service
Service commands are used to view and
manage configurations. The service commands and their corresponding parameters vary from
mode to mode. The User Exec mode and
Priv Exec mode commands provide
same functionalities with a few minor changes. The Global Config service command sets the
size of history files. It also enables viewing the current mode's CLI tree.This topic is
organized into the following sections:
Supported in the following platforms:
- Access Points — AP310i/e, AP410i/e, AP460i/e, AP560i/h,
AP510i/e, AP505i, AP7522, AP7532, AP7562, AP7612, AP7632, AP7662, AP8432, AP8533
- Service Platforms
— NX5500, NX7500, NX9500, NX9600, VX9000
Syntax (User Exec
Mode)
Service
Commands - Intro
service [block-adopter-config-update|clear|cli-tables-skin|cluster|database|
delete-offline-aps|force-send-config|force-update-vm-stats|guest-registration|load-balancing|
load-ssh-authorized-keys|locator|radio|radius|request-full-config-from-adopter|set|show|smart-rf|
ssm|snmp|snmpv3|syslog|wireless]
service [block-adopter-config-update|request-full-config-from-adopter]
service clear [adoption|captive-portal-page-upload|command-history|device-upgrade|
diag|dpi|file-sync|noc|reboot-history|unsanctioned|upgrade-history|virtual-machine-history|
web-filter|wireless|xpath]
service clear adoption history {on <DEVICE-NAME>}
service clear device-upgrade history {on <DOMAIN-NAME>}
service clear dpi [all|app|app-category] stats {on <DEVICE-OR-DOMAIN-NAME>}
service clear diag pkts
service clear file-sync history {on <DOMAIN-NAME>}
service clear captive-portal-page-upload history {on <DOMAIN-NAME>}
service clear [command-history|reboot-history|upgrade-history|virtual-machine-history]
{on <DEVICE-NAME>}
service clear noc statistics
service clear unsanctioned aps {on <DEVICE-OR-DOMAIN-NAME>}
service clear web-filter cache {on <DEVICE-NAME>}
service clear wireless [ap|client|controller-mobility-database|dns-cache|radio|wlan]
service clear wireless controller-mobility-database
service clear wireless [ap|client|controller-mobility-database|dns-cache|radio|wlan]
service clear wireless controller-mobility-database
service clear wireless [ap|client] statistics {<MAC>} {(on <DEVICE-OR-DOMAIN-NAME>)}
service clear wireless dns-cache on {(on <DEVICE-OR-DOMAIN-NAME)}
service clear wireless radio statistics {<MAC/HOSTNAME>} {<1-3>}
{(on <DEVICE-OR-DOMAIN-NAME>)}
service clear wireless wlan statistics {<WLAN-NAME>} {(on <DEVICE-OR-DOMAIN-NAME)}
service clear xpath requests {<1-100000>}
service cli-tables-skin [ansi|hashes|minimal|none|percent|stars|thick|thin|utf-8]
{grid}
service cluster force [active|configured-state|standby]
service database [authentication|replica-set|start-shell]
service database authentication [create-user|delete-user]
service database authentication create-user username <USER-NAME> password <PASSWORD>
service database authentication delete-user username <USER-NAME>
service database replica-set force-configured-state
service database start-shell
service delete-offline-aps [all|offline-for]
service delete-offline-aps offline-for days <0-999> {time <TIME>}
service force-send-config {on <DEVICE-OR-DOMAIN-NAME>}
service force-update-vm-stats {on <DEVICE-NAME>}
service guest-registration [backup|delete|export|import]
service guest-registration backup [delete|restore]
service guest-registration delete [all|email <EMAIL-ADD>|group <RAD-GROUP-NAME>|
mac <MAC>|mobile <MOBILE-NUMBER>|name <CLIENT-FULL-NAME>|non-social|offline-for days <1-999>|
otp-incomplete-for days <1-999>|social [facebook|google]|wlan <WLAN-NAME>]
service guest-registration export format [csv|json] <DEST-URL>
{(rfdomain <DOMAIN-NAME>|time [1-Day|1-Month|1-Week|2-Hours|30-Mins|5-Hours|all]|
wlan <WLAN-NAME>)}
service guest-registration import format <JSON> <SOURCE-URL>
service load-balancing clear-client-capability [<MAC>|all] {on <DEVICE-NAME>}
service load-ssh-authorized-keys <PUBLIC-KEY> {on <DEVICE-NAME>}
service locator {<1-60>} {(on <DEVICE-NAME>)}
service radio <1-3> [adaptivity|channel-switch|dfs]
service radio <1-3> adaptivity
service radio <1-3> channel-switch <36-196> [160|20|40|80]
service radio <1-3> dfs simulator-radar [extension|primary]
service radius test [<IP>|<HOSTNAME>] [<WORD>|<PORT>]
service radius test [<IP>|<HOSTNAME>] <WORD> <USERNAME> <PASSWORD>
{wlan <WLAN-NAME> ssid <SSID>} {(on <DEVICE-NAME>)}
service radius test [<IP>|<HOSTNAME>] port <1024-65535> <WORD> <USERNAME> <PASSWORD>
{wlan <WLAN-NAME> ssid <SSID>} {(on <DEVICE-NAME>)}
service set validation-mode [full|partial] {on <DEVICE-NAME>}
service show [block-adopter-config-update|captive-portal|cli|client-identity-defaults|
command-history|configuration-revision|crash-info|dhcp-lease|diag|fast-switching|fib|
fib6|guest-registration|info|ip-access-list|mac-vendor|mem|mint|noc|nsight|pm|process|
reboot-history|rf-domain-manager|sites|snmp|ssh-authorized-keys|startup-log|sysinfo|
top|upgrade-history|virtual-machine-history|watch-dog|wireless|xpath-history]
service show block-adopter-config-update
service show captive-portal [log-internal|servers|user-cache]
service show captive-portal log-internal
service show captive-portal [servers|user-cache] {on <DEVICE-NAME>}
service show [cli|client-identity-defaults|configuration-revision|mac-vendor <OUI/MAC>|
noc diag|snmp session|xpath-history]
service show [command-history|crash-info|info|mem|process|reboot-history|startup-log|
ssh-authorized-keys|sysinfo|top|upgrade-history|watchdog] {on <DEVICE-NAME>}
service show ip-access-list wlan <WLAN-NAME> status {detail}
{on <DEVICE-OR-DOMAIN-NAME>}
service show dhcp-lease {<INTERFACE-NAME>|pppoe1|vlan <1-4094>|wwan1}
(on <DEVICE-NAME>)}
service show diag [fds|led-status|pkts|psu|stats]
service show diag [fds|pkts]
service show diag [led-status|psu|stats] {on <DEVICE-NAME>}
service show fast-switching {on <DEVICE-NAME>}
service show [fib|fib6] {table-id <0-255>}
service show guest-registration [export-status|import-status|restore-status]
service show mint [adopted-devices {on <DEVICE-NAME>}|ports]
service show pm {history} {(on <DEVICE-NAME>)}
service show rf-domain-manager [diag|info] {<MAC/HOSTNAME>}
{(on <DEVICE-OR-DOMAIN-NAME>)}
service show sites
service show virtual-machine-history {on <DEVICE-NAME>}
service show wireless [aaa-stats|adaptivity-status|client|config-internal|
credential-cache|dns-cache|log-internal|meshpoint|neighbors|radar-status|radio-internal|reference|
stats-client|vlan-usage]
service show wireless [aaa-stats|adaptivity-status|credential-cache|dns-cache|
radar-status|vlan-usage] {on <DEVICE-NAME>}
service show wireless [config-internal|log-internal|neighbors]
service show wireless [client|meshpoint neighbor] proc [info|stats] {<MAC>}
{{on <DEVICE-OR-DOMAIN-NAME>)}
service show wireless radio-internal [radio1|radio2] <LINE>
service show wireless reference [channels|frame|handshake|mcs-rates|reason-codes|
status-codes]
service show wireless stats-client diag {<MAC/HOSTNAME>}
{(on <DEVICE-OR-DOMAIN-NAME>)}
service smart-rf [clear-config|clear-history|clear-interfering-aps|save-config]
service smart-rf clear-config {<MAC>|<DEVICE-NAME>|on <DOMAIN-NAME>}
service smart-rf [clear-history||clear-interfering-aps|save-config] {on <DOMAIN-NAME>}
service ssm [dump-core-snapshot|trace]
service ssm trace pattern <WORD> {on <DEVICE-NAME>}
service syslog test {level [<0-7>|alerts|critical|debugging|emergencies|errors|
informational|notifications|warnings]} {(on <DEVICE-NAME>)}
service wireless [add-neighbor|client|coverage-hole-incident|dump-core-snapshot|
meshpoint|qos|trace|unsanctioned|wips]
service wireless add-neighbor <1-2> mac <MAC-ADDRESS> preference <0-255>
service wireless client [beacon-request|quiet-element|trigger-bss-transition|trigger-wnm]
service wireless client beacon-request <MAC> mode [active|passive|table]
channel [<CHANNEL-NUMBER>|any] duration <1-255> ssid [<SSID>|any] channel-report [<CHANNEL-LIST>|none]
bssid [<MAC>|any] randomization-interval <0-1000> {on <DEVICE-NAME>}
service wireless client trigger-bss-transition mac <MAC> {timeout <0-65535>}
{url <URL>} {on <DEVICE-OR-DOMAIN-NAME>}
service wireless client trigger-wnm mac <MAC> type
[deauth-imminent|subscription-remediation] {uri <WORD>}
service wireless dump-core-snapshot
service wireless meshpoint zl <MESHPOINT-NAME> [on <DEVICE-NAME>]
{<ARGS>|timeout <1-65535>}
service wireless qos delete-tspec <MAC> tid <0-7>
service wireless trace pattern <WORD> {on <DEVICE-NAME>}
service wireless unsanctioned ap air-terminate <MAC> {on <DOMAIN-NAME>}
service wireless wips [clear-client-blacklist|clear-event-history|dump-managed-config]
service wireless wips clear-client-blacklist [all|mac <MAC>]
service wireless wips clear-event-history {on <DEVICE-OR-DOMAIN-NAME>}
Parameters (User
Exec Mode)
Service
Commands - Intro
service [block-adopter-config-update|request-full-config-from-adopter]
block-adopter-config- update |
Blocks the configuration updates pushed from the Network Operations
Center (NOC) server to adopted devices |
request-full-config-from- adopter |
Configures a request for full configuration updates from the adopter
device In an hierarchically managed (HM) network devices are deployed in
two levels. The first level consists of the NOC controllers. The second
level consists of the site controllers that can be grouped to form
clusters. The NOC controllers adopt and manage the site controllers.
Access points within the network are adopted and managed by the site
controllers. The adopted devices (Access Points and site controllers) are
referred to as the adoptee. The devices adopting the adoptee are the
‘adopters‘.
|
service clear adoption history {on <DEVICE-NAME>}
clear adoption history |
Clears adoption history on this device and its adopted Access
Points |
on <DEVICE-NAME> |
Optional. Clears adoption history on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service clear device-upgrade history {on <DOMAIN-NAME>}
clear device-upgrade history |
Clears device upgrade history |
on <DOMAIN-NAME> |
Optional. Clears all firmware upgrade history on a specified RF
Domain
- <DOMAIN-NAME> –
Specify the RF Domain name.
|
service clear diag pkts
clear diag pkts |
Clears the looped packets queue logged by the dataplane. The dataplane
logs up to 16 looped packets at a time in a separate queue, which has to be
manually cleared to make space for new packet logging. For more
information on viewing logged looped packet information execute the
service > show > diag > pkts
command.
|
service clear dpi [all|app|app-category] stats {on <DEVICE-OR-DOMAIN-NAME>}
clear dpi |
Clears Deep Packet Inspection (DPI) statistics When enabled,
DPI allows application and/or application category recognition. The DPI
statistics are maintained by the system for every hit registered by the
DPI engine.
|
[all|app|app-category] stats |
Use the following filter options to clear all or specific DPI
statistics:
- all – Clears all DPI
related (application and app-category) statistics
- app – Clears only
application related statistics
- app-category – Clears
only app-category related statistics
|
on <DEVICE-OR-DOMAIN-NAME> |
Optional. Clears DPI statistics based on the parameters passed on a
specified device or RF Domain
- <DEVICE-OR-DOMAIN-NAME> – Specify the name of the access point,
controller, service platform, or RF Domain.
|
service clear file-sync history {on <DOMAIN-NAME>}
clear file-sync history |
Clears client-bridge certificate synchronization statistics When an
access point is configured as a client bridge, the EAP-TLS X.509
(PKCS#12) certificate is synchronized between the staging-controller and
adoptee client-bridge access points. This command allows you to clear
client-bridge certificate synchronization statistics.
|
on <DOMAIN-NAME> |
Optional. Clears file synchronization history on all devices within a
specified RF Domain
- <DOMAIN-NAME> –
Specify the RF Domain name.
|
service clear captive-portal-page-upload history {on <DOMAIN-NAME>}
clear captive-portal-page- upload-history |
Clears captive portal page upload history |
on <DOMAIN-NAME> |
Optional. Clears captive portal page upload history on a specified RF
Domain
- <DOMAIN-NAME> –
Specify the RF Domain name.
|
service clear [command-history|reboot-history|upgrade-history|virtual-machine-history]
{on <DEVICE-NAME>}
clear [command-history| reboot-history| upgrade-history] |
Clears command history, reboot history, and/or device upgrade
history |
clear virtual-machine-history |
Clears virtual-machine history on the logged device or a specified
device This command is applicable only on the NX9500 and NX9600 series
service platforms.
|
on <DEVICE-NAME> |
Optional. Clears history on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform
Note: When executing the
clear virtual-machine-history command, provide the name of the service
platform running the VMs.
|
service clear noc statistics
clear noc statistics |
Clears NOC applicable statistics counters |
service clear unsanctioned aps {on <DEVICE-OR-DOMAIN-NAME>}
clear unsanctioned aps |
Clears the list of unsanctioned APs |
on <DEVICE-OR-DOMAIN-NAME> |
Optional. Clears the list of unsanctioned APs on a specified device or
RF Domain
- <DEVICE-OR-DOMAIN-NAME> – Specify the name of the AP, wireless
controller, service platform, or RF Domain.
|
service clear wireless [ap|client] {<MAC>} {(on <DEVICE-OR-DOMAIN-NAME>)}
clear wireless [ap|client] statistics |
Clears wireless statistics counters based on the parameters passed
- ap statistics – Clears
applicable AP statistics counters
- client statistics –
Clears applicable wireless client statistics counters
|
<MAC> {on <DEVICE-OR-DOMAIN-NAME>} |
The following keywords are common to the ‘ap' and ‘client'
parameters:
- <MAC> –
Optional. Clears statistics counters for a specified AP or client.
