. This may take some time....(Use Ctrl+C or 'cdnfs cleanup stop' to interrupt)..............................Summary of garbage resource entries found-------------------------------------------Number of entries : 605Size of entries (KB) : 60820911The following example shows the output for the cdnfs database recover command:
ServiceEngine# cdnfs database recoverCDNFS database inconsistency issue found.CDNFS database recovery operation would impact existing and new client sessions.Recovering database would need device in offloaded state.Do you want to recover the CDNFS database now (y/n)?yRecovering CDNFS database. It may take few minutes.Please wait...CDNFS database recovery is complete. Please reload the device now.ServiceEngine# reloadProceed with reload? [confirm] yesShutting down all services, will timeout in 15 minutes.reload in progress...Related Commands
show cdnfs
Displays the Internet Streamer CDS network file system information.
show statistics cdnfs
Displays the SE Internet Streamer CDS network file system statistics.
cdsm
To configure the Content Delivery System (CDSM) IP address to be used for the SEs or SRs, or to configure the role and GUI parameters on a CDSM device, use the cdsm command in Global configuration mode. To negate these actions, use the no form of this command.
cdsm {ip {hostname | ip-address | role {primary | standby} | ui port port-num}}
no cdsm {ip | role {primary | standby} | ui port}
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
You can use the cdsm ui port command to change the CDSM GUI port from the standard number 8443 as follows:
CDSM(config)# cdsm ui port 35535
Note
The cdsm ip command associates the device with the CDSM so that the device can be approved as a part of the network.
After the device is configured with the CDSM IP address, it presents a self-signed security certificate and other essential information, such as its IP address or hostname, disk space allocation, and so forth, to the CDSM.
Configuring Devices Inside a NAT
In an Internet Streamer CDS network, there are two methods for a device registered with the CDSM (SEs, SRs, or standby CDSM) to obtain configuration information from the primary CDSM. The primary method is for the device to periodically poll the primary CDSM on port 443 to request a configuration update. You cannot configure this port number. The backup method is when the CDSM pushes configuration updates to a registered device as soon as possible by issuing a notification to the registered device on port 443. This method allows changes to take effect in a timelier manner. You cannot configure this port number even when the backup method is being used. Internet Streamer CDS networks do not work reliably if devices registered with the CDSM are unable to poll the CDSM for configuration updates. Similarly, when a receiver SE requests content and content metadata from a forwarder SE, it contacts the forwarder SE on port 443.
All the above methods become complex in the presence of Network Address Translation (NAT) firewalls. When a device (SEs at the edge of the network, SRs, and primary or standby CDSMs) is inside a NAT firewall, those devices that are inside the same NAT use one IP address (the inside local IP address) to access the device and those devices that are outside the NAT use a different IP address (the inside global IP address) to access the device. A centrally managed device advertises only its inside local IP address to the CDSM. All other devices inside the NAT use the inside local IP address to contact the centrally managed device that resides inside the NAT. A device that is not inside the same NAT as the centrally managed device is not able to contact it without special configuration.
If the primary CDSM is inside a NAT, you can allow a device outside the NAT to poll it for getUpdate requests by configuring a static translation (inside global IP address) for the CDSM's inside local IP address on its NAT, and using this address, rather than the CDSM's inside local IP address, in the cdsm ip ip-address command when you register the device to the CDSM. If the SE or SR is inside a NAT and the CDSM is outside the NAT, you can allow the SE or SR to poll for getUpdate requests by configuring a static translation (inside global IP address) for the SE or SIR's inside local address on its NAT and specifying this address in the Use IP Address field under the NAT Configuration heading in the Device Activation window.
Note
Standby CDSMs
The Cisco Internet Streamer CDS software implements a standby CDSM. This process allows you to maintain a copy of the Internet Streamer CDS network configuration. If the primary CDSM fails, the standby can be used to replace the primary.
For interoperability, when a standby CDSM is used, it must be at the same software version as the primary CDSM to maintain the full CDSM configuration. Otherwise, the standby CDSM detects this status and does not process any configuration updates that it receives from the primary CDSM until the problem is corrected.
Note
Switching a CDSM from Warm Standby to Primary
If your primary CDSM becomes inoperable for some reason, you can manually reconfigure one of your warm standby CDSMs to be the primary CDSM. Configure the new role by using the Global configuration cdsm role primary command as follows:
ServiceEngine# configureServiceEngine(config)# cdsm role primaryThis command changes the role from standby to primary and restarts the management service to recognize the change.
Note
If you switch a warm standby CDSM to primary while your primary CDSM is still online and active, both CDSMs detect each other, automatically shut themselves down, and disable management services. The CDSMs are switched to halted, which is automatically saved in flash memory.
Examples
The following example shows how to configure an IP address and a primary role for a CDSM:
CDSM(config)# cdsm ip 10.1.1.1CDSM(config)# cdsm role primaryThe following example shows how to configure a new GUI port to access the CDSM GUI:
CDSM(config)# cdsm ui port 8550The following example shows how to configure the CDSM as the standby CDSM:
CDSM(config)# cdsm role standbySwitching CDSM to standby will cause all configuration settings made on this CDSMto be lost.Please confirm you want to continue [ no ] ?yesRestarting CMS servicesThe following example shows how to configure the standby CDSM with the IP address of the primary CDSM by using the cdsm ip ip-address command. This command associates the device with the primary CDSM so that it can be approved as a part of the network.
CDSM# cdsm ip 10.1.1.1clear cache
To clear the HTTP object cache use the clear command in EXEC configuration mode.
clear cache [all | content 1-1000000 | flash-media-streaming | url url]
Syntax Description
Defaults
Cached content is 1000 Mbytes if not specified.
Command Modes
EXEC configuration mode.
Usage Guidelines
The clear cache command removes all cached contents from the currently mounted cache volumes. Objects being read or written are removed when they stop being busy.
The clear cache all command requests the Content Manager to delete all cache contents. Only one clear cache all command can be executed at a time, and the Control-C option is not allowed with this command. During the clear cache all operation, the show cache content and show cdnfs usage outputs display a line about running the clear cache all command, and the progress is displayed in the output of these commands.
Caution
When the clear cache content command is executed, by default, the command evicts 1000MB of content from all disks in the SE. For example, if the SE has 12 disks, then 1000MB/12 = ~83MB content is evicted from each disk. In this case, all content in the SE is 450MB content; therefore, each disk results in a minimum content of 450MB. This causes 450MB * 12 = 5400MB to be evicted. Each disk maintains its own eviction tree, so to avoid this issue, evict each disk separately.
Examples
The following example shows how to clear all cached contents:
ServiceEngine# clear cache allThis operation tries to free up all cached contents. Proceed? [yes|NO] yesClear cache all operation will stop CMGRSlowScan process runningStarting clear cache all operation, 100 contents will be deleted.Clear cache all progress: done[100], total[100], progress[100.00%][####################]Clear cache all finished, duration[3], tps[33.33].Related Commands
cache content
Configures the cached contents.
show cache content
Displays a list of cached contents.
show cdnfs usage
Displays Content Delivery Network (CDN) current usage.
clear content
To clear the content of a Uniform Resource Locator (URL), use the clear content command in EXEC configuration mode.
clear content {last-folder-url url | url url}
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The clear content url command requests the Fast Content Abstraction Layer (FastCAL) API to delete the content of the specified URL and inform the Content Manager to remove it from its internal data structure.
Examples
The following example shows how to clear the content URL:
1.
ServiceEngine# show cacheMax-cached-entries is set as 10000000Number of cal cached assets: 10------------------------------------------------Priority Size URL------------------------------------------------1.87390e+01 64000 http://7.1.200.200/file-19615031.87390e+01 64000 http://7.1.200.200/file-19615481.87390e+01 64000 http://7.1.200.200/file-19614501.87390e+01 64000 http://7.1.200.200/file-19614951.87390e+01 64000 http://7.1.200.200/file-19615401.87390e+01 64000 http://7.1.200.200/file-19613991.87390e+01 64000 http://7.1.200.200/file-19613491.87390e+01 64000 http://7.1.200.200/file-19613951.87390e+01 64000 http://7.1.200.200/file-19613021.87390e+01 64000 http://7.1.200.200/file-1961575ServiceRouter#2.
ServiceEngine# clear content url http://7.1.200.200/file-19615033.
ServiceEngine# show cacheMax-cached-entries is set as 10000000Number of cal cached assets: 10------------------------------------------------Priority Size URL------------------------------------------------1.87390e+01 64000 http://7.1.200.200/file-19615481.87390e+01 64000 http://7.1.200.200/file-19614501.87390e+01 64000 http://7.1.200.200/file-19614951.87390e+01 64000 http://7.1.200.200/file-19615401.87390e+01 64000 http://7.1.200.200/file-19613991.87390e+01 64000 http://7.1.200.200/file-19613491.87390e+01 64000 http://7.1.200.200/file-19613951.87390e+01 64000 http://7.1.200.200/file-19613021.87390e+01 64000 http://7.1.200.200/file-19615751.87390e+01 64000 http://7.1.200.200/file-1961529ServiceEngine#This example shows how to delete all the contents matching the last-folder-url:
ServiceEngine# clear content last-folder-url http://172.XX.XX.XXX/vodThis operation tries to free up all content which matches last-folder-url.Proceed?[yes|NO] yesContent to be deleted:url: [http://172.XX.XX.XXX/vod/rab1.flv]url: [http://172.XX.XX.XXX/vod/rab2.flv]url: [http://172.XX.XX.XXX/vod/119M.flv]clear ip
To clear the IP configuration, use the clear ip command in EXEC configuration mode.
On the SE:
clear ip access-list counters [standard_acl-num | extended_acl_num | acl-name]
On the SR:
clear ip access-list counters [standard_acl-num | extended_acl_num | acl-name] | bgp {ip address | all} | ospf {neighbor {all | GigabitEthernet slot/port num | PortChannel num} | rspf route [router-id} | traffic}
Syntax Description
access-list
Clears the IP access list statistical information.
counters
Clears the IP access list counters.
standard_acl_num
(Optional) Counters for the specified access list, identified using a numeric identifier. The range is from 1 to 99.
extended_acl_num
(Optional) Counters for the specified access list, identified using a numeric identifier. The range is from 100 to 199
acl-name
(Optional) Counters for the specified access list, identified using an alphanumeric identifier up to 30 characters, beginning with a letter.
bgp
Clears the BGP1 neighbors.
all
Specifies that all current BGP sessions are reset.
ip-address
Specifies that only the identified BGP neighbor is reset.
ospf
Clears the OSPF2 tables.
neighbor
Neighbor statistics per interface.
all
Clears all neighbors.
GigabitEthernet
Selects a GigabitEthernet interface.
slot/port num
Slot and port number for the selected interface. The slot range is 1 to 14, and the port is 0. The slot number and port number are separated with a forward slash character (/).
PortChannel
Selects the Ethernet Channel of interfaces.
num
Specifies the Ethernet Channel interface number. The range is from 1 to 4.
rspf
OSPF rspf.
route
Internal OSPF rspf routes.
router-id
(Optional) Specifies the ID of a router for clear routing information.
traffic
OSPF traffic counters.
1 BGP = Border Gateway Protocol
2 OSPF = Open Shortest Path First
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
Use the clear ip bgp command whenever any of the following changes occur:
•
•
•
•
Examples
The clear ip bgp all command is used to clear all routes in the local routing table. In the following example, the Proximity Engine has only one neighbor, 192.168.86.3:
ServiceRouter# clear ip bgp allServiceRouter# show ip bgp summaryBGP router identifier 3.2.5.4, local AS number 1BGP table version is 3626, IPv4 Unicast config peers 3, capable peers 22 network entries and 2 paths using 216 bytes of memoryBGP attribute entries [2/168], BGP AS path entries [3/14]BGP community entries [2/8], BGP clusterlist entries [0/0]BGP Location Communities:Location Communities value: 1:1-2:2 target 1:1-2:2 weight 4Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd3.1.5.13 4 10 12787 8819 0 0 0 00:00:03 Closing3.1.5.103 4 3 2036 2035 3626 0 0 1d09h 137.0.0.7 4 2 2036 2035 3626 0 0 1d09h 1ServiceRouter#The following example shows how to clear OSPF of all neighbors:
ServiceRouter# clear ip ospf neighbor allServiceRouter#The following example shows how to clear OSPF of all neighbors in the GigabitEthernet 1/0 interface:
ServiceRouter# clear ip ospf neighbor GigabitEthernet 1/0ServiceRouter#The following example shows how to clear OSPF RSPF information for all routers:
ServiceRouter# clear ip ospf rspf routeServiceRouter#The following example shows how to clear OSPF RSPF information for the router with the ID 172. 20.168.41:
ServiceRouter# clear ip ospf rspf route 172.20.168.41ServiceRouter#Related Commands
clear ipv6
To clear the IPv6 ACL counters, use the clear ipv6 command in EXEC configuration mode.
clear ipv6 access-list counters [standard_acl-num | extended_acl_num | acl_name]
Syntax Description
Defaults
No
Command Modes
EXEC configuration mode.
Examples
The following example shows how to clear IPv6 ACL counters:
ServiceRouter# clear ipv6 access-list counters 99ServiceRouter#Related Commands
ipv6
Specifies the default gateway's IPv6 address.
show ipv6
Displays the IPv6 information.
traceroute6
Traces the route to a remote IPv6-enabled host.
clear isis
To clear IS-IS Routing for an IP, use the clear isis command in EXEC configuration mode.
clear isis {adjacency {all | GigabitEthernet slot/port num | PortChannel num} | ip rspf route [ LSP-ID]}
Syntax Description
adjacency
Clears the IS-IS adjacency information.
all
Clears IS-IS adjacencies on all interfaces.
GigabitEthernet
Selects a GigabitEthernet interface.
slot/port num
Slot and port number for the selected interface. The slot range is 1 to 14; the port is 0. The slot number and port number are separated with a forward slash character (/).
PortChannel
Selects the Ethernet Channel of interfaces.
num
Specifies the Ethernet Channel interface number. The range is from 1 to 4.
ip
IS-IS IP information.
rspf
IS-IS Reverse SPF1 routing information.
route
Specifies the IS-IS route.
LSP_ID
(Optional) Clears information for LSPs2 ID in the form of xxxx.xxxx.xxxx.xxxx or name.
1 SPF = Shortest Path First
2 LSP = link-state packet
Defaults
If no LSP ID is specified in the clear isis ip rspf route command, IS-IS RSPF information is cleared for all LSP IDs.
Command Modes
EXEC configuration mode.
Usage Guidelines
The clear isis ip rspf route command is used to clear IS-IS RSPF routing information. IS-IS RSPF routing information is displayed only with the show isis ip rspf route command when a new proximity request has been received.
Examples
The following is sample output from the show isis adjacency command before and after running the clear isis adjacency command:
ServiceRouter# show isis adjacencyIS-IS adjacency database:System ID SNPA Level State Hold Time Interface0200.c0a8.5401 0000.a1e8.e019 1 UP 00:00:21 GigabitEthernet 3/07301-7-core 001d.a1e9.c41b 1 UP 00:00:08 GigabitEthernet 3/07301-7-core 001d.a1e9.c41b 2 UP 00:00:08 GigabitEthernet 3/0ServiceRouter#ServiceRouter# clear isis adjacency allServiceRouter# show isis adjacencyIS-IS adjacency database:System ID SNPA Level State Hold Time Interface7301-7-core 001d.a1e9.c41b 1 UP 00:00:09 GigabitEthernet 3/07301-7-core 001d.a1e9.c41b 2 UP 00:00:09 GigabitEthernet 3/0ServiceRouter#The following is a sample from the show isis ip rspf route command before and after running the show isis ip rspf route command:
ServiceRouter# show isis ip rspf routeLSP ID SPF Time Cache Hit Level Age Max range0200.c0a8.0a01.00-00 3d22h 0 1 3d22h 10ServiceRouters# clear isis ip rspf routeServiceRouter# show isis ip rspf routeLSP ID SPF Time Cache Hit Level Age Max rangeRelated Commands
show isis adjacency
Displays IS-IS adjacencies.
show isis ip rspf route
Displays the Intermediate IS-IS RSPF route for IS-IS learned routes.
clear logging
To clear the syslog messages saved in the disk file, use the clear logging command in EXEC configuration mode.
clear logging
Syntax Description
This command has no keywords or arguments.
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The clear logging command removes all current entries from the syslog.txt file, but does not make an archive of the file. It puts a "Syslog cleared" message in the syslog.txt file to indicate that the syslog has been cleared, as shown in the following example:
Feb 14 12:17:18 ServiceEngine# exec_clear_logging:Syslog clearedExamples
The following example shows how to clear the syslogs:
ServiceRouter# clear loggingU11-CDE220-2#clear service-router
To clear the proximity-based routing proximity cache , use the clear service-router command in EXEC configuration mode.
clear service-router proximity-based-routing proximity-cache
Syntax Description
Defaults
Clears the cache for all proximity ratings.
Command Modes
EXEC configuration mode.
Usage Guidelines
When an SR receives a redirect request from a client network 1 with proximity-based routing enabled, the SR queries the proximity server for the proximity rating of the SEs. The ratings returned from the proximity server are cached, and the default timeout for the cache is 1800 seconds . If there is any network or proximity rating change within this period, the SR does not know as it redirects based on the ratings cached for that network. The clear service-router command is used to force clear cache.
Examples
The following example shows how to clear the Service Router.
ServiceRouter# clear service-router proximity-based-routing proximity-cacheServiceRouter#Related Commands
clear srp database offline
To clear the SRP database while it is offline, use the clear srp database offline command in privileged EXEC mode.
clear srp database offline
Syntax Description
This command has no keywords or arguments.
Command Defaults
None
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
The clear srp database offline command is used to clear the SRP database while it is offline.
Note
Examples
The following example shows how to clear the SRP database offline:
ServiceRouter# clear srp database offlineClearing database offlineServiceRouter#Related Commands
show srp database
Displays the descriptor-related information saved in the descriptor database.
show srp multicast database
Displays multicast database information.
clear srp descriptor
To delete either a single descriptor or all descriptors from the service routing layer, use the clear srp descriptor command in privileged EXEC mode.
clear srp descriptor key
Syntax Description
key
The DHT key in hexadecimal format for the descriptor to be deleted. A valid DHT key has 1 to 64 hexadecimal digits.
Command Defaults
None
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
The clear srp descriptor command is used to delete a single descriptor in the descriptor database. The delete operation deletes the descriptor at the descriptor root node (which may not necessarily be the local Proximity Engine). Therefore, the descriptor is deleted from the entire network.
Note
A valid DHT key must be specified in key to identify the descriptor that is deleted. Keys with less than 64 hexadecimal characters are appended with zeroes.
Deleting a nonexistent descriptor or a descriptor that does not appear in the descriptor database of the Proximity Engine results in an error message stating that the DHT key does not exist.
Examples
The following example shows how use the clear srp descriptor command to delete a descriptor with key 123. After the deletion, the show srp database command is used to verify that the descriptor has been deleted.
ServiceRouter# clear srp descriptor 123ServiceRouter# show srp database 123Getting database entry for123Entity key:
1230000000000000000000000000000000000000000000000000000000000000
Entity was DELETED on (47b4269b599afa86) Thu Feb 14 11:31:39 2008
Related Commands
show srp database
Displays the descriptor-related information saved in the descriptor database.
show srp multicast database
Displays multicast database information.
clear srp neighbor
To remove a neighbor Proximity Engine from the neighbor list of the local Proximity Engine, use the clear srp neighbor command in privileged EXEC mode.
clear srp neighbor key
Syntax Description
key
The DHT key in hexadecimal format for the node to be removed from the neighbor list. A valid DHT key has 1 to 64 hexadecimal digits.
Command Defaults
None
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
The clear srp neighbor command is used to delete a single neighbor in the service routing layer from the local Proximity Engine neighbor list. After a small interval, the neighbor list is refreshed and the deleted neighbor may be included in the neighbor list again if it is still a neighbor of the local Proximity Engine in the service routing layer.
A valid DHT key should be specified in key to identify the neighbor. Keys with less than 64 hexadecimal characters are appended with zeroes.
If you attempt to delete a neighbor that does not appear in the neighbor list of the local Proximity Engine, clear srp neighbor displays an error message stating that the neighbor could not be found.
Examples
The following example shows how to use Proximity Engine sn-sj85 with one neighbor sn-sj81 as seen in the following show srp neighbor command output. The neighbor sn-sj81 is also in the leafset of sn-sj85 as can be seen in the show srp leafset output. All commands are issued from Proximity Engine sn-sj85.
ServiceRouter# show srp neighborCodes: T - local node, L - leafset, P - primary, S - secondary, B - backupI - Intransitive, D - delay, H - hold timeNumber of neighbors in the database: 1PL 8886822171add71887d54107c266d814b605eaa0d5cc9b54b9160a137f4355d1via sn-sj81 [ 172.20.168.81 ] :9000, D=0.389864 ms,H=00:00:09ServiceRouter# show srp leafsetCodes: T - local node, L - leafset, P - primary, S - secondary, B - backupI - Intransitive, W - wrappedLeafset count: total 3, left 1, right 1PL 8886822171add71887d54107c266d814b605eaa0d5cc9b54b9160a137f4355d1via sn-sj81 [ 172.20.168.81 ] :9000, 0.389864 ms, 00:00:08T 9f752f56f347ca8fcc40a4e09b645f9b4c9b71c73401083f4c04920b30215b0avia sn-sj85 [ 172.20.168.85, 192.168.20.85, 192.168.86.85 ] :9000WPL 8886822171add71887d54107c266d814b605eaa0d5cc9b54b9160a137f4355d1via sn-sj81 [ 172.20.168.81 ] :9000, 0.389864 ms, 00:00:08The clear srp neighbor command is used to remove sn-sj81 from the neighbor list.
ServiceRouter# clear srp neighbor sn-sj81:9000Clearing neighbor sn-sj81:9000Neighbor is found and clearedFinally, the show srp neighbor and show srp leafset commands are issued again and show the following:
•
ServiceRouter# show srp neighborCodes: T - local node, L - leafset, P - primary, S - secondary, B - backupI - Intransitive, D - delay, H - hold timeNumber of neighbors in the database: 1I 8886822171add71887d54107c266d814b605eaa0d5cc9b54b9160a137f4355d1via sn-sj81 [ 172.20.168.81 ] :9000, D=0.000 ms,H=00:00:07•
ServiceRouter# show srp leafsetCodes: T - local node, L - leafset, P - primary, S - secondary, B - backupI - Intransitive, W - wrappedLeafset count: total 1, left 0, right 0T 9f752f56f347ca8fcc40a4e09b645f9b4c9b71c73401083f4c04920b30215b0avia sn-sj85 [ 172.20.168.85, 192.168.20.85, 192.168.86.85 ] :9000ServiceRouter# #The following example shows how to use the clear srp resource command to delete a resource having resource ID 456 from a descriptor with the key 123. The show srp database command is used to verify that the resource exists before the delete operation and that it has been deleted after the delete operation.
