The operational command reference pages describe the CLI commands that you use to display the properties and operational status of vSmart controllers, vEdge routers, and vBond orchestrators in the overlay network. When you log in to the CLI on a Cisco vEdge device, you are in operational mode.
In the CLI, operational commands are organized alphabetically, and many commands are organized into functional hierarchies. The top-level operational commands and command hierarchies are:
clear—Zero or erase information stored on the device or collected data.
clock—Set the time.
commit—Confirm a pending commit operation.
complete-on-space—Enable the ability to type a space to have the CLI complete unambiguous commands.
config—Enter configuration mode.
exit—Configure basic system parameters.
file—Configure the properties of a VPN, including the interfaces that participate in the VPN and the routing protocols that are enabled in the VPN.
help—Display help information about CLI commands.
history—Control the CLI command history cache.
idle-timeout—Set how long a CLI session can be idle before the user is logged out.
logout—Exit from the CLI session.
no—Negate or cancel a command.
nslookup—Perform a DNS name lookup.
paginate—Set the number of lines of command output to display.
ping—Ping a network device.
poweroff—Power down the device.
prompt1—Set the operational mode prompt.
prompt2—Set the configuration mode prompt.
pwd—Display the current path mode.
quit—Exit from the CLI session.
reboot—Reboot the device.
request—Install various files onto the device.
screen-length—Set the CLI screen length.
screen-width—Set the CLI screen width.
show—Display information about the status of the device or information stored on the device.
tcpdump—Perform a TCP dump operation.
timestamp—Enable timestamping.
traceroute—Perform a traceroute operation.
vshell—Exit to the shell on the device.
To filter operational command output, use the filters described in Command Filters for CLI Operational Commands.
Clear the cflowd flows in all VPNs [on vEdge routers only].
clear app cflowd flow-allCommand History
Release
Modification
14.3
Command introduced.
Examples
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flow-all
vEdge# show app cflow flows
% No entries found.
vEdge#
Clear the cflowd flows in a specific VPN [on vEdge routers only].
clear app cflowd flows vpn vpn-id [flow-property]
Syntax Description
flow-property
Specific Flow To Clear:
Narrow down the exact flow to clear. flow-property can be one of:
dest-ip prefix/length
dest-port port-number [0 through 65535]
dscp dscp-value [0 through 255]
ip-proto protocol-number [0 through 255]
src-ip prefix/length
src-port port-number [0 through 65535]
vpn vpn-id
VPN:
Specify the VPN in which to clear all cflowd flows.
Command History
Release
Modification
14.3
Command introduced.
Examples
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
Clear all DPI flows on the vEdge router [on vEdge routers only].
clear app dpi all
Command History
Release
Modification
15.2
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
Clear specific applications in a particular VPN on the vEdge router [on vEdge routers only].
clear app dpi apps vpn vpn-id [application name] [source-prefix prefix | length]
Syntax Description
application name
Application Name:
Name of the application to clear.
source-prefix prefix|length
Source IP address:
Source IP prefix for the application or applications to clear.
vpn vpn-id
VPN:
VPN in which the application participates.
Command History
Release
Modification
15.2
Command introduced.
Examples
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
Clear specific DPI flows in a particular VPN on the vEdge router [on vEdge routers only].
clear app dpi flows vpn vpn-id [destination-prefix prefix/length] [destination-port number] [ip-protocol protocol] [source-prefix prefix/length] [src-port number]
Syntax Description
destination-prefix prefix/length
source-prefix prefix/length
IP Prefix:
Destination or source IP prefix of the flow.
destination-port number
source-port number
Port Number:
Destination or source port number of the flow.
ip-protocol protocol
Protocol:
Destination or source port number of the flow.
vpn vpn-id
VPN:
VPN in which the flow participates.
Command History
Release
Modification
15.2
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
Clear the information logged about flows [on vEdge routers only]. After you issue this command, collection of information about the flow resumes immediately.
clear app log flows [dest-ip prefix] [dest-port number] [ip-proto number] [src-ip prefix] [src-port number] vpn vpn-id
Syntax Description
none
Clear information logged about all flows on the router.
dest-ip prefix
Destination IP Prefix:
Clear information logged about flows with the specified destination IP prefix.
dest-port number
Destination Port Number:
Clear information logged about flows with the specified destination port number.
ip-protocol number
IP Protocol:
Clear information logged about flows with the specified IP protocol number.
src-ip prefix
Source IP Prefix:
Clear information logged about flows with the specified source IP prefix.
src-port number
Source Port Number:
Clear information logged about flows with the specified source port number.
vpn vpn-id
Specific VPN:
Clear the logged flows in the specified VPN.
Command History
Release
Modification
16.3
Command introduced.
Examples
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
Refresh dynamically created IPv4 entries in the Address Resolution Protocol [ARP] cache [on vEdge routers and vSmart controllers only].
To clear IPv6 entries in the ARP cache, use the clear ipv6 neighbor command.
clear arp [interface interface-name] [ip-address] [vpn vpn-id ]
Syntax Description
none
Refresh all dynamic ARP cache entries.
interface interface-name
Interface:
Refresh the dynamic ARP cache entries associated with the specific interface.
ip-address
IP Address:
Refresh the dynamic ARP cache entries for the specified IP address.
vpn vpn-id
VPN:
Refresh the dynamic ARP cache entries for the specific VPN.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
Clear the counters for BFD transitions [on vEdge routers only].
clear bfd transitions
Command History
Release
Modification
15.1.1
Command introduced.
Examples
vEdge# show bfd sessions system-ip 1.1.1.1
SOURCE TLOC REMOTE TLOC DST PUBLIC DST PUBLIC DETECT TX
SYSTEM IP SITE ID STATE COLOR COLOR SOURCE IP IP PORT ENCAP MULTIPLIER INTERVAL[msec] UPTIME TRANSITIONS
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1.1.1.1 1 up default public-internet 192.168.1.104 69.181.135.19 34601 ipsec 3 1000 3:17:22:43 5
vEdge# clear bfd transitions
vEdge# show bfd sessions system-ip 1.1.1.1
SOURCE TLOC REMOTE TLOC DST PUBLIC DST PUBLIC DETECT TX
SYSTEM IP SITE ID STATE COLOR COLOR SOURCE IP IP PORT ENCAP MULTIPLIER INTERVAL[msec] UPTIME TRANSITIONS
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1.1.1.1 1 up default public-internet 192.168.1.104 69.181.135.19 34601 ipsec 3 1000 3:17:22:43 0
Reset the peering sessions with a specific BGP neighbor in a VPN [on vEdge routers only].
clear bgp neighbor ip-address vpn vpn-id [soft [in | out]]
Syntax Description
ip-addressvpn vpn-id
Neighbor Address and VPN:
Reset the connection to the specific BGP neighbor in the specified VPN.
soft [in | out]
Soft Reset:
Perform a reset when the routing policy changes so that the new policy can take effect. With a soft reset, the route table is reconfigured and reactivated, but the BGP session itself is not reset. Use the in option to generate inbound route table updates from the BGP neighbor, and use the out option to have the local router send a new set of updated to the BGP neighbor.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# clear bgp neighbor 10.20.25.16 vpn 1
vEdge# show bgp neighbor
MSG MSG OUT
VPN PEER ADDR AS RCVD SENT Q UPTIME STATE AFI
--------------------------------------------------------------------
1 10.20.25.16 1 8102 8122 0 - idle ipv4-unicast
vEdge# show bgp neighbor
MSG MSG OUT
VPN PEER ADDR AS RCVD SENT Q UPTIME STATE AFI
------------------------------------------------------------------------------
1 10.20.25.16 1 7971 7988 0 0:00:48:56 established ipv4-unicast
vEdge# clear bgp neighbor 10.20.25.16 vpn 1 soft out
vEdge# show bgp neighbor
VPN PEER ADDR AS RCVD SENT Q UPTIME STATE AFI
------------------------------------------------------------------------------
1 10.20.25.16 1 7986 8004 0 0:00:49:12 established ipv4-unicast
Clear the MAC addresses that this vEdge router has learned [on vEdge routers only]. The router restarts its MAC address learning process, performing flooding until all the MAC addresses are relearned.
clear bridge mac
Command History
Release
Modification
15.3
Command introduced.
