Overview
The CLI is the interface to the software that you use whenever you access the router—whether from the console or through a remote network connection. The CLI, which automatically starts after the router finishes booting, provides commands that you use to perform various tasks, including configuring the JUNOSe software and monitoring and troubleshooting the software, network connectivity, and the router hardware.
Managing your router using the CLI gives you access to thousands of commands. The router's CLI uses an industry de facto standard look and feel, which might be familiar to you. If you are new to this CLI, it is helpful to read this entire chapter, where you can learn about CLI shortcuts and other helpful information.
Command Modes
Command modes set a context for the CLI. Each command in the CLI is available from one or more command modes. From some command modes you can only view router information; from others you can perform configuration tasks. For example, you can access User Exec mode to display information and then access Global Configuration mode to set parameters or enable a particular feature. By recognizing the command-line prompt, you can identify where you are in the CLI at any given point. When you can easily identify where you are, it is easy to get to where you want to be.
Figure 21 illustrates the command mode architecture. Only some of the many configuration modes are shown.
Command modes are discussed in greater detail in the section Accessing Command Modes. See the JUNOSe Command Reference Guide to find related command modes for any command.
Command-Line Prompts
Within the CLI, the command-line prompt identifies both the hostname and the command mode. The hostname is the name of your router; the command mode indicates your location within the CLI system.
Keywords and Parameters
CLI commands are made up of two primary elements: keywords and parameters.
Keywords
Every command requires at least one keyword; however, a command can contain other optional keywords. The keyword(s) must be typed into the CLI accurately for it to be recognized. These are examples of keywords:
reload |
run |
router |
map-class |
map-list |
clear ip isis redistribution |
show vlan subinterface |
qos-port-type-profile |
no rtr reset |
radius calling-station-delimiter |
You can abbreviate keywords; however, you must enter enough initial characters to unambiguously identify the command. For example, if the keyword you want to specify is map-class and you enter only map-, an error appears. The error indicates that one or more possible keywords begin with map-, thus making your entry ambiguous.
Parameters
Parameters are often required elements of a command; however, for some commands, parameters are not required. A parameter is most often a value that you specify after the keyword. There are different types of parameters, such as strings, integers, or IP addresses.
The CLI indicates the type of parameter that you must enter. When you see a range of numbers or uppercase letters, it indicates that you must specify a value. For example:
ROUTER[:VRF] |
charlie:1234 |
INTERFACE |
3/2:20/15 |
WORD |
windtunnel |
<0–4294967295> |
5600 |
A.B.C.D |
192.56.32.2 |
Keywords and Parameters Together
By combining keywords and parameters in the correct sequence, you can begin using the CLI to configure and monitor your router. For example, you could specify the command hostname to change the name of your router by entering a keyword and a parameter. You need to type only the portion of the keyword that makes it unambiguous, such as hostn. Here, the value of the parameter, which is the name you assign to the host, is a string of up to 64 characters.
When you enter this command, the new hostname appears in the prompt.
Another example is a command that requires you to enter a number from within a given range. The command ip http port requires that a value be entered for the portNumber parameter. The value of this parameter is a number in the range of 0–65535. For example, you could enter:
juniper(config)#ip http port 56789
 |
NOTE: You can find detailed information about command syntax, with parameter values defined, in the JUNOSe Command Reference Guide. |
Using CLI Commands
This section introduces some useful shortcuts and command-related highlights. These include:
- Abbreviated Commands
- The ? Key
- Backspace or Delete Key
- Enter Key
- Tab Key
- Arrow Keys
- The no Version (no Commands)
- run and do Commands
- show Commands
- The --More-- Prompt
- Responding to Prompts
Abbreviated Commands
Remember, you can abbreviate keywords to save time if you enter at least enough leading characters to uniquely identify the desired keyword. For example:
host1(config-if)#ip re
This abbreviation is for the command ip redirects. The string ip re is enough information for the CLI to identify the command you are using. See the section Using Help for additional information.
