Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
The switch image is the executable code running on the device. Aviz OPBNOS can be upgraded to the device
ONIE to OPBNOS
OPBNOS to OPBNOS
The typical upgrade process for the image consists of the following steps:
Load a new firmware image and boot image onto an SFTP, HTTP, SCP, or TFTP server on your network.
Transfer the new images to the switch
Specify the new image as the one to be loaded the next time a switch reload occurs
Reload the switch
The OPBNOS solution is a set of containerized applications built and runs on top of the open-source SONiC NOS. Aviz's unique architecture reduces complexity and cost while providing a highly scalable, flexible and affordable solution to aggregate, filter and load balance network traffic from hardware or virtual TAPs. With this software-defined solution, you can instantly access all your network ports at line speed for visibility across your entire environment in high performance and a secure manner ideal for network security, analytics and compliance requirements.
Traditional NPB solutions rely on proprietary appliances to provide aggregation and filtering of network traffic captured via hardware TAPs, which comes with significant cost, complexity and high-touch maintenance.
By leveraging modern programmable ASICs, our solution enables a software-defined, stateless packet broker, known as a “Network TAP” to intercept, process and forward network traffic for visibility and security compliance. The captured network traffic data is then fed to the OPBNOS.
It provides line rate traffic forwarding using switching ASIC by configuring flow paths between two ports. Legacy FPGA aggregator appliances are also supported as an aggregator in this solution. By leveraging the OPBNOS solution, enterprises can easily scale up or down to meet the ever-changing demands of network visibility and security tools.
Explore these guides to set up and work with the Open Packet Broker.
Explore these use cases to understand the configuration in a context
Pop-VLAN is supported on flow rules which have VAN id as a qualifier
Flow rule VLAN qualifier is not supported in VLAN-Unaware mode
For VxLAN, NVIDIA supports only one source VTEP per system but supports multiple destination VTEP
For VxLAN, multiple VNI cannot be mapped to the same Destination VTEP
GTP, UDF and Generic Header Filtering configurations and rules are not supported for the NVIDIA SN2100 switch
Ingress-VLAN is not suported on EC-AS7326 and EC-AS7726 platforms
Port-Channel can not be configured as a network port
A Maximum of 4 active SSH sessions are supported
Tunnel attributes cannot be updated and will require deleting the existing tunnel and reconfiguring
Override qualifiers are not supported for the VxLAN feature
GTP rule configuration is to be done using a string (i.e. double quotes)
GTP global configuration must be enabled before configuring the GTP rule
A proper license is required before configuring a feature
Aviz OPB NOS supports 3 license types listed below
Basic
Layer 3/4 (IPv4 and IPv6) Filtering
Layer 2 (VLAN and Ethertype) Filtering
VLAN Actions (Ingress and Egress)
Redirection (Ports, Static LAG)
Broadcom (TD3, TD2X, TH)
EC5812, EC7712, EC7726, EC7816, EC7326
DELL
S5248F-ON, S5232F-ON
Nvidia (Spectrum 1,2,3)
SN2010, SN2100, SN2201, SN2700, SN3420, SN3700, SN3800, SN4600C, SN4700
Advanced - DataCenter
(Includes Basic)
VXLAN Encap and Decap*
Generic Header Filtering (MPLS, L2GRE, VXLAN, IP-n-IP)*
User-Defined Offset Filtering*
Match-Expression Filtering*
Nvidia (Spectrum 2,3)
SN3420, SN3700, SN3800, SN4600C, SN4700
support for Edgecore AS7816-64X
New Platform: Dell S5248F-ON & Dell S5232F-ON
command
Unified show running-config
Mellanox SDK Upgrade for Resolving SCTP Traffic Drop Issue
Memory leak fixes for Broadcom Platform
New Platform: EdgeCore AS7816-64X, AS7326-56X and AS7726-32X (Broadcom)
Release 2.1
Support
support
Role-Based Access Control(RBAC) for user management
Support support on the Broadcom platform
Added support for
Added support for SNMP and
New Platform: EdgeCore 7712 (Broadcom)
to User Interface (CLI)
support for BCM Platforms
link support for BCM Platforms
Note - Features like UDF and Generic header filtering are delivered for NVIDIA Spectrum-2 and Spectrum-3 devices.
Minor Changes in CLI commands as per our unique framework, the OPB-NOS CLI commands are modified. See below the table for keyword changes and commands affected. The CLI command changes do not affect any control or data plane functionality of OPBNOS.
Image upgrade to 2.1.0 from the lower version via OPB-NOS CLI, will have configuration loss related to the “old” keywords. The Suggested recommendation is to upgrade the OPBNOS using ONIE and manually re-configure the device for existing deployments.
When the OPBNOS boots UP, it prompts the user for a License key that can be requested by contacting . More information on Licensing can be found .
Verify the currently installed license:
Use the 'License' command to change the license(if required):
Hybrid Port for multiple lookups
Port and Flow Statistics Management: NTP, SSH, Timezone, SYSLOG, LLDP, TACACS+, ZTP, SNMPv1/v2 Get, Traps, ISCLI, REST API (HTTPs - selfsigned), sFlow, RADIUS
OPB Fabric Manager (FlowVision) Appliance
VxLAN Stripping
Truncation
Advanced - 5G
(Includes
Advanced DC)
GTP Parsing
Symmetric Load balancing based on Inner IP(v4/v6) header
GTP Filtering - Inner IP header, Tunnel IDs
Nvidia (Spectrum 2,3)
SN3420, SN3700, SN3800, SN4600C, SN4700
Trial (30 days)
All features (Basic, Advanced-DC, Advanced-5G)
All
This section provides information about how to install/upgrade the OPBNOS and information on the SONiC shell.
LicensingLimitationsImage ManagementSupported PlatformsScalabilityopb-nos login: admin
Password:
Linux opb-nos 5.10.0-18-2-amd64 #1 SMP Debian 5.10.140-1 (2022-09-02) x86_64
You are on
___ ____ _____ _ _ ___ ____
/ _ \| _ \| _ \| \ | |/ _ \ / ___|
| | | | |_| |_|_|_/| \| | | | |\___ \
| |_| | __/| |_| \| |\ | |_| | ___) |
\___/|_| |_____/|_| \_|\___/ |____/
Powered by AVIZ Networks
-- Software for Open Networking in the Cloud --
Version: 20230714.2.5.0
Unauthorized access and/or use are prohibited.
All access and/or use are subject to monitoring.
Help: www.aviznetworks.com
Device Serial Number : MT2040X05753
Enter the License Key: ffa08***************f6ec544pbnoscli# show license
=================================================
License Key: ffa08********************f6ec544
License Type: BASIC
=================================================
pbnoscli# pbnoscli# configure terminal
pbnoscli(config)# license
<licensekey>
pbnoscli(config)# license db9b0********************b66f12
Current user: root
pbnoscli#
//Verify the License Key
pbnoscli# show license
=================================================
License Key: db9b0********************b66f12
License Type: ADV-T
=================================================
pbnoscli# LAG-Hash algorithm changes for better load-balancing and the ability to change the seed value
ZTP enhancements
RestAPI Strengthening
TACACS, NTP, Clockzone related issues fixed
SNMP traps support for Disk Utilization
SNMP Trap control for PSU/FAN
Enhanced Traffic Counters for Port-channel, and Flow
GTP Filtering based on IP version (NVIDIA Only)
show interface counters rate
CLI added to show interface counter rate
NA
show port-channel rate <port-channelid>
CLI added to show port-channel rate
NA
show flow counters all rate
CLI added to show traffic rate through a flow
NA
show interface counters discard-details
CLI added to show interface discard counters
NA
{no} ingress-vlan <value>
Ingress-VLAN feature added to Broadcom platforms
NA
{no} transmit-only
Interface transmit-only feature added to Broadcom platforms
NA
{no} snmp-server trap fan-util disable
CLI added to support on/off feature for SNMP trap for FAN
NA
{no} snmp-server trap psu-util disable
CLI added to support on/off feature for SNMP trap for PSU
NA
{no} snmp-server trap disk-util threshold <percentage>
CLI added to support disk related SNMP traps
port-channel
show port-group information >> show port-channel information show port-group rate >> show port-channel rate port-group 1 ports <ports> >> port-channel 1 ports <ports>
from
network-ports
from <ports> >> network-ports <ports>
to
tool-ports
to <ports> >> tool-ports <ports>
tunnel alias <tun-id>
tunnel <tunl-id>
tunnel alias >> tunnel
show vxlan tunnel alias >> show vxlan tunnel
11. [Encap/Decap]
Ethernet0, Ethernet4..
Ethernet1/1, Ethernet2/1
Interface CLI mapped to Front Panel ports. Example - Interface ethernet Ethernet0 >> Interface ethernet Ethernet1/1
NA
GTP qualifier - Match all inner IP version
New qualifier added to support match all IPv4/IPv6 for inner header. Example - rule 1 permit gtp "match-all-ipv4". rule 2 permit gtp "match-all-ipv6"
show interface counters rate detailed EthernetXXX
show interface counters detailed EthernetX/X
CLI modified to provide more clarity
attach <ifname>
interface <ifname>
tunnel tun1
attach Ethernet0 >>>> interface Ethernet0
map alias
flow
show map alias >> show flow show map summary >> show flow summary show map counters >> show flow counters map alias <name> >>> flow <name>
hybrid
loopback-mode
hybrid >> loopback-mode no hybrid >> no loopback-mode
sFLOW
sFlow is a multi-vendor, packet sampling technology used to monitor network devices
platforms
NVIDIA SN2010, NVIDIA SN2100,
NVIDIA SN4700
PBNOS-440
Additional match qualifiers for IPv6 rules
PBNOS-412
All interface status(down/up) should be the same when FEC is set as none
PBNOS-354
Unable to quit CLI from telnet/ssh with exit or quit commands
PBNOS-350
CLI auto-completion not working while configuring flow interfaces
PBNOS-348
CLI: “show platform” LED status has some inconsistencies on the NVIDIA platform driver
1.SNMP multi-server support for traps
2. SNMP authFailure Trap support (generate traps on SNMP community string mis-match)
3. SNMP trap for FAN and PSU status
4. SNMP trap for CPU and memory utilization using mteTriggers
5. Licensing commands
6. Show interface counters rate
7. Show interface breakout
8. Show port-channel rate
9. GTP
PBNOS-203
Show an error message while creating multiple maps using the same from and To ports in the UI
PBNOS-123
Delete a map through CLI->modifications not reflected in UI
Added support for the below features,
a. Hostname configuration
b. SYSLOG severity
c. LLDP receive/transmit configuration
d. shutdown/no shutdown for the management interface
e. Show platform enhancements for "fan, temperature, psustatus, pcieinfo"
2. IPv6 match all support for flow rules
3. Generate hardware dump for NVIDIA devices
4. REST API support for CPU/Memory utilization and SYSLOG export
5. SNMP trap support for link up/down events and entConfigChange.
6. Enabled Symmetric hashing.
RX only support
PBNOS-5
IPv6 rules are not working intermittently with the new SDK upgrade
NA
port-group
10.
To install OPBNOS from USB Drive, Please follow the below steps:
Login using the console port and reboot the switch
Enter ONIE mode
Select 'ONIE: Uninstall OS' to clean up installed images
The Switch will reboot and boot into 'ONIE: Install OS' mode, run the below command to stop auto-discovery
Enter the following command to create a USB mount location on the system
Enter the following command to mount the USB. The vfat option is used for FAT32 formatted drives
Install the software from the USB drive, where /mnt/media specifies the path where the USB partition is mounted
List of switches along with their speeds and supported licenses:
Dell
100GbE
32xQSFP28 + 2xSFP+
Basic
maximum networks ports allowed in a flow
63
21 (for a single flow)
10 (for 2 flows)
maximum flow
63
2
maximum rule per flow allowed
4000
To install OPBNOS from ONIE, please follow the below steps:
Login using the console port and reboot the switch
Enter ONIE mode
Select 'ONIE: Uninstall OS' to clean up installed images
The Switch will reboot and boot into 'ONIE: Install OS' mode, run the below command to stop auto-discovery
Assign 'eth0' with a management-IP to copy image from remote server
If server is present on different network using below command to add a default route
Image can be installed using HTTP or SCP:
SCP -
HTTP -
start HTTP-server on image directory, on a linux server below command can be used to achieve this
On the switch console use the below command to install the image using HTTP, This will download and install the OPBNOS
400
overall maximum rule
8000
400
Maximum number of rules
768
Dell
25GbE
48xSFP28 + 2xQSFP28-DD + 4xQSFP28
Basic
Edgecore
10GbE
48x10GbE + 6x40GbE
Basic
Edgecore
25GbE
48x25GbE + 8x100GbE
Basic
Edgecore
100GbE
32x100GbE
Basic
Edgecore
100GbE
32x100GbE
Basic
Edgecore
100GbE
64x100GbE
Basic
NVIDIA
1GbE
48x1GbE + 4x100GbE
Basic
NVIDIA
25GbE
18x25GbE + 4x100GbE
Basic
NVIDIA
25GbE
48x25GbE + 12x100GbE
Basic, Adv-DC, Adv-5G
NVIDIA
100GbE
16x100GbE
Basic
NVIDIA
100GbE
32x100GbE
Basic
NVIDIA
100GbE
32x100GbE
Basic, Adv-DC, Adv-5G
NVIDIA
100GbE
64x100GbE
Basic, Adv-DC, Adv-5G
NVIDIA
100GbE
64x100GbE
Basic, Adv-DC, Adv-5G
NVIDIA
200GbE
32x200GbE
Basic, Adv-DC, Adv-5G
NVIDIA
200GbE
64x200GbE
Basic, Adv-DC, Adv-5G
NVIDIA
400GbE
32x400GbE
Basic, Adv-DC, Adv-5G
This CLI Configuration Guide is designed to provide you with instructions and guidance on configuring and managing the Open Packet Broker using the command line interface.
To explore specific topics and access more detailed information, please use the left side column as a navigation tool in the guide. By selecting a particular section from the left side column, you will be able to delve deeper into that specific topic.
You can set the hostname using the below command:
pbnoscli# configure terminal
pbnoscli(config)# hostname Switch-1
Switch-1(config)#Switch-1# show running-config
configure terminal
hostname Switch-1
!
Switch-1# ONIE:/ # onie-discovery-stop ONIE:/ # mkdir /mnt/mediaONIE:/ # mount -t vfat /mnt/media
Example - ONIE:/ # mount -t vfat /dev/sdb1 /mnt/mediaPlease refer to the following links for downloading OPBNOS and FlowVision:
OPBNOS for Edgecore Broadcom - https://support.aviznetworks.com/hc/en-us/articles/14686290310797-EdgeCore-Broadcom
OPBNOS for Nvidia - https://support.aviznetworks.com/hc/en-us/articles/14587053512973-NVIDIA
NOTE: You are required to sign-up on for getting access to the download page.
ONIE:/ # onie-nos-install /mnt/media/opbnos.binONIE:/ # onie-discovery-stop ONIE:/ # ifconfig eth0 <mgmt-ip> netmask <netmask> up
//Example - ifconfig eth0 10.4.4.72 netmask 255.255.254.0 upONIE:/ # route add default gw <gw-ip>
//Example - route add default gw 10.4.4.1 //Copy image -
ONIE:/ # scp <user>@<server-ip>:/<dir>/opb-nos.bin opbnos.bin
//Example - scp aviz@10.2.2.10:/images/opb/opb-nos.bin opbnos.bin
//Install copied image -
ONIE:/ # onie-nos-install <image-name.bin>
//Example - onie-nos-install opbnos.binaviz@10.2.2.10:/images/opb$ python3 -m http.server 8030ONIE:/ # onie-nos-install http://<IP>:<port>/<opb-nos.bin>
//Example - onie-nos-install http://10.2.2.10:8030/opb-nos-20220714.2.1.1.binParameters
ImageName - Can be obtained from "show
boot"
Mode
EXEC
Command
cleanup-images
Description
Remove all available images from the switch
Parameters
ImageName - Can be obtained from "show
boot"
Mode
EXEC
pbnoscli# remove-image <image-name>
//Example - remove-image SONiC-OS-2.1.1_RELEASE.0-dirty-20220718.065117pbnoscli#cleanup-imagesYou can reload/reboot the switch using the below command:
pbnoscli# save
save Copy Running configuration to Startup configuration
pbnoscli# save
Saving Configuration
pbnoscli# reboot
Check if running config is saved
Do you want to reboot the device [y/n]: yRADIUS is commonly used in enterprise and service provider networks to authenticate and authorize users before granting them access to network services.
In SONiC NOS, RADIUS is supported to achieve a crucial role in securing and managing network access by providing a centralized authentication, authorization, and accounting framework. SONiC switch performs a Client - network access server (NAS) role.
You can verify the configuration by using the command(s) below:
You can verify the configuration by using the command(s) below:
Command
[no] radius [auth-type <<chap|pap|mschapv2> default pap>] [nasip ] [key ] [source-ip ] [retransmit ] [timeout ]
Description
Configure RADIUS
Parameters
auth-type, nasip, key, source-ip, retransmit, timeout
Mode
CONFIG
Command
[no] radius-server host key [auth-type <chap|pap|mschapv2> default pap] [auth-port <range[1:65535] default 1812>] [priority <integer default 1>] source-intf [retransmit ] [timeout ]
Description
Configure RADIUS
Parameters
auth-type, auth-port, priority,source-interface, retransmit, timeout
Mode
CONFIG
pbnoscli(config)# radius
<cr>
auth-type Authentication type, default pap
key Add key
nasip NAS IP address
retransmit Number of retries, default 3
source-ip source ip address
timeout Transmission timeout interval <1-60>, default 5
pbnoscli(config)# radius timeout 60
pbnoscli(config)# radius source-ip 10.4.4.52
pbnoscli(config)# radius key testing123
pbnoscli(config)# endpbnoscli# show radius
RADIUS global auth_type pap
RADIUS global passkey *****
RADIUS global timeout 5
RADIUS global nasip <EMPTY_STRING> (Default)
RADIUS global source-ip 10.4.4.52
RADIUS global retransmit 3
===========================================================================================================================================
IP Auth_type Passkey Auth-port Priority source-intf retransmit Timeout
===========================================================================================================================================
10.4.4.11 pap N/A 1812 1 N/A 3 5
pbnoscli#pbnoscli# configure terminal
pbnoscli(config)# radius
host Add host
pbnoscli(config)# radius-server host
<ipaddr> A.B.C.D
<ip6addr> A:B::C:D
pbnoscli(config)# radius-server host 10.4.4.11 pbnoscli# show radius 10.4.4.11
RADIUS global auth_type pap
RADIUS global passkey *****
RADIUS global timeout 5
RADIUS global nasip <EMPTY_STRING> (Default)
RADIUS global source-ip 10.4.4.52
RADIUS global retransmit 3
===========================================================================================================================================
IP Auth_type Passkey Auth-port Priority source-intf retransmit Timeout
===========================================================================================================================================
10.4.4.11 pap N/A 1812 1 N/A 3 5
pbnoscli# FlowVision offers a user-friendly graphical interface (GUI) that allows users to configure and monitor the OPBNOS switch.
By enabling the on-box FlowVision feature on the switch, users can access the GUI through the management IP. This enables them to efficiently manage, monitor, and configure the OPBNOS using the intuitive GUI.
The GUI of FlowVision utilizes TCP port 443 & GUI will be reachable at https://<MGMT-IP>/
Users can follow the FlowVision GUI Guide to manage the device using GUI.
Enabling On-Box FlowVision will prevent the Switch from being added to a remote FlowVision Controller.
More information is available .
AAA stands for Authentication, Authorization and Accounting. These protocols were defined by the Internet Engineering Task Force and are intended to provide an Authentication, Authorization, and Accounting (AAA) framework for applications, such as network access or IP mobility in both local and roaming situations.
TACACS uses (either TCP or UDP) port 49 by default. TACACS allows a client to accept a username and password and send a query to a TACACS authentication server, sometimes called a TACACS daemon or simply TACACSD. It would determine whether to accept or deny the authentication request and send a response back. In this way, the process of making the decision is "opened up" and the algorithms and data used to make the decision are under the complete control of the TACACS daemon.
RADIUS, which stands for Remote Authentication Dial-In User Service, is a network protocol commonly used for centralized authentication, authorization, and accounting (AAA) management. Similar to TACACS, RADIUS is designed to allow clients to authenticate and request services from a centralized server, referred to as a RADIUS server or RADIUS daemon.
Configuring AAAConfiguring TACACSConfiguring RADIUSCommand
[no] flowvision enable
Description
enable/disable the flowvision tool
Parameters
NONE
Mode
CONFIG
username
Mode
CONFIG
You can verify the configuration by using the command(s) below:
Command
[no] username <user_name> password <user_password> role [network-operator/network-admin]
Description
username configuration
Parameters
pbnoscli# configure terminal
pbnoscli(config)# username
<user_name>
pbnoscli(config)# username test
password Create user password
pbnoscli(config)# username test password
<user_pwd> Enter password
pbnoscli(config)# username test password pass@123 role
network-admin Admin
network-operator Operator
pbnoscli(config)# username test password pass@123 role network-admin
pbnoscli#
pbnoscli(config)# no username test
pbnoscli(config)#pbnoscli# configure terminal
pbnoscli(config)# flowvision
enable enable/disable the flowvision tool
pbnoscli(config)# flowvision enable
pbnoscli(config)# pbnoscli# show users
==================================
Users Role
==================================
root network-admin
test network-admin
*admin network-admin
pbnoscli#pbnoscli# show running-config
configure terminal
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
username test role network-admin
!
pbnoscli# The Management Interface is an external port (non-ASIC) on the switch that allows you to perform switch management tasks. It is a layer 3 interface and it cannot be configured as a layer 2 interface. The management interface cannot forward traffic.
To configure the management interface, use the following command:
pbnoscli# configure terminal
pbnoscli(config)# interface mgmt
pbnoscli(config-if)# ip address <ip/mask> gateway <ip>
pbnoscli(config-if)# When you run the aforementioned command, the system enters the Interface Configuration Mode for the management port. By default, the management interface is created by the switch and it cannot be removed.
