WARNING!!: By no means this is an official supported/recommended Juniper command list !!!

Furthermore, care must be taken at the time to use Shell commands!! (only under JTAC supervision)

COMMAND

Description

Example

Chassis Management
show chassis alarm
show chassis craft-interface
set chassis display message "M40e unit for swap"
show chassis environment
show chassis temperature-thresholds
show chassis routing-engine
show chassis hardware
detail/frus/ext
show chassis fpc
show chassis fpc detail
show chassis fpc pic-satus
show chassis pic fpc-slot 0 pic-slot 1
show chassis mac-addresses
show chassis [feb | scb | ssb | sfm slot]

Chassis alarm status

Information currently on craft display
displays a user defined message on the LCD craft interface
Environmental information & temperature
Displays temperature thresholds
Displays info about the RE, memory & CPU utilization
Hardware inventory + serial numbers; frus shows fans; ext shows eeprom, flash/disk capacity
displays status of all FPCs installed (mem heap should be <80% !)
includes also SRAM/SDRAM available Mem and usage
Displays info for all PICs
Displays info about one particular PIC
MAC address
displays satus about PFE system control board (temp, cpu%,DRAM)

System management
show
show
show
show
show
show

host
version
system software
system uptime
system processes
system statistics

ns lookup
displays software running on the box
displays installed packages
uptime of the router
extensive/summ Show the process table
ip, icmp,
Show protocol statistics
lists only active IP sockets on RE
show system connections
show system users
Show users currently logged into the system
show system storage
displays the amount of amount of free disk space on file system
root% df -k
show system storage from Shell
show system boot-messages
displays contents of boot log (boot-up messages)
show system virtual-memory
displays current memory state
request system reboot
Restarts the system
request system halt
Stops the router and prepares it to be shut down
request system reboot
Reboot the system
request system snapshot
Save config in /altconfig and software in /altroot before upgrade
request support information
show tech
request system software add <pkgname>
performs bsd pgkadd; always use jbundle (4->5 jinstall)
restart <process> [ gracefully, immediately, soft]
Restart process
request chassis routing-engine diagnostics all
(hidden)
runs a diagnostic script in compact-flash,hard-disk & memory

show host www.cisco.com

detail

request system storage cleanup

Free storage space on the router by rotating log files and proposing a list
of files for deletion. User input is required for file deletion.

Configuration
configuration
show

enters configuration mode

displays the current configuration
show protocols ospf
filters the output of the command
show config | match firewall
filters starting with the regular expression
show config | find firewall
save configuration as <file>
modifies configuration statements
edit protocols ospf
sets configuration statements
set chassis alarm sonet lo1 red
removes configuration statements
exists edit mode and also config mode
save, validate and activate a complete config
just check config do not apply
activates config for a x minutes and then ask for confirmation, x=10 default
activates config and exists edit mode
activates config on active RE and replicates it into backup RE
(hidden)
signals to all daemons a SIGHUP (kill -1) which forces them to read their config files (restarts all daemons)
(hidden) from shell
same as commit full but from shell
activates config at a given time (schedule a commit)
commit at "18:00:00"
Clear all pending commit requests
deletes the new edited changes and returns to current config
returns to the last commited config
it will return to previously saved config. Only at the top level!
combines the current config and the new one
erases the candidate config and replaces it with "luis"
copy and paste portions of the config, vanaf root config
loads the factory default settings config
router# load override /packages/mnt/jbase/sbin/install/default-juniper.conf
compares the candidate config with the running config
displays a rollback file
shows differences between rollbacks 0 and 32 files
saves config in /var/home directory
save CJNR-reset
saves config in remote system using ssh
save luis@192.168.200.1:SYD-AJNR-basic-intf
(hidden)
displays only certain JUNOS default settins (system/services/apps)
| match item
| find item
| save <file>