The ? Key
Use the ? key at any time to see all the choices you can enter next. For example:
host1(config)#router ?
bgp Configure the Border-Gateway Protocol (BGP)
isis Configure ISO IS-IS
ospf Configure the Open Shortest Path First protocol (OSPF)
rip Configure the Routing Information Protocol
host1(config)#router
When you enter the ? character, all available choices are displayed. The router again displays the command you typed. You then have to type in only the choice you want and press Enter.
A <cr> in the list of choices means that you can press Enter to execute the command. For example:
host1(config-if)#isis metric 40 level-2 ?
<cr>
host1(config-if)#isis metric 40 level-2
Backspace or Delete
Use either key to delete the character immediately preceding the cursor.
Enter
Always use this key to execute the command you entered.
Tab
Use this key to complete the current keyword. For example, if you entered a portion of a lengthy command, such as
host1(config)#class
and press Tab, the full name of the command appears:
host1(config)#classifier-list
Arrow Keys
Some terminals have arrow (or cursor) keys on their keyboards. These arrow keys are very useful; however, to use them you must have an ANSI/VT100 emulating terminal.
The Up Arrow and Down Arrow keys display command history. The Up Arrow key displays the previous command; you can also use Ctrl+p. The Down Arrow key displays the next command; you can also use Ctrl+n.
The Left Arrow and Right Arrow keys allow the user to move the cursor back and forth in the command line.
The no Version
With very few exceptions, every system configuration command has a no version, which you can use to negate a command (or a portion of it as specified by an optional keyword) or to restore its default setting. When you use a command without the keyword no, you can reenable a disabled feature or override a default setting.
You have the option of using the default keyword whenever the no keyword is also a choice; simply enter the keyword default instead of no.
In most cases, when you execute the default version of a command, it produces the exact results as the no version. There are some commands for which the default version yields a different result from the no version.
Commands for which the default behavior differs from the no behavior are clearly identified in the JUNOSe Command Reference Guide. Unless otherwise specified, therefore, the default command is identical to the no command and is neither documented nor discussed.
The syntax for each no command is described in the JUNOSe Command Reference Guide. The few system configuration commands that do not have a no version are indicated in the individual command description.
Because show commands are for the purpose of monitoring your configurations, they do not have no versions. Most User Exec and Privileged Exec mode commands do not have no versions.
The CLI can act on no versions of commands when you have entered sufficient information to distinguish the command syntactically; the CLI ignores all subsequent input on that line.
To be compatible with some non-Juniper Networks implementations, the no versions of commands will accept the same options as the affirmative version of the commands. The CLI ignores the optional input if it has no effect on the command behavior. If using the option changes the behavior of the no version, the individual command entry in this guide describes the difference in behavior.
run and do Commands
You can run Exec mode commands while in any configuration mode by preceding the command with the keyword run or do. For example:
host1(config)#run show users
|
By using the run or do command in this way, you can obtain show command information without leaving configuration mode.
The only commands that cannot be preceded by run or do are the configure command and those commands that are already available in all modes, such as sleep or exit.
Example 1
host1(config)#run show config | begin interface
interface null 0
!
interface fastEthernet 0/0
ip address 10.6.129.41 255.255.128.0
!
interface gigabitEthernet 5/0
!
interface atm 6/0
interface atm 6/0.1 point-to-point
encapsulation pppoe
!
interface atm 6/0.1.7
!
interface atm 6/0.1.5
!
interface atm 6/0.1.2
!
interface atm 6/0.1.9
!
interface atm 6/0.1.11
!
interface atm 6/0.1.15
!
interface atm 6/0.1.18
!
ip route 0.0.0.0 0.0.0.0 10.6.128.1
ip route 10.10.121.72 255.255.255.255 10.6.128.1
!
!
route-map adsf permit 10
router dvmrp
!
router igmp
!
snmp-server community private view everything rw
snmp-server contact Mary
snmp-server
!