Example
pbnoscli# configure terminal
pbnoscli(config)# interface mgmt
pbnoscli(config-if)# ip address 10.4.4.53/23 gateway 10.4.4.1
pbnoscli(config-if)# You can verify the configuration by using the command(s) below:
pbnoscli# show ip management
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.4.4.53 netmask 255.255.254.0 broadcast 10.4.5.255
inet6 fe80::1e34:daff:fe62:28f4 prefixlen 64 scopeid 0x20<link>
ether 1c:34:da:62:28:f4 txqueuelen 1000 (Ethernet)
RX packets 11605 bytes 792951 (774.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2309 bytes 1076201 (1.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xdfc00000-dfc1ffff
pbnoscli# pbnoscli# show running-config
configure terminal
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli#Timestamping packets is crucial in networking, Accurately recording time references for packets as they travel through the network. This technology aids in performance monitoring, latency analysis, network troubleshooting, and system synchronization. Precise timestamps help pinpoint delays, identify network bottlenecks, optimize routing, and ensure adherence to service-level agreements.
Timestamps are also crucial for coordinating distributed systems by maintaining a consistent time reference across geographically dispersed components. To do this, Specialized hardware or software captures and records these timestamps. Protocols like Precision Time Protocol (PTP) or Network Time Protocol (NTP), facilitate high-precision synchronization.
Timestamping feature is needed for below major use-cases:
Detecting the congestion point on the path of a flow
Path Tracing
Real-time performance monitoring
Arrival sequence validation
This feature is only supported on Broadcom TD3 platforms, specifically EC7326, and EC7726.
You can configure the Timestamping glo using the following command:
To Configure Timestamping per interface, use the below command:
Link Layer Discovery Protocol (LLDP) is an IEEE 802.1AB-2009 that defines messages, encapsulated in Ethernet frames for the purpose of giving devices a means of announcing basic device information to other devices on the LAN (Local Area Network) through periodic retransmissions out each port every 30 seconds by default.
This implementation of LLDP is compatible with the IEEE 802.1AB-2005 standard. LLDP uses Layer 2 (the data link layer), and allows network management applications to extend their awareness of the network by discovering devices that are direct neighbors of already known devices.
With LLDP, the switch can advertise the presence of its ports, their major capabilities, and their current status to adjacent LLDP neighbours. LLDP transmissions occur on ports at regular intervals or whenever there is a relevant change to their status. The switch can also receive LLDP information advertised from adjacent LLDP-capable network devices.
The following topics provide more information on configuring LLDP:
Enabling LLDPDisplaying LLDP NeighborsCommand
[no] timestamping [enable ]
Description
OPB Packet Timestamping
Parameters
enable or disable
Mode
CONFIG
Command
[no] timestamp {enable} stage {ingress | egress} source-id <23-bit value>
Description
Timestamp configuration
Parameters
enable/disable, stage, source-id
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# timestamping
enable enable/disable the OPB Packet Timestamping
pbnoscli(config)# timestamping enable
pbnoscli(config)#
#Disable#
pbnoscli# configure terminal
pbnoscli(config)# timestamping
enable enable/disable the OPB Packet Timestamping
pbnoscli(config)#no timestamping enable
pbnoscli(config)#pbnoscli# show running-config
configure terminal
!
timestamping enable
!
!
pbnoscli#pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet1/1
pbnoscli(config-if)# timestamp
enable Enable timestamp
pbnoscli(config-if)# timestamp enable
pbnoscli(config-if)# timestamp enable stage
egress Egress
ingress Ingress
pbnoscli(config-if)# timestamp enable stage egress
source-id Specify source id
pbnoscli(config-if)# timestamp enable stage egress source-id 0x8233
pbnoscli(config-if)#end
pbnoscli#
#Disable#
pbnoscli(config-if)# no timestamp enable stage egress source-id 0x8233pbnoscli# show running-config
configure terminal
interface ethernet Ethernet1/1
mtu 9100
speed 25000
timestamp enable stage egress source-id 0x8233
!
timestamping enable
!
!
pbnoscli#Physical Interfaces are switch front panel ethernet ports which are ASIC ports. The physical ports are created by default and cannot be deleted.
To change or update the physical port configuration, use the following command:
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet0
pbnoscli(config-if)#
! Exit from the current prompt
autoneg Auto-Negotiation
description Add description
egress-tagging Add egress tagging
end Exit to exec prompt
exit Exit from the current prompt
forward-error-correction Interface FEC configuration
ingress-vlan Add ingress vlan (range 500...4094)
lldp LLDP configuration
loopback-mode Activate loopback mode
mode Interface vlan awareness
mtu Interface MTU configuration
no no form
sflow Sflow configuration
show Show commands
shutdown Disable interface
speed Interface speed configuration
top Exit to the configuration prompt
truncate Truncate the packet
type Add type
pbnoscli(config-if)# When you run the aforementioned command, the system enters the Interface Configuration mode for the specified physical port.
To change the physical port Admin status, use the following command:
You can verify the configuration by using the command(s) below:
When using fail-through, if the primary TACACS server fails to respond within a specified timeout period, the authentication request is automatically forwarded to the next authentication method configured, such as a local database or a different authentication server.
If we disable fail-through, the system fails to authenticate with a reachable TACACS+ server the system does not attempt to authenticate with the next TACACS+ server.
The fallback is mainly intended to provide an alternative way to authenticate users when there’s an issue with the primary authentication server or method, not to give users multiple attempts to authenticate with different methods.
Fallback operates at the AAA (Authentication, Authorization, and Accounting) level, allowing the network device or system to switch to the secondary TACACS server when the primary server is not available.
In summary, failthrough refers to the process of falling back to an alternative authentication method if the primary TACACS server fails to respond, while fallback involves switching to a backup TACACS server when the primary server is unavailable for AAA services.
You can configure the Authentication, Authorization and Accounting (AAA) using the following command:
You can verify the configuration by using the command(s) below:
Parameters
None
Mode
EXEC
Command
show lldp neighbors detail
Description
Display LLDP neighbors in detail
Parameters
None
Mode
EXEC
Parameters
string - 50 characters maximum
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet4/1
pbnoscli(config-if)# descript
description Add description
pbnoscli(config-if)# description "interface description"Command
[no] shutdown
Description
Administratively enable or disable interface
Parameters
None
Mode
INTERFACE
pbnoscli# show queue counters Ethernet2/1
PORT TxQ Counter/pkts Counter/bytes Drop/pkts Drop/bytes
------------ ----- -------------- --------------- ----------- ------------
Ethernet2/1 UC0 0 0 0 N/A
Ethernet2/1 UC1 0 0 0 N/A
Ethernet2/1 UC2 0 0 0 N/A
Ethernet2/1 UC3 0 0 0 N/A
Ethernet2/1 UC4 0 0 0 N/A
Ethernet2/1 UC5 0 0 0 N/A
Ethernet2/1 UC6 0 0 0 N/A
Ethernet2/1 UC7 1348 325748 0 N/A
Ethernet2/1 MC8 N/A N/A N/A N/A
Ethernet2/1 MC9 N/A N/A N/A N/A
Ethernet2/1 MC10 N/A N/A N/A N/A
Ethernet2/1 MC11 N/A N/A N/A N/A
Ethernet2/1 MC12 N/A N/A N/A N/A
Ethernet2/1 MC13 N/A N/A N/A N/A
Ethernet2/1 MC14 N/A N/A N/A N/A
Ethernet2/1 MC15 N/A N/A N/A N/A
pbnoscli# Command
[no] aaa authentication (failthrough disable | fallback disable |login tacacs)
Description
AAA configuration
Parameters
None
Mode
CONFIG
Parameters
disabled Disable LLDP
rx-and-tx Enable Rx and Tx
rx-only Enable Rx-Only
tx-only Enable Tx-Only
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet1/1
pbnoscli(config-if)# lldp
disabled Disable LLDP
rx-and-tx Enable Rx and Tx
rx-only Enable Rx-Only
tx-only Enable Tx-Only
pbnoscli(config-if)# lldp rx-and-tx
pbnoscli(config-if)# pbnoscli# show lldp neighbors
Capability codes: (R) Router, (B) Bridge, (O) Other
LocalPort RemoteDevice RemotePortID Capability RemotePortDescr
----------- -------------- -------------- ------------ -----------------
Ethernet1/1 sonic etp1 BR Ethernet0
Ethernet2/1 sonic etp2 BR Ethernet4
Ethernet3/1 sonic etp3 BR Ethernet8
Ethernet13/1 sonic hundredGigE13 BR Ethernet48
Ethernet14/1 sonic hundredGigE14 BR Ethernet52
Ethernet15/1 sonic hundredGigE15 BR Ethernet56
eth0 HP2848 12 B 12
--------------------------------------------------
Total entries displayed: 7
pbnoscli# pbnoscli# show lldp neighbors detail
-------------------------------------------------------------------------------
LLDP neighbors:
-------------------------------------------------------------------------------
Interface: eth0, via: LLDP, RID: 1, Time: 0 day, 10:12:31
Chassis:
ChassisID: mac 00:0e:7f:01:2f:00
SysName: HP2848
SysDescr: ProCurve J4904A Switch 2848, revision I.10.105, ROM I.08.07 (/sw/code/build/mako)
Capability: Bridge, on
Capability: Router, off
Port:
PortID: local 12
PortDescr: 12
TTL: 120
-------------------------------------------------------------------------------
<...>
-------------------------------------------------------------------------------
Interface: Ethernet15/1, via: LLDP, RID: 3, Time: 0 day, 10:12:20
Chassis:
ChassisID: mac 80:a2:35:57:49:a7
SysName: sonic
SysDescr: SONiC Software Version: SONiC.master.0-dirty-20230123.005620 - HwSku: Accton-AS7712-32X - Distribution: Debian 10.13 - Kernel: 4.19.0-12-2-amd64
MgmtIP: 10.4.4.56
Capability: Bridge, on
Capability: Router, on
Capability: Wlan, off
Capability: Station, off
Port:
PortID: local hundredGigE15
PortDescr: Ethernet56
TTL: 120
-------------------------------------------------------------------------------
pbnoscli# pbnoscli# show lldp neighbors detail interface Ethernet2/1
-------------------------------------------------------------------------------
LLDP neighbors:
-------------------------------------------------------------------------------
Interface: Ethernet2/1, via: LLDP, RID: 2, Time: 0 day, 10:13:33
Chassis:
ChassisID: mac 04:3f:72:da:74:ee
SysName: sonic
SysDescr: SONiC Software Version: SONiC.master.0-8202018d - HwSku: ACS-MSN3700C - Distribution: Debian 11.6 - Kernel: 5.10.0-8-2-amd64
MgmtIP: 10.4.4.52
Capability: Bridge, on
Capability: Router, on
Capability: Wlan, off
Capability: Station, off
Port:
PortID: local etp2
PortDescr: Ethernet4
TTL: 120
-------------------------------------------------------------------------------
pbnoscli# pbnoscli# show interface npb Ethernet4/1
===================================
Interface : Ethernet4/1
===================================
Description : interface description
Mode : vlan-aware
Ingress-vlan : 6
Egress-tagging : disable
Truncate : 64
pbnoscli#pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet4/1
description interface description
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli#pbnoscli# show interface status
================================================================================================
Port Name Oper Admin Vlan Speed MTU AutoNeg
================================================================================================
Ethernet1/1 etp1 up up trunk 100000 9100 N/A
Ethernet2/1 etp2 up up trunk 100000 9100 N/A
Ethernet3/1 etp3 up up trunk 100000 9100 N/A
Ethernet4/1 etp4 down up trunk 100000 9100 N/A
Ethernet5/1 etp5 down up trunk 100000 9100 N/A
Ethernet6/1 etp6 down up trunk 100000 9100 N/A
Ethernet7/1 etp7 down up trunk 100000 9100 N/A
Ethernet8/1 etp8 down up trunk 100000 9100 N/A
Ethernet9/1 etp9 down up trunk 100000 9100 N/A
Ethernet10/1 etp10 down up trunk 100000 9100 N/A
Ethernet11/1 etp11 down up trunk 100000 9100 N/A
Ethernet12/1 etp12 down up trunk 100000 9100 N/A
Ethernet13/1 etp13 up up trunk 100000 9100 N/A
Ethernet14/1 etp14 up up trunk 100000 9100 N/A
<...>
Ethernet61/1 etp61 down up trunk 100000 9100 N/A
Ethernet62/1 etp62 down up trunk 100000 9100 N/A
Ethernet63/1 etp63 up up routed 100000 9100 N/A
Ethernet64/1 etp64 up up routed 100000 9100 N/A
pbnoscli# pbnoscli# show interface summary
============================================================================================================================
Interface Lanes Speed MTU FEC Alias Vlan Oper Admin Type Asym PFC
============================================================================================================================
Ethernet1/1 0,1,2,3 100G 9100 none etp1 trunk up up QSFP28 or later N/A
Ethernet2/1 8,9,10,11 100G 9100 none etp2 trunk up up QSFP28 or later N/A
Ethernet3/1 16,17,18,19 100G 9100 none etp3 trunk up up QSFP28 or later N/A
Ethernet4/1 24,25,26,27 100G 9100 none etp4 trunk down up N/A N/A
Ethernet5/1 32,33,34,35 100G 9100 none etp5 trunk down up QSFP28 or later N/A
Ethernet6/1 40,41,42,43 100G 9100 none etp6 trunk down up QSFP28 or later N/A
Ethernet7/1 48,49,50,51 100G 9100 none etp7 trunk down up QSFP28 or later N/A
Ethernet8/1 56,57,58,59 100G 9100 none etp8 trunk down up N/A N/A
Ethernet9/1 64,65,66,67 100G 9100 none etp9 trunk down up N/A N/A
Ethernet10/1 72,73,74,75 100G 9100 none etp10 trunk down up N/A N/A
Ethernet11/1 80,81,82,83 100G 9100 none etp11 trunk down up N/A N/A
Ethernet12/1 88,89,90,91 100G 9100 none etp12 trunk down up N/A N/A
Ethernet13/1 96,97,98,99 100G 9100 none etp13 trunk up up QSFP28 or later N/A
Ethernet14/1 104,105,106,107 100G 9100 none etp14 trunk up up QSFP28 or later N/A
<...>
Ethernet60/1 472,473,474,475 100G 9100 none etp60 trunk down up N/A N/A
Ethernet61/1 480,481,482,483 100G 9100 none etp61 trunk down up N/A N/A
Ethernet62/1 488,489,490,491 100G 9100 none etp62 trunk down up N/A N/A
Ethernet63/1 496,497,498,499 100G 9100 rs etp63 routed up up QSFP28 or later N/A
Ethernet64/1 504,505,506,507 100G 9100 rs etp64 routed up up QSFP28 or later N/A
pbnoscli# pbnoscli# show queue counters
PORT TxQ Counter/pkts Counter/bytes Drop/pkts Drop/bytes
------------ ----- -------------- --------------- ----------- ------------
Ethernet1/1 UC0 0 0 0 N/A
Ethernet1/1 UC1 0 0 0 N/A
Ethernet1/1 UC2 0 0 0 N/A
Ethernet1/1 UC3 0 0 0 N/A
Ethernet1/1 UC4 0 0 0 N/A
Ethernet1/1 UC5 0 0 0 N/A
Ethernet1/1 UC6 0 0 0 N/A
Ethernet1/1 UC7 1344 324624 0 N/A
Ethernet1/1 MC8 N/A N/A N/A N/A
Ethernet1/1 MC9 N/A N/A N/A N/A
Ethernet1/1 MC10 N/A N/A N/A N/A
Ethernet1/1 MC11 N/A N/A N/A N/A
Ethernet1/1 MC12 N/A N/A N/A N/A
Ethernet1/1 MC13 N/A N/A N/A N/A
Ethernet1/1 MC14 N/A N/A N/A N/A
Ethernet1/1 MC15 N/A N/A N/A N/A
<...>
PORT TxQ Counter/pkts Counter/bytes Drop/pkts Drop/bytes
------------ ----- -------------- --------------- ----------- ------------
Ethernet64/1 UC0 200000 14800000 0 N/A
Ethernet64/1 UC1 0 0 0 N/A
Ethernet64/1 UC2 0 0 0 N/A
Ethernet64/1 UC3 0 0 0 N/A
Ethernet64/1 UC4 0 0 0 N/A
Ethernet64/1 UC5 0 0 0 N/A
Ethernet64/1 UC6 0 0 0 N/A
Ethernet64/1 UC7 1223 313620 0 N/A
Ethernet64/1 MC8 N/A N/A N/A N/A
Ethernet64/1 MC9 N/A N/A N/A N/A
Ethernet64/1 MC10 N/A N/A N/A N/A
Ethernet64/1 MC11 N/A N/A N/A N/A
Ethernet64/1 MC12 N/A N/A N/A N/A
Ethernet64/1 MC13 N/A N/A N/A N/A
Ethernet64/1 MC14 N/A N/A N/A N/A
Ethernet64/1 MC15 N/A N/A N/A N/A pbnoscli# configure terminal
pbnoscli(config)# aaa authentication
failthrough Configure failthrough, default : enable
fallback Configure fallback, default : enable
login Configure login, default : local
pbnoscli(config)# aaa authentication failthrough disable
pbnoscli(config)# aaa authentication fallback disable
pbnoscli(config)# aaa authentication login tacacs
pbnoscli(config)#pbnoscli# show aaa authentication
================================
Type Value
================================
Failthrough Disabled
Fallback Disabled
login tacacs
pbnoscli#pbnoscli# show running-config
configure terminal
aaa authentication failthrough disable
aaa authentication fallback disable
aaa authentication login tacacs+
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli# pbnoscli# sh running-config
configure terminal
interface ethernet Ethernet1/1
lldp rx-and-tx
!
interface ethernet Ethernet2/1
lldp rx-only
!
interface ethernet Ethernet3/1
lldp disabled
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli# Maximum transmission unit (MTU) defines the largest size of the packet that can be transmitted as a single entity through the port. The size of the MTU dictates the amount of data that can be transmitted in bytes over a network.
Command
mtu <mtu val>
Description
Example
You can verify the configuration by using the command(s) below:
Autonegotiation is a signalling mechanism in which two devices connected over Ethernet can choose common transmission parameters such as speed, duplex, mode and flow control.
In this process, the connected device first shares its capabilities regarding these parameters and then chooses the highest performance mode that both support.
Command
[no] autoneg disable
You can verify the configuration by using the command(s) below:
You can configure the interface type based on the connection point. Here, “network” corresponds to the network (TAPs) and “tool” corresponds to analytics tools.
Command
type (network | tool)
no type
Description
Type Configuration
You can verify the configuration by using the command(s) below:
VLAN modes in OPB provide administrators to match flow based on the VLAN tag in the packet and redirect to the tool ports
OPB supports two VLAN modes;
VLAN-aware mode will match traffic based on both configured ingress-VLAN and VLAN configured in flow rules
VLAN-unaware mode will allow all VLAN traffic and does not follow the ingress-VLAN configuration
This feature is only supported on the NVIDIA platforms and is applicable only for network ports.
You can verify the configuration by using the command(s) below:
Configure MTU in bytes
Parameters
Mtu value (MAX: 9100)
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet1/1
pbnoscli(config-if)# mtu
<mtuval> Mtu value (1..9100)
pbnoscli(config-if)# mtu 1600
pbnoscli(config-if)# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
mtu 1600
forward-error-correction rs
!
interface ethernet Ethernet4/1
description interface description
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# Description
Enable/disable auto negotiation
Parameters
None
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet1/1
pbnoscli(config-if)# autoneg
disable Disable Auto-Negotiation
pbnoscli(config-if)# autoneg disable
pbnoscli(config-if)#
//to enable again
pbnoscli(config-if)# no autoneg disable
pbnoscli(config-if)# Parameters
None
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet1/1
pbnoscli(config-if)# type
network Network
tool Tool
pbnoscli(config-if)#type networkCommand
mode vlan-aware
mode vlan-unaware
Description
vlan-aware: used for matching packets based on VLAN id
Parameters
None
Mode
INTERFACE
pbnoscli# show interface summary
============================================================================================================================
Interface Lanes Speed MTU FEC Alias Vlan Oper Admin Type Asym PFC
============================================================================================================================
Ethernet1/1 0,1,2,3 100G 1500 rs etp1 trunk up up QSFP28 or later N/A
Ethernet2/1 8,9,10,11 100G 9100 none etp2 trunk up up QSFP28 or later N/A
Ethernet3/1 16,17,18,19 100G 9100 none etp3 trunk up up QSFP28 or later N/A
Ethernet4/1 24,25,26,27 100G 9100 none etp4 trunk down up N/A N/A
Ethernet5/1 32,33,34,35 100G 9100 none etp5 trunk down up QSFP28 or later N/A
Ethernet6/1 40,41,42,43 100G 9100 none etp6 trunk down up QSFP28 or later N/A
Ethernet7/1 48,49,50,51 100G 9100 none etp7 trunk down up QSFP28 or later N/A
Ethernet8/1 56,57,58,59 100G 9100 none etp8 trunk down up N/A N/A
Ethernet9/1 64,65,66,67 100G 9100 none etp9 trunk down up N/A N/A
Ethernet10/1 72,73,74,75 100G 9100 none etp10 trunk down up N/A N/A
Ethernet11/1 80,81,82,83 100G 9100 none etp11 trunk down up N/A N/A
Ethernet12/1 88,89,90,91 100G 9100 none etp12 trunk down up N/A N/A
Ethernet13/1 96,97,98,99 100G 9100 none etp13 trunk up up QSFP28 or later N/A
Ethernet14/1 104,105,106,107 100G 9100 none etp14 trunk up up QSFP28 or later N/A
<...>
Ethernet60/1 472,473,474,475 100G 9100 none etp60 trunk down up N/A N/A
Ethernet61/1 480,481,482,483 100G 9100 none etp61 trunk down up N/A N/A
Ethernet62/1 488,489,490,491 100G 9100 none etp62 trunk down up N/A N/A
Ethernet63/1 496,497,498,499 100G 9100 rs etp63 routed up up QSFP28 or later N/A
Ethernet64/1 504,505,506,507 100G 9100 rs etp64 routed up up QSFP28 or later N/A
pbnoscli#pbnoscli# show interface status
================================================================================================
Port Name Oper Admin Vlan Speed MTU AutoNeg
================================================================================================
Ethernet1/1 etp1 up up trunk 100000 9100 off
Ethernet2/1 etp2 up up trunk 100000 9100 N/A
Ethernet3/1 etp3 up up trunk 100000 9100 N/A
Ethernet4/1 etp4 down up trunk 100000 9100 N/A
Ethernet5/1 etp5 down up trunk 100000 9100 N/A
Ethernet6/1 etp6 down up trunk 100000 9100 N/A
Ethernet7/1 etp7 down up trunk 100000 9100 N/A
Ethernet8/1 etp8 down up trunk 100000 9100 N/A
Ethernet9/1 etp9 down up trunk 100000 9100 N/A
Ethernet10/1 etp10 down up trunk 100000 9100 N/A
Ethernet11/1 etp11 down up trunk 100000 9100 N/A
Ethernet12/1 etp12 down up trunk 100000 9100 N/A
Ethernet13/1 etp13 up up trunk 100000 9100 N/A
Ethernet14/1 etp14 up up trunk 100000 9100 N/A
<...>
Ethernet60/1 etp60 down up trunk 100000 9100 N/A
Ethernet61/1 etp61 down up trunk 100000 9100 N/A
Ethernet62/1 etp62 down up trunk 100000 9100 N/A
Ethernet63/1 etp63 up up routed 100000 9100 N/A
Ethernet64/1 etp64 up up routed 100000 9100 N/A
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
autoneg disable
!
interface ethernet Ethernet4
description interface description
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# pbnoscli# show interface npb Ethernet1/1
===================================
Interface : Ethernet1/1
===================================
Type : network
Mode : vlan-aware
Ingress-vlan : 2
Egress-tagging : disable
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
mtu 1600
forward-error-correction rs
type network
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli#pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet16/1
pbnoscli(config-if)# mode vlan-
vlan-aware dot1_q mode
vlan-unaware q_inq mode
pbnoscli(config-if)# mode vlan-aware
pbnoscli(config-if)# pbnoscli# show interface npb Ethernet16/1
===================================
Interface : Ethernet16/1
===================================
Mode : vlan-aware
Ingress-vlan : 18
Egress-tagging : disable
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet16/1
mode vlan-aware
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# Forward error correction (FEC) is an error correction technique to detect and correct a limited number of errors in transmitted data without the need for retransmission.
