System Management Commands

arp

To display the contents of the Address Resolution Protocol (ARP) table, use the arp command in boot loader mode.

arp [ip_address]

Syntax Description

ip_address

(Optional) Shows the ARP table or the mapping for a specific IP address.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

The ARP table contains the IP-address-to-MAC-address mappings.

Examples

This example shows how to display the ARP table:


Device: arp 172.20.136.8
arp'ing 172.20.136.8...
172.20.136.8 is at 00:1b:78:d1:25:ae, via port 0

boot

To load and boot an executable image and display the command-line interface (CLI), use the boot command in boot loader mode.

boot [ -post | -n | -p | flag] filesystem:/file-url...

Syntax Description

-post

(Optional) Run the loaded image with an extended or comprehensive power-on self-test (POST). Using this keyword causes POST to take longer to complete.

-n

(Optional) Pause for the Cisco IOS Debugger immediately after launching.

-p

(Optional) Pause for the JTAG Debugger right after loading the image.

filesystem:

Alias for a file system. Use flash: for the system board flash device; use usbflash0: for USB memory sticks.

/file-url

Path (directory) and name of a bootable image. Separate image names with a semicolon.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

When you enter the boot command without any arguments, the device attempts to automatically boot the system by using the information in the BOOT environment variable, if any.

If you supply an image name for the file-url variable, the boot command attempts to boot the specified image.

When you specify boot loader boot command options, they are executed immediately and apply only to the current boot loader session.

These settings are not saved for the next boot operation.

Filenames and directory names are case sensitive.

Examples

This example shows how to boot the device using the new-image.bin image:


Device: set BOOT flash:/new-images/new-image.bin
Device: boot

After entering this command, you are prompted to start the setup program.

cat

To display the contents of one or more files, use the cat command in boot loader mode.

cat filesystem:/file-url...

Syntax Description

filesystem:

Specifies a file system.

/file-url

Specifies the path (directory) and name of the files to display. Separate each filename with a space.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Filenames and directory names are case sensitive.

If you specify a list of files, the contents of each file appears sequentially.

Examples

This example shows how to display the contents of an image file:


Device: cat flash:image_file_name
version_suffix: universal-122-xx.SEx
version_directory: image_file_name
image_system_type_id: 0x00000002
image_name: image_file_name.bin
ios_image_file_size: 8919552
total_image_file_size: 11592192
image_feature: IP|LAYER_3|PLUS|MIN_DRAM_MEG=128
image_family: family
stacking_number: 1.34
board_ids: 0x00000068 0x00000069 0x0000006a 0x0000006b 
info_end:

copy

To copy a file from a source to a destination, use the copy command in boot loader mode.

copy filesystem:/source-file-url filesystem:/destination-file-url

Syntax Description

filesystem:

Alias for a file system. Use usbflash0: for USB memory sticks.

/source-file-url

Path (directory) and filename (source) to be copied.

/destination-file-url

Path (directory) and filename of the destination.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Filenames and directory names are case sensitive.

Directory names are limited to 127 characters between the slashes (/); the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

Filenames are limited to 127 characters; the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

If you are copying a file to a new directory, the directory must already exist.

Examples

This example shows how to copy a file at the root:


Device: copy usbflash0:test1.text usbflash0:test4.text
File "usbflash0:test1.text" successfully copied to "usbflash0:test4.text"

You can verify that the file was copied by entering the dir filesystem: boot loader command.

copy startup-config tftp:

To copy the configuration settings from a switch to a TFTP server, use the copy startup-config tftp: command in Privileged EXEC mode.

copy startup-config tftp: remote host {ip-address}/{name}

Syntax Description

remote host {ip-address}/{name}

Host name or IP-address of Remote host.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Release 16.1

This command was introduced.

Usage Guidelines

To copy your current configurations from the switch, run the command copy startup-config tftp: and follow the instructions. The configurations are copied onto the TFTP server.

Then, login to another switch and run the command copy tftp: startup-config and follow the instructions. The configurations are now copied onto the other switch.

Examples

This example shows how to copy the configuration settings onto a TFTP server:


Device: copy startup-config tftp:
Address or name of remote host []?

copy tftp: startup-config

To copy the configuration settings from a TFTP server onto a new switch, use the copy tftp: startup-config command in Privileged EXEC mode on the new switch.

copy tftp: startup-config remote host {ip-address}/{name}

Syntax Description

remote host {ip-address}/{name}

Host name or IP-address of Remote host.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Release 16.1

This command was introduced.

Usage Guidelines

After the configurations are copied, to save your configurations, use write memory command and then either reload the switch or run the copy startup-config running-config command.

Examples

This example shows how to copy the configuration settings from the TFTP server onto a switch:


Device: copy tftp: startup-config
Address or name of remote host []?

debug voice diagnostics mac-address

To enable debugging of voice diagnostics for voice clients, use the debug voice diagnostics mac-address command in privileged EXEC mode. To disable debugging, use the no form of this command.

debug voice diagnostics mac-address mac-address1 verbose mac-address mac-address2 verbose

nodebug voice diagnostics mac-address mac-address1 verbose mac-address mac-address2 verbose

Syntax Description

voice diagnostics

Configures voice debugging for voice clients.

mac-address mac-address1 mac-address mac-address2

Specifies MAC addresses of the voice clients.

verbose

Enables verbose mode for voice diagnostics.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Examples

The following is sample output from the debug voice diagnostics mac-address command and shows how to enable debugging of voice diagnostics for voice client with MAC address of 00:1f:ca:cf:b6:60:

Device# debug voice diagnostics mac-address 00:1f:ca:cf:b6:60

debug platform condition feature multicast controlplane

To enable radioactive tracing for the Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) snooping features, use the debug platform condition feature multicast controlplane command in privileged EXEC mode. To disable radioactive tracing, use the no form of this command.

debug platform condition feature multicast controlplane {{igmp-debug | pim} group-ip {ipv4 address | ipv6 address} | {mld-snooping | igmp-snooping} mac mac-address ip {ipv4 address | ipv6 address} vlan vlan-id } level {debug | error | info | verbose | warning}

no debug platform condition feature multicast controlplane {{igmp-debug | pim} group-ip {ipv4 address | ipv6 address} | {mld-snooping | igmp-snooping} mac mac-address ip {ipv4 address | ipv6 address} vlan vlan-id } level {debug | error | info | verbose | warning}

Syntax Description

igmp-debug

Enables IGMP control radioactive tracing.

pim

Enables Protocol Independent Multicast (PIM) control radioactive tracing.

mld-snooping

Enables MLD snooping control radioactive tracing.

igmp-snooping

Enables IGMP snooping control radioactive tracing.

mac mac-address

MAC address of the receiver.

group-ip {ipv4 address | ipv6 address}

IPv4 or IPv6 address of the igmp-debug or pim group.

ip {ipv4 address | ipv6 address}

IPv4 or IPv6 address of the mld-snooping or igmp-snooping group.

vlan vlan-id

VLAN ID. The range is from 1 to 4094.

level

Enables debug severity levels.

debug

Enables debugging level.

error

Enables error debugging.

info

Enables information debugging.

verbose

Enables detailed debugging.

warning

Enables warning debugging.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Examples

The following example shows how to enable radioactive tracing for IGMP snooping:


Device# debug platform condition feature multicast controlplane igmp-snooping mac 000a.f330.344a ip 10.1.1.10 vlan 550 level warning

debug platform condition mac

To enable radioactive tracing for MAC learning, use the debug platform condition mac command in privileged EXEC mode. To disable radioactive tracing for MAC learning, use the no form of this command.

debug platform condition mac {mac-address {control-plane | egress | ingress} | access-list access-list name {egress | ingress}}

no debug platform condition mac {mac-address {control-plane | egress | ingress} | access-list access-list name {egress | ingress}}

Syntax Description

mac mac-address

Filters output on the basis of the specified MAC address.

access-list access-list name

Filters output on the basis of the specified access list.

control-plane

Displays messages about the control plane routines.

egress

Filters output on the basis of outgoing packets.

ingress

Filters output on the basis of incoming packets.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Examples

The following example shows how to filter debugging output on the basis of a MAC address:


Device# debug platform condition mac bc16.6509.3314 ingress

debug platform rep

To enable debugging of Resilient Ethernet Protocol (REP) functions, use the debug platform rep command in privileged EXEC mode. To remove the specified condition, use the no form of this command.

debug platform rep {all | error | event | packet | verbose}

no debug platform rep {all | error | event | packet | verbose}

Syntax Description

all

Enables all REP debugging functions.

error

Enables REP error debugging.

event

Enables REP event debugging.

packet

Enables REP packet debugging.

verbose

Enables REP verbose debugging.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Examples

The following example shows how to enable debugging for all functionss:


Device# debug platform rep all      

debug platform rep verbose debugging is on
debug platform rep control pkt handle debugging is on
debug platform rep error debugging is on
debug platform rep event debugging is on

debug ilpower powerman

To enable debugging of the power controller and Power over Ethernet (PoE) system, use the debug ilpower powerman command in privileged EXEC mode. Use the no form of this command to disable debugging.

Command Default

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Examples

This example shows the output for the debug ilpower powerman command for releases prior to Cisco IOS XE Gibraltar 16.10.1:
Device# debug ilpower powerman
1.	%ILPOWER-3-CONTROLLER_PORT_ERR: Controller port error, Interface Gix/y/z: Power Controller reports power Imax error detected
Mar 8 16:35:17.801: ilpower_power_assign_handle_event: event 0, pwrassign is done by proto CDP
Port Gi1/0/48: Selected Protocol CDP
Mar 8 16:35:17.801: Ilpowerinterface (Gi1/0/48) process tlvfrom cdpINPUT: 
Mar 8 16:35:17.801: power_consumption= 2640, power_request_id= 1, power_man_id= 2, 
Mar 8 16:35:17.801: power_request_level[] = 2640 0 0 0 0
Mar 8 16:35:17.801: 
Mar 8 16:35:17.801: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.802: Ilpowerinterface (Gi1/0/48) power negotiation: consumption = 2640, alloc_power= 2640 
Mar 8 16:35:17.802: Ilpowerinterface (Gi1/0/48) setting ICUT_OFF threshold to 2640.
Mar 8 16:35:17.802: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.802: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:18.115: ILP:: posting ilpslot 1 port 48 event 5 class 0 
Mar 8 16:35:18.115: ILP:: Gi1/0/48: State=NGWC_ILP_LINK_UP_S-6, Event=NGWC_ILP_IMAX_FAULT_EV-5
Mar 8 16:35:18.115: ilpowerdelete power from pdlinkdownGi1/0/48
Mar 8 16:35:18.115: Ilpowerinterface (Gi1/0/48), delete allocated power 2640
Mar 8 16:35:18.116: Ilpowerinterface (Gi1/0/48) setting ICUT_OFF threshold to 0.
Mar 8 16:35:18.116: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:18.116: ilpower_notify_lldp_power_via_mdi_tlvGi1/0/48 pwralloc0
Mar 8 16:35:18.116: Gi1/0/48 AUTO PORT PWR Alloc130 Request 130
Mar 8 16:35:18.116: Gi1/0/48: LLDP NOTIFY TLV:
(curr/prev) PSE Allocation: 13000/0
(curr/prev) PD Request : 13000/0
(curr/prev) PD Class : Class 4/
(curr/prev) PD Priority : low/unknown
(curr/prev) Power Type : Type 2 PSE/Type 2 PSE
(curr/prev) mdi_pwr_support: 7/0
(curr/prevPower Pair) : Signal/
(curr/prev) PSE PwrSource : Primary/Unknown
This example shows the output for the debug ilpower powerman command starting Cisco IOS XE Gibraltar 16.10.1. Power Unit (mW) has been added to the power_request_level, PSE Allocation and PD Request. Power_request_level has been enhanced to display only non-zero values.
Device# debug ilpower powerman
1.	%ILPOWER-3-CONTROLLER_PORT_ERR: Controller port error, Interface Gix/y/z: Power Controller reports power Imax error detected
Mar 8 16:35:17.801: ilpower_power_assign_handle_event: event 0, pwrassign is done by proto CDP
Port Gi1/0/48: Selected Protocol CDP
Mar 8 16:35:17.801: Ilpowerinterface (Gi1/0/48) process tlvfrom cdpINPUT: 
Mar 8 16:35:17.801: power_consumption= 2640, power_request_id= 1, power_man_id= 2, 
Mar 8 16:35:17.801: power_request_level(mW) = 2640              <------------------------- mW unit added, non-zero value display
Mar 8 16:35:17.801: 
Mar 8 16:35:17.801: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.802: Ilpowerinterface (Gi1/0/48) power negotiation: consumption = 2640, alloc_power= 2640 
Mar 8 16:35:17.802: Ilpowerinterface (Gi1/0/48) setting ICUT_OFF threshold to 2640.
Mar 8 16:35:17.802: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.802: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:18.115: ILP:: posting ilpslot 1 port 48 event 5 class 0 
Mar 8 16:35:18.115: ILP:: Gi1/0/48: State=NGWC_ILP_LINK_UP_S-6, Event=NGWC_ILP_IMAX_FAULT_EV-5
Mar 8 16:35:18.115: ilpowerdelete power from pdlinkdownGi1/0/48
Mar 8 16:35:18.115: Ilpowerinterface (Gi1/0/48), delete allocated power 2640
Mar 8 16:35:18.116: Ilpowerinterface (Gi1/0/48) setting ICUT_OFF threshold to 0.
Mar 8 16:35:18.116: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:18.116: ilpower_notify_lldp_power_via_mdi_tlvGi1/0/48 pwralloc0
Mar 8 16:35:18.116: Gi1/0/48 AUTO PORT PWR Alloc130 Request 130
Mar 8 16:35:18.116: Gi1/0/48: LLDP NOTIFY TLV:
(curr/prev) PSE Allocation (mW): 13000/0                         <------------------------- mW unit added
(curr/prev) PD Request (mW) : 13000/0                            <------------------------- mW unit added
(curr/prev) PD Class : Class 4/
(curr/prev) PD Priority : low/unknown
(curr/prev) Power Type : Type 2 PSE/Type 2 PSE
(curr/prev) mdi_pwr_support: 7/0
(curr/prevPower Pair) : Signal/
(curr/prev) PSE PwrSource : Primary/Unknown

delete

To delete one or more files from the specified file system, use the delete command in boot loader mode.

delete filesystem:/file-url...

Syntax Description

filesystem:

Alias for a file system. Use usbflash0: for USB memory sticks.

/file-url...

Path (directory) and filename to delete. Separate each filename with a space.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Filenames and directory names are case sensitive.

The device prompts you for confirmation before deleting each file.

Examples

This example shows how to delete two files:


Device: delete usbflash0:test2.text usbflash0:test5.text
Are you sure you want to delete "usbflash0:test2.text" (y/n)?y
File "usbflash0:test2.text" deleted
Are you sure you want to delete "usbflash0:test5.text" (y/n)?y
File "usbflash0:test2.text" deleted 

You can verify that the files were deleted by entering the dir usbflash0: boot loader command.

dir

To display the list of files and directories on the specified file system, use the dir command in boot loader mode.

dir filesystem:/file-url

Syntax Description

filesystem:

Alias for a file system. Use flash: for the system board flash device; use usbflash0: for USB memory sticks.

/file-url

(Optional) Path (directory) and directory name that contain the contents you want to display. Separate each directory name with a space.

Command Default

No default behavior or values.

Command Modes

Boot Loader

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Directory names are case sensitive.

Examples

This example shows how to display the files in flash memory:


Device: dir flash:
Directory of flash:/
    2  -rwx        561   Mar 01 2013 00:48:15  express_setup.debug
    3  -rwx    2160256   Mar 01 2013 04:18:48  c2960x-dmon-mz-150-2r.EX
    4  -rwx       1048   Mar 01 2013 00:01:39  multiple-fs
    6  drwx        512   Mar 01 2013 23:11:42  c2960x-universalk9-mz.150-2.EX
   645 drwx        512   Mar 01 2013 00:01:11  dc_profile_dir
   647 -rwx       4316   Mar 01 2013 01:14:05  config.text
   648 -rwx          5   Mar 01 2013 00:01:39  private-config.text

   96453632 bytes available (25732096 bytes used)
Table 1. dir Field Descriptions

Field

Description

2

Index number of the file.

-rwx

File permission, which can be any or all of the following:

  • d—directory
  • r—readable
  • w—writable
  • x—executable

1644045

Size of the file.

<date>

Last modification date.

env_vars

Filename.

exit

To return to the previous mode or exit from the CLI EXEC mode, use the exit command.

exit

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Global configuration

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Examples

This example shows how to exit the configuration mode:

Device(config)# exit
Device#
                                       

factory-reset

To erase all customer-specific data and restore a device to its factory configuration, use the factory-reset command in privileged EXEC mode.


Note


The erasure is consistent with the clear method, as described in NIST SP 800-88 Rev. 1.


Standalone Device

factory-reset { all [ secure ] [3-pass] | boot-vars | config }

Stacked Device

factory-reset { all [secure 3-pass] | boot-vars | config | switch switch_number | all { all [secure 3-pass] | boot-vars | config } }

Syntax Description

all

Erases all the content from the NVRAM, all Cisco IOS images, including the current boot image, boot variables, startup and running configuration data, and user data.

all secure

Performs data sanitization and securely resets the device.

Note

 

This option implements guidelines for media sanitization as described in NIST SP 800-88 Rev. 1.

secure 3-pass

Erases all the content from the device with 3-pass overwrite.

  • Pass 1: Overwrites all addressable locations with binary zeroes.

  • Pass 2: Overwrites all addressable locations with binary ones.

  • Pass 3: Overwrites all addressable locations with a random bit pattern.

boot-vars

Erases only the user-added boot variables.

config

Erases only the startup configurations.

switch {switch_number | all}

Erases content on the selected switch:

  • switch-number : Specifies the switch number. The range is from 1 to 16.