! End of generated configuration script.
host 1(config)#int fa 0/0
Example 2
host1(config-if)#do dir
Please wait...
unshared in
file size size date (UTC) use
------------------ -------- -------- ------------------- ---
reboot.hty 31040 31040 10/30/2001 15:31:10
system.log 20481 20481 10/26/2001 17:24:16
soft_clear_in.mac 8578 8578 10/24/2001 14:39:02
erx_3-3-1.rel 71082105 71082105 10/25/2001 13:02:50 !
erx_3-3-1.rel 70502991 70502991 10/24/2001 19:58:08
autocfg.scr 355 355 09/28/2001 13:33:04
Capacity = 224133120, Bytes Free = 44986177, Reserved = 36700160
host1(config-if)#
show Commands
You have access to a variety of show commands that display router and protocol information. You can filter the output of a show command by specifying | (the UNIX pipe symbol), one of the following keywords, and either a case-sensitive text string or a regular expression.
- begin—Displays output beginning with the first line that contains the text string or regular expression
- include—Displays output lines that contain the text string or regular expression and excludes lines that do not contain the text string or regular expression
- exclude—Displays output lines that do not contain the text string or regular expression and excludes lines that do contain the text string or regular expression
For a list of regular expressions, see Regular Expressions. You can press Ctrl+c to interrupt the show command output.
Example 1
In the following example, the output display starts with the first line that contains the string inter. The system omits all the preceding lines of the output from the display because none of them contains the string inter.
host1#show config include-defaults | begin inter
Please wait...log verbosity low internalNetwork
log verbosity low ipEngine
log verbosity low ipProfileMgr
log verbosity low ipProfileMgrEngineering
no log engineering
log fields timestamp instance no-calling-task
!
timing select primary
timing source primary internal
timing source secondary internal
timing source tertiary internal
!
no disable-autosync
no disable-switch-on-error
no redundancy lockout 0
!
virtual-router default
ip domain-lookup
ip name-server 10.2.0.3
ip domain-name 789df
!
host f 10.10.133.11 ftp anonymous null
interface null 0
interface ip 0/0
arp timeout 21600
!
interface ip 2/0
arp timeout 21600
!
interface ip s10
arp timeout 21600
!
interface atm 2/0
no shutdown
atm sonet stm-1
loopback line
atm uni-version 3.0
atm oam loopback-location 0xFFFFFFFF
atm vc-per-vp 32768
atm vp-tunnel 1 10
load-interval 300
no atm snmp trap link-status
no atm shutdown
!
no atm aal5 snmp trap link-status
no atm aal5 shutdown
!
interface atm 2/0.1 point-to-point
no shutdown
no atm atm1483 shutdown
no atm atm1483 snmp trap link-status
!
ip route 0.0.0.0 0.0.0.0 10.13.5.1
ip debounce-time 0
ip source-route
!
router ospf 5
no ospf shutdown
ip route-type both
timers spf 3
maximum-paths 4
ospf auto-cost reference-bandwidth 100
distance ospf intra-area 110
distance ospf inter-area 112
distance ospf external 114
! Area 0.0.0.0
!
! Trap Source: <not configured>
! Note: SNMP server not running.
!
host1#
Example 2
In the following example, the output display consists only of lines that contain the string ip. The system omits all other lines of the output from the display because none of them contains the string ip.
host1#show config include-defaults | include ip
! Configuration script generated on WED JUN 06 2001 02:17:00 UTC
strip-domain disable
Please wait...log verbosity low ipEngine
log verbosity low ipEngineering
log verbosity low ipGeneral
log verbosity low ipInterface
log verbosity low ipNhopTrackerEngineering
log verbosity low ipNhopTrackerGeneral
log verbosity low ipProfileMgr
log verbosity low ipProfileMgrEngineering
!
bandwidth oversubscription
ip domain-lookup
ip name-server 10.2.0.3
ip domain-name 789df
interface ip 0/0
interface ip 2/0
interface ip s10
ip address 10.13.5.61 255.255.255.0
no ip proxy-arp
no ip directed-broadcast
ip redirects
ip route 0.0.0.0 0.0.0.0 10.13.5.1
ip debounce-time 0
ip source-route
no ip ftp source-address
type echo protocol ipIcmpEcho 10.5.0.200 source fastEthernet0/0
type pathEcho protocol ipIcmpEcho 10.2.0.3
type echo protocol ipIcmpEcho 10.5.0.11 source-ipaddr 10.13.5.61
!
