Overview

The CLI is the interface to the software that you use whenever you access the router—whether from the console or through a remote network connection. The CLI, which automatically starts after the router finishes booting, provides commands that you use to perform various tasks, including configuring the JunosE Software and monitoring and troubleshooting the software, network connectivity, and the router hardware.

Managing your router using the CLI gives you access to thousands of commands. The router’s CLI uses an industry de facto standard look and feel, which might be familiar to you. If you are new to this CLI, it is helpful to read this entire chapter, where you can learn about CLI shortcuts and other helpful information.

Command Modes

Command modes set a context for the CLI. Each command in the CLI is available from one or more command modes. From some command modes you can only view router information; from others you can perform configuration tasks. For example, you can access User Exec mode to display information and then access Global Configuration mode to set parameters or enable a particular feature. By recognizing the command-line prompt, you can identify where you are in the CLI at any given point. When you can easily identify where you are, it is easy to get to where you want to be.

Figure 21 illustrates the command mode architecture. Only some of the many configuration modes are shown.

Command modes are discussed in greater detail in the section Accessing Command Modes . See the JunosE Command Reference Guide to find related command modes for any command.

Figure 21: Command Mode Architecture

Command Mode Architecture

Command-Line Prompts

Within the CLI, the command-line prompt identifies both the hostname and the command mode. The hostname is the name of your router; the command mode indicates your location within the CLI system.

For example:

Keywords and Parameters

CLI commands are made up of two primary elements: keywords and parameters.

Keywords

Every command requires at least one keyword; however, a command can contain other optional keywords. The keyword(s) must be typed into the CLI accurately for it to be recognized. These are examples of keywords:

reload
run
router
map-class
map-list
clear ip isis redistribution
show vlan subinterface
qos-port-type-profile
no rtr reset
radius calling-station-delimiter

You can abbreviate keywords; however, you must enter enough initial characters to unambiguously identify the command. For example, if the keyword you want to specify is map-class and you enter only map-, an error appears. The error indicates that one or more possible keywords begin with map-, thus making your entry ambiguous.

Parameters

Parameters are often required elements of a command; however, for some commands, parameters are not required. A parameter is most often a value that you specify after the keyword. There are different types of parameters, such as strings, integers, or IP addresses.

The CLI indicates the type of parameter that you must enter. When you see a range of numbers or uppercase letters, it indicates that you must specify a value. For example:

CLI Parameter Placeholder or Range

Sample Parameter User Input

ROUTER[:VRF]
charlie:1234
INTERFACE
3/2:20/15
WORD
windtunnel
<0–4294967295>
5600
A.B.C.D
192.56.32.2

Keywords and Parameters Together

By combining keywords and parameters in the correct sequence, you can begin using the CLI to configure and monitor your router. For example, you could specify the command hostname to change the name of your router by entering a keyword and a parameter. You need to type only the portion of the keyword that makes it unambiguous, such as hostn. Here, the value of the parameter, which is the name you assign to the host, is a string of up to 64 characters.

When you enter this command, the new hostname appears in the prompt.

Another example is a command that requires you to enter a number from within a given range. The command ip http port requires that a value be entered for the portNumber parameter. The value of this parameter is a number in the range of 0–65535. For example, you could enter:

juniper(config)#ip http port 56789

Note: You can find detailed information about command syntax, with parameter values defined, in the JunosE Command Reference Guide.

Using CLI Commands

This section introduces some useful shortcuts and command-related highlights. These include:

Abbreviated Commands

Remember, you can abbreviate keywords to save time if you enter at least enough leading characters to uniquely identify the desired keyword. For example:

host1(config-if)#ip re

This abbreviation is for the command ip redirects. The string ip re is enough information for the CLI to identify the command you are using. See the section Using Help for additional information.

The ? Key

Use the ? key at any time to see all the choices you can enter next. For example:

host1(config)#router ?bgpConfigure the Border-Gateway Protocol (BGP)isisConfigure ISO IS-ISospfConfigure the Open Shortest Path First protocol (OSPF)ripConfigure the Routing Information Protocolhost1(config)#router

When you enter the ? character, all available choices are displayed. The router again displays the command you typed. You then have to type in only the choice you want and press Enter.