  • all : Selects all the switches in the stack.

Command Default

None

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Fuji 16.8.1a

This command was introduced.

Cisco IOS XE Amsterdam 17.2.1

The secure 3-pass and switch keyword was introduced.

Cisco IOS XE Dublin 17.10.1

The all secure option was introduced.

Usage Guidelines

The factory-reset command is used in the following scenarios:

  • To return a device to Cisco for Return Material Authorization (RMA), use this command to remove all the customer-specific data before obtaining an RMA certificate for the device.

  • If the key information or credentials that are stored on a device is compromised, use this command to reset the device to factory configuration, and then reconfigure the device.

After the factory reset process is successfully completed, the device reboots and enters ROMMON mode.

Examples

The following example shows how to erase all the content from a device using the factory-reset all command:

Device> enable
Device# factory-reset all

The factory reset operation is irreversible for all operations. Are you sure? [confirm]
The following will be deleted as a part of factory reset:
1: Crash info and logs
2: User data, startup and running configuration
3: All IOS images, including the current boot image
4: OBFL logs
5: User added rommon variables
6: Data on Field Replaceable Units(USB/SSD/SATA)
The system will reload to perform factory reset.
It will take some time to complete and bring it to rommon.
You will need to load IOS image using USB/TFTP from rommon after
this operation is completed.
DO NOT UNPLUG THE POWER OR INTERRUPT THE OPERATION
Are you sure you want to continue? [confirm] 

The following examples show how to perform a factory reset on stacked devices:

Device> enable
Device# factory-reset switch all all
The factory reset operation is irreversible for all operations. Are you sure? [confirm]
 The following will be deleted as a part of factory reset:
 1: Crash info and logs
 2: User data, startup and running configuration
 3: All IOS images, including the current boot image
 4: OBFL logs
 5: User added rommon variables
 6: Data on Field Replaceable Units(USB/SSD/SATA)
 The system will reload to perform factory reset.
 It will take some time to complete and bring it to rommon.
 You will need to load IOS image using USB/TFTP from rommon after
 this operation is completed.
 DO NOT UNPLUG THE POWER OR INTERRUPT THE OPERATION
 Are you sure you want to continue? [confirm]
Chassis 1 reloading, reason - Factory Reset

 Protection key not found
9300L#Oct 25 09:53:05.740: %PMAN-5-EXITACTION: F0/0: pvp: Process manager is exiting: reload fp action requested
Oct 25 09:53:07.277: %PMAN-5-EXITACTION:vp: Process manager is exiting: rp processes exit with reload switch code


Enabling factory reset for this reload cycle
 Switch booted with tftp://10.5.40.45/cat9k_iosxe.BLD_POLARIS_DEV_LATEST_20191007_224933_V17_2_0_21_2.SSA.bin 
 Switch booted via //10.5.40.45/cat9k_iosxe.BLD_POLARIS_DEV_LATEST_20191007_224933_V17_2_0_21_2.SSA.bin 
% FACTORYRESET - Started Cleaning Up...
 
% FACTORYRESET - Unmounting sd1
% FACTORYRESET - Cleaning Up sd1 [0]
% FACTORYRESET - erase In progress.. please wait for completion...
% FACTORYRESET - write zero...
% FACTORYRESET - finish erase
 
% FACTORYRESET - Making File System sd1 [0]
Discarding device blocks: done                            
Creating filesystem with 409600 4k blocks and 102544 inodes
Filesystem UUID: fcf01664-7c6f-41ce-99f0-6df1d941701e
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376, 294912

Allocating group tables: done                            
Writing inode tables: done                            
Writing superblocks and filesystem accounting information: done 

% FACTORYRESET - Mounting Back sd1 [0]
% FACTORYRESET - Handling Mounted sd1
% FACTORYRESET - Factory Reset Done for sd1
 
% FACTORYRESET - Unmounting sd3
% FACTORYRESET - Cleaning Up sd3 [0]
% FACTORYRESET - erase In progress.. please wait for completion...
% FACTORYRESET - write zero...



Chassis 2 reloading, reason - Factory Reset
Dec 12 01:02:12.500: %PMAN-5-EXITACTION: F0/0: pvp: Process manager is exiting: reload fp action requested
De
Enabling factory reset for this reload cycle
 Switch booted with tftp://10.5.40.45/cat9k_iosxe.BLD_POLARIS_DEV_LATEST_20191007_224933_V17_2_0_21_2.SSA.bin
 Switch booted via //10.5.40.45/cat9k_iosxe.BLD_POLARIS_DEV_LATEST_20191007_224933_V17_2_0_21_2.SSA.bin
% FACTORYRESET - Started Cleaning Up...
% FACTORYRESET - Unmounting sd1
% FACTORYRESET - Cleaning Up sd1 [0]
% FACTORYRESET - erase In progress.. please wait for completion...
% FACTORYRESET - write zero...



After this the switch will come to boot prompt. Then the customer has to boot the device from TFTP.

Examples

The following example shows how to erase all the content from a device using the factory-reset all secure command:

Device# factory-reset all secure
The factory reset operation is irreversible for securely reset all. Are you sure? [confirm]
The following will be deleted as a part of factory reset: NIST SP-800-88r1
1: Crash info and logs
2: User data, startup and running configuration
3: All IOS images, excluding the current boot image
4: OBFL logs
5: User added rommon variables
6: Data on Field Replaceable Units(SSD/SATA)
7: License usage log files
Note:
Secure erase logs/reports will be stored in flash.
The system will reload to perform factory reset.
It will take some time to complete and bring it to rommon.
DO NOT UNPLUG THE POWER OR INTERRUPT THE OPERATION
Are you sure you want to continue? [confirm]
Protection key not found
Switch#
Chassis 1 reloading, reason - Factory Reset
Sep 18 06:18:01.632: %PMAN-5-EXITACTION: C0/0: pvp: Process manager is exiting: reload cc action requested
Sep 18 06:18:01.657: %PMAN-5-EXITACTION: F0/0: pvp: Process manager is exiting: reload fp action requested
Sep 18 06
 
Enabling factory reset for this reload cycle
Switch booted with flash:cat9k_lite_iosxe.BLD_V1710_THROTTLE_LATEST_20220912_071947_QU_C.SSA.bin
 Switch booted via cat9k_lite_iosxe.BLD_V1710_THROTTLE_LATEST_20220912_071947_QU_C.SSA.bin
FACTORY-RESET-RESTORE-IMAGE Taking backup of flash:cat9k_lite_iosxe.BLD_V1710_THROTTLE_LATEST_20220912_071947_QU_C.SSA.bin
FACTORY-RESET-RESTORE-IMAGE Searching for cat9k_lite_iosxe.BLD_V1710_THROTTLE_LATEST_20220912_071947_QU_C.SSA.bin on flash
factory-reset-restore-image copying /flash/cat9k_lite_iosxe.BLD_V1710_THROTTLE_LATEST_20220912_071947_QU_C.SSA.bin image to /tmp/factory_reset
% FACTORYRESET - Started Data Sanitization...
% FACTORYRESET - Unmounting sd1
% FACTORYRESET - Unmounting sd3
% FACTORYRESET - Unmounting sd4
% FACTORYRESET - Unmounting sd5
% FACTORYRESET - Unmounting sd6
Executing Data Sanitization...
MTD Data Sanitization started ...
!!! Please, wait - Reading MTD Info !!!
!!! Please, wait - Validating Erase for/dev/mtd3 !!!
!!! Please, wait - Validating Erase for/dev/mtd4 !!!
MTD Data Sanitization completed ...
eMMC Data Sanitization started ...
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - sanitizing !!!
!!! Please, wait - Validating Erase for/dev/mmcblk0p1 !!!
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - sanitizing !!!
!!! Please, wait - Validating Erase for/dev/mmcblk0p3 !!!
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - sanitizing !!!
!!! Please, wait - Validating Erase for/dev/mmcblk0p4 !!!
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - sanitizing !!!
!!! Please, wait - Validating Erase for/dev/mmcblk0p5 !!!
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - Reading EXT_CSD !!!
!!! Please, wait - sanitizing !!!
!!! Please, wait - Validating Erase for/dev/mmcblk0p6 !!!
eMMC Data Sanitization completed ...
Data Sanitization Success! Exiting...
% FACTORYRESET - Data Sanitization Success...
% FACTORYRESET - Making File System sd1 [0]
mke2fs 1.43-WIP (18-May-2015)
Discarding device blocks: done                           
Creating filesystem with 204800 4k blocks and 51296 inodes
Filesystem UUID: 8aae2120-0c5f-4c05-82d0-1be3ea5f5f1a
Superblock backups stored on blocks:
              32768, 98304, 163840
Allocating group tables: done                           
Writing inode tables: done                           
Writing superblocks and filesystem accounting information: done
% FACTORYRESET - Mounting Back sd6 [0]
% FACTORYRESET - Factory Reset Done for sd6
% FACTORYRESET - Lic Clean UP
% act2 export - ROMMON_BOARDID=800
act2 cleaning Starting...
% act2 cleaning success
act2 logging Starting...
% act2 logging success
% FACTORYRESET - Restore lic0 Files
Factory reset Secure Completed ...
% FACTORYRESET - Secure Successfull
ReloadReason=Factory Reset
FACTORY-RESET-RESTORE-IMAGE Copying back image from /tmp/factory_reset onto /bootflash/
FACTORY-RESET-RESTORE-IMAGE Copying image is successful.
% FACTORYRESET - md5sum : e4394cc1f436bcb7fc518600d3f0254f  /bootflash/cat9k_lite_iosxe.BLD_V1710_THROTTLE_LATEST_20220912_071947_QU_C.SSA.bin
Factory reset successful. Rebooting...
 

flash_init

To initialize the flash: file system, use the flash_init command in boot loader mode.

flash_init

Syntax Description

This command has no arguments or keywords.

Command Default

The flash: file system is automatically initialized during normal system operation.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

During the normal boot process, the flash: file system is automatically initialized.

Use this command to manually initialize the flash: file system. For example, you use this command during the recovery procedure for a lost or forgotten password.

help

To display the available commands, use the help command in boot loader mode.

help

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Examples

This example shows how to display a list of available boot loader commands:


Device:help
? -- Present list of available commands
arp -- Show arp table or arp-resolve an address
boot -- Load and boot an executable image
cat -- Concatenate (type) file(s)
copy -- Copy a file
delete -- Delete file(s)
dir -- List files in directories
emergency-install -- Initiate Disaster Recovery
...
...
...
unset -- Unset one or more environment variables
version -- Display boot loader version

hostname

To specify or modify the hostname for the network server, use the hostname command in global configuration mode.

hostname name

Syntax Description

name

New hostname for the network server.

Command Default

The default hostname is switch.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

The hostname is used in prompts and default configuration filenames.

Do not expect case to be preserved. Uppercase and lowercase characters look the same to many internet software applications. It may seem appropriate to capitalize a name the same way you might do in English, but conventions dictate that computer names appear all lowercase. For more information, refer to RFC 1178, Choosing a Name for Your Computer .

The name must also follow the rules for ARPANET hostnames. They must start with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphens. Names must be 63 characters or fewer. Creating an all numeric hostname is not recommended but the name will be accepted after an error is returned.


Device(config)#hostname 123 
% Hostname contains one or more illegal characters.
123(config)# 

A hostname of less than 10 characters is recommended. For more information, refer to RFC 1035, Domain Names--Implementation and Specification .

On most systems, a field of 30 characters is used for the hostname and the prompt in the CLI. Note that the length of your hostname may cause longer configuration mode prompts to be truncated. For example, the full prompt for service profile configuration mode is:


(config-service-profile)#
 

However, if you are using the hostname of “Switch,” you will only see the following prompt (on most systems):


Switch(config-service-profil)# 
 

If the hostname is longer, you will see even less of the prompt:


Basement-rtr2(config-service)# 
 

Keep this behavior in mind when assigning a name to your system (using the hostname global configuration command). If you expect that users will be relying on mode prompts as a CLI navigation aid, you should assign hostnames of no more than nine characters.

The use of a special character such as '\'(backslash) and a three or more digit number for the character setting like hostname , results in incorrect translation:


Device(config)#
Device(config)#hostname \99
% Hostname contains one or more illegal characters.

Examples

The following example changes the hostname to “host1”:


Device(config)# hostname host1
host1(config)# 

hw-module subslot oir power-cycle

To reset or power-cycle a module from the CLI, use the hw-module subslot oir power-cycle command in privileged EXEC mode.

hw-module switch switch-no subslot slot / subslot oir power-cycle [ force ]

Syntax Description

switch-no

The switch to access. Valid values are 1 and 2.

slot

Specifies the Physical slot number on the chassis.

subslot

Subslot is always 0.

force

Performs the power cycle without prompting for confirmation.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Everest 16.6.2

This command was introduced.

Usage Guidelines

The hw-module subslot oir power-cycle command resets the specified module.

This command is not supported on the supervisor slots.

Do not use the command when the line cards are booting up.

Examples

The following example shows how to power-cycle the module in slot 1 of the chassis:

Device# hw-module switch 1 subslot 1/0 oir power-cycle force

 
*Sep  3 20:11:05.219 UTC: %IOSXE_OIR-6-REMSPA: SPA removed from chassis 1 subslot 1/0, interfaces disabled
*Sep  3 20:11:05.295 UTC: %SPA_OIR-6-OFFLINECARD: SPA (C9400-LC-24XS) offline in chassis 1 subslot 1/0
*Sep  3 20:11:36.812 UTC: %IOSXE_OIR-6-INSSPA: SPA inserted in chassis 1 subslot 1/0
*Sep  3 20:13:41.316 UTC: %SPA_OIR-6-ONLINECARD: SPA (C9400-LC-24XS) online in chassis 1 subslot 1/0

install

To install Software Maintenance Upgrade (SMU) packages, use the install command in privileged EXEC mode.

install {abort | activate | file {bootflash: | flash: | harddisk: | webui:} [auto-abort-timer timer timer prompt-level {all | none}] | add file {bootflash: | flash: | ftp: | harddisk: | http: | https: | rcp: | scp: | tftp: | webui:} [activate [auto-abort-timer timer prompt-level {all | none}commit]] | commit | auto-abort-timer stop | deactivate file {bootflash: | flash: | harddisk: | webui:} | label id {description description | label-name name} | remove {file {bootflash: | flash: | harddisk: | webui:} | inactive } | | rollback to {base | committed | id {install-ID } | label {label-name}}}

Syntax Description

abort

Terminates the current install operation.

activate

Validates whether the SMU is added through the install add command.

This keyword runs a compatibility check, updates package status, and if the package can be restarted, triggers post-install scripts to restart the necessary processes, or triggers a reload for nonrestartable packages.

file

Specifies the package to be activated.

{bootflash: | flash: | harddisk: | webui:}

Specifies the location of the installed package.

auto-abort-timer timer

(Optional) Installs an auto-abort timer.

prompt-level {all | none}

(Optional) Prompts a user about installation activities.

For example, the activate keyword automatically triggers a reload for packages that require a reload. Before activating the package, a message prompts users about wanting to continue or not.

The all keyword allows you to enable prompts. The none keyword disables prompts.

add

Copies files from a remote location (through FTP or TFTP) to a device and performs SMU compatibility check for the platform and image versions.

This keyword runs base compatibility checks to ensure that a specified package is supported on a platform.

{ bootflash: | flash: |ftp: |harddisk: |http: |https: | rcp: | scp: | tftp: |webui:}

Specifies the package to be added.

commit

Makes SMU changes persistent over reloads.

You can perform a commit after activating a package while the system is up, or after the first reload. If a package is activated, but not committed, it remains active after the first reload, but not after the second reload.

auto-abort-timer stop

Stops the auto-abort timer.

deactivate

Deactivates an installed package.

Note

 

Deactivating a package also updates the package status and might trigger a process restart or reload.

label id

Specifies the ID of the install point to label.

description

Adds a description to the specified install point.

label-name name

Adds a label name to the specified install point.

remove

Removes the installed packages.

The remove keyword can only be used on packages that are currently inactive.

inactive

Removes all the inactive packages from the device.

rollback

Rolls back the data model interface (DMI) package SMU to the base version, the last committed version, or a known commit ID.

to base

Returns to the base image.

committed

Returns to the installation state when the last commit operation was performed.

id install-ID

Returns to the specific install point ID. Valid values are from 1 to 4294967295.

Command Default

Packages are not installed.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Everest 16.6.3

This command was introduced.

Cisco IOS XE Fuji 16.9.1

Hot-patching support is introduced. Sample output updated with hot SMU outputs.

Usage Guidelines

An SMU is a package that can be installed on a system to provide a patch fix or security resolution to a released image. This package contains a minimal set of files for patching the release along with metadata that describes the contents of the package.

Packages must be added before the SMU is activated.

A package must be deactivated before it is removed from Flash. A removed packaged must be added again.

Examples

The following example shows how to add an install package to a device:

Device# install add file flash:cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin

install_add: START Mon Mar  5 21:48:51 PST 2018
install_add: Adding SMU

--- Starting initial file syncing ---
Info: Finished copying flash:cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin to the selected switch(es)
Finished initial file syncing

Executing pre scripts....

Executing pre scripts done.
--- Starting SMU Add operation ---
Performing SMU_ADD on all members
  [1] SMU_ADD package(s) on switch 1
  [1] Finished SMU_ADD on switch 1
Checking status of SMU_ADD on [1]
SMU_ADD: Passed on [1]
Finished SMU Add operation

SUCCESS: install_add /flash/cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin Mon Mar  5 21:49:00 PST 2018

The following example shows how to activate an install package:

Device# install activate file flash:cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin

install_activate: START Mon Mar  5 21:49:22 PST 2018
install_activate: Activating SMU
Executing pre scripts....