Specify the AP/client MAC address.
- on
<DEVICE-OR-DOMAIN-NAME> – Optional. Clears AP/client
statistics counters on a specified device or RF Domain. Specify
the name of the AP, wireless controller, service platform, or RF
Domain.
|
service clear wireless controller-mobility-database
clear wireless controller-mobility- database |
Clears the controller assisted mobility database |
service clear web-filter cache {on <DEVICE-NAME>}
clear web-filter cache |
Clears the cache used for Web filtering |
on <DEVICE-NAME> |
Optional. Clears the Web filtering cache on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service clear wireless radio statistics {<MAC/HOSTNAME> {<1-3>}}
{(on <DEVICE-OR-DOMAIN-NAME>)}
clear wireless radio statistics |
Clears applicable wireless radio statistics counters |
<MAC/HOSTNAME> <1-3> |
Optional. Specify the MAC address or hostname of the radio, or append
the interface number to form the radio ID in the AA-BB-CC-DD-EE-FF:RX or
HOSTNAME:RX format.
- <1-3> –
Optional. Specify the radio interface index, if not specified as part
of the radio ID.
|
on <DEVICE-OR-DOMAIN-NAME> |
Optional. This is a recursive parameter, which clears wireless radio
statistics on a specified device or RF Domain.
- <DEVICE-OR-DOMAIN-NAME> – Specify the name of the AP, wireless
controller, service platform, or RF Domain.
|
service clear wireless wlan statistics {<WLAN-NAME>} {(on <DEVICE-OR-DOMAIN-NAME>)}
clear wireless wlan statistics |
Clears WLAN statistics counters |
<WLAN-NAME> |
Optional. Clears statistics counters on a specified WLAN. Specify the
WLAN name. |
on <DEVICE-OR-DOMAIN-NAME> |
Optional. This is a recursive parameter, which clears WLAN statistics on
a specified device or RF Domain.
- <DEVICE-OR-DOMAIN-NAME> – Specify the name of the AP, wireless
controller, service platform, or RF Domain.
|
service clear xpath requests {<1-100000>}
clear xpath |
Clears XPATH related information |
requests |
Clears pending XPATH get requests |
<1-100000> |
Optional. Specifies the session number (cookie from show sessions)
- <1-100000> –
Specify the session number from 1 - 100000.
Note: Omits clearing the
current session‘s pending XPATH get requests.
|
service cli-tables-skin [ansi|hashes|minimal|none|percent|stars|thick|thin|utf-8]
{grid}
cli-tables-skin [ansi|hashes|minimal|none|percent|stars| thick|
thin|uf-8] |
Selects a formatting layout or skin for CLI tabular outputs
- ansi – Uses ANSI
characters for borders
- hashes – Uses hashes
(#) for borders
- minimal – Uses one
horizontal line between title and data rows
- none – Displays space
separated items with no decoration
- percent – Uses the
percent sign (%) for borders
- stars – Uses asterisks
(*) for borders
- thick – Uses thick
lines for borders
- thin – Uses thin lines
for borders
- utf-8 – Uses UTF-8
characters for borders
|
grid |
Optional. Uses a complete grid instead of just title lines |
service cluster force [active|configured-state|standby]
cluster |
Enables cluster protocol management |
force |
Forces action commands on a cluster (active, configured-state, and
standby) |
active |
Changes the cluster run status to active |
configured-state |
Restores a cluster to the configured state |
standby |
Changes the cluster run status to standby |
service database authentication create-user username <USER-NAME> password <PASSWORD>
database |
Performs database related actions |
authentication create-user username <USER-NAME> password
<PASSWORD> |
Creates users having access rights to the database.
Execute this command on the database host. However,
before creating users, on the database, generate the
database keyfile. For more information on generating the
keyfile, see database (user/priv exec modes).
- username <USER-NAME> – Configures database
username
- password <PASSWORD> – Configures a
password for the username specified
above
In the database-policy ensure that
authentication is enabled and username and password
is configured. The database-client-policy also should
have the same username and password configured. For
more information on database-policy and
database-client-policy, see database-policy global config and database-client-policy global-config.
|
service database authentication delete-user username <USER-NAME>
database |
Performs database related actions This command is supported only on
the NX9500, NX9600, and VX9000 platforms.
|
database authentication delete-user username <USER-NAME> |
Deletes the username requires to access rights the captive-portal/NSight
database
- username
<USER-NAME> – Deletes the username identified by the
<USER-NAME> keyword
Once deleted, the database cannot be accessed using the specified
combination of username and password.
|
service database start-shell
database |
Performs database related actions This command is supported only on
the NX9500, NX9600, and VX9000 platforms.
|
start-shell |
Starts the database shell |
service delete-offline-aps all
delete-offline-aps all |
Deletes all off-line Access Points |
service delete-offline-aps offline-for days <0-999> {time <TIME>}
delete-offline-aps |
Deletes Access Points that have been off-line for a specified number of
days and time period |
day <0-999> |
Specifies the number of days an Access Point stays off-line to be
deleted
- <0-999> –
Specify the number of off-line days from 0 - 999.
|
time <TIME> |
Optional. Specifies the off-line time period. Access Points off-line for
this period of time are deleted.
- <TIME> – Specify
the time in HH:MM:SS format.
|
service eguest remove-data [deleted-devices|offline-for days <0-999> {time <HH:MM:SS>}]
service eguest |
Enables ExtremeGuest server data maintenance |
remove-data |
Removes offline and/or deleted devices from the ExtremeGuest server
database Note: When
enabled, the device configuration and database collection is removed
permanently.
Note: If a controller is removed, then its adopted APs are also removed,
|
deleted-devices |
Removes deleted devices |
offline-for days <0-999> {time <HH:MM:SS>} |
Removes offline devices from the ExtremeGuest server database. Offline
devices are devices that have not been reporting to the ExtremeGuest server
for a specified number of days. Use this option to configure that threshold
value. Devices that have not reported to the ExtremeGuest server for the
number of days specified here are considered to be offline and removed.
- days <0-999> –
Specify the threshold, in days, from 0 - 999.
- time
<HH:MM:SS> – Option. In addition to the number of days,
you can also specify the time in hours, minutes, and seconds. If
specified, a device is removed if it has not reported to the
server for the specified number of days and time.
|
service eguest restore factory-default
eguest |
Enables ExtremeGuest server data maintenance |
restore factory-default |
Reinitializes the ExtremeGuest server to factory-default settings. Use
this option to stop the ExtremeGuest server and database. Note: Extreme caution is
recommended, as this command deletes data related to ExtremeGuest server
and database. Debug log files are also deleted.
|
service force-send-config {on <DEVICE-OR-DOMAIN-NAME>}
force-send-config |
Resends configuration to device(s) |
on <DEVICE-OR-DOMAIN-NAME> |
Optional. Resends configuration to a specified device or all devices in
a specified RF Domain
- <DEVICE-OR-DOMAIN-NAME> – Optional. Specify the name of the AP,
wireless controller, service platform, or RF Domain.
|
service force-update-vm-stats {on <DEVICE-NAME>}
force-update-vm-stats |
Forcefully pushes VM statistics on to the NOC |
on <DEVICE-NAME> |
Optional. Executes the command on a specified device
- <DEVICE-NAME> –
Specify the name of the device.
|
service guest-registration backup [delete|restore]
service guest-registration backup
[delete|restore] |
Deletes or restores all guest registration backup snapshots based on the
parameter passed
- delete – Deletes all
guest registration backup snapshots
- restores – Restores
all guest registration backup snapshots
Note: To view the status
of the restore process, use the service > show >
guest-registration > restore-status
command.
|
service guest-registration delete [all|email <EMAIL-ADD>|group <RAD-GROUP-NAME>|
mac <MAC>|mobile <MOBILE-NUMBER>|name <CLIENT-FULL-NAME>|non-social|
offline-for days <1-999>|wlan <WLAN-NAME>|otp-incomplete-for days <1-999>|
social [facebook|google]]
service guest-registration delete |
Deletes a specified user or all user records from the guest-registration
database To delete a specific user, use one of the following options as
an identification parameter: email, group, mac, mobile number, name,
offline-for, wlan, otp-incomplete-for, or social.
|
[all|email <EMAIL-ADD>|group <RAD-GROUP-NAME>| mac
<MAC>|mobile <MOBILE-NUMBER>| name
<CLIENT-FULL-NAME>]|non-social| offline-for days <1-999>|wlan
<WLAN-NAME>|otp-incomplete-for days <1-999>|social
[facebook|google] |
Following are the user filtering options: The user identified by one of
the following parameters is deleted from the guest-registration database.
- email
<EMAIL-ADD> – Identifies user by the e-mail address
- <EMAIL-ADD> – Provide the user‘s e-mail address.
- mac <MAC> –
Identifies user by the MAC address
- <MAC> –
Provide the user‘s MAC address.
- group
<RAD-GROUP-NAME> – Identifies users by their RADIUS group
association
- <RAD-GROUP-NAME> – Specify the RADIUS group name.
- mobile
<MOBILE-NUMBER> – Identifies user by the registered mobile
number
- <MOBILE-NUMBER> – Provide the user‘s mobile number.
- name
<CLIENT-FULL-NAME> – Identifies user by the registered full
name
- <CLIENT-FULL-NAME> – Provide the user‘s full name.
- non-social –
Identifies users that have not registered through social
authentication
- offline-for days
<1-999> – Filters users who have not accessed the network for a
specified number of days
- days
<1-999> – Specify the number of days from 1 - 999.
- wlan <WLAN-NAME>
– Identifies users accessing a specified WLAN
- <WLAN-NAME> – Specify the WLAN name.
- otp-incomplete-for
days <1-999> – Identifies records of users that have not used
their OTP to complete registration within a specified number of
days
- days
<1-999> – Specify the number of days from 1 - 999.
- social
[facebook|google] – Identifies users using either Facebook or Google
credentials to access the network
- facebook –
Identifies users using Facebook authentication
- google –
Identifies users using Google authentication
|
service guest-registration export format [csv|json] <DEST-URL> {(rfdomain <DOMAIN-NAME>|
time [1-Day|1-Month|1-Week|2-Hours|30-Mins|5-Hours|all]|wlan <WLAN-NAME>)}
service guest-registration export |
Exports guest registration user data files in the Comma-Separated Values
(CSV) or JavaScript Object Notation (JSON) format Use
the ‘rfdomain‘, ‘wlan‘, and
‘time‘
options to filter users for a specified RF Domain, WLAN, and/or time
period. These are recursive parameters and you can apply all or any of
these three filters.
|
format [csv|json] |
Specifies the file format. The options are:
- csv – Exports user
data files in the CSV format
- json – Exports user
data files in the JSON format
|
<DEST-URL> |
Configures the destination URL. The files are exported to the specified
location. Both IPv4 and IPv6 address formats are supported.
- IPv4 URLs:
tftp://<hostname|IP>[:port]/path/file
ftp://<user>:<passwd>@<hostname|IP>[:port]/path/file
sftp://<user>:<passwd>@<hostname|IP>[:port]>/path/file
- IPv6 URLs:
tftp://<hostname|[IPv6]>[:port]/path/file
ftp://<user>:<passwd>@<hostname|[IPv6]>[:port]/path/file
sftp://<user>:<passwd>@<hostname|[IPv6]>[:port]>/path/file
|
rfdomain <DOMAIN-NAME> |
Optional. Filters user data based on RF Domain name. Only the filtered
data are exported.
- <DOMAIN-NAME> –
Specify the RF Domain name.
|
wlan <WLAN-NAME> |
Optional. Filters user data based on WLAN name. Only the filtered data
are exported.
- <WLAN-NAME> –
Specify the WLAN name.
|
time [1-Day|1-Month| 1-Week|2-Hours| 30-Mins|5-Hours|all] |
Optional. Filters user data for a specified time period. Only the
filtered data are exported.