edit
set
delete
exit
commit
commit check
commit confirmed x
commit and-quit
commit synchronize
commit full
root% mgd -l
commit at
clear system commit
rollback 0
rollback
rollback + commit
load merge </var/home/user/config>
load override </var/home/user/config>
load merge terminal
load factory-default
show | compare
show system rollback 40
show system rollback compare 0 32
save
save username@host:filename
show configuration groups junos-defaults
Managing files
start shell
/config
/var/db/config
/var/tmp
/var/log
/var/home
/altroot
/altconfig
file list
file list /config
file show <file>
file delete
file copy source destination
file copy filename ftp://hostname/filename

flashdisk
harddisk
harddisk
harddisk
harddisk
harddisk
harddisk

contains active config and rollbacks 1,2 & 3

contains rollback files 4 through 49
contains core files generated by the daemons when they crash
files generated by the logging and traceoptions
contains subdirectory per user
contains a copy of the root file structure form the flash drive
contains a copy of the /config file structure on the flash drive
displays all files on this user home directory
displays all files on the /config directory
displays content of <file>
deletes a file from hard disk
copies files from one RE to the other

ftp

Copy Files from the Local Router to a Remote System

file copy filename scp://user@hostname/filename scp

file copy ftp://hostname/filename filename

ftp

show system rollback 40

show system rollback compare 0 32

Logs

Copy Files from a Remote System to the local router

request system snapshot

request system snapshot

file delete /var/tmp/smpd.core

GRTAMSTC1> file copy /var/home/jinstall-6.2-domestic-signed.tgz re0:/var/home/lgomez
root@host> file copy /config/juniper.conf ftp://jvserver.uu.net/tmp/juniper.conf
root@host> file copy /config/juniper.conf ftp://lgomez@jvserver.uu.net/tmp/juniper.conf
scp://user@ssh-host/tmp/juniper.conf
root@host> file copy /config/juniper.conf
ftp://jvserver.uu.net/jbundle-package-name
/var/tmp/jbundleroot@host>
package-name
root@host> file copy ftp://lgomez@jvserver.uu.net/jbundle-package-name
/var/tmp/jbundle-package-name

displays a rollback file

shows differences between rollbacks 0 and 32 files

located in /var/log

show log messages

show log file-name
show log cli
show log chassisd
show log install
show log debug
show log messages?
show log inventory
monitor start file-name
monitor stop
help syslog

shows all the logs, location is /var/log

shows logs about an specific log file
show logs about cli commands issued
show logs about chassis probs
show logs releveant to an install JUNOS version
show daemon logs
displays all the files with their dates of the collected logs
shows logs about inventory
monitors logs in real time
stops monitoring
explanation of log meaning

show log bgp-events.0

help syslog ASP_SFW_IP_FRAGMENT_ASSEMBLY_TIMEOUT

Show interfaces
show interfaces

monitor interface x-x/x/x

monitor traffic interface x-x/x/x
monitor traffic interface x-x/x/x write-file [file]
% tcpdump -r
monitor start <var/log/file>
show arp
clear interfaces statistics so-2/0/1
show interfaces diagnostics optics so-1/0/0

detail
extensive
terse
description
media
statistics
routing

shows detailed info about an interface

shows all possible info about an interface (very detailed)
shows ip interface brief
shows interfaces description
Display media information
Display statistics and detailed info
Display routing status
monitors interface real-time statistics
prints packet headers to your terminal screen for info sent/received by the RE. No filtering allowed !!
writes output to this command to a file, with L2 headers present
(hidden)
all info is stored in a file so you can use tcpdump to read it
monitor traffic interface fe-0/0/0 write-file dump
XR1.AMS6> start shell
Shell command read the contents of a tcpdump file
% tcpdump -r dump icmp
prints logfile to your terminal screen
shows ARP entries
reset counters & statistics for this particular interface
displays SONET signaling power values and laser Tx Rx

Routing
show
show
show
show
show

route
route
route
route
route

protocol [static, isis]

x.x.x.x extensive
advertising-protocol
receiving-protocol

Forwarding

show ip route
show ip route for an specific protocol
extensive view of a route

show route protocol static

show route forwarding-table destination x.x.x.x

clear route forwarding-table x.x.x.x
SFM0 (vty)# show route ip prefix x.x.x.x

displays route entries in the master copy of the FT (on RE)

clears entries from the FT (be careful! could lead to RIB/FIB inconsistencies!!)
Shell command displays route entries into the PFE FT (should be identical to RE FT)