Examples
vEdge# show bridge mac
RX RX TX TX
BRIDGE INTERFACE MAC ADDR STATE PKTS OCTETS PKTS OCTETS
-------------------------------------------------------------------------
1 ge0/5 aa:01:05:05:00:01 dynamic 2 248 0 0
1 ge0/5 aa:01:05:05:00:02 dynamic 2 248 0 0
1 ge0/5 aa:01:05:05:00:03 dynamic 2 248 0 0
1 ge0/5 aa:01:05:05:00:04 dynamic 2 248 0 0
1 ge0/5 aa:01:05:05:00:05 dynamic 2 248 0 0
2 ge0/5 aa:02:05:05:00:01 dynamic 2 248 0 0
2 ge0/5 aa:02:05:05:00:02 dynamic 2 248 0 0
2 ge0/5 aa:02:05:05:00:03 dynamic 2 248 0 0
2 ge0/5 aa:02:05:05:00:04 dynamic 1 124 0 0
2 ge0/5 aa:02:05:05:00:05 dynamic 1 124 0 0
vEdge# clear bridge mac
vEdge# show bridge mac
% No entries
vEdge#
Clear the computations performed by Cloud OnRamp for SaaS [formerly called CloudExpress service] [on vEdge routers only]. Cloud OnRamp for SaaS computations include application loss, latency, and best interface.
clear cloudexpress computations [application application]
Syntax Description
[none]
Clear all computations for all applications in all VPNs configured with Cloud OnRamp for SaaS.
application
Specific Application: Clear computations for a specific application configured for Cloud OnRamp for SaaS.
Values: amazon_aws, box_net, concur, dropbox, google_apps, gotomeeting, intuit, jira, office365, oracle, salesforce, sap, sugar_crm, webex, zendesk, zoho_crm
Command History
Release
Modification
16.3
Command introduced.
17.1
Removed vpn command option.
Examples
Clear the Cloud OnRamp for SaaS computations
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
0Reset the DTLS connections from the local device to all Cisco SD-WAN devices.
clear control connections
Note
This command will reset all the Bidirectional Forwarding Detection [BFD] tunnels on the device.
Command History
Release
Modification
14.2
Command introduced.
Examples
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
1Erase the connection history on the local device.
clear control connections-historyExamples
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
2Command History
Release
Modification
16.1
Command introduced.
To reset port-hop back to the base port on Cisco vEdge devices, use the clear control port-index command in privileged EXEC mode.
clear control port-index
Syntax Description
This command has no keywords or arguments.
Command Default
This command has no default behavior.
Command Modes
Privileged EXEC [#]
Command History
ReleaseModificationCisco SD-WAN Release 20.6.1This command was introduced.
Usage Guidelines
Use the clear control port-index command to reach back to 12346 base port on all the WAN interfaces.
The following example shows how to clear the port-hopping bucket index:
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
3Delete the core files on the local device. Core files are saved in the /var/crash directory on the local device.
clear crash number
Syntax Description
[none]
Clear all core and information files on the device.
number
Specific Core File: Clear the specific core file.
number is the index number listed in the show crash output.
Command History
Release
Modification
15.2
Command introduced.
Examples
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
4Clear the bindings to DHCP servers [on vEdge routers only].
clear dhcp server-bindings vpn vpn-id interface interface-name [client-mac mac-address]
Syntax Description
interface interface-name
Interface to DHCP Server: Interface to use to reach the DHCP server.
client-mac client-mac
MAC Address of DHCP Server: Clear the entry for a single DHCP host based on the host's MAC address.
vpn vpn-id
VPN: Clear the DHCP bindings in a specific VPN.
Command History
Release
Modification
14.3
Command introduced.
15.1
client-mac option added.
Clear IPv4 DHCP state on the local device [on vEdge routers and vSmart controllers only].
clear dhcp state interface interface-name [vpn vpn-id]
Syntax Description
interface interface-name
Clear the DHCP state of a specific interface.
vpn vpn-id
Clear the DHCP state of an interface in the specified VPN.
Command History
Release
Modification
14.3
Command introduced.
Examples
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
5Clear the cache of DNS entries on the local device. Use this command to clear stale entries from the DNS cache.
The DNS cache is populated when the device establishes a connection with the vBond orchestrator. For a vEdge router, this connection is transient, and the DNS cache is cleared when its connection to the vBond orchestrator is closed. For a vSmart controller, the connection to a vBond orchestrator is permanent.
clear dns cache
Command History
Release
Modification
15.3
Command introduced.
Examples
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
6Deauthenticate a client connected on an 802.1X or 802.11i interface [on vEdge routers only]. Reauthentication occurs automatically if the client attempts to use the interface again.
clear dot1x client mac-address interface interface-name
Syntax Description
mac-address
Client MAC Address: MAC address of the client to deauthenticate.
To determine a client's MAC address, use the show dot1x clients command.
interface interface-name
Interface Name: Interface through which the client is reachable.
To determine the interface name, use the show dot1x interfaces command.
Command History
Release
Modification
16.3
Command introduced.
Zero IGMP statistics [on vEdge routers only].
clear igmp statistics [vpn vpn-id]
Syntax Description
[none]
Clear IGMP statistics for all VPNs.
vpn vpn-idVPN: Clear IGMP statistics in a specific VPN.
Command History
Release
Modification
14.3
Command introduced.
Examples
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
7Clear all the certificates on the local device, including the public and private keys and the root certificate, and return the device to the factory-default state.
clear installed-certificates
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
8Zero interface statistics.
clear interface statistics [interface interface-name] [queue queue-number] [vpn vpn-id]
Syntax Description
[none]
Zero the statistics on all interfaces and all queues.
queue queue-number
Interface Queue: Zero the statistics on the specified queue.
interface interface-name
Specific Interface: Zero the statistics on the specified interface.
vpn vpn-id
VPN: Zero the interface statistics for interfaces in a specific VPN.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show cflowd flows
TCP
SRC DEST IP CNTRL ICMP EGRESS INGRESS TOTAL TOTAL MIN MAX START TIME TO
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP INTF INTF PKTS BYTES LEN LEN TIME EXPIRE
--------------------------------------------------------------------------------------------------------------------------------------------------------
1 10.20.24.15 172.16.255.15 49142 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 3745446565
1 10.20.24.15 172.16.255.15 49143 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 4
1 10.20.24.15 172.16.255.15 49144 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 9
1 10.20.24.15 172.16.255.15 49145 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 14
1 10.20.24.15 172.16.255.15 49146 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 19
1 10.20.24.15 172.16.255.15 49147 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 24
1 10.20.24.15 172.16.255.15 49148 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 29
1 10.20.24.15 172.16.255.15 49149 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 34
1 10.20.24.15 172.16.255.15 49150 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 39
1 10.20.24.15 172.16.255.15 49151 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 44
1 10.20.24.15 172.16.255.15 49152 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 49
1 10.20.24.15 172.16.255.15 49153 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 54
1 10.20.24.15 172.16.255.15 49154 13322 0 6 2 0 0.0.0.0 4294967295 4294967295 1 78 78 78 59
vEdge# clear app cflowd flows vpn 1
vEdge# show app cflow flows
% No entries found.
vEdge#
9Clear the statistics for a particular group, source, or VPN from the Multicast Forwarding Information Base [MFIB] [on vEdge routers only].
clear ip mfib record group group-address source source-address vpn vpn-id [upstream-iif interface-name] [upstream-tunnel ip-address]
Syntax Description
group group-address
source source-address
vpn vpn-id
Clear Statistics from the MFIB: Clear the statistics for a particular group, source, or VPN from the MFIB.
upstream-iif interface-name
Upstream Interface: Clear the MFIB statistics for the specified upstream interface.
upstream-tunnel ip-address
Upstream Tunnel: Clear the MFIB statistics for the specified tunnel to a remote system.
Command History
Release
Modification
14.2
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
0Clear the NAT translational filters [on vEdge routers only].
clear ip nat filter [parameter]
Syntax Description
parameter
Filter Parameter: Clear NAT translation filters associated with the specified parameter.
parameter can be nat-ifname, nat-vpn-id, private-dest-address, private-dest-port, private-source-address, private-source-port, private-vpn-id, and proto. These parameters correspond to some of the column headers in the show ip nat filter command output.
Command History
Release
Modification
14.2
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
1Clear the NAT translational interface statistics [on vEdge routers only].
clear ip nat statistics [interface interface-name] [vpn vpn-id]
Syntax Description
interface interface-name vpn vpn-id
Specific Interface: Clear NAT translation statistics associated with the specified interface.
vpn vpn-id
Specific VPN: Clear NAT translation statistics associated with the specified VPN.
Command History
Release
Modification
14.2
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
2Refresh dynamically created IPv6 entries in the Address Resolution Protocol [ARP] cache [on vEdge routers and vSmart controllers only].
To clear IPv4 entries in the ARP cache, use the clear arp command.
clear ipv6 neighbor [interface interface-name] [ip-address] [vpn vpn-id]
Syntax Description
[none]
Refresh all dynamic ARP cache entries.
interface interface-name
Interface: Refresh the dynamic ARP cache entries associated with the specific interface.
ip-address
IP Addresss: Refresh the dynamic ARP cache entries for the specified IP address.
vpn vpn-id
VPN: Refresh the dynamic ARP cache entries for the specific VPN.