- 1-Day – Filters and
exports previous day‘s data
- 1-Month – Filters and
exports previous month‘s data
- 1-Week – Filters and
exports previous week‘s data
- 2-Hours – Filters and
exports last 2 hours data
- 30-Mins – Filters and
exports last 30 minutes data
- 5-Hours – Filters and
exports last 5 hours data
- all – Exports the
entire database
|
service guest-registration import format json <SOURCE-URL>
service guest-registration import |
Imports user data from a specified location |
format json |
Specifies the file format
- json – Imports user
data files in the JSON format
|
<SOURCE-URL> |
Configures the Source URL. The files are imported from the specified
location. Both IPv4 and IPv6 address formats are supported.
- IPv4 URLs:
tftp://<hostname|IP>[:port]/path/file
ftp://<user>:<passwd>@<hostname|IP>[:port]/path/file
sftp://<user>:<passwd>@<hostname|IP>[:port]>/path/file
- IPv6 URLs:
tftp://<hostname|[IPv6]>[:port]/path/file
ftp://<user>:<passwd>@<hostname|[IPv6]>[:port]/path/file
sftp://<user>:<passwd>@<hostname|[IPv6]>[:port]>/path/file
|
service load-balancing clear-client-capability [<MAC>|all] {on <DEVICE-NAME>}
load-balancing |
Enables wireless load balancing by clearing client capability
records |
clear-client-capability [<MAC>|all] |
Clears a specified client or all client capability records
- <MAC> – Clears
capability records of a specified client. Specify the client's MAC
address in the AA-BB-CC-DD-EE-FF format.
- all – Clears the
capability records of all clients
|
on <DEVICE-NAME> |
Optional. Clears client capability records on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service load-ssh-authorized-keys <PUBLIC-KEY> {on <DEVICE-NAME>}
load-ssh-authorized-keys |
Loads SSH public (client) key on a device |
<PUBLIC-KEY> |
Enter the public key. The public key should be in
the OpenSSH rsa/dsa format. |
on <DEVICE-NAME> |
Optional. Loads the specified public key on a
specified device
- <DEVICE-NAME> – Specify the name of the AP,
wireless controller, or service platform.
|
service locator {<1-60>} {(on <DEVICE-NAME>)}
locator |
Enables LEDs |
<1-60> |
Sets LED flashing time from 1 - 60 seconds. |
on <DEVICE-NAME> |
The following keyword is recursive and common to the <1-60>
parameter:
- on <DEVICE-NAME>
– Optional. Enables LEDs on a specified device
- <DEVICE-NAME> – Specify name of the AP, wireless
controller, or service platform.
|
service nsight clear-offline [all|offline-for days <0-999> {time <TIME>}]
nsight clear-offline [all|offline-for days <0-999> {time
<TIME>}] |
Clears NSight data received from offline controllers, based on the
parameters passed. Select one of the following options:
- all – Clears NSight
data received from all offline controllers
- offline-for days
<0-999> time <TIME> – Clears NSight data received from
controllers that have been offline for a specified time period
- days
<0-999> – Specifies the number of days controllers have
been offline
- <0-999> – Specify the number of days from 0 - 999
days. Select “0” to identify controllers offline less than
24 hours.
- time
<TIME> – Optional. Specifies the total time
for which controllers have been offline
- <TIME> – Specify the time in HH:MM:SS
format.
This command is supported only on the NX9500, NX9600, and VX9000
platforms.
|
service radio <1-3> adaptivity
radio <1-3> |
Configures radio parameters
- <1-3> – Specify
the radio index from 1 - 3.
|
adaptivity |
Simulates the presence of interference on the current channel |
service radio <1-3> channel-switch <36-196> [160|20|40|80|80-80]
radio <1-3> |
Configures radio parameters
- <1-3> – Specify
the radio index from 1 - 3.
|
channel-switch <36-196> [160|20|40|80| 80-80] |
Enables channel switching
- <36-196> –
Specifies the channel to switch to from 36 - 196.
- 160|20|40|80|80-80] – Specifies the bandwidth for the above
specified channel. Select the appropriate option.
|
service radio <1-3> dfs simulate-radar [extension|primary]
radio <1-3> |
Configures radio parameters
- <1-3> – Specify
the radio index from 1 - 3.
|
dfs |
Enables Dynamic
Frequency Selection (DFS ) |
simulate-radar [extension|primary] |
Simulates the presence of a radar on a channel. Select the channel type
from the following options:
- extension – Simulates
a radar on the radio's current extension channel
- primary – Simulates a
radar on the radio's current primary channel
|
service radius test [<IP>|<HOSTNAME>] <WORD> <USERNAME> <PASSWORD>
{wlan <WLAN-NAME> ssid <SSID>} {(on <DEVICE-NAME>)}
radius test |
Tests RADIUS server's account. This command sends an access-request
packet to the RADIUS server. Use this command to confirm time and
data/bandwidth parameters for valid wireless clients.
- test – Tests the RADIUS server's account with user provided
parameters
|
[<IP>|<HOSTNAME>] |
Sets the RADIUS server's IP address or hostname
- <IP> – Specifies
the RADIUS server's IP address
- <HOSTNAME> –
Specifies the RADIUS server's hostname
|
<WORD> |
Specify the RADIUS server's shared secret. |
<USERNAME> |
Specify username for authentication. |
<PASSWORD> |
Specify the password. |
wlan <WLAN-NAME> ssid <SSID> |
Optional. Tests the RADIUS server on the local WLAN. Specify the local
WLAN name.
- ssid <SSID> –
Specify the WLAN SSID.
|
on <DEVICE-NAME> |
Optional. This is a recursive parameter also applicable to the WLAN
parameter. Performs tests on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service radius test [<IP>|<HOSTNAME>] <PORT> <1024-65535> <WORD> <USERNAME>
<PASSWORD> {wlan <WLAN-NAME> ssid <SSID>} {(on <DEVICE-NAME>)}
radius test |
Tests a RADIUS server's account. This command sends an access-request
packet to the RADIUS server. Use this command to confirm time and
data/bandwidth parameters for valid wireless clients.
- test – Tests the
RADIUS server's account with user provided parameters
|
[<IP>|<HOSTNAME>] |
Sets the IP address or hostname of the RADIUS server
- <IP> – Specify
the RADIUS server's IP address.
- <HOSTNAME> –
Specify the RADIUS server's hostname.
|
<PORT> <1024-65535> |
Specify the RADIUS server port from 1024 - 65535. The default port is
1812. |
<WORD> |
Specify the RADIUS server's shared secret. |
<USERNAME> |
Specify username for authentication. |
<PASSWORD> |
Specify the password. |
wlan <WLAN-NAME> ssid <SSID> |
Optional. Tests the RADIUS server on the local WLAN. Specify the local
WLAN name.
- ssid <SSID> –
Specify WLAN SSID.
|
on <DEVICE-NAME> |
Optional. This is a recursive parameter also applicable to the WLAN
parameter. Performs tests on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service set validation-mode [full|partial] {on <DEVICE-NAME>}
set |
Sets the validation mode for running configuration validation |
validation-mode [full|partial] |
Sets the validation mode
- full – Performs a full
configuration validation
- partial – Performs a
partial configuration validation
|
on <DEVICE-NAME> |
Optional. Performs full or partial configuration validation on a
specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service show block-adopter-conflict-update
show |
Displays running system statistics based on the parameters
passed |
block-adopter-config-update |
Displays NOC configuration blocking status |
service show captive-portal log-internal
show |
Displays running system statistics based on the
parameters passed |
captive-portal |
Displays captive portal information |
log-internal |
Displays recent captive portal debug logs
(information and above severity level) |
service show captive-portal [servers|user-cache] {on <DEVICE-NAME>}
show |
Displays running system statistics based on the parameters
passed |
captive-portal |
Displays captive portal information |
servers |
Displays server information for active captive portals |
user-cache |
Displays cached user details for a captive portal |
on <DEVICE-NAME> |
Optional. Displays server information or cached user details on a
specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service show [cli|client-identity-defaults|configuration-revision|mac-user-import-status|
mac-vendor <OUI/MAC>|noc diag|snmp session|xpath-history]
show |
Displays running system statistics based on the parameters
passed |
cli |
Displays CLI tree of the current mode |
client-identity-defaults |
Displays default client-identities and their configuration |
configuration-revision |
Displays current configuration revision number |
mac-user-import-status |
Displays status of file import initiated by a MAC-user |
mac-vendor <OUI/MAC> |
Displays vendor name for a specified MAC address or Organizationally
Unique Identifier (OUI) part of the MAC address
- <OUI/MAC> –
Specify the MAC address or its OUI. The first six digits of the MAC
address is the OUI. Use the AABBCC or AA-BB-CC format to provide the
OUI.
|
noc diag |
Displays NOC diagnostic details |
snmp session |
Displays SNMP session details |
xpath-history |
Displays XPath history |
service show [command-history|crash-info|info|mem|process|reboot-history|
startup-log|ssh-authorized-keys|sysinfo|top|upgrade-history|watchdog] {on <DEVICE-NAME>}
show |
Displays running system statistics based on the parameters
passed |
command-history |
Displays command history (lists all commands executed) |
crash-info |
Displays information about core, panic, and AP dump files |
info |
Displays snapshot of available support information |
mem |
Displays a system's current memory usage (displays the total memory and
available memory) |
process |
Displays active system process information (displays all processes
currently running on the system) |
reboot-history |
Displays the device's reboot history |
startup-log |
Displays the device's startup log |
sysinfo |
Displays system's memory usage information |
top |
Displays system resource information |
upgrade-history |
Displays the device's upgrade history (displays details, such as date,
time, and status of the upgrade, old version, new version, etc.) |
watchdog |
Displays the device's watchdog status |
on <DEVICE-NAME> |
The following keywords are common to all of the above:
- on <DEVICE-NAME>
– Optional. Displays information for a specified device. If no device
is specified, the system displays information for logged device(s)
- <DEVICE-NAME> – Specify the name of the AP, wireless
controller, or service platform.
|
service show ip-access-list wlan <WLAN-NAME> status {detail} {on <DEVICE-OR-DOMAIN-NAME>}
show ip-access-list |
Displays status of IP ACL to WLAN mappings on a specified device or all
devices within a specified RF Domain. This command also displays if IP ACLs
are properly applied in the dataplane. |
wlan <WLAN-NAME> |
Specifies the WLAN, for which the IP ACL to WLAN mapping status is
required
- <WLAN-NAME> –
Specify the WLAN name.
|
status detail |
Displays only failed IP ACL to WLAN mappings
- details – Optional.
Displays all (failed as well as successful) IP ACL to WLAN mapping
status
|
on <DEVICE-OR-DOMAIN-NAME> |
Optional. Specifies the device name or the RF Domain name.
- <DEVICE-OR-DOMAIN-NAME> – Specify the device name or the RF
Domain. When specified, the system displays IP ACL to WLAN mapping
status on the specified device or all devices within the specified RF
Domain.
|
service show dhcp-lease {<INTERFACE-NAME>|on|pppoe1|vlan <1-4094>|wwan1}
{(on <DEVICE-NAME>)}
show |
Displays running system statistics based on the parameters
passed |
dhcp-lease |
Displays DHCP lease information received from the server |
<INTERFACE> |
Optional. Displays DHCP lease information for a specified router
interface
- <INTERFACE> –
Specify the router interface name.
|
on |
Optional. Displays DHCP lease information for a specified device |
pppoe1 |
Optional. Displays DHCP lease information for a PPP over Ethernet
interface |
vlan <1-4094> |
Optional. Displays DHCP lease information for a VLAN interface
- <1-4094> –
Specify a VLAN index from 1 - 4094.
|
wwan1 |
Optional. Displays DHCP lease information for a Wireless WAN
interface |
on <DEVICE-NAME> |
The following keywords are common to all of the above:
- on <DEVICE-NAME>
– Optional. Displays DHCP lease information for a specified device. If
no device is specified, the system displays information for the logged device.
- <DEVICE-NAME> – Specify the name of the AP, wireless
controller, or service platform.
|
service show diag [fds|pkts]
show diag [fds|pkts] |
Displays diagnostic statistics, such as LED
status, fan speed, sensor temperature, open file descriptors, looped
packets, etc. |
fds |
Displays the number of file descriptors
(fds) opened by key processes, such as the CFGD. When executed, the
command displays only the file name and FD. |
pkts |
Displays details of looped packets captured by the dataplane and pushed
to a separate queue. These queued packets are written to a log file (named
loop_pkt_info.log) available at the /var2/log/ directory. Use the
service > start-shell command and enter the path
‘cat /var2/log/‘ to view if the loop_pkt_info.log file exists. However,
looped packet logging has to be enabled in the profile/device context. For
more information, see diag (profile config mode). The dataplane can log up to 16
looped packets at a time. Once the queue is full, no new loop packet is
logged until the existing queue is cleared. To clear the logged looped
packet queue execute the service > clear > diag > pkts
command.
Following are the loop codes and the
corresponding loop reasons:
- (5) - "pkt looping
in dataplane"
- (51) - "loop in
packet path"
- (367) - "wispe
encapsulation loop"
- (432) - "mcx loop
prevention"
- (532) - "Port loop
detected"
- (536) - "packet
loop detected by wireless bridge"
- (41) - "IPv4 TTL
exceeded"
- (493) - "IPv6 TTL
exceeded"
- (540) - "mint TTL
exceeded"
|
service show diag [led-status|psu|stats] {(on <DEVICE-NAME>)}
show |
Displays running system statistics based on the parameters
passed |
diag |
Displays diagnostic statistics, such as LED status, fan speed, and
sensor temperature |
led-status |
Displays LED state variables and the current state |
psu |
Displays power supply information |
stats |
Displays fan speed and sensor temperature statistics |
on <DEVICE-NAME> |
Optional. Displays diagnostic statistics for a specified device. If no
device is specified, the system displays information for the logged
device.