ServiceRouter# show srp database 123Getting database entry for123Entity key:1230000000000000000000000000000000000000000000000000000000000000Entity rec type: 101 Entity total length: 175Entity type: 38b73479 Entity flags: 0--------------- Element 0 (main)-----------------Element ID: mainElement total len 49 ID len: 0Delete Time: 47b426ca5c706042Flags 0Last Update: Thu Feb 14 11:38:59 2008 (47b42853902a02b6)Expiration : Sat Mar 15 11:38:59 2008 (47dbb553902a0000)Element data len: 9Element data:mycontent--------------- Element 1 (comp)-----------------Element ID: "456"(343536)Element total len 54 ID len: 3Last Update: Thu Feb 14 11:39:27 2008 (47b4286f0ad1055a)Expiration : Sat Mar 15 11:39:27 2008 (47dbb56f0ad10000)Element data len: 11Element data:newResourceServiceRouter# clear srp resource 123 456ServiceRouter# show srp database 123Getting database entry for123Entity key:1230000000000000000000000000000000000000000000000000000000000000Entity rec type: 101 Entity total length: 113Entity type: 38b73479 Entity flags: 0--------------- Element 0 (main)-----------------Element ID: mainElement total len 49 ID len: 0Delete Time: 47b426ca5c706042Flags 0Last Update: Thu Feb 14 11:38:59 2008 (47b42853902a02b6)Expiration : Sat Mar 15 11:38:59 2008 (47dbb553902a0000)Element data len: 9Element data:mycontentServiceRouter#Related Commands
show srp leafset
Displays SRP leafset information.
show srp neighbors
Displays SRP neighbor information.
clear srp resource
To delete a resource from a descriptor in the service routing layer, use the clear srp resource command in privileged EXEC mode.
clear srp resource key
Syntax Description
key
The DHT key in hexadecimal format for the descriptor from which the resource are deleted. A valid DHT key has 1 to 64 hexadecimal digits.
Command Defaults
None
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
The clear srp resource command is used to delete a resource from a descriptor in the service routing layer. Resources can be added to and deleted from any descriptor that exists in the descriptor database.
A valid DHT key must be specified in key to identify the descriptor from which a resource is deleted. Keys with less than 64 hexadecimal characters are appended with zeroes. If you attempt to delete a resource from a nonexistent descriptor, clear srp resource displays an error stating that the DHT key does not exist. Deleting a nonexistent resource has no impact, and no error warning is generated.
Examples
The following example shows how to use clear srp resource to delete a resource, newResource, having resource ID 456 from a descriptor with the key 123. The show srp database command is used to verify that the resource exists before the delete operation and that it has been deleted after the delete operation.
ServiceRouter# show srp database 123Getting database entry for123Entity key:1230000000000000000000000000000000000000000000000000000000000000Entity rec type: 101 Entity total length: 175Entity type: 38b73479 Entity flags: 0--------------- Element 0 (main)-----------------Element ID: mainElement total len 49 ID len: 0Delete Time: 47b426ca5c706042Flags 0Last Update: Thu Feb 14 11:38:59 2008 (47b42853902a02b6)Expiration : Sat Mar 15 11:38:59 2008 (47dbb553902a0000)Element data len: 9Element data:mycontent--------------- Element 1 (comp)-----------------Element ID: "456"(343536)Element total len 54 ID len: 3Last Update: Thu Feb 14 11:39:27 2008 (47b4286f0ad1055a)Expiration : Sat Mar 15 11:39:27 2008 (47dbb56f0ad10000)Element data len: 11Element data:newResourceServiceRouter# clear srp resource 123 456ServiceRouter# show srp database 123Getting database entry for123Entity key:1230000000000000000000000000000000000000000000000000000000000000Entity rec type: 101 Entity total length: 113Entity type: 38b73479 Entity flags: 0--------------- Element 0 (main)-----------------Element ID: mainElement total len 49 ID len: 0Delete Time: 47b426ca5c706042Flags 0Last Update: Thu Feb 14 11:38:59 2008 (47b42853902a02b6)Expiration : Sat Mar 15 11:38:59 2008 (47dbb553902a0000)Element data len: 9Element data:mycontentServiceRouter#Related Commands
clear srp route
To delete a single route entry from the DHT routing table of the local Proximity Engine, use the clear srp route command in privileged EXEC mode.
clear srp route prefix/length
Syntax Description
prefix
The prefix of the DHT key of the route entry to delete.
length
The length of the prefix (in multiples of 4).
Command Defaults
None
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
The clear srp route command deletes a single routing table entry from the local DHT routing table. Similar to other routing protocols, the DHT routing table entries consist of a prefix and length that index the DHT ID of the next-hop Proximity Engine. A valid DHT key prefix (1 to 64 hexadecimal characters) and valid prefix length (multiples of four) must be supplied to identify the neighbor to be deleted.
The clear srp route command provides a manual way to delete routing table entries. After a small interval, the DHT routing table is refreshed and the deleted next-hop Proximity Engine may be included in the DHT routing table again if it is still a viable neighbor.
The clear srp route command can be used to test the presence and persistence of neighbors. Deleting a routing entry that does not exist results in an error message.
Examples
In the following example, Proximity Engine sn-sj85 has four routing table entries. The example shows how to use the clear srp route command to clear the routing table entry that has 8/4 as its prefix/length. The show srp route command is used to verify the deletion of the route.
ServiceRouter# show srp routeCodes: T - local node, L - leafset, P - primary, S - secondary, B - backupI - IntransitivePL 8/4 via 8886822171add71887d54107c266d814b605eaa0d5cc9b54b9160a137f4355d1sn-sj81 [ 172.20.168.81 ] :9000, 0.389525 ms, 00:00:08PL a/4 via ad3a659121442210a68b79348e9a42eaebfb229f388afb2628fa871f26bc750csn-sj67 [ 172.20.168.67, 192.168.20.41, 192.168.20.44, 192.168.22.41, 192.168.22.42 ] :9000, 1.825903 ms, 00:00:09PL b/4 via b5ca21563f5b938e46e2cb8f33a148ae00a1f6666f2a5eb735b7ed90c012c882sn-sj82 [ 172.20.168.82 ] :9000, 0.333920 ms, 00:00:08PL d/4 via d2fc632c53c9ff1de8683e265386b09502791aedd65f28025fe7f64ad8cab2d9sn-sj87 [ 172.20.168.87 ] :9000, 0.642357 ms, 00:00:09ServiceRouter# clear srp route 8/4Clearing entry 8/4The entry is found and clearedServiceRouter# show srp routeCodes: T - local node, L - leafset, P - primary, S - secondary, B - backupI - IntransitivePL a/4 via ad3a659121442210a68b79348e9a42eaebfb229f388afb2628fa871f26bc750csn-sj67 [ 172.20.168.67, 192.168.20.41, 192.168.20.44, 192.168.22.41, 192.168.22.42 ] :9000, 1.846593 ms, 00:00:09PL b/4 via b5ca21563f5b938e46e2cb8f33a148ae00a1f6666f2a5eb735b7ed90c012c882sn-sj82 [ 172.20.168.82 ] :9000, 0.333920 ms, 00:00:09PL d/4 via d2fc632c53c9ff1de8683e265386b09502791aedd65f28025fe7f64ad8cab2d9sn-sj87 [ 172.20.168.87 ] :9000, 0.572056 ms, 00:00:09ServiceRouter#Related Commands
show srp route
Displays route information for a Proximity Engine to its neighbor nodes on the same DHT network.
clear statistics
To clear the statistics, use the clear statistics command in EXEC configuration mode.
On the SE:
clear statistics {aaa | access-lists 300 | all | authentication | authsvr {all | delivery-service-id | global} | distribution {all | mcast-data-receiver | mcast-data-sender | metadata-receiver | metadata-sender | unicast-data-receiver | unicast-data-sender} | flash-media-streaming | history | icap | icmp | ip | movie-streamer | radius | rule {action action-type | all | pattern {1-512 | all} | rtsp} | running | snmp | tacacs | tcp | transaction-logs | udp | web-engine [force] | web-engine [force] | wmt}
On the SR:
clear statistics {aaa | all | authentication | history | http requests | icmp | ip [ospf | proximity {rib | server}] | isis [GigabitEthernet slot/port num | PortChannel num] | radius | running | service-registry | service-router | snmp | srp | tacacs | tcp | udp}
Syntax Description
aaa
Clears AAA statistics.
access-lists
Clears the ACL statistics.
300
Clears the group name-based ACL.
all
Clears all statistics.
authentication
Clears the authentication statistics.
authsvr
Clears the Authorization Server statistics.
all
Clears global and delivery service-based statistics.
delivery-service-id
Clears Authentication Server statistics for the delivery service
global
Clears Authentication Server global statistics.
distribution
Clears the distribution statistics.
all
Clears the distribution statistics for every component.
mcast-receiver
Clears the distribution statistics for the mcast receiver.
Note
mcast-sender
Clears the distribution statistics for the mcast sender.
Note
metadata-receiver
Clears the distribution statistics for the metadata receiver.
Note
metadata-sender
Clears the distribution statistics for the metadata sender.
Note
unicast-data-receiver
Clears the distribution statistics for the unicast data receiver.
Note
unicast-data-sender
Clears the distribution statistics for the unicast data sender.
This command is only available on Cisco Internet Streamer CDS Release 3.1.1.
flash-media-streaming
Clears the Flash Media Streaming statistics.
history
Clears the statistics history.
icap
Clears the ICAP1 statistics.
icmp
Clears the ICMP statistics.
ip
Clears the IP statistics.
ospf
Clears the OSPF statistics.
proximity
Clears the proximity statistics.
rib
Clears the RIB proximity statistics.
server
Clears the Proximity Server statistics.
isis
Clears counters for an IS-IS instance.
GigabitEthernet
(Optional) Selects a GigabitEthernet interface.
slot/port num
Slot and port number for the selected interface. The slot range is 0 to 14; the port is 0. The slot number and port number are separated with a forward slash character (/).
PortChannel
(Optional) Selects the Ethernet Channel of interfaces.
num
Specifies the Ethernet Channel interface number. The range is from 1 to 4.
movie-streamer
Clears the Movie Streamer statistics.
radius
Clears the RADIUS statistics.
rule
Clears the rules statistics.
action
Clears the statistics of all the rules with the same action.
action-type
Specifies one of the following actions:
allow
block
generate-url-signature
no-cache
redirect
rewrite
use-icap-service
validate-url-signatureall
Clears the statistics of all the rules.
pattern
Clears the statistics of the pattern lists.
1-512
Pattern list number.
all
Clears the statistics for all the pattern lists.
rtsp
Clears the statistics for the configured RTSP rules (rules configured for RTSP requests from RealMedia players [the RTSP rules] and rules configured for RTSP requests from Windows Media 9 players [the WMT-RTSP rules]).
running
Clears the running statistics.
snmp
Clears the SNMP statistics.
srp
Resets to zero all statistics counters kept by the local DHT service
tacacs
Clears the TACACS+ statistics.
tcp
Clears the TCP statistics.
transaction-logs
Clears the transaction log export statistics.
udp
Clears the UDP statistics.
web-engine
Clears the Web Engine statistics.
force
Clears the Web Engine detail statistics.
web-engine
Clears Web Engine statistics.
force
(Optional) Clears Web Engine detail statistics.
wmt
Clears all WMT statistics.
1 ICAP = Internet Content Adaptation Protocol
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The clear statistics command clears all statistical counters from the parameters given. Use this command to monitor fresh statistical data for some or all features without losing cached objects or configurations.
This command is used to reset to zero proximity statistics related to the Proximity Engine components that are used for the proximity function. Use the show statistics ip proximity command to display proximity statistics.
The DHT service keeps several counters, such as the number of requests and responses for DHT lookups. These counters can be displayed using the show statistics srp command.
The clear statistics web-engine and clear statistics all commands clear only normal statistics, not the Web Engine statistics details. To clear all Web Engine statistics, use the clear statistics web-engine force command.
The clear stats authsvr delivery-service-id command only clears the authsvr delivery-service specific statistics. It does not clear global statistics. If you want to clear the global statistics, you must use the clear statistics authsvr all or clear statistics authsvr global commands.
Note
Examples
The following example shows how to clear proximity statistics with the clear statistics ip proximity command:
ServiceRouter# clear statistics ip proximity serverServiceRouter# show statistics ip proximity serverProximity server: Requests received = 0Proximity server: Responses sent = 0Proximity server: Faults sent = 0ServiceRouter#ServiceRouter# show statistics ip proximity ribTotal number of proximity requests received from applications: 0Total number of proximity replies sent to applications: 0Proximity msg exchanges between urib and routing protocols:Sent Prox Req Received Prox Respisis-p1 0 0ospf-p1 0 0isis-p1-te 0 0ospf-p1-te 0 0bgp-123 0 0mbgp-123 0 0Local proximity requests from applications: 0Invalid proximity requests from applications: 0PSA non-rankable proximity requests from applications: 0Failed proximity requests to routing protocols: 0Failed PSA lookups: 0Failed PTA lookups: 0ServiceRouter#The following is sample output from the show statistics isis command before and after running clear statistics isis command:
ServiceRouter# show statistics isisIS-IS statistics:PDU Received Sent RcvAuthErr OtherRcvErrLAN-IIH 51 14 0 0P2P-IIH 0 0 0 0CSNP 67 0 0 0PSNP 0 0 0 0PDU Received Flooded RcvAuthErr OtherRcvErr ReTransmitLSP 69 4 0 0 0DIS elections: 10SPF calculations: 82LSPs sourced: 0LSPs refreshed: 8LSPs purged: 0ServiceRouter#ServiceRouter# clear statistics isis *ServiceRouter# show statistics isisIS-IS statistics:PDU Received Sent RcvAuthErr OtherRcvErrLAN-IIH 1 0 0 0P2P-IIH 0 0 0 0CSNP 4 0 0 0PSNP 0 0 0 0PDU Received Flooded RcvAuthErr OtherRcvErr ReTransmitLSP 1 0 0 0 0DIS elections: 0SPF calculations: 1LSPs sourced: 0LSPs refreshed: 0LSPs purged: 0ServiceRouter#The following example shows the use of the clear statistics srp command. The show statistics srp command is used to verify that the SRP counters have been reset to zero:
ServiceRouter# show statistics srpSent Received NeighborsJoin request 0 22 1Join response 22 0 0LS exchange request 309 310 0LS exchange response 310 309 0Route exchange request 65 0 0Route exchange response 0 64 0Ping request 410 412 1Ping response 412 410 0Lookup request 34 867 3Lookup response 867 34 0Ping traceroute request 0 0 0Ping traceroute response 0 0 0ServiceRouter# clear statistics srpClearing all statistics countersServiceRouter# show statistics srpSent Received NeighborsJoin request 0 0 0Join response 0 0 0LS exchange request 1 1 0LS exchange response 1 1 0Route exchange request 1 0 0Route exchange response 0 1 0Ping request 2 2 0Ping response 2 2 0Lookup request 0 2 0Lookup response 2 0 0Ping traceroute request 0 0 0Ping traceroute response 0 0 0ServiceRouter#Related Commands
clear transaction-logs
To clear and archive the working transaction log files, use the clear transaction-log command in EXEC configuration mode.
clear transaction-logs
Syntax Description
This command has no keywords or arguments.
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The clear transaction-log command causes the transaction log to be archived immediately to the SE hard disk. This command has the same effect as the transaction-log force archive command.
Examples
The following example shows that the clear transaction-log command forces the working transaction log file to be archived:
ServiceEngine# clear transaction-logclear users
To clear the connections (login) of authenticated users, use the clear users command in EXEC configuration mode.
clear users administrative
Syntax Description
administrative
Clears the connections of administrative users who have been authenticated through a remote login service.
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The clear users administrative command clears the connections for all administrative users who are authenticated through a remote login service, such as TACACS. This command does not affect an administrative user who is authenticated through the local database.
Examples
The following example shows how to clear the connections of the authenticated users:
ServiceRouter# clear users administrativeServiceRouter#clear wmt
To clear the WMT streams, use the clear wmt command in EXEC configuration mode.
clear wmt {encoder-alarm-msg msg | stale-stat | stream-id num [stale-stat]}
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Examples
The following example shows how to clear a WMT stream for a stream ID of 22689:
ServiceEngine# clear wmt stream-id 22689ServiceEngine#Related Commands
show statistics wmt
Displays the WMT statistics.
show wmt
Displays WMT bandwidth and proxy mode configuration.
clock (EXEC)
To set or clear clock functions or update the calendar, use the clock command in EXEC configuration mode.
clock {read-calendar | set time day month year | update-calendar}
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
If you have an outside source on your network that provides time services (such as a Network Time Protocol [NTP] server), you do not have to set the system clock manually. Enter the local time when setting the clock. The SE calculates the Coordinated Universal Time (UTC) based on the time zone set by the clock timezone command.
Note
Note
Two clocks exist in the system: the software clock and the hardware clock. The software uses the software clock. The hardware clock is used only at bootup to initialize the software clock. The calendar clock is the same as the hardware clock that runs continuously on the system, even if the system is powered off or rebooted. This clock is separate from the software clock settings that are erased when the system is powered cycled or rebooted.
The set keyword sets the software clock. If the system is synchronized by a valid outside timing mechanism, such as a NTP clock source, you do not have to set the system clock. Use this command if no other time sources are available. The time specified in this command is relative to the configured time zone.
To perform a one-time update of the hardware clock (calendar) from the software clock or to copy the software clock settings to the hardware clock (calendar), use the clock update-calendar command.
Examples
The following example shows how to set the software clock on the SE:
ServiceEngine# clock set 13:32:00 01 February 2000Related Commands
clock timezone
Sets the clock timezone.
ntp
Configures the Network Time Protocol server.
show clock detail
Displays the UTC and local time.
clock (Global configuration)
To set the summer daylight saving time and time zone for display purposes, use the clock command in Global configuration mode. To disable this function, use the no form of this command.
clock {summertime timezone {date startday startmonth startyear starthour endday endmonth endyear offset | recurring {1-4 startweekday startmonth starthour endweekday endmonth endhour offset | first startweekday startmonth starthour endweekday endmonth endhour
offset | last startweekday startmonth starthour endweekday endmonth endhour offset}} | timezone {timezone hoursoffset minutesoffset}}no clock {summertime timezone {date startday startmonth startyear starthour endday endmonth endyear offset | recurring {1-4 startweekday startmonth starthour endweekday endmonth endhour offset | first startweekday startmonth starthour endweekday endmonth endhour
offset | last startweekday startmonth starthour endweekday endmonth endhour offset}} | timezone {timezone hoursoffset minutesoffset}}Syntax Description
summertime
Configures the summer or daylight saving time.
timezone
Name of the summer time zone.
date
Configures the absolute summer time.
startday
Date to start. The range is from 1 to 31.
startmonth
Month to start. The range is from January through December.
startyear
Year to start. The range is from 1993-2032.
starthour
Hour to start in (hh:mm) format. The range is from 0 to 23.
endday
Date to end. The range is from 1 to 31.
endmonth
Month to end. The range is from January through December.
endyear
Year to end. The range is from 1993-2032.
endhour
Hour to end in (hh:mm) format. The range is from 0 to 23.
offset
Minutes offset (see Table B-1) from Coordinated Universal Time (UTC) The range is from 0 to 59.
recurring
Configures the recurring summer time.
1-4
Configures the starting week number. The range is from 1 to 4.
first
Configures the summer time to recur beginning the first week of the month.
last
Configures the summer time to recur beginning the last week of the month.
startweekday
Day of the week to start. The range is from Monday to Friday.
startmonth
Month to start. The range is from January through December.
starthour
Hour to start in hh:mm format. The range is from 0 to 23.
endweekday
Weekday to end. The range is from Monday to Friday
endmonth
Month to end. The range is from January through December.
endhour
Hour to end in hour:minute (hh:mm) format. The range is from 0 to 23.
offset
Minutes offset (see Table B-1) from UTC. The range is from 0 to 59.
timezone
Configures the standard time zone.
timezone
Name of the time zone.
hoursoffset
Hours offset (see Table B-1) from UTC. The range is from -23 to +23.
minutesoffset
Minutes offset (see Table B-1) from UTC. The range is from 0 to 59.
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
To set and display the local and UTC current time of day without an NTP server, use the clock timezone command with the clock set command. The clock timezone parameter specifies the difference between UTC and local time, which is set with the clock set command in EXEC configuration mode. The UTC and local time are displayed with the show clock detail command in EXEC configuration mode.
Use the clock timezone offset command to specify a time zone, where timezone is the desired time zone entry from Table B-1 and 0 0 is the offset (ahead or behind) Coordinated Universal Time (UTC) in hours and minutes. UTC was formerly known as Greenwich Mean Time (GMT).
SE(config)# clock timezone timezone 0 0
Note
Note
The offset (ahead or behind) UTC in hours, as displayed in Table B-1, is in effect during winter time. During summer time or daylight saving time, the offset may be different from the values in the table and are calculated and displayed accordingly by the system clock.
Note
Examples
The following example shows how to specify the local time zone as Pacific Standard Time with an offset of 8 hours behind UTC:
ServiceEngine(config)# clock timezone PST -8Custom Timezone: PST will be used.The following example shows how to configure a standard time zone on the SE:
ServiceEngine(config)# clock timezone US/Pacific 0 0Resetting offset from 0 hour(s) 0 minute(s) to -8 hour(s) 0 minute(s)Standard Timezone: US/Pacific will be used.ServiceEngine(config)#The following example negates the time zone setting on the SE:
ServiceEngine(config)# no clock timezoneThe following example shows how to configure daylight saving time:
ServiceEngine(config)# clock summertime PDT date 10 October 2001 23:59 29 April 2002 23:59 60Related Commands
clock
To set the summer daylight saving time and time zone for display purposes.
show clock detail
Displays the UTC and local time.
cms (EXEC)
To configure the Centralized Management System (CMS) embedded database parameters, use the cms command in EXEC configuration mode.
cms {config-sync | database {backup | create | delete | downgrade [script filename] | maintenance {full | regular} | restore filename | validate} | deregister [force] | recover {identity word}}
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The CDS network is a collection of SR, SE, and CDSM nodes. One primary CDSM retains the CDS network settings and provides other CDS network nodes with updates. Communication between nodes occurs over secure channels using the Secure Shell Layer (SSL) protocol, where each node on the CDS network uses a Rivest, Shamir, Adelman (RSA) certificate-key pair to communicate with other nodes.
Use the cms config-sync command to enable registered SRs, SEs, and standby CDSM to contact the primary CDSM immediately for a getUpdate (get configuration poll) request before the default polling interval of 5 minutes. For example, when a node is registered with the primary CDSM and activated, it appears as Pending in the CDSM GUI until it sends a getUpdate request. The cms config-sync command causes the registered node to send a getUpdate request at once, and the status of the node changes as Online.
Use the cms database create command to initialize the CMS database. Before a node can join a CDS network, it must first be registered and then activated. The cms enable command automatically registers the node in the database management tables and enables the CMS. The node sends its attribute information to the CDSM over the SSL protocol and then stores the new node information. The CDSM accepts these node registration requests without admission control and replies with registration confirmation and other pertinent security information required for getting updates. Activate the node using the CDSM GUI.
Once the node is activated, it automatically receives configuration updates and the necessary security RSA certificate-key pair from the CDSM. This security key allows the node to communicate with any other node in the CDS network. The cms deregister command removes the node from the CDS network by deleting registration information and database tables.
Note
To back up the existing management database for the CDSM, use the cms database backup command. For database backups, specify the following items:
•
•
The naming convention for backup files includes the time stamp.
When you use the cms recover identity word command when recovering lost registration information, or replacing a failed node with a new node that has the same registration information, specify the device recovery key that you configured in the Modifying Config Property, System.device.recovery.key window of the CDSM GUI.
Use the lcm command to configure local or central management (LCM) on an CDS network device. The LCM feature allows settings configured using the device CLI or GUI to be stored as part of the CDS network-wide configuration data (enable or disable).
When you enter the cms lcm enable command, the CMS process running on SEs, SRs, and the standby CDSM detects the configuration changes that you made on these devices using CLIs and sends the changes to the primary CDSM.
When you enter the cms lcm disable command, the CMS process running on SEs, SRs, and the standby CDSM does not send the CLI changes to the primary CDSM. Settings configured using the device CLIs are not sent to the primary CDSM.