Executing pre sripts done.

--- Starting SMU Activate operation ---
Performing SMU_ACTIVATE on all members
  [1] SMU_ACTIVATE package(s) on switch 1
  [1] Finished SMU_ACTIVATE on switch 1
Checking status of SMU_ACTIVATE on [1]
SMU_ACTIVATE: Passed on [1]
Finished SMU Activate operation

SUCCESS: install_activate /flash/cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin Mon Mar  5 21:49:34 PST 2018

The following example shows how to commit an installed package:

Device# install commit

install_commit: START Mon Mar  5 21:50:52 PST 2018
install_commit: Committing SMU
Executing pre scripts....

Executing pre sripts done.
--- Starting SMU Commit operation ---
Performing SMU_COMMIT on all members
  [1] SMU_COMMIT package(s) on switch 1
  [1] Finished SMU_COMMIT on switch 1
Checking status of SMU_COMMIT on [1]
SMU_COMMIT: Passed on [1]
Finished SMU Commit operation

SUCCESS: install_commit /flash/cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin Mon Mar  5 21:51:01 PST 2018

Examples

The following example shows how to change a device running in bundle boot mode to install mode:

Device# install add file boot flash:cat9k_iosxe.17.04.01.SSA.bin activate commit

install_add_activate_commit: START Sun Jun 14 22:31:41 PDT 2020

install_add_activate_commit: Adding PACKAGE

install_add_activate_commit: Checking whether new add is allowed ....

--- Starting initial file syncing ---

[1]: Copying flash:cat9k_iosxe.17.04.01.SSA.bin from switch 1 to switch 2

[2]: Finished copying to switch 2  

Info: Finished copying flash:cat9k_iosxe.17.04.01.SSA.bin to the selected switch(es)

Finished initial file syncing

--- Starting Add ---

Performing Add on all members
  [1] Add package(s) on switch 1
  [1] Finished Add on switch 1
  [2] Add package(s) on switch 2
  [2] Finished Add on switch 2

Checking status of Add on [1 2]

Add: Passed on [1 2]

Finished Add

Image added. Version: 17.4.01.0.87954

install_add_activate_commit: Activating PACKAGE

Following packages shall be activated:

/flash/cat9k-wlc.17.04.01.SSA.pkg

/flash/cat9k-webui.17.04.01.SSA.pkg

/flash/cat9k-srdriver.17.04.01.SSA.pkg

/flash/cat9k-sipspa.17.04.01.SSA.pkg

/flash/cat9k-sipbase.17.04.01.SSA.pkg

/flash/cat9k-rpboot.17.04.01.SSA.pkg

/flash/cat9k-rpbase.17.04.01.SSA.pkg

/flash/cat9k-lni.17.04.01.SSA.pkg

/flash/cat9k-guestshell.17.04.01.SSA.pkg

/flash/cat9k-espbase.17.04.01.SSA.pkg

/flash/cat9k-cc_srdriver.17.04.01.SSA.pkg

This operation may require a reload of the system. Do you want to proceed? [y/n]y

--- Starting Activate ---

Performing Activate on all members

  [1] Activate package(s) on switch 1

  [1] Finished Activate on switch 1

  [2] Activate package(s) on switch 2

  [2] Finished Activate on switch 2

Checking status of Activate on [1 2]

Activate: Passed on [1 2]

Finished Activate

Building configuration...

[OK]--- Starting Commit ---

Performing Commit on all members

  [1] Commit package(s) on switch 1

  [1] Finished Commit on switch 1

  [2] Commit package(s) on switch 2

  [2] Finished Commit on switch 2

Checking status of Commit on [1 2]

Commit: Passed on [1 2]

Finished Commit

Send model notification for install_add_activate_commit before reload

[1 2]: Performing Upgrade_Service

300+0 records in

300+0 records out

307200 bytes (307 kB, 300 KiB) copied, 0.194027 s, 1.6 MB/s

AppGigabitEthernet port has the latest Firmware

mount: /tmp/microcode_update/boot_pkg: WARNING: device write-protected, mounted read-only.

SUCCESS: Upgrade_Service finished

Install will reload the system now!

SUCCESS: install_add_activate_commit  Sun Jun 14 22:40:55 PDT 2020

The following example shows how to avoid prompt during reboot process:

Device# install add file boot flash:cat9k_iosxe.17.04.01.SSA.bin activate commit prompt-level none
install_add_activate_commit: START Wed Jun 17 03:57:53 PDT 2020

install_add_activate_commit: Adding PACKAGE

install_add_activate_commit: Checking whether new add is allowed ....

--- Starting initial file syncing ---

[1]: Copying flash:cat9k_iosxe.17.04.01.SSA.bin from switch 1 to switch 2 3

[2 3]: Finished copying to switch 2 switch 3  

Info: Finished copying flash:cat9k_iosxe.17.04.01.SSA.bin to the selected switch(es)

Finished initial file syncing

--- Starting Add ---

Performing Add on all members

  [1] Add package(s) on switch 1

  [1] Finished Add on switch 1

  [2] Add package(s) on switch 2

  [2] Finished Add on switch 2

  [3] Add package(s) on switch 3

  [3] Finished Add on switch 3

Checking status of Add on [1 2 3]

Add: Passed on [1 2 3]

Finished Add

Image added. Version: 17.4.01.0.115072

install_add_activate_commit: Activating PACKAGE

Following packages shall be activated:

/flash/cat9k-wlc.17.04.01.SSA.pkg

/flash/cat9k-webui.17.04.01.SSA.pkg

/flash/cat9k-srdriver.17.04.01.SSA.pkg

/flash/cat9k-sipspa.17.04.01.SSA.pkg

/flash/cat9k-sipbase.17.04.01.SSA.pkg

/flash/cat9k-rpboot.17.04.01.SSA.pkg

/flash/cat9k-rpbase.17.04.01.SSA.pkg

/flash/cat9k-lni.17.04.01.SSA.pkg

/flash/cat9k-guestshell.17.04.01.SSA.pkg

/flash/cat9k-espbase.17.04.01.SSA.pkg

/flash/cat9k-cc_srdriver.17.04.01.SSA.pkg

--- Starting Activate ---

Performing Activate on all members

  [1] Activate package(s) on switch 1

  [1] Finished Activate on switch 1

  [2] Activate package(s) on switch 2

  [2] Finished Activate on switch 2

  [3] Activate package(s) on switch 3

  [3] Finished Activate on switch 3

Checking status of Activate on [1 2 3]

Activate: Passed on [1 2 3]

Finished Activate



Building configuration...

[OK]--- Starting Commit ---

Performing Commit on all members

  [1] Commit package(s) on switch 1

  [1] Finished Commit on switch 1

  [2] Commit package(s) on switch 2

  [2] Finished Commit on switch 2

  [3] Commit package(s) on switch 3

  [3] Finished Commit on switch 3

Checking status of Commit on [1 2 3]

Commit: Passed on [1 2 3]

Finished Commit

Send model notification for install_add_activate_commit before reload

[1 2 3]: Performing Upgrade_Service

300+0 records in

300+0 records out

307200 bytes (307 kB, 300 KiB) copied, 0.194692 s, 1.6 MB/s

AppGigabitEthernet port has the latest Firmware

mount: /tmp/microcode_update/boot_pkg: WARNING: device write-protected, mounted read-only.

  SUCCESS: Upgrade_Service finished

Install will reload the system now!

SUCCESS: install_add_activate_commit  Wed Jun 17 04:05:25 PDT 2020


The following example shows how to avoid deleting files used for installation process:

Device# install remove inactive
install_remove: START Wed Jun 17 06:23:26 PDT 2020

Cleaning up unnecessary package files

No path specified, will use booted path flash:packages.conf

Cleaning flash:

  Scanning boot directory for packages ... done.

  Preparing packages list to delete ... 

    cat9k-cc_srdriver.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-cc_srdriver.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-espbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-espbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-guestshell.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-guestshell.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-lni.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-rpbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-rpbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-rpboot.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-sipbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-sipbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-sipspa.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-sipspa.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-srdriver.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-srdriver.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-webui.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-webui.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-wlc.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-wlc.17.04.01.SSA.pkg

      File is in use, will not delete.

    packages.conf

      File is in use, will not delete.

  done.

  

Cleaning up unnecessary package files

No path specified, will use booted path flash:packages.conf

Cleaning flash:

  Scanning boot directory for packages ... done.

  Preparing packages list to delete ... 

    cat9k-cc_srdriver.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-espbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-guestshell.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-lni.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-rpbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-rpboot.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-sipbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-sipspa.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-srdriver.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-webui.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-wlc.17.04.01.SSA.pkg

      File is in use, will not delete.

    packages.conf

      File is in use, will not delete.

  done.

  

Cleaning up unnecessary package files

No path specified, will use booted path flash:packages.conf

Cleaning flash:

  Scanning boot directory for packages ... done.

  Preparing packages list to delete ... 

    cat9k-cc_srdriver.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-espbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-guestshell.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-lni.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-rpbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-rpboot.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-sipbase.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-sipspa.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-srdriver.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-webui.17.04.01.SSA.pkg

      File is in use, will not delete.

    cat9k-wlc.17.04.01.SSA.pkg

      File is in use, will not delete.

    packages.conf

      File is in use, will not delete.

  done.

  

The following files will be deleted:

[switch 1]:

/flash/cat9k-lni.17.04.01.SSA.pkg

/flash/cat9k-rpboot.17.04.01.SSA.pkg

/flash/cat9k_iosxe.17.04.01.SSA.bin

/flash/cat9k_iosxe.17.04.01.SSA.conf

/flash/cat9k_iosxe.17.04.01.SSA.conf

[switch 2]:

/flash/cat9k-cc_srdriver.17.04.01.SSA.pkg

/flash/cat9k-espbase.17.04.01.SSA.pkg

/flash/cat9k-guestshell.17.04.01.SSA.pkg

/flash/cat9k-lni.17.04.01.SSA.pkg

/flash/cat9k-rpbase.17.04.01.SSA.pkg

/flash/cat9k-rpboot.17.04.01.SSA.pkg

/flash/cat9k-sipbase.17.04.01.SSA.pkg

/flash/cat9k-sipspa.17.04.01.SSA.pkg

/flash/cat9k-srdriver.17.04.01.SSA.pkg

/flash/cat9k-webui.17.04.01.SSA.pkg

/flash/cat9k-wlc.17.04.01.SSA.pkg

/flash/cat9k_iosxe.17.04.01.SSA.bin

/flash/cat9k_iosxe.17.04.01.SSA.conf

/flash/cat9k_iosxe.17.04.01.SSA.conf

[switch 3]:

/flash/cat9k-cc_srdriver.17.04.01.SSA.pkg

/flash/cat9k-espbase.17.04.01.SSA.pkg

/flash/cat9k-guestshell.17.04.01.SSA.pkg

/flash/cat9k-lni.17.04.01.SSA.pkg

/flash/cat9k-rpbase.17.04.01.SSA.pkg

/flash/cat9k-rpboot.17.04.01.SSA.pkg

/flash/cat9k-sipbase.17.04.01.SSA.pkg

/flash/cat9k-sipspa.17.04.01.SSA.pkg

/flash/cat9k-srdriver.17.04.01.SSA.pkg

/flash/cat9k-webui.17.04.01.SSA.pkg

/flash/cat9k-wlc.17.04.01.SSA.pkg

/flash/cat9k_iosxe.17.04.01.SSA.bin

/flash/cat9k_iosxe.17.04.01.SSA.conf

/flash/cat9k_iosxe.17.04.01.SSA.conf



Do you want to remove the above files? [y/n]y

[switch 1]:

Deleting file flash:cat9k-lni.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-rpboot.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k_iosxe.17.04.01.SSA.bin ... done.

Deleting file flash:cat9k_iosxe.17.04.01.SSA.conf ... done.

Deleting file flash:cat9k_iosxe.17.04.01.SSA.conf ... done.

SUCCESS: Files deleted.

[switch 2]:

Deleting file flash:cat9k-cc_srdriver.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-espbase.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-guestshell.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-lni.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-rpbase.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-rpboot.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-sipbase.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-sipspa.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-srdriver.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-webui.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-wlc.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k_iosxe.17.04.01.SSA.bin ... done.

Deleting file flash:cat9k_iosxe.17.04.01.SSA.conf ... done.

Deleting file flash:cat9k_iosxe.17.04.01.SSA.conf ... done.

SUCCESS: Files deleted.

[switch 3]:

Deleting file flash:cat9k-cc_srdriver.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-espbase.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-guestshell.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-lni.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-rpbase.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-rpboot.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-sipbase.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-sipspa.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-srdriver.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-webui.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k-wlc.17.04.01.SSA.pkg ... done.

Deleting file flash:cat9k_iosxe.17.04.01.SSA.bin ... done.

Deleting file flash:cat9k_iosxe.17.04.01.SSA.conf ... done.

Deleting file flash:cat9k_iosxe.17.04.01.SSA.conf ... done.

SUCCESS: Files deleted.

--- Starting Post_Remove_Cleanup ---

Performing Post_Remove_Cleanup on all members

  [1] Post_Remove_Cleanup package(s) on switch 1

  [1] Finished Post_Remove_Cleanup on switch 1

  [2] Post_Remove_Cleanup package(s) on switch 2

  [2] Finished Post_Remove_Cleanup on switch 2

  [3] Post_Remove_Cleanup package(s) on switch 3

  [3] Finished Post_Remove_Cleanup on switch 3

Checking status of Post_Remove_Cleanup on [1 2 3]

Post_Remove_Cleanup: Passed on [1 2 3]

Finished Post_Remove_Cleanup



SUCCESS: install_remove  Wed Jun 17 06:24:59 PDT 2020

ip http banner


Note


The ip http banner command is not available in Cisco IOS XE Cupertino 17.9.6 release and later Cisco IOS XE Cupertino 17.9.x releases.


To enable the HTTP or HTTP Secure (HTTPS) server banner, use the ip http banner command in global configuration mode. To disable the HTTP or HTTPS server banner, use the no form of this command.

ip http banner

no ip http banner

Syntax Description

This command has no arguments or keywords.

Command Default

The HTTP or HTTPS server banner is not enabled.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Cisco IOS XE Cupertino 17.9.6

This command was removed. It is not available in Cisco IOS XE Cupertino 17.9.6 release and later Cisco IOS XE Cupertino 17.9.x releases.

Usage Guidelines

While the HTTP server processes a request, if the session ID is invalid or expired, the server redirects the user to a banner page. The banner page allows the user to log in with credentials. The server validates the credentials and processes the request.

Examples

The following example shows how to enable the HTTP or HTTPS server banner:

Device> enable
Device# configure terminal
Device(config)# ip http banner
Device(config)# end

ip http banner-path


Note


The ip http banner-path command is not available in Cisco IOS XE Cupertino 17.9.6 release and later Cisco IOS XE Cupertino 17.9.x releases.


To set a custom path for the HTTP or HTTP Secure (HTTPS) banner page, use the ip http banner-path command in global configuration mode. To disable the custom path for the HTTP or HTTPS banner page, use the no form of this command.

ip http banner-path path-name

no ip http banner-path path-name

Syntax Description

path-name

Custom path for the HTTP or HTTPS banner.

Command Default

The custom path for the HTTP or HTTPS banner is not set.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Cisco IOS XE Cupertino 17.9.6

This command was removed. It is not available in Cisco IOS XE Cupertino 17.9.6 release and later Cisco IOS XE Cupertino 17.9.x releases.

Usage Guidelines

Use the ip http banner-path command to direct the user to the banner path.

If the command is not configured or if the custom banner path does not exist, the server directs the user to the default banner page.

Examples

The following example shows how to set the path to the HTTP or HTTPS banner page:

Device> enable
Device# configure terminal
Device(config)# ip http banner-path welcome
Device(config)# end

ip ssh bulk-mode

To enable the Secure Shell (SSH) bulk data transfer mode, use the ip ssh bulk-mode command in global configuration mode. To disable this mode, use the no form of this command.

ip ssh bulk-mode [ window-size ]

no ip ssh bulk-mode [ window-size ]

Syntax Description

window-size

(Optional) The SSH window size. The range is from 131072 to 1073741824. The default is 131072.

Command Default

SSH bulk mode is enabled.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Amsterdam 17.2.1

This command was introduced.

Cisco IOS XE Bengaluru 17.6.1

This command was modified. The window-size variable option was introduced.

Cisco IOS XE Dublin 17.10.1

SSH bulk mode is enabled by default.

Usage Guidelines

SSH bulk mode enables optimizing the throughput performance of procedures that involve the transfer of large amounts of data. The Secure Copy feature has been enhanced to leverage bulk mode optimizations.

Beginning from Cisco IOS XE Dublin 17.10.1, SSH bulk mode is enabled by default with the default window size of 128KB.


Note


  • Bulk data transfer mode does not support the time or volume-based SSH rekey functionality.

  • Bulk data transfer mode is not supported with SSH Version 1.


Examples

The following example shows how to enable bulk data transfer mode on an SSH server:

Device> enable
Device# configure terminal
Device(config)# ip ssh bulk-mode
Device(config)# exit

l2 traceroute

To enable the Layer 2 traceroute server, use the l2 traceroute command in global configuration mode. Use the no form of this command to disable the Layer 2 traceroute server.

l2 traceroute

no l2 traceroute

Syntax Description

This command has no arguments or keywords.

Command Modes

Global configuration (config#)

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

The command was introduced.

Usage Guidelines

Layer 2 traceroute is enabled by default and opens a listening socket on User Datagram Protocol (UDP) port 2228. To close the UDP port 2228 and disable Layer 2 traceroute, use the no l2 traceroute command in global configuration mode.