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service show guest-registration [export-status|import-status|restore-status]
show |
Displays running system statistics based on the parameters
passed |
guest-registration |
Displays status of the guest-registration database snapshot related
processes (export, import, and restore) Note: To export, import, or
restore a guest-registration database, use the service >
guest-registration > [backup|export|import]
command.]
|
export-status |
Displays the status of the latest export process initiated |
import-status |
Displays the status of the latest import process initiated |
export-status |
Displays the status of the latest restore process initiated |
service show fast-switching {on <DEVICE-NAME>}
show |
Displays running system statistics based on the parameters
passed |
fast-switching |
Displays fast switching state (enabled or disabled) |
on <DEVICE-NAME> |
Optional. Displays fast switching state for a specified device. If no
device is specified, the system displays information for the logged device. |
service show [fib|fib6] {table-id <0-255>}
show |
Displays running system statistics based on the parameters
passed |
fib |
Displays entries in the Forwarding Information
Base (FIB) |
fib6 |
Displays FIB IPv6 static routing entries The WiNG software allows the
IPv6 FIB to maintain only IPv6 static and interface routes.
FIB is
a collection of routing entries. A route entry consists of IPv6 network
(which can also be a host) address, the prefix length for the network
(for IPv6 routes this is between 0 - 128), and the next hop‘s (gateway)
IPv6 address. Since a destination can be reached through multiple next
hops, you can configure multiple routes to the same destination with
multiple next hops.
|
table-id <0-255> |
Optional. Displays FIB information maintained by the system based on the
table ID
- <0-255> –
Specify the table ID from 0 - 255.
|
service show mint [adopted-devices {on <DEVICE-NAME>}|ports]
show |
Displays running system statistics based on the parameters
passed |
mint |
Displays MiNT protocol details |
adopted-devices on <DEVICE-NAME> |
Displays adopted devices status in dpd2
- on <DEVICE-NAME> – Optional. Displays MiNT protocol details for
a specified device. If no device is specified, the system displays
information for the logged device.
|
ports |
Displays MiNT ports used by various services and features |
service show pm {history} {(on <DEVICE-NAME>)}
show |
Displays running system statistics based on the parameters
passed |
pm |
Displays the Process Monitor (PM) controlled process details |
history |
Optional. Displays process change history (the time at which the change
was implemented, and the events that triggered the change) |
on <DEVICE-NAME> |
Optional. Displays process change history for a specified device. If no
device is specified, the system displays information for the logged
device.
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service show rf-domain-manager [diag|info] {<MAC/HOSTNAME>} {(on <DEVICE-OR-DOMAIN-NAME>)}
show |
Displays running system statistics based on the parameters
passed |
rf-domain-manager |
Displays RF Domain manager information |
diag |
Displays RF Domain manager related diagnostics statistics |
info |
Displays RF Domain manager related information |
<MAC/HOSTNAME> |
The following keyword is common to the ‘diag‘ and ‘info‘
parameters: Optional. Specify the MAC address or hostname of the RF
Domain manager.
|
on <DEVICE-OR-DOMAIN-NAME> |
The following keyword is common to the ‘diag‘ and ‘info‘
parameters: Optional. Displays diagnostics statistics on a specified
device or domain
- <DEVICE-OR-DOMAIN-NAME> – Specify the name of the AP, wireless
controller, service platform, or RF Domain.
|
service show sites
show |
Displays running system statistics based on the parameters
passed |
sites |
Displays NOC sites related information |
service show virtual-machine-history {(on <DEVICE-NAME>)}
show virtual-machine-history |
Displays virtual machine history based on the parameters passed This
command is applicable only to the NX9500 and NX9600 series service
platforms. It is also available on the Privilege Executable Mode of these
devices.
|
on <DEVICE-NAME> |
Optional. Displays virtual machine history on a specified device. If no
device is specified, the system displays information for the logged
device.
- <DEVICE-NAME> –
Specify the name of the service platform.
|
service show wireless [aaa-stats|adaptivity-status|credential-cache|dns-cache|
radar-status|vlan-usage] {on <DEVICE-NAME>}
show |
Displays running system statistics based on the parameters
passed |
wireless |
Displays WLAN statistics (WLAN AAA policy, configuration parameters,
VLAN assignment, etc.) |
aaa-stats |
Displays AAA policy statistics |
adaptivity-status |
Displays the current list of channels (with interference levels
exceeding the configured threshold resulting in adaptivity kicking in) and
time when adaptivity kicked in on a device |
credential-cache |
Displays clients cached credentials statistics (VLAN, keys,
etc.) |
dns-cache |
Displays cache of resolved names of servers related to wireless
networking |
radar-status |
Displays radar discovery status. This option displays following
information:
- If a radar has been
discovered by the AP
- The time of
discovery
|
vlan-usage |
Displays VLAN statistics across WLANs |
on <DEVICE-NAME> |
The following keywords are common to all of the above:
- on <DEVICE-NAME>
– Optional. Displays running system statistics on a specified device.
If no device is specified, the system displays information for the
logged device.
- <DEVICE-NAME> – Specify the name of the AP, wireless
controller, or service platform.
|
service show wireless [config-internal|log-internal|neighbors]
show |
Displays running system statistics based on the parameters
passed |
wireless |
Displays WLAN statistics (WLAN AAA policy, configuration parameters,
VLAN usage, etc.) |
config-internal |
Displays internal configuration parameters |
log-internal |
Displays recent internal wireless debug logs (info and above
severity) |
neighbors |
Displays neighboring device statistics for roaming and flow
migration |
service show wireless [client|meshpoint neighbor] proc [info|stats] {<MAC>}
{(on <DEVICE-OR-DOMAIN-NAME)}
show |
Displays running system statistics based on the parameters
passed |
wireless |
Displays WLAN statistics (WLAN AAA policy, configuration parameters,
VLAN usage, etc.) |
client |
Displays WLAN client statistics |
meshpoint neighbor |
Displays meshpoint related proc entries |
proc |
The following keyword is common to client and meshpoint neighbor
parameters:
- proc – Displays
dataplane proc entries based on the parameter selected
Note: These proc entries
provide statistics on each wireless client on the WLAN.
Note: For the meshpoint
parameter, it displays proc entries about neighbors.
|
info |
This parameter is common to client and meshpoint neighbor parameters.
Displays information for a specified device (wireless client or neighbor) or
RF Domain. |
stats |
This parameter is common to client and meshpoint neighbor parameters.
Displays information for a specified device (wireless client or neighbor) or
RF Domain. |
<MAC> |
Displays information for a specified device (wireless client or
neighbor) or RF Domain. |
on <DEVICE-OR-DOMAIN-NAME> |
This parameter is common to client and meshpoint neighbor parameters.
Displays information for a specified device (wireless client or neighbor) or
RF Domain.
- <DEVICE-OR-DOMAIN-NAME> – Specify the name of the AP, wireless
controller, service platform, or RF Domain.
|
service show wireless radio-internal [radio1|radio2] <LINE>
show |
Displays running system statistics based on the parameters
passed |
wireless |
Displays WLAN statistics (WLAN AAA policy,
configuration parameters, VLAN usage, etc.) |
radio-internal [radio1|radio2] |
Displays radio internal debug logs. Select the
radio from the following options:
- radio1 – Selects radio 1
- radio2 – Selects radio 2.
|
<LINE> |
Specify the radio internal debug command to
enable. |
service show wireless reference [channels|frame|handshake|mcs-rates|reason-codes|
status-codes]
show |
Displays running system statistics based on the parameters
passed |
wireless |
Displays WLAN statistics (WLAN AAA policy, configuration parameters,
VLAN usage, etc.) |
reference |
Displays look up reference information related to standards, protocols,
etc. |
channels |
Displays 802.11 channels information |
frame |
Displays 802.11 frame structure |
handshake |
Displays a flow diagram of 802.11 handshakes |
mcs-rates |
Displays MCS rate information |
reason-codes |
Displays 802.11 reason codes (for deauthentication, disassociation,
etc.) |
status-codes |
Displays 802.11 status codes (for association response) |
service show wireless stats-client diag {<MAC/HOSTNAME>}
{(on <DEVICE-OR-DOMAIN-NAME)}
show |
Displays running system statistics based on the parameters
passed |
wireless |
Displays WLAN statistics (WLAN AAA policy, configuration parameters,
VLAN usage etc.) |
stats-client |
Displays managed AP statistics |
<MAC/HOSTNAME> |
Optional. Specify the MAC address or hostname of the AP. |
on <DEVICE-OR-DOMAIN-NAME> |
Optional. Displays statistics on a specified AP, or all APs on a
specified domain.
- <DEVICE-OR-DOMAIN-NAME> – Specify the name of the AP, wireless
controller, service platform, or RF Domain.
|
service smart-rf clear-config {<MAC>|<DEVICE-NAME>|on <DOMAIN-NAME>}
smart-rf |
Enables Smart RF management |
clear-config |
Clears WLAN Smart RF configuration on a specified device or on all
devices |
<MAC> |
Optional. Clears WLAN Smart RF configuration on a device identified by
its MAC address. Specify the device's MAC address in the AA-BB-CC-DD-EE-FF
format. |
<DEVICE-NAME> |
Optional. Clears WLAN Smart RF configuration on a device identified by
its hostname. Specify the device's hostname. |
on <DOMAIN-NAME> |
Optional. Clears WLAN Smart RF configuration on all devices in a
specified RF Domain
- <DOMAIN-NAME> –
Specify the RF Domain name.
|
service smart-rf [clear-history|clear-interfering-aps|save-config] {on <DOMAIN-NAME>}
smart-rf |
Enables Smart RF management |
clear-history |
Clears WLAN Smart RF history on all devices |
clear-interfering-aps |
Clears Smart-RF interfering APs |
save-config |
Saves the Smart RF configuration on all devices, and also saves the
history on the RF Domain Manager |
on <DOMAIN-NAME> |
Optional. Clears WLAN Smart RF configuration on all devices in a
specified RF Domain
- <DOMAIN-NAME> –
Specify the RF Domain name.
|
service ssm dump-core-snapshot
service ssm dump-core-snapshot |
Triggers a debug core dump of the SSM module |
service syslog test {level [<0-7>|alerts|critical|debugging|emergencies|errors|informational|notifications|warnings]} {(on <DEVICE-NAME>)}
syslog test |
Sends a test message to the syslog server to confirm server
availability |
|
Optional. Sets the logging level. In case syslog server is unreachable,
an event is logged based on the logging level defined. This is an optional
parameter, and the system configures default settings, if no logging
severity level is specified.
- <0-7> –
Optional. Specify the logging severity level from 0-7. The various
levels and their implications are as follows:
- alerts –
Optional. Immediate action needed (severity=1)
- critical –
Optional. Critical conditions (severity=2)
- debugging –
Optional. Debugging messages (severity=7)
- emergencies –
Optional. System is unusable (severity=0)
- errors –
Optional. Error conditions (severity=3)
- informational –
Optional. Informational messages (severity=6)
- notifications –
Optional. Normal but significant conditions (severity=5)
- warnings –
Optional. Warning conditions (severity=4). This is the default
setting.
|
on <DEVICE-NAME> |
Optional. Executes the command on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service ssm trace pattern <WORD> {on <DOMAIN-NAME>}
ssm trace |
Displays the SSM module trace based on parameters passed |
pattern <WORD> |
Configures the pattern to match
- <WORD> – Specify the pattern to match.
|
on <DEVICE-NAME> |
Optional. Displays the SSM module trace on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service wireless add-neighbor <1-2> mac <MAC-ADDRESS> preference <0-255>
wireless add-neighbor <1-2> |
Includes non-WiNG APs in the neighbor report response sent by AP to the
client stations. Use this command to specify the non-WiNG AP MAC
addresses. |
mac <MAC-ADDRESS> |
Enter the non-WiNG AP's MAC address. |
preference <0-255> |
Set a preference for the AP from 0-255 |
service wireless client beacon-request <MAC> mode [active|passive|table]
channel [<CHANNEL-NUMBER>|any] duration <1-255> ssid [<SSID>|any] channel-report [<CHANNEL-LIST>|none]
bssid [<MAC>|any] randomization-interval <0-1000> {on <DEVICE-NAME>}
wireless client beacon-requests |
Sends beacon measurement requests to a wireless client |
<MAC> |
Specify the wireless client's MAC address. |
mode [active|passive|table] |
Specifies the beacon measurement mode. The following modes are
available:
- Active – Requests
beacon measurements in the active mode
- Passive – Requests
beacon measurements in the passive mode
- Table – Requests
beacon measurements in the table mode
|
ssid [<SSID>|any] |
Specifies if the measurements have to be made for a specified SSID or
for any SSID
- <SSID> –
Requests beacon measurement for a specified SSID
- any – Requests beacon
measurement for any SSID
|
channel-report [<CHANNEL-LIST>| none] |
Configures channel report in the request. The request can include a list
of channels or can apply to all channels.
- <CHANNEL-LIST> –
Request includes a list of channels. The client has to send beacon
measurements only for those channels included in the request.