If LCM is disabled, the settings configured through the CDSM GUI overwrite the settings configured from the SE or SR; however, this rule applies only to those local device settings that have been overwritten by the CDSM when you have configured the local device settings. If you (as the local CLI user) change the local device settings after the particular configuration has been overwritten by the CDSM, the local device configuration is applicable until the CDSM requests a full-device statistics update from the SE or SR (clicking the Force full database update button from the Device Home window of the CDSM GUI triggers a full update). When the CDSM requests a full update from the device, the CDSM settings overwrite the local device settings.
The cms deregister force command should be used only as the last option, because the CDSM does not know about the device being removed. When executing the cms deregister force command, take note of any messages stating that the deregistration failed and make sure to resolve them before reregistering the device with the same CDSM or registering the device to another CDSM. The cms deregister force command forces the deregistration to continue.
Examples
The following example shows how to back up the database management tables:
CDSM# cms database backupcreating backup file with label `backup'backup file local1/CDS-db-9-22-2002-17-36.dump is ready. use `copy' commands to move the backup file to a remote host.The following example shows how to validate the database management tables:
CDSM# cms database validateManagement tables are validIn the following example, the CMS deregistration process has problems deregistering the SE, but it proceeds to deregister it from the CMS database when the force option is used:
ServiceEngine# cms deregister forceDeregistration requires management service to be stopped.You will have to manually start it. Stopping management service on this node...This operation needs to restart http proxy and streaming proxies/servers (if running) for memory reconfiguration. Proceed? [ no ] yesmanagement services stoppedThu Jun 26 13:17:34 UTC 2003 [ I ] main: creating 24 messagesThu Jun 26 13:17:34 UTC 2003 [ I ] main: creating 12 dispatchersThu Jun 26 13:17:34 UTC 2003 [ I ] main: sending eDeRegistration message to CDSM 10.107.192.168...ServiceEngine#The following example shows the use of the cms recover identity command when the recovery request matches the SE record, and the CDSM updates the existing record and sends a registration response to the requesting SE:
ServiceEngine# cms recover identity defaultRegistering this node as Service Engine...Sending identity recovery request with key defaultThu Jun 26 12:54:42 UTC 2003 [ I ] main: creating 24 messagesThu Jun 26 12:54:42 UTC 2003 [ I ] main: creating 12 dispatchersThu Jun 26 12:54:42 UTC 2003 [ I ] main: Sending registration message to CDSM 10.107.192.168Thu Jun 26 12:54:44 UTC 2003 [ W ] main: Unable to load device info file in TestServerThu Jun 26 12:54:44 UTC 2003 [ I ] main: Connecting storeSetup for SE.Thu Jun 26 12:54:44 UTC 2003 [ I ] main: Instantiating AStore 'com.cisco.unicorn.schema.PSqlStore'...Thu Jun 26 12:54:45 UTC 2003 [ I ] main: Successfully connected to databaseThu Jun 26 12:54:45 UTC 2003 [ I ] main: Registering object factories for persistent store...Thu Jun 26 12:54:51 UTC 2003 [ I ] main: Dropped Sequence IDSET.Thu Jun 26 12:54:51 UTC 2003 [ I ] main: Successfully removed old management tablesThu Jun 26 12:54:51 UTC 2003 [ I ] main: Registering object factories for persistent store......Thu Jun 26 12:54:54 UTC 2003 [ I ] main: Created Table FILE_CDSM.Thu Jun 26 12:54:55 UTC 2003 [ I ] main: Created SYS_MESS_TIME_IDX index.Thu Jun 26 12:54:55 UTC 2003 [ I ] main: Created SYS_MESS_NODE_IDX index.Thu Jun 26 12:54:55 UTC 2003 [ I ] main: No Consistency check for store.Thu Jun 26 12:54:55 UTC 2003 [ I ] main: Successfully created management tablesThu Jun 26 12:54:55 UTC 2003 [ I ] main: Registering object factories for persistent store...Thu Jun 26 12:54:55 UTC 2003 [ I ] main: AStore Loading store data...Thu Jun 26 12:54:56 UTC 2003 [ I ] main: ExtExpiresRecord Loaded 0 Expires records.Thu Jun 26 12:54:56 UTC 2003 [ I ] main: Skipping Construction RdToClusterMappings on non-CDSM node.Thu Jun 26 12:54:56 UTC 2003 [ I ] main: AStore Done Loading. 327Thu Jun 26 12:54:56 UTC 2003 [ I ] main: Created SYS_MESS_TIME_IDX index.Thu Jun 26 12:54:56 UTC 2003 [ I ] main: Created SYS_MESS_NODE_IDX index.Thu Jun 26 12:54:56 UTC 2003 [ I ] main: No Consistency check for store.Thu Jun 26 12:54:56 UTC 2003 [ I ] main: Successfully initialized management tablesNode successfully registered with id 103Registration complete.ServiceEngine#The following example shows the use of the cms recover identity command when the hostname of the SE does not match the hostname configured in the CDSM GUI:
ServiceEngine# cms recover identity defaultRegistering this node as Service Engine...Sending identity recovery request with key defaultThu Jun 26 13:16:09 UTC 2003 [ I ] main: creating 24 messagesThu Jun 26 13:16:09 UTC 2003 [ I ] main: creating 12 dispatchersThu Jun 26 13:16:09 UTC 2003 [ I ] main: Sending registration message to CDSM 10.107.192.168There are no SE devices in CDNregister: Registration failed.ServiceEngine#Related Commands
cms enable
Enables the CMS.
show cms
Displays the CMS protocol, embedded database content, maintenance status, and other information.
cms (Global configuration)
To schedule maintenance and enable the Centralized Management System (CMS) on a given node, use the cms command in Global configuration mode. To negate these actions, use the no form of this command.
cms {database maintenance {full {enable | schedule weekday at time} | regular {enable | schedule weekday at time}} | enable | rpc timeout {connection 5-1800 | incoming-wait 10-600 | transfer 10-7200}}
no cms {database maintenance {full {enable | schedule weekday at time} | regular {enable | schedule weekday at time}} | enable | rpc timeout {connection 5-1800 | incoming-wait 10-600 | transfer 10-7200}}
Syntax Description
Defaults
database maintenance regular: enabled
database maintenance full: enabled
connection: 30 seconds for CDSM; 180 seconds for the SE and the SR
incoming wait: 30 seconds
transfer: 300 seconds
Command Modes
Global configuration (config) mode.
Usage Guidelines
Use the cms database maintenance command to schedule routine, full-maintenance cleaning (vacuuming) or a regular maintenance reindexing of the embedded database. The full maintenance routine runs only when the disk is more than 90 percent full and runs only once a week. Cleaning the tables returns reusable space to the database system.
The cms enable command automatically registers the node in the database management tables and enables the CMS process. The no cms enable command stops only the management services on the device and does not disable a primary sender. You can use the cms deregister command to remove a primary or backup sender SE from the CDS network and to disable communication between two multicast senders.
Examples
The following example shows how to schedule a regular (reindexing) maintenance routine to start every Friday at 11:00 p.m.:
ServiceEngine(config)# cms database maintenance regular schedule Fri at 23:00The following example shows how to enable the CMS process on an SE:
ServiceEngine(config)# cms enableThis operation needs to restart http proxy and streaming proxies/servers (if running) for memory reconfiguration. Proceed? [ no ] yesRegistering this node as Service Engine...Thu Jun 26 13:18:24 UTC 2003 [ I ] main: creating 24 messagesThu Jun 26 13:18:25 UTC 2003 [ I ] main: creating 12 dispatchersThu Jun 26 13:18:25 UTC 2003 [ I ] main: Sending registration message to CDSM 10.107.192.168Thu Jun 26 13:18:27 UTC 2003 [ I ] main: Connecting storeSetup for SE.Thu Jun 26 13:18:27 UTC 2003 [ I ] main: Instantiating AStore 'com.cisco.unicorn.schema.PSqlStore'...Thu Jun 26 13:18:28 UTC 2003 [ I ] main: Successfully connected to databaseThu Jun 26 13:18:28 UTC 2003 [ I ] main: Registering object factories for persistent store...Thu Jun 26 13:18:35 UTC 2003 [ I ] main: Dropped Sequence IDSET.Thu Jun 26 13:18:35 UTC 2003 [ I ] main: Dropped Sequence GENSET.Thu Jun 26 13:18:35 UTC 2003 [ I ] main: Dropped Table USER_TO_DOMAIN....Thu Jun 26 13:18:39 UTC 2003 [ I ] main: Created Table FILE_CDSM.Thu Jun 26 13:18:40 UTC 2003 [ I ] main: Created SYS_MESS_TIME_IDX index.Thu Jun 26 13:18:40 UTC 2003 [ I ] main: Created SYS_MESS_NODE_IDX index.Thu Jun 26 13:18:40 UTC 2003 [ I ] main: No Consistency check for store.Thu Jun 26 13:18:40 UTC 2003 [ I ] main: Successfully created management tablesThu Jun 26 13:18:40 UTC 2003 [ I ] main: Registering object factories for persistent store...Thu Jun 26 13:18:40 UTC 2003 [ I ] main: AStore Loading store data...Thu Jun 26 13:18:41 UTC 2003 [ I ] main: ExtExpiresRecord Loaded 0 Expires records.Thu Jun 26 13:18:41 UTC 2003 [ I ] main: Skipping Construction RdToClusterMappings on non-CDSM node.Thu Jun 26 13:18:41 UTC 2003 [ I ] main: AStore Done Loading. 336Thu Jun 26 13:18:41 UTC 2003 [ I ] main: Created SYS_MESS_TIME_IDX index.Thu Jun 26 13:18:41 UTC 2003 [ I ] main: Created SYS_MESS_NODE_IDX index.Thu Jun 26 13:18:41 UTC 2003 [ I ] main: No Consistency check for store.Thu Jun 26 13:18:41 UTC 2003 [ I ] main: Successfully initialized management tablesNode successfully registered with id 28940Registration complete.Warning: The device will now be managed by the CDSM. Any configuration changesmade via CLI on this device will be overwritten if they conflict with settings on the CDSM.Please preserve running configuration using 'copy running-config startup-config'.Otherwise management service will not be started on reload and node will be shown'offline' in CDSM UI.management services enabledServiceEngine(config)#Related Commands
configure
To enter Global configuration mode, use the configure command in EXEC configuration mode.
configure
To exit Global configuration mode, use the end or exit commands. In addition, you can press Ctrl-Z to exit from Global configuration mode.
Syntax Description
This command has no keywords or arguments.
Defaults
None
Command Modes
EXEC configuration mode.
Examples
The following example shows how to enable Global configuration mode:
ServiceEngine# configureServiceEngine(config)#Related Commands
contentmgr
To configure the Content Manager, use the contentmgr command in Global configuration mode. To remove the configuration, use the no form of this command.
contentmgr {delivery-service cache-content purge-on-delete num | disk-bucket-fail-threshold num | hitcnt-decay-half-life num | slowscan-time time | transaction-logs-disable}
no contentmgr {delivery-service cache-content purge-on-delete num | disk-bucket-fail-threshold num | hitcnt-decay-half-life num | slowscan-time time | transaction-logs-disable}
Syntax Description
Defaults
purge-on-delete: 5 minutes
disk-bucket-fail-threshold: default is 30 percent.
hitcnt-decay-half-life: default is 14 days.
Command Modes
Global configuration (config) mode.
Usage Guidelines
As part of FastCAL, the Content Manager module replaces the Ucache process in Cisco Internet Streamer CDS 2.6 Release software. The Content Manager keeps track of all the files in CDNFS, and maintains all content popularity information and stores it in a snapshot file.
The contentmgr disk-bucket-fail-threshold command monitors the percentage of disks failed in a particular disk bucket. A minor alarm would be raised if the percentage disk failure crosses the configured threshold value.
A disk bucket is a logical unit in FastCAL module, where all the disks on an SE are distributed equally among each disk bucket. The number of disk buckets can be 1, 3, or 4 depending on the platform.
For example:
•
–
–
–
disk-bucket00 | disk-bucket01 | disk-bucket02
--------------|-----------------|---------------
disk00 | disk01 | disk02
disk03 | disk04 | disk05
disk06 | disk07 | disk08
disk09 | disk10 | disk11
–
2S6 = 4
2M1 = 3
2M0 = 4
2S3I = 3
CDE220 = 3
2G2 = 3
CDE205 = 1
Use the contentmgr hitcnt-decay-half-life command to configure the time period after which cache hit count is decayed.
The Content Manager transaction logs help identify whether a content is being added, updated, deleted, or evicted. The format for Content Manager transaction logging is as follows:
ServiceEngine# tail -f /local/local1/logs/content_mgr/working.logExamples
The following example shows how to configure the Content Manager delivery service cache content purge on delete after 10 minutes:
ServiceEngine# delivery-service cache-content purge-on-delete 10ServiceEngine(config)#The following example shows how to configure the cache hit count half life to 10 days:
ServiceEngine# contentmgr hitcnt-decay-half-life 10ServiceEngine(config)#The following example shows how to configure the percentage of disk failures to 20 percent:
ServiceEngine# contentmgr disk-bucket-fail-threshold 20ServiceEngine(config)#The following example shows the disk bucket alarm:
ServiceEngine# show alarmsCritical Alarms:----------------NoneMajor Alarms:-------------Alarm ID Module/Submodule Instance-------------------- -------------------- -------------------------1 cms_clock_alarm cmsMinor Alarms:-------------Alarm ID Module/Submodule Instance-------------------- -------------------- -------------------------1 psu sysmon Power Supply2 disk_bucket_thresh sysmon/cmgr/bucket00 Disk Bucket 003 disk_bucket_thresh sysmon/cmgr/bucket01 Disk Bucket 014 disk_failure sysmon disk055 disk_failure sysmon disk096 disk_failure sysmon disk12Related Commands
content-mgr disk-info force-reset
To force the Content Manager to reset the disk share memory information, use the copy command in EXEC configuration mode.
content-mgr disk-info-force-reset
Syntax Description
This command has no keywords or arguments.
Defaults
None
Command Modes
EXEC configuration mode.
Examples
The following example shows how to force the Content Manager to reset the disk share memory information:
ServiceEngine# content-mgr disk-info force-resetDisk info force reset completed.Related Commands
contentmgr
Configures the Content Manager.
show content-mgr
Displays all content management information.
show statistics content-mgr
Displays the Content Manager statistics.
content-origin
To support multiple origin servers within a content origin, use the content-origin command in Global configuration mode. To remove configured content origin, use the no form of this command.
content-origin request-fqdn domain config-url url [username username password password]
no content-origin request-fqdn domain config-url url [username username password password]
Syntax Description
request-fqdn
Configures the request FQDN1 .
domain
Domain of the request FQDN. Domain size range should be between 1to 255 characters.
config-url
URL of the content origin configuration file.
url
URL name.
username
Configures a username to access configuration file.
username
Specifies a username.
password
Configures a password to access configuration file.
password
Specifies a password.
1 fully qualified domain name.
Defaults
None
Command Modes
Global configuration mode.
Usage Guidelines
Previously, only one origin server per content origin was allowed and the same origin server could not be shared across multiple content origins. Users had to create delivery services or content origins and different content origin domain names resolving to same IP addresses of the origin server. This created much overhead during deployment. The content-origin command supports multiple origin servers within a content origin and allows users to share single origin servers across multiple delivery service or content origins.
Examples
The following example shows how to create a
ServiceEngine# content-origin request-fqdn xxx.com config-url http://171.XX.XX.XXX/cdsorigin.xml username admin password defaultRelated Commands
copy
To copy the configuration or image data from a source to a destination, use the copy command in EXEC configuration mode.
copy cdnfs disk url sysfs-filename
copy disk {ftp {hostname | ip-address} remotefiledir remotefilename localfilename | startup-config filename}
copy ftp {disk {hostname | ip-address} remotefiledir remotefilename localfilename | install {hostname | ip-address} remotefiledir remotefilename}
copy http install {{hostname | ip-address} remotefiledir remotefilename} [port port-num [proxy {hostname | ip-address} | username username password [proxy {hostname | ip-address} proxy_portnum]] | proxy {hostname | ip-address} proxy_portnum | username username password [proxy {hostname | ip-address} proxy_portnum]]
copy running-config {disk filename | startup-config}
copy startup-config {disk filename | running-config}
copy system-status disk filename
copy tech-support {disk filename | remotefilename}
Syntax Description
Defaults
HTTP server port: 80
Default working directory for sysfs files: /local1
Command Modes
EXEC configuration mode.
Usage Guidelines
The copy cdnfs command in EXEC configuration mode copies data files from of the CDNFS to the sysfs for further processing. For example, you can use the install imagefilename command in EXEC configuration mode to provide the copied files to the command.
The copy disk ftp command copies files from a sysfs partition to an FTP server. The copy disk startup-config command copies a startup configuration file to NVRAM.
The copy ftp disk command copies a file from an FTP server to a sysfs partition.
Use the copy ftp install command to install an image file from an FTP server. Part of the image goes to the disk and part goes to the flash memory.
Use the copy http install command to install an image file from an HTTP server and install it on a local device. It transfers the image from an HTTP server to the SE using HTTP as the transport protocol and installs the software on the device. Part of the image goes to the disk and part goes to the flash memory. You can also use this command to redirect your transfer to a different location or HTTP proxy server, by specifying the proxy hostname | ip-address option. A username and a password have to be authenticated with the remote HTTP server if the server is password protected and requires authentication before the transfer of the software release file to the SE is allowed.
Use the copy running-config command to copy the running system configuration to a sysfs partition or flash memory. The copy running-config startup-config command is equivalent to the write memory command.
The copy startup-config command copies the startup configuration file to a sysfs partition.
The copy system-status command creates a file on a sysfs partition containing hardware and software status information.
The copy tech-support tftp command copies technical support information to a a sysfs partition.
Related Commands
cpfile
To make a copy of a file, use the cpfile command in EXEC configuration mode.
cpfile oldfilename newfilename
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
Use this command to create a copy of a file. Only sysfs files can be copied.
Examples
The following example shows how to create a copy of a file:
ServiceEngine# cpfile syslog.txt syslog.txt.saveRelated Commands
debug
To monitor and record caching application functions, use the debug command in EXEC configuration mode. To disable these functions, use the no form of this command.
debug option
no debug option
Syntax Description
Defaults
debug all: default logging level is ERROR.
Command Modes
EXEC configuration mode.
Usage Guidelines
We recommend that you use the debug command only at the direction of Cisco TAC because the SE performance is affected when you enter the debug command.
You can use the logging disk priority debug command with the debug command. This configuration causes the debugging messages to be logged in the syslog file, which is available in the /local1 directory by default. You can then download the messages from the SE, copy them to a local disk file (for example, using the copy disk ftp command), and forward the logs to Cisco TAC for further investigation.
By default, system log messages are logged to the console and you need to copy and paste the output to a file. However, this method of obtaining logs is more prone to errors than capturing all messages in the syslog.txt file. When you use system logging to a disk file instead of system logging to a console, there is no immediate feedback that debug logging is occurring, except that the syslog.txt file gets larger (you can track the lines added to the syslog.txt file by entering the type-tail syslog.txt follow command). When you have completed downloading the system logs to a local disk, disable the debugging functions by using the undebug command (see the "undebug" section section for more details), and reset the level of logging disk priority to any other setting that you want (for example, notice priority).
Table 2-2 shows valid values for the debug command options.
Table 2-2 debug Command Options
aaa
access-lists 300
dump
query
username username
groupname groupnames
debugs AAA.
Debugs the ACL.
Dumps the ACL contents.
Queries the ACL configuration.
Queries the ACL username.
Queries the ACL group name or names of groups of which the user is a member. Each group name must be separated by a comma.
acquirer
error
trace
Debugs the acquirer.
Sets the debug level to error.
Sets the debug level to trace.
all
Enables all debugging.
authentication
user
Debugs authentication.
Debugs the user login against the system authentication.
authsvr
error
trace
Debugs the Autnentication Server.
Sets the debug level to error.
Sets the debug level to trace.
bandwidth
advanced
error
trace
Debugs the bandwidth module.
Advanced bandwidth controller debug commands.
Sets the debug level to error.
Sets the debug level to trace.
buf
all
dmbuf
dmsg
Debugs the buffer manager.
Debugs all buffer manager functions.
Debugs the buffer manager dmbuf.
Debugs the buffer manager dmsg.
cache-content
all
error
trace
Debugs the caching service.
(Optional) Sets the debug level to all.
(Optional) Sets the debug level to error.
(Optional) Sets the debug level to trace.
cache-router
error
trace
Debugs the caching router.
Sets the debug level to error.
Sets the debug level to trace.
cdnfs
Debugs the CNNFS.
cli
all
bin
parser
Debugs the CLI command.
Debugs all CLI commands.
Debugs the CLI command binary program.
Debugs the CLI command parser.
cms
Debugs the CMS.
content-mgr
error
trace
Debugs the Content Manager.
Sets the debug level to error.
Sets the debug level to trace.
dataserver
all
clientlib
server
Debugs the data server.
Debuts all data server functions.
Debugs the data server client library module.
Debugs the data server module.
dfs
all
api
diskcache
memcache
rawio
Debugs the DFS.
Sets the debug level to all.
Debugs the DFS application API.
Debugs the DFS in-memory disk-directory cache management.
Debugs the DFS in-memory cache.
Debugs the DFS raw disk I/O.
dhcp
Debugs the DHCP.
distribution
all
error
trace
mcast-data-receiver
error
trace
mcast-data-sender
error
trace
metadata-receiver
error
trace
metadata-sender
error
trace
unicast-data-receiver
error
trace
unicast-data-sender
error
trace
Debugs the distribution components.
Debugs all distribution components.
Debugs all distribution components to error level 1 (show error).
Debugs all distribution components to trace level 2 (show error and trace).
Debugs the multicast receiver distribution component.
Debugs the multicast receiver distribution component to error level 1.
Debugs the multicast receiver distribution component to trace level 2.
Debugs the multicast sender distribution component.
Debugs the multicast sender distribution component to error level 1.
Debugs the multicast sender distribution component to trace level 2.
Debugs the metadata receiver distribution component.
Debugs the metadata receiver distribution component to error level 1.
Debugs the metadata receiver distribution component to trace level 2.
Debugs the metadata sender distribution component.
Debugs the metadata sender distribution component to error level 1.
Debugs the metadata sender distribution component to trace level 2.
Debugs the unicast receiver distribution component.
Debugs the unicast receiver distribution component to error level 1.
Debugs the unicast receiver distribution component to trace level 2.
Debugs the unicast sender distribution component.
Debugs the unicast sender distribution component to error level 1.
Debugs the unicast sender distribution component to trace level 2.
emdb
level
(0-16)
Debugs the embedded database.
(Optional) Debug level.
Debug level 0 through 16.
flash-media-streaming
error
trace
Debugs Flash Media Streaming.
Debugs the Flash Media Streaming log level error.
Debugs the Flash Media Streaming log level debug.
http
service-router
Debugs HTTP.
Debugs the HTTP Service Router.
icap
all
client
daemon
Debugs ICAP.
Debugs both ICAP client and ICAP daemon processing.
Debugs the ICAP client (caching proxy) processing.
Debugs the ICAP daemon processing.
ip
bgp
ospf
proximity
all
ippc
rib
Debugs Internet Protocol.
Debugs Border Gateway Protocol.
Debugs OSPF events.
Proximity debug commands.
All Proximity debugging information.
Proximity IPPC debugs.
Debugs IP routing table events.
isis
adjacency
all
csnp
dis
esis
event
hello
lsp
mpls
psnp
spf
timer
Debugs IS-IS Routing for IP.
Debugs IS-IS adjacency information.
Debugs all IS-IS debugging.
Debugs IS-IS Complete Sequence Number PDU (CSNP) information.
Debugs IS-IS DIS election information.
Debugs IS-IS ESIS information.