Firewall
show firewall
show firewall log
clear firewall [all|filter-name|counter-name]
show interfaces filters
show interfaces policers
show policer

detail

show packet/byte counts for all policing filters

log in memory resident buffer/kernel cache (detail: packet length)
clears counters
displays all firewall filters on all interfaces
displays all firewall policers on all interfaces
displays all policers, where it is used and no. packets processed

Management & Interface testing

ping
ping atm interface <intf> vci <nr>
traceroute

Loopback test
set t3-options loopback local
set t3-options loopback remote
BERT test
set t3-options bert-period 120
set t3-options bert-algorithm all-ones-repeating
set t3-options bert-error-rate 0
test interface t3-1/2/0 t3-bert-start
test interface t3-1/2/0 t3-bert-stop
show interfaces t3-1/2/0 extensive | find bert

icmp echo-request/echo-response
ping remote atm interface using oam cells
send udp 33434/ttl=1- receive icmp time-exceeded
send udp 33435/ttl=2 - receive icmp time-exceeded

send udp 33439/ttl=6 - receive icmp port unreachable

and delete
and delete

sets loopback on PIC towards router

sets loopback on PIC towards far-end

BERT test duration

BERT test pattern
BERT test error rate
Starts BERT test
Stops BERT test

Policy
test policy <policy-name> 0/0

Pass all routes (0/0) through the policy as test

XR1.AMS6> show route forwarding-table destination 192.168.20.1

COMMAND
JTAC support info
request suport information
Restore factory settins
load override /packages/mnt/jbase/sbin/install/default-juniper.conf
load factory-default
Shell Commands (file related)
start shell
root% df -k
root% mgd -l
% sysctl -a | grep bootdev
Resetting cards
request
request
request
request

chassis
chassis
chassis
chassis

fpc slot 3 offline

fpc slot 3 online
pic fpc-slot 3 pic-slot 3 offline
pic fpc-slot 3 pic-slot 3 online

Processes & Connections

restart .
#deactivate protocols ospf
% which rpd
% ps ax | grep rpd
% netstat -Aa
% fstat | grep [PCB]

from shell
from shell

show system connections

file show /etc/services
Core Files
file list detail /var/crash/
show system core-dumps
show system core-dumps core-file-info detail <core-filename>
request system core-dump [process]
High mem tax!
% gcore -s path/binary-name pid
disruptive!!
% gzip vmcore.0.gz
% cat vmcore.0 | gzip vmcore.0.gz
PCMCIA
dd if=filename of=/dev/rdevice address bs=64k
dd if=/deb/zero of=/dev/rad3 count=20
dd if=install-media-7.0R1.5-export of=/dev/rad3 bs=64k
RE & Redundancy

from root shell

show chassis routing-engine

show chassis routing-engine bios
request chassis routing-engine master switch
request routing-engine login other-routing-engine
root# rsh -T re1
request chassis routing-engine diagnostics all
fsck /dev/ad1s1f

(hidden)
from root shell

PFE
show pfe terse
show pfe fpc 0
show pfe statistics error
clear pfe statistics
show pfe route summary
show pfe next-hop
show pfe interface
show lchip ifd
show ichip ifd

!!
Hidden!
!!
Hidden!
Hidden!
Hidden!

Logging into PFE Components

show tnp addresses
start shell
%su
%vty [ntp address]
FPC2(host vty)# show nvram
FPC2(host vty)# show syslog messages

Hidden!
Shell required
requires su

(same but straight from CLI)

start shell pfe network fpc2
EGFPC2(GRTMIANA2 vty)# sh nvram
EGFPC2(GRTMIANA2 vty)# sh lchip
EGFPC2(GRTMIANA2 vty)# sh lchip 0 errors
SFM0/FEB/CFEB
show chassis sfm detail
start shell pfe network sfm0
(vty)# show nvram
(vty)# show syslog info
(vty)# show syslog messages
SFM0 (vty)# show sched
SFM0(vty)# sh throttle
SFM0(vty)# show cchip notif
SBR(Sydney vty)# bringup nic 0 reanimate
SBR(Sydney vty)# test mem all verbosity 5 size 10 loops 1

!!!
!!!