controller t1 6/0
framing esf
lineCoding b8zs
clock source line
cablelength short 0
no remote-loopback
!
log engineering
log verbosity low
no log severity
log verbosity low NameResolverLog
log verbosity low atm
log verbosity low atm1483
log verbosity low atmAal5
log verbosity low bgpConnections
log verbosity low bgpDampening
!
host1#
Example 3
In the following example, the output display consists only of lines that do not contain the string !. The system omits all other lines of the output from the display because each line contains the string !.
host1#show config include-defaults | exclude !
boot config running-configuration
boot system 3-3-1.rel
no boot backup
no boot subsystem
no boot backup subsystem
boot revert-tolerance 3 1800
no boot force-backup
aaa domain-map jacksonville
virtual-router miami
strip-domain disable
aaa domain-map jak
virtual-router default
strip-domain disable
aaa domain-map northeast
virtual-router default
strip-domain disable
aaa delimiter realmName "/"
hostname host1
no aaa new-model
no service ctrl-x-reboot
no service password-encryption
no baseline show-delta-counts
clock timezone UTC 0 0
no exception dump
exception protocol ftp anonymous null
controller sonet 2/0
sdh
loopback network
clock source line
no shutdown
path 0 overhead j1 msg hello
path 0 overhead j1 exp-msg
ftp-server enable
no login
log engineering
log verbosity low
no log severity
log verbosity low NameResolverLog
log verbosity low aaaAtm1483Cfg
log verbosity low atm1483
log verbosity low atmAal5
log verbosity low bgpConnections
log verbosity low bgpDampening
log verbosity low bgpEng1
log verbosity low bgpEngineering
log verbosity low bgpEvents
log verbosity low bgpKeepAlives
no log engineering
log fields timestamp instance no-calling-task
timing select primary
timing source primary internal
timing source secondary internal
timing source tertiary internal
no atm aal5 snmp trap link-status
no atm aal5 shutdown
interface atm 2/0.1 point-to-point
no shutdown
no atm atm1483 shutdown
no atm atm1483 snmp trap link-status
ip route 0.0.0.0 0.0.0.0 10.13.5.1
ip debounce-time 0
ip source-route
Redirection of show Command Output
You can redirect the output of show commands to network files or local files (in NVS memory) using the redirection operators described in Table 5
.
For example, you can redirect the output of the show config command to a script file and later run that script:
host1#show config > showconfig.scr
The following command writes the output to a text file, version.txt, on a remote router:
host1#show hardware > pc:/erxfiles/version.txt
The following command appends the output to version.txt:
host1#show hardware >> version.txt
You can use redirection with output filtering. The general syntax is:
show options [ { > | >> | &> | &>> } filename ]
[ | { begin | include | exclude } filterstring ]
The filtering is performed before redirection. In the following example, the cnfgfltr.txt file will contain the output of show config include-defaults beginning with the first occurrence of the string inter.
host1#show config include-defaults &> cnfgfltr.txt | begin inter
Regular Expressions
A regular expression uses special characters—often referred to as metacharacters—to define a pattern that is compared with an input string. You can use regular expressions to filter the output of show commands and to define AS-path access lists and community lists to more easily filter routes.
For examples of using regular expressions with AS-path access lists and community lists, see JUNOSe IP Services Configuration Guide, Chapter 1, Configuring Routing Policy.
Metacharacters
Table 6 describes the metacharacters supported for regular expression pattern-matching.
Using Metacharacters as Literal Tokens
You can remove the special meaning of a metacharacter by preceding it with a backslash (\). Such a construction denotes that the metacharacter is not treated as a metacharacter for that regular expression. It is simply a character or token with no special meaning, just as a numeral has no special meaning. The backslash applies only to the character immediately following it in the regular expression.
On the E-series router, you are likely to do this only for the parentheses characters,
( or ). BGP indicates a segment of an AS path that is of type AS-confed-set or AS-confed-seq by enclosing that segment within parentheses.
The - -More- - Prompt
When command output continues beyond the available space on your monitor screen, the system displays the --More-- prompt. If you press Enter, the system displays the next line of output. If you press the Spacebar, the system displays the next screen of output.