- none – Request applies
to all channels
|
on <DEVICE-NAME> |
Optional. Sends requests on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service wireless client quiet-element [start|stop]
wireless client quiet-element |
Enables the quite-element information in beacons sent to wireless
clients |
start |
Enables the quite-element information in beacons sent to wireless
clients. This is the start of the time period when wireless clients are to
remain quiet. |
stop |
Disables the quite-element information in beacons sent to wireless
clients. Once disabled, this information is no longer included in
beacons. |
service wireless client trigger-bss-transition mac <MAC> {timeout <0-65535}
{url <URL>} {on <DEVICE-OR-DOMAIN-NAME>}
wireless client trigger-bss-transition |
Sends a 80211v-Wireless Network Management BSS transition request to a
client |
<MAC> |
Specifies the wireless client's MAC address |
timeout <0-65535> |
Specifies the time remaining, for this client. before BSS transition is
initiated. In other words on completion of the specified time period, BSS
transition is triggered.
- <0-65535> –
Specify a time from 0 -65535 seconds.
|
url <URL> |
Specifies session termination URL |
on <DEVICE-OR-DOMAIN-NAME> |
Optional. Sends request on a specified device
- <DEVICE-OR_DOMAIN-NAME> – Specify the name of the AP, wireless
controller, service platform, or RF Domain.
|
service wireless client trigger-wnm mac <MAC> type [deauth-imminent|subscription-remediation]
{uri <WORD>}
wireless client trigger-wnm |
Sends a WNM notification (action frame) to a wireless client |
mac <MAC> |
Specifies the wireless client‘s MAC address |
type [deauth-imminent| subscription-remediation] |
Configures the WNM notification type
- deauth-imminent –
Sends a de-authentication imminent frame
- subscription-remediation – Sends a subscription remediation needed
frame
|
uri <WORD> |
Optional. Specifies the unique resource identifier
(URI) |
service wireless dump-core-snapshot
wireless dump-core-snapshot |
Triggers a debug core dump of the wireless module |
service wireless meshpoint zl <MESHPOINT-NAME> [on <DEVICE-NAME>] {<ARGS>|
timeout <1-65535>}
service wireless meshpoint zl |
Triggers a zonal level debug of a specified meshpoint‘s modules |
<MESHPOINT-NAME> |
Specify the meshpoint name |
on <DEVICE-NAME> |
Triggers zonal level debug of a specified meshpoint‘s modules on a
specified device
- <DEVICE-NAME> –
Specify the name of the device (AP, wireless controller, or service
platform)
|
<ARGS> |
Optional. Specifies the zonal arguments. These zonal arguments represent
the meshpoint modules identified by the zonal and subzonal arguments passed
here. Also specify the debug level from 0 -7. Please see the Examples
section, at the end of this topic, for more information. |
timeout <1-65535> |
Optional. Specifies a timeout value from 1 - 65535 seconds. When
specified, meshpoint logs are debugged for the time specified here. |
service wireless qos delete-tspec <MAC> tid <0-7>
wireless qos delete-tspec |
Sends a delete TSPEC request to a wireless client |
<MAC> |
Specify the MAC address of the wireless client. |
tid <0-7> |
Deletes the Traffic Identifier (TID)
- <0-7> – Select
the TID from 0 - 7.
|
service wireless trace pattern <WORD> {on <DEVICE-NAME>}
wireless trace |
Displays the wireless module trace based on parameters passed |
pattern <WORD> |
Configures the pattern to match
- <WORD> – Specify
the pattern to match.
|
on <DEVICE-NAME> |
Optional. Displays the wireless module trace on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service wireless unsanctioned ap air-terminate <MAC> {on <DOMAIN-NAME>}
wireless unsanctioned ap air-terminate |
Enables unsanctioned access points termination |
<MAC> |
Configures the unsanctioned access points‘ BSSID (MAC address) |
on <DOMAIN-NAME> |
Optional. Specifies the RD Domain of the access point
- <DOMAIN-NAME> –
Specify the name of the RF Domain.
|
service wireless wips clear-client-blacklist [all|mac <MAC>]
wireless wips |
Enables management of WIPS parameters |
clear-client-blacklist [all|mac <MAC>] |
Removes a specified client or all clients from the blacklist
- all – Removes all
clients from the blacklist
- mac <MAC> –
Removes a specified client form the blacklist
- <MAC> –
Specify the wireless client's MAC address.
|
service wireless wips clear-event-history {on <DEVICE-OR-DOMAIN-NAME}
wireless wips |
Enables management of WIPS parameters |
clear-event-history |
Clears event history |
on <DEVICE-OR-DOMAIN- NAME> |
Optional. Clears event history on a device or RF Domain
- <DEVICE-OR-DOMAIN-NAME> – Specify the name of the AP, wireless
controller, service platform, or RF Domain.
|
Syntax (Privilege
Exec Mode)
Service
Commands - Intro
Note
The "service" command of the Priv Exec Mode is the same as the
service command in the User Exec Mode. There a few modifications that have been
documented in this section. For the syntax and parameters of the other commands refer to
the
Syntax (User Exec Mode) and
Parameters (User Exec Mode) sections of this
chapter.
service [block-adopter-config-updates|clear|cli-tables-skin|cluster|copy|
database|delete|delete-offline-aps|force-send-config|force-update-vm-stats|
guest-registration|load-balancing|locator|mint|pktcap|pm|radio|radius|
request-full-config-from-adopter|restore|set|show|signal|smart-rf|snmp|ssm|
start-shell|syslog|trace|wireless]
service clear crash-info {on <DEVICE-NAME>}
service copy [stats-report|tech-support]
service copy stats-report [global|rf-domain <DOMAIN-NAME>] (<FILE>|<URL>)
service copy tech-support [<FILE>|<URL>]
service database [authentication|compact|drop|maintenance-mode|primary-stepdown|
remove-all-files|replica-set|server|start-shell]
service database authentication [create-user|delete-user]
service database authentication create-user username <USER-NAME> password <PASSWORD>
service database authentication delete-user username <USER-NAME>
service database compact [all|captive-portal|nsight]
service database [maintenance-mode|primary-stepdown|remove-all-files|start-shell]
service database replica-set [add|delete|force-configured-state]
service database replica-set add member [<IP>|<FQDN>] [arbiter|priority <0-255>]
service database replica-set delete member [<IP>|<FQDN>]
service database replica-set force-configured-state
service database server [restart|start|stop]
service delete sessions <SESSION-COOKIES>
service mint [clear|debug-log|expire|flood]
service mint [clear [lsp-db|mlcp]|debug-log [flash-and-syslog|flash-only]|
expire [lsp|spf]|flood [csnp|lsp]]
service pktcap on [bridge|deny|drop|ext-vlan|interface|radio|rim|router|vpn|wireless]
service pktcap on [bridge|deny|drop|ext-vlan|rim|router|vpn|wireless]
{(acl-name <ACL>,count <1-1000000>,direction [any|inbound|outbound],filter <LINE>,
hex,rate <1-100>,snap <1-2048>,tcpdump,verbose,write [file|url|tzsp [<IP/TZSP-HOSTNAME>])}
service pktcap on interface [<INTERFACE-NAME>|ge <1-4>|me1|port-channel <1-2>|pppoe1|
vlan <1-4094>|wwan1] {(acl-name <ACL>,count <1-1000000>,direction [any|inbound|outbound],
filter <LINE>,hex,rate <1-100>,snap <1-2048>,tcpdump,verbose,
write [file|url|tzsp [<IP/TZSP-HOSTNAME>])}
service pktcap on radio [<1-1024>|all] {(acl-name <ACL>,count <1-1000000>,
direction [any|inbound|outbound],filter <LINE>,hex,promiscuous,rate <1-100>,
snap <1-2048>,tcpdump,verbose,write [file|url|tzsp [<IP/TZSP-HOSTNAME>])}
service pm stop {on <DEVICE-NAME>}
service restore analytics-support [<FILE>|<URL>]
service send discovery {mac <MAC>} {interface <INTERFACE>
service show discovered-devices {on <DEVICE-NAME>}
service reset discovered-device <MAC> serial-number <NUMBER> {interface <INTERFACE>}
service show discovered-devices {reset-log {mac <MAC>}} {on <DEVICE-NAME>}
service show last-passwd
service signal [abort <PROCESS-NAME>|kill <PROCESS-NAME>]
service start-shell
service trace <PROCESS-NAME> {summary}
Parameters
(Privilege Exec Mode)
Service
Commands - Intro
service copy tech-support <FILE> <URL>
copy tech-support |
Copies extensive system information used for troubleshooting |
<FILE> |
Specify the location of the file to be copied, using the following
format: |
<URL> |
Specify the location URL of the file to be copied. Both IPv4 andIPv6
address formats are supported.
- tftp://<hostname|IPv4/IPv6>[:port]/path/file
- ftp://<user>:<passwd>@<hostname|IPv4/IPv6>[:port]/path/file
- sftp://<user>:<passwd>@<hostname|IPv4/IPv6>[:port]>/path/file
|
service copy stats-report [global|rf-domain <DOMAIN-NAME>] (<FILE>|<URL>)
copy stats-report |
Copies extensive statistical data useful for troubleshooting |
[global|rf-domain <DOMAIN-NAME>] |
Identifies the RF Domain to copy statistical data
- global – Copies
extensive statistical data of all configured RF Domains
- rf-domain
<DOMAIN-NAME> – Copies extensive statistical data of a specified
RF Domain. Specify the domain name.
|
<FILE> |
Specify the location to copy file using the following format: |
<URL> |
Specify the location URL of the file to be copied. Both IPv4 andIPv6
address formats are supported.
- tftp://<hostname|IPv4/IPv6>[:port]/path/file
- ftp://<user>:<passwd>@<hostname|IPv4/IPv6>[:port]/path/file
- sftp://<user>:<passwd>@<hostname|IPv4/IPv6>[:port]>/path/file
|
service clear crash-info {on <DEVICE-NAME>}
clear crash-info |
Clears all crash files |
on <DEVICE-NAME> |
Optional. Clears crash files on a specified device. These crash files
are core, panic, and AP dump
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service database authentication create-user username <USER-NAME> password <PASSWORD>
database |
Performs database related actions Note: This command is supported
only on the NX9500, NX9600, and VX9000 platforms.
|
authentication create-user username <USER-NAME> password
<PASSWORD> |
Creates users having access rights to the database.
Execute this command on the database host. However,
before creating users, on the database, generate the
database keyfile. For more information on generating the
keyfile, see database (user exec mode).
- username <USER-NAME> – Configures database
username
- password <PASSWORD> – Configures a
password for the username specified
above
In the database-policy ensure that
authentication is enabled and username and password
is configured. The database-client-policy also should
have the same username and password configured. For
more information on database-policy and
database-client-policy, see database-policy global config and database-client-policy global-config.
|
service database authentication delete-user username <USER-NAME>
database |
Performs database related actions Note: This command is supported
only on the NX9500, NX9600, and VX9000 platforms.
|
database authentication delete-user username
<USER-NAME> |
Deletes the username requires to access rights
the captive-portal/NSight database
- username <USER-NAME> – Deletes the username
identified by the <USER-NAME> keyword
Once deleted, the database cannot be accessed
using the specified combination of username and password.
|
service database compact [all|captive-portal|nsight]
database |
Performs database related actions Note: This command is supported
only on the NX9500, NX9600, and VX9000 platforms.
|
compact [all| captive-portal|nsight] |
Compacts collections within the database. Each database (captive-portal
and NSight) contains one or more collection, where each collection is a set
of records. Use this command to make a single compact set of all collections
within a database.
- all – Compacts collections within all databases (captive-portal and
NSight) being maintained
- captive-portal – Compacts all collections within the captive portal
database only
- nsight – Compacts all collections within the NSight database
only
|
service database [maintenance-mode|primary-stepdown|remove-all-files|start-shell]
database |
Performs database related actions Note: This command is supported
only on the NX9500, NX9600, and VX9000 platforms.
|
maintenance-mode |
Places the database server in the maintenance mode |
primary-stepdown |
Requests the primary replica-set to step down. For more information on
replica-sets and its creation, see database-policy
(global config mode). |
remove-all-files |
Removes all database-server related files (captive-portal and NSight).
Use in a scenario where complete removal of all database related files is
necessary, such as when downgrading to 5.8.1 or 5.8.0 version. Extreme
caution is recommended when using this command. |
start-shell |
Starts the database shell |
service database replica-set add member [<IP>|<FQDN>] [arbiter|priority <0-255>]
database |
Performs database related actions Note: This command is supported
only on the NX9500, NX9600, and VX9000 platforms.
|
replica-set |
Adds members to the database replica set. A replica set is a group of
devices running the database instances that maintain the same data set.
Replica sets provide redundancy and high availability, and are the basis for
all production deployments. The replica set can contain a maximum of fifty
(50) members, with each member (with the exception of the arbiter) hosting
an instance of the database. For more information on creating replica sets,
see database-policy (global config mode) . |
add member [<IP>|<FQDN>] |
Adds members to the database replica set
- <IP> –
Identifies the member by its IP address. Specify the member‘s IP
address.
- <FQDN> –
Identifies the member by its FQDN. Specify the member‘s FQDN
address.
Note: Ensure that the
identified members have the database instance running prior to being
added to the replica set.
|
[arbiter| priority <0-255>] |
After identifying the new member, optionally specify if the member is
the arbiter or not. If not the arbiter, specify the member‘s priority
value.