JUNOS upgrades

junos files are in /var/home

ftp
file copy ftp://hostname/filename filename
file copy
root% dd if=/dev/rad3 of=/dev/null bs=1k count=1
show system storage
% sysctl -a | grep bootdev
% sysctl -w machdep.bootdevs=pcmcia-flash,compact-flash,disk,lan
request chassis routing-engine diagnostics all
(hidden)
request system snapshot
request system software add validate /var/tmp/jinstall-6.4R3-domestic.tgz
request system reboot
Memory & processes issues
show system processes
show task memory detail

Shell Commands
i) Kernel related
% sysctl -a
% sysctl -a | grep dump
% sysctl -a | grep bootdev
% sysctl -w

ii) FreBSD related

extensive/summary

Description

collects shoversion, uptime, hardware, processes, pfe stats, fpc detail, boot messages, memory, buffers, sta

Restores the router to its default config

Restores the router to its default config

shows files in the directory

initializes configuration database (commit related problems)
shows boot devices

puts
puts
puts
puts

fpc in slot 3 in offline state

fpc in slot 3 back in online state
pic in fpc 3 slot 3 in offline state
pic in fpc 3 slot 3 back in online state

restart a particular daemon process (kill -1)

bounces a particular instance of rpd only
obtains process path
obtains the PID associated with a process
displays sockets (-a) & all Protocol Control Blocks (PCB) info (-A)
(get the PCB from the netstat -Aa command listed port)
similar to netstat but restricted only to Internet connections
gives you a list of services-to-port mappings

lists core files if there are

lists core files if there are
decode a core file
forces a core file for one particular process (creates copy of process)
forces a core file by suspending the daemon
compresses corefile to gz
same thing, but keeps original file

copies a file to a removable media

erases removable media (PCMCIA)
copies an install media from /var/tmp to flash

Displays info about the RE, memory & CPU utilization

Displays revision level of the RE BIOS
changes RE mastership from active to backup REs
logs into the other RE
logs into the other RE from a root shell promt
runs a diagnostic script in compact-flash,hard-disk & memory
file system check

Show list of Packet Forwarding Engine component

Show FPC status and statistics
displays FPE ASIC-related errors
clears PFE statistics
Show summary version of routing tables (size and # of routes)
Show PFE next-hop information
shows interfaces and indexes (not snmp!)
shows which interface belongs to which PFE for T-series
shows which interface belongs to which PFE for I-chip based PFE

obtains list of tnp endpoints addresses

connects to vty ntp address (FPC, SSB, SFM)

collects disagnostic info from FPC
shows syslog messages

status of the SFM and mastership

login into the SFM
collects data from the SFM
displays logs about the SFM
displays log messages
displays scheduler information (SFM CPU%)
Interrupt throttle information
shows C chip notification registers
restarts a dead FPC
runs memory address data tests (10 meg, loop 1)

les are in /var/home

Copy Files from a Remote System to the local router

copies files from one place to the other (i.e. between REs)
Checks there is no removable media inserted.
displays the amount of amount of free disk space on file system
shows boot devices
alters the order of the booting devices
runs a diagnostic script in compact-flash,hard-disk & memory
Save config in /altconfig and software in /altroot before upgrade
Installs JUNOS package, validating against potential config errors
Reboot the system

Show the process table

Shows memory tasks

displays all ( -a ) kernel parameters

confirms if kernel core dumps are enabled
shows boot devices in order
writes ( -w ) parameters to kernel components

to find the CF

Example

Restores the router to its default config

GRTMADPE2>
GRTMADPE2>
GRTMADPE2>
GRTMADPE2>

request
request
request
request

chassis fpc slot 2 offline

chassis fpc slot 2 online
chassis pic fpc-slot 3 pic-slot 2 offline
chassis pic fpc-slot 3 pic-slot 2 online