Debugs IS-IS event information.
Debugs IS-IS hello information.
Debugs IS-IS timer LSP information.
Debugs IS-IS MPLS information.
Debugs IS-IS PSNP information.
Debugs IS-IS SPF information.
Debugs IS-IS timer information.
logging
all
Debugs logging.
Debugs all logging functions.
malloc
cache-app
all
caller-accounting
catch-double-free
check-boundaries
check-free-chunks
clear-on-alloc
statistics
dns-server
all
caller-accounting
catch-double-free
check-boundaries
icap
caller-accounting
catch-double-free
check-boundaries
log-directory
word
Debug commands for memory allocation.
Debugging commands for cache application memory allocation.
Sets the debug level to all.
Collects statistics for every distinct allocation call-stack.
Alerts if application attempts to release the same memory twice.
Checks boundary over and under run scribble.
Checks if free chunks are over-written after release.
Ensures all allocations are zero-cleared.
Allocator use statistical summary.
DNS Caching Service memory allocation debugging.
Sets the debug level to all.
Collects statistics for every distinct allocation call-stack.
Alerts if application attempts to release the same memory twice.
Checks boundary over and under run scribble.
ICAP Service memory allocation debugging.
Collects statistics for every distinct allocation call-stack.
Alerts if application attempts to release the same memory twice.
Checks boundary over and under run scribble.
Memory allocation debugging log directory.
Directory path name.
movie-streamer
error
trace
Debug commands for the Movie Streamer.
Sets the debug level to error.
Sets the debug level to trace.
ntp
Debugs NTP.
qos
policy service
error
trace
Debug commands for the QoS component.
Debug commands for the policy service.
Sets the debug level to error.
Sets the debug level to trace.
rbcp
Debugs the RBCP (Router Blade Configuration Protocol) functions.
rpc
detail
trace
Displays the remote procedure call (RPC) logs.
Displays the RPC logs of priority detail level or higher.
Displays the RPC logs of priority trace level or higher.
rtsp
gateway
error
trace
Debugs the RTSP functions.
Debugs the RTSP gateway.
Debugs the RTSP gateway to level 1 (show error).
Debugs the RTSP gateway to level 2 (show error and trace).
rule
action
all
pattern
Debugs the Rules Template.
Debugs the rule action.
Debugs all rule functions.
Debugs the rule pattern.
service-router
servicemonitor
Debug commands for the Service Router.
Debug commands for the service monitor.
session-manager
critical
error
trace
Session manager debug commands.
Sets the debug level to critical.
Sets the debug level to error.
Sets the debug level to trace.
snmp
agent
all
cli
main
mib
traps
Debugs SNMP.
SNMP agent debug.
Debugs all SNMP functions.
Debugs the SNMP CLI.
Debugs the SNMP main.
Debugs the SNMP MIB.
Debugs the SNMP traps.
srp
all
api
configuration
database
error
function
host
internal
ippc
ippc-dump
key
leafset
lock
multicast
neighbor
packet
private
replica
route
session
srhp-packet
startup
sync
Debugs the Service Routing Protocols.
Debugs all SRP.
Debugs the SRP API.
Debugs the SRP configuration.
Debugs the SRP database.
Debugs the SRP error.
Debugs the SRP function.
Debugs the SRP host.
Debugs the SRP internal.
Debugs the SRP ippc (inter process command).
Debugs the SRP ippc (pkt) dump.
Debugs the SRP key.
Debugs the SRP leafset.
Debugs the SRP lock.
Debugs the SRP multicast.
Debugs the SRP neighbor.
Debugs the SRP packet.
Debugs the SRP private.
Debugs the SRP replica.
Debugs the SRP route.
Debugs the SRP session.
Debugs the SRP srhp packet.
Debugs the SRP startup.
Debugs the SRP sync.
standby
all
Debugs standby functions.
(Optional) Debugs all standby functions.
stats
all
collection
computation
history
Debugs the statistics.
Debugs all statistics functions.
Debugs the statistics collection.
Debugs the statistics computation.
Debugs the statistics history.
svc
all
desci
desc
err
ippc
xml
registry
err
if
ippc
svc
ven
Debugs the Service Registration Daemon and Descriptor Interpreter.
Debugs all SVCREG and Descriptor Interpreter Library (DESCI).
DESCI debug commands.
Debugs DESCI desc.
DESCI internal error.
Debugs DESCI ippc (inter process comm).
Debugs DESCI xml.
Service Registry Daemon (SVCREG) debug commands.
SVCREG internal error.
Debugs SVCREG interface.
Debugs SVCREG ippc (inter process comm).
Debugs SVCREG svc.
Debugs SVCREG ven.
translog
all
archive
export
Debugs the transaction logging.
Debugs all transaction logging.
Debugs the transaction log archive.
Debugs the transaction log FTP export.
uns
all
error
trace
Unified naming service debug commands.
(Optional) Sets the debug level to all.
(Optional) Sets the debug level to error.
(Optional) Sets the debug level to trace.
webengine
error
trace
WebEngine debug commands.
Sets the debug level to error.
Sets the debug level to trace.
wi
Debugs the web interface.
wmt
error
client-ip cl-ip-address
server-ip sv-ip-address
trace
client-ip cl-ip-address
server-ip sv-ip-address
Debugs the WMT component.
Debugs the WMT level 1 functionality. For more information, see the "Using WMT Error Logging" section.
(Optional) Debugs the request from a specific client IP address to level 1 (show error).
(Optional) Debugs the request to a specific server IP address to level 1 (show error).
Debugs the WMT level 2 functionality.
(Optional) Debugs the request from a specific client IP address to level 2 (show error and trace).
(Optional) Debugs the request to a specific server IP address to level 2 (show error and trace).
Debugging Keywords
All modules have debug error as the default level if they support the error keyword; however, when you execute the show debug command, the error does not display.
Some modules have two debugging keywords (error and trace), but you cannot enable both at the same time. See the table above to identify commands with only the error and trace keywords.
Some modules have the all keyword through which you can enable both the error and trace keywords at the same time. This results in debug set to everything. See Table 2-2 to identify commands with the all keyword.
Note
Debugging the Authsvr
Table 2-3 shows the authsvr debugging commands and provides the corresponding log and error display information.
Debugging Cdnfs
You can use the debug cdnfs command to monitor the lookup and serving of prepositioned files. If prepositioned files are available in CDNFS but are not served properly, you can use the debug cdnfs command.
Using WMT Error Logging
Error logs are in the same format and location as syslogs. The WMT log messages are logged to /local1/errorlog/wmt_errorlog.current.
You can configure the SE for WMT error logging by using the debug wmt error command in EXEC configuration mode. This command debugs WMT level 1 functionality.
Logging WMT Client Disconnects
When a WMT client is disconnected abruptly, the reasons for the client disconnect (for example, the request was blocked by the rules, the maximum incoming or outgoing bit-rate limit was reached, the maximum incoming or outgoing bandwidth limit was reached) are logged in Internet Streamer CDS software error logs.
The client information includes the client IP address, the server IP address, the requested URL, the client protocol, the version of the client media player, the number of packets that the client received, and the number of packets that the server sent.
Related Commands
logging
Configures system logging (syslog).
show debugging
Displays the state of each debugging option.
undebug
Disables the debugging functions (see also debug).
debug ip bgp
To display information relating to the BGP process, use the debug ip bgp command in privileged EXEC configuration mode. To disable the display of BGP information, use the undebug form of this command.
debug ip bgp {A.B.C.D. | all | brib | events | internal | io | keepalives | list | packets | rib | updates}
undebug ip bgp {A.B.C.D. | all | brib | events | internal | io | keepalives | list | packets | rib | updates}
Syntax Description
Command Default
Debugging of the keepalives is turned on upon the start of the BGP daemon.
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
This command turns on BGP debugging information. When debug ip bgp is turned on, the performance of the Proximity Engine may be impacted slightly.
Examples
The following example shows sample output displayed before and after running the debug ip bgp all command:
ServiceRouter# show debugging ip bgpDebugs Enabled: KeepalivesServiceRouter# debug ip bgp allBGP all information debug is onServiceRouter# show debugging ip bgpDebugs Enabled: Events Internal RIB BRIB Updates Keepalives Packets IO ListServiceRouter#When the undebug ip bgp all command is run, the following output is displayed:
ServiceRouter# undebug ip bgp allBGP all information debug is offRelated Commands
debug ip ospf
To display information related to OSPF process, use the debug ip ospf command in privileged EXEC configuration mode. To disable the display of OSPF information, use the undebug form of this command.
debug ip ospf {adjacency [detail | terse] | all [detail | terse] | database [detail | terse] | database-timers | events [detail | terse] | flooding [detail | terse] | hello | lsa-generation [detail | terse] | packets | retransmission | spf [detail | terse] | spf-trigger [detail]}
undebug ip ospf {adjacency [detail | terse] | all [detail | terse] | database [detail | terse] | database-timers | events [detail | terse] | flooding [detail | terse] | hello | lsa-generation [detail | terse] | packets | retransmission | spf [detail | terse] | spf-trigger [detail]}
Syntax Description
adjacency
Specifies the adjacency events.
detail
Displays detailed neighbor events.
terse
Displays only major events.
all
All OSPF debugging.
database
OSPF LSDB1 changes.
database-timers
OSPF LSDB timers.
events
OSPF related events.
flooding
LSAs2 flooding.
hello
Hello packet and DR elections.
lsa-generation
Local OSPF LSA generation.
packets
OSPF packets.
retransmission
OSPF retransmission events.
spf
SPF calculation.
spf-trigger
Show SPF triggers
1 LSDB = link-state database
2 LSAs = link-state advertisement
Command Default
Display of information related to the OSPF process is disabled.
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
When debug ip ospf is turned on, the performance of the Proximity Engine may be impacted slightly.
Examples
Add the detail or terse keywords to each of the following commands to enable detailed or major events respectively.
The following example shows how to enable neighbor adjacency events:
ServiceRouter# debug ip ospf adjacencyServiceRouter#The following example shows how to enable all OSPF debugging:
ServiceRouter# debug ip ospf allServiceRouter#The following example shows how to enable debugging for OSPF LSDB changes:
ServiceRouter# debug ip ospf databaseServiceRouter#The following example shows how to enable debugging for OSPF LSDB timers:
ServiceRouter# debug ip ospf database-timersServiceRouter#The following example shows how to enable debugging for OSPF-related events:
ServiceRouter# debug ip ospf eventsServiceRouter#The following example shows how to enable debugging for LSA flooding events:
ServiceRouter# debug ip ospf floodingServiceRouter#The following example shows how to enable debugging for hello packets and DR elections:
ServiceRouter# debug ip ospf helloServiceRouter#The following example shows how to enable debugging for local OSPF LSA generation events:
ServiceRouter# debug ip ospf lsa-generationServiceRouter#The following example shows how to enable debugging for of OSPF packets:
ServiceRouter# debug ip ospf packetsServiceRouter#The following example shows how to enable debugging for OSPF retransmission events:
ServiceRouter# debug ip ospf retransmissionServiceRouter#The following example shows how to enable debugging for SPF calculations:
ServiceRouter# debug ip ospf spfServiceRouter#The following example shows how to enable debugging for SPF triggers:
ServiceRouter# debug ip ospf spf-triggerServiceRouter#Related Commands
show debugging ip ospf
Displays the state of each debugging option for the OSPF process.
debug ip proximity
To debug the transport layer of proximity process in an SR, use the debug ip proximity command in privileged EXEC mode. To disable the display of RIB information, use the no form of this command.
debug ip proximity {all | ippc {connection | execute | message | response | send}}
no debug ip proximity {all | ippc {connection | execute | message | response | send}}
Syntax Description
Command Default
None
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
The debug ip proximity command enables debugging of the transport layer of the proximity process in an SR to troubleshoot problems with proximity request and response.
Examples
The following example shows how to :
ServiceRouter# debug ip proximity allServiceRouter#Related Commands
show debugging ip proximity
Displays the debug options that are enabled for the proximity process.
debug ip rib
To display RIB information, use the debug ip rib command in privileged EXEC mode. To disable the display of RIB information, use the no form of this command.
debug ip rib [add-route | all | delete-route | detail | mod-route | proximity | rnh | summary]
no debug ip rib [add-route | all | delete-route | detail | mod-route | proximity | rnh | summary]
Syntax Description
Command Default
None
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
This command is used to display debug information related to the routing information base (RIB).
Examples
The following example shows how to display the RIB information:
ServiceRouter# debug ip ribServiceRouter#The following example shows how to add routes:
ServiceRouter# debug ip rib add-routeServiceRouter#The following example shows how to turn on all IP routing table events:
ServiceRouter# debug ip rib allServiceRouter#The following example shows how to remove routes:
ServiceRouter# debug ip rib delete-routeServiceRouter#The following example shows how to enable detailed debugging for IP routing:
ServiceRouter# debug ip rib detailServiceRouter#The following example shows how to modify IP routing events:
ServiceRouter# debug ip rib mod-routeServiceRouter#The following example shows how to turn on proximity debugging information:
ServiceRouter# debug ip rib proximityURIB proximity routing information debug is onServiceRouter#The following example shows how to enable recursive next hop events:
ServiceRouter# debug ip rib rnhServiceRouter#The following example shows how to display a one-line summary or URIB I/O events:
ServiceRouter# debug ip rib summaryServiceRouter#Related Commands
show debugging ip rib
Displays the debug options that are enabled for the RIB process.
debug isis
To display information related to IS-IS process, use the debug isis command in privileged EXEC configuration mode. To disable the display of IS-IS information, use the undebug form of this command.
debug isis [adjacency | all | csnp | dis | esis | event | hello | lsp | mpls | psnp | route-map | spf | timer]
undebug isis [adjacency | all | csnp | dis | esis | event | hello | lsp | mpls | psnp | route-map | spf | timer]
Syntax Description
Command Default
Display of debugging information is disabled.
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
When debug isis is turned on, the performance of the Proximity Engine may be impacted slightly.
Examples
The following example shows how to turn on the debug information for the interaction between IS-IS and the RPM API library:
ServiceRouter# debug isis route-mapServiceRouter#Related Commands
show debugging isis
Displays the debug options that are enabled for the IS-IS process.
debug srp
To turn on SRP debugging information, use the debug srp command in Privileged EXEC configuration mode. To turn off the debugging information, use the no form of this command.
debug srp option
no debug srp option
Syntax Description
option
Specifies the category of SRP debugging information to turn on. See Table 2-4 for a list of option values.
Command Default
None
Command Modes
Privileged EXEC configuration mode.
Usage Guidelines
This command turns on SRP debugging information logging either in the trace file or log file.
The log file for SRP is /local/local1/errorlog/srp_log.current. The option argument to the debug srp command specifies a keyword indicating the category of SRP debugging information logging to turn on. Table 2-4 lists the values that can be specified in the option argument.
Each debugging information message includes a tag that indicates the debugging category. For example, the SRP API debug messages include the tag SRP_DEBUG_API. Table 2-4 lists the tags that are used for each category of debugging information.
To turn off SRP debugging information, use the undebug srp command in privileged EXEC configuration mode.
Examples
The following example shows how to use the debug srp command to turn on SRP host and neighbor debugging information logging:
ServiceRouter# debug srp hostServiceRouter# debug srp neighborRelated Commands
show debugging srp
Displays the debug flags that are turned on for the SRP.
undebug srp
Turns off SRP debugging information.
delfile
To delete a file, use the delfile command in EXEC configuration mode.
delfile filename
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
Use this command to remove a file from a sysfs partition.
Examples
The following example shows how to delete a file:
ServiceEngine# delfile /local1/tempfileRelated Commands
cpfile
Copies a file.
deltree
Deletes a directory and its subdirectories.
mkdir
Creates a directory.
mkfile
Creates a file (for testing).
rmdir
Removes a directory.
deltree
To remove a directory with its subdirectories and files, use the deltree command in EXEC configuration mode.
deltree directory
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
Use this command to remove a directory and all files within the directory from the SE sysfs file system. Do not remove files or directories required for proper SE functioning.
Examples
The following example shows how to delete a directory from the /local1 directory:
ServiceEngine# deltree /local1/testdirRelated Commands
delfile
Deletes a file.
mkdir
Creates a directory.
mkfile
Creates a file (for testing).
rmdir
Removes a directory.
device
To configure the mode of operation on a device as a CDSM, SE or SR, use the device command in Global configuration mode. To reset the mode of operation on a device, use the no form of this command.
device mode {content-delivery-system-manager | service-engine | service-router}
no device mode {content-delivery-system-manager | service-engine | service-router}
Syntax Description
Defaults
The default device operation mode is SE.
Command Modes
Global configuration (config) mode.
Usage Guidelines
A CDSM is the content management and device management station of an CDS network that allows you to specify what content is to be distributed, and where the content should be distributed. If an SR is deployed in the CDS network, the SR redirects the client based on redirecting policy. An SE is the device that serves content to the clients. There are typically many SEs deployed in an CDS network, each serving a local set of clients. IP/TV brings movie-quality video over enterprise networks to the desktop of the CDS network user.
Because different device modes require disk space to be used in different ways, disk space must also be configured when the device mode changes from being an SE or SR to CDSM (or the other way around). You must reboot the device before the configuration changes to the device mode take effect.
Disks must be configured before device configuration is changed. Use the disk configure command to configure the disk before reconfiguring the device to the SE or SR mode. Disk configuration changes using the disk configure command takes effect after the next device reboot.
To enable CDS network-related applications and services, use the cms enable command. Use the no form of this command to disable the CDS network.
All CDS devices ship from the factory as SEs. Before configuring network settings for CDSMs and SRs using the CLI, change the device from an SE to the proper device mode.
Configuring the device mode is not a supported option on all hardware models. However, you can configure some hardware models to operate as any one of the four content networking device types. Devices that can be reconfigured using the device mode command are shipped from the factory by default as SEs.
To change the device mode of your SE, you must also configure the disk space allocations, as required by the different device modes, and reboot the device for the new configuration to take effect.
When you change the device mode of an SE to an SR or CDSM, you may need to reconfigure the system file system (sysfs). However, SRs and CDSMs do not require any disk space other than sysfs. When you change the device mode to an SR or a CDSM, disk configuration changes are not required because the device already has some space allotted for sysfs. sysfs disk space is always preconfigured on a factory-fresh CDS network device.
If you are changing the device mode of an SR or a CDSM back to an SE, configure disk space allocations for the caching, pre-positioning (CDNFS) and system use (sysfs) file systems that are used on the SE. You can configure disk space allocations either before or after you change the device mode to an SE.
Examples
The following examples show the configuration from the default mode, SE, to the CDSM, SR, and SE modes:
ServiceEngine(config)# device mode content-delivery-system-managerCDSM(config)# device mode service-routerServiceRouter(config)# device mode service-engineRelated Commands
show device-mode
Displays the configured or current mode of a CDSM, SE, or SR device.
dir
To view a long list of files in a directory, use the dir command in EXEC configuration mode.
dir [directory]
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
Use this command to view a detailed list of files contained within the working directory, including names, sizes, and time created. The equivalent command is lls.
Examples
The following example shows how to view a list of files in a directory:
ServiceEngine# dirsize time of last change name-------------- ------------------------- -----------3931934 Tue Sep 19 10:41:32 2000 errlog-cache-20000918-164015431 Mon Sep 18 16:57:40 2000 ii.cfg431 Mon Sep 18 17:27:46 2000 ii4.cfg431 Mon Sep 18 16:54:50 2000 iii.cfg1453 Tue Sep 19 10:34:03 2000 syslog.txt1024 Tue Sep 19 10:41:31 2000 <DIR> testdirRelated Commands
lls
Displays the files in a long list format.
ls
Lists the files and subdirectories in a directory.
direct-server-return
To enable a VIP for direct server return, use the direct-server-return command in Global configuration mode. To disable direct server return, use the no form of this command.
direct-server-return vip ip_address
no direct-server-return vip ip_address
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
Direct Server Return (DSR) is a method used by load balancer servers in a load balancing configuration. DSR responds directly to the client, bypassing the load balancer in the response path. Table 2-5 shows the Direct Server Return flow.
Note
Examples
The following example shows how to enable direct server return:
ServiceEngine(config)# direct-server-return vip 1.1.1.1ServiceEngine(config)#Related Commands
disable
To turn off privileged command in EXEC configuration mode, use the disable command in EXEC configuration mode.
disable
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The disable command places you in the user-level EXEC shell. To turn privileged EXEC configuration mode back on, use the enable command.
Examples
The following example shows how to enter the user-level EXEC configuration mode:
ServiceEngine# disableServiceEngine>Related Commands
disk (EXEC)
To configure disks and allocate disk space for devices that are using the CDS software, use the disk command in EXEC configuration mode.
disk {erase diskname | mark diskname {bad | good} | policy apply | recover-cdnfs-volumes | recover-system-volumes | repair diskname sector sector_address_in_decimal | unuse diskname}
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The disk space in the CDS software is allocated on a per-file system basis, rather than on a per-disk basis.
Note
The CDNFS amounts are reported by the actual usable amounts of storage for applications. Because of the internal file system overhead of approximately 3 percent, the reported amounts may be smaller than what you configured.
To view disk details, use the show disk details command.
Note
To show the space allocation in each individual file system type, use the show statistics cdnfs command.
After upgrading, the disk space allocation remains the same as previously configured.
Remapping of Bad Sectors on Disk Drives
The disk erase command in EXEC configuration mode performs a low-level format of the SCSI or SATA disks. This command erases all the content on the disk.
If a disk drive continues to report a failure after you have used the disk erase command, you must replace the disk drive.
Caution
Note
Erasing Disk Drives
The disk erase command replaced the disk reformat command. This command erases all the content on the disk. The sequence to erase a disk with the disk erase and then use the disk policy apply commands. If a disk drive continues to report a failure after you have used the disk erase command, you must replace the disk drive.
Caution
Disk Hot Swapping
A new disk is recognized and the RAID is rebuilt when the device is rebooted. After inserting the new disk, enter the disk policy apply command to force the Internet Streamer CDS software to detect the new disk and rebuild the RAID.
Note
The disk policy's design, when adding new disks, is to always favor safety. If when a new disk is added, the disk manager detects "degraded" or "bad" system volumes, the new disk is used to repair the system volumes. Thus, the disk manager always strives to have two disks allocated to the system volumes. If when a new disk is added, the system volumes are "normal" or "syncing," the new disk is added to the cdnfs volume.
Note
Repairing a Disk
The disk repair command re pairs the bad sector, including the proximal sectors. All data on the drive is lost, but the sectors are repaired and available for data storage again. This command provides equivalent functionality as the repair-disk utility. The disk repair command takes approximately three hours to complete per disk; after the repair disk command completes, reboot the SE to ensure all CDS software services are functioning correctly.
Caution
The disk repair command not only repairs the bad sectors, but reformats the entire drive, so all data on the drive is lost. The difference between the disk repair command and the disk erase command is that the disk erase command only re-initializes the file system and does not repair bad sectors.
A minor alarm is set when an LSE is detected. After the sector is repaired with the disk repair command, the alarm is turned off.
Minor Alarms:-------------Alarm ID Module/Submodule Instance-------------------- -------------------- -------------------------1 badsector sysmon disk11May 19 20:40:38.213 UTC, Equipment Alarm, #000003, 1000:445011"Device: /dev/sdl, 1 Currently unreadable (pending) sectors"Stopping Applications from Using a Disk Drive
The disk unuse command in EXEC configuration mode allows you to stop applications from using a specific disk drive (for example, disk01) without having to reboot the device.