- arbiter – Identifies
the new member as the arbiter. The arbiter does not maintain a data
set and is added to the replica set to facilitate the election of the
fall-back primary member. It provides that one extra vote required in
the election of the primary member.
- priority <0-255>
– Identifies the new member as not being the arbiter and configures
its priority value.
- <0-255> –
Specify the priority value from 0 - 255. Not applicable for the
arbiter.
The priority value determines the member‘s position within the
replica set as primary or secondary. It also helps in electing the
fall-back primary member in the eventuality of the current primary member
being unreachable.
All identified members should have the database
instances running prior to being added to the replica set.
|
service database replica-set delete member [<IP>|<FQDN>]
database |
Performs database related actions Note: This command is supported
only on the NX9500, NX9600, and VX9000 platforms.
|
replica-set |
Allows deletion of members in a database replica set. For each database
a single three-member replica-set can be created and maintained. For more
information on creating replica sets, see database-policy
(global config mode) . |
delete member [<IP>|<FQDN>] |
Deletes members from an existing database replica set
- <IP> –
Identifies the member by its IP address. Specify the member‘s IP
address.
- <FQDN> –
Identifies the member by its FQDN. Specify the member‘s FQDN
address.
|
service database replica-set force-configured-start
database |
Performs database related actions Note: This command is supported
only on the NX9500, NX9600, and VX9000 platforms.
|
replica-set |
Allows deletion of members in a database replica set. For each database
a single three-member replica-set can be created and maintained. For more
information on creating replica sets, see database-policy
(global config mode) . |
force-configured-start |
Forces the replica-set to move to the configured state |
service database server [restart|start|stop]
database |
Performs database related actions Note: This command is supported
only on the NX9500, NX9600, and VX9000 platforms.
|
server [restart|start|stop] |
Performs the following actions on the database server:
- restart – Restarts the server
- start – Starts the server
- stop – Stops the server
|
service delete sessions <SESSION-COOKIES>
delete sessions <SESSION-COOKIES> |
Deletes session cookies
- <SESSION-COOKIES> – Provide a list of cookies to delete.
|
service mint [clear [lsp-db|mlcp]|debug-log [flash-and-syslog|flash-only]|
expire [lsp|spf]|flood [csnp|lsp]]
mint |
Enables MiNT protocol management (clears LSP database, enables debug
logging, enables running silence etc.) |
clear [lsp-db|mlcp] |
Clears LSP database and MiNT Link Control Protocol
(MLCP) links
- lsp-db – Clears MiNT
Label Switched
Path (LSP) database
- mlcp – Clears MLCP
links
|
debug-log [flash-and-syslog| flash-only] |
Enables debug message logging
- flash-and-syslog –
Logs debug messages to the flash and syslog files
- flash-only – Logs
debug messages to the flash file only
|
expire [lsp|spf] |
Forces expiration of LSP and recalculation of Shortest Path First
(SPF)
- lsp – Forces
expiration of LSP
- spf – Forces
recalculation of SPF
|
flood [csnp|lsp] |
Floods control packets
- csnp – Floods our
Complete
Sequence Number Packets (CSNP)
- lsp – Floods our
LSP
|
service pm stop {on <DEVICE-NAME>}
pm |
Stops the PM |
stops |
Stops the PM from monitoring all daemons |
on <DEVICE-NAME> |
Optional. Stops the PM on a specified device
- <DEVICE-NAME> –
Specify the name of the AP, wireless controller, or service
platform.
|
service pktcap on [bridge|deny|drop|ext-vlan|rim|router|vpn|wireless]
{(acl-name <ACL>,count <1-1000000>,direction [any|inbound|outbound],filter,hex,rate <1-100>,
snap <1-2048>,tcpdump,verbose,write [file|url|tzsp <IP/TZSP-HOSTNAME>])}
pktcap on |
Captures data packets crossing at a specified location
- on – Defines the
packet capture location
|
bridge |
Captures packets transiting through the Ethernet bridge |
deny |
Captures packets denied by an ACL |
drop |
Captures packets at the drop locations |
ext-vlan |
Captures packets forwarded to or from an extended VLAN |
rim |
Captures packets at the Radio Interface Module
(RIM) |
router |
Captures packets transiting through an IP router |
vpn |
Captures packets forwarded to or from a VPN link |
wireless |
Captures packets forwarded to or from a wireless device |
acl-name <ACL> |
Optional. Specify the ACL that matches the ACL name for the 'deny'
location |
count <1-1000000> |
Optional. Limits the captured packet count. Specify a value from 1
-1000000. |
direction [any|inbound|outbound] |
Optional. Changes the packet direction with respect to a device. The
direction can be set as any, inbound, or outbound. |
filter [<LINE>|arp|capwap| cdp|dot11|dropreason|
dst|ether|host|icmp| igmp|ip|ipv6|l2|l3|l4| lldp|mint|net|not|port|
priority|radio|src|tcp|udp| vlan|wlan] |
Optional. Filters packets based on the option selected (must be used as
a last option). The filter options are:
- <LINE> – Defines
user defined packet capture filter
- arp – Matches ARP
packets
- capwap – Matches
CAPWAP packets
- cdp – Matches CDP
packets
- dot11 – Matches 802.11
packets
- dropreason – Matches
packet drop reason
- dst – Matches IP
destination
- ether – Matches
Ethernet packets
- failed – Matches
failed 802.11 transmitted frames
- host – Matches host
destination
- icmp – Matches ICMP
packets
- icmp6 – Matches ICMPv6
frames
- ip – Matches IPV4
packets
- ipv6 – Matches IPV6
packets
- l2 – Matches L2
header
- l3 – Matches L3
header
- l4 – Matches L4
header
- mint – Matches MiNT
packets
- lldp – Matches LLDP
packets
- net – Matches IP in
subnet
- not – Filters out any
packet that matches the filter criteria (For example, if not TCP is
used, all tcp packets are filtered out)
- port – Matches TCP or
UDP port
- priority – Matches
packet priority
- radio – Matches
radio
- rssi – Matches
Received Signal Strength Indication (RSSI) of received radio
signals
- src – Matches IP
source
- stp – Matches STP
packets
- tcp – Matches TCP
packets
- tcp6 – Matches TCP
over IPv6 packets
- udp – Matches UDP
packets
- udp6 – Matches UDP
over IPv6 packets
- vlan – Matches
VLAN
- wlan – Matches
WLAN
|
hex |
Optional. Provides binary output of the captured packets |
rate <1-100> |
Optional. Specifies the packet capture rate
- <1-100> –
Specify a value from 1 - 100 seconds.
|
snap <1-2048> |
Optional. Captures the data length
- <1-2048> –
Specify a value from 1 - 2048 characters.
|
tcpdump |
Optional. Decodes tcpdump. The tcpdump analyzes network behavior,
performance, and infrastructure. It also analyzes applications that generate
or receive traffic. |
verbose |
Optional. Displays full packet body |
write |
Captures packets to a specified file. Provide the file name and location
in the following format:FILE – flash:/path/file
- flash:/path/file
-
usbX:/path/file
URL – Specify the location URL to capture file. Both IPv4 and
IPv6 address formats are supported.
-
nvram:startup-config
- tftp://<hostname|IP>[:port]/path/file
-
ftp://<user>:<passwd>@<hostname|IP>[:port]/path/file
-
sftp://<user>@<hostname|IP>[:port]>/path/file
- tzsp – Tazman Sniffer
Protocol (TZSP) host. Specify the TZSP host‘s IP address
or hostname.
|
service pktcap on radio [<1-1024>|all] {(acl-name <ACL>,count <1-1000000>,
direction [any|inbound|outbound],filter <LINE>,hex,promiscuous,rate <1-100>,
snap <1-2048>,tcpdump,verbose,write [file|url|tzsp <IP/TZSP-HOSTNAME>])}
pktcap on radio |
Captures data packets on a radio (802.11) |
<1-1024> |
Captures data packets on a specified radio
- <1-1024> –
specify the radio index from 1 - 1024.
|
all |
Captures data packets on all radios |
acl-name <ACL> |
Optional. Specify the ACL that matches the ACL
name for the 'deny' location |
count <1-1000000> |
Optional. Sets a specified number of packets to capture
- <1-1000000> –
Specify a value from 1 - 1000000.
|
direction [any|inbound|outbound] |
Optional. Changes the packet direction with respect to a device. The
direction can be set as any, inbound, or
outbound. |
filter <LINE> |
Optional. Filters packets based on the option selected (must be used as
a last option)
- <LINE> – Define
a packet capture filter or select any one of the available
options.
|
hex |
Optional. Provides binary output of the captured packets |
rate <1-100> |
Optional. Specifies the packet capture rate
- <1-100> –
Specify a value from 1 - 100 seconds.
|
snap <1-2048> |
Optional. Captures the data length
- <1-2048> –
Specify a value from 1 - 2048 characters.
|
tcpdump |
Optional. Decodes the TCP dump |
verbose |
Optional. Displays full packet body |
write |
Captures packets to a specified file. Provide the file name and location
in the following format:
- flash:/path/file
-
usbX:/path/file
URL – Specify the location URL to capture file. Both IPv4 and IPv6
address formats are supported.
-
nvram:startup-config
- tftp://<hostname|IP>[:port]/path/file
-
ftp://<user>:<passwd>@<hostname|IP>[:port]/path/file
-
sftp://<user>@<hostname|IP>[:port]>/path/file
- tzsp – TZSP host.
Specify the TZSP host‘s IP address or hostname.
|
service pktcap on interface [<INTERFACE>|ge <1-4>|me|port-channel <1-2>|vlan
<1-4094>] {(acl-name <ACL>,count <1-1000000>,direction [any|inbound|outbound],
filter <LINE>,hex,rate <1-100>,snap <1-2048>,tcpdump,verbose,
write [file|url|tzsp <IP/TZSP-HOSTNAME>])}
pktcap on |
Captures data packets at a specified interface
- on – Specify the
capture location.
|
interface [<INTERFACE>| ge <1-4>|me1| port-channel
<1-2>| vlan <1-4094>] |
Captures packets at a specified interface. The options are:
- <INTERFACE> –
Specify the interface name.
- ge <1-4> –
Selects a GigabitEthernet interface index from 1 - 4
- me1 – Selects the
FastEthernet interface
- port-channel
<1-2> – Selects a port-channel interface index from 1- 2
- vlan <1-4094> –
Selects a VLAN ID from 1 - 4094
|
acl-name <ACL> |
Optional. Specify the ACL that matches the ACL name for the 'deny'
location |
count <1-1000000> |
Optional. Sets a specified number of packets to capture
- <1-1000000> –
Specify a value from 1 - 1000000.
|
direction [any|inbound|outbound] |
Optional. Changes the packet direction with respect to a device. The
direction can be set as any, inbound, or outbound. |
filter <LINE> |
Optional. Filters packets based on the option selected (must be used as
a last option)
- <LINE> – Define
a packet capture filter or select any one of the available
options.
|
hex |
Optional. Provides binary output of the captured packets |
rate <1-100> |
Optional. Specifies the packet capture rate
- <1-100> –
Specify a value from 1 - 100 seconds.
|
snap <1-2048> |
Optional. Captures the data length
- <1-2048> –
Specify a value from 1 - 2048 characters.
|
tcpdump |
Optional. Decodes the TCP dump |
verbose |
Optional. Displays full packet body |
write |
Captures packets to a specified file. Provide the file name and location
in the following format:
- flash:/path/file
-
usbX:/path/file
URL – Specify the location URL to capture file. Both IPv4 and IPv6
address formats are supported.
-
nvram:startup-config
- tftp://<hostname|IP>[:port]/path/file
-
ftp://<user>:<passwd>@<hostname|IP>[:port]/path/file
-
sftp://<user>@<hostname|IP>[:port]>/path/file
- tzsp – TZSP host.
Specify the TZSP host‘s IP address or hostname.
|
service send discovery {mac <MAC>} {interface <INTERFACE>}
send discovery |
Broadcasts WNMP Ethernet discovery request frames to discover Layer 2
devices that have lost MiNT connectivity and are without an IP address. Note: The command can be issued
only by a network-admin, system-admin, or device-provisioning-admin.
WiNG controllers and service platforms can broadcast WNMP
discovery request frames. Layer 2 WiNG devices respond to the WNMP
broadcast. Note: Only
devices with radios will respond to the broadcast. Controllers will
not respond to WNMP discovery frames.
The responses are
processed and the discovered devices are saved to a log. By default,
these device entries are retained in the log for 10 minutes and can be
viewed by issuing the following command: #service show discovered-devices
Note: For command
description, see the following table.
Post discovery, you can
reset a discovered device to default by issuing the following
command: #service reset discovered-device
Note: For command
description, see table.
|
mac <MAC> |
Optional. Specify the MAC address for a specific device. This is an
optional parameter. Use it to discover a specific device. Note: When specified, only the
device with the specified MAC address is discovered.
|
interface <INTERFACE> |
Optional. Specify the interface on which the WNMP discovery request
frames are to be broadcasted. The options available are:
- <WORD> - Specify
the Layer 2 interface name.
- ge <INF-NUMBER>
- Select GE interface index.
- port-channel
<INF-NUMBER> - Select the port-channel interface number.