In this method, the sender sends a redundant error-correcting code along with the data frame. The receiver performs necessary checks based on the additional redundant bits. If it finds that the data is free from errors, it executes the error-correcting code that generates the actual frame. It then removes the redundant bits before passing the message to the upper layers.
Command
Example
You can verify the configuration by using the command(s) below:
Loopback-mode means that a physical port can become network-port (ingress) and tool-port(egress) to which flow rules can be applied. A loopback-mode port is operated in loopback mode and avoids customers connecting a physical cable to make it operate in Loopback mode.
As soon as a port is configured as a loopback-mode port, it is internally changed to a loopback mode state. This means that the link is UP with or without cables being inserted. Traffic flows out of a loopback-mode port (Tx direction) and loops back to it (Rx direction).
loopback-mode ports can provide the following flexibility:
Support for multiple lookups on the same packet. For example, decapsulate the tunnel and look up based on the inner header.
Multiple egress actions on the same traffic. For example (shown here) send to tool as-is and add VLAN tag.
The following command is used to configure the interface to work as both network-port and tool-port. When enabled on an interface, it acts like a mac loopback which loops back the egress packets back to the device on the same port.
You can verify the configuration by using the command(s) below:
forward-error-correction {rs | fs | none}
Description
Configure forward error correction method
Parameters
None
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet1/1
pbnoscli(config-if)# forward-error-correction
fs Firecode Forward Error Correction
none None
rs Reed Solomon Forward Error Correction
pbnoscli(config-if)# forward-error-correction rsParameters
1000 1G
10000 10G
25000 25G
40000 40G
100000 100G
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet4/1
pbnoscli(config-if)# speed
1000 1G
10000 10G
100000 100G
25000 25G
40000 40G
pbnoscli(config-if)# speed 1000
pbnoscli(config-if)# pbnoscli# show interface summary
============================================================================================================================
Interface Lanes Speed MTU FEC Alias Vlan Oper Admin Type Asym PFC
============================================================================================================================
Ethernet1/1 0,1,2,3 100G 9100 rs etp1 trunk up up QSFP28 or later N/A
Ethernet2/1 8,9,10,11 100G 9100 none etp2 trunk up up QSFP28 or later N/A
Ethernet3/1 16,17,18,19 100G 9100 none etp3 trunk up up QSFP28 or later N/A
Ethernet4/1 24,25,26,27 100G 9100 rs etp4 trunk down up N/A N/A
Ethernet5/1 32,33,34,35 100G 9100 none etp5 trunk down up QSFP28 or later N/A
Ethernet6/1 40,41,42,43 100G 9100 none etp6 trunk down up QSFP28 or later N/A
Ethernet7/1 48,49,50,51 100G 9100 none etp7 trunk down up QSFP28 or later N/A
Ethernet8/1 56,57,58,59 100G 9100 none etp8 trunk down up N/A N/A
Ethernet9/1 64,65,66,67 100G 9100 none etp9 trunk down up N/A N/A
Ethernet10/1 72,73,74,75 100G 9100 none etp10 trunk down up N/A N/A
Ethernet11/1 80,81,82,83 100G 9100 none etp11 trunk down up N/A N/A
Ethernet12/1 88,89,90,91 100G 9100 none etp12 trunk down up N/A N/A
Ethernet13/1 96,97,98,99 100G 9100 none etp13 trunk up up QSFP28 or later N/A
Ethernet14/1 104,105,106,107 100G 9100 none etp14 trunk up up QSFP28 or later N/A
<...>
Ethernet60/1 472,473,474,475 100G 9100 none etp60 trunk down up N/A N/A
Ethernet61/1 480,481,482,483 100G 9100 none etp61 trunk down up N/A N/A
Ethernet62/1 488,489,490,491 100G 9100 none etp62 trunk down up N/A N/A
Ethernet63/1 496,497,498,499 100G 9100 rs etp63 routed up up QSFP28 or later N/A
Ethernet64/1 504,505,506,507 100G 9100 rs etp64 routed up up QSFP28 or later N/A
pbnoscli#pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
forward-error-correction rs
!
interface ethernet Ethernet4/1
forward-error-correction fs
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# pbnoscli# show interface summary
============================================================================================================================
Interface Lanes Speed MTU FEC Alias Vlan Oper Admin Type Asym PFC
============================================================================================================================
Ethernet1/1 0,1,2,3 100G 1500 rs etp1 trunk up up QSFP28 or later N/A
Ethernet2/1 8,9,10,11 100G 9100 none etp2 trunk up up QSFP28 or later N/A
Ethernet3/1 16,17,18,19 100G 9100 none etp3 trunk up up QSFP28 or later N/A
Ethernet4/1 24,25,26,27 1G 9100 fs etp4 trunk down up N/A N/A
Ethernet5/1 32,33,34,35 100G 9100 none etp5 trunk down up QSFP28 or later N/A
Ethernet6/1 40,41,42,43 100G 9100 none etp6 trunk down up QSFP28 or later N/A
Ethernet7/1 48,49,50,51 100G 9100 none etp7 trunk down up QSFP28 or later N/A
Ethernet8/1 56,57,58,59 100G 9100 none etp8 trunk down up N/A N/A
Ethernet9/1 64,65,66,67 100G 9100 none etp9 trunk down up N/A N/A
Ethernet10/1 72,73,74,75 100G 9100 none etp10 trunk down up N/A N/A
Ethernet11/1 80,81,82,83 100G 9100 none etp11 trunk down up N/A N/A
Ethernet12/1 88,89,90,91 100G 9100 none etp12 trunk down up N/A N/A
Ethernet13/1 96,97,98,99 100G 9100 none etp13 trunk up up QSFP28 or later N/A
Ethernet14/1 104,105,106,107 100G 9100 none etp14 trunk up up QSFP28 or later N/A
<...>
Ethernet60/1 472,473,474,475 100G 9100 none etp60 trunk down up N/A N/A
Ethernet61/1 480,481,482,483 100G 9100 none etp61 trunk down up N/A N/A
Ethernet62/1 488,489,490,491 100G 9100 none etp62 trunk down up N/A N/A
Ethernet63/1 496,497,498,499 100G 9100 rs etp63 routed up up QSFP28 or later N/A
Ethernet64/1 504,505,506,507 100G 9100 rs etp64 routed up up QSFP28 or later N/A
pbnoscli#pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
forward-error-correction rs
!
interface ethernet Ethernet4/1
speed 1000
forward-error-correction fs
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# Command
loopback-mode no loopback-mode
Description
Activation loopback mode
Parameters
None
Mode
INTERFACE
You can use the Ingress VLAN functionality to assign dedicated identification tags (VLAN Tags) and thereby creating a mapping between the network port and tool ports. Traffic received on network ports can be added with an additional VLAN tag and sent towards the tools for identifying the Network Port. Ingress VLAN is configured in the interface configuration of the network port.
Command
[no] ingress-vlan <value>
Description
This feature should only be configured on Network ports
You can verify the configuration by using the command(s) below:
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet4/1
pbnoscli(config-if)# loopback
loopback-mode Activate loopback mode
pbnoscli(config-if)# loopback-mode
pbnoscli(config-if)# pbnoscli# show interface npb Ethernet4/1
===================================
Interface : Ethernet4/1
===================================
Mode : vlan-aware
Ingress-vlan : 6
Egress-tagging : disable
Loopback-mode : enable
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet4/1
speed 1000
description interface description
mode vlan-aware
loopback-mode
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# Ingress-vlan configuration
Parameters
value within 500 to 4094
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet8/1
pbnoscli(config-if)# ingress-
ingress-vlan Add ingress vlan (range 500...4094)
pbnoscli(config-if)# ingress-vlan 501
pbnoscli(config-if)# pbnoscli# show interface npb Ethernet8/1
===================================
Interface : Ethernet8/1
===================================
Type : network
Mode : vlan-aware
Ingress-vlan : 501
Egress-tagging : disable
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet8/1
ingress-vlan 501
mode vlan-aware
type network
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# Command
{no} receive-only
Description
rx-only configuration
Parameters
None
Mode
INTERFACE
You can verify the configuration by using the command(s) below:
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet4/1
pbnoscli(config-if)# receive-only
pbnoscli(config-if)# endYou can use the egress tagging functionality to add a VLAN tag to the packet transmitted from the tool port.
Command
{no} egress-tagging enable
Description
Egress-tagging configuration
This feature should only be configured on Tool ports
You can verify the configuration by using the command(s) below:
You can use packet truncation, which is a unique capability available only on NVIDIA platforms, to truncate the packets which are sent to the tool. This helps tools reduce the storage capacity needed for saving packets for future analysis. It truncates the packet for the given offset.
This feature is only supported on the NVIDIA platforms
pbnoscli# show interface npb Ethernet4/1
===================================
Interface : Ethernet4/1
===================================
Ingress-vlan : 18
Egress-tagging : disable
Receive-only : enable
pbnoscli#pbnoscli# show running-config
configure terminal
interface ethernet Ethernet4/1
receive-only
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# Parameters
None
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet4/1
pbnoscli(config-if)# egress-
egress-tagging Add egress tagging
pbnoscli(config-if)# egress-tagging enable
pbnoscli(config-if)# Parameters
channelid - within 1 to 16 portname - valid interface names delimited by (,) string - a maximum of 50 characters, within double quotes
Mode
CONFIG
PortChannel can only be configured as a Tool port in a flow
You can verify the configuration by using the command(s) below:
Command
port-channel <channelid>ports<portname>[description<string>] no port-channel <channelid>ports
Description
Port-channel configuration
pbnoscli# configure terminal
pbnoscli(config)# port-channel 1
ports Add physical ports to port channel
pbnoscli(config)# port-channel 1 ports
<portname> Add ports (Add multiple ports comma delimited)
pbnoscli(config)# port-channel 1 ports Ethernet63/1,Ethernet64/1
pbnoscli(config)#
pbnoscli(config)# no port-channel 1 ports
pbnoscli(config)# pbnoscli# show interface npb Ethernet4/1
===================================
Interface : Ethernet4/1
===================================
Type : tool
Mode : vlan-aware
Ingress-vlan : 6
Egress-tagging : enable
Loopback-mode : disable
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet4/1
type tool
egress-tagging enable
mode vlan-aware
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# pbnoscli# show port-channel information
===================================
Name : port-channel1
Member ports : Ethernet63/1[up] Ethernet64/1[up]
===================================
pbnoscli#
pbnoscli# show port-channel rate
=====================================================
Port-channel Rate Counter
=====================================================
Port-Channel :1
Member Port :Ethernet1/1[up],Ethernet2/1[up],Ethernet3/1[up],Ethernet4/1[down],Ethernet5/1[down]
PACKETS RECEIVED :0
PACKETS RECEIVED BPS :51.25 B/s
PACKETS RECEIVED PPS :0.20 P/s
RECEIVED UTIL :0.00 %
RECEIVED ERROR PACKETS :0
RECEIVED DISCARDED PACKETS :0
RECEIVED OVERSIZE PACKETS :0
PACKETS TRANSMITTED :0
PACKETS TRANSMITTED BPS :20.51 B/s
PACKETS TRANSMITTED PPS :0.09 P/s
TRANSMITTED UTIL :0.00 %
TRANSMITTED ERROR PACKETS :0
TRANSMITTED DISCARDED PACKETS :0
TRANSMITTED OVERSIZE PACKETS :0
pbnoscli#pbnoscli# show running-config
configure terminal
port-channel 1 ports Ethernet63/1,Ethernet64/1
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli#Command
truncate <offset value>
no truncate
Description
Truncate packets after offset
Parameters
Offset-value – multiple of 4 within 48 to 4088
Mode
INTERFACE
You can verify the configuration by using the command(s) below:
Command
{no} transmit-only
Description
Tx-only configuration
Parameters
None
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet4/1
pbnoscli(config-if)# tr
transmit-only Activate tx-only mode
pbnoscli(config-if)# transmit-only
pbnoscli(config-if)# endLAG-Hash is used to describe the load-balancing algorithm used for distributing traffic across the links within a port channel. This algorithm plays a crucial role in determining the distribution of traffic evenly among the member links of the port channel.
OPBNOS uses the CRC2 for NVIDIA ASIC and CRC32_LO for Broadcom ASIC for load-balancing traffic across a port channel.
This section provides information about configuring flows and rules.
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet4/1
pbnoscli(config-if)# trunc
truncate Truncate the packet
pbnoscli(config-if)# truncate 64pbnoscli# show interface npb Ethernet4/1
===================================
Interface : Ethernet4/1
===================================
Mode : vlan-aware
Ingress-vlan : 6
Egress-tagging : disable
Truncate : 64
pbnoscli# pbnoscli# sh running-config
configure terminal
!
interface ethernet Ethernet4/1
truncate 64
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# pbnoscli# show interface npb Ethernet4/1
===================================
Interface : Ethernet4/1
===================================
Ingress-vlan : 18
Egress-tagging : disable
Transmit-only : enable
pbnoscli#pbnoscli# show running-config
configure terminal
interface ethernet Ethernet4/1
transmit-only
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# Description
seed value 0 - 4294967295
Parameters
integer seed value
Mode
CONFIG
You can verify the configuration by using the command(s) below:
Command
lag-hash seed <int seed_value>
pbnoscli# configure terminal
pbnoscli(config)# lag-hash
seed seed configuration
pbnoscli(config)# lag-hash seed
<seed_val> seed value 0..4294967295
pbnoscli(config)# lag-hash seed 429496723
pbnoscli(config)# pbnoscli# show lag-hash config
===================================================
LAG Hash Parameters
===================================================
Hash Algorithm : CRC2
Symmetric Hash : Enabled
SEED Value : 429496723
pbnoscli# Command
{no} an-clause cl37
Description
Auto-Negotiation clause
Parameters
cl37
Mode
INTERFACE
pbnoscli# configure terminal
pbnoscli(config)# interface ethernet Ethernet2/1
pbnoscli(config-if)# an
an-clause Auto-Negotiation clause
pbnoscli(config-if)# an-clause cl37
pbnoscli(config-if)# endParameters
network-ports—valid interfaces, delimited by (,)
Mode
FLOW
You can verify the configuration by using the command(s) below:
Command
network-ports <network-ports>
Description
Configure network or TAP ports
pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)# network-
network-ports Configure network or TAP ports
pbnoscli(config-flow-flow01)# network-ports Ethernet1/1,Ethernet2/1
pbnoscli(config-flow-flow01)# Create/Delete Flow
Parameters
Flow-name—maximum of 10 characters
Interface
CONFIG
Command
[no] flow <flow-name>
Description
pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)#
! Exit from the current prompt
description Configure description for flow
enable Enable the flow
end Exit to exec prompt
exit Exit from the current prompt
network-ports Configure network or TAP ports
no no form
pop-vlan Pop Vlan Tag
push-vlan-tag Push VLAN tag
rule Configure rule
show Show commands
tool-ports Configure network tool or analyzer ports
top Exit to the configuration prompt
pbnoscli(config-flow-flow01)# exit
//to delete a flow
pbnoscli(config)# no flow flow01
pbnoscli(config)pbnoscli# show running-config
configure terminal
interface ethernet Ethernet2/1
an-clause cl37
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
pbnoscli# pbnoscli# show flow flow01
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet1/1,Ethernet2/1
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet2/1
forward-error-correction rs
type network
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
network-ports Ethernet0,Ethernet4
!
pbnoscli# You can specify the destination(s) for packets matching the flow. The supported destinations are as follows:
port-id(s): matching traffic redirected to one or more tool ports
port-channel: matching traffic redirected to multiple tool ports with symmetric load balancing
You can verify the configuration by using the command(s) below:
Command
tool-ports <tool-ports>
Description
Configure network tool or analyzer ports
Parameters
tool-ports—valid interfaces, delimited by (,)
Mode
FLOW
pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)# network-ports Ethernet1/1,Ethernet2/1
pbnoscli(config-flow-flow01)# tool-
tool-ports Configure network tool or analyzer ports
pbnoscli(config-flow-flow01)# tool-ports port-channel1,Ethernet8/1
pbnoscli(config-flow-flow01)#pbnoscli# show flow flow01
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet1/1,Ethernet2/1
Tool-Port : port-channel1,Ethernet8/1
pbnoscli# pbnoscli# show running-config
configure terminal
port-channel 1 ports Ethernet63/1,Ethernet64/1
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet2/1
forward-error-correction rs
type network
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
network-ports Ethernet1/1,Ethernet2/1
tool-ports port-channel1,Ethernet8/1
!
pbnoscli# Parameters
string—maximum 50 characters, within double quotes.
Interface
FLOW
pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)# descript
description Configure description for flow
pbnoscli(config-flow-flow01)# description "--Flow Description--"
pbnoscli(config-flow-flow01)#
//to remove flow description
pbnoscli(config-flow-flow01)# no description
pbnoscli(config-flow-flow01)# pbnoscli# show flow flow01
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Description : --Flow Description--
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
description "--Flow Description--"
!
pbnoscli# Command
rule <ruleid> (deny | permit ) [description <cstring>] ([ethertype <etype>] [vlan <vid>] [src-ip (<ipv4> | <ipv6 > src-netmask <ipv6 >)] [dest-ip (<ipv4> | <ipv6 > dest-netmask <ipv6 >)] [protocol (tcp | udp | <ptype >)] [l4portsrc <sport>] [l4portdst <dport>] [tosval <sval >] [dscp <dval>] [ttl <tval>] [tcpctl <flags > tcpctlmask <tcpmask >] | match_all [ipv6]) [counters (enable | disable)]
no rule <ruleid>
Description
Rule configuration
Parameters
ruleid: It should be in the range 1 to 6000
description: max 50 characters
ethertype: hexadecimal value prefix with 0x. max 4 characters.
vlan: VLAN id 2 to 4094
src-ip: source IP address
dest-ip: Destination IP address
protocol: L3 Protocol
l4portsrc: L4 source port for TCP or UDP
l4portdst: L4 source port for TCP or UDP
tossval: Type of Service
dscp: Differentiated services code point.
ttl: Time-to-live
tcpctl: TCP control flags
Mode
FLOW
pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)#
! Exit from the current prompt
description Configure description for flow
enable Enable the flow
end Exit to exec prompt
exit Exit from the current prompt
network-ports Configure network or TAP ports
no no form
pop-vlan Pop Vlan Tag
push-vlan-tag Push VLAN tag
rule Configure rule
show Show commands
tool-ports Configure network tool or analyzer ports
top Exit to the configuration prompt
pbnoscli(config-flow-flow01)# rule 1
action Add rule specific action
deny Deny traffic
permit Permit traffic
pbnoscli(config-flow-flow01)# rule 1 permit
<cr>
counters Enable counters
description Add description within double quotes
dest-ip Destination IP address
dscp Differentiated services code point
ethertype ethernet type, 0x800, 0x8100
gtp GTP Tunneling
l4portdst L4 destination port
l4portsrc L4 source port
match-all Match all
protocol IP protocol
qualifiers Flow Rule Qualifiers
src-ip Source IP address
tcpctl TCP Control Flags
tosval Type of Service
ttl Time-to-live
vlan Vlan Identifier
pbnoscli(config-flow-flow01)# rule 1 permit src-ip 10.10.0.0/24 dest-ip 20.0.20.0/24 counters enable
//to remove a rule
pbnoscli(config-flow-flow01)# no rule 1
pbnoscli(config-flow-flow01)#pbnoscli# show flow summary
Flow-Name Rule-Id Status Counter-Value
=========================================================
flow01 1 Active 1675
pbnoscli#
pbnoscli# show flow flow01
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet1/1,Ethernet2/1
Tool-Port : port-channel1,Ethernet8/1
Rule : 1
++++++++++++++++++++++++++++++++++
Action : permit
Source IP : 2401::1
Source Mask : f::f
Destination IP : 2401::2
Destination Mask : f::f
Counters : enable
pbnoscli# \\Configuring IPv4 rules
pbnoscli# show running-config
configure terminal
port-channel 1 ports Ethernet63/1,Ethernet64/1
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet2/1
forward-error-correction rs
type network
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
description "--Flow Description--"
network-ports Ethernet1/1,Ethernet2/1
tool-ports port-channel1,Ethernet8/1
rule 1 permit src-ip 10.10.0.0/24 dest-ip 20.0.20.0/24 counters enable
!
pbnoscli# \\Configuring IPv6 rules
pbnoscli# show running-config
configure terminal
port-channel 1 ports Ethernet63/1,Ethernet64/1
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet2/1
forward-error-correction rs
type network
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
description "--Flow Description--"
network-ports Ethernet1/1,Ethernet2/1
tool-ports port-channel1,Ethernet8/1
rule 1 permit src-ip 2401::1 src-netmask f::f dest-ip 2401::2 dest-netmask f::f counters enable
!
pbnoscli# Using this command, users can configure a rule using an expression string for both inner and outer headers in encapsulated packets.