GRTAMSTC1> restart routing

root

rpd

2456 20* internet stream tcp c3780200

GRTAMSTC1> file list detail /var/crash/

GRTAMSTC1>show system core-dumps
GRTAMSTC1> request system core-dump routing
root% gcore -s /usr/sbin/rpd 2275

GRTAMSTC1>dd if=install-media-7.0R1.5-export of=/dev/rad3 bs=64k

root@Sydney-3%

fsck /dev/ad1s1f

show tnp addresses

lgomez@GRTAMSTC1> start shell pfe network sfm0

SFM0(GRTAMSTC1 vty)# show nvram
SFM0(GRTAMSTC1 vty)# show syslog info

root@host> file copy ftp://jvserver.uu.net/jbundle-package-name /var/tmp/jbundle-package-name

root@host> file copy ftp://lgomez@jvserver.uu.net/jbundle-package-name /var/tmp/jbundle-package-name
GRTAMSTC1> file copy /var/home/jinstall-6.2-20040424.0-domestic-signed.tgz re0:/var/home/lgomez

kern.coredump flag must be set to 1

% sysctl -w machdep.bootdevs=pcmcia-flash,compact-flash,disk,lan

boot:

dle-package-name
tmp/jbundle-package-name
re0:/var/home/lgomez

COMMAND

Description

Example

Show commands
show
show
show
show
show

rip neighbor
route protocol rip
route advertising-protocol rip 10.1.1.1
route receiving-protocol rip 10.1.1.1
rip statistics

view status of neighbors, send/receive mode (ripv1/2)

view all RIP routes in the routing table
displays routes that a rip interface sends
displays routes that a rip interface receives
displays various rip statistics

COMMAND

Description

Example

Show commands
show ospf neighbor
show ospf neighbor extensive

view status of OSPF neighbors, priority, dead intervals, FSM state

view detailed info about an ospf neighbor (area, option

clear ospf neighbor [192.168.254.225]

show ospf statistics
show ospf interface
show ospf interface extensive
show ospf route

show route protocol ospf

show ospf database
show ospf database summary
show ospf database brief
clear ospf database purge
show ospf database

show
show

show
show

abr
asbr
extern

fields, DR, BDR...)

restarts an adjacency or all
view basic ospf statistics, number of Hellos, DD
LSRs, LSUs, LSAcks. OSPF packet types + LSA rexmit
view status of an interface, Area, DR, BDR, Neighbors,
State (DR, BDR, DRother, PtoP, Down)
...also cost, MTU
The results of the SPF algorithm, LSA type, metric...

viet ospf routes in inet.0 (routing table)

show route protocol ospf 192.168/16 terse
view the LSA database per area, Seq no./Age/Checksum, Options
view how many LSA types per area (usefull!!)
view the LSA database briefly described
deletes de database and restarts adjacencies, purge floods LSA with maxage
view the LSA specific type database

router
network
netsummary
asbrsummary
extern
nssa
ospf database router advertising-router 10.0.3.3 detail
view LSAs advertised by a paricular router ID
ospf database router area 0 extensive
view the LSA database in a particular area
LSA header (opt bits, ID, advertis rtr)
LSA type content (V E B bits and all packet)
ospf database area 0 lsa-id extensive
view one particular LSA in detail
ospf log
displays how often the SPF is being initiated

show bfd session

verify BFD operation

show ospf database router advertising-router 10.0.3.4 detail

show ospf database area 0 lsa-id 192.168.1.1 extensive

COMMAND

Description

Example

Show commands
show isis adjacency
show isis adjacency extensive
clear isis adjacency
show isis interface
show isis interface details
show isis hostname
show isis spf log
show isis statistics
show isis route
show route protocol isis
show isis database
show isis database detail
show isis database GRTMADPE2 detail
show isis database extensive [level 1 | 2]