Note: If not specified, the
frames are broadcasted across all interfaces.
|
service show discovered-device {on <DEVICE-NAME}
show discovered-devices |
Displays Layer 2 devices that have responded to the WNMP
discovery request frames broadcasted by a controller or service platform.
Note: This command can be
issued by any of the management users.
Note: For information on how to
initiate WNMP device discovery, see the preceding table.
|
on <DEVICE-NAME> |
Optional. Displays Layer 2 discovered devices on a specified
device. This parameter is optional. If not specified, the command is
executed on the self of the logged device.
- <DEVICE-NAME> -
Specify the controller, service platform or access point name.
|
service reset discovered-device <MAC> serial-number <NUMBER> {interface <INTERFACE>}
reset discovered-device |
Broadcasts a reset configuration request for a specified MAC address and
serial number. Note: This
command can be issued only by a network-admin, system-admin, or
device-provisioning-admin.
WiNG devices can discover and log
Layer 2 devices that have lost MiNT connectivity and have no IP address.
Post discovery, you can use this command to reset a specified device to
default configuration. Note: Virtual controllers
will respond to WNMP discovery requests, but will not reset their
configuration on receiving a WNMP reset message.
Only one
device can be reset after each discovery process. Issue the command with
the MAC and serial number of the discovered device that is to be reset to
default configuration. However, the device will reset only if:
- It's uptime is less
than 10 minutes.
- It's serial number
is an exact match.
- It is not
adopted.
Note: To reset another device, run the discovery process
again.
For information on how to initiate WNMP device
discovery, see table.
For information on how to view
discovered devices, see table.
For information on how to view
discovered devices that have been reset to default, see following table.
|
<MAC> |
Specify the MAC address of the discovered device that is to be reset to
default configuration. |
serial-number <NUMBER> |
Specify the serial number of the discovered device that is to be reset
to default configuration. |
interface <INTERFACE> |
Optional. Specify the interface on which the reset request frames are to
be broadcasted. Note: If not
specified, the reset request frame is broadcasted across all
interfaces.
|
service show discovered-device {reset-log {mac <MAC>}} {(on <DEVICE-NAME>)}
show discovered-devices |
Displays Layer 2 devices that have responded to the WNMP
Ethernet discovery request frames broadcasted by a controller or service
platform. Note: This command
can be issued by any of the management users.
Note: For information on how to
initiate WNMP device discovery, see table.
|
reset-log {mac <MAC>} |
Optional. Displays Layer 2 discovered devices that have
responded to reset request frames. This parameter is optional. If not
specified, all devices responding to the WNMP discovery request frames are
displayed. Note: For
information on how to initiate a reset-request for a specific device, see
preceding table.
|
on <DEVICE-NAME> |
Optional. Displays Layer 2 discovered devices on a specified
device. This parameter is optional. If not specified, the command is
executed on the self of the logged device.
- <DEVICE-NAME> -
Specify the controller, service platform or access point name.
|
service show last-passwd
show |
Displays running system statistics based on the parameters
passed |
last-passwd |
Displays the last password used to enter shell |
service signal [abort <PROCESS-NAME>|kill <PROCESS-NAME>]
signal |
Sends a signal to a process
- tech-support – Copies
extensive system information useful for troubleshooting
|
abort |
Sends an abort signal to a process, and forces it to dump to core
- <PROCESS-NAME> –
Specify the process name.
|
kill |
Sends a kill signal to a process, and forces it to terminate without a
core
- <PROCESS-NAME> –
Specify the process name.
|
service start-shell
start-shell |
Provides shell access |
service trace <PROCESS-NAME> {summary}
trace |
Traces a process for system calls and signals |
<PROCESS-NAME> |
Specifies the process name |
summary |
Optional. Generates summary report of the specified process |
Syntax (Privilege Exec Mode:
NX9500/NX9600/VX9000)
Service Commands - Intro
service copy analytics-support [<FILE>|<URL>]
Parameters(Privilege Exec Mode:
NX9500/NX9600/VX9000)
Service
Commands - Intro
service copy analytics-support [<FILE>|<URL>]
copy analytics-support |
Enables copying of analytics information to a specified. Use one of the
following options to specify the file: Note: This information is useful
to troubleshoot issues by the Technical Support team.
|
<FILE> |
Specify the file name and location using one of the following
formats:
- usb1:/path/file
- usb2:/path/file
|
<URL> |
Specify the location URL to copy file. Both IPv4 and IPv6 formats are
supported.
- tftp://<hostname|IPv4/IPv6>[:port]/path/file
- ftp://<user>:<passwd>@<hostname|IPv4/IPv6>[:port]/path/file
- sftp://<user>:<passwd>@<hostname|IPv4/IPv6>[:port]>/path/file
|
Syntax (Global
Config Mode)
Service
Commands - Intro
service [set|show cli]
service set [command-history <10-300>|upgrade-history <10-100>|reboot-history <10-100>|
virtual-machine-history <10-200>] {on <DEVICE-NAME>}
service show cli
Parameters
(Global Config Mode)
Service
Commands - Intro
service set [command-history <10-300>|upgrade-history <10-100>|reboot-history <10-100>|
virtual-machine-history <10-200>] {on <DEVICE-NAME>}
set |
Sets the size of history files |
command-history <10-300> |
Sets the size of the command history file
- <10-300> –
Specify a value from 10 - 300. The default is 200.
|
upgrade-history <10-100> |
Sets the size of the upgrade history file
- <10-100> –
Specify a value from 10 - 100. The default is 50.
|
reboot-history <10-100> |
Sets the size of the reboot history file
- <10-100> –
Specify a value from 10 - 100. The default is 50.
|
virtual-machine-history <10-200> |
Sets the size of the virtual-machine history file
- <10-200> –
Specify a value from 10 - 200. The default is 100.
This command is applicable only to the NX9500 and NX9600 series
service platforms. Use the no > service >
set > virtual-machine-history > {on <DEVICE-NAME>}
command to revert the history file size to 100.
|
on <DEVICE-NAME>
|
Optional. Sets the size of history files on a specified device
|
service show cli
show cli |
Displays running system configuration details
- cli – Displays the CLI
tree of the current mode
|
Examples
Service
Commands - Intro
nx9500-6C8809>service show cli
Command mode: +-do
+-help [help]
+-search
+-WORD [help search WORD (|detailed|only-show|skip-show|skip-no)]
+-detailed [help search WORD (|detailed|only-show|skip-show|skip-no)]
+-only-show [help search WORD (|detailed|only-show|skip-show|skip-no)]
+-skip-show [help search WORD (|detailed|only-show|skip-show|skip-no)]
+-skip-no [help search WORD (|detailed|only-show|skip-show|skip-no)]
+-show
+-commands [show commands]
+-global
+-device-list [show global device-list (|(filter {|(online)|(offline)|(rf-domain (|not) RF-DOMAIN)}))]
+-filter [show global device-list (|(filter {|(online)|(offline)|(rf-domain (|not) RF-DOMAIN)}))]
+-online [show global device-list (|(filter {|(online)|(offline)|(rf-domain (|not) RF-DOMAIN)}))]
+-offline [show global device-list (|(filter {|(online)|(offline)|(rf-domain (|not) RF-DOMAIN)}))]
+-rf-domain
+-not
+-RF-DOMAIN [show global device-list (|(filter {|(online)|(offline)|(rf-domain (|not) RF-DOMAIN)}))]
--More--
nx9500-6C8809>
nx9500-6C8809#service signal abort testprocess
Sending an abort signal to testprocess
nx9500-6C8809#
ap505-13403B*#service show crash-info
-------------------------------------------------------------------------------------
CRASH FILE SIZE LAST MODIFIED
-------------------------------------------------------------------------------------
panic_201902201741_AP505_7.1.0.0-075D.tar.gz 18727 Wed Feb 20 17:41:07 2019
-------------------------------------------------------------------------------------
ap505-13403B*#
nx9500-6C8809#service show command-history on ap8132-74B45C
Configured size of command history is 200
Date & Time User Location Command
=====================================================================
Nov 08 10:19:11 2017 admin 127.0.0.1 16 self
Nov 08 09:19:29 2017 admin 127.0.0.1 13 revert
Nov 08 09:18:52 2017 admin 127.0.0.1 13 interface radio 1
Nov 08 09:18:44 2017 admin 127.0.0.1 13 self
Nov 08 11:34:25 2017 admin 127.0.0.1 9 revert
Nov 08 11:34:06 2017 admin 127.0.0.1 9 self
Oct 06 07:15:18 2017 admin Console 6 self
Oct 06 07:15:01 2017 admin Console 6 self
Oct 06 07:14:17 2017 admin Console 6 wr mem
Oct 06 07:14:12 2017 admin Console 6 change-passwd
Oct 06 12:39:07 2017 admin Console 6 reload force
Oct 06 12:38:49 2017 admin Console 6 self
Oct 06 12:20:39 2017 admin Console 6 write memory
Oct 06 12:20:33 2017 admin Console 6 commit
--More--
nx9500-6C8809#
nx9500-6C8809#service show diag stats
fan 1 (System Fan 1) current speed: 2765 min_speed: 693 hysteresis: 250
fan 2 (System Fan 2) current speed: 3010 min_speed: 665 hysteresis: 250
fan 3 (System Fan 3) current speed: 2695 min_speed: 665 hysteresis: 250
fan 4 (System Fan 4) current speed: 3045 min_speed: 665 hysteresis: 250
fan 5 (System Fan 5) current speed: 6188 min_speed: 665 hysteresis: 250
fan 6 (System Fan 6) current speed: 5564 min_speed: 665 hysteresis: 250
Sensor 1 (Baseboard) Temperature 30.0 C
Sensor 2 (Front Panel) Temperature 20.0 C
Sensor 3 (PS1) Temperature 25.0 C
Sensor 4 (PS2) Temperature 27.0 C
Sensor 5 (HSBP) Temperature 21.0 C
nx9500-6C8809#
nx9500-6C8809#service show upgrade-history
Configured size of upgrade history is 50
Date & Time Old Version New Version Status
=====================================================================
Feb 02 08:34:30 2018 5.9.2.0-007D 5.9.2.0-008D Successful
Jan 29 09:40:12 2018 5.9.2.0-005D 5.9.2.0-007D Successful
Jan 03 10:32:08 2018 5.9.1.0-029R 5.9.2.0-005D Successful
Sep 22 10:31:03 2017 5.9.1.0-026B 5.9.1.0-029R Successful
Sep 15 12:07:21 2017 5.9.1.0-025B 5.9.1.0-026B Successful
Sep 12 15:24:16 2017 5.9.1.0-025D 5.9.1.0-025B Successful
Sep 11 12:09:07 2017 5.9.1.0-024D 5.9.1.0-025D Successful
Sep 04 13:59:54 2017 5.9.1.0-023D 5.9.1.0-024D Successful
Sep 01 10:06:22 2017 5.9.1.0-022D 5.9.1.0-023D Successful
--More--
nx9500-6C8809#
nx9500-6C8809#service show wireless reference reason-codes
CODE DESCRIPTION
0 Success
1 Unspecified Reason
2 Previous authentication no longer valid
3 Deauth because sending STA is leaving IBSS or ESS
4 Disassoc due to inactivity
5 Disassoc because AP is unable to handle all currently assoc STA
6 Class 2 frame received from non-authenticated STA
7 Class 3 frame received from nonassociated STA
8 Disassoc because STA is leaving BSS
9 STA requesting association is not authentication with corresponding STA
10 Disassoc because info in the power capability elem is unacceptable
11 Disassoc because info in the supp channels elem is unacceptable
12 Reserved
--More--
nx9500-6C8809#
nx9500-6C8809#service show wireless reference reason-codes
CODE DESCRIPTION
0 Success
1 Unspecified Reason
2 Previous authentication no longer valid
3 Deauth because sending STA is leaving IBSS or ESS
4 Disassoc due to inactivity
5 Disassoc because AP is unable to handle all currently assoc STA
6 Class 2 frame received from non-authenticated STA
7 Class 3 frame received from nonassociated STA
8 Disassoc because STA is leaving BSS
9 STA requesting association is not authentication with corresponding STA
10 Disassoc because info in the power capability elem is unacceptable
11 Disassoc because info in the supp channels elem is unacceptable
--More--
nx9500-6C8809#
nx9500-6C8809>service show wireless config-internal
! Startup-Config-Playback Completed: Yes
no debug wireless
country-code in
nx9500-6C8809>
nx9500-6C8809#service show wireless log-internal
08:51:49.417: wlan:Starting credcache checkup/sync (credcache.c:1539)
08:31:47.416: wlan:Starting credcache checkup/sync (credcache.c:1539)
08:11:42.415: wlan:Starting credcache checkup/sync (credcache.c:1539)
07:51:42.412: wlan:Starting credcache checkup/sync (credcache.c:1539)
07:31:42.412: wlan:Starting credcache checkup/sync (credcache.c:1539)
07:11:37.409: wlan:Starting credcache checkup/sync (credcache.c:1539)
06:51:36.408: wlan:Starting credcache checkup/sync (credcache.c:1539)
06:31:27.408: wlan:Starting credcache checkup/sync (credcache.c:1539)
06:11:24.408: wlan:Starting credcache checkup/sync (credcache.c:1539)
05:51:21.407: wlan:Starting credcache checkup/sync (credcache.c:1539)
05:31:18.406: wlan:Starting credcache checkup/sync (credcache.c:1539)
05:11:11.405: wlan:Starting credcache checkup/sync (credcache.c:1539)
--More--
nx9500-6C8809#
nx9500-6C8809#service show xpath-history
-----------------------------------------------------------------------------------------------------------------------------
DATE&TIME USER XPATH DURATION(MS)
-----------------------------------------------------------------------------------------------------------------------------
Mon Feb 5 14:20:38 2018 system wing-stats/device/B4-C7-99-6C-88-09/upgrade-history 10
Mon Feb 5 14:16:37 2018 system wing-stats/device/B4-C7-99-6C-88-09/service-info 28
Mon Feb 5 14:15:11 2018 system wing-stats/device/B4-C7-99-6C-88-09/diag/temp 449
Mon Feb 5 14:15:09 2018 system wing-stats/device/B4-C7-99-6C-88-09/diag/fan 1748
Mon Feb 5 14:12:49 2018 system wing-stats/device/B4-C7-99-74-B4-5C/command-history 49
Fri Feb 2 16:10:58 2018 system wing-stats/device/B4-C7-99-6C-88-09/content-filter/web_filter_policy 0
--More--
nx9500-6C8809#
The following example shows the service > show > virtual-machine-history
output on a NX 9500 service platform:
nx9500-6C874D>service show virtual-machine-history
Configured size of virtual machine history is 100
Date & Time Virtual Machine Event
=====================================================
Jan 16 05:39:46 2017 Domain-0 autostart
Jan 10 03:47:09 2017 Domain-0 autostart
Jan 02 05:53:48 2017 Domain-0 autostart
Dec 27 10:52:59 2016 Domain-0 autostart
Oct 14 05:56:14 2016 Domain-0 autostart
Oct 14 03:01:48 2016 Domain-0 autostart
Oct 12 04:11:52 2016 Domain-0 autostart
Sep 30 04:41:08 2016 Domain-0 autostart
--More--
nx9500-6C874D>
Examples for the service > wireless > meshpoint command.