A <cr> in the list of choices means that you can press Enter to execute the command. For example:

host1(config-if)#isis metric 40 level-2 ? <cr>
host1(config-if)#isis metric 40 level-2

Note: If the list of options extends beyond one screen, the last line on your screen displays the --More-- prompt. If you want to use the ? character as part of a string, such as a hostname or a regular expression, you must enter the following key sequence: Ctrl+v+?. Otherwise, the CLI considers the ? to be a request for assistance in completing the command.

Backspace or Delete

Use either key to delete the character immediately preceding the cursor.

Enter

Always use this key to execute the command you entered.

Tab

Use this key to complete the current keyword. For example, if you entered a portion of a lengthy command, such as

host1(config)#class

and press Tab, the full name of the command appears:

host1(config)#classifier-list

Arrow Keys

Some terminals have arrow (or cursor) keys on their keyboards. These arrow keys are very useful; however, to use them you must have an ANSI/VT100 emulating terminal.

The Up Arrow and Down Arrow keys display command history. The Up Arrow key displays the previous command; you can also use Ctrl+p. The Down Arrow key displays the next command; you can also use Ctrl+n.

The Left Arrow and Right Arrow keys allow the user to move the cursor back and forth in the command line.

The no Version

With very few exceptions, every system configuration command has a no version, which you can use to negate a command (or a portion of it as specified by an optional keyword) or to restore its default setting. When you use a command without the keyword no, you can reenable a disabled feature or override a default setting.

You have the option of using the default keyword whenever the no keyword is also a choice; simply enter the keyword default instead of no.

In most cases, when you execute the default version of a command, it produces the exact results as the no version. There are some commands for which the default version yields a different result from the no version.

Commands for which the default behavior differs from the no behavior are clearly identified in the JunosE Command Reference Guide. Unless otherwise specified, therefore, the default command is identical to the no command and is neither documented nor discussed.

The syntax for each no command is described in the JunosE Command Reference Guide. The few system configuration commands that do not have a no version are indicated in the individual command description.

Because show commands are for the purpose of monitoring your configurations, they do not have no versions. Most User Exec and Privileged Exec mode commands do not have no versions.

The CLI can act on no versions of commands when you have entered sufficient information to distinguish the command syntactically; the CLI ignores all subsequent input on that line.

To be compatible with some non-Juniper Networks implementations, the no versions of commands will accept the same options as the affirmative version of the commands. The CLI ignores the optional input if it has no effect on the command behavior. If using the option changes the behavior of the no version, the individual command entry in this guide describes the difference in behavior.

run and do Commands

You can run Exec mode commands while in any configuration mode by preceding the command with the keyword run or do. For example:

host1(config)#run show users

Note: The run and do commands are interchangeable.

By using the run or do command in this way, you can obtain show command information without leaving configuration mode.

The only commands that cannot be preceded by run or do are the configure command and those commands that are already available in all modes, such as sleep or exit.

Example 1

host1(config)#run show config | begin interface
interface null 0
! 
interface fastEthernet 0/0
 ip address 10.6.129.41 255.255.128.0
! 
interface gigabitEthernet 5/0
! 
interface atm 6/0
interface atm 6/0.1 point-to-point
 encapsulation pppoe
! 
interface atm 6/0.1.7
! 
interface atm 6/0.1.5
! 
interface atm 6/0.1.2
! 
interface atm 6/0.1.9
! 
interface atm 6/0.1.11
! 
interface atm 6/0.1.15
! 
interface atm 6/0.1.18
!         
ip route 0.0.0.0 0.0.0.0 10.6.128.1
ip route 10.10.121.72 255.255.255.255 10.6.128.1
! 
! 
route-map adsf permit 10
router dvmrp
! 
router igmp
! 
snmp-server community private view everything rw
snmp-server contact Mary
snmp-server
! 
! End of generated configuration script.
host 1(config)#int fa 0/0