Note
The disk unuse command has the following behavior:
•
•
•
Examples
The following example shows how to repair the sector 4660 on disk 02:
ServiceEngine# disk repair disk02 sector 4660
Note
The following examples show usage of the disk unuse command and the resultant actions:
ServiceEngine# disk unuse disk00disk00 has key CDNFS data and can not be unused!ServiceEngine# disk unuse disk01This will restart applications currently using disk01and unmount all partitions on disk01.Do you want to continue? (Yes/No): yes[WARNING] CDNFS and RAID SYSTEM partitions detected on disk01To safely remove a RAID SYSTEM disk, the entire drive must be erased. Thisoperation has little effect on the RAID-ed SYSTEM volumes, as their data canbe resynced. However, because the drive also contains non-RAID CDNFSdata, it will result in loss of all CDNFS data for this drive!Unuse disk01, erasing all CDNFS data? (Yes/No): yesdisk01 is now unused.All partitions on disk01 have been erased.ServiceEngine# disk unuse disk02This will restart applications currently using disk02and unmount all partitions on disk02.Do you want to continue? (Yes/No): yesdisk02 is now unusedThe following example shows how to view disk details:
ServiceEngine# show disk detailsdisk00: Normal (h02 c00 i00 l00 - mptsas) 476940MB(465.8GB)disk00/01: SYSTEM 5120MB(5.0GB) mounted internallydisk00/02: SYSTEM 2560MB(2.5GB) mounted internallydisk00/04: SYSTEM 1536MB(1.5GB) mounted internallydisk00/05: SYSFS 32767MB(32.0GB) mounted at /local1disk00/06: CDNFS 434948MB(424.8GB) mounted internallydisk01: Normal (h02 c00 i01 l00 - mptsas) 476940MB(465.8GB)Unallocated: 476940MB(465.8GB)disk02: Normal (h02 c00 i02 l00 - mptsas) 476940MB(465.8GB)disk02/01: CDNFS 476932MB(465.8GB) mounted internallyThe following example shows how to display the current disk space configuration:
ServiceEngine# show disk currentLocal disks:SYSFS 32.0GB 0.7%CDNFS 4616.0GB 99.3%The following examples show how to view space allocation in each file system type:
ServiceEngine# show statistics cdnfsCDNFS Statistics:------------------Volume on :size of physical filesystem: 444740904 KBspace assigned for CDNFS purposes: 444740904 KBnumber of CDNFS entries: 40 entriesspace reserved for CDNFS entries: 436011947 KBavailable space for new entries: 8728957 KBphysical filesystem space in use: 435593864 KBphysical filesystem space free: 9147040 KBphysical filesystem percentage in use: 98 %Volume on :size of physical filesystem: 444740904 KBspace assigned for CDNFS purposes: 444740904 KBnumber of CDNFS entries: 43 entriesspace reserved for CDNFS entries: 436011384 KBavailable space for new entries: 8729520 KBphysical filesystem space in use: 435593720 KBphysical filesystem space free: 9147184 KBphysical filesystem percentage in use: 98 %Volume on :size of physical filesystem: 488244924 KBspace assigned for CDNFS purposes: 488244924 KBnumber of CDNFS entries: 48 entriesspace reserved for CDNFS entries: 479612533 KBavailable space for new entries: 8632391 KBphysical filesystem space in use: 479152708 KBphysical filesystem space free: 9092216 KBphysical filesystem percentage in use: 99 %The following example shows how to erase all CDNFS volumes and reboot the SE:
ServiceEngine# disk recover-cdnfs-volumesThis will erase all CDNFS volumes.Any applications using CDNFS, including streaming applications, will be killed and the system will be rebooted.Please make sure you have offloaded the SE on the CDSM GUI so the SR is no longer sending traffic to this SE.Are you sure you want to proceed? [no] yes Are you really sure you want to proceed to recover and reload? [yes/no] yesStopping all services (this may take several minutes) ...diskman will now recover CDNFS volumes...CDNFS recovery complete, rebooting now...Related Commands
disk (Global configuration)
To configure how disk errors should be handled and to define a disk device error-handling threshold, use the disk command in Global configuration mode. To remove the device error-handling options, use the no form of this command.
disk error-handling {bad-sectors-mon-period minutes | reload | threshold {alarm-bad-sectors bad-sectors | alarm-remapped-sectors remapped-sectors | bad-sectors bad-sectors | errors errors}}
no disk error-handling {bad-sectors-mon-period minutes | reload | threshold {alarm-bad-sectors bad-sectors | alarm-remapped-sectors remapped-sectors | bad-sectors bad-sectors | errors errors}}
Syntax Description
Defaults
Bad sector minutes: 1440
Bad sectors alarm: 15
Remapped sectors: 128
Disk bad sectors: 30
Errors: 500
Command Modes
Global configuration (config) mode.
Usage Guidelines
To operate properly, the SE must have critical disk drives. A critical disk drive is the first disk drive that also contains the first sysfs (system file system) partition. It is referred to as disk00. Disk00 is not guaranteed to be the system drive or the 'key' CDNFS drive. For example, the system drives on a 2S6 are internal (disk24 and disk25), and the 'key' CDNSF disk is typically disk00, although it can move to other disks as a result of a missing or bad disk00.
The sysfs partition is used to store log files, including transaction logs, system logs (syslogs), and internal debugging logs. It can also be used to store image files and configuration files on an SE.
Note
When an SE is booted and a critical disk drive is not detected at system startup time, the CDS system on the SE runs at a degraded state. On a generic UCS system the boot partition resides on the system disk (single disk, no RAID). In the event that this disk dies, the system is unbootable. If one of the critical disk drives goes bad at run time, the CDS system applications can malfunction, hang, or crash, or the CDS system can hang or crash. Monitor the critical disk drives on an SE and report any disk drive errors to Cisco TAC.
In a RAIDed system, if a single system disk fails, the system handles the failure seamlessly (apart from any would be CDNFS partitions). If the 'key' CDNFS disk, typically the lowest numbered disk containing CDNFS, fails the system enters an bad state and must be rebooted. In a non-RAID system, if the system disk fails, the system is no longer boots.
With an CDS system, a disk device error is defined as any of the following events:
•
•
•
The disk status is recorded in flash (nonvolatile storage). When an error on an SE disk device occurs, a message is written to the system log (syslog) if the sysfs partition is still intact, and an SNMP trap is generated if SNMP is configured on the SE.
In addition to tracking the state of critical disk drives, you can define a disk device error-handling threshold on the SE. If the number of disk device errors reaches the specified threshold, the corresponding disk device is automatically marked as bad.
If the specified threshold is exceeded, the SE either records this event or reboots. If the automatic reload feature is enabled and this threshold is exceeded, then the CDS system automatically reboots the SE. For more information about specifying this threshold, see the "Specifying the Disk Error-Handling Threshold" section.
You can remap bad (but unused) sectors on a SCSI drive and SATA drives using the disk repair command.
Disk Latent Sector Error Handling
Latent Sector Errors (LSE) are when a particular disk sector cannot be read from or written to, or when there is an uncorrectable ECC error. Any data previously stored in the sector is lost. There is also a high probability that sectors in close proximity to the known bad sector have as yet undetected errors, and therefore are included in the repair process.
The syslog file shows the following disk I/O error message and smartd error message when there are disk sector errors:
Apr 28 21:00:26 U11-CDE220-2 kernel: %SE-SYS-4-900000: end_request: I/O error, dev sdd, sector 4660
Apr 28 21:00:26 U11-CDE220-2 kernel: %SE-SYS-3-900000: Buffer I/O error on device sdd, logical block 582
Apr 28 21:04:54 U11-CDE220-2 smartd[7396]: %SE-UNKNOWN-6-899999: Device: /dev/sdd, SMART Prefailure Attribute: 1 Raw_Read_Error_Rate changed from 75 to 73
Apr 28 21:04:54 U11-CDE220-2 smartd[7396]: %SE-UNKNOWN-6-899999: Device: /dev/sdd, SMART Usage Attribute: 187 Reported_Uncorrect changed from 99 to 97
Apr 28 21:04:54 U11-CDE220-2 smartd[7396]: %SE-UNKNOWN-2-899999: Device: /dev/sdd, ATA error count increased from 1 to 3
Specifying the Disk Error-Handling Threshold
You can configure a disk error-handling threshold to determine how many disk errors or bad sectors can be detected before the disk drive is automatically marked as bad.
The disk error-handling threshold bad-sectors command determines how many bad sectors can be detected before the disk drive is automatically marked as bad. By default, this threshold is set to 15. To change the default threshold, use the disk error-handling threshold bad-sectors command. Specify 0 if you never want the disk drive to be marked as bad.
If the bad disk drive is a critical disk drive, and the automatic reload feature (disk error-handling reload command) is enabled, then the Internet Streamer CDS software marks the disk drive as bad and the SE is automatically reloaded. After the SE is reloaded, a syslog message and an SNMP trap are generated.
The disk error-handling threshold errors command determines how many disk errors can be detected before the disk drive is automatically marked as bad. By default, this threshold is set to 500. To change the default threshold, use the disk error-handling threshold errors command. Specify 0 if you never want the disk drive to be marked as bad.
By default, the automatic reload feature is disabled on an SE. To enable the automatic reload feature, use the disk error-handling reload command. After enabling the automatic reload feature, use the no disk error-handling reload command to disable it.
Examples
The following example shows that five disk drive errors for a particular disk drive (for example, disk00) are allowed before the disk drive is automatically marked as bad:
ServiceEngine(config)#disk error-handling threshold errors 5Related Commands
distribution
To reschedule and refresh content redistribution for a specified delivery service ID or name, use the distribution command in EXEC configuration mode.
distribution {failover {delivery-service-id delivery_service_num | delivery-service-name delivery_service_name} [force] | fallback {delivery-service-id delivery_service_num | delivery-service-name delivery_service_name} | multicast {resend {all [on-demand-only]| delivery-service-id delivery_service_num [object url | on-demand-only]| delivery-service-name delivery_service_name [object url | on-demand-only] | send-nack-now | stop {all | delivery-service-id delivery_service_num [object url] | delivery-service-name delivery_service_name [object url]} | primary-ip-fallback {forwarder-id forwarder_num | forwarder-name forwarder_name} | refresh {meta-data delivery-service-id delivery_service_num | object object_url}}
Syntax Description
failover
Triggers the root or forwarder SE to fail over and make this SE the temporary Content Acquirer.
delivery-service-id
Specifies the delivery service ID to be used.
delivery_service_num
Delivery service number. The range is from 0 to 4294967295.
delivery-service-name
Specifies the delivery service name descriptor to be used.
name
Delivery service name.
force
(Optional) Forces a failover regardless of whether the root or forwarder SE is active.
fallback
Forces the temporary Content Acquirer to become a receiver SE.
multicast
Resends or stops multicast distribution.
resend
Resends multicast distribution delivery service.
all
Stops multicast distribution for all delivery services.
on-demand-only
(Optional) Triggers a resend only on demand of content NAK for the delivery service.
object
(Optional) Specifies the URL of object to be stopped.
url
Object URL.
send-nack-now
Generates a NACK for uncompleted objects and sends it to the multicast sender immediately.
stop
Stops multicast distribution delivery service.
primary-ip-fallback
Triggers the downstream receiver SEs to contact a forwarder using the forwarder's primary IP address. For more information, see the "distribution primary-ip-fallback Command" section.
forwarder-id
Specifies the forwarder SE ID that is contacted by the receiver SE.
forwarder_num
Forwarder SE ID.
forwarder-name
Specifies the name of the forwarder SE that is contacted by the receiver SE.
name
Forwarder SE name.
refresh
Forces the redistribution of content to be refreshed on every SE.
meta-data
Forces the redistribution of metadata to be refreshed on every SE.
delivery-service-id
Specifies the delivery service ID to be used in the distribution.
delivery_service_num
Delivery service number. The range is from 0 to 4294967295.
object
Forces the distribution of objects to be refreshed on every SE.
object_url
Specifies the object URL that needs to be refreshed on every SE.
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
Note
When the Content Acquirer fails, use the distribution failover command in EXEC configuration mode on an SE that is going to be the temporary Content Acquirer to trigger an immediate failover to the temporary Content Acquirer if you do not want to wait for the automatic failover process to occur. When you enter this command, the current SE becomes the temporary Content Acquirer if its forwarder is an inactive Content Acquirer. If the Content Acquirer has not failed, a failover to the temporary Content Acquirer does not occur if you use the distribution failover command in EXEC configuration mode. Use the distribution failover force command to force a failover even if the Content Acquirer is active.
Use the distribution fallback command on an SE that is currently the temporary Content Acquirer to cause it to become a receiver SE.
Use the distribution refresh meta-data {delivery-service-id delivery_service_num} command to request that the metadata receiver repeat a previous request for all the content metadata for the specified delivery service from its forwarder SE. This method allows you to start over if the metadata receiver fails to replicate some metadata properly. The content metadata (machine-readable information that describes the characteristics of the content) must be distributed to a receiver first before the content can be replicated. The content metadata helps to define what content to retrieve, how content is retrieved, how recently the content has been updated, how the content is to be prepositioned (for example, expiration time), and so forth. The metadata is always distributed using unicast. The content can also be replicated using unicast.
Use the distribution refresh object object_url command to reissue a request for unicast distribution of the specified object. This command lets you obtain a new copy of an object if there is a corrupted copy on the SE. After you enter this command, if the distribution is unicast, the unicast receiver reissues the request to its forwarder SE. The old content on the SE is removed and a new copy is replicated.
NACK Interval Multiplier
To identify missing content and trigger a resend of a file, receiver SEs send a negative acknowledgement (NACK) message to the sender SE. NACK messages generated by many receiver SEs could generate more traffic than the sender can handle. You can adjust the average interval between NACKs by configuring a NACK interval multiplier for an individual receiver SE. This value (an integer between 0.1 to 10) adjusts the default average NACK interval (the default is 20 minutes) by the value configured as the interval multiplier. For example, if you set the NACK interval multiplier to 3, the interval between NACKs becomes 20 minutes x 3, or 60 minutes. This adjustment can be made as needed by choosing Devices > Devices > Prepositioning > Distribution in the CDSM GUI.
distribution primary-ip-fallback Command
When downstream receiver SEs at the edge of the network try to access a forwarder SE that is inside a NAT firewall, those receiver SEs that are inside the same NAT use one IP address (called the inside local IP address) to access the forwarder, but other receiver SEs that are outside the NAT need to use a different forwarder's IP address (called the inside global IP address or NAT address) to access the forwarder. A forwarder SE registers the IP address configured on its primary interface with the CDSM, and the CDSM uses the primary IP address for communication with devices in the CDS network. If the registered primary IP address is the inside local IP address and the forwarder is behind a NAT firewall, a receiver that is not inside the same NAT as the forwarder cannot contact it without special configuration. All other receivers inside the NAT use the inside local IP address to contact the forwarder that resides inside the NAT.
Cisco Internet Streamer CDS supports NAT for unicast distribution (see the "NAT Firewall" section for more information). When the receiver SE polls its forwarder from an upstream location for the content metadata or content, the receiver first connects to the forwarder using the forwarder's primary IP address. If it fails and the NAT address of the forwarder has been configured, then the unicast receiver tries to poll the forwarder using the forwarder's NAT address. If the receiver polls the forwarder successfully using the NAT address, the receiver continues to use the forwarder's NAT address during the subsequent polling intervals with the same forwarder. The unicast receiver retries to connect to the forwarder using the forwarder's primary IP address only after one hour. Even if the unicast receiver is able to poll the forwarder using the forwarder's primary IP address, it would take one hour for the receiver to fall back to the forwarder's primary IP address automatically. You can use the distribution primary-ip-fallback command to enable the receiver that is using the NAT address of the forwarder to fall back to the primary IP address immediately, if you are certain that the forwarder's primary IP address is working.
NAT Firewall
NAT enables private IP internetworks that use nonregistered IP addresses to connect to the Internet. NAT is configured on the firewall at the border of a stub domain (referred to as the inside network) and a public network such as the Internet (referred to as the outside network). NAT translates the internal local addresses to globally unique IP addresses before sending packets to the outside network. You can configure NAT to advertise only one address for the entire network to the outside world. This configuration provides additional security, effectively hiding the entire internal network from the world behind that address. NAT has the dual functionality of security and address conservation and is typically implemented in remote access environments.
In the inside network's domain, hosts have addresses in the one address space. While on the outside, they appear to have addresses in another address space when NAT is configured. The first address space is referred to as the local address space while the second is referred to as the global address space.
Hosts in outside networks can be subject to translation and can have local and global addresses.
NAT uses the following definitions:
•
•
•
•
Multicasting Content
Use the distribution multicast command to resend or stop metadata transfer. It is important to note that content metadata must be distributed to a receiver before the content itself can be replicated via either multicast or unicast. The meta data is sent to receiver only by unicast. Content metadata specifies what content to distribute, how the content will be distributed, how the content has been updated, how the content is to be pre-positioned. A multicast receiver rejects a multicast sender's advertisement of a file if the proper content metadata has not arrived yet.
Multicast transmission happens on an SE if the following conditions are met:
•
•
•
Then, the multicast replicator on the SE multicasts out every file of that delivery service to the assigned addresses.
Related Commands
dnslookup
To resolve a host or domain name to an IP address, use the dnslookup command in EXEC configuration mode.
dnslookup line
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The dnslookup command accepts IPv6 address. If an IPv6 address is specified in the dnslookup command, the server replies to a query including the IPv6 address and the IPv6 address displays in the output of the and tcpdump and netstat commands and all logs.
Examples
The following examples show that the dnslookup command is used to resolve the hostname myhost to IP address 172.31.69.11, cisco.com to IP address 192.168.219.25, and an IP address used as a hostname to 10.0.11.0:
ServiceEngine# dnslookup myhostofficial hostname: myhost.cisco.comaddress: 172.31.69.11ServiceEngine# dnslookup cisco.comofficial hostname: cisco.comaddress: 192.168.219.25ServiceEngine# dnslookup 10.0.11.0official hostname: 10.0.11.0address: 10.0.11.0domain
To set the domain ID for the SRP, use the domain SRP configuration command. To remove a domain ID, use the no or default form of the command.
domain [id]
[no | default] domain [id]
Syntax Description
Command Default
If the no domain command is used, the domain ID is 0.
Command Modes
SRP configuration (config-srp) mode.
Usage Guidelines
This command is used to set the domain ID for an SRP. All Proximity Engines running SRP routing with the same domain ID form a single network if the nodes are found through a bootstrap node. By changing a Proximity Engine's domain, the Proximity Engine leaves its current network.
The no and default forms of the command replace current domain ID with the default domain ID, which is 0.
Examples
The following example shows how to configure a domain ID with domain.
ServiceRouter# configure terminalEnter configuration commands, one per line. End with CNTL/Z.ServiceRouter(config)# router srpServiceRouter(config-srp)# domain 100ServiceRouter(config-srp)# endServiceRouter#The following example illustrates how show srp process command displays the configured domain ID.
ServiceRouter# show srp processProcess:Domain: 100Node Id: 2a2db308fd3dc172940a7902a4db7c16c98c3a32e1b048005bce1e832b6d056fHost name: sn-sj88Port: 9000Interfaces running SRP:*GigabitEthernet 1/0, GigabitEthernet 2/0, GigabitEthernet 3/0Related Commands
bootstrap-node
Configures a bootstrap node IP address.
router srp
Enters SRP configuration mode.
show srp process
Displays the basic configurations for SRP.
enable
To access privileged commands in EXEC configuration modes, use the enable command in EXEC configuration mode.
enable
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
To access privileged EXEC configuration mode from EXEC configuration mode, use the enable command. The disable command takes you from privileged EXEC configuration mode to user EXEC configuration mode.
Examples
The following example shows how to access privileged EXEC configuration mode:
ServiceEngine> enableServiceEngine#Related Commands
disable
Turns off the privileged EXEC commands.
exit
Exits from interface, Global configuration, or privileged EXEC configuration modes.
enable password
To change the enable password, which is used if aaa authentication enable enable is configured, use the enable password command in Global configuration mode.
enable password
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
Global configuration mode.
Usage Guidelines
The enable password changes the enable password, which is used if aaa authentication enable enable is configured.
Examples
The following example shows how to access privileged EXEC configuration mode:
ServiceEngine> enable passwordServiceEngine#Related Commands
end
To exit Global configuration mode, use the end command in Global configuration mode.
end
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
Use the end command to exit Global configuration mode after completing any changes to the running configuration. To save new configurations to NVRAM, use the write command.
In addition, you can press Ctrl-Z to exit Global configuration mode.
Examples
The following example shows how to exit Global configuration mode:
ServiceEngine(config)# endServiceEngine#Related Commands
exit
Exits from interface, Global configuration, or privileged EXEC configuration modes.
exec-timeout
To configure the length of time that an inactive Telnet or Secure Shell (SSH) session remains open, use the exec-timeout command in Global configuration mode. To revert to the default value, use the no form of this command.
exec-timeout timeout
no exec-timeout
Syntax Description
Defaults
The default is 15 minutes.
Command Modes
Global configuration (config) mode.
Usage Guidelines
A Telnet or SSH session with the SE can remain open and inactive for the interval of time specified by the exec-timeout command. When the exec-timeout interval elapses, the SE automatically closes the Telnet or SSH session.
Configuring a timeout interval of 0 minutes by entering the exec-timeout 0 command is equivalent to disabling the session-timeout feature.
Examples
The following example shows how to configure a timeout of 100 minutes:
ServiceEngine(config)# exec-timeout 100The following example negates the configured timeout of 100 minutes and reverts to the default value of 15 minutes:
ServiceEngine(config)# no exec-timeoutRelated Commands
sshd
Configures the SSH service parameters.
telnet enable
Enables the Telnet services.
exit
To access commands in EXEC configuration mode shell from the global, interface, and debug configuration command shells, use the exit command.
exit
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC, Global configuration (config), and interface configuration (config-if) modes.
Usage Guidelines
Use the exit command in any configuration mode to return to EXEC configuration mode. Using this command is equivalent to pressing the Ctrl-Z key or entering the end command.
The exit command issued in the user-level EXEC shell terminates the console or Telnet session. You can also use the exit command to exit other configuration modes that are available from the Global configuration mode for managing specific features (see the commands marked with a footnote in Table 2-1).
Examples
The following example shows how to exit the Global configuration mode and return to the privileged-level EXEC configuration mode:
ServiceEngine(config)# exitServiceEngine#The following example shows how to exit the privileged-level EXEC configuration mode and return to the user-level EXEC configuration mode:
ServiceEngine# exitServiceEngine>Related Commands
expert-mode password
To set the customer configurable password, use the expert-mode password command in Global configuration mode.
expert-mode password [encrypted] password
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
This is a customer configurable password for allowing to enter engineering mode for troubleshooting purposes. The function prompts the user for the current admin password to verify that the user attempting to set the expert-mode password is authorized to do so. If the user is authenticated, the user is prompted twice to enter the new expert-mode password. The new expert-mode password is encrypted prior to being persisted.
Examples
The following example shows how to configure four external NAT IP addresses:
ServiceEngine(config)# expert-mode password encrypted xxxxNew Expert Mode Password: xxxxConfirm New Expert Mode Password: xxxxPassword successfully changedexternal-ip
To configure up to eight external Network Address Translation (NAT) IP addresses, use the external-ip command in Global configuration mode. To remove the NAT IP addresses, use the no form of this command.
external-ip ip_addresses
no external-ip ip_addresses
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
Use this command to configure up to eight Network Address Translation IP addresses to allow the router to translate up to eight internal addresses to registered unique addresses and translate external registered addresses to addresses that are unique to the private network. If the IP address of the RTSP gateway has not been configured on the SE, then the external IP address is configured as the IP address of the RTSP gateway.