Examples

The following example shows how to configure Layer 2 traceroute using the l2 traceroute command.


Device# configure terminal
Device(config)# l2 traceroute

license air level

To configure AIR licenses on a wireless controller that is connected to Cisco Catalyst Access, Core, and Aggregation Switches, enter the license air level command in global configuration mode. To revert to the default setting, use the no form of this command.

license air level { air-network-advantage [ addon air-dna-advantage ] | air-network-essentials [ addon air-dna-essentials ] }

no license air level

Syntax Description

air-network-advantage

Configures the AIR network advantage license level.

addon air-dna-advantage

(Optional) Configures the add-on AIR DNA advantage license level.

This add-on option is available with the AIR network advantage license, and is the default license.

air-network-essentials

Configures the AIR network essential license level.

addon air-dna-essentials

(Optional) Configures the add-on AIR DNA essentials license level.

This add-on option is available with the AIR network essential license.

Command Default

AIR DNA Advantage is the default license

Command Modes

Global configuration (Device(config)# )

Command History

Release Modification

Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Cisco IOS XE Amsterdam 17.3.2a

This command continues to be available and applicable with the introduction of Smart Licensing Using Policy in this release. See the Usage Guidelines section below for details.

Usage Guidelines

In the Smart Licensing Using Policy environment, you can use the license air level command to change the license level being used on the product instance, or to additionally configure an add-on license on the product instance. The change is effective after a reload.

The licenses that can be configured are:

  • AIR Network Essential

  • AIR Network Advantage

  • AIR DNA Essential

  • AIR DNA Advantage

You can configure AIR DNA Essential or AIR DNA Advantage license level, and on term expiry, you can move to the Network Advantage or Network Essentials license level, if you do not want to renew the DNA license.

Every connecting Access Point requires a Cisco DNA Center License to leverage the unique value properties of the controller.

For more information, see the Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide for the required release.

Examples

The following example shows how to configure the AIR DNA Essential license level:
Device# configure terminal
Device(config)# license air level network-essentials addon air-dna-essentials
The following example shows how to configure the AIR DNA Advantage license level:
Device# configure terminal
Device(config)# license air level air-network-advantage addon air-dna-advantage

license boot level

To boot a new software license on the device, use the license boot level command in global configuration mode. Use the no form of this command to remove all software licenses from the device.

license boot level { network-advantage [ addon dna-advantage ] | network-essentials [ addon dna-essentials ] }

no license boot level

Syntax Description

network-advantage [ addon dna-advantage ]

Configures the Network Advantage license.

Optionally, you can also configure the Digital Networking Architecture (DNA) Advantage license.

network-essentials [ addon dna-essentials ]

Configures the Network Essentials license.

Optionally, you can also configure the Digital Networking Architecture (DNA) Essentials license.

Command Default

Network Essentials

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Cisco IOS XE Amsterdam 17.3.2a

This command continues to be available and applicable with the introduction of Smart Licensing Using Policy in this release. See the Usage Guidelines section below for details.

Usage Guidelines

The software features available on Cisco Catalyst 9000 Series Switches fall under these base or add-on license levels:

Base Licenses:

  • Network Essentials

  • Network Advantage—Includes features available with the Network Essentials license and more.

Add-on Licenses:

  • DNA Essentials

  • DNA Advantage—Includes features available with the Network Essentials license and more.

Base licenses are permanent or perpetual licenses.

Add-on licenses are subscription or term licenses and can be purchased for a three, five, or seven year period. Base licenses are a prerequite for add-on licenses. See the release notes for more information about this.

The sections below provide information about using the license boot level command in the earlier Smart Licensing environment, and in the Smart Licensing Using Policy environment.

Smart Licensing: If the software version on the device is Cisco IOS XE Amsterdam 17.3.1 or an earlier release, Smart Licensing is enabled by default and you can use the license boot level command for these purposes:

  • Downgrade or upgrade licenses

  • Enable or disable an evaluation or extension license

  • Clear an upgrade license

This command forces the licensing infrastructure to boot the configured license level instead of the license hierarchy maintained by the licensing infrastructure for a given module:

  • When the switch reloads, the licensing infrastructure checks the configuration in the startup configuration for licenses, if any. If there is a license in the configuration, the switch boots with that license. If there is no license, the licensing infrastructure follows the image hierarchy to check for licenses.

  • If the forced boot evaluation license expires, the licensing infrastructure follows the regular hierarchy to check for licenses.

  • If the configured boot license has already expired, the licensing infrastructure follows the hierarchy to check for licenses.

Smart Licensing Using Policy: If the software version on the device (also referred to as a product instance) is Cisco IOS XE Amsterdam 17.3.2a or a later release, Smart Licensing Using Policy is enabled by default and you can use the license boot level command for these purposes:

  • To change the base or add-on license levels being used on the product instance.

    For example, if you are using Network Essentials and you want to use Network Advantage with the next reload, or if you are using DNA Advantage and you want to use DNA Essentials with the next reload.

  • To add or remove add-on license levels being used on the product instance.

    For example, if you are using only Network Essentials and you want to use DNA Essentials with the next reload, or if you are using DNA Advantage and you do not want to use the add-on after the next reload.

The notion of evaluation or expired licenses does not exist in Smart Licensing Using Policy.

After the command is configured, the configured license is effective after the next reload. License usage continues to be recorded on device and this changed licensing consmption information may have to be sent via the next Resource Utilization Measurement Report (RUM report), to CSSM. The reporting requirements and frequency are determined by the policy that is applied. See the Usage Reporting: section of the show license status command output. For more information about Smart Licensing Using Policy, in the software configuration guide of the required release, see System Management > Smart Licensing Using Policy.

Examples

The following example shows how to configure the Network Essentials license at the next reload:
Device# configure terminal
Device(config)# license boot level network-essentals
Device(config)# exit
Device# copy running-config startup-config 
Device# reload
The following example shows how to activate the DNA Essentials license at the next reload:
Device# configure terminal
Device(config)# license boot level network-essentals add-on dna-essentials
Device(config)# exit
Device# copy running-config startup-config 
Device# reload

license smart (global config)

To configure licensing-related settings such as the mode of transport and the URL that the product instance uses to communicate with Cisco Smart Software Manager (CSSM), or Cisco Smart Licensing Utility (CSLU), or Smart Software Manager On-Prem (SSM On-Prem), to configure the usage reporting interval, to configure the information that must be exluded or included in a license usage report (RUM report), enter the license smart command in global configuration mode. Use the no form of the command to revert to default values.

license smart { custom_id ID | enable | privacy { all | hostname | version } | proxy { address address_hostname | port port } | reservation | server-identity-check | transport { automatic | callhome | cslu | off | smart } | url { url | cslu cslu_or_on-prem_url | default | smart smart_url | utility secondary_url } | usage { customer-tags { tag1 | tag2 | tag3 | tag4 } tag_value | interval interval_in_days } | utility [ customer_info { city city | country country | postalcode postalcode | state state | street street } ] }

no license smart { custom_id | enable | privacy { all | hostname | version } | proxy { address address_hostname | port port } | reservation | server-identity-check | transport | url { url | cslu cslu_or_on-prem_url | default | smart smart_url | utility secondary_url } | usage { customer-tags { tag1 | tag2 | tag3 | tag4 } tag_value | interval interval_in_days } | utility [ customer_info { city city | country country | postalcode postalcode | state state | street street } ] }

Syntax Description

custom_id ID

Although available on the CLI, this option is not supported.

enable

Although visible on the CLI, configuring this keyword has no effect. Smart licensing is always enabled.

privacy { all | hostname | version }

Sets a privacy flag to prevent the sending of the specified data privacy related information.

When the flag is disabled, the corresponding information is sent in a message or offline file created by the product instance.

Depending on the topology this is sent to one or more components, including CSSM, CSLU, and SSM On-Prem.

All data privacy settings are disabled by default. You must configure the option you want to exclude from all communication:

  • all : All data privacy related information is excluded from any communication.

    The no form of the command causes all data privacy related information to be sent in a message or offline file.

    Note

     

    The Product ID (PID) and serial number are included in the RUM report regardless of whether data privacy is enabled or not.

  • hostname : Excludes hostname information from any communication. When hostname privacy is enabled, the UDI of the product instance is displayed on the applicable user interfaces (CSSM, CSLU, and SSM On-Prem).

    The no form of the command causes hostname information to be sent in a message or offline file. The hostname is displayed on the applicable user interfaces (CSSM, CSLU, and SSM On-Prem).

  • version : Excludes the Cisco IOS-XE software version running on the product instance and the Smart Agent version from any communication.

    The no form of the command causes version information to be sent in a message or offline file.

proxy { address address_hostname | port port }

Configures a proxy for license usage synchronization with CSLU or CSSM. This means that you can use this option to configure a proxy only if the transport mode is license smart transport smart (CSSM), or license smart transport cslu (CSLU).

However, you cannot configure a proxy for license usage synchronization in an SSM On-Prem deployment, which also uses license smart transport cslu as the transport mode.

Configure the following options:

  • address address_hostname : Configures the proxy address.

    For address_hostname , enter the enter the IP address or hostname of the proxy.

  • portport : Configures the proxy port.

    For port, enter the proxy port number.

reservation

Enables or disables a license reservation feature.

Note

 
Although available on the CLI, this option is not applicable because license reservation is not applicable in the Smart Licensing Using Policy environment.

server-identity-check

Enables or disables the HTTP secure server identity check.

transport { automatic | callhome | cslu | off | smart }

Configures the mode of transport the product instance uses to communicate with CSSM. Choose from the following options:

  • automatic : Sets the transport mode cslu .

  • callhome : Enables Call Home as the transport mode.

  • cslu : Enables CSLU as the transport mode. This is the default transport mode.

    The same keyword applies to both CSLU and SSM On-Prem, but the URLs are different. See cslucslu_or_on-prem_url in the following row.

  • off : Disables all communication from the product instance.

  • smart : Enables Smart transport.

url { url | cslu cslu_url | default | smart smart_url | utility secondary_url }

Sets a URL for the configured transport mode. Choose from the following options:

  • url : If you have configured the transport mode as callhome, configure this option. Enter the CSSM URL exactly as follows:

    https://tools.cisco.com/its/service/oddce/services/DDCEService

    The no license smart url url command reverts to the default URL.

  • cslu cslu_or_on-prem_url : If you have configured the transport mode as cslu, configure this option, with the URL for CSLU or SSM On-Prem, as applicable:

    • If you are using CSLU, enter the URL as follows:

      http://<cslu_ip_or_host>:8182/cslu/v1/pi

      For <cslu_ip_or_host>, enter the hostname or the IP address of the windows host where you have installed CSLU. 8182 is the port number and it is the only port number that CSLU uses.

      The no license smart url cslu cslu_or_on-prem_url command reverts to http://cslu-local:8182/cslu/v1/pi

    • If you are using SSM On-Prem, enter the URL as follows:

      http://<ip>/cslu/v1/pi/<tenant ID>

      For <ip>, enter the hostname or the IP address of the server where you have installed SSM On-Prem. The <tenantID> must be the default local virtual account ID.

      Tip

       
      You can retrieve the entire URL from SSM On-Prem. In the software configuration guide of the required release (17.3.x onwards), see System Management > Smart Licensing Using Policy > Task Library for Smart Licensing Using Policy > Retrieving the Transport URL (SSM On-Prem UI).

      The no license smart url cslu cslu_or_on-prem_url command reverts to http://cslu-local:8182/cslu/v1/pi

  • default : Depends on the configured transport mode. Only the smart and cslu transport modes are supported with this option.

    If the transport mode is set to cslu, and you configure license smart url default , the CSLU URL is configured automatically (https://cslu-local:8182/cslu/v1/pi).

    If the transport mode is set to smart, and you configure license smart url default , the Smart URL is configured automatically (https://smartreceiver.cisco.com/licservice/license).

  • smart smart_url : If you have configured the transport type as smart, configure this option. Enter the URL exactly as follows:

    https://smartreceiver.cisco.com/licservice/license

    When you configure this option, the system automatically creates a duplicate of the URL in license smart url url . You can ignore the duplicate entry, no further action is required.

    The no license smart url smartsmart_url command reverts to the default URL.

  • utility smart_url : Although available on the CLI, this option is not supported.

usage { customer-tags { tag1 | tag2 | tag3 | tag4 } tag_value | interval interval_in_days }

Configures usage reporting settings. You can set the following options:

  • customer-tags{ tag1| tag2| tag3| tag4} tag_value : Defines strings for inclusion in data models, for telemetry. Up to 4 strings (or tags) may be defined.

    For tag_value , enter the string value for each tag that you define.

  • interval interval_in_days : Sets the reporting interval in days. By default the RUM report is sent every 30 days. The valid value range is 1 to 3650.

    If you set the value to zero, RUM reports are not sent, regardless of what the applied policy specifies - this applies to topologies where CSLU or CSSM may be on the receiving end.

    If you set a value that is greater than zero and the transport type is set to off, then, between the interval_in_days and the policy value for Ongoing reporting frequency(days):, the lower of the two values is applied. For example, if interval_in_days is set to 100, and the value in the in the policy says Ongoing reporting frequency (days):90, RUM reports are sent every 90 days.

    If you do not set an interval, and the default is effective, the reporting interval is determined entirely by the policy value. For example, if the default value is effective and only unenforced licenses are in use, if the policy states that reporting is not required, then RUM reports are not sent.

utility [ customer_info { city city | country country | postalcode postalcode | state state | street street } ]

Although visible on the CLI, this option is not supported on any of the Cisco Catalyst Access, Core, and Aggregation Switches.

Command Default

Cisco IOS XE Amsterdam 17.3.1 or earlier: Smart Licensing is enabled by default

Cisco IOS XE Amsterdam 17.3.2a and later: Smart Licensing Using Policy is enabled by default.

Command Modes

Global config (Device(config)# )

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Cisco IOS XE Amsterdam 17.3.2a

The following keywords and variables were introduced with Smart Licensing Using Policy:

  • Under the url keyword, these options were introduced:

    { cslu cslu_url | smart smart_url }

  • Under the transport keyword, these options were introduced:

    { cslu | off }

    Further, the default transport type was changed from callhome , to cslu .

  • usage { customer-tags { tag1 | tag2 | tag3 | tag4 } tag_value | interval interval_in_days }

The following keywords and variables under the license smart global command are deprecated and no longer available on the CLI: enable and conversion automatic .

Cisco IOS XE Amsterdam 17.3.3

SSM On-Prem support was introduced. For product instance-initiated communication in an SSM On-Prem deployment, the existing [no ]license smart url cslucslu_or_on-prem_url command supports the configuration of a URL for SSM On-Prem as well. But the required URL format for SSM On-Prem is: http://<ip>/cslu/v1/pi/<tenant ID>.

The corresponding transport mode that must be configured is also an existing command (license smart transport cslu ).

Cisco IOS XE Cupertino 17.7.1

If version privacy is disabled (no license smart privacy version global configuration command), the Cisco IOS-XE software version running on the product instance and the Smart Agent version is included in the RUM report.

To exclude version information from the RUM report, version privacy must be enabled (license smart privacy version ).

Cisco IOS XE Cupertino 17.9.1

  • Support for sending hostname information was introduced.

    If the privacy setting for the hostname is disabled (no license smart privacy hostname global configuration command), hostname information is sent from the product instance, in a separate sync message, or offline file. Depending on the topology you have implemented, the hostname information is received by CSSM, CSLU, or SSM On-Prem. It is also displayed on the corresponding user interface.

  • A new mechanism to send all data privacy related information was introduced. This information is no longer included in a RUM report.

    If data privacy is disabled (no license smart privacy {all | hostname | version} global configuration command), data privacy related information is sent in a separate sync message or offline file.

Usage Guidelines

Data Privacy Settings

When you disable a privacy setting, the topology you have implemented determines the recipient and how the information reaches its destination:

  • The recipient of the information may be one or more of the following: CSSM, CSLU, and SSM On-Prem. The privacy setting has no effect on a controller (Cisco DNA Center).

    In case of the hostname keyword, after the hostname information is received by CSSM, CSLU, or SSM On-Prem, it is also displayed on the corresponding UIs – as applicable. If you then enable privacy the corresponding UIs revert to displaying the UDI of the product instance.

  • How the information is sent.

    • In case of a topology where the product instance initiates communication, the product instance initiates the sending of this information in a message, to CSSM, or CSLU, or SSM On-Prem.

      The product instance sends the hostname sent every time one of the following events occur: the product instance boots up, the hostname changes, there is a switchover in a High Availability set-up.

    • In case of a topology where CSLU or SSM On-Prem initiate communication, the corresponding component initiates the retrieval of privacy information from the product instance.

      The hostname is retrieved at the frequency you configure in CSLU or SSM On-Prem, to retrieve information.

    • In case of a topology where the product instance is in an air-gapped network, privacy information is included in the offline file that is generated when you enter the license smart save usage privileged EXEC command.


    Note


    For all topologies, data privacy related information is not included in the RUM report.


    Data privacy related information it is not stored by the product instance prior to sending or saving. This ensures that if and when information is sent, it is consistent with the data privacy setting at the time of sending or saving.

Communication failure and reporting

The reporting interval that you configure (license smart usage interval interval_in_days command), determines the date and time at which the product instance sends out the RUM report. If the scheduled interval coincides with a communication failure, the product instance attempts to send out the RUM report for up to four hours after the scheduled time has expired. If it is still unable to send out the report (because the communication failure persists), the system resets the interval to 15 minutes. Once the communication failure is resolved, the system reverts the reporting interval to the value that you last configured.

The system message you may see in case of a communicatin failure is %SMART_LIC-3-COMM_FAILED. For information about resolving this error and restoring the reporting interval value, in the software configuration guide of the required release (17.3.x onwards), see System Management > Smart Licensing Using Policy > Troubleshooting Smart Licensing Using Policy.