Command History
Release
Modification
16.3
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
3Reset the OMP peering sessions with a specific peer [on vSmart controllers and vEdge routers only]. When you reset a peering session, the routes to that peer are removed from the OMP route table, and they are reinstalled when the peer comes back up.
clear omp peer ip-address [soft [in |out]]
Syntax Description
[none]
Reset the specific peering session.
soft in |out
Refresh the Peering Session: Re-apply the inbound or outbound policy to the specific peering session.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
4Clear the history of connections and connection attempts made by the vBond orchestrator [on vBond orchestrators only].
clear orchestrator connections-history
Command History
Release
Modification
16.1
Command introduced.
Examples
Show orchestrator connections-history
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
5Reset OSPF in a VPN [on vEdge routers only].
clear ospf all vpn vpn-id
Syntax Description
vpn vpn-id
VPN: Reset OSPF in the specified VPN.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
6Delete the entries in the OSPF link-state database learned from OSPF neighbors [on vEdge routers only]. Use this command for troubleshooting OSPF or to reset the link-state database if you suspect that it has been corrupted.
clear ospf database vpn vpn-id
Syntax Description
vpn vpn-id
VPN: Clear the OSPF link-state database of entries from the specified VPN.
Command History
Release
Modification
14.2
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
7Clear the mappings of multicast groups to RPs [on vEdge routers only].
clear pim rp-mapping [vpn vpn-id]
Syntax Description
[none]
Clear all group-to-RP mappings.
vpn vpn-id
VPN: Clear the group-to-RP mappings for a specific VPN.
Command History
Release
Modification
14.3
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
8Clear all PIM-related statistics on the router, and relearn all PIM neighbors and joins [on vEdge routers only].
clear pim statistics [vpn vpn-id]
Syntax Description
[none]
Clear all PIM statistics, neighbors, and joins, and then relearn them.
vpn vpn-id
VPN: Clear the PIM statistics, neighbors, and joins in the specified VPN, and then relearn them.
Command History
Release
Modification
14.2
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port Protocol APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#
9Clear the policer out-of-specification [OOS] packet statistics [on vEdge routers only]. A policed packet is out of specification when the policer does not allow it to pass. Depending on the policer configuration, these packets are either dropped or they are remarked, which sets the packet loss priority [PLP] value on the egress interface to high.
clear policer statistics
Command History
Release
Modification
16.3
Command introduced.
Examples
Clear the policer OOS packet statistics
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
0Reset all counters for IPv4 access lists or data policies [on vSmart controllers and vEdge routers only].
clear policy [access-list acl-name | app-route-policy policy-name | data-policy policy-name]
Syntax Description
access-list acl-name
Access List Counters: Zero the counters associated with the specified access list.
app-route-policy policy-name
Application-Aware Routing Policy Counter: Zero the counters associated with the specified application-aware routing policy.
data-policy policy-name
Data Policy Counters: Zero the counters associated with the specified data policy.
Command History
Release
Modification
14.1
Command introduced.
Zero the statistics about the packets processed by zone-based firewalls [on vEdge routers only].
clear policy zbfw global-statistics
Command History
Release
Modification
18.2
Command introduced.
Examples
Clear the statistics about packets that the router has processed with zone-based firewalls
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
1Clear the session flow information for zone pairs configured with a zone-based firewall policy [on vEdge routers only].
show policy zbfw sessions [name pair-name]
Syntax Description
[none]
Clear the session flow entries for all zone pairs.
name pair-name
Zone Pair Name: Clear the session flow entries for the specified zone pair.
Command History
Release
Modification
18.2
Command introduced.
Examples
Clear all session flow information
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
2Zero PPPoE statistics.
clear pppoe statistics
Command History
Release
Modification
15.3.3
Command introduced.
Examples
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
3Clear an installed proxy certificate and reset the control connections that are associated with the proxy [on vEdge routers only].
clear reverse-proxy context
Command History
Release
Modification
18.2
Command introduced.
Examples
Clear the installed proxy certificate on a vEdge router
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
4Clear system-wide forwarding statistics.
clear system statistics
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
5Set the time and date on the device. If you have configured NTP on the device, the NTP time overwrites the time and date that you set with the clock command.
clock set date ccyy-mm-dd
clock set time hh:mm:ss.sss
Syntax Description
ccyy-mm-dd
Date: Set the date by specifying four-digit year, two-digit month, and two-digit day. The year can be from 2000 to 2060.
hh:mm:ss.sss
Time: Set the time by two-digit hour [using a 24-hour clock], two-digit minute, two-digit seconds, and an optional three-digit hundredths of seconds.
Note
You must set the time and date in a single command, but the order in which you specify them does not matter.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
6Confirm or cancel a pending commit operation. You issue this commit command from operational mode. You establish a pending commit operation by using the commit confirmed configuration session management command.
commit [abort | confirm] [persist-id id]
Syntax Description
confirm
Confirm a Pending Commit Operation: Confirm a pending commit operation that was issued with the commit confirmed configuration command. You must confirm the commit operation with the time specified with the commit confirmed command; otherwise, the commit is canceled.
abort
Halt a Pending Commit Operation: Halt a pending commit operation that was issued with the commit confirmed command. This is the default operation for a pending commit operation. The commit is also canceled if the CLI session is terminated before you issue a commit confirm command.
persist-id id
Token to Identify the Pending Commit Operation: If you specified a token, id, when you initiated the pending commit operation, specify that token to either cancel or confirm the commit.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
7Have the CLI automatically complete a command name when you type an unambiguous string and then press the space bar, or have the CLI list all possible completions when you type an ambiguous string and then press the space bar.
complete-on-space [false | true]
Syntax Description
false
Do Not Perform Command Completion: Do not have the CLI perform command completion when you press the space bar. This is the default setting.
true
Perform Command Completion: Have the CLI perform command completion when you press the space bar.
Command History
Release
Modification
14.1
Command introduced.
14.2
Default changed from true to false in Release 14.2.
Examples
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
8Enter configuration mode for vEdge devices. In configuration mode, you are editing a copy of the running configuration, called the candidate configuration, not the actual running configuration. Your changes take effect only when you issue a commit command.
Note
Cisco IOS XE routers such as aggregation and integrated services routers should use the command config-transaction to enter configuration mode. The config terminal command is not supported on SD-WAN routers.
config [exclusive | no-confirm | shared | terminal]
Syntax Description
[none]
Edit a private copy of the running configuration. This private copy is not locked, so another user could also edit it at the same time.
terminal
Allow Editing from This Terminal Only: Edit a private copy of the running configuration. This private copy is not locked, so another user could also edit it at the same time.
no-confirm
Do Not Allow a Commit Confirmation: Edit a private copy of the running configuration and do not allow the commit confirmed command to be used to commit the configuration.
exclusive
Exclusive Edit: Lock the running configuration and the candidate configuration, and edit the candidate configuration. No one else can edit the candidate configuration as long as it is locked.
shared
Shared Edit: Edit the candidate configuration without locking it. This option allows another person to edit the candidate configuration at the same time.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 aol Web
1 10.192.42.2 apple Web
...
vEdge# clear app dpi apps vpn 1 application aol
vEdge# show app dpi applications
VPN SRC IP APPLICATION FAMILY
-----------------------------------------------------------
1 2.51.88.142 bittorrent Peer to Peer
1 10.192.42.1 syslog Application Service
1 10.192.42.1 tcp Network Service
1 10.192.42.1 unknown Standard
1 10.192.42.2 addthis Web
1 10.192.42.2 adobe Web
1 10.192.42.2 adobe_update Web
1 10.192.42.2 akamai Web
1 10.192.42.2 alexa Web
1 10.192.42.2 alibaba Web
1 10.192.42.2 aliexpress Web
1 10.192.42.2 amazon Web
1 10.192.42.2 amazon_adsystem Web
1 10.192.42.2 amazon_aws Web
1 10.192.42.2 amazon_cloud_drive Web
1 10.192.42.2 apple Web
...
9Enable and disable debugging mode for all or selected software function. Debug output is placed in the /var/log/tmplog/vdebug file on the local device.