In an CDS network, there are two methods for a device registered with the CDSM (SEs, SRs, or the standby CDSM) to obtain configuration information from the primary CDSM. The primary method is for the device to periodically poll the primary CDSM on port 443 to request a configuration update. You cannot configure this port number. The backup method is when the CDSM pushes configuration updates to a registered device as soon as possible by issuing a notification to the registered device on port 443. This method allows changes to take effect in a timelier manner. You cannot configure this port number even when the backup method is being used. CDS networks do not work reliably if devices registered with the CDSM are unable to poll the CDSM for configuration updates. When a receiver SE requests the content and content metadata from a forwarder SE, it contacts the forwarder SE on port 443.
When a device (SEs at the edge of the network, SRs, and primary or standby CDSMs) is inside a NAT firewall, those devices that are inside the same NAT use one IP address (the inside local IP address) to access the device and those devices that are outside the NAT use a different IP address (the NAT IP address or inside global IP address) to access the device. A centrally managed device advertises only its inside local IP address to the CDSM. All other devices inside the NAT use the inside local IP address to contact the centrally managed device that resides inside the NAT. A device that is not inside the same NAT as the centrally managed device cannot contact it without a special configuration.
If the primary CDSM is inside a NAT, you can allow a device outside the NAT to poll it for getUpdate requests by configuring a static translation (NAT IP address or inside global IP address) for the CDSM's inside local IP address on its NAT, and using this address, rather than the CDSM's inside local IP address in the cdsm ip ip_address command when you register the device to the CDSM. If an SE or SR is inside a NAT and the CDSM is outside the NAT, you can allow the SE or SR to poll for getUpdate requests by configuring a static translation (NAT IP address or inside global IP address) for the SE or SR's inside local address on its NAT.
Note
Examples
The following example shows how to configure four external NAT IP addresses:
ServiceEngine(config)# external-ip 192.168.43.1 192.168.43.2 192.168.43.3 192.168.43.4find-pattern
To search for a particular pattern in a file, use the find-pattern command in EXEC configuration mode.
find-pattern {binary filename | case {binary filename | count filename | lineno filename | match filename | nomatch filename | recursive filename} | count filename | lineno filename | match filename | nomatch filename | recursive filename}
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
Use this command to search for a particular regular expression pattern in a file.
Examples
The following example shows how to search a file recursively for a case-sensitive pattern:
ServiceEngine# find-pattern case recursive admin removed_core-rw------- 1 admin root 95600640 Oct 12 10:27 /local/local1/core_dir/core.2.2.1.b5.eh.2796-rw------- 1 admin root 97054720 Jan 11 11:31 /local/local1/core_dir/core.cache.5.3.0.b131.cnbuild.14086-rw------- 1 admin root 96845824 Jan 11 11:32 /local/local1/core_dir/core.cache.5.3.0.b131.cnbuild.14823-rw------- 1 admin root 101580800 Jan 11 12:01 /local/local1/core_dir/core.cache.5.3.0.b131.cnbuild.15134-rw------- 1 admin root 96759808 Jan 11 12:59 /local/local1/core_dir/core.cache.5.3.0.b131.cnbuild.20016-rw------- 1 admin root 97124352 Jan 11 13:26 /local/local1/core_dir/core.cache.5.3.0.b131.cnbuild.30249-rw------- 1 admin root 98328576 Jan 11 11:27 /local/local1/core_dir/core.cache.5.3.0.b131.cnbuild.8095The following example searches a file for a pattern and prints the matching lines:
ServiceEngine# find-pattern match 10 removed_coreTue Oct 12 10:30:03 UTC 2004-rw------- 1 admin root 95600640 Oct 12 10:27 /local/local1/core_dir/core.5.2.1.b5.eh.2796-rw------- 1 admin root 101580800 Jan 11 12:01 /local/local1/core_dir/core.cache.5.3.0.b131.cnbuild.15134The following example searches a file for a pattern and prints the number of matching lines:
ServiceEngine# find-pattern count 10 removed_core3Related Commands
cd
Changes the directory.
dir
Displays the list of files in a directory.
lls
Displays the files in a long list format.
ls
Lists the files and subdirectories in a directory.
flash-media-streaming
To enable and configure Flash Media Streaming, use the flash-media-streaming command in Global configuration mode. To disable Flash Media Streaming, use the no form of this command.
On the SE:
flash-media-streaming {admin-api [ip {allow ip_address}] | application-virtual-path vod map mapping string | enable | ignore-query-string enable | max-bandwidth number | max-sessions number | monitoring enable}}
no flash-media-streaming {admin-api [ip {allow ip address}] | application-virtual-path vod map mapping_string | enable | ignore-query-string enable | max-bandwidth number | max-sessions number | monitoring enable}}
On the SR:
flash-media-streaming {application-virtual-path vod map mapping string | enable | monitoring enable}
no flash-media-streaming {application-virtual-path vod map mapping string | enable | monitoring enable}
Syntax Description
Defaults
The ignore- query-string is disabled.
Command Modes
Global configuration (config) mode.
Usage Guidelines
Flash Media Streaming needs an application name (vod, live or dvrcast) as part of a client's request. In the case of a VOD application, the origin server should have a first level directory of vod for dynamic ingestion. For example, in a Flash Media Streaming VOD cache miss case, the request from the client should be rtmp://cdnsecure.bbc.co.uk/vod/iplayerstreaming/secure_auth/scifi.flv, and the origin server should have http://cdnsecure.bbc.co.uk/vod/iplayerstreaming/secure_auth/scifi.flv. However, this restricts customer deployments when vod is the only folder name they can use. Therefore, an application-virtual-path vod command is available so customers can map to whichever folder they want on the origin server.
For VOD streams, all RTMP calls in the SWF file must be in the following format:
rtmp://rfqdn/vod/path/foo.flvIn this format, rfqdn is the routing domain name of the Service Router, vod is the required directory, and path is the directory path to the content file that conforms to the standard URL specification.
If you are unable to store the VOD content in the required "vod" directory on your origin server, you can create a VOD virtual path for all RTMP requests. All client requests for RTMPcalls still use the rtmp://rfqdn/vod/path/foo.flv format for VOD streams, but the SE replaces the "vod" directory with the string specified in the flash-media-streaming application-virtual-path vod map command.
Use the flash-media-streaming application-virtual-path vod map <mapping_string> command on each SE participating in a Flash Media Streaming delivery service. The mapping string variable accepts all alpha-numeric characters and the slash (/) character, and can be from 1 to 128 characters. For example, to map the "vod" directory to "media" for the go-tv-stream.com origin server, use the flash-media-streaming application-virtual-path vod map media command. If comedy.flv is the content being requested, the RTMP call in the SWF file would be rtmp://go-tv-stream.com/vod/ comedy.flv. The SE would replace the "vod" directory and request http://go-tv-stream.com/media/ comedy.flv from the upstream SE or origin server. If just the slash (/) character is used to replace the "vod" directory, the SE request would be http://go-tv-stream.com/comedy.flv.
Editing a Wholesale LicenseThe wholesale license feature has four operations from the CLI—adding and removing licenses and enabling and disabling alerts. Users read license details from the documentation and add them to the CLI and CDSM. If a user enters a license incorrectly, the only way to edit it is to delete the license and add the it again.
Ignore Query String
Previously, if an RTMP request had a query string in the URL for VOD, the Web Engine could decide whether or not to cache the content based on the Web Engine configuration. However, if the query string in the RTMP URL included the end user and not the stream name, every request would have a different URL because every user has a different query string. This leads to the same content getting cached multiple times.
The flash-media-streaming ignore-query-string enable command tells Flash Media Streaming to remove the query string before forwarding the request to the Web Engine in the case of VOD, or before forwarding the request to the forwarder SE in the case of live streaming.
If URL signature verification is required, the sign verification is performed before the query string check is invoked. The URL signing and validation, which adds its own query string to the URL, continues to work independently of this enhancement.
When the flash-media-streaming ignore-query-string enable command is entered, for every request in which the query string has been ignored, a message is written to the FMS error log, and the Query String Bypassed counter is incremented in the output of the show statistics flash-media-streaming command. The FMS access log on the edge SE contains the original URL before the query string was removed.
The flash-media-streaming ignore-query-string enable command affects every VOD and live streaming request and is not applicable to proxy-style requests.
Examples
The following example shows how to map a vod folder:
ServiceEngine(config)# flash-media-streaming application-virtual-path vod map mediaThis means mapping vod folder to media. When client request cache-miss case: rtmp://Tem4.se.cdsfms.com/vod/foo.flv is mapped to rtmp://Temp4.se.cdsfms.com/media/foo.flv
ServiceEngine(config)# flash-media-streaming application-virtual-path vod map /This means mapping vod folder to /.
When client request cache-miss case: rtmp://Tem4.se.cdsfms.com/vod/abc/foo.flv is mapped to rtmp://Temp4.se.cdsfms.com/abc/foo.flv
When client request cache-miss case: rtmp://Tem4.se.cdsfms.com/vod/bar/foo.flv is mapped to rtmp://Temp4.se.cdsfms.com/bar/foo.flv.
Related Commands
show flash-media-streaming
Displays the Flash Media Streaming information.
show statistics flash-media-streaming
Displays the statistics for Flash Media Streaming.
flooding
To set the flooding threshold for SRP multicast, use the flooding threshold SRP configuration command. To restore the default flooding threshold, use the no or default form of the command.
flooding threshold value
[no | default] flooding threshold value
Syntax Description
Command Default
If no flooding command is issued, the default threshold is 50.
Command Modes
SRP configuration (config-srp) mode.
Usage Guidelines
This command is used to set the flooding threshold for SRP multicasting.
SRP protocol uses flooding to send multicast messages for a multicast group if the number of subscribers of the group is equal or more than the value specified in flooding. An effective threshold value may improve protocol message overhead. The threshold value depends on the number of nodes in your DHT network. In general, the threshold value should be greater than half and smaller than 3/4 of the total number of DHT nodes in the network.
The no or default forms of the command replace the current flooding threshold value with the default flooding threshold value (50).
Examples
The following example shows how use the flooding command to set a flooding threshold value of 45.
ServiceRouter(config)# router srpServiceRouter(config-srp)# flooding threshold 45ServiceRouter(config-srp)# endServiceRouter#Related Commands
geo-location-server
To redirect requests to different Content Delivery Networks based on the geographic location of the client, use the geo-location-server command in Global configuration mode. To cancel the request, use the no form of this command.
geo-location-server { primary ip addr port num [ service-name name ] [ retry num ] [ timeout num ] | secondary ip addr port num [ service-name name ] [ retry num ] [ timeout num ] } | server-type { maxmind-restful-hosted [ http | https ] service name | license-key key| quova-restful-gds | quova-restful-hosted [ http [ api-key key | shared-secret secret ] ] }}
no geo-location-server { primary ip addr port num [ service-name name ] [ retry num ] [ timeout num ] | secondary ip addr port num [ service-name name ] [ retry num ] [ timeout num ] } | server-type { maxmind-restful-hosted [ http | https ] service name | license-key key| quova-restful-gds | quova-restful-hosted [ http [ api-key key | shared-secret secret ] ] }}
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
Use the geo-location-server command to redirect requests to different CDNs based on the geographic location of the client. You can configure requests from different countries to be redirected to different third party services.
Note
Examples
The following example shows how to configure a primary geo-location-server:
ServiceRouter# geo-location-server primary 171.71.51.140 7000Related Commands
gulp
To capture lossless gigabit packets and write them to disk, use the gulp command in EXEC configuration mode.
gulp line
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The gulp utility captures lossless gigabit packets and writes them to disk, as well as captures packets remotely. The gulp utility has the ability to read directly from the network.
To view the list of options, enter gulp --h.
ServiceEngine# gulp --helpUsage: /ruby/bin/gulp [--help | options]--help prints this usage summarysupported options include:-d decapsulate Cisco ERSPAN GRE packets (sets -f value)-f "..." specify a pcap filter - see manpage and -d-i eth#|- specify ethernet capture interface or '-' for stdin-s # specify packet capture "snapshot" length limit-r # specify ring buffer size in megabytes (1-1024)-c just buffer stdin to stdout (works with arbitrary data)-x request exclusive lock (to be the only instance running)-X run even when locking would forbid it-v print program version and exit-Vx...x display packet loss and buffer use - see manpage-p # specify full/empty polling interval in microseconds-q suppress buffer full warnings-z # specify write blocksize (power of 2, default 65536) for long-term capture-o dir redirect pcap output to a collection of files in dir-C # limit each pcap file in -o dir to # times the (-r #) size-W # overwrite pcap files in -o dir rather than start #+1-B check if select(2) would ever have blocked on write-Y avoid writes which would blockTable 2-6 lists the gulp options and provides a description of each.
Examples
The following example shows how to get a basic capture on eth1 with a pcap filter:
ServiceEngine# gulp -i eth1 -f "..." > pcapfileThe ellipsis (...) refers to the Berkeley Packet Filter (pcap) expressions, such as "host foo."
The following example shows how to get a capture of the 10 most recent files of a 200 MB ring buffer to 1000 MB files:
ServiceEngine# gulp -i eth1 -r 200 -C 10 -W 10 -o pcapdirRelated Commands
help
To obtain online help for the command-line interface, use the help command in EXEC and Global configuration modes.
help
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC configuration and Global configuration (config) modes.
Usage Guidelines
You can get help at any point in a command by entering a question mark (?). If nothing matches, the help list is empty, and you must back up until entering a ? shows the available options.
Two styles of help are provided:
•
•
Examples
The following example shows the output of the help command in EXEC configuration mode:
ServiceEngine# helpHelp may be requested at any point in a command by entering a question mark '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options.Two styles of help are provided:1. Full help is available when you are ready to enter a command argument (e.g. 'show ?') and describes each possible argument.2. Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input (e.g. 'show stat?'.)hostname
To configure the device's network hostname, use the hostname command in Global configuration mode. To reset the hostname to the default setting, use the no form of this command.
hostname name
no hostname
Syntax Description
name
New hostname for the device; the name is case sensitive. The name may be from 1 to 30 alphanumeric characters.
Defaults
The default hostname is the SE model number.
Command Modes
Global configuration (config) mode.
Usage Guidelines
Use this command to configure the hostname for the SE. The hostname is used for the command prompts and default configuration filenames. This name is also used by content routing and conforms to the following rules:
•
•
•
Examples
The following example changes the hostname to Sandbox:
ServiceEngine(config)# hostname SandboxSandbox(config)#The following example removes the hostname:
ServiceEngine(config)# no hostnameNO-HOSTNAME(config)#Related Commands
dnslookup
Resolves a host or domain name to an IP address.
ip
Configures the IP.
show hosts
Displays the IP domain name, name servers, IP addresses, and host table.
install
To install the Internet Streamer CDS software image, use the install command in EXEC configuration mode.
install imagefile_name
Syntax Description
Defaults
None
Command Modes
EXEC configuration mode.
Usage Guidelines
The install command loads the system image into flash memory and the disk.
To install a system image, copy the image file to the sysfs directory local1 or local2. Before entering the install command, change the present working directory to the directory where the system image resides. When the install command is executed, the image file is expanded. The expanded files overwrite the existing files in the SE. The newly installed version takes effect after the system image is reloaded.
Note
Examples
The following example shows how to install a .bin file on the SE:
ServiceEngine# install CDS-2.2.1.7-K9.binRelated Commands
interface
To configure a Gigabit Ethernet or port channel interface, use the interface command in Global configuration mode. To disable selected options, restore default values, or enable a shutdown interface, use the no form of this command.
interface {GigabitEthernet slot/port_num [autosense | bandwidth {10 | 100 | 1000} | channel-group group_interface | description line | full-duplex | half-duplex | ip {access-group {access_list_num {in | out} | name} | address {ip_address_netmask | range low_num high_num netmask} | ipv6 {access-group {access_list_num {in | out}| access_list_name {in | out}} | address {range low_num high_num netmask {prefix | subnet_mask} | ip_addr/mask} | mtu mtu_size | shutdown | standby num [priority num] | tx-queue-limit queue_length] | PortChannel num [autosense | bandwidth {10 | 100 | 1000} | description line | full-duplex | half-duplex | ip line | ipv6 line | lacp | shutdown | standby num [priority num] | Standby group_number [description line | errors error_num | ip address {ip_address_netmask | range low_num high_num netmask}| ipv6 address {range low_num high_num netmask {prefix | subnet_mask} | ip_addr/mask} | shutdown] | TenGigabitEthernet slot/port_num [autosense | bandwidth {10 | 100 | 1000} channel-group group_interface | description line | full-duplex | half-duplex | ip {access-group {access_list_num {in | out} | name} | address {ip_address_netmask | range low_num high_num netmask} | ipv6 {acccess-group {access_list_num {in | out}| access_list_name {in | out}} | address {range low_num high_num netmask {prefix | subnet_mask} | ip_addr/mask} | mtu mtu_size | shutdown | standby num [priority num] | tx-queue-limit queue_length]
no interface {GigabitEthernet slot/port_num [autosense | bandwidth {10 | 100 | 1000} | channel-group group_interface | description line | full-duplex | half-duplex | ip {access-group {access_list_num {in | out} | name} | address {ip_address_netmask | range low_num high_num netmask} | ipv6 {access-group {access_list_num {in | out}| access_list_name {in | out}} | address {range low_num high_num netmask {prefix | subnet_mask} | ip_addr/mask} | mtu mtu_size | shutdown | standby num [priority num] | tx-queue-limit queue_length] | PortChannel num [autosense | bandwidth {10 | 100 | 1000} | description line | full-duplex | half-duplex | ip line | ipv6 line | lacp | shutdown | standby num [priority num] | Standby group_number [description line | errors error_num | ip address {ip_address_netmask | range low_num high_num netmask}| ipv6 address {range low_num high_num netmask {prefix | subnet_mask} | ip_addr/mask} | shutdown] | TenGigabitEthernet slot/port_num [autosense | bandwidth {10 | 100 | 1000} channel-group group_interface | description line | full-duplex | half-duplex | ip {access-group {access_list_num {in | out} | name} | address {ip_address_netmask | range low_num high_num netmask} | ipv6 {acccess-group {access_list_num {in | out}| access_list_name {in | out}} | address {range low_num high_num netmask {prefix | subnet_mask} | ip_addr/mask} | mtu mtu_size | shutdown | standby num [priority num] | tx-queue-limit queue_length]
Syntax Description
Defaults
Standby priority: 100.
Command Modes
Global configuration (config) mode.
Usage Guidelines
String to Be Set as Cookie Port Channel (EtherChannel) Interface
EtherChannel for Cisco Internet Streamer CDS supports the grouping of up to four same- network interfaces into one virtual interface. This grouping allows the setting or removing of a virtual interface that consists of two Gigabit Ethernet interfaces. EtherChannel also provides interoperability with Cisco routers, switches, and other networking devices or hosts supporting EtherChannel, load balancing, and automatic failure detection and recovery based on current link status of each interface.
You can use the Gigabit Ethernet ports to form an EtherChannel. A physical interface can be added to an EtherChannel subject to the device configuration.
Configuring Multiple IP Addresses
The Multiple Logical IP Addresses feature supports up to 24 unique IP addresses within the same subnet for the same interface.
When you configure multiple IP addresses on an SE using either the range option or using individual commands, the show running-config output displays all the IP addresses individually. The netmask value is unique for each interface, so under a single interface you cannot have multiple IP addresses with different netmask values.
Configuring IPv6
When configuring an IPv6 address on the interface, if <ipv6addr> is specified, it must be in the form of hexadecimal using16-bit values between colons (X:X:X:X::X). Optionally, a double colon may be used when consecutive 16-bit values are denoted as zero.
To configure the IPv6 access list on an interface, first configure the Access List using the access-list enable command; <in | out> means apply for inbound or outbound packets.
interface {<GigabitEthernet | Portchannel | Standby | TenGigabitEthernet>} ipv6 access-group <access_ list_number | access_list_name> <in | out>Examples
The following example shows how to create an EtherChannel. The port channel is port channel 2 and is assigned an IP address of 10.10.10.10 and a netmask of 255.0.0.0:
ServiceEngine#configureServiceEngine(config)#interface PortChannel 2ServiceEngine(config-if)#exitThe following example how to remove an EtherChannel:
ServiceEngine(config)#interface PortChannel 2ServiceEngine(config-if)#exitServiceEngine(config)#no interface PortChannel 2The following example shows a sample output of the show running-config command in EXEC configuration mode:
ServiceEngine#show running-config...interface GigabitEthernet 0/0description This is an interface to the WANip address 192.168.1.200 255.255.255.0bandwidth 100exit..The following example shows the sample output of the show interface command:
ServiceEngine#show interface GigabitEthernet 1/0Description: This is the interface to the labtype: EthernetThe following example shows how to create standby groups on SEs:
ServiceEngine(config)# interface GigabitEthernet 1/0 standby 2 priority 300ServiceEngine(config)# interface GigabitEthernet 2/0 standby 2 priority 200ServiceEngine(config)# interface GigabitEthernet 3/0 standby 2 priority 100ServiceEngine(config)# interface standby 2 errors 10000The following example shows how to configure multiple IP addresses using a range command:
ServiceEngine(config)#interface PortChannel 2ServiceEngine(config-if)# ip address range 2.2.2.3 2.2.2.6 255.255.255.0The following example shows a sample output of the show running-config command in EXEC configuration mode after configuring multiple IP addresses:
ServiceEngine#show running-config.interface PortChannel 4ip address 2.2.2.3 255.255.255.0ip address 2.2.2.4 255.255.255.0ip address 2.2.2.5 255.255.255.0ip address 2.2.2.6 255.255.255.0exitRelated Commands
ip (Global configuration)
To change initial network device configuration settings, use the ip command in Global configuration mode. To delete or disable these settings, use the no form of this command.ip {access-list (see "ip access-list" section) | default-gateway ip_address [gateway_ip_addr] | domain-name name1 name2 name3 | name-server ip_addresses | path-mtu-discovery enable | route dest_IP_addr dest_netmask default_gateway [interface source_IP_addr]}
no ip {access-list | default-gateway ip_address [gateway_ip_addr] | domain-name name1 name2 name3 | name-server ip_addresses | path-mtu-discovery enable | route dest_IP_addr dest_netmask default_gateway [interface source_IP_addr]}
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
To define a default gateway, use the ip default-gateway command. Only one default gateway can be configured. To remove the IP default gateway, use the no form of this command. The SE uses the default gateway to route IP packets when there is no specific route found to the destination.
To define a default domain name, use the ip domain-name command. To remove the IP default domain name, use the no form of this command. Up to three domain names can be entered. If a request arrives without a domain name appended in its hostname, the proxy tries to resolve the hostname by appending name1, name2, and name3 in that order until one of these names succeeds.
The SE appends the configured domain name to any IP hostname that does not contain a domain name. The appended name is resolved by the DNS server and then added to the host table. The SE must have at least one domain name server specified for hostname resolution to work correctly.
To specify the address of one or more name servers to use for name and address resolution, use the ip name-server ip_addresses command. To disable IP name servers, use the no form of this command. For proper resolution of the hostname to the IP address or the IP address to the hostname, the SE uses DNS servers. Use the ip name-server command to point the SE to a specific DNS server. You can configure up to eight servers.
Path MTU autodiscovery discovers the MTU and automatically sets the correct value. Use the ip path-mtu-discovery enable command to start this autodiscovery utility. By default, this feature is enabled. When this feature is disabled, the sending device uses a packet size that is smaller than 576 bytes and the next hop MTU. Existing connections are not affected when this feature is turned on or off.
The Cisco Internet Streamer CDS software supports IP Path MTU Discovery, as defined in RFC 1191. When enabled, Path MTU Discovery discovers the largest IP packet size allowable between the various links along the forwarding path and automatically sets the correct value for the packet size. By using the largest MTU that the links bear, the sending device can minimize the number of packets that it must send.