Proxy server acceptance

When configuring the license smart proxy { address address_hostname | portport} command, note the change in the criteria for the acceptance of proxy servers, starting with Cisco IOS XE Bengaluru 17.6.1: only the status code of the proxy server response is verified by the system and not the reason phrase. The RFC format is status-line = HTTP-version SP status-code SP reason-phrase CRLF, where the status code is a three-digit numeric code. For more information about the status line, see section 3.1.2 of RFC 7230.

Examples

Examples for Data Privacy

The following examples show how to configure data privacy related information using license smart privacy command in global configuration mode. The accompanying show license status output displays configured information.


Note


The output of the show command only tells you if a particular option is enabled or disabled.


Here, no data privacy related information information is sent:
Device# configure terminal
Device(config)# license smart privacy all  
Device(config)# exit
Device# show license status
<output truncated>
Data Privacy:
  Sending Hostname: no
    Callhome hostname privacy: ENABLED
    Smart Licensing hostname privacy: ENABLED
  Version privacy: ENABLED

Transport:
  Type: Callhome
<output truncated>

Here, hostname is included and version information is excluded in the message initiated from the product instance. The product instance is directly connected to CSSM (transport type is smart, with the corresponding URL).

Device# configure terminal
Device(config)# license smart privacy version
Device(config)# no license smart privacy hostname
Device(config)# exit

Device# show license all
<output truncated>

Data Privacy:
  Sending Hostname: no
    Callhome hostname privacy: DISABLED
    Smart Licensing hostname privacy: ENABLED
  Version privacy: DISABLED
          
Transport:
  Type: Smart
  URL: https://smartreceiver.cisco.com/licservice/license
  Proxy:  
    Not Configured
  VRF:    
    Not Configured

<output truncated>

Examples for Transport Type and URL

The following examples show how to configure some of the transport types using the license smart transport and the license smart url commands in global configuration mode. The accompanying show license all output displays configured information.

Transport: cslu :
Device# configure terminal
Device(config)# license smart transport cslu 
Device(config)# license smart url default
Device(config)# exit
Device# show license all
<output truncated>
Transport:
  Type: cslu
  Cslu address: http://192.168.0.1:8182/cslu/v1/pi
  Proxy:
    Not Configured
<output truncated>
Transport: smart :
Device# configure terminal
Device(config)# license smart transport smart 
Device(config)# license smart url smart https://smartreceiver.cisco.com/licservice/license
Device(config)# exit
Device# show license all
<output truncated>
Transport:
  Type: Smart
  URL: https://smartreceiver-stage.cisco.com/licservice/license
  Proxy:
    Not Configured
<output truncated>

Examples for Usage Reporting Options

The following examples show how to configure some of the usage reporting settings using the license smart usage command in global configuration mode. The accompanying show running-config output displays configured information.

Configuring the customer-tag option:
Device# configure terminal
Device(config)# license smart usage customer-tags tag1 SA/VA:01 
Device(config)# exit
Device# show running-config | include tag1
license smart usage customer-tags tag1 SA/VA:01
Configuring a narrower reporting interval than the currently applied policy:
Device# show license status
<output truncated>
Usage Reporting:
Last ACK received: Sep 22 13:49:38 2020 PST
Next ACK deadline: Dec 21 12:02:21 2020 PST
Reporting push interval: 30 days
Next ACK push check: Sep 22 12:20:34 2020 PST
Next report push: Oct 22 12:05:43 2020 PST
Last report push: Sep 22 12:05:43 2020 PST
Last report file write: <none>
<output truncated>

Device# configure terminal
Device(config)# license smart usage interval 20 
Device(config)# exit
Device# show license status
<output truncated>

Usage Reporting:
Last ACK received: Sep 22 13:49:38 2020 PST
Next ACK deadline: Nov 22 12:02:21 2020 PST
Reporting push interval: 20 days
Next ACK push check: Sep 22 12:20:34 2020 PST
Next report push: Oct 12 12:05:43 2020 PST
Last report push: Sep 22 12:05:43 2020 PST
Last report file write: <none>
<output truncated>

license smart (privileged EXEC)

To configure licensing functions such as requesting or returning authorization codes, saving Resource Utilization Measurement reports (RUM reports), importing a file on to a product instance, establishing trust with Cisco Smart Software Manager (CSSM), synchronizing the product instance with CSSM, or Cisco Smart License Utility (CSLU), or Smart Software Manager On-Prem (SSM On-Prem), and removing licensing information from the product instance, enter the license smart command in privileged EXEC mode with the corresponding keyword or argument.

license smart { authorization { request { add | replace | save path } feature_name { all | local } | return { all | local } { offline [ path ] | online } } | clear eventlog | export return { all | local } feature_name | factory reset | import file_path | save { trust-request filepath_filename | usage { all | days days | rum-id rum-ID | unreported } { file file_path } } | sync { all | local } | trust idtoken id_token_value { local | all } [ force ] }

Syntax Description

smart

Provides options for Smart Licensing.

authorization

Provides the option to request for, or return, authorization codes.

Authorization codes are required only if you use licenses with enforcement type: export-controlled or enfored.

request

Requests an authorization code from CSSM, CSLU (CSLU in-turn fetches it from CSSM), or SSM On-Prem and installs it on the product instance.

add

Adds the requested license to the existing authorization code. The new authorization code will contain all the licenses of the existing authorization code and the requested license.

replace

Replaces the existing authorization code. The new authorization code will contain only the requested license. All licenses in the current authorization code are returned.

When you enter this option, the product instance verifies if licenses that correspond to the authorization codes that will be removed, are in-use. If licenses are being used, an error message tells you to first disable the corresponding features.

save filepath_filename

Saves the authorization code request to a file.

For filepath_filename , specify the absolute path to the file, including the filename.

feature_name

Name of the license for which you are requesting an authorization code.

all

Performs the action for all product instances in a High Availability or stacking set-up.

local

Performs the action for the active product instance. This is the default option.

return

Returns an authorization code back to the license pool in CSSM.

offline filepath_filename

Means the product instance is not connected to CSSM. The authorization code is returned offline. This option requires you to print the return code to a file.

Optionally, you can also specify a path to save the file. The file format can be any readable format, such as .txt

If you choose the offline option, you must complete the additional step of copying the return code from the CLI or the saved file and entering it in CSSM.

online

Means that the product instance is in a connected mode. The authorization code is returned to CSLU or CSSM directly.

clear eventlog

Clears all event log files from the product instance.

export return

Although visible on the CLI, this command is not applicable in the Smart Licensing Using Policy environment. Use the license smart authorization return privileged EXEC command to return an authorization code instead.

factory reset

Clears all saved licensing information from the product instance.

import filepath_filename

Imports a file on to the product instance. The file may be that of an authorization code, a trust code, or, or a policy.

For filepath_filename , specify the location, including the filename.

save

Provides options to save RUM reports or trust code requests.

trust-request filepath_filename

Saves the trust code request for the active product instance in the specified location.

For filepath_filename , specify the absolute path to the file, including the filename.

usage { all | days days | rum-id rum-ID | unreported } { file file_path }

Saves RUM reports (license usage information) in the specified location. You must specify one of these options:

  • all : Saves all RUM reports.

  • days days : Saves RUM report for the last n number of days (excluding the current day). Enter a number. The valid range is 0 to 4294967295.

    For example, if you enter 3, RUM reports of the last three days are saved.

  • rum-Id rum-ID : Saves a specified RUM ID. The valid value range is 0 to 18446744073709551615.

  • unreported : Saves all unreported RUM reports.

file filepath_filename : Saves the specified usage information to a file. Specify the absolute path to the file, including the filename.

sync { all | local }

Synchronizes with CSSM or CSLU, or SSM On-Prem, to send and receive any pending data. This includes uploading pending RUM reports, downloading the ACK response, any pending authorization codes, trust codes, and policies for the product instance.

Specify the product instance by entering one of these options:

  • all : Performs synchronization for all the product instances in a High Availability or stacking set-up. If you choose this option, the product instance also sends the list of all the UDIs in the synchronization request.

  • local : Performs synchronization only for the active product instance sending the request, that is, its own UDI. This is the default option.

trust idtoken id_token_value

Establishes a trusted connection with CSSM.

To use this option, you must first generate a token in the CSSM portal. Provide the generated token value for id_token_value .

force

Submits a trust code request even if a trust code already exists on the product instance.

A trust code is node-locked to the UDI of a product instance. If the UDI is already registered, CSSM does not allow a new registration for the same UDI. Entering the force keyword overrides this behavior.

Command Default

Cisco IOS XE Amsterdam 17.3.1 and earlier: Smart Licensing is enabled by default.

Cisco IOS XE Amsterdam 17.3.2a and later: Smart Licensing Using Policy is enabled by default.

Command Modes

Privileged EXEC (Device# )

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Cisco IOS XE Amsterdam 17.3.2a

The following keywords and variables were introduced with Smart Licensing Using Policy:

  • authorization { request { add | replace } feature_name { all | local } | return { all | local } { offline [ path ] | online } }

  • import file_path

  • save { trust-request filepath_filename | usage { all | days days | rum-id rum-ID | unreported } { file file_path } }

  • sync { all | local }

  • trust idtoken id_token_value { local | all } [ force ]

The following keywords and variables under the license smart command are deprecated and no longer available on the CLI:

  • register idtoken token_id [ force ]

  • deregister

  • renew id { ID | auth }

  • debug { error | debug | trace | all }

  • mfg reservation { request | install | install file | cancel }

  • conversion { start | stop }

Cisco IOS XE Amsterdam 17.3.3

Support for SSM On-Prem was introduced. You can perform licensing-related tasks such as saving Resource Utilization Measurement reports (RUM reports), importing a file on to a product instance, synchronizing the product instance, returning authorization codes, and removing licensing information from the product instance in an SSM On-Prem deployment.

Cisco IOS XE Bengaluru 17.6.2

Support for the Export Control Key for High Security (HSECK9 key) was introduced on the Cisco Catalyst 9300X Series Switches. The authorization code related commands (license smart authorization request and license smart authorization return ) can be used to request and return the Smart Licensing Authorization Code (SLAC) for the HSECK9 key, on supported platforms.

Cisco IOS XE Cupertino 17.7.1

The following enhancements were introduced in this release:

  • The save path keyword and variable were added to the license smart authorization request command string. You can use this option to generate a SLAC request and save it to a file. The new options are displayed as follows:

    license smart authorization request { add | replace | save path } feature_name { all | local } request_count

  • The existing license smart save usage command was enhanced to automatically include a trust code request if it doesn't already exist.

Cisco IOS XE Cupertino 17.8.1

The authorization code related commands (license smart authorization request and license smart authorization return ) were implemented on the following products:

  • Cisco Catalyst 9600 Series 40-Port 50G, 2-Port 200G, 2-Port 400G Line Card (C9600-LC-40YL4CD)

  • Cisco Catalyst 9500X Series Switches

You can use the above commands to request and return the Smart Licensing Authorization Code (SLAC) for the HSECK9 key on supported platforms.

Cisco IOS XE Dublin 17.11.1

The HSECK9 key was implemented on Cisco Catalyst 9400 Series Supervisor 2 and 2XL Modules (C9400X-SUP-2 and C9400X-SUP-2XL)

The authorization code related commands (license smart authorization request and license smart authorization return ) can be used to request and return the Smart Licensing Authorization Code (SLAC) for the HSECK9 key, on supported platforms.

Usage Guidelines

Requesting a Trust Code in an Air-Gapped Network

Starting with Cisco IOS XE Cupertino 17.7.1 if a trust code is not available on the product instance, the product instance automatically includes a trust code request in the RUM report when you enter the license smart save usage command. This is supported in a standalone set-up, as well as a High Availability and stacking set-up. In a a High Availability and stacking set-up, the active product instance requests and installs the trust code for all members or standbys where a trust code is missing. CSSM includes the trust code in the ACK which is available for download from the CSSM Web UI. You then have to install the ACK on the product instance. You can verify trust code installation by entering the show license status command in privileged EXEC mode - check for the updated timestamp in the Trust Code Installed field.

Overwriting a Trust Code

Use cases for the force option when configuring the license smart trust idtoken command:

  • You use same token for all the product instances that are part of one Virtual Account. If the product instance has moved from one account to another (for instance, because it was added to a High Availability set-up, which is part of another Virtual Account), then there may be an existing trust code you have to overwrite.

  • There is already a factory-installed trust code on the product instance, but you want to implement a topology where the product instance is directly connected to CSSM. A factory-installed trust code cannot be used for secure communication with CSSM. You must generate an ID token in the CSSM Web UI and download a trust code file. When you install this new trust code, you must overwrite the existing factory-installed trust code.

Removing Licensing Information

Entering the licence smart factory reset command removes all licensing information (except the licenses in-use) from the product instance, including any authorization codes, RUM reports etc. Therefore, we recommend the use of this command only if the product instance is being returned (Return Material Authrization, or RMA), or being decommissioned permanently. We also recommend that you return any authorization codes and send a RUM report to CSSM, before you remove licensing information from the product instance - this is to ensure that CSSM has up-to-date usage information.

Requesting and Returning Authorization Codes:
  • Requesting and returning SLAC - when the product instance is connected to CSSM, or CSLU or SSM On-Prem:

    • Use the following command to request SLAC on supported product instances. In a stacking set-up, you can request SLAC for either the active (local ), or the entire stack (all ). You cannot request SLAC for just one member or standby. Here the product instance is connected to CSSM, or CSLU or SSM On-Prem. For air-gapped networks, you must enter the required details directly in CSSM to generated SLAC.

      license smart authorization request { add | replace } feature_name { all | local }

    • Use the following command to return a SLAC or an SLR authorization code:

      license smart authorization return { all | local } { online }

  • Requesting and returning a SLAC when the product instance is in an air-gapped network.

    • Starting from Cisco IOS XE Cupertino 17.7.1

      You can request and install a SLAC without having to enter the required PIDs or generating a SLAC in the CSSM Web UI. Instead, save a SLAC request in a file by configuring the license smart authorization request{ add| replace} feature_name{ all| local} , followed by the license smart authorization request save[ path] commands.

      Upload the SLAC request file, to the CSSM Web UI (in the same location and just as you would, a RUM report). After the request is processed, a SLAC file is available on the CSSM Web UI. Download, and import the SLAC file into the product instance.

      Similarly, to return a SLAC configure the license smart authorization return command with the offline [path] option to save the file. Upload the file to the CSSM Web UI in the same location and just as you would, a RUM report).

    • Prior to Cisco IOS XE Cupertino 17.7.1:

      To request SLAC on a product instance in an air-gapped network, you must enter the required details directly in the CSSM Web UI to generate SLAC.

      To return a SLAC or an SLR authorization code:

      license smart authorization return { all | local } { offline [ path ] | online }

      Copy the return code that is displayed on the CLI and enter it in CSSM. If you save the return code to a file, you can copy the code from the file and enter the same in CSSM.

      For SLR authorization codes in the Smart Licensing Using Policy environment, note that you cannot request a new SLR in the Smart Licensing Using Policy environment, because the notion of “reservation” does not apply. If you are in an air-gapped network, the No Connectivity to CSSM and No CSLU topology applies instead.

Authorization Codes in an SSM On-Prem Deployment

When requesting SLAC in an SSM On-Prem Deployment, ensure that you meet the following prerequisites before you configure the license smart authorization request command:

  • The product instance must be added to SSM On-Prem. The process of addition validates and maps the product instance to the applicable Smart Account and Virtual account in CSSM.

  • The authorization codes required for export-controlled and enfored licenses must be generated in CSSM and imported into SSM On-Prem.

Examples

Example for Requesting SLAC (Connected Directly to CSSM)

The following example shows how you can request and install SLAC on a product instance that is directly connected to CSSM. This example is of a stacking set-up with an active, a standby, and a member - all the devices in the stack are C9300X and support the HSECK9 key and IPSec. IPsec is a cryptographic feature which requires the HSECK9 key. A SLAC is requested for all the product instances in the set-up.
Device# license smart authorization request add hseck9 all
Device#
Oct 19 15:49:47.888: %SMART_LIC-6-AUTHORIZATION_INSTALL_SUCCESS: A new licensing authorization code was successfully installed on PID:C9300X-24HX,SN:FOC2519L8R7
Oct 19 15:49:47.946: %SMART_LIC-6-AUTHORIZATION_INSTALL_SUCCESS: A new licensing authorization code was successfully installed on PID:C9300X-48HXN,SN:FOC2524L39P
Oct 19 15:49:48.011: %SMART_LIC-6-AUTHORIZATION_INSTALL_SUCCESS: A new licensing authorization code was successfully installed on PID:C9300X-48HX,SN:FOC2516LC92

Device# show license authorization 
Overall status:
  Active: PID:C9300X-24HX,SN:FOC2519L8R7
      Status: SMART AUTHORIZATION INSTALLED on Oct 19 15:49:47 2021 UTC
      Last Confirmation code: 4e740fb8
  Standby: PID:C9300X-48HXN,SN:FOC2524L39P
      Status: SMART AUTHORIZATION INSTALLED on Oct 19 15:49:47 2021 UTC
      Last Confirmation code: 086d28d7
  Member: PID:C9300X-48HX,SN:FOC2516LC92
      Status: SMART AUTHORIZATION INSTALLED on Oct 19 15:49:48 2021 UTC
      Last Confirmation code: beb51aa1

Authorizations:
  C9K HSEC (Cat9K HSEC):
    Description: HSEC Key for Export Compliance on Cat9K Series Switches
    Total available count: 3
    Enforcement type: EXPORT RESTRICTED
    Term information:
      Active: PID:C9300X-24HX,SN:FOC2519L8R7
        Authorization type: SMART AUTHORIZATION INSTALLED 
        License type: PERPETUAL
          Term Count: 1
      Standby: PID:C9300X-48HXN,SN:FOC2524L39P
        Authorization type: SMART AUTHORIZATION INSTALLED 
        License type: PERPETUAL
          Term Count: 1
      Member: PID:C9300X-48HX,SN:FOC2516LC92
        Authorization type: SMART AUTHORIZATION INSTALLED 
        License type: PERPETUAL
          Term Count: 1
 
Purchased Licenses:
  No Purchase Information Available

Examples

The following examples show you how to generate and save a SLAC request on the product instance and also how to return a SLAC to the CSSM Web UI, for a product instance in an air-gapped network. The software version running on the product instance is Cisco IOS XE Cupertino 17.7.1, which introduces support for a more simplified way of requesting and returning SLAC in an air-gapped network.