[no] debug all
[no] debug aaa login [radius | tacacs]
[no] debug bgp [all | events | fsm | ipcs | packets] vpn vpn-id
[no] debug cflowd [cli | events | ipc | misc | pkt_tx] [level [high | low]]
[no] debug chmgr all
[no] debug cloudexpress [events | ftm | omp | rtm | ttm] [level [high | low]]
[no] debug confd [developer-log [level [high | low]] | snmp]
[no] debug config-mgr [events | pppoe | ra] [level [high | low]]
[no] debug dbgd [events]
[no] debug dhcp-client [all | events | packets]
[no] debug dhcp-helper [all | events | packets]
[no] debug fpm [all | config | dpi | policy | ttm]
[no] debug ftm all[no] debug igmp [config | events | fsm | ipc | packets] [level [high | low]]
[no] debug iked [all | confd | error | events | misc] [level [high | low]]
[no] debug netconf traces[no] debug omp [all | events | ipcs | packets]
[no] debug ospf [all | events | ipcs | ism | lsa | nsm | nssa | packets] vpn vpn-id
[no] debug pim [auto-rp | events | fsm | ipcs | packets] [level [high | low]] vpn vpn-id
[no] debug platform software sdwan tracker
[no] debug resolver events [level [high | low]]
[no] debug rtm [events | ipc | next-hop | packets | rib] vpn vpn-id
[no] debug snmp events [level [high | low]]
[no] debug sysmgr all
[no] debug transport events [level [high | low]]
[no] debug tcpd [level [high | low]]
[no] debug ttm events
[no] debug vrrp [all | events | packets] vpn vpn-id
Syntax Description
[no] debug all
All: Control debugging for all software functions that can be debugged.
[no] debug aaa login [radius | tacacs]
AAA Login via RADIUS or TACACS: Control debugging for login attempts using RADIUS or TACACS.
[no] debug bgp [all | events | fsm | ipcs | packets] vpn vpn-id
BGP: Control debugging for BGP:
all—Control the debugging of all BGP events, finite-state machine transitions, interprocess communications, and packets.
events—Control the debugging of BGP events, including damping events, finite-state machine events and transitions, keepalive message events, next-hop events, and routing table update events.
fsm—Control the debugging of BGP finite-state machine transitions.
ipcs—Control the debugging of all BGP interprocess communications.
packets—Control the debugging of all BGP protocol packets.
vpn vpn-id—Specify the VPN in which to perform debugging.
[no] debug cflowd [cli | events | ipc | misc | pkt_tx] [level [high | low]]
Cflowd Traffic Flow Monitoring:
Control debugging for cflowd:
cli —Control the debugging of messages that are logged as the result of a configuration change made either directly on the vEdge router or because the changes have been pushed from the vSmart controller to the router.
events —Control the debugging of events to which the cflowd process [daemon] responds, including when the process connects with a collector or loses connectivity with it, and when the source-interface as configured in the vSmart template is removed.
ipc —Control the debugging of all cflowd interprocess communications.
level [high | low] —Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.
misc —Control the debugging of miscellaneous cflowd events.
pkt_tx —Control the debugging of cflowd packet transmissions.
[no] debug chmgr all
Chassis Manager: Control debugging for the chassis manager.
[no] debug cloudexpress [events | ftm | omp | rtm | ttm] [level [high | low]]
Cloud OnRamp for SaaS: Control debugging for Cloud OnRamp for SaaS [formerly CloudExpress service].
events—Control the debugging of events to which the Cloud OnRamp for SaaS process [daemon] responds, including when the process connects with a collector or loses connectivity with it, and when the source-interface as configured in the vSmart template is removed.
ftm—Control debugging of the communication between Cloud OnRamp for SaaS and the forwarding table manager.
level [high | low]—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.
omp—Control the debugging of all Cloud OnRamp for SaaS OMP operations.
rtm—Control the debugging of communication between the Cloud OnRamp for SaaS and the route table manager.
ttm—Control the debugging of communication between the Cloud OnRamp for SaaS and the tunnel table manager.
[no] debug config-mgr [events | pppoe | ra] [level [high | low]]
Configuration Manager: Control debugging for the configuration manager.
events—Control the debugging of events to which the configuration manager process [daemon] responds, including when the process connects with a collector or loses connectivity with it, and when the source-interface as configured in the vSmart template is removed.
level [high | low]—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco engineering team.
pppoe—Control the debugging of all Cloud OnRamp for SaaS OMP operations.
ra—Control the debugging of route advertisements to which the configuration manager responds.
[no]debug dbgd events
Debugger Process: Control debugging for the debugger process itself.
events—Control the debugging of events to which the debugger process [daemon] responds.
[no] debug dhcp-client [all | events | packets]
DHCP Client: Control the debugging of Dynamic Host Configuration Protocol [DHCP] client activities.
all—Control the debugging of all DHCP client events and packets.
events—Control the debugging of DHCP client protocol events.
packets—Control the debugging of all DHCP client packets.
[no] debug dhcp-helper [all | events | packets]
DHCP Helper: Control the debugging of Dynamic Host Configuration Protocol [DHCP] helper activities.
all—Control the debugging of all DHCP helper events and packets.
events—Control the debugging of DHCP helper protocol events.
packets—Control the debugging of all DHCP helper packets.
[no] debug fpm [all | config | dpi | policy | ttm]
Forwarding Policy Manager: Control debugging for the forwarding policy manager:
all—Control the debugging of events related to the forwarding policy manager, including configuration changes, application-aware routing events, and communication with the tunnel table manager.
config—Control the debugging of messages that are logged as a result of a policy configuration change made either directly on the vEdge router or because the changes have been pushed from the vSmart controller to the router.
dpi—Control the debugging of all application-aware routing [deep packet inspection] events.
policy—Control the debugging of messages that are logged as the result of policy programming events.
ttm—Control the debugging of communication between the forwarding policy manager and the tunnel table manager.
[no] debug ftm all[no] debug igmp [config | events | fsm | ipc | packets] [level [high | low]]
Forwarding Table Manager: Control debugging for the forwarding table manager operations.
[no] debug ftm all[no] debug igmp [config | events | fsm | ipc | packets] [level [high | low]]
IGMP: Control debugging for IGMP.
all—Control the debugging of all IGMP events, finite-state machine transitions, interprocess communications, and packets.
events—Control the debugging of IGMP events, including finite-state machine events and transitions, keepalive message events, next-hop events, and routing table update events.
fsm—Control the debugging of IGMP finite-state machine transitions.
ipcs—Control the debugging of all IGMP interprocess communications.
packets—Control the debugging of all IGMP protocol packets.
[no] debug iked [all | confd | error | events | misc] [level [high | low]]
IKE: Control debugging for the forwarding policy manager.
all—Control the debugging of all events related to IKE.
confd—Control the debugging of Netconf activity to log all IKE-related Netconf configuration messages between the local device and the vManage NMS.
error—Control the debugging of IKE errors.
events—Control the debugging of IKE protocol events.
level [high | low]—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.
misc—Control the debugging of miscellaneous IKE events.
[no] debug netconf traces[no] debug omp [all | events | ipcs | packets]
Netconf: Enable and disable Netconf activity to log all Netconf configuration messages between the local device and the vManage NMS.
Netconf debug messages are logged to the /var/log/confd/netconf.trace file.
[no] debug netconf traces[no] debug omp [all | events | ipcs | packets]
OMP: Control the debugging of OMP.
all—Control the debugging of all OMP events, interprocess communications, and packets.
events—Control the debugging of OMP events.
ipcs—Control the debugging of all OMP interprocess communications.
packets—Control the debugging of all OMP protocol packets.
[no] debug ospf [all | events | ipcs | ism | lsa | nsm | nssa | packets] vpn vpn-id
OSPF: Control the debugging of OSPF.
all—Control the debugging of all OSPF functions.
events—Control the debugging of OSPF events, including adjacencies, flooding information, designated router selection, and shortest path first [SPF] calculations.
ipcs—Control the debugging of all OSPF interprocess communications.
ism—Control the debugging of OSPF interface state machine transitions.
nsm—Control the debugging of OSPF network tate machine transitions.
lsa—Control the debugging of OSPF LSA messages.
nssa—Control the debugging of OSPF NSSA messages.
packets—Control the debugging of all OSPF protocol packets.
[no] debug pim [auto-rp | events | fsm | ipcs | packets] [level [high | low]] vpn vpn-id
PIM: Control debugging for PIM.
all—Control the debugging of all PIM events, finite-state machine transitions, interprocess communications, and packets.
events—Control the debugging of PIM events, including finite-state machine events and transitions, keepalive message events, next-hop events, and routing table update events.
fsm—Control the debugging of PIM finite-state machine transitions.
ipcs—Control the debugging of all PIM interprocess communications.
packets—Control the debugging of all PIMP protocol packets.
vpn vpn-id—Specify the VPN in which to perform debugging.
[no] debug platform software sdwan tracker
Service chaining: [Cisco IOS XE SD-WAN devices] Display the service log for the tracker, which probes service devices periodically to test whether the devices are reachable.
[no] debug resolver events [level [high | low]]
Resolver: Control debugging for all resolver process events. The resolver process handles a plethora of tasks, including tracking ARP, MAC addresses, DNS, and connected interfaces.
level [high | low]—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.