This feature is supported only on NVIDIA spectrum-2/3 platforms
Expression qualifiers -
ethertype - L2 Ethertype, vlan - Vlan header value, src-ip - Source IP prefix, src-netmask - Source IP mask, dest-ip- Destination IP prefix, dest-netmask- Destination IP mask, protocol - Protocol type, l4portsrc- Transport layer source port, l4portdst - Transport layer destination port, tosval - Type of Service value, dscp - Differentiated services field value, ttl - Packet TTL, tcpctl - TCP control value, tcpctlmask - TCP control mask, teid - Encapsulation tunnel ID, inner-sip - Inner IP Source Address, inner-dip - Inner IP Destination Address, inner-protocol - Inner Header Protocol, inner_l4srcport - Inner Header UDP Source Port, inner_l4destport - Inner Header UDP Destination Port
You can verify the configuration by using the command(s) below:
Command
rule ((deny | permit) [description ] [match-expression ] [counters (enable | disable )]
no rule <ruleid>
Description
Rule configuration
Parameters
ruleid: It should be in the range 1 to 6000
description: max 50 characters. match
expression: qualifiers can be added to this string
counters: can be enabled or disabled
Mode
FLOW
pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)#
! Exit from the current prompt
description Configure description for flow
enable Enable the flow
end Exit to exec prompt
exit Exit from the current prompt
network-ports Configure network or TAP ports
no no form
pop-vlan Pop Vlan Tag
push-vlan-tag Push VLAN tag
rule Configure rule
show Show commands
tool-ports Configure network tool or analyzer ports
top Exit to the configuration prompt
pbnoscli(config-flow-flow01)# rule 1 permit description "Match Expression"
<cr>
counters Enable counters
dest-ip Destination IP address
dscp Differentiated services code point
ethertype ethernet type, 0x800, 0x8100
gtp GTP Tunneling
l4portdst L4 destination port
l4portsrc L4 source port
match-all Match all
match-expression Flow Rule Qualifiers
protocol IP protocol
src-ip Source IP address
tcpctl TCP Control Flags (maximum value is 0x3f)
tosval Type of Service
ttl Time-to-live
udf-data User Defined Data
vlan Vlan Identifier
pbnoscli(config-flow-flow01)# rule 1 permit description "Match Expression"
pbnoscli(config-flow-flow01)# $Match Expression" match-expression
<matchexpression> Example qualifiers: ethertype, vlan, src-ip, src-netmask,
dest-ip, dest-netmask, protocol, l4portsrc,
l4portdst, tosval, dscp, ttl, tcpctl, tcpctlmask,
teid, inner-sip, inner-dip, inner-protocol,
inner_l4srcport, inner_l4destport
pbnoscli(config-flow-flow01)# $Match Expression" match-expression "vlan 100 src-ip 1.1.1.1/32 dest-ip 2.2.2.2/32 protocol udp inner-sip 10.10.10.1/32 inner-dip 20.20.20.2/32" counters enable
pbnoscli(config-flow-flow01)# endpbnoscli# show flow all
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet1/1,Ethernet2/1
Tool-Port : port-channel1,Ethernet8/1
Rule : 1
++++++++++++++++++++++++++++++++++
Vlan : 100
Source IP : 1.1.1.1
Source Mask : 255.255.255.255
Destination IP : 2.2.2.2
Destination Mask : 255.255.255.255
Protocol : udp
Inner Source IP : 10.10.10.1
Inner Source Mask : 255.255.255.255
Inner Destination IP : 20.20.20.2
Inner Destination Mask : 255.255.255.255
Action : permit
Description : Match Expression
Counters : enable
pbnoscli#
pbnoscli# show flow counters all
Flow-Name Rule-Id ASIC-Stat-Id Counter-Value
=============================================================
flow01 DropRule 40960 42156085
flow01 1 57344 455049065
pbnoscli#pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet2/1
forward-error-correction rs
type tool
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
port-channel 1 ports Ethernet63/1,Ethernet64/1
flow flow01
network-ports Ethernet16
tool-ports Ethernet20
rule 1 permit description "Match Expression" match-expression "vlan 100 src-ip 1.1.1.1/32 dest-ip 2.2.2.2/32 protocol udp inner-sip 10.10.10.1/32 inner-dip 20.20.20.2/32" counters enable
!
pbnoscli# Before sending the VXLAN encapsulated packets to the OPBNOS switch, the peer node can check the IPv6 reachability to the switch using the ping command. Here, we can configure multiple vlan and SVI configurations with multiple IPv6 to each vlan. Each IPv6 would be reachable(ping check) from the peer node. It ensures proper handling of VXLAN and ICMP packets through flow-based rules.
1. Create VLAN
2. SVI Configuration (Configure IPv6 to Switched Virtual Interface with VLAN)
3. VLAN Membership (Static)
4. VXLAN Encapsulation and Packet Handling
When the peer device checks for OPBNOS reachability, certain types of packets, including ARP, ICMP, and ICMPv6, need to be processed along with the VXLAN packet that needs to be forwarded. But to achieve this PING related packets are lifted to the CPU.
There are two types of traffic discussed:
ICMP/ICMPv6 Traffic for Reachability: The CPU should always process this traffic.
VXLAN Data Traffic from the Peer: This traffic should always be handled in the data path or hardware.
However, when a flow is configured to match all IP traffic, ICMP/ICMPv6 packets are also matched and forwarded to tool ports, which causes the ping to fail. To address this, we added a flow provision to send only ICMP/ICMPv6 packets to the CPU for ping handling, while the rest of the data traffic is handled and forwarded by the hardware.
If the vxlan packet is not destined to OPBNOS, add another rule and set dest-mac from the tunnel Source MAC
1. Configure IPv6 on interfaces(not associated with VLAN)
2. Ping to the IPv6 address configured on the OPBNOS switch
VLAN aware mode provides OPB administrators with the ability to match and modify packets in the flow before forwarding them to the tool port(s).
You can configure the OPBNOS to modify the flow as below:
Push VLAN - Push a new VLAN Tag onto the egress traffic.
Pop VLAN - Pop(remove) the VLAN Tag from the egress traffic.
Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behaviour.
SNMP is widely used in network management for network monitoring. SNMP exposes management data in the form of variables on the managed systems organized in a Management Information Base (MIB) which describes the system status and configuration. These variables can then be remotely queried (and, in some circumstances, manipulated) by managing applications.
Command
rule 1 action
override-pop-vlan Override action to pop the VLAN override-push-vlan-tag Override action to push VLAN Tag override-to Override to configure a rule specific network tool or analyzer ports
Description
Rule actions
Parameters
● ruleid: It should be in the range 1 to 6000 ● override-to: override egress ports ● override-push-vlan: override MAP push VLAN ● override-pop-vlan: override pop VLAN
Mode
FLOW
You can verify the configuration by using the command(s) below:
None
Mode
EXEC
Command
clear flow counters (all | <flow-name> [rule <ruleid> ])
Description
Clear command
Parameters
pbnoscli# clear flow counters all
pbnoscli#
pbnoscli# clear flow counters flow01
pbnoscli# pbnoscli# show flow counters all
Flow-Name Rule-Id ASIC-Stat-Id Counter-Value
=============================================================
flow01 DropRule 32768 0
flow01 1 40960 0
pbnoscli# pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)# network-ports Ethernet4
pbnoscli(config-flow-flow01)# tool-ports Ethernet8
pbnoscli(config-flow-flow01)# rule 1
action Add rule specific action
deny Deny traffic
permit Permit traffic
pbnoscli(config-flow-flow01)# rule 1 action
<cr>
override-pop-vlan Override action to pop the VLAN
override-push-vlan-tag Override action to push VLAN Tag
override-to Override to configure a rule specific network tool or analyzer ports
pbnoscli(config-flow-flow01)# rule 1 action override-to Ethernet12pbnoscli# show flow all
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet4/1
Tool-Port : Ethernet8/1
Rule : 1
++++++++++++++++++++++++++++++++++
Action : permit
Source IP : 10.10.0.0
Source Mask : 255.255.255.0
Destination IP : 20.0.20.0
Destination Mask : 255.255.255.0
Counters : enable
Override To : Ethernet12/1
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet4/1
forward-error-correction rs
type network
!
interface ethernet Ethernet8/1
forward-error-correction rs
type tool
!
interface ethernet Ethernet12/1
forward-error-correction rs
type tool
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
network-ports Ethernet1/1,Ethernet4/1
tool-ports Ethernet8/1
rule 1 permit src-ip 10.10.0.0/24 dest-ip 20.0.20.0/24 counters enable
rule 1 action override-to Ethernet12/1
!
pbnoscli# Configure Tunnel Flow only after the VxLAN tunnel is operationally 'UP' in the "show vxlan tunnel all/<tunnel-id>" output
Only 1 rule can be configured in tunnel-related flow
The current release doesn't support VxLAN tunnel over a LAG interface
For remote VxLAN-VTEP(Different subnet), the below order has to be followed for configuration
Command
tunnel <tunnelname> no tunnel <tunnelname>
Description
Create tunnel
Parameters
Tunnelname
Mode
CONFIG
Using this command, you can configure the attributes of the tunnel. Gateway is provisioned only when the nodes are not directly connected
Note: Updation of the tunnel is not supported. The tunnel must be deleted and re-configured for any change
Command
[no] tunnel <tunnel-name>
Description
Create tunnel
Parameters
interface: Configure tunnel ports
source-ip : Source IP address destination-ip : Destination IP address
gateway : Gateway IPv4 Address
vni : VXLAN network identifier[ range: 4096 - 16777215]
source-port : Tunnel Source Port vlan-tagging : Tunnel VLAN Tagging
Mode
TUNNEL
Flow based Encap Configuration
You can set the rules for the VxLAN Encap using flow. Here the tool port must be the tunnel name created using tunnel config command.
Command
flow flowname
network-ports Ethernet4/1
tool-ports tunnel1
rule 1 permit match all
Description
Add flow
Parameters
description Configure description for flow enable Enable the flow
end Exit to Exec Prompt
exit Exit from the Current Prompt from Configure network or TAP ports
no no form
rule Configure rule
to Configure network tool or analyzer ports
Mode
FLOW
You can set the rules for the VxLAN Decap using flow.. Here the Network port must be the tunnel name created using tunnel config command.
Command
flow flowname
network-ports tunnel1
tool-ports Ethernet10/1
rule 1 permit match all
Description
Add flow
Parameters
description Configure description for flow enable Enable the flow
end Exit to Exec Prompt
exit Exit from the Current Prompt from Configure network or TAP ports
no no form
rule Configure rule
to Configure network tool or analyzer ports
Mode
FLOW
You can display the Vxlan tunnel configurations using this command.
Command
vxlan ("VxLAN Tunnel") tunnel ("Tunnel Information") (all ("Displays all VXLAN Tunnel configuration") | ("Displays specific VXLAN Tunnel configuration") <tunnelid:string length[10]> ("Tunnel Name")),
Description
Displays VXLAN tunnel
This feature is only supported on the NVIDIA platforms
Command
push-vlan-tag <vid>
Description
push VLAN to traffic matching the rules configured in the map
Parameters
vlanid—within 1 to 4094
Mode
flow
You can verify the configuration by using the command(s) below:
Command
pop-vlan
Description
pop Vlan Tag from ingress packets received
Parameters
disable/enable
Mode
flow
You can verify the configuration by using the command(s) below:
Command
gtp no gtp
Description
Global GTP Parsing
Parameters
None
Mode
EXEC
Command
rule <ruleid> ( permit ) [description <cstring>] [gtp <gtpexpression> ] [counters (enable | disable)]
no rule <ruleid>
Description
Rule Configuration
Parameters
ruleid: It should be in the range 1 to 6000 description: max 50 characters.
gtp Example qualifiers: teid - Tunnel ID, match-all-ipv4 - Match all inner IPv4, match-all-ipv6 - Match all inner IPv6 ,inner-sip - Inner IP Source Address, inner-dip - Inner IP Destination Address, inner-protocol - Inner Header Protocol, inner_l4srcport - Inner Header UDP Source Port, inner_l4destport - Inner Header UDP Destination Port
Mode
FLOW
pbnoscli# configure terminal
pbnoscli(config)# vlan <vlan-id>
pbnoscli(config)# end
pbnoscli# savepbnoscli# configure terminal
pbnoscli(config)# interface vlan <vlan-id> //associated with one VLAN only
pbnoscli(config-if)# ip add <ipv6-address/64>
pbnoscli(config-if)# ip add <ipv6-address/64>
..
..
pbnoscli(config-if)# end
pbnoscli#savepbnoscli# configure terminal
pbnoscli(config-if)# interface ethernet <Ethernet Name>
pbnoscli(config-if)# switchport vlan <vlan-id>
pbnoscli(config-if)# end
pbnoscli# savepbnoscli# configure terminal
pbnoscli(config)# flow flow1
pbnoscli(config-flow-flow1)# network-ports Ethernet2/1
pbnoscli(config-flow-flow1)# tool-ports Ethernet32/1
pbnoscli(config-flow-flow1)# rule 10 permit ethertype 0x0806 counters enable
pbnoscli(config-flow-flow1)# rule 10 action override-to cpu
pbnoscli(config-flow-flow1)# rule 20 permit protocol 1 counters enable
pbnoscli(config-flow-flow1)# rule 20 action override-to cpu
pbnoscli(config-flow-flow1)# rule 30 permit protocol 58 counters enable
pbnoscli(config-flow-flow1)# rule 30 action override-to cpu
pbnoscli(config-flow-flow1)# rule 40 permit match-all ipv6 counters enable
pbnoscli(config-flow-flow1)# end
pbnoscli# saverule 50 action overwrite dest-mac 1c:34:da:24:de:00 dest-port 4789// sonic command
sudo config interface ip add <Ethernet Name> <ipv6-address/64>ping <ipv6-address>tunnel tunnel1
interface <interface>
source-ip <src-ip>
gateway <gateway-ip>
destination-ip <dest-ip>
vni <vni-id>
vlan-tagging disablepbnoscli(config)# tunnel tunnel1
pbnoscli(config)# no tunnel tunnel1pbnoscli(config)# tunnel tunnel1
pbnoscli(config-tunnel-tunnel1)# interface Ethernet4/1
pbnoscli(config-tunnel-tunnel1)# source-ip 1.1.1.1
pbnoscli(config-tunnel-tunnel1)# destination-ip 2.2.2.2
pbnoscli(config-tunnel-tunnel1)# source-port 10
pbnoscli(config-tunnel-tunnel1)# vlan-tagging enable
pbnoscli(config-tunnel-tunnel1)# vni 4096
pbnoscli(config-tunnel-tunnel1)#
pbnoscli(config)# flow flow1
pbnoscli(config-flow-flow1)# network-ports Ethernet4/1
pbnoscli(config-flow-flow1)# tool-ports tunnel1
pbnoscli(config-flow-flow1)# rule 1 permit match-all
pbnoscli(config-flow-flow1)# end
pbnoscli#pbnoscli(config)# flow flow1
pbnoscli(config-flow-flow1)# network-ports tunnel1
pbnoscli(config-flow-flow1)# tool-ports Ethernet10/1
pbnoscli(config-flow-flow1)# rule 1 permit match-all
pbnoscli(config-flow-flow1)# end
pbnoscli#pbnoscli# show vxlan tunnel all
===============================================
VXLAN Tunnel - tunnel
===============================================
===============================================
VXLAN Tunnel - tunnel1
===============================================
Tunnel Port : Ethernet4/1
Source IP : 1.1.1.1
Destination IP : 2.2.2.2
Source MAC : 1c:34:da:23:77:00
VN-ID : 1335637472
pbnoscli#pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)# push-vlan-tag
<pushvlanid> Add VLAN tag (1...4094)
pbnoscli(config-flow-flow01)# push-vlan-tag 1002
pbnoscli(config-flow-flow01)#
//to remove push tag
pbnoscli(config-flow-flow01)# no push-vlan-tag
pbnoscli(config-flow-flow01)# pbnoscli# show flow flow01
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet1/1,Ethernet2/1
Tool-Port : Ethernet8/1
Push vlan : enable
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet2/1
forward-error-correction rs
type network
!
interface ethernet Ethernet8/1
forward-error-correction rs
type tool
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
network-ports Ethernet1/1,Ethernet2/1
tool-ports Ethernet8/1
push-vlan-tag 1002
!
pbnoscli# pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)# pop-vlan
disable Disable Vlan stripping
enable Enable Vlan stripping
pbnoscli(config-flow-flow01)# pop-vlan enable
pbnoscli(config-flow-flow01)#
//to disable pop-vlan
pbnoscli(config-flow-flow01)# pop-vlan disable
pbnoscli(config-flow-flow01)# pbnoscli# show flow flow01
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet1/1,Ethernet2/1
Tool-Port : Ethernet8/1
Pop vlan : enable
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet2/1
forward-error-correction rs
type network
!
interface ethernet Ethernet8/1
forward-error-correction rs
type tool
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
network-ports Ethernet1/1,Ethernet4/1
tool-ports Ethernet8/1
pop-vlan enable
!
pbnoscli# //enabling GTP
pbnoscli(config)# gtp
//disabling GTP
pbnoscli(config)# no gtp pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)# network-ports Ethernet1/1
pbnoscli(config-flow-flow01)# tool-ports Ethernet4/1
pbnoscli(config-flow-flow01)# rule 1 permit gtp "teid 0x11112222 inner-sip 10.10.10.10/24 inner-dip 20.20.20.20/24 inner_protocol tcp inner_l4srcport 2152 inner_l4destport 2153" counters enable
pbnoscli(config-flow-flow01)# rule 2 permit gtp "teid 0x11112222 inner-sip 1001:11::1 inner-smask ffff:: inner-dip 2002:22::2 inner-dmask f::f inner_protocol tcp inner_l4srcport 2152 inner_l4destport 2153" counters enable
pbnoscli(config-flow-flow01)#pbnoscli# show flow summary
Flow-Name Rule-Id Status Counter-Value
=========================================================
flow01 2 Active 3574
flow01 1 Active 1123
pbnoscli#
pbnoscli# show flow all
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet1/1
Tool-Port : Ethernet4/1
Rule : 1
++++++++++++++++++++++++++++++++++
TEID : 0x11112222
Inner Source IP : 10.10.10.10
Inner Source Mask : 255.255.255.0
Inner Destination IP : 20.20.20.20
Inner Destination Mask : 255.255.255.0
Inner Protocol : tcp
Inner Source l4port : 2152
Inner Destination l4port : 2153
Action : permit
Counters : enable
Rule : 2
++++++++++++++++++++++++++++++++++
Inner Source IP : 1001:11::1
Inner Source Mask : ffff::
Inner Destination IP : 2002:22::2
Inner Destination Mask : f::f
Inner Protocol : tcp
Inner Source l4port : 2152
Inner Destination l4port : 2153
Action : permit
pbnoscli# pbnoscli# show running-config
configure terminal
gtp
interface ethernet Ethernet120
forward-error-correction rs
type network
!
interface ethernet Ethernet124
forward-error-correction rs
type tool
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
flow flow01
network-ports Ethernet1/1
tool-ports Ethernet4/1
rule 1 permit gtp "teid 0x11112222 inner-sip 10.10.10.10/24 inner-dip 20.20.20.20/24 inner_protocol tcp inner_l4srcport 2152 inner_l4destport 2153" counters enable
rule 2 permit gtp ""teid 0x11112222 inner-sip 1001:11::1 inner-smask ffff:: inner-dip 2002:22::2 inner-dmask f::f inner_protocol tcp inner_l4srcport 2152 inner_l4destport 2153"
!
pbnoscli#SNMP community string
Mode
CONFIG
You can verify the configuration by using the command(s) below:
Command
[no] snmp-server community <string>
Description
SNMP community configuration
Parameters
pbnoscli# configure terminal
pbnoscli(config)# snmp-server
community Community string authentication
contact Configure SNMP contact
location Configure SNMP location
trap Trap configuration
user SNMP user
pbnoscli(config)# snmp-server community
<comm>
pbnoscli(config)# snmp-server community public
pbnoscli(config)# pbnoscli# show snmp-community
===================================================
Community
===================================================
public (Read-only)
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
snmp-server community public
!
pbnoscli# Configure this feature to strip all incoming IPv4/IPv6 VxLAN traffic.
This feature is supported only on NVIDIA spectrum-2/3 platforms
The source-IP in tunnel configuration & dest-IP in flow rule configuration should be the same for VxLAN stripping to work.
The dest-mac in the flow rule configuration should be the system-mac of the switch, this can be retrieved using the "show platform syseeprom" command.
The strip-vxlan interface in the tunnel configuration should be a configured as .
A physical loopback is required between egress-interface from the tunnel and the tool port as Egress interface for Inner Tagged Vlan.
Use the below command to configure the flow to swap the MAC & the IP address of incoming traffic:
A Physical loop is required from the tunnel1-egress_interface (Ethernet41/1) to Tool port to (Ethernet42/1) egress interface for Tagged inner Vlan .
Use the below command to configure the tunnel attributes:
Tunnel attributes cannot be modified directly. To make changes, delete the existing tunnel and configure a new one.
Use the below command to configure the flow to egress the stripped traffic
You can display the Vxlan tunnel configurations using this command.
syslog is a standard for message logging, it's the mechanism through which messages generated by different containers are reported by the switch. These messages are reported in log files, or they can be sent to a remote syslog server.
Logging messages provide operational information about software components, including the status of the application, error reports, and detailed debugging data.
You can configure the logging of messages to a remote dedicated syslog server using the below command:
You can configure the logging of messages to a remote dedicated syslog server. Syslog message whose priority is equal and higher than the configured numerical value (i.e. If the severity level "warning(4)" is set, syslog messages with severity levels of emergency(0), alert(1), critical(2), error(3), and warning(4) will be logged).
Example
You can verify the configuration by using the command(s) below:
Traps are used when the Device needs to alert the Network Management software of an event without being polled. Traps ensure that the NMS gets information if a certain event occurs on the device that needs to be recorded without being polled by the NMS first. Managed network devices will have Trap MIBs with predefined conditions built into them. It’s crucial that the Network management system has these MIBs compiled into them to receive any traps sent by the given device/s. The primary focus of this feature is to support SNMP Trap notifications and in particular, linkUp, linkDown and config change trap notifications.
With these MIBs, you can trigger sending an SNMP trap to a configured SNMP-server host based on certain events. Also, GET/GETNext/WALK operations can be supported on these mibs. The linkUp and linkDown traps are sent to the configured host in the event that an interface Admin or Oper status changes from up to down or vice-versa. The configChange trap monitors NPB (MAP, rule, port-npb config) and port (Speed, MTU, FEC, Autoneg) configuration changes. A configChangeTrap PDU is sent to the host when any value in these tables are modified, added or removed.