Example 2

host1(config-if)#do dir
Please wait...
                                unshared                         in 
       file            size       size         date (UTC)        use
------------------   --------   --------   -------------------   ---
reboot.hty              31040      31040   10/30/2001 15:31:10      
system.log              20481      20481   10/26/2001 17:24:16      
soft_clear_in.mac        8578       8578   10/24/2001 14:39:02      
erx_3-3-1.rel        71082105   71082105   10/25/2001 13:02:50    ! 
erx_3-3-1.rel        70502991   70502991   10/24/2001 19:58:08      
autocfg.scr               355        355   09/28/2001 13:33:04      
Capacity = 224133120, Bytes Free = 44986177, Reserved = 36700160
host1(config-if)#

show Commands

You have access to a variety of show commands that display router and protocol information. You can filter the output of a show command by specifying | (the UNIX pipe symbol), one of the following keywords, and either a case-sensitive text string or a regular expression.

For a list of regular expressions, see Regular Expressions. You can press Ctrl+c to interrupt the show command output.

Note: The system does not recognize beginning spaces of the text string. For example, if you enter include IP as the text string on which to filter, the system ignores the space and displays lines that include words such as RIP.

Example 1

In the following example, the output display starts with the first line that contains the string inter. The system omits all the preceding lines of the output from the display because none of them contains the string inter.

host1#show config include-defaults | begin inter
Please wait...log verbosity low internalNetwork
log verbosity low ipEngine
log verbosity low ipProfileMgr
log verbosity low ipProfileMgrEngineering
no log engineering
log fields timestamp instance no-calling-task
!
timing select primary
timing source primary internal
timing source secondary internal
timing source tertiary internal
!
no disable-autosync
no disable-switch-on-error
no redundancy lockout 0
!
virtual-router default
ip domain-lookup
ip name-server 10.2.0.3
ip domain-name 789df
!
host f 10.10.133.11 ftp anonymous null
interface null 0
interface ip 0/0
 arp timeout 21600
!
interface ip 2/0
 arp timeout 21600
!
interface ip s10
 arp timeout 21600
!
interface atm 2/0
 no shutdown
 atm sonet stm-1
 loopback line
 atm uni-version 3.0
 atm oam loopback-location 0xFFFFFFFF
 atm vc-per-vp 32768
 atm vp-tunnel 1 10
 load-interval 300
 no atm snmp trap link-status
 no atm shutdown
!
no atm aal5 snmp trap link-status
no atm aal5 shutdown
!
interface atm 2/0.1 point-to-point
 no shutdown
 no atm atm1483 shutdown
 no atm atm1483 snmp trap link-status
!
ip route 0.0.0.0 0.0.0.0 10.13.5.1
ip debounce-time 0
ip source-route
!
router ospf 5
 no ospf shutdown
 ip route-type both
 timers spf 3
 maximum-paths 4
 ospf auto-cost reference-bandwidth 100
 distance ospf intra-area 110
 distance ospf inter-area 112
 distance ospf external 114
! Area 0.0.0.0
!
! Trap Source: <not configured>
! Note: SNMP server not running.
!
host1#

Example 2

In the following example, the output display consists only of lines that contain the string ip. The system omits all other lines of the output from the display because none of them contains the string ip.

host1#show config include-defaults | include ip
! Configuration script generated on WED JUN 06 2001 02:17:00 UTC
 strip-domain disable
Please wait...log verbosity low ipEngine
log verbosity low ipEngineering
log verbosity low ipGeneral
log verbosity low ipInterface
log verbosity low ipNhopTrackerEngineering
log verbosity low ipNhopTrackerGeneral
log verbosity low ipProfileMgr
log verbosity low ipProfileMgrEngineering
!
bandwidth oversubscription
ip domain-lookup
ip name-server 10.2.0.3
ip domain-name 789df
interface ip 0/0
interface ip 2/0
interface ip s10
 ip address 10.13.5.61 255.255.255.0
 no ip proxy-arp
 no ip directed-broadcast
 ip redirects
ip route 0.0.0.0 0.0.0.0 10.13.5.1
ip debounce-time 0
ip source-route
no ip ftp source-address
 type echo protocol ipIcmpEcho 10.5.0.200 source fastEthernet0/0
 type pathEcho protocol ipIcmpEcho 10.2.0.3
 type echo protocol ipIcmpEcho 10.5.0.11 source-ipaddr 10.13.5.61
!
controller t1 6/0
 framing esf
 lineCoding b8zs
 clock source line
 cablelength short 0
 no remote-loopback
!
log engineering
log verbosity low
no log severity
log verbosity low NameResolverLog
log verbosity low atm
log verbosity low atm1483
log verbosity low atmAal5
log verbosity low bgpConnections
log verbosity low bgpDampening
!
host1#