[no] debug rtm [events | ipc | next-hop | packets | rib] vpn vpn-id
Route Table Manager: Control debugging for the route table manager.
events—Control the debugging of route table manager events.
ipc—Control the debugging of all route table manager interprocess communications.
next-hop—Control the debugging of the route table manager handling of next hops.
packets—Control the debugging of the route table manager handling of route exchange packets.
rib—Control the debugging of route table manager communication with the route table.
vpn vpn-id—Specify the VPN in which to perform debugging.
[no] debug snmp events [level [high | low]]
SNMP: Control debugging for all SNMP events.
level [high | low]—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.
[no] debug sysmgr all
System Manager: Control debugging for the system manager.
[no] debug tcpd [level [high | low]][no] debug ttm events
TCP Optimization Process: Control debugging for TCP optimization.
level [high | low]—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.
[no] debug transport events [level [high | low]]
Transport Process: Control debugging for all vtracker transport process events. The vtracker process pings the vBond orchestrator every second.
level [high | low]—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.
[no] debug ttm events
Tunnel Table Manager: Control debugging for all tunnel table manager events.
[no] debug vrrp [all | events | packets] vpn vpn-id
VRRP: Control debugging for the Virtual Router Redundancy Protocol [VRRP].
all—Control the debugging of all VRRP events and packets.
events—Control the debugging of VRRP events.
packets—Control the debugging of VRRP packets.
Command History
Release
Modification
14.1
Command introduced.
16.3
Starting with Release 16.3, output is placed in the /var/log/tmplog/vdebug file, not the /var/log/vdebug file.
Cisco IOS XE Release 17.3.1a
Added debug platform software sdwan tracker .
To enable packet tracing on Cisco vEdge devices, use the debug packet-trace condition command in privileged EXEC mode.
debug packet-trace condition [ start | stop ] [bidirectional ] [circular ] [ destination-ip ip-address ] [global-stat ] [ ingress-if interface ] [logging ] [ source-ip ip-address ] [ vpn-id vpn-id ]
Syntax Description
bidirectional[Optional] Enables bidirectional flow debug for source IP and destination IP.
circular[Optional] Enables circular packet tracing. In this mode, the 1024 packets in the buffer are continuously over-written.
clear[Optional] Clears all debug configurations and packet tracer memory.
destination-ip[Optional] Specifies destination IPv4 address.
global-stat[Optional] Specifies the match on select global statistic counter name.
ingress-if[Optional] Specifies ingress interface name. Note: It is must to choose VPN to configure the interface.
logging[Optional] Enables packet tracer debug logging.
source-ip[Optional] Specifies source IP address.
start[Optional] Starts conditional debugging.
stop[Optional] Stops conditional debugging.
vpn-id[Optional] Enables packet tracing for the specified VPN.
Command Default
None
Command Modes
Privileged EXEC [#]
Command History
ReleaseModificationCisco SD-WAN Release 20.5.1
This command was introduced.
Cisco SD-WAN Release 20.8.1
A new keyword global-stat is added.
Usage Guidelines
The parameters after the keywords start and stop in the command syntax can be configured in any order.
Example
The following example shows how to configure conditions for packet tracing:
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
0Enable and disable debugging mode for vdaemon software function. Debug output is placed in the /var/log/tmplog/vdebug file on the local device.
debug vdaemon { all | confd | error | events | hello | misc | packets } [ high | low ]
no debug vdaemon { all | confd | error | events | hello | misc | packets } [ high | low ]
Syntax Description
{all | confd | error | events | hello | misc | packets} {high | low}vDaemon Process: Control debugging for vDaemon, the Cisco SD-WAN software process:
all : Control the debugging of all vdaemon process functions.
confd : Control the debugging of vdaemon process CLI functions.
error : Control the debugging error of vdaemon actions.
events : Control the debugging of vdaemon process events.
hello : Control the debugging of vdaemon hello packets.
misc : Control the debugging of miscellaneous vdaemon process events.
packets : Control the debugging of all vdaemon process packets.
high : Displays verbose logging.
low : Displays minimal logging.
Command History
ReleaseModification14.1
Command introduced.
16.3
Starting with Release 16.3, output is placed in the /var/log/tmplog/vdebug file, not the /var/log/vdebug file.
Cisco SD-WAN Release 20.5.1
Added hello keyword for debug vdaemon command.
Enable and disable debugging mode for vdaemon software function. Debug output is placed in the /var/log/tmplog/vdebug file on the local device.
debug vdaemon peer public-ip ip-address public-port port-address facility { all | confd | error | events | hello | misc | packet } level { high | low }
no debug vdaemon peer public-ip ip-address public-port port-address facility { all | confd | error | events | hello | misc | packet } level { high | low }
Syntax Description
public-ip ip-addressSpeicifes peer public ip address.
public-port port-addressSpecifies peer public port address.
Range: 0 to 65535
facility{all | confd | error | events | hello | misc | packet}Facility: Control debugging of miscellaneous vdaemon actions:
all : Control the debugging of all vdaemon process functions.
confd : Control the debugging of vdaemon process CLI functions.
error : Control the debugging error of vdaemon actions.
events : Control the debugging of vdaemon process events.
hello : Control the debugging of vdaemon hello packets.
misc : Control the debugging of miscellaneous vdaemon process events.
packet : Control the debugging of all vdaemon process packets.
Set the detail of the comments logged by the debugging operation. The default level, low , provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco engineering team.
Command History
Release
Modification
Cisco SD-WAN Release 20.5.1
This command was introduced.
The following is a sample output for debug vdaemon peer command. Verbose logs for a particular peer can be enabled, and hello log is displayed:
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
1Display the contents of a file on the Cisco SD-WAN device.
file show filename
Syntax Description
filename
Name of a Directory: Name of a file on the Cisco SD-WAN device.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
2Set the number of history items that the CLI tracks in operational mode.
show history number
Syntax Description
show history number
Number of History Items: Set the number of commands tracked by the CLI history.
number can be a value from 0 through 1000. The default is 100 commands. To disable the history feature, set the number to 0.
no history
Return to Default Number of History Items: Restore the default history queue length of 100 commands.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
3Set how long the CLI is inactive on a device before the user is logged out. If a user is connected to the device via an SSH connection, the SSH connection is closed after this time expires.
idle-timeout seconds
Syntax Description
idle-timeout seconds
Timeout Value: Number of seconds that the CLI is idle before the user is logged out of the CLI. A value of 0 [zero] sets the time to infinity, so the user is never logged out.
Range: 0 through 8192 seconds.
Default: 1800 seconds [30 minutes].
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
4Stop a job that is monitoring a file on the local device. This command is the same as the UNIX kill command.
job stop job-number
Syntax Description
job-number
Job Number: Number of the job to stop.
This number is in the JOBS column in the show jobs command output.
Command History
Release
Modification
15.4
Command introduced.
Examples
Stop the job that is monitoring a file
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
5Terminate the current CLI session, a specific CLI session, or the session of a specific user.
logout [session session-number] [user username]
Syntax Description
[none]
Terminate the current CLI session.
session session-number
Specific Session: Terminate a specific CLI session.
user username
Specific User: Terminate the CLI session of a specific user.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
6To monitor and control the event trace function for a Cisco SD-WAN subsystem, use the monitor event-trace command in the privileged EXEC mode. Event trace provides the functionality to capture the SD-WAN traces between the viptela daemons and SD-WAN subsystems.
monitor event-trace sdwan { clear | continuous | disable | dump | | enable | one-shot }
Syntax Description
sdwan
Name of the Cisco SD-WAN subsystem that is the subject of the event trace. To get a list of components that support event tracing, use the monitor event-trace ? command.
clear
Clears existing trace messages for the specified component from memory on the networking device.
continuous
Displays the latest event trace entries.
disable
Turns off event tracing for the specified component.
dump
The trace messages are saved in binary format.
enable
Enables event tracing for the specified component.
one-shot
Clears any existing trace information from memory, starts event tracing again, and disables the trace when the trace reaches the size specified.
Command Default
The event trace function is disabled by default.
Command Modes
Privileged EXEC
Global Configuration Mode
Command History
Release
Modification
Cisco IOS XE Release 17.2.1r
This command was introduced.
Usage Guidelines
The amount of data collected from the trace depends on the trace message size configured using the monitor event-trace command in global configuration mode for each instance of a trace.
Use the show monitor event-trace command to display trace messages.
Use the monitor event-trace sdwan dump command to save trace message information for a single event. By default, trace information is saved in binary format.
The following example shows the privileged EXEC commands to stop event tracing, clear the current contents of memory, and reenable the trace function for the component. This example assumes that the tracing function is configured and enabled on the networking device.