You can verify the configuration by using the command(s) below:
Below commands can be used to disable FAN/PSU traps temporarily,
Parameters
SNMP threshold
Mode
CONFIG
pbnoscli# configure terminal
pbnoscli(config)# snmp-server trap
cpu-util CPU utilization
disk-util Disk utilization
fan-util FAN utilization
mem-util Memory utilization
modify Modify
psu-util PSU utilization
pbnoscli(config)# snmp-server trap disk-util
threshold Threshold limit
pbnoscli(config)# snmp-server trap disk-util threshold
<diskutil> Percentage
pbnoscli(config)# snmp-server trap disk-util threshold 80
pbnoscli(config)# snmp-server trap cpu-util threshold 82
pbnoscli(config)# Command
[no] syslog add <ip4addr | ip6addr>
Description
Syslog server configuration
Parameters
IPv4 or v6 Address - Router IP
Mode
CONFIG
Command
logging level [alert | critical | debug | emergency | error | info | notice |
warning]
Description
alert Alert level
critical Critical level
debug Debug Level
emergency Emergency Level
error Error Level
info Informational Level
notice Notice Level
warning Warning Level
Parameters
Logging level
Mode
CONFIG
Command
no logging level
Description
enable all logging (default)
Parameters
None
Mode
CONFIG
Parameters
SNMP contact
Mode
CONFIG
pbnoscli# configure terminal
pbnoscli(config)# snmp-server
pbnoscli(config)# snmp-server contact contact-name
<cont_name>
pbnoscli(config)# snmp-server contact contact-name test-engineer
contact-mail
pbnoscli(config)# snmp-server contact contact-name test-engineer contact-mail test@example.com
pbnoscli#
pbnoscli(config)# no snmp-server contact
pbnoscli# Parameters
SNMP location
Mode
CONFIG
pbnoscli# configure terminal
pbnoscli(config)# snmp-server
community Community string authentication
contact Configure SNMP contact
location Configure SNMP location
trap Trap configuration
user SNMP user
pbnoscli(config)# snmp-server location
<loc_str>
pbnoscli(config)# snmp-server location Location-1
pbnoscli(config)#
pbnoscli(config)# no snmp-server location
pbnoscli(config)# pbnoscli# show snmp-trap thresholds
======================================
System-Object Threshold
======================================
CPU utilization : 82
Memory utilization : 80
Disk utilization : 80
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
snmp-server trap modify 2 server-id 1 10.2.2.11 port 29 community public
snmp-server community public
snmp-server trap cpu-util threshold 82
snmp-server trap disk-util threshold 80
snmp-server trap fan-util disable
snmp-server trap psu-util disable
!
pbnoscli# pbnoscli(config)# syslog add 10.4.4.254
Syslog server 10.4.4.254 added to configuration
Restarting rsyslog-config service...
pbnoscli(config)#
pbnoscli(config)# syslog add 2401::1
Syslog server 2401::1 added to configuration
Restarting rsyslog-config service...
pbnoscli(config)# pbnoscli# configure terminal
pbnoscli(config)# logging level
alert Alert level(1)
critical Critical level(2)
debug Debug level(7)
emergency Emergency level(0)
error Error level(3)
info informational level(6)
notice Notice level(5)
warning Warning level(4)
pbnoscli(config)# logging level debug
pbnoscli(config)# pbnoscli# show syslog messages
Sep 25 21:37:07.055105 opb-nos WARNING systemd[1]: snmp.service: Start request repeated too quickly.
Sep 25 21:37:07.055184 opb-nos WARNING systemd[1]: snmp.service: Failed with result 'start-limit-hit'.
Sep 25 21:37:07.055260 opb-nos ERR systemd[1]: Failed to start SNMP container.
Sep 25 21:37:07.056253 opb-nos WARNING systemd[1]: snmp.service: Start request repeated too quickly.
Sep 25 21:37:07.056342 opb-nos WARNING systemd[1]: snmp.service: Failed with result 'start-limit-hit'.
Sep 25 21:37:07.056416 opb-nos ERR systemd[1]: Failed to start SNMP container.
Sep 25 21:37:07.057744 opb-nos WARNING systemd[1]: snmp.service: Start request repeated too quickly.
Sep 25 21:37:07.057842 opb-nos WARNING systemd[1]: snmp.service: Failed with result 'start-limit-hit'.
Sep 25 21:37:07.057923 opb-nos ERR systemd[1]: Failed to start SNMP container.
Sep 25 21:37:07.564801 opb-nos WARNING systemd[1]: snmp.service: Start request repeated too quickly.
Sep 25 21:37:07.565078 opb-nos WARNING systemd[1]: snmp.service: Failed with result 'start-limit-hit'.
Sep 25 21:37:07.565278 opb-nos ERR systemd[1]: Failed to start SNMP container.
Sep 25 21:37:07.566579 opb-nos INFO systemd[1]: Stopping System Logging Service...
Sep 25 21:37:07.566723 opb-nos WARNING systemd[1]: snmp.service: Start request repeated too quickly.
Sep 25 21:37:07.566856 opb-nos WARNING systemd[1]: snmp.service: Failed with result 'start-limit-hit'.
<...>
Sep 25 21:38:47.838099 opb-nos ERR systemd[1]: Failed to start SNMP container.
pbnoscli# configure terminal
syslog add 10.4.4.254
syslog add 2401::1
logging level debug
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli#
pbnoscli# show snmp-contact
===================================================
Contact
===================================================
Contact Name : test-engineer
Contact Mail : test@example.com
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
snmp-server contact contact-name test-engineer contact-mail test@example.com
snmp-server location Location-1
!
pbnoscli#pbnoscli# show snmp-location
===================================================
Location
===================================================
Location-1
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
snmp-server location Location-1
!
pbnoscli# SNMP-FRAMEWORK-MIB.txt
SNMPv2-SMI.txt
DISMAN-SCHEDULE-MIB.txt
IP-FORWARD-MIB.txt
IPV6-UDP-MIB.txt
SNMP-MPD-MIB.txt
SNMPv2-TC.txt
ENTITY-MIB.txt
IP-MIB.txt
MTA-MIB.txt
SNMP-NOTIFICATION-MIB.txt
SNMPv2-TM.txt
HOST-RESOURCES-MIB.txt
IPV6-ICMP-MIB.txt
NETWORK-SERVICES-MIB.txt
SNMP-TARGET-MIB.txt
SNMP-VIEW-BASED-ACM-MIB.txt
HOST-RESOURCES-TYPES.txt
IPV6-MIB.txt
NOTIFICATION-LOG-MIB.txt
SNMP-USER-BASED-SM-MIB.txt
TCP-MIB.txt
IF-MIB.txt
IPV6-TCP-MIB.txt
SNMP-COMMUNITY-MIB.txt
SNMPv2-MIB.txt
UDP-MIB.txt
Command
[no] snmp-server trap modify <version><ip4addr|ip6addr> [port <value>] [community
<value>]
Description
SNMP trap configuration
Parameters
Version, IPv4 or v6 Address , port, community values
Mode
CONFIG
Command
snmp-server trap (psu-util/fan-util) disable
Description
disable PSU/FAN traps temperoraly
Parameters
FAN/PSU
Mode
EXEC
Command
flow <name>
network-ports <port>
tool-ports <tunnel>
rule <to wap IP & MAC>
Description
Add flow
Parameters
description Configure description for flow enable Enable the flow
end Exit to Exec Prompt
exit Exit from the Current Prompt network-ports Configure network or TAP ports
no no form
rule Configure rule
tool-ports Configure network tool or analyzer ports
Mode
FLOW
Command
tunnel <tunnelname> no tunnel <tunnelname>
Description
Create tunnel
Parameters
Tunnelname
Mode
CONFIG
Command
[no] tunnel <tunnel-name>
Description
Create tunnel
Parameters
comment: Configure comment for tunnel
decap-vxlan: Enable Tunnel to decap VXLAN packet destined to the device
destination-ip: Destination IP address
gateway: Gateway IPv4 Address
ingress-interface: Configure tunnel port
source-ip: Source IP address
source-port: Tunnel Source Port
strip-vxlan: Enable Tunnel to STRIP all the incoming VXLAN packet
vlan-tagging: Tunnel VLAN Tagging
vni: VXLAN network identifier
Mode
TUNNEL
Command
flow <name>
network-ports <port>
tool-ports <port>
rule 1 permit match all
rule 2 permit match-all ipv6
Description
Add flow
Parameters
description Configure description for flow enable Enable the flow
end Exit to Exec Prompt
exit Exit from the Current Prompt network-ports Configure network or TAP ports
no no form
rule Configure rule
tool-ports Configure network tool or analyzer ports
Mode
FLOW
Command
vxlan ("VxLAN Tunnel") tunnel ("Tunnel Information") (all ("Displays all VXLAN Tunnel configuration") | ("Displays specific VXLAN Tunnel configuration") <tunnelid:string length[10]> ("Tunnel Name")),
Description
Displays VXLAN tunnel
You can configure the SNMP User string using the below command:
Command
[no] snmp-server user <user_name> priv_type [AuthNoPriv/Priv/noAuthNoPriv] access [RO/RW] auth [HMAC-SHA-2/MD5/SHA] auth-password <auth_password>
Description
SNMP user configuration
You can verify the configuration by using the command(s) below:
Ping is an administration utility used to test the connectivity between two network IP devices.
Ping functions by sending an Internet Control Message Protocol (ICMP) echo request to the specified remote host and waiting for an ICMP reply from that host. Using this method, ping also determines the time interval between when the echo request is sent and when the echo reply is received. This interval is called round-trip time.
At the end of the test, ping displays the minimum, maximum, and average round-trip times, and the standard deviation of the mean. Besides the round-trip time, ping can also measure the rate of packet loss. This is determined by the number of received echo replies over the number of sent echo requests. It is displayed as a percentage.
The Network Time Protocol (NTP) is used to synchronize the internal clocks of network devices. This is helpful for troubleshooting network problems by correlating events on different network devices using, for example, Syslog messages. NTP provides the switch with a mechanism to accurately update its clock to be consistent with the clocks of other network devices within a precision of one millisecond. NTP uses User Datagram Protocol (UDP) to communicate across the network.
To configure the NTP server, use the following command:
Command
To display the NTP server information, use the following command:
Use the following command to check the rate of data flowing through a flow:
Command
show flow (all | <flow-name> ) rate
Description
Display flow rate for a flow
You can display the flow configuration and operational status as follows:
Use the following command to show the flow summary:
Use the following command to display the counters of all the flows:
pbnoscli# configure terminal
pbnoscli(config)# snmp-server
community Community string authentication
contact Configure SNMP contact
location Configure SNMP location
trap Trap configuration
user SNMP user
pbnoscli(config)# snmp-server trap
cpu-util CPU utilization
disk-util Disk utilization
fan-util FAN utilization
mem-util Memory utilization
modify Modify
psu-util PSU utilization
pbnoscli(config)# snmp-server trap modify
<version> Version value
pbnoscli(config)# snmp-server trap modify 2
<ipaddr> A.B.C.D
<ip6addr> A:B::C:D
server-id Server ID
pbnoscli(config)# snmp-server trap modify 2tr server-id 1
<ipaddr> A.B.C.D
<ip6addr> A:B::C:D
pbnoscli(config)# snmp-server trap modify 2 server-id 1 10.2.2.11 port 29 community public
pbnoscli(config)# pbnoscli# show snmp-trap
=====================================================================================
Host Version Dest IP Dest Port Community Vrf
=====================================================================================
1 2 10.2.2.11 29 public None
pbnoscli# pbnoscli# configure terminal
pbnoscli(config)# snmp
snmp-server SNMP server configuration
pbnoscli(config)# snmp-server
community Community string authentication
trap Trap configuration
pbnoscli(config)# snmp-server trap
cpu-util CPU utilization
disk-util Disk utilization
fan-util FAN utilization
mem-util Memory utilization
modify Modify
psu-util PSU utilization
pbnoscli(config)# snmp-server trap psu-util
disable Disable the PSU traps
pbnoscli(config)# snmp-server trap psu-util
disable Disable the PSU traps. Notify only on state change
pbnoscli(config)# snmp-server trap psu-util disable
pbnoscli(config)# snmp-server trap fan-util disable
pbnoscli(config)# end
pbnoscli# // As received on the SNMP server
//Disk Traps
10.4.5.244.47699 > npbsrv01.snmp: [udp sum ok] { SNMPv2c C="Aviz" { V2Trap(55) R=755944523 system.sysUpTime.0=5574 S:1.1.4.1.0=88.2.0.3="Current Disk usage 78% falls below threshold 79%" } }
10.4.5.244.47549 > npbsrv01.snmp: [udp sum ok] { SNMPv2c C="Aviz" { V2Trap(55) R=755944523 system.sysUpTime.0=5574 S:1.1.4.1.0=88.2.0.2="Current Disk usage 88% raised above threshold 80%" } }
10.4.5.244.47239 > npbsrv01.snmp: [udp sum ok] { SNMPv2c C="Aviz" { V2Trap(55) R=755944523 system.sysUpTime.0=5574 S:1.1.4.1.0=88.2.0.4="Disk /dev/sda3 failed" } }
//CPU Traps
10.4.5.244.49899 > npbsrv01.snmp: [udp sum ok] { SNMPv2c C="Aviz" { V2Trap(55) R=755944523 system.sysUpTime.0=5574 S:1.1.4.1.0=88.2.0.3="Current CPU usage 70% falling below threshold 80%" } }
10.4.5.244.35699 > npbsrv01.snmp: [udp sum ok] { SNMPv2c C="Aviz" { V2Trap(55) R=755944523 system.sysUpTime.0=5574 S:1.1.4.1.0=88.2.0.2="Current CPU usage 88% raised above threshold 80%" } }
//Memory Traps
10.4.5.244.47689 > npbsrv01.snmp: [udp sum ok] { SNMPv2c C="Aviz" { V2Trap(55) R=755944523 system.sysUpTime.0=5574 S:1.1.4.1.0=88.2.0.3="Current mem usage 71% falling below threshold 80%" } }
10.4.5.244.47656 > npbsrv01.snmp: [udp sum ok] { SNMPv2c C="Aviz" { V2Trap(55) R=755944523 system.sysUpTime.0=5574 S:1.1.4.1.0=88.2.0.2="Current mem usage 88% raised above threshold 80%" } }
//PSU Traps
10.4.4.52.32850 > npbsrv01.snmp: V2Trap(101) system.sysUpTime.0=42198 S:1.1.4.1.0=E:58564.2.1.1.1 E:58564.2.1.1.1="PSU 2 present, status OK"
//FAN Traps
10.4.4.52.32850 > npbsrv01.snmp: V2Trap(100) system.sysUpTime.0=42198 S:1.1.4.1.0=E:58564.2.1.1.2 E:58564.2.1.1.2="fan1 present, status OK"
10.4.4.52.32850 > npbsrv01.snmp: V2Trap(100) system.sysUpTime.0=42198 S:1.1.4.1.0=E:58564.2.1.1.2 E:58564.2.1.1.2="fan2 present, status OK"
10.4.4.52.32850 > npbsrv01.snmp: V2Trap(100) system.sysUpTime.0=42198 S:1.1.4.1.0=E:58564.2.1.1.2 E:58564.2.1.1.2="fan3 present, status OK"
10.4.4.52.32850 > npbsrv01.snmp: V2Trap(100) system.sysUpTime.0=42198 S:1.1.4.1.0=E:58564.2.1.1.2 E:58564.2.1.1.2="fan4 present, status OK"
10.4.4.52.32850 > npbsrv01.snmp: V2Trap(100) system.sysUpTime.0=42198 S:1.1.4.1.0=E:58564.2.1.1.2 E:58564.2.1.1.2="fan5 present, status OK"
10.4.4.52.32850 > npbsrv01.snmp: V2Trap(100) system.sysUpTime.0=42198 S:1.1.4.1.0=E:58564.2.1.1.2 E:58564.2.1.1.2="fan6 present, status OK"
10.4.4.52.32850 > npbsrv01.snmp: V2Trap(100) system.sysUpTime.0=42198 S:1.1.4.1.0=E:58564.2.1.1.2 E:58564.2.1.1.2="fan7 present, status OK"
10.4.4.52.32850 > npbsrv01.snmp: V2Trap(100) system.sysUpTime.0=42198 S:1.1.4.1.0=E:58564.2.1.1.2 E:58564.2.1.1.2="fan8 present, status OK"
10.4.4.52.32850 > npbsrv01.snmp: V2Trap(105) system.sysUpTime.0=42198 S:1.1.4.1.0=E:58564.2.1.1.2 E:58564.2.1.1.2="psu2_fan1 present, status OK" pbnoscli# show running-config
configure terminal
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
snmp-server trap modify 2 server-id 1 10.2.2.11 port 29 community public
snmp-server community public
snmp-server trap fan-util disable
snmp-server trap psu-util disable
!
pbnoscli# pbnoscli(config)# flow swap
pbnoscli(config-flow-swap)# network-ports Ethernet1/1
pbnoscli(config-flow-swap)# tool-ports Ethernet50/1
pbnoscli(config-flow-swap)# rule 5 permit protocol 58 counters enable
pbnoscli(config-flow-swap)# rule 5 action override-to cpu
pbnoscli(config-flow-swap)# rule 6 permit match-all counters enable
pbnoscli(config-flow-swap)# rule 6 action overwrite dest-ip 10.10.10.1 dest-mac 1c:34:da:23:77:00 dest-port 4789
pbnoscli(config-flow-swap)# rule 7 permit match-all ipv6 counters enable
pbnoscli(config-flow-swap)# rule 7 action overwrite dest-mac 1c:34:da:23:77:00 dest-port 4789
pbnoscli(config-flow-swap)# end
pbnoscli#pbnoscli(config)# tunnel tunnel1
pbnoscli(config)# no tunnel tunnel1pbnoscli(config)# tunnel tunnel1
pbnoscli(config-tunnel-tunnel1)# ingress-interface Ethernet50/1
pbnoscli(config-tunnel-tunnel1)# strip-vxlan egress Ethernet41/1
pbnoscli(config-tunnel-tunnel1)# source-ip 10.10.10.1
pbnoscli(config-tunnel-tunnel1)# destination-ip 10.10.10.2
pbnoscli(config-tunnel-tunnel1)# vni 4098
pbnoscli(config-tunnel-tunnel1)# vlan-tagging disable
pbnoscli(config-tunnel-tunnel1)# pbnoscli(config)# flow egress
pbnoscli(config-flow-egress)# network-ports Ethernet42/1
pbnoscli(config-flow-egress)# tool-ports Ethernet64/1
pbnoscli(config-flow-egress)# rule 10 permit match-all counters enable
pbnoscli(config-flow-egress)# rule 20 permit match-all ipv6 counters enable
pbnoscli(config-flow-egress)# rule 20 action override-to Ethernet64/1
pbnoscli(config-flow-egress)# end
pbnoscli#pbnoscli# show vxlan tunnel all
===============================================
VXLAN Tunnel - tunnel1
===============================================
Tunnel Port : Ethernet50/1
Source IP : 10.10.10.1
Destination IP : 10.10.10.2
Source MAC : 1c:34:da:23:77:00
VN-ID : 4098
Vlan Tagging : false
Tunnel Status : UP
pbnoscli#Parameters
user value, privilege type, access type, encryption type, password value
Mode
CONFIG
pbnoscli# show snmp-users
======================================================================================================
Users Privilage Access Authentication Encryption
======================================================================================================
aviz AuthNoPriv RO MD5
pbnoscli# Command
ping <ip address> [source <source address> | interface <interface name> [count {<number>}] [interval <seconds> ] [size <bytes> ] [timeout <seconds> ]
Description
Polls or “pings” to see if the specified host is reachable
Parameters
ip address The IP address (ipv4/ipv6) of the host to ping.
source ip address Source IP address to use
interface interface name Interface to use count packets Count of ping request
size bytes Specifies the number of data bytes to be sent
timeout seconds Time to wait for a response, in seconds
Mode
EXEC
pbnoscli# ping 192.168.0.98
ping 192.168.0.98
PING 192.168.0.98 (192.168.0.98) 56(84) bytes of data.
64 bytes from 192.168.0.98: icmp_seq=1 ttl=64 time=1.05 ms
64 bytes from 192.168.0.98: icmp_seq=2 ttl=64 time=0.333 ms
^C
--- 192.168.0.98 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.333/0.691/1.050/0.359 ms[no] ntp <ip4addr | ip6addr >
Description
NTP server configuration
Parameters
IPv4 or v6 Address - Router IP
Mode
CONFIG
Command
show ntp
Description
Show NTP configuration
Parameters
None
Mode
EXEC
Parameters
ip address Destination IP address (ipv4/ipv6) of the host
hostname Name of the host
source ip address Source IP address to use
Mode
EXEC
pbnoscli# traceroute 192.168.0.98
traceroute to 192.168.0.98 (192.168.0.98), 30 hops max, 60 byte packets
1 192.168.0.98 (192.168.0.98) 0.312 ms 0.182 ms 0.302 ms
pbnoscli# Parameters
flow-name - max 20 characters
Mode
EXEC
Command
show flow (all | <flow-name> rule <rule-id> )
Description
Displays all the flow configurations and rule configurations
Parameters
flow-name—max 20 characters
rule-id – within 1 to 6000
Mode
EXEC
Command
show flow summary
Description
Displays the summary of all OPB flows
Parameters
None
Mode
EXEC
Command
show flow counters (all |<flow-name> )
Description
Displays the counters of all the OPB flows
Parameters
flow-name – max 20 characters
Mode
EXEC
SONiC has Ethernet naming based on the lanes like Ethernet0, Ethernet4, Ethernet8… Ethernet252, This is not very user-friendly and the CLI Ethernet names are not mapped to the Physical front panel ports.