The following example displays meshpoint
modules:
ROOT1-ap81xx-71174C#service wireless meshpoint zl mesh_root on ROOT1-ap81xx-71174C
| SUBZONE
| 0 1 2 3 4 5 6 7
-------+-----------------------------------------
ZONE |
| GEN TX RX BEA TXF
2-LLC | 0 0 0 0 0
| GEN TX RX NBR LQM LSA
3-ND | 0 0 0 0 0 0
| GEN
4-ORL | 0
| GEN TX RX HEL PRO
5-LQ | 0 0 0 0 0
| GEN
6-PS | 0
| GEN ROOT NBR REC
7-RS | 0 0 0 0
| GEN
8-IA | 0
| GEN SET GET
11-MGT | 0 0 0
| GEN RX TX R0 LMST LSUP LKEY KEY
13-LSA | 0 0 0 0 0 0 0 0
| GEN SCAN TRIG
14-ACS | 0 0 0
| GEN
15-EAP | 0
| GEN
16-L2P | 0
ROOT1-ap81xx-71174C#
In the preceding example,
- The meshpoint name is mesh_root
- The device on which the command is executed is ROOT1-ap81xx-71174C
- The vertical ZONE column represents meshpoint modules. For example, 3-ND presents
the Neighbor Discovery module.
- The SUBZONE 0 to 7 represents the available processes for each of the zonal
modules.
- Debugging is disabled for all modules for the mesh-root meshpoint. A value of 0
(Zero) represents debugging disabled.
To enable meshpoint module debugging, specify the module number and the process number
separated by a period (.). And then specify the debugging level from 0 -
7.
ROOT1-ap81xx-71174C#service wireless meshpoint zl mesh_root on ROOT1-ap81xx-71174C 3.2 7
In the preceding command,
- The meshpoint module number provided is 3 (ND)
- The process number provided is 2 (RX - Received signals from neighbors)
- The debugging level provided is 7 (highest level - warning)
ROOT1-ap81xx-71174C#service wireless meshpoint zl mesh_root on ROOT1-ap81xx-71174C
| SUBZONE
| 0 1 2 3 4 5 6 7
-------+-----------------------------------------
ZONE |
| GEN TX RX BEA TXF
2-LLC | 0 0 0 0 0
| GEN TX RX NBR LQM LSA
3-ND | 0 0 7(D) 0 0 0
| GEN
4-ORL | 0
| GEN TX RX HEL PRO
5-LQ | 0 0 0 0 0
| GEN
6-PS | 0
| GEN ROOT NBR REC
7-RS | 0 0 0 0
| GEN
8-IA | 0
| GEN SET GET
11-MGT | 0 0 0
| GEN RX TX R0 LMST LSUP LKEY KEY
13-LSA | 0 0 0 0 0 0 0 0
| GEN SCAN TRIG
14-ACS | 0 0 0
| GEN
15-EAP | 0
| GEN
16-L2P | 0
ROOT1-ap81xx-71174C#
In the preceding example, level 7 debugging has been enabled only for the ND module‘s
received signals. Note that debugging for all other modules and processes are still
disabled.
To disable debugging for all modules, specify 0 (zero) in the command. For
example:
ROOT1-ap81xx-71174C#service wireless meshpoint zl mesh_root on ROOT1-ap81xx-71174C 0
To enable debugging for all modules, specify the debugging level number. For
example:
ROOT1-ap81xx-71174C#service wireless meshpoint zl mesh_root on ROOT1-ap81xx-71174C 5
ROOT1-ap81xx-71174C#service wireless meshpoint zl mesh_root on ROOT1-ap81xx-71174C
| SUBZONE
| 0 1 2 3 4 5 6 7
-------+-----------------------------------------
ZONE |
| GEN TX RX BEA TXF
2-LLC | 5(N) 5(N) 5(N) 5(N) 5(N)
| GEN TX RX NBR LQM LSA
3-ND | 5(N) 5(N) 5(N) 5(N) 5(N) 5(N)
| GEN
4-ORL | 5(N)
| GEN TX RX HEL PRO
5-LQ | 5(N) 5(N) 5(N) 5(N) 5(N)
| GEN
6-PS | 5(N)
| GEN ROOT NBR REC
7-RS | 5(N) 5(N) 5(N) 5(N)
| GEN
8-IA | 5(N)
| GEN SET GET
11-MGT | 5(N) 5(N) 5(N)
| GEN RX TX R0 LMST LSUP LKEY KEY
13-LSA | 5(N) 5(N) 5(N) 5(N) 5(N) 5(N) 5(N) 5(N)
| GEN SCAN TRIG
14-ACS | 5(N) 5(N) 5(N)
| GEN
15-EAP | 5(N)
| GEN
16-L2P | 5(N)
ROOT1-ap81xx-71174C#
nx9500-6C8809#service show diag fds
Process open fds
cfgd 86
nx9500-6C8809#
nx9500-6C8809#service show diag pkts
Date: 11-4-2016, Time: 8:41:08.501033, Len: 64, 802.3, Proto: 0x8783, Vlan: 1, Priority: 0, Ingress: ge1, vlan1
Loop reason: Unknown(540)
TRUNCATED BB-7C-4D-80-C2-AC > 10-01-00-D2-68-99 at 64 bytes
Date: 11-4-2016, Time: 8:41:08.707631, Len: 64, 802.3, Proto: 0x8783, Vlan: 1, Priority: 0, Ingress: ge1, vlan1
Loop reason: Unknown(540)
TRUNCATED BB-7C-4D-80-C2-AC > 10-01-00-D2-68-99 at 64 bytes
Date: 11-4-2016, Time: 8:41:08.830963, Len: 64, 802.3, Proto: 0x8783, Vlan: 1, Priority: 0, Ingress: ge1, vlan1
Loop reason: Unknown(540)
TRUNCATED BB-7C-4D-83-30-A4 > 10-01-00-42-68-99 at 64 bytes
--More--
nx9500-6C8809#
nx9500-6C8809#service clear diag pkts
nx9500-6C8809#service show diag pkts
nx9500-6C8809#
nx9500-6C8809#service show diag psu
PSU1 (upper):
status unplugged
PSU2 (lower):
status normal
nx9500-6C8809#
The following examples show the purging of users from the guest-registration
database:
nx7500-112233#service guest-registration delete ?
all Delete all users
email Email address
group Group
mac MAC address
mobile Mobile phone number
name Full name
offline-for Specify minimum amount of time offline
otp-incomplete-for Specify minimum amount of time registration with
one-time-passcode incomplete
social Social site used to log in
wlan Wireless LAN
nx7500-112233#
Purges users belonging to a specified RADIUS
group.
nx7500-112233#service guest-registration delete group mac_reg_gr1
delete user status: delete users matching a group will take time, please wait
nx7500-112233#
Purges users using social-site (Facebook or Google) credentials to
login.
nx7500-112233#service guest-registration delete social facebook
delete user status: delete users matching a social category will take time, please wait
nx7500-112233#
Purges users inactive for a specified time
period.
nx7500-112233#service guest-registration delete offline-for days 5
delete user status: Deleting users offline for minimum 5 days. This will take time, please wait
nx7500-112233#
Purges users who have failed to complete registration using the OTP within a specified
time
period.
nx7500-112233#service guest-registration delete otp-incomplete-for days 5
delete user status: Deleting registration with one-time-passcode incomplete for minimum 5 days. This will take time, please wait
nx7500-112233#
The following example displays IP ACLs to WLAN mapping summary on the ‘TechPubs‘ RF
Domain:
nx9500-6C8809#service show ip-access-list wlan TechPubs status
Reporting Device: ap7161-99BB7C - success
Reporting Device: ap7532-80C2AC - success
Reporting Device: ap7562-84A224 - success
Reporting Device: nx9500-6C8809 - success
Reporting Device: ap8163-74B45C - success
Total reporting devices: 5
nx9500-6C8809#
Consider an RF Domain (name guest-domain) with 3 APs adopted to a controller. The CLI
output for the
service > show > ip-access-list command in this
set up varies for different scenarios, as shown in the following examples:
- Scenario 1: Executing the command
on a device (access
point).
AP01#service show ip-access-list wlan status
Reporting Device: AP01 - fail
WLAN: XPO-Guest-PSK
use ip-access-list in guest_access_inbound : fail
Total reporting devices: 1
AP01#
AP01#service show ip-access-list wlan status detail
================================================================================
Reporting Device: AP01
--------------------------------------------------------------------------------
WLAN: XPO-Guest-PSK
use ip-access-list in guest_access_inbound : fail
use ip-access-list out BC-MC-CONTROL : success
--------------------------------------------------------------------------------
WLAN: PartnerNet
use ip-access-list in default : success
use ip-access-list out default : success
--------------------------------------------------------------------------------
Total reporting devices: 1
AP01#
- Scenario 2: IP ACL to WLAN mapping
is successful for all APs in a specified RF
Domain.
SW01#service show ip-access-list wlan status on guest-domain
Reporting Device: AP01 - success
Reporting Device: AP02 - success
Reporting Device: AP03 - success
Total reporting devices: 3
SW01#
- Scenario 3: IP ACL has failed in
dataplane due to unknown
reasons.
SW01#service show ip-access-list wlan status on guest-domain
Reporting Device: AP01 - fail
WLAN: XPO-Guest-PSK
use ip-access-list in guest_access_inbound : fail
Reporting Device: AP02 - success
Reporting Device: AP03 - success
Total reporting devices: 3
SW01#
SW01#service show ip-access-list wlan status detail on guest-domain
================================================================================
Reporting Device: AP01
--------------------------------------------------------------------------------
WLAN: XPO-Guest-PSK
use ip-access-list in guest_access_inbound : fail
use ip-access-list out BC-MC-CONTROL : success
--------------------------------------------------------------------------------
WLAN: PartnerNet
use ip-access-list in guest_access_inbound : success
use ip-access-list out BC-MC-CONTROL : success
--------------------------------------------------------------------------------
================================================================================
Reporting Device: AP02
--------------------------------------------------------------------------------
WLAN: PartnerNet
use ip-access-list in guest_access_inbound : success
use ip-access-list out BC-MC-CONTROL : success
--------------------------------------------------------------------------------
================================================================================
Reporting Device: AP03
--------------------------------------------------------------------------------
WLAN: PartnerNet
use ip-access-list in guest_access_inbound : success
use ip-access-list out BC-MC-CONTROL : success
--------------------------------------------------------------------------------
Total reporting devices: 3
SW01#
- Scenario 4: AP in RF Domain is
unreachable or does not support this
functionality.
SW01#service show ip-access-list wlan status on guest-domain
Reporting Device: AP01 - unreachable
Reporting Device: AP02 - success
Reporting Device: AP03 - success
Total reporting devices: 3
SW01#
SW01#service show ip-access-list wlan status detail on guest-domain
================================================================================
Reporting Device: AP01
Timed out waiting for remote device: xpath=wing-stats/device/00-23-68-0B-86-38/firewall/
ip_acl_intf_status/wlan[mac='*']
================================================================================
Reporting Device: AP02
--------------------------------------------------------------------------------
WLAN: PartnerNet
use ip-access-list in guest_access_inbound : success
use ip-access-list out BC-MC-CONTROL : success
--------------------------------------------------------------------------------
================================================================================
Reporting Device: AP03
--------------------------------------------------------------------------------
WLAN: PartnerNet
use ip-access-list in guest_access_inbound : success
use ip-access-list out BC-MC-CONTROL : success
--------------------------------------------------------------------------------
Total reporting devices: 3
SW01#