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
7The following example shows how the monitor event-trace one-shot command accomplishes the same function as the previous example except in one command. In this example, once the size of the trace message file has been exceeded, the trace is terminated.
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
8The following example shows the command for writing trace messages for an event in binary format. In this example, the trace messages for the SD-WAN component are written to a file.
vEdge# show app dpi flows
Source Dest
VPN SRC IP DST IP Port Port PROTOCOL APPLICATION FAMILY ACTIVE SINCE
-----------------------------------------------------------------------------------------------------------------------
1 10.192.42.2 74.125.20.95 20581 443 udp unknown Standard 2015-05-04T14:07:46+00:00
1 10.192.42.2 74.125.25.188 55742 5228 tcp gtalk Instant Messaging 2015-05-03T21:06:57+00:00
1 10.192.42.2 74.125.28.95 36597 443 tcp google Web 2015-05-04T14:12:43+00:00
1 10.192.42.2 74.125.28.95 36598 443 tcp google Web 2015-05-04T14:12:45+00:00
1 10.192.42.2 192.168.15.3 63665 53 udp dns Network Service 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.14 40616 443 tcp https Web 2015-05-04T14:12:02+00:00
1 10.192.42.2 216.58.192.36 45889 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.58.192.36 45903 443 tcp https Web 2015-05-04T14:14:40+00:00
1 10.192.42.2 216.115.20.77 10000 10000 udp sip Audio/Video 2015-05-03T08:22:51+00:00
1 192.168.20.83 1.1.42.1 51586 22 tcp ssh Encrypted 2015-05-04T13:28:03+00:00
vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#
9Begin monitoring a file on the local device. When a file is monitored, any logging information is displayed on the console as it is added to the file.
monitor start filename
Syntax Description
filename
Filename To Monitor: Name of the file to monitor.
Command History
Release
Modification
15.4
Command introduced.
Examples
Start and stop monitoring a file, and view the files that are being monitored
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0Stop monitoring a file on the local device. When a file is monitored, any logging information is displayed on the console as it is added to the file.
monitor stop filename
Syntax Description
filename
File to Monitor: Name of the file to monitor.
Command History
Release
Modification
15.4
Command introduced.
Examples
Start and stop monitoring a file, and view the files that are being monitored
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0Perform a DNS lookup.
nslookup [vpn-id vpn-id] dns-name
Syntax Description
dns-name
DNS Name: Perform a DNS lookup to map a fully qualified domain name to one or more IP addresses.
dns-name can be a hostname string, or an IPv4 or IPv6 address.
vpn-id vpn-id
VPN: Specify the VPN into which to send the ping packets. If you omit the VPN identifier, the default is VPN 0, which is the transport VPN.
Command History
Release
Modification
14.1
Command introduced.
16.3
In Release 16.3, added support for IPv6 addresses in VPN 0.
Examples
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
2Control the pagination of command output.
paginate [false | true]
Syntax Description
false
Display Command Output Continuously: Display all command output continuously, regardless of the CLI screen height.
true
Paginate Command Output:Display all command output one screen at a time. To display the next screen of output, press the space bar. Pagination is the default setting.
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
3Verify that a network device is reachable on the network, by sending ICMP ECHO_REQUEST packets to them. This command is effectively identical to the standard UNIX ping command.
ping [hostname | ip-address]
ping vpn vpn-id [hostname | ip-address]
ping [count number] [rapid] [size bytes] [source [interface-name | ip-address]] [wait seconds] vpn vpn-id [hostname | ip-address]
Syntax Description
[hostname | ip-address]
Device to Ping: Name or IPv4 or IPv6 address of the host to ping. For an IPv4 address in a service VPN, you can ping the primary and the secondary addresses.
count number
Number of Ping Requests to Send: Number of ping requests to send. If you do not specify a count, the command operates until you interrupt it by typing Control-C.
rapid
Rapid Pinging: Send five ping requests in rapid succession and display abbreviated statistics, only for packets transmitted and received, and percentage of packets lost.
size bytes
Size of Ping Request Packets: Size of the packet to send.
Default: 64 bytes [56 bytes of data plus 8 bytes of ICMP header].
source [interface-name | ip-address]
Source of Ping Packets: Interface or IP address from which to send to ping packets. You cannot specify the loopback0 interface in this option.
wait seconds
Time to Wait between Each Ping Packet: Time to wait for a response to a ping packet.
Default: 1 second.
vpn vpn-id
VPN in which to Ping: Specify the VPN into which to send the ping packets.
Command History
Release
Modification
14.1
Command introduced.
16.3
Added support for IPv6 host addresses in VPN 0.
17.2.2
Added support for pinging secondary IPv4 addresses.
Examples
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
4vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
5vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
6vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
7Set the operational prompt.
prompt1 string
Syntax Description
string
Operational Prompt: Set the operational prompt.
The prompt can contain regular ASCII characters and the following special characters. Enclose the entire string in quotation marks:
\d—Current date in the format yyyy-mm-dd [for example, 2013-12-02].
\h—Hostname up to the first period [.]. You configure the hostname with the system hostname command.
\H—Full hostname. You configure the hostname with the system hostname command.
\s—Source IP address of the local device.
\t—Current time in 24-hour hh:mm:ss format.
\A—Current time in 24-hour format.
\T—Current time in 12-hour hh:mm:ss format.
\@—Current time in 12-hour hh:mm format.
\u—Login username of the current user.
\m—Mode name.
\m{n}—Mode name, but the number of trailing components in the displayed path is limited to be a maximum of n, which is an integer. Characters removed are replaced with an ellipsis [...].
\M—Mode name in parentheses.
\M{n}—Mode name in parentheses, but the number of trailing components in the displayed path is limited to be a maximum of n, which is an integer. Characters removed are replaced with an ellipsis [...].
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
8Set the configuration mode prompt.
prompt2 string
Syntax Description
stringOperational Prompt:
"string" Set the operational prompt. The prompt can contain regular ASCII characters and the following special characters. Enclose the entire string in quotation marks:
\d—Current date in the format yyyy-mm-dd [for example, 2013-12-02].
\h—Hostname up to the first period [.]. You configure the hostname with the system hostname command.
\H—Full hostname. You configure the hostname with the system hostname command.
\s—Source IP address of the local device.
\t—Current time in 24-hour hh:mm:ss format.
\A—Current time in 24-hou hh:mm format.
\T—Current time in 12-hour hh:mm:ss format.
\@—Current time in 12-hour hh:mm format.
\u—Login username of the current user.
\m—Mode name.
\m{n}—Mode name, but the number of trailing components in the displayed path is limited to be a maximum of n, which is an integer. Characters removed are replaced with an ellipsis [...].
\M—Mode name in parentheses.
\M{n}—Mode name in parentheses, but the number of trailing components in the displayed path is limited to be a maximum of n, which is an integer. Characters removed are replaced with an ellipsis [...].
Command History
Release
Modification
14.1
Command introduced.
Examples
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.11 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 10 1910 Thu Dec 8 11:42:28 2016 14 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.19 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 73 17458 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.20 10.1.15.15 12446 12346 48 17 0 0 10.1.15.15 76 17887 Thu Dec 8 11:42:34 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 0 0 0 1 0 0 10.1.15.15 17 1666 Thu Dec 8 11:42:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.12.26 10.1.15.15 12346 12346 48 17 0 0 10.1.15.15 28 7167 Thu Dec 8 11:42:33 2016 28 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 106 32230 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 102 28942 Thu Dec 8 11:42:38 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12366 48 17 0 0 10.1.15.15 11 2101 Thu Dec 8 11:42:28 2016 15 cpu ge0/0 BlackBird accept inbound-acl
vEdge# clear app log flows
Value for 'vpn' []: 0
vEdge# show app log flows | tab
TCP TIME EGRESS INGRESS
SRC DEST IP CNTRL ICMP TOTAL TOTAL TO INTF INTF POLICY POLICY POLICY
VPN SRC IP DEST IP PORT PORT DSCP PROTO BITS OPCODE NHOP IP PKTS BYTES START TIME EXPIRE NAME NAME NAME ACTION DIRECTION
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0 10.0.5.11 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.0.5.21 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.14.14 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
0 10.1.16.16 10.1.15.15 12366 12346 48 17 0 0 10.1.15.15 3 573 Thu Dec 8 11:43:33 2016 59 cpu ge0/0 BlackBird accept inbound-acl
9Reboot the Cisco SD-WAN device.
Any user can issue the reboot command, but the underlying logging mechanism does not log the user name. If you subsequently issue a show reboot history command, it shows that the reboot request was issued by an unnamed user.