Example 3

In the following example, the output display consists only of lines that do not contain the string !. The system omits all other lines of the output from the display because each line contains the string !.

host1#show config include-defaults | exclude !
boot config running-configuration
boot system 3-3-1.rel
no boot backup
no boot subsystem
no boot backup subsystem
boot revert-tolerance 3 1800
no boot force-backup
aaa domain-map jacksonville
 virtual-router miami
 strip-domain disable
aaa domain-map jak
 virtual-router default
 strip-domain disable
aaa domain-map northeast
 virtual-router default
 strip-domain disable
aaa delimiter realmName "/"
hostname host1
no aaa new-model
no service ctrl-x-reboot
no service password-encryption
no baseline show-delta-counts
clock timezone UTC 0 0
no exception dump
exception protocol ftp anonymous null
controller sonet 2/0
 sdh
 loopback network
 clock source line
 no shutdown
 path 0 overhead j1 msg hello
 path 0 overhead j1 exp-msg
ftp-server enable
no login
log engineering
log verbosity low
no log severity
log verbosity low NameResolverLog
log verbosity low aaaAtm1483Cfg
log verbosity low atm1483
log verbosity low atmAal5
log verbosity low bgpConnections
log verbosity low bgpDampening
log verbosity low bgpEng1
log verbosity low bgpEngineering
log verbosity low bgpEvents
log verbosity low bgpKeepAlives
no log engineering
log fields timestamp instance no-calling-task
timing select primary
timing source primary internal
timing source secondary internal
timing source tertiary internal
no atm aal5 snmp trap link-status
no atm aal5 shutdown
interface atm 2/0.1 point-to-point
 no shutdown
 no atm atm1483 shutdown
 no atm atm1483 snmp trap link-status
ip route 0.0.0.0 0.0.0.0 10.13.5.1
ip debounce-time 0
ip source-route

Redirection of show Command Output

You can redirect the output of show commands to network files or local files (in NVS memory) using the redirection operators described in Table 4.

Table 4: Redirect Operators

Redirect Operator

Use

>

Redirects output to the specified file, overwriting the file if it already exists, creating the file if it does not.

>>

Appends output to the end of the specified file, creating the file if it does not exist.

&>

Redirects output to the specified file, overwriting the file if it already exists, and displays the output on the screen. The redirection is synchronized with the screen display; for example, if a --More-- prompt appears, the redirection halts until you take further action.

&>>

Appends output to the end of the specified file and displays the output to the screen. The redirection is synchronized with the screen display; for example, if a --More-- prompt appears, the redirection halts until you take further action.

For example, you can redirect the output of the show config command to a script file and later run that script:

host1#show config > showconfig.scr

The following command writes the output to a text file, version.txt, on a remote router:

host1#show hardware > pc:/erxfiles/version.txt

The following command appends the output to version.txt:

host1#show hardware >> version.txt

Only one instance of a file can be open for file redirection. An error message is generated if you attempt to redirect output to a file that is already open. You cannot redirect output to a file that includes a local path in the filename.

You can use redirection with output filtering. The general syntax is:

show options [ { > | >> | &> | &>> } filename ]
[ | { begin | include | exclude } filterstring ]

The filtering is performed before redirection. In the following example, the cnfgfltr.txt file will contain the output of show config include-defaults beginning with the first occurrence of the string inter.

host1#show config include-defaults &> cnfgfltr.txt | begin inter

Regular Expressions

A regular expression uses special characters—often referred to as metacharacters—to define a pattern that is compared with an input string. You can use regular expressions to filter the output of show commands and to define AS-path access lists and community lists to more easily filter routes.

For examples of using regular expressions with AS-path access lists and community lists, see JunosE IP Services Configuration Guide.

Metacharacters

Table 5 describes the metacharacters supported for regular expression pattern-matching.