To avoid this and provide a better user experience, Interface Mapping Feature is implemented by exposing the Front Panel ports directly to the user and all the mapping to SONiC and ASIC is handled by OPBNOS internally.
pbnoscli# show interface npb intfmap
ISCLI PORTS SONIC PORTS
============ ===========
Ethernet1/1 Ethernet0
Ethernet2/1 Ethernet4
Ethernet3/1 Ethernet8
Ethernet4/1 Ethernet12
Ethernet5/1 Ethernet16
Ethernet6/1 Ethernet20
Ethernet7/1 Ethernet24
Ethernet8/1 Ethernet28
Ethernet9/1 Ethernet32
Ethernet10/1 Ethernet36
Ethernet11/1 Ethernet40
Ethernet12/1 Ethernet44
Ethernet13/1 Ethernet48
Ethernet14/1 Ethernet52
Ethernet15/1 Ethernet56
Ethernet16/1 Ethernet60
Ethernet17/1 Ethernet64
Ethernet18/1 Ethernet68
Ethernet19/1 Ethernet72
Ethernet20/1 Ethernet76
Ethernet21/1 Ethernet80
Ethernet22/1 Ethernet84
Ethernet23/1 Ethernet88
Ethernet24/1 Ethernet92
Ethernet25/1 Ethernet96
Ethernet26/1 Ethernet100
Ethernet27/1 Ethernet104
Ethernet28/1 Ethernet108
Ethernet29/1 Ethernet112
Ethernet30/1 Ethernet116
Ethernet31/1 Ethernet120
Ethernet32/1 Ethernet124
pbnoscli#Timezone
Mode
CONFIG
You can verify the configuration by using the command(s) below:
Command
[no] clock timezone <timezones>
Description
Clock timezone configuration
Parameters
pbnoscli(config)#
pbnoscli(config)# clock timezone
<timezones>
pbnoscli(config)# clock timezone Pacific/Tahiti
pbnoscli(config)#pbnoscli# show clock
Sun 25 Sep 2022 09:34:05 PM -10
pbnoscli# pbnoscli# configure terminal
pbnoscli(config)# snmp-server
community contact location trap user
pbnoscli(config)# snmp-server
community Community string authentication
contact Configure SNMP contact
location Configure SNMP location
trap Trap configuration
user SNMP user
pbnoscli(config)# snmp-server user
<user_name> Enter Username
pbnoscli(config)# snmp-server user aviz
priv_type User Privilage
pbnoscli(config)# snmp-server user aviz priv_type
AuthNoPriv User Authentication and No Encryption
Priv User Authentication and Encryption
noAuthNoPriv No user authentication and No Encryption
pbnoscli(config)# snmp-server user aviz priv_type au
pbnoscli(config)# snmp-server user aviz priv_type AuthNoPriv
access User access permission
pbnoscli(config)# snmp-server user aviz priv_type AuthNoPriv access
RO Read only
RW Read & Write
pbnoscli(config)# snmp-server user aviz priv_type AuthNoPriv access RO
auth Authentication
pbnoscli(config)# snmp-server user aviz priv_type AuthNoPriv access RO auth
HMAC-SHA-2
MD5
SHA
pbnoscli(config)# snmp-server user aviz priv_type AuthNoPriv access RO auth md
pbnoscli(config)# snmp-server user aviz priv_type AuthNoPriv access RO auth MD5
auth-password
pbnoscli(config)# snmp-server user aviz priv_type AuthNoPriv access RO auth MD5 auth-password
<auth_password> Auth Password length 8 to 64
pbnoscli(config)# snmp-server user aviz priv_type AuthNoPriv access RO auth MD5 auth-password password
<cr>
pbnoscli(config)# snmp-server user aviz priv_type AuthNoPriv access RO auth MD5 auth-password password
pbnoscli(config)#
pbnoscli(config)# no snmp-server user aviz
pbnoscli(config)# pbnoscli# ping 192.168.0.98 count 2
ping 192.168.0.98 -c 2
PING 192.168.0.98 (192.168.0.98) 56(84) bytes of data.
64 bytes from 192.168.0.98: icmp_seq=1 ttl=64 time=0.548 ms
64 bytes from 192.168.0.98: icmp_seq=2 ttl=64 time=0.497 ms
--- 192.168.0.98 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1004ms
rtt min/avg/max/mdev = 0.497/0.522/0.548/0.034 mspbnoscli# ping 192.168.0.98 size 100
ping 192.168.0.98 -s 100
PING 192.168.0.98 (192.168.0.98) 100(128) bytes of data.
108 bytes from 192.168.0.98: icmp_seq=1 ttl=64 time=0.548 ms
108 bytes from 192.168.0.98: icmp_seq=2 ttl=64 time=0.510 ms
108 bytes from 192.168.0.98: icmp_seq=3 ttl=64 time=0.496 mspbnoscli# configure terminal
pbnoscli(config)# ntp
<ipaddr> A.B.C.D
<ip6addr> A:B::C:D
pbnoscli(config)# ntp 162.159.200.1
NTP server 162.159.200.1 added to configuration
Restarting ntp-config service...
pbnoscli(config)# pbnoscli# show ntp
MGMT_VRF_CONFIG is not present.
synchronised to NTP server (162.159.200.1) at stratum 4
time correct to within 15049 ms
polling server every 64 s
remote refid st t when poll reach delay offset jitter
==============================================================================
*162.159.200.1 10.210.8.4 3 u 25 64 377 1.114 -15031. 151.639
pbnoscli#pbnoscli# show running-config
configure terminal
ntp 162.159.200.1
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli#pbnoscli# traceroute yahoo.com
traceroute to yahoo.com (98.137.11.163), 30 hops max, 60 byte packets
1 RT-AC68R-9030 (192.168.0.1) 0.391 ms 0.246 ms 0.260 ms
2 10.0.0.1 (10.0.0.1) 2.300 ms 3.027 ms 4.116 ms
3 96.120.88.81 (96.120.88.81) 21.899 ms 23.213 ms 21.734 ms
4 be-10009-rur01.sanjose.ca.sfba.comcast.net (162.151.30.225) 22.136 ms 24.994 ms 25.081 ms
5 be-231-rar01.santaclara.ca.sfba.comcast.net (162.151.78.249) 26.639 ms 26.077 ms 27.910 ms
6 be-299-ar01.santaclara.ca.sfba.comcast.net (68.86.143.93) 28.441 ms 14.089 ms 16.809 ms
7 lag-14.ear3.SanJose1.Level3.net (4.68.72.105) 64.404 ms 63.871 ms 21.365 ms
8 * * *
9 YAHOO-INC.ear3.Seattle1.Level3.net (4.16.168.186) 49.019 ms 47.647 ms 48.411 ms
10 ae-5.pat1.gqb.yahoo.com (216.115.101.111) 50.127 ms 47.827 ms 49.460 ms
11 et-18-1-0.msr2.gq1.yahoo.com (66.196.67.115) 46.600 ms et-19-1-0.msr1.gq1.yahoo.com
(66.196.67.99) 61.098 ms et-18-1-0.msr2.gq1.yahoo.com (66.196.67.115) 33.044 ms
12 et-1-0-0.clr1-a-gdc.gq1.yahoo.com (67.195.37.93) 40.249 ms et-1-1-0.clr2-a-gdc.gq1.yahoo.com
(67.195.37.75) 39.213 ms et-1-1-0.clr1-a-gdc.gq1.yahoo.com (67.195.37.71) 39.544 ms
13 lo0.fab1-2-gdc.gq1.yahoo.com (68.180.235.2) 46.348 ms 37.615 ms lo0.fab6-2-gdc.gq1.yahoo.com
(68.180.235.7) 41.677 ms
14 lo0.fab6-1-gdc.gq2.yahoo.com (98.136.159.242) 42.179 ms lo0.fab7-1-gdc.gq2.yahoo.com
(98.136.159.241) 41.243 ms lo0.fab2-1-gdc.gq2.yahoo.com (98.136.159.246) 39.892 ms
15 usw2-1-lbc.gq2.yahoo.com (98.136.158.193) 48.383 ms usw1-1-lbc.gq2.yahoo.com (98.136.158.192)
47.446 ms usw2-1-lbc.gq2.yahoo.com (98.136.158.193) 37.298 ms
16 media-router-fp74.prod.media.vip.gq1.yahoo.com (98.137.11.163) 38.066 ms 33.298 ms 39.219 ms
pbnoscli# pbnoscli# traceroute 2001:db8:85a3::8a2e:370:7444
traceroute to 2001:db8:85a3::8a2e:370:7444 (2001:db8:85a3::8a2e:370:7444), 30 hops max, 80 byte
packets
1 2001:db8:85a3::8a2e:370:7334 (2001:db8:85a3::8a2e:370:7334) 3070.486 ms !H 3070.360 ms !H
3070.319 ms !H
pbnoscli# pbnoscli# show flow counters all rate
Flow-Name Rate (BPS) Rate (PPS)
===============================================================
flow1 0.15 B/s 0.00 P/s
pbnoscli#pbnoscli# show flow all
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet4/1
Tool-Port : Ethernet8/1
Rule : 1
++++++++++++++++++++++++++++++++++
Action : permit
Source IP : 10.10.0.0
Source Mask : 255.255.255.0
Destination IP : 20.0.20.0
Destination Mask : 255.255.255.0
Counters : enable
Override To : Ethernet12/1
===================================
Flow : flow02 (CLI)
===================================
Status : enable
Network-Port : Ethernet16/1
Tool-Port : Ethernet20/1
Rule : 1
++++++++++++++++++++++++++++++++++
Action : permit
Source IP : 2401::1
Source Mask : f::f
Destination IP : 2401::2
Destination Mask : f::f
TTL : 30
Protocol : tcp
Tosval : 4
Counters : enable
pbnoscli# pbnoscli# show flow flow02 rule 1
===================================
Flow : flow02 (CLI)
===================================
Status : enable
Network-Port : Ethernet16/1
Tool-Port : Ethernet20/1
Rule : 1
++++++++++++++++++++++++++++++++++
Action : permit
Source IP : 2401::1
Source Mask : f::f
Destination IP : 2401::2
Destination Mask : f::f
TTL : 30
Protocol : tcp
Tosval : 4
Counters : enable
pbnoscli# pbnoscli# show flow summary
Flow-Name Rule-Id Status Counter-Value
=========================================================
flow01 1 Active 5643
flow02 1 Active 18236
pbnoscli# pbnoscli# show flow counters all
Flow-Name Rule-Id ASIC-Stat-Id Counter-Value
=============================================================
flow02 1 65536 18236
flow01 1 40960 5643
flow02 DropRule 57344 14
flow01 DropRule 32768 18
pbnoscli# pbnoscli# show flow counters flow01
Flow-Name Rule-Id ASIC-Stat-Id Counter-Value
=============================================================
flow01 1 40960 5643
flow01 DropRule 32768 18
pbnoscli# pbnoscli# show running-config
configure terminal
ntp add 162.159.200.1
clock timezone Pacific/Tahiti
!
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli#You can configure the TACACS Server using the following command:
You can verify the configuration by using the command(s) below:
To Configure Global TACACS parameters, use the below command:
You can verify the configuration by using the command(s) below:
User Defined Filtering can be considered an inspection of a packet based on offset values. An ACL can be defined with UDF matching capabilities to give granularity and flexibility when identifying traffic patterns. It is often used for deeper packet analysis. Typical use cases include finding patterns inside the inner header when packets are tunnelled.
Using UDF, users can configure a rule to match specific bytes in the ingress packet based on a given offset to permit or deny matched packets
Offset for the L3 packet starts from the IP header in the packet
offset for the L2 packet starts from EtherType in the packet
Note: The maximum length that can be matched is 40 characters (i.e. 20 bytes), and the minimum is 4 characters (i.e. 2 bytes), excluding the "0x" prefix. The character string must be an even number of characters.
This feature is supported only on NVIDIA spectrum-2/3 platforms
UDF and GTP can not be configured together on a device
You can verify the configuration by using the command(s) below:
Command
[no] tacacs-server host <ipv4 | ipv6> [timeout<value> ] [key <value> ] [auth_type (chap |
pap | mschap | login) ] [port <value>] [priority <value> ]
Description
TACACS configuration
Parameters
IPv4 or v6 Address , timeout, key, auth_type, port, priority values
Mode
CONFIG
Command
[no] tacacs [authtype (chap | pap | mschap | login)] [passkey <value>] [timeout <value>]
Description
TACACS global configuration
Parameters
Timeout, key, auth_type, passkey values
Mode
CONFIG
Command
rule <rule-id> ((deny | permit) [description ] [udf-data udf-extraction-group (l2 | l3 [udf-extraction-point ]) udf-offset ] [counters (enable | disable )]
no rule <ruleid>
Description
Rule configuration
Parameters
ruleid: It should be in the range 1 to 6000
description: max 50 characters
udf-data: data bytes that need to be matched with the incoming packet
udf-extraction-group:
l2 - match from l2 header ethertype field
l3 - match from start of IPV4 or IPV6 header
udf-extraction point: (applies for only l3 extraction point) set extraction point from start of IPV4 or IPV6 header
udf-offset: offset from which bytes will be monitored from extraction point
counters: can be enabled or disabled
Mode
FLOW
To get information about the Interface transceiver, use the below commands:
pbnoscli# show interface transceiver presence
Port Presence
------------ -----------
Ethernet1/1 Present
Ethernet2/1 Present
Ethernet3/1 Present
Ethernet4/1 Not present
Ethernet5/1 Present
Ethernet6/1 Present
Ethernet7/1 Present
Ethernet8/1 Not present
Ethernet9/1 Not present
Ethernet10/1 Not present
Ethernet11/1 Not present
Ethernet12/1 Not present
Ethernet13/1 Present
Ethernet14/1 Present
<...>
Ethernet62/1 Not present
Ethernet63/1 Present
Ethernet64/1 Present
pbnoscli# pbnoscli# show interface transceiver eeprom Ethernet1/1
Ethernet0: SFP EEPROM detected
Application Advertisement: N/A
Connector: CopperPigtail
Encoding: Unspecified
Extended Identifier: GBIC/SFP defined by twowire interface ID
Extended RateSelect Compliance: Unspecified
Identifier: SFP/SFP+/SFP28
LengthOM3(UnitsOf10m): 0
Nominal Bit Rate(100Mbs): 103
Specification compliance:
SFP+CableTechnology: Passive Cable
Vendor Date Code(YYYY-MM-DD Lot): 2016-11-24
Vendor Name: Volex Inc.
Vendor OUI: 14-1b-bd
Vendor PN: 700512588
Vendor Rev: A
Vendor SN: 16CN48200200
pbnoscli#pbnoscli# show interface transceiver lpmode Ethernet1/1
Port Low-power Mode
--------- ----------------
Ethernet0 On
pbnoscli# show interface transceiver lpmode Ethernet3/1
Port Low-power Mode
--------- ----------------
Ethernet8 Off
pbnoscli#To check system uptime, use the below command:
pbnoscli# show uptime
08:33:19 up 1 day, 21:52, 16 users, load average: 1.35, 1.30, 1.29
pbnoscli# pbnoscli(config)# tacacs-server host 10.0.0.1
<cr>
auth_type Authentication type, default pap
key Add Key
port TCP port range is <1...65535>, default 49
priority Priority <1..64>, default 1
timeout Transmission timeout interval <0-60>, default 5
pbnoscli(config)# tacacs-server host 10.0.0.1 auth_type
chap chap
login login
mschap mschap
pap pap
pbnoscli(config)# tacacs-server host 10.0.0.1 auth_type pap key key_val port 44 priority 1 timeout 60
pbnoscli(config)# pbnoscli# show tacacs-sever 10.0.0.1
TACPLUS global auth_type pap (Default)
TACPLUS global passkey <EMPTY_STRING> (Default)
TACPLUS global timeout 5 (Default)
=====================================================================================================================
IP Auth_type Passkey Tcp_port Priority Mgmtvrf Timeout
=====================================================================================================================
10.0.0.1 pap key_val 44 1 N/A 60
pbnoscli# pbnoscli# show running-config
configure terminal
aaa authentication failthrough disable
aaa authentication fallback disable
aaa authentication login tacacs+
tacacs-server host 10.0.0.1 auth_type pap key key_val port 44 priority 1 timeout 60
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli# pbnoscli(config)# tacacs
authtype Configure authentication type, default : pap
passkey Specify TACACS server global passkey, default : <EMPTY_STRING>
timeout Specify TACACS server global timeout <0-60>, default : 5
//configuring authentication type
pbnoscli(config)# tacacs authtype
chap chap
login login
mschap mschap
pap pap
pbnoscli(config)# tacacs authtype pap
//configuring tacacs passkey
pbnoscli(config)# tacacs passkey key_value
//configuring timout value
pbnoscli(config)# tacacs timeout 60pbnoscli# show tacacs-sever
TACPLUS global auth_type pap
TACPLUS global passkey key_value
TACPLUS global timeout 60
=====================================================================================================================
IP Auth_type Passkey Tcp_port Priority Mgmtvrf Timeout
=====================================================================================================================
10.0.0.1 pap key_val 44 1 N/A 60
pbnoscli# pbnoscli# show running-config
configure terminal
aaa authentication failthrough disable
aaa authentication fallback disable
aaa authentication login tacacs+
tacacs-server host 10.0.0.1 auth_type pap key key_val port 44 priority 1 timeout 60
tacacs auth_type pap
tacacs passkey key_value
tacacs timeout 60
interface mgmt
ip address 10.4.4.52/24 gateway 10.4.4.1
!
pbnoscli# pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)#
! Exit from the current prompt
description Configure description for flow
enable Enable the flow
end Exit to exec prompt
exit Exit from the current prompt
network-ports Configure network or TAP ports
no no form
pop-vlan Pop Vlan Tag
push-vlan-tag Push VLAN tag
rule Configure rule
show Show commands
tool-ports Configure network tool or analyzer ports
top Exit to the configuration prompt
pbnoscli(config-flow-flow01)# rule 1 permit description "UDF" udf-data 0xb166 udf-extraction-group l2 udf-offset 2 counters enable
pbnoscli(config-flow-flow01)# rule 2 permit description "UDF" udf-data 0x4500 udf-extraction-group l3 udf-extraction-point ipv4 udf-offset 0 counters enable
pbnoscli(config-flow-flow01)# endpbnoscli# show flow all
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet1/1
Tool-Port : Ethernet2/1
Rule : 1
++++++++++++++++++++++++++++++++++
Action : permit
Description : UDF
UDF Data : 0xb166
UDF Extraction Group : l2
UDF Offset : 2
Counters : enable
Rule : 2
++++++++++++++++++++++++++++++++++
Action : permit
Description : UDF
UDF Data : 0x4500
UDF Extraction Group : l3
UDF Extraction Point : ipv4
UDF Offset : 0
Counters : enable
pbnoscli#
pbnoscli# show flow counters all
Flow-Name Rule-Id ASIC-Stat-Id Counter-Value
=============================================================
flow01 2 98304 503378220
flow01 DropRule 73728 4390145
flow01 1 90112 2270112825
pbnoscli# pbnoscli# show running-config
configure terminal
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet2/1
forward-error-correction rs
type tool
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
network-ports Ethernet1/1
tool-ports Ethernet2/1
rule 1 permit description "UDF" udf-data 0xb166 udf-extraction-group l2 udf-offset 2 counters enable
rule 2 permit description "UDF" udf-data 0x4500 udf-extraction-group l3 udf-extraction-point ipv4 udf-offset 0 counters enable
!