You can begin filtering the output from the --More-- prompt, or change a filter that is already in effect, by entering one of the following characters and a text string:
Displays all output lines that do not contain the text string |
|
Displays all output lines starting at the first line that contains the text string |
Initial spaces are not ignored when you filter at the --More-- prompt.
Example 1
In the following example, the output is displayed until the screen is filled and the --More-- prompt appears. By entering the filter /interf, the user forces the system to filter out all output lines until the first occurrence of the string interf. The system displays that line and all following lines of the output.
host1#show config include-defaults
! Configuration script being generated on FRI AUG 04 2006 12:48:48 UTC
! Juniper Edge Routing Switch ERX-700
! Version: 7.3.0 beta-1.6 [BuildId 5672] (July 11, 2006 11:58)
! Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved.
!
boot config running-configuration
boot system erx_7-3-0.rel
no boot backup
no boot subsystem
no boot backup subsystem
boot revert-tolerance 3 1800
no boot force-backup
!
aaa domain-map jacksonville
virtual-router miami
strip-domain disable
!
aaa domain-map jak
virtual-router default
strip-domain disable
!
aaa domain-map northeast
virtual-router default
/interf
(Suppressing output until 'interf' is found, press ^C to end...)
interface null 0
interface ip 0/0
arp timeout 21600
!
interface ip 2/0
arp timeout 21600
!
interface ip s10
arp timeout 21600
!
interface atm 2/0
no shutdown
atm sonet stm-1
loopback line
atm uni-version 3.0
atm oam loopback-location 0xFFFFFFFF
--More--
Example 2
In the following example, the output is displayed until the screen is filled and the --More-- prompt appears. By entering the filter +ip, the user forces the system to filter out all lines from the remainder of the output that do not contain the string ip. The system displays only lines that contain the string ip.
host1#show config include-defaults
! Configuration script being generated on FRI AUG 04 2006 12:48:48 UTC
! Juniper Edge Routing Switch ERX-700
! Version: 7.3.0 beta-1.6 [BuildId 5672] (July 11, 2006 11:58)
! Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved.
!
boot config running-configuration
boot system erx_7-3-0.rel
boot config running-configuration
boot system 3-3.1.rel
no boot backup
no boot subsystem
no boot backup subsystem
boot revert-tolerance 3 1800
no boot force-backup
!
aaa domain-map jacksonville
virtual-router miami
strip-domain disable
!
aaa domain-map jak
virtual-router default
strip-domain disable
!
aaa domain-map northeast
virtual-router default
--More--
+ip
(Displaying only lines that include 'ip', press ^C to end...)
strip-domain disable
log verbosity low ipEngine
log verbosity low ipEngineering
log verbosity low ipGeneral
log verbosity low ipInterface
log verbosity low ipNhopTrackerEngineering
log verbosity low ipNhopTrackerGeneral
log verbosity low ipProfileMgr
log verbosity low ipProfileMgrEngineering
log verbosity low ipRoutePolicy
log verbosity low ipRoute
log verbosity low ipTraffic
log verbosity low ipTunnel
log verbosity low ripEngineering
log verbosity low ripGeneral
log verbosity low ripRoute
log verbosity low ripRtTable
bandwidth oversubscription
ip domain-lookup
ip name-server 10.2.0.3
ip domain-name 789df
ip explicit-path name xyz disable
interface ip 0/0
interface ip 2/0
--More--
Example 3
In the following example, the output is displayed until the screen is filled and the --More-- prompt appears. By entering the filter -!, the user forces the system to filter out all comments from the remainder of the output; that is, output lines that contain the string !. The system displays only lines that do not contain the string !.
host1#show config include-defaults
! Configuration script being generated on FRI AUG 04 2006 12:48:48 UTC
! Juniper Edge Routing Switch ERX-700
! Version: 7.3.0 beta-1.6 [BuildId 5672] (July 11, 2006 11:58)
! Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved.
!
boot config running-configuration
boot system erx_7-3-0.rel
boot config running-configuration
boot system 3-3.1.rel
no boot backup
no boot subsystem
no boot backup subsystem
boot revert-tolerance 3 1800
no boot force-backup
!
aaa domain-map jacksonville
virtual-router miami
strip-domain disable
!
aaa domain-map jak
virtual-router default
strip-domain disable
!
aaa domain-map northeast
virtual-router default
--More--
-!