Requesting a SLAC
Device# license smart authorization request add hseck9 local
Device# license smart authorization request save bootflash:slac-request.txt
After the above steps, upload the file to the CSSM Web UI. From the CSSM Web UI, download the file containing the SLAC. To import and install the file on the product instance, enter the following commands:
Device# copy tftp://10.8.0.6/user01/slac_code.txt bootflash:
Device# license smart import bootflash:slac_code.txt
Returning a SLAC
Device# license smart authorization return local offline bootflash:auth_return.txt
After the above step, upload the file to the CSSM Web UI. A file is available for download after this, but import and installation of this file is optional.

Example for Saving Licensing Usage Information

The following example shows how you can save license usage information on the product instance. You can use this option to fulfil reporting requirements in an air-gapped network. In the example, the file is first save to flash memory and then copied to a TFTP location:
 Device> enable
Device# license smart save usage unreported file flash:RUM-unrep.txt
Device# copy flash:RUM-unrep.txt tftp://192.168.0.1//auto/tftp-user/user01/
Address or name of remote host [192.168.0.1]?
Destination filename [//auto/tftp-user/user01/RUM-unrep.txt]?
!!
15128 bytes copied in 0.161 secs (93963 bytes/sec)

After you save RUM reports to a file, you must upload it to CSSM (from a workstation that has connectivity to the internet, and Cisco).

Example for Installing a Trust Code

The following example shows how to install a trust code even if one is already installed on the product instance. This requires connectivity to CSSM. The accompanying show license status output shows sample output after successful installation:

Before you can install a trust code, you must generate a token and download the corresponding file from CSSM.

Use the show license status command (Trust Code Installed:) to verify results.
Device> enable
Device# license smart trust idtoken 
NGMwMjk5mYtNZaxMS00NzMZmtgWm local force
Device# show license status
<output truncated>
Trust Code Installed:
  Active: PID:C9500-24Y4C,SN:CAT2344L4GH
    INSTALLED on Sep 04 01:01:46 2020 EDT
  Standby: PID:C9500-24Y4C,SN:CAT2344L4GJ
    INSTALLED on Sep 04 01:01:46 2020 EDT
<output truncated>

Example for Returning an SLR Authorization Code

The following example shows how to remove and return an SLR authorization code. Here the code is returned offline (no connectivity to CSSM). The accompanying show license all output shows sample output after successful return:
Device> enable
Device# license smart authorization return local offline
Enter this return code in Cisco Smart Software Manager portal:
UDI: PID:C9500-16X,SN:FCW2233A5ZV
Return code: Cr9JHx-L1x5Rj-ftwzg1-h9QZAU-LE5DT1-babWeL-FABPt9-Wr1Dn7-Rp7
Device# configure terminal
Device(config)# no license smart reservation

Device# show license all
<output truncated>
License Authorizations
======================
Overall status:
  Active: UDI: PID:C9500-16X,SN:FCW2233A5ZV
      Status: NOT INSTALLED
      Last return code: Cr9JHx-L1x5Rj-ftwzg1-h9QZAU-LE5DT1-babWeL-FABPt9-Wr1Dn7-Rp7
<output truncated>

Since the product instance is in an air-gapped network, you must copy the return code from the CLI, locate the product instance in the CSSM Web UI and enter the return code there to complete the return process.

line auto-consolidation

To consolidate multiple line configurations of the same submode into a single line, use the line auto-consolidation command in global configuration mode. Auto-consolidation of line configurations is enabled by default. Starting with the Cisco IOS XE Bengaluru 17.4.1 you can disable auto consolidation by using the no form of the command.

line auto-consolidation

no line auto-consolidation

Syntax Description

auto-consolidation

Consolidates multiple line configurations of the same submode into a single line.

Command Default

Autoconsolidation is enabled by default.

Command Modes

Global configuration mode (config)

Command History

Release

Modification

Cisco IOS XE Bengaluru 17.4.1

The command was introduced.

Examples

The following example shows the nonvolatile generation (NVGEN) process output with line auto-consolidation configured:

Examples

Device# show run | sec line
line con 0
stopbits 1
line vty 0 4
transport input ssh
line vty 5 9
transport input all
Device# configure terminal
Device(config)# line vty 10 15
Device(config-line)# transport input all
Device(config-line)# end
Device# show run | sec line
line con 0
stopbits 1
line vty 0 4
transport input ssh
line vty 5 15
transport input all

Examples

The following example shows the nonvolatile generation (NVGEN) process output after no line auto-consolidation is configured:
Device# show run | sec line
line con 0
stopbits 1
line vty 0 4
transport input ssh
line vty 5 9
transport input all
Device# configure terminal
Device(config)#no line auto-consolidation
Device(config)# line vty 10 15
Device(config-line)# transport input all
Device(config-line)# end
Device# show run | sec line
no line auto-consolidation
line con 0
stopbits 1
line vty 0 4
transport input ssh
line vty 5 9
transport input all
line vty 10 15
transport input all

location

To configure location information for an endpoint, use the location command in global configuration mode. To remove the location information, use the no form of this command.

location {admin-tag string | civic-location identifier {host | id} | civic-location identifier {host | id} | elin-location { string | identifier id} | geo-location identifier {host | id} | prefer{ cdp weight priority-value| lldp-med weight priority-value| static config weight priority-value}

no location {admin-tag string | civic-location identifier {host | id} | civic-location identifier {host | id} | elin-location { string | identifier id} | geo-location identifier {host | id} | prefer{ cdp weight priority-value| lldp-med weight priority-value| static config weight priority-value}

Syntax Description

admin-tagstring

Configures administrative tag or site information. Site or location information in alphanumeric format.

civic-location

Configures civic location information.

identifier

Specifies the name of the civic location, emergency, or geographical location.

host

Defines the host civic or geo-spatial location.

id

Name of the civic, emergency, or geographical location.

Note

 

The identifier for the civic location in the LLDP-MED switch TLV is limited to 250 bytes or less. To avoid error messages about available buffer space during switch configuration, be sure that the total length of all civic-location information specified for each civic-location identifier does not exceed 250 bytes.

elin-location

Configures emergency location information (ELIN).

geo-location

Configures geo-spatial location information.

prefer

Sets location information source priority.

Command Default

No default behavior or values.

Command Modes

Global configuration

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

After entering the location civic-location identifier global configuration command, you enter civic location configuration mode. After entering the location geo-location identifier global configuration command, you enter geo location configuration mode.

The civic-location identifier must not exceed 250 bytes.

The host identifier configures the host civic or geo-spatial location. If the identifier is not a host, the identifier only defines a civic location or geo-spatial template that can be referenced on the interface.

The host keyword defines the device location. The civic location options available for configuration using the identifier and the host keyword are the same. You can specify the following civic location options in civic location configuration mode:

  • additional-code—Sets an additional civic location code.
  • additional-location-information—Sets additional civic location information.
  • branch-road-name—Sets the branch road name.
  • building—Sets building information.
  • city—Sets the city name.
  • country—Sets the two-letter ISO 3166 country code.
  • county—Sets the county name.
  • default—Sets a command to its defaults.
  • division—Sets the city division name.
  • exit—Exits from the civic location configuration mode.
  • floor—Sets the floor number.
  • landmark—Sets landmark information.
  • leading-street-dir—Sets the leading street direction.
  • name—Sets the resident name.
  • neighborhood—Sets neighborhood information.
  • no—Negates the specified civic location data and sets the default value.
  • number—Sets the street number.
  • post-office-box—Sets the post office box.
  • postal-code—Sets the postal code.
  • postal-community-name—Sets the postal community name.
  • primary-road-name—Sets the primary road name.
  • road-section—Sets the road section.
  • room—Sets room information.
  • seat—Sets seat information.
  • state—Sets the state name.
  • street-group—Sets the street group.
  • street-name-postmodifier—Sets the street name postmodifier.
  • street-name-premodifier—Sets the street name premodifier.
  • street-number-suffix—Sets the street number suffix.
  • street-suffix—Sets the street suffix.
  • sub-branch-road-name—Sets the sub-branch road name.
  • trailing-street-suffix—Sets the trailing street suffix.
  • type-of-place—Sets the type of place.
  • unit—Sets the unit.

You can specify the following geo-spatial location information in geo-location configuration mode:

  • altitude—Sets altitude information in units of floor, meters, or feet.
  • latitude—Sets latitude information in degrees, minutes, and seconds. The range is from -90 degrees to 90 degrees. Positive numbers indicate locations north of the equator.
  • longitude—Sets longitude information in degrees, minutes, and seconds. The range is from -180 degrees to 180 degrees. Positive numbers indicate locations east of the prime meridian.
  • resolution—Sets the resolution for latitude and longitude. If the resolution value is not specified, default value of 10 meters is applied to latitude and longitude resolution parameters. For latitude and longitude, the resolution unit is measured in meters. The resolution value can also be a fraction.
  • default—Sets the geographical location to its default attribute.
  • exit—Exits from geographical location configuration mode.
  • no—Negates the specified geographical parameters and sets the default value.

Use the no lldp med-tlv-select location information interface configuration command to disable the location TLV. The location TLV is enabled by default.

Examples

This example shows how to configure civic location information on the switch:

Device(config)# location civic-location identifier 1
Device(config-civic)# number 3550
Device(config-civic)# primary-road-name “Cisco Way”
Device(config-civic)# city “San Jose”
Device(config-civic)# state CA
Device(config-civic)# building 19
Device(config-civic)# room C6
Device(config-civic)# county “Santa Clara”
Device(config-civic)# country US
Device(config-civic)# end

You can verify your settings by entering the show location civic-location privileged EXEC command.

This example shows how to configure the emergency location information on the switch:

Device(config)# location elin-location 14085553881 identifier 1

You can verify your settings by entering the show location elin privileged EXEC command.

The example shows how to configure geo-spatial location information on the switch:

Device(config)# location geo-location identifier host
Device(config-geo)# latitude 12.34
Device(config-geo)# longitude 37.23
Device(config-geo)# altitude 5 floor
Device(config-geo)# resolution 12.34

You can use the show location geo-location identifier command to display the configured geo-spatial location details.

location plm calibrating

To configure path loss measurement (CCX S60) request for calibrating clients, use the location plm calibrating command in global configuration mode.

location plm calibrating {multiband | uniband}

Syntax Description

multiband

Specifies the path loss measurement request for calibrating clients on the associated 802.11a or 802.11b/g radio.

uniband

Specifies the path loss measurement request for calibrating clients on the associated 802.11a/b/g radio.

Command Default

No default behavior or values.

Command Modes

Global configuration

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

The uniband is useful for single radio clients (even if the radio is a dual band and can operate in the 2.4-GHz and the 5-GHz bands). The multiband is useful for multiple radio clients.

Examples

This example shows how to configure the path loss measurement request for calibrating clients on the associated 802.11a/b/g radio:


Device# configure terminal
Device(config)# location plm calibrating uniband
Device(config)# end
                                             
                                             

mac address-table move update

To enable the MAC address table move update feature, use the mac address-table move update command in global configuration mode on the switch stack or on a standalone switch. To return to the default setting, use the no form of this command.

mac address-table move update {receive | transmit}

no mac address-table move update {receive | transmit}

Syntax Description

receive

Specifies that the switch processes MAC address-table move update messages.

transmit

Specifies that the switch sends MAC address-table move update messages to other switches in the network if the primary link goes down and the standby link comes up.

Command Default

By default, the MAC address-table move update feature is disabled.

Command Modes

Global configuration

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

The MAC address-table move update feature allows the switch to provide rapid bidirectional convergence if a primary (forwarding) link goes down and the standby link begins forwarding traffic.

You can configure the access switch to send the MAC address-table move update messages if the primary link goes down and the standby link comes up. You can configure the uplink switches to receive and process the MAC address-table move update messages.

Examples

This example shows how to configure an access switch to send MAC address-table move update messages:


Device# configure terminal
Device(config)# mac address-table move update transmit
Device(config)# end

This example shows how to configure an uplink switch to get and process MAC address-table move update messages:


Device# configure terminal
Device(config)# mac address-table move update receive
Device(config)# end

You can verify your setting by entering the show mac address-table move update privileged EXEC command.

mgmt_init

To initialize the Ethernet management port, use the mgmt_init command in boot loader mode.

mgmt_init

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use the mgmt_init command only during debugging of the Ethernet management port.

Examples

This example shows how to initialize the Ethernet management port:


Device: mgmt_init

mkdir

To create one or more directories on the specified file system, use the mkdir command in boot loader mode.

mkdir filesystem:/directory-url...

Syntax Description

filesystem:

Alias for a file system. Use usbflash0: for USB memory sticks.

/directory-url...

Name of the directories to create. Separate each directory name with a space.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Directory names are case sensitive.

Directory names are limited to 127 characters between the slashes (/); the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

Examples

This example shows how to make a directory called Saved_Configs:


Device: mkdir usbflash0:Saved_Configs
Directory "usbflash0:Saved_Configs" created

more

To display the contents of one or more files, use the more command in boot loader mode.

more filesystem:/file-url...

Syntax Description

filesystem:

Alias for a file system. Use flash: for the system board flash device.

/file-url...

Path (directory) and name of the files to display. Separate each filename with a space.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Filenames and directory names are case sensitive.

If you specify a list of files, the contents of each file appears sequentially.

Examples

This example shows how to display the contents of a file:


Device: more flash:image_file_name
version_suffix: universal-122-xx.SEx
version_directory: image_file_name
image_system_type_id: 0x00000002
image_name: image_file_name.bin
ios_image_file_size: 8919552
total_image_file_size: 11592192
image_feature: IP|LAYER_3|PLUS|MIN_DRAM_MEG=128
image_family: family
stacking_number: 1.34
board_ids: 0x00000068 0x00000069 0x0000006a 0x0000006b 
info_end:

no debug all

To disable debugging on a switch, use the no debug all command in Privileged EXEC mode.

no debug all

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Release 16.1

This command was introduced.

Examples

This example shows how to disable debugging on a switch.


Device: no debug all
All possible debugging has been turned off.

power budget mode

To configure the system to reserve power for a single supervisor, use the power budget mode command in global configuration mode

power budget modesingle-sup

no power budget modesingle-sup

Command Default

The system reserves power for both supervisor modules.

Command Modes

Global configuration mode (config)

Command History

Release Modification

Cisco IOS XE Fuji 16.8.1a

This command was introduced.

Usage Guidelines

Before you configure the command to reserve power for a single supervisor, ensure that these prerequisites are met:

  • You have installed only one supervisor module in the chassis

  • You have installed a blank in the second supervisor slot

Further guidelines related to power budgeting are available in the software configuration guide. In applicable version of the guide, go to ContentsSystem ManagementEnvironmental Monitoring and Power ManagementPower Budgeting for Supervisor Modules.

Examples

The following example shows how you can reserve power for a single supervisor module:

Device# configure terminal
Device(config)# power budget mode single-sup
Device(config)# end

power supply autolc

To configure automatic line card (autoLC) shutdown in the event of a power constraint, and to configure line card power priority, use the power supply autolc command in global configuration mode. To disable automatic line card shutdown and to use default line card power priority, use the no form of this command.

power supply autolc [ priority physical-slot-number ] [ shutdown ]

no power supply autolc [ priority physical-slot-number ] [ shutdown ]

Syntax Description

priority physical-slot-number

Configures line card power priority. Enter the physical line card slot numbers to indicate line card power priority. Valid values are from 1 to 10.

The system assigns the highest priority (0) to the slot number you enter first, and this is the last to be shut down in case of a failure.

The system does not accept a partial list of line card slot numbers. For example, for a 7-slot chassis, you must indicate the order by including all the five line card slots.

If you do not specify an order and autoLC shutdown is enabled, then by default the system shuts down line cards from the highest to the lowest physical slot number. Accordingly, default configuration is as follows:

  • 4-slot chassis: power supply autoLC priority 1 4

  • 7-slot chassis: power supply autoLC priority 1 2 5 6 7

  • 10-slot chassis: power supply autoLC priority 1 2 3 4 7 8 9 10

shutdown

Enables automatic shutdown of line cards in case of a power supply failure event.

Command Default

  • Cisco IOS XE Gibraltar 16.11.x and all earlier releases: autoLC shutdown is disabled by default.

  • Cisco IOS XE Gibraltar 16.12.1 and all later releases: autoLC shutdown is perpetually enabled and cannot be disabled.

Command Modes

Global configuration (config)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Cisco IOS XE Gibraltar 16.11.x

Starting from this release, the power supply autolc shutdown command is always enabled and cannot disabled. The no form of the command is also obsolete from this release.

Examples

The following example shows you how to configure line card power priority.

The first part of the example shows sample output of default configuration on a 10-slot chassis. The second part of the example shows how to specify power priority on the same 10-slot chassis and sample output of the show command to display and verify changed configuration.

The following sample output displays default line card power priority configuration. Here, in case of a power failure:

  • Physical slot number 10 (C9400-LC-24XS) will be shut down first, because has the lowest priority (7)

  • Physical slot number 1 (C9400-LC-48U) will be shut down last, because it has the highest priority (0).