Table 5: Supported Regular Expression Metacharacters

Metacharacter

Description

^

Matches the beginning of the input string.

Alternatively, when used as the first character within brackets—[^ ]—matches any number except the ones specified within the brackets.

$

Matches the end of the input string.

.

Matches any single character, including white space.

*

Matches 0 or more sequences of the immediately previous character or pattern.

+

Matches 1 or more sequences of the immediately previous character or pattern.

?

Matches 0 or 1 sequence of the immediately previous character or pattern.

()

Specifies patterns for multiple use when followed by one of the multiplier metacharacters: asterisk *, plus sign +, or question mark ?

[ ]

Matches any enclosed character; specifies a range of single characters.

– (hyphen)

Used within brackets to specify a range of AS or community numbers.

_ (underscore)

Matches a ^, a $, a comma, a space, a {, or a }. Placed on either side of a string to specify a literal and disallow substring matching. Numerals enclosed by underscores can be preceded or followed by any of the characters listed above.

|

Matches characters on either side of the metacharacter; logical OR.

Using Metacharacters as Literal Tokens

You can remove the special meaning of a metacharacter by preceding it with a backslash (\). Such a construction denotes that the metacharacter is not treated as a metacharacter for that regular expression. It is simply a character or token with no special meaning, just as a numeral has no special meaning. The backslash applies only to the character immediately following it in the regular expression.

On the E Series router, you are likely to do this only for the parentheses characters,
( or ). BGP indicates a segment of an AS path that is of type AS-confed-set or AS-confed-seq by enclosing that segment within parentheses.

The - -More- - Prompt

When command output continues beyond the available space on your monitor screen, the system displays the --More-- prompt. If you press Enter, the system displays the next line of output. If you press the Spacebar, the system displays the next screen of output.

You can begin filtering the output from the --More-- prompt, or change a filter that is already in effect, by entering one of the following characters and a text string:

+ (plus)

Displays all output lines that contain the text string

(minus)

Displays all output lines that do not contain the text string

/ (forward slash)

Displays all output lines starting at the first line that contains the text string

Initial spaces are not ignored when you filter at the --More-- prompt.

Example 1

In the following example, the output is displayed until the screen is filled and the --More-- prompt appears. By entering the filter /interf, the user forces the system to filter out all output lines until the first occurrence of the string interf. The system displays that line and all following lines of the output.

host1#show config include-defaults
! Configuration script being generated on FRI AUG 04 2006 12:48:48 UTC
! Juniper Edge Routing Switch ERX700
! Version: 7.3.0 beta-1.6 [BuildId 5672] (July 11, 2006  11:58)
! Copyright (c) 1999-2006 Juniper Networks, Inc.  All rights reserved.
!
boot config running-configuration
boot system erx_7-3-0.rel
no boot backup
no boot subsystem
no boot backup subsystem
boot revert-tolerance 3 1800
no boot force-backup
!
aaa domain-map jacksonville
 virtual-router miami
 strip-domain disable
!
aaa domain-map jak
 virtual-router default
 strip-domain disable
!
aaa domain-map northeast
 virtual-router default
/interf
(Suppressing output until 'interf' is found, press ^C to end...)
interface null 0
interface ip 0/0
 arp timeout 21600
!
interface ip 2/0
 arp timeout 21600
!
interface ip s10
 arp timeout 21600
!
interface atm 2/0
 no shutdown
 atm sonet stm-1
 loopback line
 atm uni-version 3.0
 atm oam loopback-location 0xFFFFFFFF
 --More-- 

Example 2

In the following example, the output is displayed until the screen is filled and the --More-- prompt appears. By entering the filter +ip, the user forces the system to filter out all lines from the remainder of the output that do not contain the string ip. The system displays only lines that contain the string ip.