Note
You cannot issue the reboot command while a software upgrade is in progress.
reboot [now] reboot other-boot-partition [no-sync]
Syntax Description
[none]
Reboot the device. The software prompts you to confirm that you really want to reboot.
now
Reboot Immediately: Reboot the device immediately, with no prompt asking you to confirm that you want to reboot.
other-boot-partition
Reboot and Use the Software Image on the Other Disk Partition: [Available in releases 15.3 and earlier.]
When rebooting the device, start the software image that is installed on the other disk partition. The software prompts you to confirm that you really want to reboot. If the other partition cannot be mounted or if the directory on the other partition is unreadable, an error message is displayed and the reboot operation is canceled.
other-boot-partition no-sync
Switch to the Other Software Image without Rebooting: [Available in releases 15.3 and earlier.]
Switch to the software image that is installed on the other disk partition without rebooting the device. If the other partition cannot be mounted or if the directory on the other partition is unreadable, an error message is displayed and the switch operation is canceled.
Command History
Release
Modification
14.1
Command introduced.
14.2
Starting with the 14.2 release, you cannot issue the reboot command when a software upgrade is in progress.
15.3
Starting with the 15.3 release, the reboot other-boot-partition command prompts for confirmation.
15.4
Starting with 15.4 release, the reboot other-boot-partition command is replaced with the request software activate command.
Examples
Reboot
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
0show boot-partition
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
1reboot other-boot-partition
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
2Reset the account of a user whose account is locked. An account becomes locked when the user can no longer log in to a Cisco SD-WAN device.
request aaa unlock-user username
Syntax Description
username
Account To Reset: Name of the user account.
NoteYour account gets locked even if no password is entered multiple times. When you do not enter anything in the password field, it is considered as invalid or wrong password.
Command History
Release
Modification
15.4
Command introduced.
Examples
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
3vManage Equivalent
Collect system status information in a compressed tar file, to aid in troubleshooting and diagnostics. This tar file, which is saved in the user's home directory, contains the output of various commands and the contents of various files on the local device, including syslog files, files for each process [daemon] running on the device, core files, and configuration rollback files. For aid in troubleshooting, send the file to Cisco SD-WAN customer support.
If your Cisco SD-WAN device contains a large number of crash log files, it might take a few minutes for the request admin-tech command to complete.
On a single device, you can run only one request admin-tech command at a time. If a command is in progress, the device does not let a second one start.
When a process [daemon] on a Cisco SD-WAN device fails and that failure results in the device rebooting, the device automatically runs a request admin-tech exclude-cores exclude-logs file before the the device is rebooted.
To retrieve the admin-tech file from the Cisco SD-WAN device, use SCP. To do this, you must have login access to the device. To copy the file from the Cisco SD-WAN device, enter the shell from the Cisco SD-WAN CLI and issue a command in the following format:
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
4request admin-tech [delete-filename filename] [exclude-cores] [exclude-logs] [exclude-tech]
Tools ► Operational Commands ► Select device ► More Actions icon ► Admin Tech
Syntax Description
[none]
Collect all system status information, including core files, log files, and the process [daemon] and operational-related files that are stored in the /var/tech directory on the local device.
exclude-cores
Do Not Include Core Files: Do not include any core files in the compressed tar file. Core files are stored in the /var/crash directory on the local device.
exclude-logs
Do Not Include Log Files: Do not include any log files in the compressed tar file. Log files are stored in the /var/log directory on the local device.
exclude-logs
Do Not Include Process-Related Files: Do not include any process [daemon] and operational-related files in the compressed tar file. These files are stored in the /var/tech directory on the local device.
Command History
Release
Modification
14.1
Command introduced.
16.1
Added support for running only one request admin-tech command at a time.
16.3
Added delete-file-name, exclude-cores, exclude-logs, and exclude-tech options.
17.1
Added automatic collection of admin-tech information after a process fails.
Examples
Create an admin tech file and copy it to a user's home directory on a host in the network. For the SCP command, you must specify the full pathname of where to place the copied file.
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
5Install a certificate on the Cisco SD-WAN device [on vSmart controllers and vBond orchestrators only].
request certificate install file-path [vpn vpn-id]
Syntax Description
file-path
Path to Certificate File: Install the certificate in specified filename.
The file can be in a your home directory on the local device, or it can be on a remote device reachable through VPN 0 and using FTP, HTTP, SCP, or TFTP. If you are using SCP, you are prompted for the directory name and filename. No file path name is provided.
file-path can be one of the following:
filename—Path to a file in your home directory on the local Cisco SD-WAN device.
ftp: file-path—Path to a file on an FTP server.
// url/file-path—Path to a file on a webserver.
scp: user@host:file-path
tftp: file-path—Path to a file on a TFTP server.
vpn vpn-id
Specific VPN: VPN in which the certificate file is located.
When you include this option, one of the interfaces in the specified VPN is used to retrieve the file. The interfaces on a vSmart controller are only in VPN 0, the VPN reserved for the control plane, so you can omit this option because vSmart images are always retrieved from VPN 0.
Command History
Release
Modification
14.1
Command introduced.
Install a vSmart software image on a vSmart controller container host [on vSmart controller container hosts only].
request container image install filename [vpn vpn-id]
Syntax Description
filename
Name of vSmart Software Image: Install the vSmart controller software image in the specified filename. The file can be in your home directory on the local device, or it can be on a remote device reachable through FTP, HTTP, SCP, or TFTP. If you are using SCP, you are prompted for the directory name and filename. No file path name is provided. filename has the format viptela-release-number-x86_64.tar.gz.
vpn vpn-id
When you include this option, one of the interfaces in the specified VPN is used to retrieve the software image. The interfaces on a vSmart controller are only in VPN 0, the VPN reserved for the control plane, so you can omit this option because vSmart images are always retrived from VPN 0.
When you include this option, one of the interfaces in the specified VPN is used to retrieve the software image. The interfaces on a vSmart controller are only in VPN 0, the VPN reserved for the control plane, so you can omit this option because vSmart images are always retrived from VPN 0.
Command History
Release
Modification
16.2
Command introduced.
Create a temporary tunnel to use when debugging a failed control connection [on vEdge routers only]. One case when you might want to create a temporary tunnel is when a control connection fails to come up because of firewall rules or NAT issues. The Cisco SD-WAN software's forwarding process drops failed connections, so creating a temporary one allows you to triage the problem.
request control-tunnel add local-private-ip ip-address local-private-port port-number remote-public-ip ip-address remote-public-port port-number
Syntax Description
local-private-port ip-address port-number
Local Private IP Address and Port Number: Private IP address and port number for the local side of the tunnel connection.
port-number can be a value from 0 through 65535.
remote-public-ip ip-address remote-public-port port-number
Remote Public IP Address and Port Number: Public IP address and port number for the remote side of the tunnel connection. can be a value from 0 through 65535.
port-number
Command History
Release
Modification
16.1
Command introduced.
Examples
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
6Delete a temporary tunnel that you created to debug a failed control connection [on vEdge routers only]. One case when you might want to create a temporary tunnel is when a control connection fails to come up because of firewall rules or NAT issues. The Cisco SD-WAN software's forwarding process drops failed connections, so creating a temporary one allows you to triage the problem.
request control-tunnel delete local-private-ip ip-address local-private-port port-number remote-public-ip ip-address remote-public-port port-number
Syntax Description
local-private-ip ip-address local-private-port port-number
Local Private IP Address and Port Number: Private IP address and port number for the local side of the tunnel connection.
port-number can be a value from 0 through 65535.
remote-public-ip ip-address remote-public-port port-number
Remote Public IP Address and Port Number: Public IP address and port number for the remote side of the tunnel connection.
port-number can be a value from 0 through 65535.
Command History
Release
Modification
16.1
Command introduced.
Send the certificate serial number of a vManage NMS or a vSmart controller to the vBond orchestrator [on vManage NMSs only].
request controller add serial-num number
Syntax Description
number
Serial Number: Certificate serial number to send to the vManage or vSmart controller.
Command History
Release
Modification
15.4
Command introduced to replace the request vsmart add serial-num command.
Usage Guidelines
Note
The request controller add serial-num command to add serial numbers is not supported on Cisco SD-WAN 20.x releases as changes are not persistent across reboots. You can add serial numbers through Cisco vManage. For more details on controller serial numbers, see .
request controller delete serial-num—Delete a vSmart serial number from the vSmart controller serial number file on the local device.
request controller delete serial-num number
Syntax Description
number
Serial Number: vSmart serial number to delete from the vSmart serial number file on the local device.
Command History
Release
Modification
15.4
Command introduced to replace the request vsmart delete serial-num command.