Device# show power module
Automatic Linecard Shutdown : Enabled                                                                                               
Power Budget Mode           : Dual Sup                                                                                               
 
                           autoLC    Power                                  Out of  In
Mod  Model No              Priority  State     Budget  Instantaneous  Peak  Reset   Reset
---  --------------------  --------  --------  ------  -------------  ----  ------  -----
1    C9400-LC-48U          0         accepted  500     36             37    500     5
2    C9400-LC-48H          1         accepted  240     34             39    240     5
3    C9400-LC-48P          2         accepted  500     36             41    500     5
4    C9400-LC-48UX         3         accepted  500     137            149   500     15
5    C9400-SUP-1XL         0         accepted  400     253            270   400     130
6    C9400-SUP-1XL         0         accepted  400     251            270   400     130
7    C9400-LC-48T          4         accepted  240     34             35    240     5
8    C9400-LC-48S          5         accepted  240     39             39    240     5
9    C9400-LC-24S          6         accepted  240     34             35    240     5
10   C9400-LC-24XS         7         accepted  240     95             96    240     10
--   Fan Tray              0         accepted  700     --             --    700     --
---  --------------------  --------  --------  ------  -------------  ----  ------  -----
Total   4200

The following sample configuration shows how to specify line card power priority on a 10-slot chassis. Here, in case of a power failure:

  • Physical slot number 1 (C9400-LC-48U) will be shut down first, because it has the lowest priority (7)

  • Physical slot number 10 (C9400-LC-24XS) will be shut down last, because has the lowest priority (0).

Device# configure terminal 
Device(config)# power supply autoLC priority 10 9 8 7 4 3 2 1
Device(config)# end

Device# show power module
Automatic Linecard Shutdown : Enabled
Power Budget Mode           : Dual Sup
 
                           autoLC    Power                                  Out of  In
Mod  Model No              Priority  State     Budget  Instantaneous  Peak  Reset   Reset
---  --------------------  --------  --------  ------  -------------  ----  ------  -----
1    C9400-LC-48U          7         accepted  500     36             37    500     5
2    C9400-LC-48H          6         accepted  240     34             39    240     5
3    C9400-LC-48P          5         accepted  500     36             41    500     5
4    C9400-LC-48UX         4         accepted  500     137            149   500     15
5    C9400-SUP-1XL         0         accepted  400     253            270   400     130
6    C9400-SUP-1XL         0         accepted  400     251            270   400     130
7    C9400-LC-48T          3         accepted  240     34             35    240     5
8    C9400-LC-48S          2         accepted  240     39             39    240     5
9    C9400-LC-24S          1         accepted  240     34             35    240     5
10   C9400-LC-24XS         0         accepted  240     95             96    240     10
--   Fan Tray              0         accepted  700     --             --    700     --
---  --------------------  --------  --------  ------  -------------  ----  ------  -----
Total   4200

rename

To rename a file, use the rename command in boot loader mode.

rename filesystem:/source-file-url filesystem:/destination-file-url

Syntax Description

filesystem:

Alias for a file system. Use usbflash0: for USB memory sticks.

/source-file-url

Original path (directory) and filename.

/destination-file-url

New path (directory) and filename.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Filenames and directory names are case sensitive.

Directory names are limited to 127 characters between the slashes (/); the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

Filenames are limited to 127 characters; the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

Examples

This example shows a file named config.text being renamed to config1.text:


Device: rename usbflash0:config.text usbflash0:config1.text

You can verify that the file was renamed by entering the dir filesystem: boot loader command.

request consent-token accept-response shell-access

To submit the Consent Token response to a previously generated challenge, use the request consent-token accept-response shell-access command.

request consent-token accept-response shell-access response-string

Syntax Description

Syntax

Description

response-string

Specifies the character string representing the response.

Command Modes

Privileged EXEC mode (#)

Command History

Release

Modification

Cisco IOS XE Gibraltar 16.11.1

This command was introduced.

Usage Guidelines

You must enter the response string within 30 minutes of challenge generation. If it is not entered, the challenge expires and a new challenge must be requested.

Example

The following is sample output from the request consent-token accept-response shell-access response-string command:

Device# request consent-token accept-response shell-access lR1y2AAUKFcAAAABAAABYlVDZ2d6MnkxL3JxTTJSSC9FZE5aWnRSa1FteS9POWZqRUNlTk1LL3VoUWxTc0FsOHl5OW5vckQ4YWVOelpZZGYNCkNpWHY0b1B4Q000UGs1M2ZEMUpoazBCUkYyM3FML1A2ckVjM3paR05wdHcvck95UVduYUVuTnA5bnhIZ09CNE0NCjBmVjh4b3I4TzE3aHNMaU1JeDQ3YWtkdE9Xb0JhTmlzMVRweFBVZE93QUxvZDVEbmo4UEtiR01VVUM5b3lZWXQNCjFIRnJPbXczcmpsZTJHUnIxOWJUNkZLTWlpZ0ZmbENVRWo4K2xoaXgxS0ZtdDVPcDBYczVPSU43L0dSK1pGTnoNCmYxTUtjaW1OWDhWTTNLQ0ZWNURHU3pIenF1UFBxZVNDU0xLNkhXUTFROTlFMXJVakdlZ1NqTWxnNFlySkJYL0wNCnpaTDVVRnVFdWpRWDdDUThIdkVPM1E9PQ==
% Consent token authorization success
*Jan 18 02:51:37.807: %CTOKEN-6-AUTH_UPDATE: Consent Token Update (authentication success: Shell access 0).

request consent-token generate-challenge shell-access

To generate a Consent Token challenge for system shell access, use the request consent-token generate-challenge shell-access command.

request consent-token generate-challenge shell-access auth-timeout time-validity-slot

Syntax Description

Syntax

Description

auth-timeout time-validity-slot

Specifies the time slot in minutes for which shell-access is requested.

Command Modes

Privileged EXEC mode (#)

Command History

Release

Modification

Cisco IOS XE Gibraltar 16.11.1

This command was introduced.

Usage Guidelines

When the requested time-slot for system shell expires, the session gets terminated automatically.

The maximum authorization timeout for system shell access is seven days.

Example

The following is sample output from the request consent-token generate-challenge shell-access auth-timeout time-validity-slot command:

Device# request consent-token generate-challenge shell-access auth-timeout 900
zSSdrAAAAQEBAAQAAAABAgAEAAAAAAMACH86csUhmDl0BAAQ0Fvd7CxqRYUeoD7B4AwW7QUABAAAAG8GAAhDVEFfREVNTwcAGENUQV9ERU1PX0NUQV9TSUdOSU5HX0tFWQgAC0M5ODAwLUNMLUs5CQALOVpQUEVESE5KRkI=
Device#
*Jan 18 02:47:06.733: %CTOKEN-6-AUTH_UPDATE: Consent Token Update (challenge generation attempt: Shell access 0).

request consent-token terminate-auth

To terminate the Consent Token based authorization to system shell, use the request consent-token terminate-auth command.

request consent-token terminate-auth

Command Modes

Privileged EXEC mode (#)

Command History

Release

Modification

Cisco IOS XE Gibraltar 16.11.1

This command was introduced.

Usage Guidelines

In system shell access scenario, exiting the shell does not terminate authorization until the authorization timeout occurs.

We recommend that you force terminate system shell authorization by explicitly issuing the request consent-token terminate-auth command once the purpose of system shell access is complete.

If the current authentication is terminated using the request consent-token terminate-auth command, the user will have to repeat the authentication process to gain access to system shell.

Example

The following is sample output from the request consent-token terminate-auth command:

Device# request consent-token terminate-auth shell-access
% Consent token authorization termination success

Device#
*Mar 13 01:45:39.197: %CTOKEN-6-AUTH_UPDATE: Consent Token Update (terminate authentication: Shell access 0).
Device#

reset

To perform a hard reset on the system, use the reset command in boot loader mode. A hard reset is similar to power-cycling the device; it clears the processor, registers, and memory.

reset

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Examples

This example shows how to reset the system:


Device: reset
Are you sure you want to reset the system (y/n)? y
System resetting...

rmdir

To remove one or more empty directories from the specified file system, use the rmdir command in boot loader mode.

rmdir filesystem:/directory-url...

Syntax Description

filesystem:

Alias for a file system. Use usbflash0: for USB memory sticks.

/directory-url...

Path (directory) and name of the empty directories to remove. Separate each directory name with a space.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Directory names are case sensitive and limited to 45 characters between the slashes (/); the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

Before removing a directory, you must first delete all of the files in the directory.

The device prompts you for confirmation before deleting each directory.

Examples

This example shows how to remove a directory:


Device: rmdir usbflash0:Test

You can verify that the directory was deleted by entering the dir filesystem: boot loader command.

sdm prefer

To specify the SDM template for use on the switch, use the sdm prefer command in global configuration mode.

sdm prefer { advanced}

Syntax Description

advanced

Supports advanced features such as NetFlow.

Command Default

No default behavior or values.

Command Modes

Global configuration

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

In a stack, all stack members must use the same SDM template that is stored on the active .

When a new is added to a stack, the SDM configuration that is stored on the active overrides the template configured on an individual .

Examples

This example shows how to configure the advanced template:


Device(config)# sdm prefer advanced
Device(config)# exit
Device# reload

service private-config-encryption

To enable private configuration file encryption, use the service private-config-encryption command. To disable this feature, use the no form of this command.

service private-config-encryption

no service private-config-encryption

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Global configuration (config)

Command History

Release Modification

Cisco IOS XE Fuji 16.8.1a

This command was introduced.

Examples

The following example shows how to enable private configuration file encryption:


Device> enable
Device# configure terminal
Device(config)# service private-config-encryption

set

To set or display environment variables, use the set command in boot loader mode. Environment variables can be used to control the boot loader or any other software running on the device.

set variable value

Syntax Description

variable value

Use one of the following keywords for variable and the appropriate value for value :

MANUAL_BOOT —Decides whether the device boots automatically or manually.

Valid values are 1/Yes and 0/No. If it is set to 0 or No, the boot loader attempts to automatically boot the system. If it is set to anything else, you must manually boot the device from the boot loader mode.

BOOT filesystem:/file-url —Identifies a semicolon-separated list of executable files to try to load and execute when automatically booting.

If the BOOT environment variable is not set, the system attempts to load and execute the first executable image it can find by using a recursive, depth-first search through the flash: file system. If the BOOT variable is set but the specified images cannot be loaded, the system attempts to boot the first bootable file that it can find in the flash: file system.

ENABLE_BREAK —Allows the automatic boot process to be interrupted when the user presses the Break key on the console.

Valid values are 1, Yes, On, 0, No, and Off. If set to 1, Yes, or On, you can interrupt the automatic boot process by pressing the Break key on the console after the flash: file system has initialized.

HELPER filesystem:/file-url —Identifies a semicolon-separated list of loadable files to dynamically load during the boot loader initialization. Helper files extend or patch the functionality of the boot loader.

PS1 prompt —Specifies a string that is used as the command-line prompt in boot loader mode.

CONFIG_FILE flash: /file-url —Specifies the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration.

BAUD rate —Specifies the number of bits per second (b/s) that is used for the baud rate for the console. The Cisco IOS software inherits the baud rate setting from the boot loader and continues to use this value unless the configuration file specifies another setting. The range is from 0 to 128000 b/s. Valid values are 50, 75, 110, 150, 300, 600, 1200, 1800, 2000, 2400, 3600, 4800, 7200, 9600, 14400, 19200, 28800, 38400, 56000, 57600, 115200, and 128000.

The most commonly used values are 300, 1200, 2400, 9600, 19200, 57600, and 115200.

SWITCH_NUMBER stack-member-number —Changes the member number of a stack member.

SWITCH_PRIORITY priority-number —Changes the priority value of a stack member.

Command Default

The environment variables have these default values:

MANUAL_BOOT: No (0)

BOOT: Null string

ENABLE_BREAK: No (Off or 0) (the automatic boot process cannot be interrupted by pressing the Break key on the console).

HELPER: No default value (helper files are not automatically loaded).

PS1 device:

CONFIG_FILE: config.text

BAUD: 9600 b/s

SWITCH_NUMBER: 1

SWITCH_PRIORITY: 1


Note


Environment variables that have values are stored in the flash: file system in various files. Each line in the files contains an environment variable name and an equal sign followed by the value of the variable.

A variable has no value if it is not listed in these files; it has a value if it is listed even if the value is a null string. A variable that is set to a null string (for example, “ ”) is a variable with a value.

Many environment variables are predefined and have default values.


Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Environment variables are case sensitive and must be entered as documented.

Environment variables that have values are stored in flash memory outside of the flash: file system.

Under typical circumstances, it is not necessary to alter the setting of the environment variables.

The MANUAL_BOOT environment variable can also be set by using the boot manual global configuration command.

The BOOT environment variable can also be set by using the boot system filesystem:/file-url global configuration command.

The ENABLE_BREAK environment variable can also be set by using the boot enable-break global configuration command.

The HELPER environment variable can also be set by using the boot helper filesystem: / file-url global configuration command.

The CONFIG_FILE environment variable can also be set by using the boot config-file flash: /file-url global configuration command.

The SWITCH_NUMBER environment variable can also be set by using the switch current-stack-member-number renumber new-stack-member-number global configuration command.

The SWITCH_PRIORITY environment variable can also be set by using the device stack-member-number priority priority-number global configuration command.

The boot loader prompt string (PS1) can be up to 120 printable characters not including the equal sign (=).

Examples

This example shows how to set the SWITCH_PRIORITY environment variable:


Device: set SWITCH_PRIORITY 2 

You can verify your setting by using the set boot loader command.

show avc client

To display information about top number of applications, use the show avc client command in privileged EXEC mode.

show avc client client-mac top n application [ aggregate | upstream | downstream]

Syntax Description

client client-mac

Specifies the client MAC address.

top n application

Specifies the number of top "N" applications for the given client.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release Modification

This command was introduced.

Examples

The following is sample output from the show avc client command:

# sh avc client 0040.96ae.65ec top 10 application aggregate

Cumulative Stats:

No.  AppName      Packet-Count    Byte-Count       AvgPkt-Size     usage%
---------------------------------------------------------------------------
1    skinny          7343           449860           61             94
2    unknown         99             13631            137            3
3    dhcp            18             8752             486            2
4    http            18             3264             181            1
5    tftp            9              534              59             0
6    dns             2              224              112            0

Last Interval(90 seconds) Stats:

No.  AppName     Packet-Count     Byte-Count       AvgPkt-Size      usage%
----------------------------------------------------------------------------
1    skinny          9              540              60              100

show bootflash:

To display information about the bootflash: file system, use the show bootflash: command in user EXEC or privileged EXEC mode.

show bootflash: [all | filesys | namesort | sizesort | timesort ]

Syntax Description

all

(Optional) Displays all possible Flash information.

filesys

(Optional) Displays Flash system information.

namesort

(Optional) Sorts the output by file name.

sizesort

(Optional) Sorts the output by file size.

timesort

(Optional) Sorts the output by time stamp.

Command Default

User EXEC (>)

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Cisco IOS XE Amsterdam 17.3.1

The following keywords were introduced:

  • namesort

  • sizesort

  • timesort

Example:

The following is a sample output from the show bootflash: all command:

Device# show bootflash: all                                                           
-#- --length-- ---------date/time--------- path                                                          
2       4096 May 11 2020 16:49:01.0000000000 +00:00 .installer                                           
3       4096 Feb 27 2020 15:03:50.0000000000 +00:00 .installer/issu_crash                                
4         12 May 05 2020 22:06:48.0000000000 +00:00 .installer/issu_crash/fru_crash                      
5         50 May 11 2020 16:40:40.0000000000 +00:00 .installer/last_pkgconf_shasum                       
6          6 Feb 27 2020 16:33:59.0000000000 +00:00 .installer/install_issu_pid                          
7         13 Feb 27 2020 21:05:35.0000000000 +00:00 .installer/install_issu_prev_state                   
8         17 Feb 27 2020 21:05:36.0000000000 +00:00 .installer/install_issu_state                        
9         13 May 11 2020 16:41:12.0000000000 +00:00 .installer/watchlist                                 
10          8 Feb 28 2020 18:04:31.0000000000 +00:00 .installer/crdu_frus                                
11          0 Mar 01 2020 18:01:09.0000000000 +00:00 .installer/.install_add_pkg_list.prev.txt           
12       1729 Mar 01 2020 18:02:54.0000000000 +00:00 .installer/install_add_oper.log                     
13          5 May 11 2020 16:40:40.0000000000 +00:00 .installer/install_global_trans_lock                
14         10 May 11 2020 16:40:40.0000000000 +00:00 .installer/install_state                            
15   33554432 May 11 2020 16:42:37.0000000000 +00:00 nvram_config                                        
16        396 May 11 2020 16:41:02.0000000000 +00:00 boothelper.log                                      
17       4096 May 11 2020 16:40:42.0000000000 +00:00 rpr                                                 
18         80 May 11 2020 16:40:42.0000000000 +00:00 rpr/RPR_log.txt                                     
19         80 May 05 2020 22:10:45.0000000000 +00:00 rpr/RPR_log_prev.txt                                
20       2183 May 11 2020 16:40:42.0000000000 +00:00 bootloader_evt_handle.log                           
21       4096 Mar 06 2020 21:00:51.0000000000 +00:00 .ssh                                                
22        965 Dec 24 2019 15:23:55.0000000000 +00:00 .ssh/ssh_host_key                                   
23        630 Dec 24 2019 15:23:55.0000000000 +00:00 .ssh/ssh_host_key.pub                               
24       1675 Dec 24 2019 15:23:56.0000000000 +00:00 .ssh/ssh_host_rsa_key                               
25        382 Dec 24 2019 15:23:56.0000000000 +00:00 .ssh/ssh_host_rsa_key.pub                           
26        668 Dec 24 2019 15:23:56.0000000000 +00:00 .ssh/ssh_host_dsa_key                               
27        590 Dec 24 2019 15:23:56.0000000000 +00:00 .ssh/ssh_host_dsa_key.pub                           
28        492 Mar 06 2020 21:00:51.0000000000 +00:00 .ssh/ssh_host_ecdsa_key                             
29        162 Mar 06 2020 21:00:51.0000000000 +00:00 .ssh/ssh_host_ecdsa_key.pub                         
30        387 Mar 06 2020 21:00:51.0000000000 +00:00 .ssh/ssh_host_ed25519_key                           
31         82 Mar 06 2020 21:00:51.0000000000 +00:00 .ssh/ssh_host_ed25519_key.pub                       
32       4096 Dec 24 2019 15:24:41.0000000000 +00:00 core                                                
33       4096 May 11 2020 16:41:29.0000000000 +00:00 core/modules                                        
34       4096 May 05 2020 22:11:47.0000000000 +00:00 .prst_sync                                          
35       4096 Mar 01 2020 18:17:15.0000000000 +00:00 .rollback_timer                                     
36       4096 Mar 06 2020 21:01:11.0000000000 +00:00 gs_script                                           
37       4096 Mar 06 2020 21:01:11.0000000000 +00:00 gs_script/sss                                       
38       4096 Apr 24 2020 18:56:40.0000000000 +00:00 tech_support                                        
39      15305 May 11 2020 16:41:01.0000000000 +00:00 tech_support/igmp-snooping.tcl                      
40       1612 May 11 2020 16:41:01.0000000000 +00:00 tech_support/igmpsn_dump.tcl                        
.
.
.