host1#show config include-defaults
! Configuration script being generated on FRI AUG 04 2006 12:48:48 UTC
! Juniper Edge Routing Switch ERX700
! Version: 7.3.0 beta-1.6 [BuildId 5672] (July 11, 2006  11:58)
! Copyright (c) 1999-2006 Juniper Networks, Inc.  All rights reserved.
!
boot config running-configuration
boot system erx_7-3-0.rel
boot config running-configuration
boot system 3-3.1.rel
no boot backup
no boot subsystem
no boot backup subsystem
boot revert-tolerance 3 1800
no boot force-backup
!
aaa domain-map jacksonville
 virtual-router miami
 strip-domain disable
!
aaa domain-map jak
 virtual-router default
 strip-domain disable
!
aaa domain-map northeast
 virtual-router default
--More-- 
+ip
(Displaying only lines that include 'ip', press ^C to end...)
 strip-domain disable
log verbosity low ipEngine
log verbosity low ipEngineering
log verbosity low ipGeneral
log verbosity low ipInterface
log verbosity low ipNhopTrackerEngineering
log verbosity low ipNhopTrackerGeneral
log verbosity low ipProfileMgr
log verbosity low ipProfileMgrEngineering
log verbosity low ipRoutePolicy
log verbosity low ipRoute
log verbosity low ipTraffic
log verbosity low ipTunnel
log verbosity low ripEngineering
log verbosity low ripGeneral
log verbosity low ripRoute
log verbosity low ripRtTable
bandwidth oversubscription
ip domain-lookup
ip name-server 10.2.0.3
ip domain-name 789df
ip explicit-path name xyz disable
interface ip 0/0
interface ip 2/0
 --More-- 

Example 3

In the following example, the output is displayed until the screen is filled and the --More-- prompt appears. By entering the filter -!, the user forces the system to filter out all comments from the remainder of the output; that is, output lines that contain the string !. The system displays only lines that do not contain the string !.

host1#show config include-defaults
! Configuration script being generated on FRI AUG 04 2006 12:48:48 UTC
! Juniper Edge Routing Switch ERX700
! Version: 7.3.0 beta-1.6 [BuildId 5672] (July 11, 2006  11:58)
! Copyright (c) 1999-2006 Juniper Networks, Inc.  All rights reserved.
!
boot config running-configuration
boot system erx_7-3-0.rel
boot config running-configuration
boot system 3-3.1.rel
no boot backup
no boot subsystem
no boot backup subsystem
boot revert-tolerance 3 1800
no boot force-backup
!
aaa domain-map jacksonville
 virtual-router miami
 strip-domain disable
!
aaa domain-map jak
 virtual-router default
 strip-domain disable
!
aaa domain-map northeast
 virtual-router default
--More-- 
-!
(Displaying only lines that exclude '!'. press ^C to end...)
 strip-domain disable
aaa delimiter realmName "/"
hostname host1
no aaa new-model
no service ctrl-x-reboot
no service password-encryption
no baseline show-delta-counts
clock timezone UTC 0 0
no exception dump
exception protocol ftp anonymous null
line vty 4
 exec-timeout 0 0
 exec-banner
 motd-banner
 timeout login response 30
 data-character-bits 8
 no login
log engineering
log verbosity low
no log severity
log verbosity low NameResolverLog
log verbosity low aaaAtm1483Cfg
log verbosity low aaaEngineGeneral
log verbosity low aaaServerGeneral
log verbosity low aaaUserAccess
log verbosity low addressServerGeneral
log verbosity low atm
log verbosity low atm1483
log verbosity low atmAal5
log verbosity low bgpConnections
log verbosity low bgpDampening
log verbosity low bgpEng1
--More--

Responding to Prompts

For some actions, the system prompts you for a response. The acceptable default responses are the following:

You can use the confirmations explicit command to require a more explicit response to CLI prompts.

confirmations explicit

CLI Status Indicators

The E Series software includes two types of indicators to inform you of the status of your CLI operation.

Levels of Access

The CLI has two levels of access: user and privileged.

User Level

User level allows you only to view a router’s status. This level restricts you to User Exec mode.

Privileged Level

Privileged level allows you to view a router configuration, change a configuration, and run debugging commands. You need a password to access this level. This level gives you full CLI privileges. Passwords are covered in more detail in Managing the System .

Initialization Sequence

Each line module in a router is initialized independently. As a result, the CLI on the SRP module can become available before the line modules have completed initialization. Commands relating to a line module can fail if the module has not completed initialization. The show version command can be used to display line module status. Do not enter commands for a line module until its state is online.