Usage Guidelines
Note
The request controller delete serial-num command to delete serial numbers is not supported on Cisco SD-WAN 20.x releases as changes are not persistent across reboots. You can delete serial numbers through Cisco vManage.
request controller-upload serial-file—Upload the controller certificate serial number file to the local device [on vManage NMSs only]. The local device retains these serial numbers even after you reboot it.
request controller-upload serial-file filename [vpn vpn-id]Syntax Description
filename
Name of Certificate File: Install the specified file containing the list of serial numbers for the vManage NMSs and vSmart controllers in the overlay network. The file can be in your home directory on the local device, or it can be on a remote device reachable through FTP, HTTP, SCP, or TFTP. If you are using SCP, you are prompted for the directory name and filename. No file path name is provided.
vpn vpn-id
Specific VPN: VPN in which the certificate file is located. When you include this option, one of the interfaces in the specified VPN is used to retrieve the file. The interfaces on a vSmart controller are only in VPN 0, the VPN reserved for the control plane, so you can omit this option because vSmart images are always retrieved from VPN 0.
Command History
Release
Modification
15.4
Command introduced to replace the request vsmart-upload serial-file command.
request csr upload—Upload a certificate signing request [CSR] to the Cisco SD-WAN device [on vSmart controllers and vBond orchestrators only].
request csr upload path [regen-rsa] [regen-uuid] [vpn vpn-id]Syntax Description
path
Path to Certificate File: Upload the CSR in the file at the specified path. The path can be in a directory on the local device or on a remote device reachable through FTP, HTTP, SCP, or TFTP. If you are using SCP, you are prompted for the directory name and filename. No file path name is provided.
regen-rsa
[Optional] Regenerate RSA Key Pair: Generate a new RSA public-private key pair. The RSA key pair is stored in the server.key file in the /usr/share/viptela directory on the local device.
regen-uuid
[Optional] Regenerate UUID: Generate a new CSR with a unique UUID that is different from the previous UUID. You can specify this option only on a vBond orchestrator virtual machine [VM]. The option is not available on vEdge router hardware, because the router's UUID is its chassis number.
vpn vpn-id
[Optional] Specific VPN: VPN in which the CSR file is located. When you include this option, one of the interfaces in the specified VPN is used to retrieve the file. The interfaces on a vSmart controller are only in VPN 0, the VPN reserved for the control plane, so you can omit this option because vSmart images are always retrieved from VPN 0.
Command History
Release
Modification
14.1
Command introduced.
14.2
Added the org-name and regen-rsa options.
15.3Removed the org-name option. The command now prompts for the organization name.
17.1
Added support for multitenancy.
Examples
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
7When the vBond orchestrator or vSmart controller is part of a software multitenant architecture, the command also prompts for the service provider organization name.
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
8request device—Add or delete a vEdge router chassis number on the vBond orchestrator that is acting as a ZTP server.
request device add chassis-number number strong>serial-numbernumber validity [invalid | valid] vbond ip-address org-name name [port port-number] [enterprise-root-ca path] request device delete chassis-number number
chassis-number number
Chassis Number: vEdge router chassis number.
validity invalid | valid
Device Validity: Whether the vEdge router is allowed to join the overlay network [valid] or is not allowed [invalid].
enterprise-root-ca path
Enterprise Root CA: Path to the enterprise root CA. The path can be an HTTP, FTP, or TFTP path.
org-name name
Organization Name: Name of your organization as specified in the device certificates.
port port-number
Port on the vBond Orchestrator: Port to use on the vBond orchestrator to reach the WAN network.
strong>serial-numbernumber
Serial Number: vEdge router serial number.
Command History
Release
Modification
14.3
Command introduced.
Examples
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
-----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:02
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:03:58
512 eth0 10.0.1.1 00:50:56:c0:00:01 dynamic 0:00:13:34 0:00:15:25
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:22
512 eth0 10.0.1.254 00:50:56:fe:2a:d4 dynamic 0:00:19:34 0:00:03:25
vEdge# clear arp entries
vEdge# show arp
IF
VPN NAME IP MAC STATE IDLE TIMER UPTIME
----------------------------------------------------------------------------
0 ge0/0 10.0.11.1 00:0c:29:86:ea:83 static 0:00:00:00 0:13:02:08
0 ge0/7 10.0.100.11 00:0c:29:86:ea:c9 static 0:00:00:00 0:13:04:04
512 eth0 10.0.1.11 00:50:56:00:01:01 static 0:00:00:00 0:13:04:29
9request device—Add vEdge router chassis numbers by uploading a file that contains the device information onto the vBond orchestrator that is acting as a ZTP server.
request device-upload chassis-file file-path [vpn vpn-id]chassis-file file-path
Filename: Name of a CSV file containing the chassis information required by the ZTP server.
file-path can be one of the following:
filename—Path to a file in your home directory on the local Cisco vEdge device.
ftp: file-path—Path to a file on an FTP server.
// url/file-path—Path to a file on a webserver.
scp: user@host:file-path
file-path—Path to a file on a TFTP server.
Each row in the CSV file must contain the following information for each vEdge router:
Chassis number
Serial number
Validity [either valid or invalid]
vBond IP address
vBond port number [entering a value is optional]
Organization name
Path to the root certification [entering a value is optional]
file-path vpn vpn-id
VPN: vpn vpn-id VPN in which the remote server is located.
Command History
Release
Modification
14.3
Command introduced.
Examples
The following example uploads the device information from the local router. Here, the root CA path is omitted, but the comma preceding its value is required.
vEdge# show bfd sessions system-ip 1.1.1.1
SOURCE TLOC REMOTE TLOC DST PUBLIC DST PUBLIC DETECT TX
SYSTEM IP SITE ID STATE COLOR COLOR SOURCE IP IP PORT ENCAP MULTIPLIER INTERVAL[msec] UPTIME TRANSITIONS
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1.1.1.1 1 up default public-internet 192.168.1.104 69.181.135.19 34601 ipsec 3 1000 3:17:22:43 5
vEdge# clear bfd transitions
vEdge# show bfd sessions system-ip 1.1.1.1
SOURCE TLOC REMOTE TLOC DST PUBLIC DST PUBLIC DETECT TX
SYSTEM IP SITE ID STATE COLOR COLOR SOURCE IP IP PORT ENCAP MULTIPLIER INTERVAL[msec] UPTIME TRANSITIONS
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1.1.1.1 1 up default public-internet 192.168.1.104 69.181.135.19 34601 ipsec 3 1000 3:17:22:43 0
0request download—Download a software image or other file to the Cisco SD-WAN device [on vEdge routers and vSmart controllers only].
request download [vpn vpn-id] filenameSyntax Description
filename
Name of Software Image or File: Download a software image or other file to the local Cisco SD-WAN device. The file can be on a remote device reachable through FTP, HTTP, HTTPS, SCP, or TFTP. If you are using SCP, you are prompted for the directory name and filename; no file path name is provided. The file is placed in your home directory on the local device.
vpn vpn-id
Specific VPN: VPN in which the remote device containing the file to be downloaded is located. When you include this option, one of the interfaces in the specified VPN is used to retrieve the software image.
Command History
Release
Modification
15.3.3
Command introduced on vEdge 100 routers.
15.4
Available on all routers and on vSmart controllers.
request execute—Execute a shell command from within the Cisco SD-WAN CLI.
request execute [vpn vpn-id] command [in Releases 15.4 and later]
request execute [vpn vpn-id] "command" [in Releases 15.3 and earlier]
Syntax Description
command
Command: Run the specified command in the UNIX shell while still remaining in the Cisco SD-WAN CLI. In Releases 15.3 and earlier, you must enclose the command within quotation marks.
vpn vpn-id
VPN: Specific to the VPN in which to execute the command. The default vpn-id is VPN 0.
Command History
Release
Modification
14.1
Command introduced.
15.4
Enclosing the shell command in quotation marks is no longer necessary.
Examples
vEdge# show bfd sessions system-ip 1.1.1.1
SOURCE TLOC REMOTE TLOC DST PUBLIC DST PUBLIC DETECT TX
SYSTEM IP SITE ID STATE COLOR COLOR SOURCE IP IP PORT ENCAP MULTIPLIER INTERVAL[msec] UPTIME TRANSITIONS
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1.1.1.1 1 up default public-internet 192.168.1.104 69.181.135.19 34601 ipsec 3 1000 3:17:22:43 5
vEdge# clear bfd transitions
vEdge# show bfd sessions system-ip 1.1.1.1
SOURCE TLOC REMOTE TLOC DST PUBLIC DST PUBLIC DETECT TX
SYSTEM IP SITE ID STATE COLOR COLOR SOURCE IP IP PORT ENCAP MULTIPLIER INTERVAL[msec] UPTIME TRANSITIONS
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1.1.1.1 1 up default public-internet 192.168.1.104 69.181.135.19 34601 ipsec 3 1000 3:17:22:43 0
1