pbnoscli# Use the following command to display information about your switches fan, power, and temperature:
OPBNOS provides various commands to display various types of platform information as follows:
System Hardware Information
System Services Information
Interface Information
Use the following command to display information about device SSD:
pbnoscli# show platform ssdhealth
Device Model : StorFly VSFBM4XC030G-MLX1
Health : 99.395%
Temperature : 47C
pbnoscli#pbnoscli# show environment
tmp102-i2c-7-4a
Adapter: i2c-1-mux (chan_id 6)
Ambient Port Side Temp (air exhaust): +36.4 C (high = +160.0 C, hyst = +150.0 C)
mlxsw-i2c-2-48
Adapter: i2c-1-mux (chan_id 1)
Ambient ASIC Temp: +53.0 C (highest = +53.0 C)
front panel 001: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 002: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 003: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 004: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 005: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 006: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 007: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 008: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 009: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 010: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 011: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 012: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 013: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 014: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 015: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 016: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 017: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 018: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 019: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 020: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 021: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 022: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 023: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 024: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 025: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 026: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 027: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 028: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 029: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 030: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 031: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
front panel 032: +0.0 C (crit = +0.0 C, emerg = +0.0 C)
tps53679-i2c-5-71
Adapter: i2c-1-mux (chan_id 4)
PMIC-2 PSU 12V Rail (in1): +11.95 V (crit min = +8.50 V, crit max = +15.00 V)
PMIC-2 PSU 12V Rail (in2): +2.20 V (crit min = +1.80 V, crit max = +2.80 V)
PMIC-2 ASIC 3.3V Rail (out): +2.70 V (crit min = +2.10 V, crit max = +3.60 V)
PMIC-2 Temp 1: +49.3 C (high = +105.0 C, crit = +115.0 C)
PMIC-2 Temp 2: +49.1 C (high = +105.0 C, crit = +115.0 C)
PMIC-2 ASIC 3.3V Rail Pwr (out): 218.75 mW (max = 450.00 W)
PMIC-2 ASIC 1.8V Rail Pwr (out): 0.00 W
pout2: 24.38 W
PMIC-2 ASIC 3.3V Rail Curr (out): +0.04 A (max = +32.00 A, crit max = +40.00 A)
PMIC-2 ASIC 1.8V Rail Curr (out): +0.00 A (max = +64.00 A, crit max = +80.00 A)
iout2: +6.77 A (max = +76.00 A, crit max = +95.00 A)
tps53679-i2c-15-58
Adapter: i2c-1-mux (chan_id 6)
PMIC-3 PSU 12V Rail (in1): +12.03 V (crit min = +7.50 V, crit max = +17.00 V)
PMIC-3 PSU 12V Rail (in2): +1.80 V (crit min = +1.25 V, crit max = +2.40 V)
PMIC-3 COMEX 1.8V Rail (out): +1.05 V (crit min = +0.65 V, crit max = +1.55 V)
PMIC-3 Temp 1: +59.1 C (high = +105.0 C, crit = +115.0 C)
PMIC-3 Temp 2: +59.1 C (high = +105.0 C, crit = +115.0 C)
PMIC-3 COMEX 1.8V Rail Pwr (out): 110.11 mW (max = 450.00 W)
PMIC-3 COMEX 1.05V Rail Pwr (out): 5.38 W
pout2: 1.09 W
PMIC-3 COMEX 1.8V Rail Curr (out): +0.01 A (max = +56.00 A, crit max = +63.50 A)
PMIC-3 COMEX 1.05V Rail Curr (out): +1.34 A (max = +55.00 A, crit max = +68.00 A)
iout2: +1.22 A (max = +14.00 A, crit max = +17.00 A)
dps460-i2c-4-58
Adapter: i2c-1-mux (chan_id 3)
PSU-2 220V Rail (in): +118.12 V (crit min = +75.00 V, min = +80.00 V)
(max = +280.00 V, crit max = +300.00 V)
PSU-2 12V Rail (out): +12.04 V (crit min = +9.60 V, min = +10.80 V)
(max = +13.80 V, crit max = +14.50 V)
PSU-2 Fan 1: 15840 RPM
PSU-2 Temp 1: +26.8 C (low = -0.5 C, high = +60.0 C)
(crit low = -20.0 C, crit = +65.0 C)
PSU-2 Temp 2: +34.0 C (low = -0.5 C, high = +60.0 C)
(crit low = -20.0 C, crit = +65.0 C)
PSU-2 Temp 3: +33.0 C (low = -0.5 C, high = +60.0 C)
(crit low = -20.0 C, crit = +65.0 C)
PSU-2 220V Rail Pwr (in): 115.00 W (max = 1.59 kW)
PSU-2 12V Rail Pwr (out): 90.75 W (max = 1.19 kW, crit = 1.24 kW)
(cap = -500.00 mW)
PSU-2 220V Rail Curr (in): +0.98 A (max = +17.62 A, crit max = -0.50 A)
PSU-2 12V Rail Curr (out): +7.40 A (crit min = -0.50 A, max = +99.00 A)
(crit max = +103.50 A)
coretemp-isa-0000
Adapter: ISA adapter
Package id 0: +59.0 C (high = +82.0 C, crit = +104.0 C)
Core 0: +59.0 C (high = +82.0 C, crit = +104.0 C)
Core 1: +59.0 C (high = +82.0 C, crit = +104.0 C)
tmp102-i2c-15-49
Adapter: i2c-1-mux (chan_id 6)
Ambient COMEX Temp: +48.2 C (high = +160.0 C, hyst = +150.0 C)
tmp102-i2c-7-49
Adapter: i2c-1-mux (chan_id 6)
Ambient Fan Side Temp (air intake): +29.8 C (high = +160.0 C, hyst = +150.0 C)
tps53679-i2c-15-61
Adapter: i2c-1-mux (chan_id 6)
PMIC-4 PSU 12V Rail (in1): +12.02 V (crit min = +7.50 V, crit max = +17.00 V)
PMIC-4 PSU 12V Rail (in2): +1.20 V (crit min = +0.80 V, crit max = +1.90 V)
PMIC-4 COMEX 1.2V Rail (out): +0.00 V (crit min = +0.00 V, crit max = +1.55 V)
PMIC-4 Temp 1: +48.8 C (high = +105.0 C, crit = +115.0 C)
PMIC-4 Temp 2: +48.8 C (high = +105.0 C, crit = +115.0 C)
PMIC-4 COMEX 1.2V Rail Pwr (out): 330.08 mW (max = 450.00 W)
pout2: 0.00 W
PMIC-4 COMEX 1.2V Rail Curr (out): +0.01 A (max = +56.00 A, crit max = +63.50 A)
iout2: +0.00 A (max = +18.00 A, crit max = +22.00 A)
tps53679-i2c-5-70
Adapter: i2c-1-mux (chan_id 4)
PMIC-1 PSU 12V Rail (in1): +11.94 V (crit min = +8.50 V, crit max = +15.00 V)
PMIC-1 PSU 12V Rail (in2): +0.80 V (crit min = +0.40 V, crit max = +1.52 V)
PMIC-1 ASIC 0.8V VCORE Rail (out): +1.20 V (crit min = +0.80 V, crit max = +1.52 V)
PMIC-1 Temp 1: +51.2 C (high = +105.0 C, crit = +115.0 C)
PMIC-1 Temp 2: +51.5 C (high = +105.0 C, crit = +115.0 C)
PMIC-1 ASIC 0.8V VCORE Rail Pwr (out): 364.26 mW (max = 450.00 W)
PMIC-1 ASIC 1.2V Rail Pwr (out): 22.28 W
pout2: 10.33 W
PMIC-1 ASIC 0.8V VCORE Rail Curr (out): +0.04 A (max = +24.00 A, crit max = +32.00 A)
PMIC-1 ASIC 1.2V Rail Curr (out): +4.27 A (max = +250.00 A, crit max = +312.00 A)
iout2: +8.61 A (max = +35.00 A, crit max = +43.00 A)
mlxreg_fan-isa-0000
Adapter: ISA adapter
Chassis Fan Drawer-1 Tach 1: 5498 RPM
Chassis Fan Drawer-1 Tach 2: 4908 RPM
Chassis Fan Drawer-2 Tach 1: 5453 RPM
Chassis Fan Drawer-2 Tach 2: 4854 RPM
Chassis Fan Drawer-3 Tach 1: 5409 RPM
Chassis Fan Drawer-3 Tach 2: 4890 RPM
Chassis Fan Drawer-4 Tach 1: 5476 RPM
Chassis Fan Drawer-4 Tach 2: 4836 RPM
pbnoscli# sFlow is a multi-vendor, packet sampling technology used to monitor network devices including routers, switches, host devices and wireless access points. Flow Monitor traffic monitoring software uses the sFlow data to analyze and manage network traffic and to ensure Quality of Service.
sFlow sampling process is performed by the switching/routing ASICs, thereby ensuring wire-speed performances. The sFlow agent then combines the interface counters, flow samples and the forwarding/routing table state associated with each packet into a UDP sFlow datagram. This is then sent to the sFlow collector for collection and analysis.
Command
feature sflow no feature sflow
Description
Enable/disable sFlow feature
Mode
CONFIG
Command
sflow collector <name> <ipaddr> no sflow collector <name> <ipaddr>
Description
Enable/disable sFlow collector configuration
Mode
CONFIG
Command
sflow polling-interval <interval (0..300)> no sflow collector <interval (0..300)>
Description
Enable/disable sFlow polling-interval
Mode
CONFIG
Command
sflow enable
Description
Enable/disable sFlow per interface
Mode
INTERFACE
Command
sflow sampling-rate <rate(256..8388608)>
Description
Enable/disable sFlow sampling rate
Mode
INTERFACE
Command
sflow ("Sflow related information") [interface ("Specific to an interface") <ifname:string interface_list()> ("Interface name")], showsflow();
Description
sFlow related information
Use the following command to display information about device PSU:
pbnoscli# show platform psustatus
============================================================================================================================================
PSU Model Serial Hardware Revision Voltage (V) Current (A) Power (W) Status LED
============================================================================================================================================
PSU 1 N/A N/A N/A N/A N/A N/A NOT OK red
PSU 2 MTEF-PSF-AC-C MT2042X11384 A3 12.035 7.273 88.5 OK red
pbnoscli# You can display information about docker memory-usage use the following command:
pbnoscli# show docker memory-usage pbnoscli# show docker memory-usage
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
65f6de2cc45d lldp 0.05% 55.61MiB / 7.669GiB 0.71% 0B / 0B 7.32MB / 127kB 11
6113df8cd655 snmp 5.80% 91.01MiB / 7.669GiB 1.16% 0B / 0B 57.3kB / 98.3kB 10
a6770092098b pmon 20.78% 378.7MiB / 7.669GiB 4.82% 0B / 0B 89.4MB / 139kB 17
29fac3d30c6c sflow 0.04% 39.71MiB / 7.669GiB 0.51% 0B / 0B 2.7MB / 69.6kB 9
a1ba99baa6bb nagr 48.85% 278.2MiB / 7.669GiB 3.54% 0B / 0B 47.8MB / 139kB 15
c1b2207591a6 syncd 2.23% 1.204GiB / 7.669GiB 15.70% 0B / 0B 110MB / 34.8MB 48
96d750ff6689 swss 0.14% 64.02MiB / 7.669GiB 0.82% 0B / 0B 22.9MB / 270kB 40
2c4c2b3c37cc database 5.71% 113.8MiB / 7.669GiB 1.45% 0B / 0B 42.3MB / 65.5kB 11
pbnoscli#pbnoscli(config)# feature sflow
pbnoscli(config)# no feature sflow collpbnoscli(config)# sflow collector Collector1 10.2.2.7
pbnoscli(config)# no sflow collector Collector1 10.2.2.7pbnoscli(config)# sflow polling-interval 20
pbnoscli(config)# no sflow polling-interval 20pbnoscli(config-if)# sflow enable
pbnoscli(config-if)# no sflow enablepbnoscli(config-if)# sflow sampling-rate 256
pbnoscli(config-if)# no sflow sampling-rate 256pbnoscli# show sflow
sFlow Admin State: up
sFlow polling-interval: 20
Collector name: Collector1
sFlow collector-ip: 10.2.2.7
sFlow collector-port: 6343
Interface State Sampling Rate
=====================================
Ethernet116 up 256
Ethernet128 up 256
pbnoscli#Use the following command to display information about syseeprom:
pbnoscli# show platform syseeprom
TlvInfo Header:
Id String: TlvInfo
Version: 1
Total Length: 629
==========================================================================
TLV Name Code LEN VALUE
==========================================================================
Device Version 0x26 1 1
Product Name 0x21 64 MSN3700C
Vendor Extension 0xfd 36
Vendor Extension 0xfd 164
Vendor Extension 0xfd 36
Vendor Extension 0xfd 36
Vendor Extension 0xfd 36
Vendor Extension 0xfd 52
Manufacture Date 0x25 19 10/25/2020 20:33:38
ONIE Version 0x29 23 2019.11-5.2.0020-115200
Base MAC Address 0x24 6 1C:34:DA:24:DE:00
CRC-32 0xfe 4 0xA358E6B0
Part Number 0x22 20 MSN3700-CS2FC
Manufacturer 0x2b 8 Mellanox
Platform Name 0x28 64 x86_64-mlnx_msn3700C-r0
Serial Number 0x23 24 MT2043X14695
MAC Addresses 0x2a 2 254
pbnoscli# Use the following command to display information about system fans:
pbnoscli# show platform fan
=====================================================================================================================================
ID DRAWER FAN SPEED% DIRECTION PRESENCE STATUS LED TIME STAMP
=====================================================================================================================================
1 drawer1 fan1 21 intake True OK green 20220926 09:17:26
2 drawer1 fan2 19 intake True OK green 20220926 09:17:26
3 drawer2 fan3 21 intake True OK green 20220926 09:17:26
4 drawer2 fan4 19 intake True OK green 20220926 09:17:26
5 drawer3 fan5 21 intake True OK green 20220926 09:17:26
6 drawer3 fan6 19 intake True OK green 20220926 09:17:26
7 drawer4 fan7 21 intake True OK green 20220926 09:17:26
8 drawer4 fan8 18 intake True OK green 20220926 09:17:26
9 N/A psu1_fan1 N/A N/A N/A N/A N/A 20220926 09:17:26
10 N/A psu2_fan1 63 N/A True OK red 20220926 09:17:26
pbnoscli# Port counters provide visibility into the traffic flowing on the device. OPBNOS provides commands to get counters by using the following commands
pbnoscli# show interface counters
========================================================================================================================================================================================
Port InOctets InUcastPackets InMcastPackets InBcastPackets OutOctets OutUcastPackets OutMcastPackets OutBcastPackets
========================================================================================================================================================================================
Ethernet1/1 69386 0 259 0 72046 100 283 0
Ethernet2/1 55424 0 202 0 64313 200 220 0
Ethernet3/1 0 0 0 0 0 0 0 0
<..>
Ethernet64/1 978170 0 1615 2466 1376464 0 5798 0
pbnoscli# pbnoscli# show queue counters Ethernet64/1
PORT TxQ Counter/pkts Counter/bytes Drop/pkts Drop/bytes
------------ ----- -------------- --------------- ----------- ------------
Ethernet64/1 UC0 200004 14800904 0 N/A
Ethernet64/1 UC1 0 0 0 N/A
Ethernet64/1 UC2 0 0 0 N/A
Ethernet64/1 UC3 0 0 0 N/A
Ethernet64/1 UC4 0 0 0 N/A
Ethernet64/1 UC5 0 0 0 N/A
Ethernet64/1 UC6 0 0 0 N/A
Ethernet64/1 UC7 1373 352035 0 N/A
Ethernet64/1 MC8 N/A N/A N/A N/A
Ethernet64/1 MC9 N/A N/A N/A N/A
Ethernet64/1 MC10 N/A N/A N/A N/A
Ethernet64/1 MC11 N/A N/A N/A N/A
Ethernet64/1 MC12 N/A N/A N/A N/A
Ethernet64/1 MC13 N/A N/A N/A N/A
Ethernet64/1 MC14 N/A N/A N/A N/A
Ethernet64/1 MC15 N/A N/A N/A N/A
pbnoscli# To clear the interface counters, use the following command:
Use the following command to display information about system-reboot:
pbnoscli# show reboot-cause
Hardware - Other (Reset caused by hotswap or halt)
pbnoscli#
pbnoscli# show reboot-cause
User issued 'reboot' command [User: admin, Time: Tue 02 Aug 2022 03:01:03 AM UTC]
pbnoscli# You can display information about system memory information using the following command:
pbnoscli# show system-memory
total used free shared buff/cache available
Mem: 7.7Gi 3.5Gi 2.8Gi 124Mi 1.3Gi 3.8Gi
Swap: 0B 0B 0B
pbnoscli# Use the following command to display information about pcie-info:
Use the following command to display information about running services on the device:
pbnoscli# show interface counters detailed Ethernet1/1
Packets Received 64 Octets..................... 0
Packets Received 65-127 Octets................. 0
Packets Received 128-255 Octets................ 1,220
Packets Received 256-511 Octets................ 0
Packets Received 512-1023 Octets............... 0
Packets Received 1024-1518 Octets.............. 0
Packets Received 1519-2047 Octets.............. 0
Packets Received 2048-4095 Octets.............. 0
Packets Received 4096-9216 Octets.............. 0
Packets Received 9217-16383 Octets............. N/A
Total Packets Received Without Errors.......... 1,220
Unicast Packets Received....................... 0
Multicast Packets Received..................... 1,220
Broadcast Packets Received..................... 0
Jabbers Received............................... 0
Fragments Received............................. 0
Undersize Received............................. 0
Overruns Received.............................. N/A
Packets Transmitted 64 Octets.................. 1
Packets Transmitted 65-127 Octets.............. 77
Packets Transmitted 128-255 Octets............. 1,222
Packets Transmitted 256-511 Octets............. 3,777,694,387
Packets Transmitted 512-1023 Octets............ 0
Packets Transmitted 1024-1518 Octets........... 0
Packets Transmitted 1519-2047 Octets........... 0
Packets Transmitted 2048-4095 Octets........... 0
Packets Transmitted 4096-9216 Octets........... 0
Packets Transmitted 9217-16383 Octets.......... N/A
Total Packets Transmitted Successfully......... 3,777,695,687
Unicast Packets Transmitted.................... 3,777,694,387
Multicast Packets Transmitted.................. 1,300
Broadcast Packets Transmitted.................. 0
Time Since Counters Last Cleared............... None
pbnoscli#pbnoscli# show interface counters rate
IFACE STATE RX_OK RX_BPS RX_UTIL RX_ERR RX_DRP RX_OVR TX_OK TX_BPS TX_UTIL TX_ERR TX_DRP TX_OVR
----------- ------- ------- --------- --------- -------- -------- -------- ------- -------- --------- -------- -------- --------
Ethernet1/1 D 21 0.00 B/s 0.00% 0 0 0 27 0.00 B/s 0.00% 0 0 0
Ethernet2/1 D 21 0.00 B/s 0.00% 0 0 0 27 0.00 B/s 0.00% 0 0 0
Ethernet3/1 D 21 0.00 B/s 0.00% 0 0 0 28 0.00 B/s 0.00% 0 0 0
Ethernet4/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet5/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet6/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet7/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet8/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet9/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet10/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet11/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet12/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet13/1 U 101 20.97 B/s 0.00% 0 0 0 107 0.15 B/s 0.00% 0 0 0
Ethernet14/1 U 101 25.57 B/s 0.00% 0 0 0 107 0.15 B/s 0.00% 0 0 0
Ethernet15/1 U 102 25.57 B/s 0.00% 0 0 0 108 0.15 B/s 0.00% 0 0 0
<...>
Ethernet62/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet63/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
Ethernet64/1 D 0 0.00 B/s 0.00% 0 0 0 0 0.00 B/s 0.00% 0 0 0
pbnoscli# pbnoscli# show interface counters discard-details
========================================================================================================================================================================================
Port InDiscards InErrors InDroppedPackets InPauseFrames OutDiscards OutErrors OutDroppedPackets OutPauseFrames
========================================================================================================================================================================================
Ethernet1/1 0 0 0 0 0 0 0 0
Ethernet2/1 0 0 0 0 0 0 0 0
Ethernet3/1 0 0 0 0 0 0 0 0
Ethernet4/1 0 0 0 0 0 0 0 0
Ethernet5/1 0 0 0 0 0 0 0 0
Ethernet6/1 0 0 0 0 0 0 0 0
Ethernet7/1 0 0 0 0 0 0 0 0
Ethernet8/1 0 0 0 0 0 0 0 0
Ethernet9/1 0 0 0 0 0 0 0 0
Ethernet10/1 0 0 0 0 0 0 0 0
Ethernet11/1 0 0 0 0 0 0 0 0
Ethernet12/1 0 0 0 0 0 0 0 0
Ethernet13/1 0 0 0 0 0 0 0 0
Ethernet14/1 0 0 0 0 0 0 0 0
Ethernet15/1 0 0 0 0 0 0 0 0
Ethernet16/1 0 0 0 0 0 0 0 0
Ethernet17/1 0 0 0 0 0 0 0 0
Ethernet18/1 0 0 0 0 0 0 0 0
Ethernet19/1 0 0 0 0 0 0 0 0
Ethernet20/1 0 0 0 0 0 0 0 0
Ethernet21/1 0 0 0 0 0 0 0 0
Ethernet22/1 0 0 0 0 0 0 0 0
Ethernet23/1 0 0 0 0 0 0 0 0
Ethernet24/1 0 0 0 0 0 0 0 0
Ethernet25/1 0 0 0 0 0 0 0 0
Ethernet26/1 0 0 0 0 0 0 0 0
Ethernet27/1 0 0 0 0 0 0 0 0
Ethernet28/1 0 0 0 0 0 0 0 0
Ethernet29/1 0 0 0 0 0 0 0 0
Ethernet30/1 0 0 0 0 0 0 0 0
Ethernet31/1 0 0 0 0 0 0 0 0
Ethernet32/1 0 0 0 0 0 0 0 0pbnoscli# clear counterspbnoscli# show platform pcieinfo
==============================Display PCIe Device===============================
bus:dev.fn 00:00.0 - dev_id=0x6f00, Host bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D DMI2 (rev 03)
bus:dev.fn 00:01.0 - dev_id=0x6f02, PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 1 (rev 03)
bus:dev.fn 00:01.1 - dev_id=0x6f03, PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 1 (rev 03)
bus:dev.fn 00:02.0 - dev_id=0x6f04, PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 2 (rev 03)
bus:dev.fn 00:02.2 - dev_id=0x6f06, PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 2 (rev 03)
bus:dev.fn 00:03.0 - dev_id=0x6f08, PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 3 (rev 03)
bus:dev.fn 00:03.2 - dev_id=0x6f0a, PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 3 (rev 03)
bus:dev.fn 00:05.0 - dev_id=0x6f28, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Map/VTd_Misc/System Management (rev 03)
bus:dev.fn 00:05.1 - dev_id=0x6f29, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D IIO Hot Plug (rev 03)
bus:dev.fn 00:05.2 - dev_id=0x6f2a, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D IIO RAS/Control Status/Global Errors (rev 03)
bus:dev.fn 00:05.4 - dev_id=0x6f2c, PIC: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D I/O APIC (rev 03)
bus:dev.fn 00:14.0 - dev_id=0x8c31, USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB xHCI (rev 05)
bus:dev.fn 00:1c.0 - dev_id=0x8c10, PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #1 (rev d5)
bus:dev.fn 00:1c.7 - dev_id=0x8c1e, PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #8 (rev d5)
bus:dev.fn 00:1d.0 - dev_id=0x8c26, USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB EHCI #1 (rev 05)
bus:dev.fn 00:1f.0 - dev_id=0x8c54, ISA bridge: Intel Corporation C224 Series Chipset Family Server Standard SKU LPC Controller (rev 05)
bus:dev.fn 00:1f.2 - dev_id=0x8c02, SATA controller: Intel Corporation 8 Series/C220 Series Chipset Family 6-port SATA Controller 1 [AHCI mode] (rev 05)
bus:dev.fn 00:1f.3 - dev_id=0x8c22, SMBus: Intel Corporation 8 Series/C220 Series Chipset Family SMBus Controller (rev 05)
bus:dev.fn 03:00.0 - dev_id=0x6f50, System peripheral: Intel Corporation Xeon Processor D Family QuickData Technology Register DMA Channel 0
bus:dev.fn 03:00.1 - dev_id=0x6f51, System peripheral: Intel Corporation Xeon Processor D Family QuickData Technology Register DMA Channel 1
bus:dev.fn 03:00.2 - dev_id=0x6f52, System peripheral: Intel Corporation Xeon Processor D Family QuickData Technology Register DMA Channel 2
bus:dev.fn 03:00.3 - dev_id=0x6f53, System peripheral: Intel Corporation Xeon Processor D Family QuickData Technology Register DMA Channel 3
bus:dev.fn 06:00.0 - dev_id=0xcf6c, Ethernet controller: Mellanox Technologies MT53100 [Spectrum-2]
bus:dev.fn 08:00.0 - dev_id=0x1533, Ethernet controller: Intel Corporation I210 Gigabit Network Connection (rev 03)
bus:dev.fn ff:0b.0 - dev_id=0x6f81, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D R3 QPI Link 0/1 (rev 03)
bus:dev.fn ff:0b.1 - dev_id=0x6f36, Performance counters: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D R3 QPI Link 0/1 (rev 03)
bus:dev.fn ff:0b.2 - dev_id=0x6f37, Performance counters: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D R3 QPI Link 0/1 (rev 03)
bus:dev.fn ff:0b.3 - dev_id=0x6f76, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D R3 QPI Link Debug (rev 03)
bus:dev.fn ff:0c.0 - dev_id=0x6fe0, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Caching Agent (rev 03)
bus:dev.fn ff:0c.1 - dev_id=0x6fe1, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Caching Agent (rev 03)
bus:dev.fn ff:0f.0 - dev_id=0x6ff8, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Caching Agent (rev 03)
bus:dev.fn ff:0f.4 - dev_id=0x6ffc, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Caching Agent (rev 03)
bus:dev.fn ff:0f.5 - dev_id=0x6ffd, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Caching Agent (rev 03)
bus:dev.fn ff:0f.6 - dev_id=0x6ffe, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Caching Agent (rev 03)
bus:dev.fn ff:10.0 - dev_id=0x6f1d, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D R2PCIe Agent (rev 03)
bus:dev.fn ff:10.1 - dev_id=0x6f34, Performance counters: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D R2PCIe Agent (rev 03)
bus:dev.fn ff:10.5 - dev_id=0x6f1e, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Ubox (rev 03)
bus:dev.fn ff:10.6 - dev_id=0x6f7d, Performance counters: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Ubox (rev 03)
bus:dev.fn ff:10.7 - dev_id=0x6f1f, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Ubox (rev 03)
bus:dev.fn ff:12.0 - dev_id=0x6fa0, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Home Agent 0 (rev 03)
bus:dev.fn ff:12.1 - dev_id=0x6f30, Performance counters: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Home Agent 0 (rev 03)
bus:dev.fn ff:13.0 - dev_id=0x6fa8, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Target Address/Thermal/RAS (rev 03)
bus:dev.fn ff:13.1 - dev_id=0x6f71, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Target Address/Thermal/RAS (rev 03)
bus:dev.fn ff:13.2 - dev_id=0x6faa, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel Target Address Decoder (rev 03)
bus:dev.fn ff:13.3 - dev_id=0x6fab, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel Target Address Decoder (rev 03)
bus:dev.fn ff:13.4 - dev_id=0x6fac, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel Target Address Decoder (rev 03)
bus:dev.fn ff:13.5 - dev_id=0x6fad, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel Target Address Decoder (rev 03)
bus:dev.fn ff:13.6 - dev_id=0x6fae, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D DDRIO Channel 0/1 Broadcast (rev 03)
bus:dev.fn ff:13.7 - dev_id=0x6faf, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D DDRIO Global Broadcast (rev 03)
bus:dev.fn ff:14.0 - dev_id=0x6fb0, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel 0 Thermal Control (rev 03)
bus:dev.fn ff:14.1 - dev_id=0x6fb1, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel 1 Thermal Control (rev 03)
bus:dev.fn ff:14.2 - dev_id=0x6fb2, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel 0 Error (rev 03)
bus:dev.fn ff:14.3 - dev_id=0x6fb3, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel 1 Error (rev 03)
bus:dev.fn ff:14.4 - dev_id=0x6fbc, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D DDRIO Channel 0/1 Interface (rev 03)
bus:dev.fn ff:14.5 - dev_id=0x6fbd, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D DDRIO Channel 0/1 Interface (rev 03)
bus:dev.fn ff:14.6 - dev_id=0x6fbe, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D DDRIO Channel 0/1 Interface (rev 03)
bus:dev.fn ff:14.7 - dev_id=0x6fbf, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D DDRIO Channel 0/1 Interface (rev 03)
bus:dev.fn ff:15.0 - dev_id=0x6fb4, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel 2 Thermal Control (rev 03)
bus:dev.fn ff:15.1 - dev_id=0x6fb5, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel 3 Thermal Control (rev 03)
bus:dev.fn ff:15.2 - dev_id=0x6fb6, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel 2 Error (rev 03)
bus:dev.fn ff:15.3 - dev_id=0x6fb7, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Memory Controller 0 - Channel 3 Error (rev 03)
bus:dev.fn ff:1e.0 - dev_id=0x6f98, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Power Control Unit (rev 03)
bus:dev.fn ff:1e.1 - dev_id=0x6f99, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Power Control Unit (rev 03)
bus:dev.fn ff:1e.2 - dev_id=0x6f9a, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Power Control Unit (rev 03)
bus:dev.fn ff:1e.3 - dev_id=0x6fc0, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Power Control Unit (rev 03)
bus:dev.fn ff:1e.4 - dev_id=0x6f9c, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Power Control Unit (rev 03)
bus:dev.fn ff:1f.0 - dev_id=0x6f88, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Power Control Unit (rev 03)
bus:dev.fn ff:1f.2 - dev_id=0x6f8a, System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Power Control Unit (rev 03)
pbnoscli# pbnoscli# show services
lldp docker
---------------------------
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.3 30388 24176 pts/0 Ss+ 08:09 0:02 /usr/bin/python3 /usr/local/bin/supervisord
root 12 0.0 0.2 25616 19104 pts/0 S 08:09 0:00 python3 /usr/bin/supervisor-proc-exit-listener --container-name lldp
root 15 0.0 0.0 223808 5616 pts/0 Sl 08:09 0:00 /usr/sbin/rsyslogd -n -iNONE
_lldpd 23 0.0 0.0 28364 7692 pts/0 S 08:09 0:00 lldpd: monitor.