(Displaying only lines that exclude '!'. press ^C to end...)
strip-domain disable
aaa delimiter realmName "/"
hostname host1
no aaa new-model
no service ctrl-x-reboot
no service password-encryption
no baseline show-delta-counts
clock timezone UTC 0 0
no exception dump
exception protocol ftp anonymous null
line vty 4
exec-timeout 0 0
exec-banner
motd-banner
timeout login response 30
data-character-bits 8
no login
log engineering
log verbosity low
no log severity
log verbosity low NameResolverLog
log verbosity low aaaAtm1483Cfg
log verbosity low aaaEngineGeneral
log verbosity low aaaServerGeneral
log verbosity low aaaUserAccess
log verbosity low addressServerGeneral
log verbosity low atm
log verbosity low atm1483
log verbosity low atmAal5
log verbosity low bgpConnections
log verbosity low bgpDampening
log verbosity low bgpEng1
--More--
Responding to Prompts
For some actions, the system prompts you for a response. The acceptable default responses are the following:
- You can press y or Enter to agree with the prompt and continue.
- You can press any other key to disagree with the prompt and cancel the action.
You can use the confirmations explicit command to require a more explicit response to CLI prompts.
confirmations explicit
- To agree with the prompt and continue, you must type y and press Enter, type ye and press Enter, or type yes and press Enter.
- To disagree with the prompt and cancel the action, you must type n and press Enter or type no and press Enter.
- Pressing Enter alone, or entering any other characters, is not an acceptable response, and the CLI will repeat the prompt.
- Acceptable responses to a prompt are not case sensitive.
- Use the no version to restore the default state, where pressing y or Enter alone responds in the affirmative, and any other entry is accepted as a negative response.
NOTE: The system's CLI supports a powerful command-line editor, enabling you to easily correct, edit, and recall previously entered commands. For more information, see Using Command-Line Editing.
For a description of the commands that you use to get around the CLI, see Chapter 5, Managing the System.
CLI Status Indicators
The E-series software includes two types of indicators to inform you of the status of your CLI operation.
- The dot service indicator is used when your operation does not finish within 2 seconds. The service displays the Please wait message and a dot every 5 seconds until the operation is completed. The dot service is used for all CLI operations, except those that use the more descriptive progress indicator.
- The progress indicator is an animated representation of how much progress has been made on a CLI operation that does not finish within the expected completion time. This type of status indicator is supported for the file system synchronization application and the file copy application.
The progress indicator displays a series of dots that represents the time required to complete the operation. The dots are followed by the actual percentage of the total that has been completed and by an oscillating asterisk that indicates ongoing activity.
As the application progresses, the dots are replaced with asterisks, starting at the left, to represent how much of the operation is finished. The actual percentage is also adjusted accordingly. When the operation is complete, all dots are replaced by asterisks, and the message DONE replaces the numerical percentage.
The number of dots that appears and the percentage of completion represented by each dot or asterisk are based on the terminal width. For example, if the terminal is set to 80 characters, each of the 50 dots indicates 2 percent of the total time (2 percent x 50 characters = 100 percent). See Chapter 5, Managing the System for information about setting the terminal width.
The following examples show progress indicator output for a 50-character-wide display.
*****............................................. (10%) *
*********************************************..... (90%) *
************************************************** (DONE)
Levels of Access
The CLI has two levels of access: user and privileged.
User Level
User level allows you only to view a router's status. This level restricts you to User Exec mode.
Privileged Level
Privileged level allows you to view a router configuration, change a configuration, and run debugging commands. You need a password to access this level. This level gives you full CLI privileges. Passwords are covered in more detail in Chapter 9, Passwords and Security.
Initialization Sequence
Each line module in a router is initialized independently. As a result, the CLI on the SRP module can become available before the line modules have completed initialization. Commands relating to a line module can fail if the module has not completed initialization. The show version command can be used to display line module status. Do not enter commands for a line module until its state is online.