view status of ISIS adjacencies, Level, state, SNPA, Hold time

restart capability, piority, circuit type, ip address
clears and restarts an adjacency
displays the interfaces that are operational for isis
interface, level, circuit ID, DR Level 1/2, Metric
verifies the dynamic hostname resolution of system ID values
displays history of SPF calculations, why it was performed
verifies which isis PDUs are being transmitted/received
(IIH, LSP, CSNP, PSNP) and number of SPF runs
displays the results of the SPF calculations before the
routes are places into the routing table.
view routes in inet.0
displays LSPs on the database, including sequence, checksum,
lifetime and attributes
displays advertised prefixes, metrics, origin for each route
plus LSP headers and all TVL details

monitor traffic interface so-0/0/0 size 1514 detail Monitor IS-IS messages
show bfd session

verify BFD operation

COMMAND

Description

Example

Show commands
show bgp summary
show bgp group
show bgp neighbor

show
show
show
show

route
route
route
route

next-hop database
protocol bgp
protocol bgp terse
receive-protocol bgp

RIB
RIB

show route advertising-protocol bgp

RIB

show route detail 10.10.1/24

show route hidden
show route community <reg-ex>
show route terse community-name <name>
show route aspath-regex "regex"

peers, ASN, Flaps, routes active/received/damped + total/active paths

view the configured peer groups
detailed info about bgp peers
(AS number, hold time, router IDs, prefixes, NLRI support, capabilities
and received routes, no of input/output packets, state...)
shows the bgp next-hop dB
shows the Local-RIB database as part of inet.0, next-hop, metric1/2 AS-path
shows next-hop but not protocol next-hop
shows the Adjacency-RIB-In table.
(routes received by a peer before a routing policy is applied)
shows the Adjacency-RIB-Out table
(routes being advertised to a peer after routing policy is applied)
all of the BGP attributes of this route, metric=MED, metric2=IGP cost
shows routes with unreachable next-hops

detail/terseshow routes matching community

detail/terseshows all routes with this community name configured
detail/terse

show route damping [history|decayed|surpress detail

clear bgp damping

show routes being damped

clear damping and reuse damped routes immediately

clear bgp neighbor soft inbound

to regain routes not in Adj-Rib-In (keep none or loops)

monitor traffic interface fe-0/0/0 size 4096 detail

Monitors BGP messages

COMMAND

Description

Example

Show commands
IGMP
show igmp interface
show igmp group
show igmp statistics

shows state, querier (DR for that segment), version (default 2) and IGMP timers
shows the multicast groups joined
shows igmp message statistics

PIM
show
show
show
show

pim
pim
pim
pim

interface
neighbors
statistics
join extensive

clear pim join

show pim source detail
show pim rps
show pim bootstrap

lists configured PIM interfaces -- mode (default sparse), state (DR, ptp), neighbors
shows info about pim neighboring routers
shows pim messages being sent or received
shows current state of pim joins, multicast group address & interface used to forward streams. Also rpt or stp tree in use
displays (*,G) and (S,G) states and also RPF interface info
flushes join states!
shows active multicast sources and their RPF intf.
also multicast groups serviced by these source
extensiveshows the RP addresses, how it was learned and which groups are served
shows the BSR election process and state
detail

RPF
show multicast usage
show multicast rpf
show multicast route
show route table inet.1
show multicast next-hops
show nhdb id extensive

to view packets/bytes seen for every multicast group address

to view the RPF table used during multicast forwarding, similar to inet.0
displays source prefix, from which protocol was learned & the uptsream interface
to verify multicast group addresses and their sources (S,G)
extensivealso displais NHID which are a numerical reference to the OIL
as above with protocol and preference (S,G)
displays the multicast outgoing interface list (OIL), mapping of NHid to interfaces
next-hop database with IFL-list
!!!!

MSDP
show msdp
show msdp source-active
show route table inet.4

detail

show multicast rpf inet summary

shows MSDP sessions and their status

shows MSDP sources active (SA) and whether the SA is accepted, rejected or filtered
MSPD table. Almost the same as the above but with (S,G) notation
displays what table multicast uses (inet.0 by default)