Note
IP Path MTU Discovery is started by the sending device. If a server does not support IP Path MTU Discovery, the receiving device has no mechanism available to avoid fragmenting datagrams generated by the server.
Use the ip route command to add a specific static route for a network or host. Any IP packet designated for the specified destination uses the configured route.
To configure static IP routing, use the ip route command. To remove the route, use the no form of this command. Do not use the ip route 0.0.0.0 0.0.0.0 command to configure the default gateway; use the ip default-gateway command instead.
Source Policy Routes
To configure source policy routing, use the ip route command with the interface option. By using source policy routing, the reply packet to a client leaves the SE on the same interface where the request came in. Source policy routing tables are automatically instantiated based on the interface subnets defined on the system. The policy routes are added automatically to the policy routing tables based on the nexthop gateway of the routes in the main routing table.
When configuring multiple IP address you must configure a default gateway in the same subnet. You can configure multiple gateways (up to 14) .
The CDE220-2S3i supports multiple IP addresses, which includes specifying the default gateway and IP routes. The IP routes, source policy routes, were added to ensure incoming traffic would go out the same interface it came in on. An IP route was added using the interface keyword and has the following syntax:
ip route <dest_IP_addr> <dest_netmask> <default_gateway> interface <source_IP_addr>
In the following example, all destination traffic (IP address of 0.0.0.0 and netmask of 0.0.0.0) sent from the source interface, 8.1.0.2, uses the default gateway, 8.1.0.1. This is a default policy route.
ip route 0.0.0.0 0.0.0.0 8.1.0.1 interface 8.1.0.2
A non-default policy route defines a specific destination (IP address and netmask). The following ip route command is an example of a non-default policy route:
ip route 10.1.1.0 255.255.255.0 <gateway> interface <source_IP_addr>
When upgrading to Cisco Internet Streamer CDS Release 2.5.9 software, any source policy routes configured using the Cisco Internet Streamer CDS Release 2.5.7 software interface keyword are rejected and are not displayed when the show running-config command is used. However, because you had to define the default gateway for all the interfaces as part of the multi-port support feature, the equivalent source policy route is automatically generated in the routing table. The following example shows the output for the show ip route command after upgrading to Cisco Internet Streamer CDS Release 2.5.9 software with the default source policy routes highlighted in bold and the non-default policy routes highlighted in italics:
ServiceEngine# show ip routeDestination Gateway Netmask---------------- ---------------- ----------------172.22.28.0 8.1.0.1 255.255.255.1286.21.1.0 0.0.0.0 255.255.255.08.2.1.0 0.0.0.0 255.255.255.08.2.2.0 0.0.0.0 255.255.255.0171.70.77.0 8.1.0.1 255.255.255.08.1.0.0 0.0.0.0 255.255.0.00.0.0.0 8.1.0.1 0.0.0.00.0.0.0 8.2.1.1 0.0.0.00.0.0.0 8.2.2.1 0.0.0.0Source policy routing table for interface 8.1.0.0/16172.22.28.0 8.1.0.1 255.255.255.128171.70.77.0 8.1.0.1 255.255.255.08.1.0.0 0.0.0.0 255.255.0.00.0.0.0 8.1.0.1 0.0.0.0Source policy routing table for interface 8.2.1.0/248.2.1.0 0.0.0.0 255.255.255.00.0.0.0 8.2.1.1 0.0.0.0Source policy routing table for interface 8.2.2.0/248.2.2.0 0.0.0.0 255.255.255.00.0.0.0 8.2.2.1 0.0.0.0If you have a default source policy route where the gateway is not defined as a default gateway, then you must add it after upgrading to Cisco Internet Streamer CDS Release 2.5.9 software. For example, if you had a source policy route with a gateway of 6.23.1.1 for a source interface of 6.23.1.12, and you did not specify the gateway as one of the default gateways, you would need to add it.
If you have a non-default source policy route, then you must add it as a regular static route (without the obsoleted interface keyword) after upgrading to Cisco Internet Streamer CDS Release 2.5.9 software. This route is then added to the main routing table as well as the policy routing table.
Differentiated Services
The differentiated services (DiffServ) architecture is based on a simple model where traffic entering a network is classified and possibly conditioned at the boundaries of the network. The class of traffic is then identified with a differentiated services (DS) code point or bit marking in the IP header. Within the core of the network, packets are forwarded according to the per-hop behavior associated with the DS code point.
DiffServ describes a set of end-to-end QoS (Quality of Service) capabilities. End-to-end QoS is the ability of the network to deliver service required by specific network traffic from one end of the network to another. QoS in the Internet Streamer CDS software supports differentiated services.
With differentiated services, the network tries to deliver a particular kind of service based on the QoS specified by each packet. The network uses the QoS specification to classify, mark, shape, and police traffic, and to perform intelligent queueing.
Differentiated services is used for several mission-critical applications and for providing end-to-end QoS. Typically, differentiated services is appropriate for aggregate flows because it performs a relatively coarse level of traffic classification.
DS Field Definition
A replacement header field, called the DS field, is defined by differentiated services. The DS field supersedes the existing definitions of the IPv4 ToS octet (RFC 791) and the IPv6 traffic class octet. A currently unused (CU) 2-bit field is reserved for explicit congestion notification (ECN). The value of the CU bits is ignored by DS-compliant interfaces when determining the PHB to apply to a received packet.
Per-Hop Behaviors
RFC 2475 defines PHB as the externally observable forwarding behavior applied at a DiffServ-compliant node to a DiffServ Behavior Aggregate (BA).
A PHB refers to the packet scheduling, queueing, policing, or shaping behavior of a node on any given packet belonging to a BA, as configured by a service level agreement (SLA) or a policy map.
There are four available standard PHBs:
•
•
•
•
The following sections describe the PHBs.
Assured Forwarding PHB
Assured Forwarding PHB is nearly equivalent to Controlled Load Service, which is available in the integrated services model. AFny PHB defines a method by which BAs can be given different forwarding assurances.
For example, network traffic can be divided into the following classes:
•
•
•
The AFny PHB defines four AF classes: AF1, AF2, AF3, and AF4. Each class is assigned a specific amount of buffer space and interface bandwidth according to the SLA with the service provider or policy map.
Within each AF class, you can specify three drop precedence (dP) values: 1, 2, and 3. Assured Forwarding PHB can be expressed as shown in the following example: AFny. In this example, n represents the AF class number (1, 2, or 3) and y represents the dP value (1, 2, or 3) within the AFn class.
In instances of network traffic congestion, if packets in a particular AF class (for example, AF1) need to be dropped, packets in the AF1 class are dropped according to the following guideline:
dP(AFny) >= dP(AFnz) >= dP(AFnx)
where dP (AFny) is the probability that packets of the AFny class are dropped and y denotes the dP within an AFn class.
In the following example, packets in the AF13 class are dropped before packets in the AF12 class, which in turn are dropped before packets in the AF11 class:
dP(AF13) >= dP (AF12) >= dP(AF11)
The dP method penalizes traffic flows within a particular BA that exceed the assigned bandwidth. Packets on these offending flows could be re-marked by a policer to a higher drop precedence.
Expedited Forwarding PHB
Resource Reservation Protocol (RSVP), a component of the integrated services model, provides a guaranteed bandwidth service. Applications, such as Voice over IP (VoIP), video, and online trading programs, require this type of service. The EF PHB, a key ingredient of DiffServ, supplies this kind of service by providing low loss, low latency, low jitter, and assured bandwidth service.
You can implement EF by using priority queueing (PQ) and rate limiting on the class (or BA). When implemented in a DiffServ network, EF PHB provides a virtual leased line or premium service. For optimal efficiency, however, you should reserve EF PHB for only the most critical applications because, in instances of traffic congestion, it is not feasible to treat all or most traffic as high priority.
EF PHB is suited for applications such as VoIP that require low bandwidth, guaranteed bandwidth, low delay, and low jitter.
IP Precedence for ToS
IP precedence allows you to specify the class of service (CoS) for a packet. You use the three precedence bits in the IPv4 header's type of service (ToS) field for this purpose.
Using the ToS bits, you can define up to six classes of service. Other features configured throughout the network can then use these bits to determine how to treat the packet. These other QoS features can assign appropriate traffic-handling policies including congestion management strategy and bandwidth allocation. For example, although IP precedence is not a queueing method, queueing methods such as weighted fair queueing (WFQ) and Weighted Random Early Detection (WRED) can use the IP precedence setting of the packet to prioritize traffic.
By setting precedence levels on incoming traffic and using them with the Internet Streamer CDS software QoS queueing features, you can create differentiated service. You can use features, such as policy-based routing (PBR) and Committed Access Rate (CAR), to set the precedence based on an extended access list classification. For example, you can assign the precedence based on the application or user or by destination and source subnetwork.
So that each subsequent network element can provide service based on the determined policy, IP precedence is usually deployed as close to the edge of the network or the administrative domain as possible. IP precedence is an edge function that allows core or backbone QoS features, such as WRED, to forward traffic based on CoS. You can also set IP precedence in the host or network client, but this setting can be overridden by the service provisioning policy of the domain within the network.
The following QoS features can use the IP precedence field to determine how traffic is treated:
•
•
•
How the IP Precedence Bits Are Used to Classify Packets
You use the three IP precedence bits in the ToS field of the IP header to specify a CoS assignment for each packet. You can partition traffic into up to six classes—the remaining two classes are reserved for internal network use—and then use policy maps and extended ACLs to define network policies in terms of congestion handling and bandwidth allocation for each class.
Each precedence corresponds to a name. These names, which continue to evolve, are defined in RFC 791. The numbers and their corresponding names, are listed from least to most important.
IP precedence allows you to define your own classification mechanism. For example, you might want to assign the precedence based on an application or an access router. IP precedence bit settings 96 and 112 are reserved for network control information, such as routing updates.
The IP precedence field occupies the three most significant bits of the ToS byte. Only the three IP precedence bits reflect the priority or importance of the packet, not the full value of the ToS byte.
Examples
The following example shows how to configure a default gateway for the SE:
ServiceEngine(config)# ip default-gateway 192.168.7.18The following example disables the default gateway:
ServiceEngine(config)# no ip default-gatewayThe following example shows how to configure a static IP route for the SE:
ServiceEngine(config)# ip route 172.16.227.128 255.255.255.0 172.16.227.250The following example negates the static IP route:
ServiceEngine(config)# no ip route 172.16.227.128 255.255.255.0 172.16.227.250The following example shows how to configure a default domain name for the SE:
ServiceEngine(config)# ip domain-name cisco.comThe following example negates the default domain name:
ServiceEngine(config)# no ip domain-nameThe following example shows how to configure a name server for the SE:
ServiceEngine(config)# ip name-server 10.11.12.13The following example disables the name server:
ServiceEngine(config)# no ip name-server 10.11.12.13The following example shows how to configure source policy routing for the SE interface assigned with the IP address 192.168.1.5:
ServiceEngine(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1 interface 192.168.1.5Related Commands
ip (Interface configuration)
Configures the interface Internet Protocol.
show ip routes
Displays the IP routing table.
ip (Interface configuration)
To configure the interface Internet Protocol, use the interface command in interface configuration mode. To delete or disable these settings, use the no form of this command.
ip {access-group {num {in | out} {name {in | out} | address {ip_addr netmask | range {ip_addr_low ip_addr_high netmask}}
no ip {access-group {num {in | out} {name {in | out} | address {ip_addr netmask | range {ip_addr_low ip_addr_high netmask}}
Syntax Description
Defaults
None
Command Modes
Interface configuration (config-if) mode.
Usage Guidelines
You can configure multiple IP addresses for Gigabit Ethernet, port channel and Standby interfaces in the SEs. With multiple IP support, the SEs can stream the content under a specific IP while having another stream with different source IP address under the same interface.
The ip command configures up to 24 unique IP addresses within the same subnet for the same Gigabit Ethernet, port channel and Standby interface. You can add and delete IP addresses for each interface without affecting other configured IP addresses.
Note
The ip range command adds and deletes an IP address range per interface without affecting other configured IP addresses, and it notifies the SR and CDSM on the added and deleted IP address. The IP address can only be deleted when it is already disassociated from the delivery service. If the delivery service's IP address has been updated, for example from 10.1.1.1 to 10.1.1.5, the service is not interrupted. The new stream uses the new IP address.
Examples
Configuring an IP Address Range
The following example shows how to configure an IP address in a range:
ServiceEngine(config)# interface PortChannel 1ServiceEngine(config-if)# ip address 2.2.2.2 255.255.255.0ServiceEngine(config-if)# ip address range 2.2.2.3 2.2.2.10 255.255.255.0ServiceEngine(config-if)# ip address range 2.2.2.12 2.2.2.20 255.255.255.0If the user configures an IP address range but one or more of the IP addresses in the range matched with an already configured IP address, the configuration is still accepted. For example, if interface PortChannel 1 has the following configuration:
interface PortChannel 1ip address 2.2.2.2 255.255.255.0ip address 2.2.2.3 255.255.255.0ip address 2.2.2.5 255.255.255.0ip address 2.2.2.12 255.255.255.0The following configuration is accepted and the IP address in the range (not the same subnet) is rejected:
ServiceEngine# configure terminalServiceEngine(config)# interface PortChannel 1ServiceEngine(config-if)# ip address range 2.2.2.3 2.2.2.4 255.255.255.0ServiceEngine(config-if)# endIf the interface PortChannel 1 has the following configuration:
interface PortChannel 1ip address 2.2.2.2 255.255.255.0ip address 2.2.2.5 255.255.255.0ip address 2.2.2.12 255.255.255.0And you enter the following commands:
ServiceEngine# configure terminalServiceEngine(config)# interface PortChannel 1ServiceEngine(config-if)# ip address range 2.2.3.9 2.2.3.15 255.255.255.0ServiceEngine(config-if)# endIt is an invalid IP address range and an incompatible netmask.
Configuring an IP Address
The following example shows how to configure an individual IP address:
ServiceEngine(config)# interface PortChannel 1ServiceEngine(config-if)# ip address 2.2.2.2 255.255.255.0ServiceEngine(config-if)# ip address 2.2.2.3 255.255.255.0ServiceEngine(config-if)# ip address 2.2.2.10 255.255.255.0Removing an IP Address
The following example shows how to remove an IP address range configuration:
ServiceEngine(config)# interface PortChannel 1ServiceEngine(config-if)# no ip address range 2.2.2.3 2.2.2.10 255.255.255.0The following example shows how to remove an IP address configuration:
ServiceEngine(config)# interface PortChannel 1ServiceEngine(config-if)# no ip address 2.2.2.3 255.255.255.Related Commands
ip access-list
To create and modify access lists for controlling access to interfaces or applications, use the ip access-list standard or ip access-list extended command in Global configuration modes. To remove access control lists, use the no form of this command.
ip access-list {extended {acl_name | acl_num {delete num | deny {num {ip address | any | host} | gre {ip address | any | host} | icmp {ip address | any | host} | ip {ip address | any | host} | tcp {ip address | any | host} | udp {ip address | any | host}} | insert {num {deny | permit} | list {start_line_num | end_line_num} | move {old_line_num | new_line_num} | permit {num {ip address | any | host} | gre {ip address | any | host} | icmp {ip address | any | host} | ip {ip address | any | host} | tcp {ip address | any | host} | udp {ip address | any | host}}} | {standard {acl_num | acl_name {delete num | deny {num {ip address | any | host} | gre {ip address | any | host} | icmp {ip address | any | host} | ip {ip address | any | host} | tcp {ip address | any | host} | udp {ip address | any | host}} | insert {num {deny | permit} | list {start_line_num | end_line_num} | move {old_line_num | new_line_num} | permit {ip address | any | host}}}}
no ip access-list {extended {acl_name | acl_num {delete num | deny {num {ip address | any | host} | gre {ip address | any | host} | icmp {ip address | any | host} | ip {ip address | any | host} | tcp {ip address | any | host} | udp {ip address | any | host}} | insert {num {deny | permit} | list {start_line_num | end_line_num} | move {old_line_num | new_line_num} | permit {num {ip address | any | host} | gre {ip address | any | host} | icmp {ip address | any | host} | ip {ip address | any | host} | tcp {ip address | any | host} | udp {ip address | any | host}}} | {standard {acl_num | acl_name {delete num | deny {num {ip address | any | host} | gre {ip address | any | host} | icmp {ip address | any | host} | ip {ip address | any | host} | tcp {ip address | any | host} | udp {ip address | any | host}} | insert {num {deny | permit} | list {start_line_num | end_line_num} | move {old_line_num | new_line_num} | permit {ip address | any | host}}}}
Syntax Description
Defaults
An access list drops all packets unless you configure at least one permit entry.
Command Modes
Global configuration (config) mode.
Usage Guidelines
Standard ACL Configuration Mode Commands
To work with a standard access list, enter the ip access-list standard command from the Global configuration mode prompt. The CLI enters a configuration mode in which all subsequent commands apply to the current access list.
To add a line to the standard IP ACL, enter the following command. For example, choose a purpose (permit or deny) that specifies whether a packet is to be passed or dropped, enter the source IP address, and enter the source IP wildcard address as follows:
[insert line_num] {deny | permit} {source_ip [wildcard] | host source_ip | any}
To delete a line from the standard IP ACL, enter the following command:
delete line_num
To display a list of specified entries within the standard IP ACL, enter the following command:
list [start_line_num [end_line_num]]
To move a line to a new position within the standard IP ACL, enter the following command:
move old_line_num new_line_num
To return to the CLI Global configuration mode prompt, enter the following command:
exit
To negate a standard IP ACL, enter the following command:
no {deny | permit} {source_ip [wildcard] | host source_ip | any}
Extended ACL Configuration Mode Commands
To work with an extended access list, enter the ip access-list extended command from the Global configuration mode prompt. The CLI enters a configuration mode in which all subsequent commands apply to the current access list.
To delete a line from the extended IP ACL, enter the following command:
delete line_num
To move a line to a new position within the extended IP ACL, enter the following command:
move old_line_num new_line_num
To display a list of specified entries within the standard IP ACL, enter the following command:
list [start_line_num [end_line_num]]
To return to the CLI Global configuration mode prompt, enter the following command:
exit
To add a condition to the extended IP ACL, note that the options depend on the chosen protocol.
For IP, enter the following command to add a condition:
[insert line_num] {deny | permit} {gre | ip | proto_num} {source_ip [wildcard] | host source_ip | any} {dest_ip [wildcard] | host dest_ip | any}
no {deny | permit} {gre | ip | proto_num} {source_ip [wildcard] | host source_ip | any} {dest_ip [wildcard] | host dest_ip | any}
where if you enter proto_num is 47 or 0, they represent the equivalent value for GRE or IP.
For TCP, enter the following command to add a condition:
[insert line_num] {deny | permit} {tcp | proto_num} {source_ip [wildcard] | host source_ip | any} [operator port [port]] {dest_ip [wildcard] | host dest_ip | any} [operator port [port]] [established]
no {deny | permit} {tcp | proto_num} {source_ip [wildcard] | host source_ip | any} [operator port [port]] {dest_ip [wildcard] | host dest_ip | any} [operator port [port]] [established]
where proto_num can be 6, which is the equivalent value for TCP.
For UDP, enter the following command to add a condition:
[insert line_num] {deny | permit} {udp | proto_num} {source_ip [wildcard] | host source_ip | any} [operator port [port]] {dest_ip [wildcard] | host dest_ip | any} [operator port [port]]
no {deny | permit} {udp | proto_num} {source_ip [wildcard] | host source_ip | any} [operator port [port]] {dest_ip [wildcard] | host dest_ip | any} [operator port [port]]
where proto_num can be 17, which is the equivalent value for UDP.
For ICMP, enter the following command to add a condition:
[insert line_num] {deny | permit} {icmp | proto_num} {source_ip [wildcard] | host source_ip | any} {dest_ip [wildcard] | host dest_ip | any} [icmp_type [code] | icmp_msg]
no {deny | permit} {icmp | proto_num} {source_ip [wildcard] | host source_ip | any} {dest_ip [wildcard] | host dest_ip | any} [icmp_type [code] | icmp_msg]
where proto_num can be 2, which is the equivalent value for ICMP.
For extended IP ACLs, the wildcard keyword is required if the host keyword is not specified. For a list of the keywords that you can use to match specific ICMP message types and codes, see Table 2-9. For a list of supported UDP and TCP keywords, see Table 2-7 and Table 2-8.
Use access lists to control access to specific applications or interfaces on an SE. An ACL consists of one or more condition entries that specify the kind of packets that the SE drops or accepts for further processing. The SE applies each entry in the order in which it occurs in the access list, which by default, is the order in which you configured the entry.
The following are some examples of how IP ACLs can be used in environments that have SEs:
•
•
•
•
Within ACL configuration mode, you can use the editing commands (list, delete, and move) to display the current condition entries, to delete a specific entry, or to change the order in which the entries are evaluated. To return to Global configuration mode, enter exit at the ACL configuration mode prompt.
To create an entry, use a deny or permit keyword and specify the type of packets that you want the SE to drop or to accept for further processing. By default, an access list denies everything because the list is terminated by an implicit deny any entry. You must include at least one permit entry to create a valid access list.
After creating an access list, you can include the access list in an access group using the access-group command, which determines how the access list is applied. You can also apply the access list to a specific application using the appropriate command. A reference to an access list that does not exist is the equivalent of a permit any condition statement.
To work with access lists, enter either the ip access-list standard or ip access-list extended Global configuration command. Identify the new or existing access list with a name up to 30 characters long beginning with a letter or with a number. If you use a number to identify a standard access list, it must be between 1 and 99; for an extended access list, use a number from 100 to 199. Use a standard access list for providing access to the SNMP server or to the TFTP gateway or server.
After you identify the access list, the CLI enters the appropriate configuration mode and all subsequent commands apply to the specified access list.
ip access-list standard Command
You typically use a standard access list to allow connections from a host with a specific IP address or from hosts on a specific network. To allow connections from a specific host, use the permit host source_ip option and replace source_ip with the IP address of the specific host.
To allow connections from a specific network, use the permit source_ip wildcard option. Replace source_ip with a network ID or the IP address of any host on the network that you want to specify. Replace wildcard with the dotted decimal notation for a mask that is the reverse of a subnet mask, where a 0 indicates a position that must be matched and a 1 indicates a position that does not matter. For instance, the wildcard 0.0.0.255 causes the last eight bits in the source IP address to be ignored. Therefore, the permit 192.168.1.0 0.0.0.255 entry allows access from any host on the 192.168.1.0 network.
ip access-list extended Command
Use an extended access list to control connections based on the destination IP address or based on the protocol type. You can combine these conditions with information about the source IP address to create more restrictive conditions. Table 2-7 lists the UDP keywords that you can use with extended access lists.
Table 2-7 UDP Keywords and Port Numbers
bootpc
BOOTP1 client service
68
bootps
BOOTP server service
67
domain
DNS2 service
53
netbios-dgm
NetBIOS datagram service
138
netbios-ns
NetBIOS name resolution service
137
netbios-ss
NetBIOS session service
139
nfs
Network File System service
2049
ntp
Network Time Protocol settings
123
snmp
Simple Network Management Protocol service
161
snmptrap
SNMP traps
162
tftp
Trivial File Transfer Protocol service
69
1 BOOTP = bootstrap protocol
2 DNS = Domain Name System
Table 2-8 lists the TCP keywords that you can use with extended access lists.
Table 2-9 lists the keywords that you can use to match specific ICMP message types and codes.