_lldpd 25 0.0 0.0 28612 3820 pts/0 S 08:09 0:01 lldpd: 2 neighbors.
root 32 0.0 0.2 105268 21700 pts/0 Sl 08:09 0:03 python3 -m lldp_syncd
root 36 0.0 0.2 34608 22280 pts/0 S 08:09 0:00 python3 /usr/bin/lldpmgrd
snmp docker
---------------------------
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.3 33644 24436 pts/0 Ss+ 08:12 0:01 /usr/bin/python3 /usr/local/bin/supervisord
root 10 0.0 0.2 31100 19440 pts/0 S 08:12 0:00 python3 /usr/bin/supervisor-proc-exit-listener --container-name snmp
root 18 0.0 0.0 223808 5616 pts/0 Sl 08:12 0:00 /usr/sbin/rsyslogd -n -iNONE
Debian-+ 22 0.9 0.2 37484 19024 pts/0 S 08:12 0:35 /usr/sbin/snmpd -f -LS4d -Lf /var/log/snmpd.log -u Debian-snmp -g Debian-snmp -I -smux -p /run/snmpd.pid
root 23 4.0 0.4 348084 36636 pts/0 Sl 08:12 2:34 python3 -m sonic_ax_impl
pmon docker
---------------------------
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.3 30700 24312 pts/0 Ss+ 08:08 0:02 /usr/bin/python3 /usr/local/bin/supervisord
root 47 0.0 0.2 25636 19068 pts/0 S 08:08 0:00 python3 /usr/bin/supervisor-proc-exit-listener --container-name pmon
root 50 0.0 0.0 223808 3632 pts/0 Sl 08:08 0:00 /usr/sbin/rsyslogd -n -iNONE
root 56 0.3 1.0 213980 86084 pts/0 Sl 08:08 0:13 python3 /usr/local/bin/xcvrd
root 58 0.3 1.0 137540 82448 pts/0 S 08:08 0:13 python3 /usr/local/bin/psud
root 60 0.0 1.0 138596 83760 pts/0 S 08:08 0:00 python3 /usr/local/bin/syseepromd
root 61 0.2 1.0 138960 84516 pts/0 S 08:08 0:10 python3 /usr/local/bin/thermalctld
root 63 0.1 1.0 138840 84440 pts/0 S 08:08 0:06 python3 /usr/local/bin/pcied
root 64 0.1 0.7 138960 64100 pts/0 S 08:08 0:05 python3 /usr/local/bin/thermalctld
root 70 0.0 0.0 59092 1076 ? Ss 08:08 0:00 /usr/sbin/sensord -f daemon
root 408 0.0 0.8 214556 71224 pts/0 S 08:09 0:00 python3 /usr/local/bin/xcvrd
sflow docker
---------------------------
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.2 30256 23992 pts/0 Ss+ 08:08 0:01 /usr/bin/python3 /usr/local/bin/supervisord
root 10 0.0 0.2 25612 19032 pts/0 S 08:08 0:00 python3 /usr/bin/supervisor-proc-exit-listener --container-name sflow
root 13 0.0 0.0 223808 5424 pts/0 Sl 08:08 0:00 /usr/sbin/rsyslogd -n -iNONE
root 17 0.0 0.1 88328 8124 pts/0 Sl 08:08 0:00 /usr/bin/sflowmgrd
root 18 0.0 0.2 30752 20532 pts/0 S 08:08 0:00 python3 /usr/bin/port_index_mapper.py
nagr docker
---------------------------
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.2 59008 21160 pts/0 Ss+ 08:08 0:02 /usr/bin/python /usr/local/bin/supervisord
root 10 4.9 1.2 486580 103668 pts/0 Sl 08:08 3:22 /usr/bin/python3 /gemini/NTPRest/naggc.py
root 11 0.0 0.2 60380 18508 pts/0 S 08:08 0:00 /usr/bin/python3 /usr/bin/lag.py
root 12 0.0 0.2 60360 18652 pts/0 S 08:08 0:00 /usr/bin/python3 /usr/bin/netlink_route.py
root 13 0.0 0.2 206576 17192 pts/0 Sl 08:08 0:00 /usr/bin/python3 /usr/bin/toolhc.py
root 14 0.0 0.2 60356 18240 pts/0 S 08:08 0:00 /usr/bin/python3 /usr/bin/netlink_poll.py
root 21 0.0 0.0 262992 3420 pts/0 Sl 08:08 0:00 /usr/sbin/rsyslogd -n
syncd docker
---------------------------
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.3 30568 24232 pts/0 Ss+ 08:08 0:01 /usr/bin/python3 /usr/local/bin/supervisord
root 10 0.0 0.2 25704 19316 pts/0 S 08:08 0:00 python3 /usr/bin/supervisor-proc-exit-listener --container-name syncd
root 14 0.0 0.0 223808 5576 pts/0 Sl 08:08 0:00 /usr/sbin/rsyslogd -n -iNONE
root 19 1.7 1.5 1784640 128056 pts/0 Sl 08:08 1:09 /usr/bin/syncd -u -s -p /tmp/sai.profile
root 44 5.6 11.1 1365284 895996 pts/0 Sl 08:08 3:49 sx_sdk --logger libsai.so
root 66 0.0 1.9 343036 155164 pts/0 Sl 08:08 0:01 /usr/bin/python3 /usr/bin/mellanox_nagg_asic.py
swss docker
---------------------------
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.1 0.3 30652 24500 pts/0 Ss+ 08:07 0:05 /usr/bin/python3 /usr/local/bin/supervisord
root 26 0.0 0.2 25620 19040 pts/0 S 08:07 0:00 python3 /usr/bin/supervisor-proc-exit-listener --container-name swss
root 29 0.0 0.0 223808 3596 pts/0 Sl 08:07 0:00 /usr/sbin/rsyslogd -n -iNONE
root 34 0.0 0.0 81260 4960 pts/0 Sl 08:07 0:00 /usr/bin/portsyncd
root 39 0.0 0.2 403316 22456 pts/0 Sl 08:08 0:03 /usr/bin/orchagent -d /var/log/swss -b 8192 -s
root 64 0.0 0.1 88384 8176 pts/0 Sl 08:08 0:00 /usr/bin/coppmgrd
root 76 0.0 0.0 3964 2928 pts/0 S 08:08 0:00 /bin/bash /usr/bin/arp_update
root 77 0.0 0.0 81132 4404 pts/0 Sl 08:08 0:00 /usr/bin/neighsyncd
root 79 0.0 0.1 88448 8548 pts/0 Sl 08:08 0:00 /usr/bin/vlanmgrd
root 81 0.0 0.1 88472 8564 pts/0 Sl 08:08 0:00 /usr/bin/intfmgrd
root 83 0.0 0.1 88412 8332 pts/0 Sl 08:08 0:00 /usr/bin/portmgrd
root 85 0.0 0.1 88508 10240 pts/0 Sl 08:08 0:00 /usr/bin/buffermgrd -l /usr/share/sonic/hwsku/pg_profile_lookup.ini
root 98 0.0 0.1 88444 8420 pts/0 Sl 08:08 0:00 /usr/bin/vrfmgrd
root 104 0.0 0.1 88344 8248 pts/0 Sl 08:08 0:00 /usr/bin/nbrmgrd
root 112 0.0 0.1 88472 8332 pts/0 Sl 08:08 0:00 /usr/bin/vxlanmgrd
root 117 0.0 0.0 81176 4796 pts/0 Sl 08:08 0:00 /usr/bin/fdbsyncd
root 122 0.0 0.1 88416 8244 pts/0 Sl 08:08 0:00 /usr/bin/tunnelmgrd
root 153 0.0 0.0 5668 1684 pts/0 S 08:08 0:00 /usr/sbin/ndppd
root 6652 0.0 0.0 2524 744 pts/0 S 09:13 0:00 sleep 300
database docker
---------------------------
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.2 30248 23700 pts/0 Ss+ 08:07 0:01 /usr/bin/python3 /usr/local/bin/supervisord
root 38 0.0 0.2 25612 19032 pts/0 S 08:07 0:00 python3 /usr/bin/supervisor-proc-exit-listener --container-name database
root 39 0.0 0.0 223808 5616 pts/0 Sl 08:07 0:00 /usr/sbin/rsyslogd -n -iNONE
root 40 4.0 0.7 110832 59672 pts/0 Sl 08:07 2:46 /usr/bin/redis-server 127.0.0.1:6379
pbnoscli# OPBNOS supports copying running and startup configuration file to and from the switch over the network.
The following topics provide you with more information on configuration management:
Copying Running and Startup ConfigurationSaving ConfigurationDisplay ConfigurationClearing Startup configurationConfiguring HostnameYou can save running configuration using the below command:
pbnoscli# save
Saving Configuration
pbnoscli# Use the following command to display information about device temperature sensors:
pbnoscli# show platform temperature
=============================================================================================================================================
Sensor Temperature Warning High TH Low TH Critical High TH Critical Low TH Timestamp
=============================================================================================================================================
xSFP module 3 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 7 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 27 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
CPU Core 0 Temp 58.0 False 82.0 N/A 104.0 N/A 20220926 09:22:26
xSFP module 9 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 14 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 19 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 23 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
xSFP module 30 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
xSFP module 15 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
ASIC 53.0 False 105.0 N/A 120.0 N/A 20220926 09:22:26
CPU Core 1 Temp 59.0 False 82.0 N/A 104.0 N/A 20220926 09:22:26
Ambient Fan Side Temp 29.812 False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 4 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 26 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
xSFP module 12 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 5 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
PSU-2 Temp 26.75 False 60.0 N/A N/A N/A 20220926 09:22:26
xSFP module 24 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
CPU Pack Temp 59.0 False 82.0 N/A 104.0 N/A 20220926 09:22:26
xSFP module 10 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
Ambient Port Side Temp 36.437 False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 17 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 1 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 21 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 31 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
xSFP module 11 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
PSU-1 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 8 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 18 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 29 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
xSFP module 32 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
Ambient COMEX Temp 48.125 False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 28 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
xSFP module 2 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 20 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 16 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 13 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 25 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
xSFP module 6 Temp N/A False N/A N/A N/A N/A 20220926 09:22:26
xSFP module 22 Temp N/A False N/A N/A N/A N/A 20220926 09:22:27
pbnoscli# Use the following command to display information about platform version:
pbnoscli# show platform summary
Platform: x86_64-mlnx_msn3700c-r0
HwSKU: ACS-MSN3700C
ASIC: mellanox
ASIC Count: 1
Serial Number: MT2043X14695
Model Number: MSN3700-CS2FC
Hardware Revision: A4
pbnoscli# Zero Touch Provisioning (ZTP) enables a switch to automatically provision itself using the resources available on the network without manual intervention. ZTP is triggered only when it is force-enabled from ISCLI. When OPBNOS with ZTP enabled starts up, it locates a DHCP server which provides the switch with an IPv4 management IP address and a gateway IP address. The switch then obtains the IP address of a TFTP (or HTTP) server from which it downloads the necessary boot file. The switch then runs the boot file.
During the boot process, if the ZTP is enabled, the switch enters ZTP mode. The switch searches for available DHCP servers and requests them to acquire an interface address, a gateway address, the TFTP server address, and the boot file name. After the information from the DHCP server is obtained, ZTP downloads and runs the boot file, and then executes the ZTP process according to the boot file. ZTP automatically handles the process of upgrading the switch firmware image and installing configuration files.
ZTP handles firmware upgrades from ONIE to OPBNOS and OPBNOS to OPBNOS
The following topics provide you with more information on Zero Touch Provisioning(ZTP)
Change the running-config and startup-config on the switch and vice-versa
Parameters
running-config Copies to the running configuration
startup-config Copies to the startup configuration
Mode
EXEC
//to copy startup config to running config
pbnoscli# copy startup-config running-config
pbnoscli#
//to copy running config to startup config
pbnoscli# copy running-config startup-config
pbnoscli# Parameters
server_url username@ipaddress:filepathandname
timeout timeout
interval Specifies the maximum time (in seconds) to wait for the server to reply to the connection request. The timeout interval is from 1 to 100 seconds running-config Copies the running configuration startup-config Copies the startup configuration
Mode
EXEC
//copying running-config from remote server
pbnoscli# copy running-config scp <user>@<IP>:/<file.cfg>
//Example - copy running-config scp aviz@10.2.2.10:/rsw.cfg//copying startup-config from remote server
pbnoscli# copy startup-config scp <user>@<IP>:/<file.cfg>
//Example - copy startup-config scp aviz@10.2.2.10:/ssw.cfgCommand
rule <ruleid> [ipv6] (deny | permit ) [description <cstring>] ([ethertype <etype>] [vlan <vid>] [src-ip (<ipv4> | <ipv6 > src-netmask <ipv6 >)] [dest-ip (<ipv4> | <ipv6 > dest-netmask <ipv6 >)] [protocol (tcp | udp | <ptype >)] [l4portsrc <sport>] [l4portdst <dport>] [tosval <sval >] [dscp <dval>] [ttl <tval>] [tcpctl <flags > tcpctlmask <tcpmask >] | match_all [ipv6]) [counters (enable | disable)]
no rule <ruleid>
Description
Rule configuration
Parameters
ruleid: It should be in the range 1 to 6000
ipv6: used to specify an ipv6 rule
description: max 50 characters
Mode
FLOW
You can verify the configuration by using the command(s) below:
pbnoscli# configure terminal
pbnoscli(config)# flow flow01
pbnoscli(config-flow-flow01)#
! Exit from the current prompt
description Configure description for flow
enable Enable the flow
end Exit to exec prompt
exit Exit from the current prompt
network-ports Configure network or TAP ports
no no form
rule Configure rule
show Show commands
tool-ports Configure network tool or analyzer ports
top Exit to the configuration prompt
pbnoscli(config-flow-flow01)# rule 1
action Add rule specific action
deny Deny traffic
ipv6 IPv6 Rule
permit Permit traffic
pbnoscli(config-flow-flow01)# rule 1 ipv6
deny Deny traffic
permit Permit traffic
pbnoscli(config-flow-flow01)# rule 1 ipv6
pbnoscli(config-flow-flow01)# rule 1 permit
<cr>
counters Enable counters
description Add description within double quotes
dest-ip Destination IP address
dscp Differentiated services code point
ethertype ethernet type, 0x800, 0x8100
l4portdst L4 destination port
l4portsrc L4 source port
match-all Match all
protocol IP protocol
src-ip Source IP address
tcpctl TCP Control Flags
tosval Type of Service
ttl Time-to-live
vlan Vlan Identifier
pbnoscli(config-flow-flow01)# rule 1 permit src-ip 10.10.0.0/24 dest-ip 20.0.20.0/24 counters enable
//to remove a rule
pbnoscli(config-flow-flow01)# no rule 1
pbnoscli(config-flow-flow01)#pbnoscli# show flow summary
Flow-Name Rule-Id Status Counter-Value
=========================================================
flow01 1 Active 1671
pbnoscli# show flow flow01
===================================
Flow : flow01 (CLI)
===================================
Status : enable
Network-Port : Ethernet1/1,Ethernet2/1
Tool-Port : port-channel1,Ethernet8/1
Rule : 1
++++++++++++++++++++++++++++++++++
Action : permit
Source IP : 10.10.0.0
Source Mask : 255.255.255.0
Destination IP : 20.0.20.0
Destination Mask : 255.255.255.0
Counters : enable
pbnoscli# \\Configuring IPv4 rules
pbnoscli# show running-config
configure terminal
port-channel 1 ports Ethernet63/1,Ethernet64/1
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet2/1
forward-error-correction rs
type network
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
description "--Flow Description--"
network-ports Ethernet1/1,Ethernet2/1
tool-ports port-channel1,Ethernet8/1
rule 1 permit src-ip 10.10.0.0/24 dest-ip 20.0.20.0/24 counters enable
!
pbnoscli# \\Configuring IPv6 rules
pbnoscli# show running-config
configure terminal
port-channel 1 ports Ethernet63/1,Ethernet64/1
!
interface ethernet Ethernet1/1
forward-error-correction rs
type network
!
interface ethernet Ethernet2/1
forward-error-correction rs
type network
!
interface mgmt
ip address 10.4.4.53/23 gateway 10.4.4.1
!
flow flow01
description "--Flow Description--"
network-ports Ethernet1/1,Ethernet2/1
tool-ports port-channel1,Ethernet8/1
rule 1 ipv6 permit src-ip 2401::1 src-netmask f::f dest-ip 2401::2 dest-netmask f::f counters enable
!
pbnoscli# vlan: VLAN id 2 to 4094
src-ip: source IP address
dest-ip: Destination IP address
protocol: L3 Protocol
l4portsrc: L4 source port for TCP or UDP
l4portdst: L4 source port for TCP or UDP
tossval: Type of Service
dscp: Differentiated services code point.
ttl: Time-to-live
tcpctl: TCP control flags
After entering ZTP mode, the switch sends a DHCP discovery message on its management interface, requesting DHCP offers from the DHCP servers present on the network. The DHCP server replies with a DHCP offer message. When the switch receives the DHCP offer message, it will look for following information in the offer:
An interface IPv4 address
A gateway IPv4 address
A TFTP or HTTP server IP address (using option 66)
Boot file name (using option 67)
The switch completes the DHCP negotiation process (request and acknowledgement) with the DHCP server, which assigns the switch with an IPv4 management address. The switch then uses the acquired TFTP or HTTP server IP address to contact that server to get the boot file, The option 67 contains the complete file path of the boot file on the remote server. The switch then downloads the boot file.
If no DHCP servers reply is received after DHCP discovery message or if the DHCP offer does not meets the ZTP requirements, the switch won't be able to complete the DHCP negotiation and the switch exits ZTP mode and continues the normal boot process.
To remove/clear startup-config use below command:
clearing startup-config will trigger a system reboot.
pbnoscli# clear startup-config
This command requires a system reboot. Do you wish to continue [y/n]: y
You can display running and start configuration using below command:
//to show running config
pbnoscli# show running-config
show running-config
configure terminal
<..>
pbnoscli#//to show startup config
pbnoscli# show startup-config
show running-config
configure terminal
port-group 1 ports Ethernet8
<..>
pbnoscli#