COMMAND

Description

Example

Show commands
show
show
show
show
show

mpls
mpls
mpls
mpls
mpls

interface
lsp
lsp extensive
lsp ingress
lsp transit

shows status of an mpls interface and admin groups (colors)

verify the establishment of the LSP at ingress, egress or transit level AND the label in/out/Pushed values
history of LSP, paths and RRO is shown
extensiveshow the originated LSPs at ingress. Also secondary paths are showed and fast reroute
show transit LSPs

clear mpls lsp [optimize|optimze-aggressive]

show ted database

Rebuilds all LSPs, [non-preemptive|aggressive] now

extensiveExamines the info in the TE database, including all IGP extensions

(admin groups -colors-, BW priority reservations)

RSVP
show
show
show
show
show

rsvp
rsvp
rsvp
rsvp
rsvp

interface
neighbor
session
session ingress
version

show route table mpls.0

show route table inet.3

detail
detail

shows status of RSVP interfaces, Active resv, Subscription rate, Bandwidth allocations
shows RSVP neighbors which has an LSP active, also Hello-interval
shows ingress/egress/transit sessions and the label in/out values assigned!!! RRO, Style, ERO and also bypass LSPs
shows also the links used by detour paths and their status
shows RSVP version, soft-state refresh timer, keep-multiplier (hello & soft-state use same)
shows MPLS switching table (label values)
shows LSP table. RSVP info is installed here

LDP
show ldp neighbors
show ldp session
show ldp database [session peer]

displays all LDP neighbors

displays all established sessions, state and hold-time
displays all label-to-FEC mappings [from specific peer]

COMMAND

Description

Example

L3 VPN COMMANDS
Show commands

show route table vpn-a hidden

show route forwarding-table vpn vpn-a

shows this particular VRF table, containing

watch for the inner (VPN) & outer (LSP) labels
* all routes learned from CE
* all routes imported from l3vpn.bgp table coming from other PEs
If LSP is missing between PEs, VPN IPv4 routes will be visible but with and invalid NH
shows a VRF forwwarding table (note the double push operation)

ping x.x.x.x routing-instance vpn-a

traceroute x.x.x.x routing-instance vpn-a
telnet x.x.x.x routing-instance vpn-a
ping mpls l3vpn vpn-a prefix 172.20.4/24

ping using a particular VRF table

traceroute using a partiuclar VRF table
telnet using a particular VRF table
checks if route at destination VRF exists and reachability to it

show route table bgp.l3vpn.0

houses all VPN IPv4 routes learned from all PEs

DEFAULT: only store routes with a matched RT
"keep all" knob: store all MBGP routes even if there is no matched RT

show route advertising-protocol bgp x.x.x.x

show route receive-protocol bgp x.x.x.x
show arp

view routes sent to other PEs

view routes received from other PEs
displays ARP entries in both inet.0 and VRF tables
clears ARP entries off the VRP table

show route table vpn-a

detail

clear arp vpn vpn-a

no need for 127.0.0.1 in lo0

OSPF VPN commands

displays all configured OSPF interfaces on this VRF
displays all OSPF neighbors on this VRF
displays the LSDB for this particular VRF

show ospf interface instance vpn-a

show ospf neighbor instance vpn-a
show ospf database instance vpn-a
L2 VPN COMMANDS
Kompella Show commands

show route table bgp.l2vpn.0

show route advertising-protocol bgp x.x.x.x
show route receive-protocol bgp x.x.x.x

extensiv shows states of layer 2 vpns connections (site to site)

shows contents of a VFT, including
detail
* local site L2 NLRIs advertised to other PEs [L2VPN]
* remote site L2 NLRIs coming from other PEs [BGP]
houses all L2 VPN NLRIs with at least one matching RT
view L2 VPN NLRIs sent to other PEs
view L2 VPN NLRIs received from other PEs

show route table mpls.o

detail

show l2vpn connections

show route table vpn-a

show route forwarding-table family mpls

shows MPLS switching table entries for L2 VPNs

(displays VRF interfaces to label -double push operation- mappings)
((which VRF interface is mapped to which LSP))
view FT entries for L2 VPN connections

ping mpls l2vpn instance vpn-a remote-site-id 2 local-site-id 1test the l2vpn connection site to site (PE to PE)
test the l2vpn local interface
ping mpls l2vpn interface fe-0/0/0.512
Martini Show commands
show l2circuit connections
show ldp neighbor detail
show ldp database

extensiv shows states of layer 2 circuits connections (site to site)

check if neighbor relationship is successful between PEs
(use of extended neighbor discovery has worked)
check the presence of a FEC associated with the l2circuit
detail