Table 2-9 Keywords for ICMP Message Type and Code
administratively-prohibited
Messages that are administratively prohibited from being allowed access.
alternate-address
Messages that specify alternate IP addresses.
conversion-error
Messages that denote a datagram conversion error.
dod-host-prohibited
Messages that signify a DoD1 protocol Internet host denial.
dod-net-prohibited
Messages that specify a DoD protocol network denial.
echo
Messages that are used to send echo packets to test basic network connectivity.
echo-reply
Messages that are used to send echo reply packets.
general-parameter-problem
Messages that report general parameter problems.
host-isolated
Messages that indicate that the host is isolated.
host-precedence-unreachable
Messages that have been received with the protocol field of the IP header set to one (ICMP) and the type field in the ICMP header set to three (Host Unreachable). This is the most common response. Large numbers of this datagram type on the network are indicative of network difficulties or hostile actions.
host-redirect
Messages that specify redirection to a host.
host-tos-redirect
Messages that specify redirection to a host for type of service-based (ToS) routing.
host-tos-unreachable
Messages that denote that the host is unreachable for ToS-based routing.
host-unknown
Messages that specify that the host or source is unknown.
host-unreachable
Messages that specify that the host is unreachable.
information-reply
Messages that contain domain name replies.
information-request
Messages that contain domain name requests.
mask-reply
Messages that contain subnet mask replies.
mask-request
Messages that contain subnet mask requests.
mobile-redirect
Messages that specify redirection to a mobile host.
net-redirect
Messages that are used for redirection to a different network.
net-tos-redirect
Messages that are used for redirection to a different network for ToS-based routing.
net-tos-unreachable
Messages that specify that the network is unreachable for the ToS-based routing.
net-unreachable
Messages that specify that the network is unreachable.
network-unknown
Messages that denote that the network is unknown.
no-room-for-option
Messages that specify the requirement of a parameter, but that no room is unavailable for it.
option-missing
Messages that specify the requirement of a parameter, but that parameter is not available.
packet-too-big
Messages that specify that the ICMP packet requires fragmentation but the DF2 bit is set.
parameter-problem
Messages that signify parameter-related problems.
port-unreachable
Messages that specify that the port is unreachable.
precedence-unreachable
Messages that specify that host precedence is not available.
protocol-unreachable
Messages that specify that the protocol is unreachable.
reassembly-timeout
Messages that specify a timeout during reassembling of packets.
redirect
Messages that have been received with the protocol field of the IP header set to one (ICMP) and the type field in the ICMP header set to five (Redirect). ICMP redirect messages are used by routers to notify the hosts on the data link that a better route is available for a particular destination.
router-advertisement
Messages that contain ICMP router discovery messages called router advertisements.
router-solicitation
Messages that are multicast to ask for immediate updates on neighboring router interface states.
source-quench
Messages that have been received with the protocol field of the IP header set to one (ICMP) and the type field in the ICMP header set to four (Source Quench). This datagram may be used in network management to provide congestion control. A source quench packet is issued when a router is beginning to lose packets because of the transmission rate of a source. The source quench is a request to the source to reduce the rate of a datagram transmission.
source-route-failed
Messages that specify the failure of a source route.
time-exceeded
Messages that specify information about all instances when specified times were exceeded.
timestamp-reply
Messages that contain time stamp replies.
timestamp-request
Messages that contain time stamp requests.
traceroute
Messages that specify the entire route to a network host from the source.
ttl-exceeded
Messages that specify that ICMP packets have exceeded the Time-To-Live configuration.
unreachable
Messages that are sent when packets are denied by an access list; these packets are not dropped in the hardware but generate the ICMP-unreachable message.
1 DoD = department of defense
2 DF = do not fragment
Examples
The following example shows how to create an access list to allow all web traffic and to allow only a specific host administrative access using Secure Shell (SSH):
ServiceEngine(config)# ip access-list extended exampleServiceEngine(config-ext-nacl)# permit tcp any any eq wwwServiceEngine(config-ext-nacl)# permit tcp host 10.1.1.5 any eq sshServiceEngine(config-ext-nacl)# exitThe following example shows how to activate the access list for an interface:
ServiceEngine(config)# interface gigabitethernet 1/0ServiceEngine(config-if)# exitThe following example shows how this configuration appears when you enter the show running-configuration command:
...!ip access-list extended examplepermit tcp any any eq wwwpermit tcp host 10.1.1.5 any eq sshexit. . .Related Commands
ip ospf priority
To set the router priority, which helps determine the designated router for this network; use the ip ospf priority command in interface configuration mode. To return to the default value, use the no form of this command.
ip ospf priority number_value
no ip ospf priority number_value
Syntax Description
Command Default
Priority of 1
Command Modes
Interface configuration (config-if) mode.
Usage Guidelines
When two routers attached to a network both attempt to become the designated router, the one with the higher router priority takes precedence. If there is a tie, the router with the higher router ID takes precedence. A router with a router priority set to zero is ineligible to become the designated router or backup designated router. Router priority is configured only for interfaces to multi-access networks (that is, not to point-to-point networks).
Examples
The following example shows how to set the router priority value to 4:
ServiceRouter(config)# router ospfServiceRouter(config-ospf)# interface GigabitEthernet 2/0ServiceRouter(config-ospf-if)# ip ospf priority 4ServiceRouter(config-ospf-if)Related Commands
ip rib route
To configure unicast static routes for the Proximity Engine, use the ip rib route command in Global configuration mode. To , use the no form of the command.
ip rib route destination prefix netmask {gateway ip_addr | GigabitEthernet num [gateway ip_addr]}
no ip rib route destination prefix netmask {gateway ip_addr | GigabitEthernet num [gateway ip_addr]}
Syntax Description
Command Default
None
Command Modes
Global configuration mode.
Usage Guidelines
Unicast static routes can be configured for the Proximity Engine. Static routes provide the Proximity Engine the ability to resolve learned BGP route next hops without IGP routing information.
The show ip rib route static command displays the static routes. The show ip static route command displays the static route configured and stored in the RIB table.
The ip rib route command allows static route configuration where the next-hop resolution depends on other static route configuration, The maximum number of static routes that can be configured is 200. The maximum number of equal cost multiple path (ECMP) static routes is 16.
When the next hop cannot be resolved, the static route configuration is not rejected, but the static route is not installed in Routing Information Base (RIB). When the next hop is resolved, the static route is installed automatically.
Examples
The following examples shows how to configure a static route:
ServiceRouter(config)# ip rib route 10.1.1.1 255.255.255.0 20.1.1.1ServiceRouter#The following example shows how to configure a static route with disabled nexthop:
ServiceRouter(config)# ip rib route 10.1.1.1 255.255.255.0 gigabitEthernet 2/0ServiceRouter(config)# ip rib route 20.1.1.1 255.255.255.0 192.168.82.54ServiceRouter(config)#The following examples shows how to configure a static route on a GigabitEthernet interface:
ServiceRouter(config)# ip rib route 10.1.1.1 255.255.255.0 gigabitethernet1/0ServiceRouter#The following examples shows how to configure a static route on a GigabitEthernet interface with a gateway IP address:
ServiceRouter(config)# ip rib route 10.1.1.1 255.255.255.0 gigabitethernet1/0 20.1.1.1ServiceRouter#Related Commands
show ip rib route
Displays IP RIB route information.
show ip static route
Displays IP Static route information.
ip router isis
To specify the interfaces to be used for routing IS-IS, use the ip router isis command in interface sub-configuration mode under IS-IS configuration mode. To detach the IS-IS process from an interface, use the no form of the command.
ip router isis
no ip router isis
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
Interface configuration mode under IS-IS (config-isis-if) configuration mode.
Usage Guidelines
This command is used to specify the interfaces to actively route IS-IS. Before an IS-IS routing process can be attached to an interface, you must assign a network entity title (NET) using the net command and enter the interface sub-configuration mode.
Examples
The following example shows how to configure an IS-IS process to be attached and form adjacency on Ethernet interface 1:
ServiceRouter(config)# router isisServiceRouter(config-isis)# net 49.0001.aaaa.aaaa.aaaa.00ServiceRouter(config-isis)# interface GigabitEthernet 1/0ServiceRouter(config-isis-if)# ip router isisServiceRouter(config-isis-if)#Related Commands
ipv6
To specify the default gateway's IPv6 address, use the ipv6 command in Global configuration mode. To disable the IPv6 address, use the no form of this command.
ipv6 {access-list {extended {extended_acess_list_num [delete num | deny {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr} | insert position_num {deny {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr}} | permit {any | host | ipv6_addr}} | list [position_start position_end] | move {move_from move_to} | permit {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr}}] | access_list name [delete num | deny {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr}} | insert position_num {deny {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr}} | permit} | list [position_start position_end] | move {move_from move_to} | permit {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr}}]} | standard {standard_acess_list_num [delete num | deny {any | host | ipv6_addr} | insert position_num {deny {any | host | ipv6_addr} | permit {any | host | ipv6_addr}} | list [position_start position_end] | move {move_from move_to} | permit {any | host | ipv6_addr} | default-gateway ip_address | route dest_ip_adder gateway_ip_addr}
no ipv6 {access-list {extended {extended_acess_list_num [delete num | deny {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr} | insert position_num {deny {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr}} | permit {any | host | ipv6_addr}} | list [position_start position_end] | move {move_from move_to} | permit {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr}}] | access_list name [delete num | deny {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr}} | insert position_num {deny {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr}} | permit} | list [position_start position_end] | move {move_from move_to} | permit {protocol_num {any | host | ipv6_addr} | gre {any | host | ipv6_addr} | icmpv6 {any | host | ipv6_addr} | ip {any | host | ipv6_addr} | tcp {any | host | ipv6_addr} | udp {any | host | ipv6_addr}}]} | standard {standard_acess_list_num [delete num | deny {any | host | ipv6_addr} | insert position_num {deny {any | host | ipv6_addr} | permit {any | host | ipv6_addr}} | list [position_start position_end] | move {move_from move_to} | permit {any | host | ipv6_addr} | default-gateway ip_address | route dest_ip_adder gateway_ip_addr}
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
Explosive growth in network device diversity and mobile communications, along with global adoption of networking technologies have resulted in IPv4 addresses getting exhausted. IPv4 address space has a theoretical limit of 4.3 billion addresses. IPv6 quadruples the number of network address bits from 32 bits (in IPv4) to 128 bits. This provides more than enough globally unique IP addresses for every networked device in use.
CDS-IS IPv6 ACL, a permit or deny policy for IPv6 traffic you want to filter is based on source and destination IPv6 address, plus other IPv6 protocol factors such as TCP/UDP, ICMPv6 and GRE, or specify the port number. This command mirrors IPv4:
[no] ipv6 access-list {<standard|extended>} {<name|number>} {<permit|deny|delete|move|insert|list>} {protocol no|protocol name}[any|host|ipv6addr/prefix] {any|host|ipv6addr/prefix}IPv6 access lists are identified by user selected names. Access lists are defined by a list of "permit" and "deny" statements.
[no] ip name-server {<hostname|ipv6addr|ipv4addr>}[no] ntp server {<hostname|ipv6addr|ipv4addr>}These above configurations should support both IPv6 and IPv4 addresses.
DNS Configuration
The IPv6 address name server must be configured by using the ipv6 name-server ip-address command.
Note
If an IPv6 address is configured on the SR for DNS, the communication between the SR and the DNS server is over the IPv6 transport. The IPv4 address of the Service Router must be configured in the DNS server, so that the Service Router can respond to both A and AAAA queries. In this case, the communication between the DNS Server and the SR is over IPv4 transport.
Service Router
Communication between the SE and SR is through the IPv4 stack, including the keep-alive message. If IPv6 is enabled, then the keep-alive message includes the IPv6 address of the SE in the keep-alive message payload. This enables the SR to resolve the SE's IPv6 address correctly.
The SR operates as a DNS Server for the requests that belong to the delivery service to which the SR is associated. The SR is provisioned to respond to A or AAAA queries for the configured Service Routing Domain Name (RFQDN). The query can be on either an IPv4 or IPv6 transport.
The SR accepts the HTTP, RTSP, and RTMP requests and sends back the response by way of the IPv6 transport. The SR also supports the IP-based redirection, and includes the IPv6 address of the SE in the redirect URL. If the redirect URL has the SE host name, the client sends a DNS query to the SR, and the SR responds with the SE's IPv4 address for the A query and the SE's IPv6 address for the AAAA query.
The Coverage Zone file supports IPv6 and IPv4 addresses. The network and subnetwork addresses in the Coverage Zone file support CIDR format (IP address with a prefix).
Note
Examples
The following example shows how to configure an IPv6-related address:
ServiceRouter(config)# ipv6 default-gateway fec0::100/64When configuring a static IPv6 prefix route, specify the host ipv6 address and prefix. <next-hop> is the IPv6 address of the next-hop to reach the destination prefix. The following example shows how to configure a static IPv6 prefix route:
ServiceRouter(config)# ipv6 route <ipv6addr/prefix> <next-hop>Related Commands
clear ipv6
Clears IPv6 ACL counters.
show ipv6
Displays the IPv6 information.
traceroute6
Traces the route to a remote IPv6-enabled host.
isis
To configure IS-IS routing for IP, use the isis command in interface configuration mode under route IS-IS configuration mode. To turn off this function, use the no form of this command.
isis {authentication key-chain name {level-1 | level-2} | authentication-check {level-1 | level-2} | authentication-type {cleartext | md5} | circuit-type [level-1 | level-1-2 | level-2] | priority priority_value {level-1 | level-2}}
no isis {authentication key-chain name {level-1 | level-2} | authentication-check {level-1 | level-2} | authentication-type {cleartext | md5} | circuit-type [level-1 | level-1-2 | level-2] | priority priority_value {level-1 | level-2}}
Syntax Description
Command Default
A Level 1 and Level 2 adjacency is established.
Priority is set to 64 for interfaces.
Authentication-check is on.
Command Modes
Interface configuration mode under IS-IS (config-isis-if) configuration.
Usage Guidelines
Use the isis authentication key-chain command to specify the key chain to be used for the interface and the corresponding level. The key chain range cannot exceed 63 characters.
Use the isis authentication-check command to enables or disables the checking of received packets for the interface on the corresponding level. When authentication-check is disabled, IS-IS adds authentication to the outgoing packets, but it does not check authentication on incoming packets. This feature allows smooth transition of enabling authentication without disrupting the network operation.
Use the isis authentication-type command to specify the md5 or cleartext authentication type for the interface and the corresponding level.
Use the isis circuit-type command to specify adjacency levels on a specified interface.
Use the isis priority configuration command to configure the priority of a specific interface.
Examples
The following example shows how to specify the key chain to be used for `GigabitEthernet 3/0', level-1 for the IS-IS process running on that interface:
ServiceRouter(config)# router isisServiceRouter(config-isis)# interface GigabitEthernet 3/0ServiceRouter(config-isis-if)# isis authentication key-chain my-key level-1ServiceRouter(config-isis-if)#The following example shows how to configure the authentication check of interface `GigabitEthernet 3/0', level-1 for the IS-IS process running on that interface:
ServiceRouter(config)# router isisServiceRouter(config-isis)# interface GigabitEthernet 3/0ServiceRouter(config-isis-if)# isis authentication-check level-1ServiceRouter(config-isis-ifSVCREG internal errorif SVCREG interface debugsippc SVCREG ippc (inter process comm) debugssvc SVCREG svc debugsven SVCREG ven debugs)#The following example shows how to configure the authentication type of interface `GigabitEthernet 3/0' to be md5 level-1 for the IS-IS process running on that interface:
ServiceRouter(config)# router isisServiceRouter(config-isis)# interface GigabitEthernet 3/0ServiceRouter(config-isis-if)# isis authentication-type md5 level-1ServiceRouter(config-isis-if)#The following example shows how to configure the circuit type of interface `GigabitEthernet 3/0' to be level-1-2 for the IS-IS process running on that interface:
ServiceRouter(config)# router isisServiceRouter(config-isis)# interface GigabitEthernet 3/0ServiceRouter(config-isis-if)# isis circuit-type level-1-2ServiceRouter(config-isis-if)# endServiceRouter#
The following example shows how to set the priority of interface `GigabitEthernet 3/0' to 100 for the IS-IS process running on that interface:
ServiceRouter(config)# router isisServiceRouter(config-isis)# interface GigabitEthernet 3/0ServiceRouter(config-isis-if)# isis priority 100ServiceRouter(config-isis-if)# endServiceRouter#
Related Commands
is-type
To configure a Proximity Engine to act as a Level 1 (intra-area) router, as both a Level 1 router and a Level 2 (interarea) router, or as an inter-area router only, use the is-type IS-IS configuration command. To reset the default value, use the no form of this command.
is-type [level-1| level-1-2 | level-2]
no is-type [level-1| level-1-2 | level-2]
Syntax Description
Command Default
The IS-IS routing process configured is a Level 1-2 (intra-area and inter-area) router.
Command Modes
IS-IS configuration (config-isis) mode.
Usage Guidelines
By default, the first instance of the IS-IS routing process that you configure using the router isis command is a Level 1-2 router.
If the network has only one area, there is no need to run both Level 1 and Level 2 routing algorithms. If IS-IS is used for Connectionless Network Service (CLNS) routing (and there is only one area), Level 1 only must be used everywhere. If IS-IS is used for IP routing only (and there is only one area), you can run Level 2 only everywhere. Areas you add after the Level 1-2 area exists are, by default, Level 1 areas.
If the router instance has been configured for Level 1-2 (the default for the first instance of the IS-IS routing process in a Cisco device), you can remove Level 2 (inter-area) routing for the area by using the is-type command. You can also use the is-type command to configure Level 2 routing for an area, but it must be the only instance of the IS-IS routing process configured for Level 2 on the Cisco device.
Examples
The following example shows how to specify an area router:
ServiceRouter(config)# router isisServiceRouter(config-isis)# is-type level-2ServiceRouter(config-isis)#Related Commands
kernel
To configure the kernel, use the kernel command in Global configuration mode. To disable the kernel configuration, use the no form of this command.
kernel {kdb | optimization network}
no kernel {kdb | optimization network}
Syntax Description
kdb
Specifies the kernel debugger (kdb).
optimization
Enables kernel performance optimization.
network
Optimizes network performance.
Defaults
Kdb is disabled by default.
Command Modes
Global configuration (config) mode.
Usage Guidelines
Once enabled, KDB is automatically activated when kernel problems occur. Once activated, all normal functioning of the CDS device is suspended until KDB is manually deactivated. The KDB prompt looks like this prompt:
[ 0 ] kdb>To deactivate KDB, enter go at the KDB prompt. If KDB was automatically activated because of kernel problems, you must reboot to recover from the issue. If you activated KDB manually for diagnostic purposes, the system resumes normal functioning in whatever state it was when you activated KDB. In either case, if you enter reboot, the system restarts and normal operation resumes.
Examples
The following example shows how to enable KDB:
ServiceEngine(config)# kernel kdbThe following example shows how to disable KDB:
ServiceEngine(config)# no kernel kdbkey
To create a key ID and enter into key configuration submode, use the key command in Global configuration mode. To exit key chain configuration submode, use the no form of this command.
key keyid
no key keyid
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
Multiple key ID's may be configured under the same key chain. The key chain string cannot exceed 63 characters.
When IS-IS is configured to use a particular key chain for the authentication and the corresponding key chain is not configured in the system, it causes IS-IS to always reject incoming packets that require the key chain.
When a key chain has multiple keys, IS-IS should advertise the first key in the chain. For validation of received packets, it should iterate through all the keys until there is a match.
They key command is within the key chain command context, not simply the key chain itself.
Examples
The following example shows how to create a key ID and enter the key configuration submode:
ServiceRouter(config)# key chain my-keyServiceRouter(config-keychain)#Related Commands
key-string
To create a key string to be used for authentication, use the key chain command in Key ID configuration submode. To remove the key-string, use the no form of this command.
key-string keyid
no key-string keyid
Syntax Description
Defaults
None
Command Modes
Key ID configuration submode.
Usage Guidelines
The key-string command creates a key string to be used for authentication.
A key string is always valid upon creation.
The Proximity Engine does not support key-string expiration.
You can only create one key-string per key ID.
Key-chain string cannot exceed 63 characters.
Examples
The following example shows how to specify terminal line settings:
ServiceRouter(config-keychain-key)# key-string topos123ServiceRouter(config-keychain-key)#Related Commands
key chain
To create a key chain and enter into key chain configuration submode, use the key chain command in Global configuration mode. To exit key chain configuration submode, use the no form of this command.
key chain name
no key chain name
Syntax Description
Defaults
None
Command Modes
Global configuration (config) mode.
Usage Guidelines
Multiple key ID's may be configured under the same key chain. Key chain string cannot exceed 63 characters.
When IS-IS is configured to use a particular key chain for the authentication and the corresponding key chain is not configured in the system, it results IS-IS to always reject incoming packets that requires the key chain.
When a key chain has multiple keys, IS-IS should advertise the first key in the chain. For validation of received packets, it should iterate through all the keys until there is a match.
Examples
The following example shows how to create a key and enter into key ID configuration submode:
ServiceRouter(config)# key chain my-keyServiceRouter(config-keychain)#The following example shows a complete sample configuration for IS-IS MD5 authentication:
ServiceRouter(config)# key chain lsp-keyServiceRouter(config-keychain)# key 1ServiceRouter(config-keychain-key)# key-string lspServiceRouter(config-keychain-key)# exitServiceRouter(config-keychain)# exitServiceRouter(config)# key chain int-keyServiceRouter(config-keychain)# key 1ServiceRouter(config-keychain-key)# key-string topos123ServiceRouter(config-keychain-key)# exitServiceRouter(config-keychain)# exitServiceRouter(config)# router isisServiceRouter(config-isis)# net 10.1111.1111.1111.00ServiceRouter(config-isis)# is-type level-1ServiceRouter(config-isis)# authentication-type md5 level-1ServiceRouter(config-isis)# authentication key-chain lsp-key level-1ServiceRouter(config-isis)# interface giagabitethernet 1/0ServiceRouter(config-isis-if)# isis authentication-type md5 level-1ServiceRouter(config-isis-if)# isis authentication key-chain int-key level-1Related Commands
lacp
To turn on Link Aggregation Control Protocol (LACP), use the lacp command in Interface configuration mode. To turn off lacp, use the no form of this command.
lacp
no lacp
Syntax Description
This command has no keywords or arguments.
Defaults
None
Command Modes
Interface configuration (config-if) mode.
Usage Guidelines
The port channel must be configured on both the switch and the host side before enabling LACP. Speed and duplex must be the same for both the switch and host. To configure LACP on the switch side, every interface must be configured.
For load balancing, the round robin method alone is not supported with LACP.
Examples
The following example shows how to turn on LACP:
ServiceEngine(config)# interface portChannel 1ServiceEngine(config-if)# lacpThe following example shows how to turn off LACP:
ServiceEngine(config)# interface portChannel 1ServiceEngine(config)# no lacpThe following example shows how to configure the load balancing on a global basis:
ServiceEngine(config)# port-channel load-balanceThis command can also include various load balancing methods:
•
•
•
•
•
•
•
•
•
•
•
Related Commands
show interface portchannel 1 lacp
Displays the LACP port channel status.
show lacp
Displays LACP information.
line
To specify terminal line settings, use the line command in Global configuration mode. To disable terminal line settings, use the no form of this command.
line console carrier-detect
no line console carrier-detect
Syntax Description
console
Configures the console terminal line settings.
carrier-detect
Sets the device to check the carrier detect signal before writing to the console.
Defaults
This feature is disabled by default.
Command Modes
Global configuration (config) mode.
Usage Guidelines
You should enable carrier detection if you connect the SE, SR, or CDSM to a modem for receiving calls. If you are using a null modem cable with no carrier detect pin, the device might appear unresponsive on the console until the carrier detect signal is asserted. To recover from a misconfiguration, you should reboot the device and set the 0x2000 bootflag to ignore the carrier detect setting.
Examples
The following example shows how to specify terminal line settings:
ServiceEngine(config)# line console carrier-detect