L2 NLRI = RD + Site ID + label offset

COMMAND
Show commands
show interface xx-x/x/x detail
show interface queue xx-x/x/x

show interfaces so-1/0/0 extensive

show class-of-service ...
show class-of-service interfaces so-1/0/0
show class-of-service code-point-aliases
show class-of-service code-point-aliases dscp
show class-of-service code-point-aliases inet-prec
show class-of-service code-point-aliases exp
show class-of-service forwarding-class
show class-of-service classifier [name]
show class-of-service scheduler-map
show class-of-service rewrite-rule
show class-of-service drop-profile
show class-of-service forwarding-table
(all)
show class-of-service forwarding-table classifier mapping
show class-of-service forwarding-table scheduler-map

Description

shows classification results at ingress (BE, EF, AF, NC)

SHOWS HOW TRAFFIC IS CLASSIFIED. Provides info about FC (queue) and RED and priority counters for this
show queue statistics for this interface
determines how many queues an interface supports & check the CoS queues

shows what CoS parameters are in effect for a given interface. Number of queues
i.e. which scheduler map, classifier, rewrite is applied
shows listing of cos bits to simbolic name mapings: DSCP, inet-prec, exp
shows mappings between simbolic names and dscp values (unless configured, default will apply)
shows mappings between simbolic names and IP prec values
shows mappings between simbolic names and EXP values
shows mappings of forwarding class names to queue numbers
Show contents of a specific code point to forwarding class & PLP classifier
shows mapping of forwarding classes to schedulers details
Show mapping of forwarding class/loss priority to code point. Displays rewrite table
Shows available drop profiles and interpolated data points of named drop profile
displays CoS parameters in effect within the forwarding table
displays which classifiers are mapped to what logical units
displays the scheduler map in service for each interface

Example

for this interface

show interfaces queue forwarding-class best-effort so-0/* | match
"Physical| Bytes"

COMMAND
Show commands
show interfaces filters
show firewall

show
show
show
show

firewall filter <filter-name>

firewall filter <name> prefix-action <psa-name> from 1
detail
firewall log
log <log-file-name>

clear firewall <name>

show policer
show interface policer fe-0/1/0
show log /var/tmp/<sample file>
show log sampled

Description

displays all firewall filters on all interfaces

displays counter and policer statistics for all firewall filters

displays the contents of a particular firewall filter name

displays the n policers & counters of a Prefix-Specific Counter & Policer (PSCP)
displays the contents of the kernel firewall log
displays logged entries into syslog.
Needs an action of syslog on the filter and also create a file with that
name
under system syslog.
Basically is all about redirect all logs into syslog system

resets counters associated with a firewall

displays a list of interface policers
displays details about interface policers
displays a sample file created by the otuput of traffic sampling
displays a copy of cflowd aggregates that are sent to the cflowd server
requires local-dump command on the cflowd config

Example

Filter: lo0-in
Counters:
Name
Packets
denied-traffic
61
Policers:
Name
police-icmp-icmp

Bytes
3480
Packets
132

& Policer (PSCP)

root@r3> show log filtering
requires enabling this particular file
syslog {
file filtering {
firewall info;
}

COMMAND
Show commands
show snmp statistics extensive
show snmp mib walk .1.3.6.1.2.1.4.18
show snmp mib walk ipfragfails
show interface lo0 extensive | display xml

Description

Example

shows SNMP statistics

(hidden!) shows snmwalk of an OID
shows output of xml tags. What variables are consulted for the display

COMMAND
Show commands
show
show
show
show

interface terse
route table inet6
ipv6 neighbor
interface lo0 extensive | display

Description

displays the IPv6 address configuration

displays the IPv6 routing table
shows IPv6 cache of neighbors
shows output of xml tags. What variables are consulted for the display

Example

neighbors have to be discorever (via ping i.e.)

d for the display