The following is a sample output from the show bootflash: sizesort command:

Device# show bootflash: sizesort                                                           
-#- --length-- ---------date/time--------- path                                                               
126  968337890 Mar 27 2020 18:06:17.0000000000 +00:00 cat9k_iosxe.CSCvt37598.bin                              
136  967769293 May 05 2020 21:50:33.0000000000 +00:00 cat9k_iosxe.CSCvu05574                                  
124  967321806 Mar 23 2020 18:48:45.0000000000 +00:00 cat9k_ts_2103.bin                                       
133  951680494 Apr 13 2020 19:46:35.0000000000 +00:00 cat9k_iosxe.2020-04-13_17.34_rakoppak.SSA.bin           
130  950434163 Apr 09 2020 09:03:47.0000000000 +00:00 cat9k_iosxe.2020-04-09_13.49_rakoppak.SSA.bin           
132  950410332 Apr 09 2020 07:29:57.0000000000 +00:00 cat9k_iosxe.2020-04-09_12.28_rakoppak.SSA.bin           
134  948402972 Apr 17 2020 23:02:04.0000000000 +00:00 cat9k_iosxe.tla.bin                                     
77  810146146 Feb 27 2020 15:41:42.0000000000 +00:00 cat9k_iosxe.16.12.01c.SPA.bin                            
88  701945494 Feb 27 2020 16:23:55.0000000000 +00:00 cat9k_iosxe.16.09.03.SPA.bin                             
101  535442436 Mar 01 2020 18:01:41.0000000000 +00:00 cat9k-rpbase.16.12.01c.SPA.pkg                          
86   88884228 Mar 01 2020 18:01:41.0000000000 +00:00 cat9k-espbase.16.12.01c.SPA.pkg                          
104   60167172 Mar 01 2020 18:01:41.0000000000 +00:00 cat9k-sipspa.16.12.01c.SPA.pkg                          
102   43111770 Mar 01 2020 18:02:07.0000000000 +00:00 cat9k-rpboot.16.12.01c.SPA.pkg                          
15   33554432 May 11 2020 16:42:37.0000000000 +00:00 nvram_config                                             
131   33554432 May 11 2020 16:42:39.0000000000 +00:00 nvram_config_bkup                                       
103   31413252 Mar 01 2020 18:01:41.0000000000 +00:00 cat9k-sipbase.16.12.01c.SPA.pkg                         
105   22676484 Mar 01 2020 18:01:41.0000000000 +00:00 cat9k-srdriver.16.12.01c.SPA.pkg                        
85   14226440 Mar 01 2020 18:01:41.0000000000 +00:00 cat9k-cc_srdriver.16.12.01c.SPA.pkg                      
.
.
.

show cable-diagnostics tdr

To display the Time Domain Reflector (TDR) results, use the show cable-diagnostics tdr command in privileged EXEC mode.

show cable-diagnostics tdr interface interface-id

Syntax Description

interface-id

Specifies the interface on which TDR is run.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

TDR is supported only on 10/100/100 copper Ethernet ports. It is not supported on 10-Gigabit Ethernet ports and small form-factor pluggable (SFP) module ports.

Examples

This example shows the output from the show cable-diagnostics tdr interface interface-id command on a device:


Device# show cable-diagnostics tdr interface gigabitethernet1/0/23
		TDR test last run on: March 01 00:04:08 
		Interface  Speed  Local pair  Pair length         Remote pair   Pair status
		--------- ----- ---------- ------------------ ----------- --------------------
		Gi1/0/23   1000M  Pair A      1    +/- 1 meters   Pair A        Normal
		                  Pair B      1    +/- 1 meters   Pair B        Normal 
		                  Pair C      1    +/- 1 meters   Pair C        Normal 
		                  Pair D      1    +/- 1 meters   Pair D        Normal 

Table 2. Field Descriptions for the show cable-diagnostics tdr Command Output

Field

Description

Interface

The interface on which TDR is run.

Speed

The speed of connection.

Local pair

The name of the pair of wires that TDR is testing on the local interface.

Pair length

The location of the problem on the cable, with respect to your device. TDR can only find the location in one of these cases:

  • The cable is properly connected, the link is up, and the interface speed is 1000 Mb/s.
  • The cable is open.
  • The cable has a short.

Remote pair

The name of the pair of wires to which the local pair is connected. TDR can learn about the remote pair only when the cable is properly connected and the link is up.

Pair status

The status of the pair of wires on which TDR is running:

  • Normal—The pair of wires is properly connected.
  • Not completed—The test is running and is not completed.
  • Not supported—The interface does not support TDR.
  • Open—The pair of wires is open.
  • Shorted—The pair of wires is shorted.
  • ImpedanceMis—The impedance is mismatched.
  • Short/Impedance Mismatched—The impedance mismatched or the cable is short.
  • InProgress—The diagnostic test is in progress.

This example shows the output from the show interface interface-id command when TDR is running:


Device# show interface gigabitethernet1/0/2
		gigabitethernet1/0/2 is up, line protocol is up (connected: TDR in Progress)
		

This example shows the output from the show cable-diagnostics tdr interface interface-id command when TDR is not running:


# show cable-diagnostics tdr interface gigabitethernet1/0/2
		% TDR test was never issued on gigabitethernet1/0/2
		

If an interface does not support TDR, this message appears:


% TDR test is not supported on device 1

show consistency-checker mcast

To run a consistency-checker and detect inconsistent states of software entries on Layer 2 multicast forwarding tables and Layer 3 multicast forwarding tables, run the show consistency-checker mcast command in privileged EXEC mode.

show consistency-checker mcast { l2m | l3m } start { all | vlan vlan-id { ipv4-address | | | ipv6-adddress } } [ recursive ]

Syntax Description

l2m

Layer 2 multicast forwarding tables are selected to run a consistency-checker.

l3m

Layer 3 multicast forwarding tables are selected to run a consistency-checker.

start

Starts the consistency-checker for Layer 2 multicast.

  • all : Starts the checker for entire table

  • vlan vlan-id { ipv4-address | ipv6-address} : Starts the checker for the specified VLAN.

all

Starts the checker for entire table.

vlan vlan-id { ipv4-address | ipv6-address}

Starts the checker for the specified VLAN.

recursive

Runs a recursive consistency-checker.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Bengaluru 17.6.1

This command was introduced.

Cisco IOS XE Cupertino 17.7.1

The keyword l3m was introduced to run consistency checker on Layer 3 multicast forwarding tables.

Usage Guidelines

The consistency checker has the following limitations:

  • There is no command to abort or terminate the consistency checker. It will stop only once the full report has been displayed.

  • FED hardware checks are partially implemented. Only errors in programming hardware will be reported.

  • False Positive cases: When the consistency checker is running and a large number of feature table entry delete/add/modify actions occur (triggered via clear * or relearn), the consistency checker may report inconsistent or missing entries across processes. It can also switch off the stale reporting due to a large number of changes in table entries.

Examples

The following is a sample output for the show consistency-checker mcast l2m command:

Device# show consistency-checker mcast l2m start vlan 900 229.1.1.1 recursive
Single entry scan started with Run_id: 2

*Feb 17 06:54:09.880: %IOSXE_FMANRP_CCK-6-FMANRP_COMPLETED: Consistency Check for Run-Id 2 is completed. Check 'show consistency-checker run-id 2'.
Device#
Device# show consistency-checker run 2
Process: IOSD
  Object-Type    Start-time              Entries       Exceptions
  l2m_vlan       2021/02/17 06:54:01           1                0
  l2m_group      2021/02/17 06:54:01           1                0

Process: FMAN-FP
  *Statistics(A/I/M/S/O): Actual/Inherited/Missing/Stale/Others

  Object-Type    Start-time              State            A / I / M / S / O
  l2m_vlan       1970/01/01 00:10:03     Consistent        0/  0/  0/  0/  0
  l2m_group      1970/01/01 00:10:03     Consistent        0/  0/  0/  0/  0


Process: FED
  *Statistics(A/I/M/S/HW/O): Actual/Inherited/Missing/Stale/Hardware/Others

  Object-Type    Start-time              State             A / I / M / S / HW/ O
  l2m_vlan       2021/02/17 06:54:01     Inconsistent       1/  0/  0/  0/  0/  0
  l2m_group      2021/02/17 06:54:01     Inconsistent       0/  1/  0/  0/  0/  0

Device#

The following is a sample output for the show consistency-checker mcast l3m command:

Device# show consistency-checker mcast l2m start vlan 900 229.1.1.1 recursive
Single entry scan started with Run_id: 2

*Feb 17 06:54:09.880: %IOSXE_FMANRP_CCK-6-FMANRP_COMPLETED: Consistency Check for Run-Id 2 is completed. Check 'show consistency-checker run-id 2'.
Device#
Device# show consistency-checker run 2
Process: IOSD
  Object-Type    Start-time              Entries       Exceptions
  l2m_vlan       2021/02/17 06:54:01           1                0
  l2m_group      2021/02/17 06:54:01           1                0

Process: FMAN-FP
  *Statistics(A/I/M/S/O): Actual/Inherited/Missing/Stale/Others

  Object-Type    Start-time              State            A / I / M / S / O
  l2m_vlan       1970/01/01 00:10:03     Consistent        0/  0/  0/  0/  0
  l2m_group      1970/01/01 00:10:03     Consistent        0/  0/  0/  0/  0


Process: FED
  *Statistics(A/I/M/S/HW/O): Actual/Inherited/Missing/Stale/Hardware/Others

  Object-Type    Start-time              State             A / I / M / S / HW/ O
  l2m_vlan       2021/02/17 06:54:01     Inconsistent       1/  0/  0/  0/  0/  0
  l2m_group      2021/02/17 06:54:01     Inconsistent       0/  1/  0/  0/  0/  0

Device#

show consistency-checker mcast l3m

To run a consistency-checker and detect inconsistent states of software entries on the Layer 3 multicast forwarding tables, run the show consistency-checker mcast l3m command in privileged EXEC mode.

show consistency-checker mcast l3m start { all | vrf vrf-name { ipv4-address | | | ipv6-adddress } } [ recursive ]

Syntax Description

start

Starts the consistency-checker for Layer 3 multicast.

  • all : Starts the checker for entire table

  • vrf vrf-name { ipv4-address | ipv6-address} : Starts the checker for the specified VRF.

all

Starts the checker for entire table.

vrf vrf-name { ipv4-address | ipv6-address}

Starts the checker for the specified VRF.

recursive

Runs a recursive consistency-checker.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Cupertino 17.7.1

This command was introduced.

Usage Guidelines

The consistency checker has the following limitations:

  • There is no command to abort or terminate the consistency checker. It will stop only once the full report has been displayed.

  • FED hardware checks are partially implemented. Only errors in programming hardware will be reported.

  • False Positive cases: When the consistency checker is running and a large number of feature table entry delete/add/modify actions occur (triggered via clear * or relearn), the consistency checker may report inconsistent or missing entries across processes. It can also switch off the stale reporting due to a large number of changes in table entries.

You can run an end to end consistency checker using the show diagnostic content switch all command for Layer 2 multicast and Layer 3 multicast.

Examples

The following is a sample output for the show consistency-checker mcast l3m start allcommand:

Device# show consistency-checker mcast l3m start all
L3 multicast Full scan started. Run_id: 1
Use 'show consistency-checker run-id 1 status' for completion status.

SF-2043#       
*Apr  2 17:30:01.831: %IOSXE_FMANRP_CCK-6-FMANRP_COMPLETED: Consistency Check for Run-Id 1 is completed. Check 'show consistency-checker run-id 1'.
SF-2043#
SF-2043#
SF-2043#
SF-2043#
SF-2043#
SF-2043#sh consi
SF-2043#sh consistency-checker 
SF-2043#sh consistency-checker run-id 1 
Process: IOSD
Flags:    F - Full Table Scan, S - Single Entry Run
          RE -  Recursive Check, GD -  Garbage Detector
          Hw -  Hardware Check, HS - Hardware Shadow Copy
  Object-Type    Start-time              Entries  Exceptions  Flags
  l3m_entry      2021/04/02 17:29:35           8         0    F GD Hw HS 

Process: FMAN-FP
  *Statistics(A/I/M/S/Oth): Actual/Inherited/Missing/Stale/Others

  Object-Type    Start-time              State             A/  I/  M/  S/Oth
  l3m_entry      2021/04/02 17:29:35     Consistent        0/  0/  0/  0/  0

Process: FED
  *Statistics(A/I/M/S/HW/Oth): Actual/Inherited/Missing/Stale/Hardware/Others

  Object-Type    Start-time              State              A/  I/  M/  S/ HW/Oth
  l3m_entry      2021/04/02 17:29:35     Consistent         0/  0/  0/  0/  0/  0

The following is a sample output for the show consistency-checker mcast l3m command running a recursive consistency checker:

Device# sh consistency-checker mcast l3m start 225.1.1.1 recursive
Single entry scan started with Run_id: 2
Use 'show consistency-checker run-id 2 status' for completion status.
 
Device#show consistency-checker run-id 2 detail
Process: IOSD
  Object-Type:l2m_vlan   Start-time:2021/03/31 15:22:44
    Key/data                                Reason
    (Ipv4, vlan:100)                        Success
      snoop:on stp_tcn:off flood:off pimsn:off
 
  Object-Type:l2m_group   Start-time:2021/03/31 15:22:44
    Key/data                                Reason
    (Ipv4, vlan:100, (*,225.1.1.1))         Success
    Fo1/0/3
     
  Object-Type:l3m_entry   Start-time:2021/03/31 15:22:44
    Key/data                                Reason
    (Ipv4, (*,225.1.1.1))                   Success
    Entry flags: C
    Total entries: 1
    Obj_id: F80004A1 Flags:   F
     
Process: FMAN-FP 
  Object-Type:l3m_entry   Start-time:2021/03/31 15:22:44
    Status:Completed   State:Inconsistent
    Key/data                                Reason                                 
    (Ipv4, vrf:0, ((*,225.1.1.1)))          Inherited
      Entry Flags: C
      Total entries: 1
      Obj_id: f80004a1 Flags:   F      
---------------Recursion-level-1-----------------       
Object-Type:l2m_group   Start-time:2021/03/31 15:22:44
Status:Completed   State:Inconsistent
Key/data                                Reason                                 
(Ipv4, vlan:100, ((*,225.1.1.1)))       Inherited
         Group ports: total entries: 1
           FortyGigabitEthernet1/0/3          
---------------Recursion-level-2-----------------           
Object-Type:l2m_vlan   Start-time:2021/03/31 15:22:44
Status:Completed   State:Inconsistent
Key/data                                Reason                                 
(Ipv4, vlan:100)                        Inconsistent
         snoop:on stp_tcn:off flood:off pimsn:off
 
Process: FED 
  Object-Type:l3m_entry   Start-time:2021/03/31 15:22:44
    Status:Completed   State:Inconsistent
    Key/data                                Reason                                 
    (Ipv4, vrf:0 (*,225.1.1.1))             Inherited
    Entry Flags: C
    Total entries: 1
    Obj_id: f80004a1 Flags:   F    
---------------Recursion-level-1-----------------     
Object-Type:l2m_group   Start-time:2021/03/31 15:22:44
     Status:Completed   State:Inconsistent
     Key/data                                Reason                                  
    (Ipv4, vlan:100 (*,225.1.1.1))          Inherited
     Group ports: total entries: 1
     FortyGigabitEthernet1/0/3        
---------------Recursion-level-2-----------------         
Object-Type:l2m_vlan   Start-time:2021/03/31 15:22:44
     Status:Completed   State:Inconsistent
     Key/data                                Reason                                 
    (Ipv4, vlan: 100)                       Inconsistent
     snoop:on stp_tcn:off flood:off pimsn:off

The following is a sample output for the show consistency-checker mcast l3m command for a specified VRF:

Device#show consistency-checker mcast l3m start vrf vrf3001 229.1.1.1
Single entry scan started with Run_id: 5
Use 'show consistency-checker run-id 5 status' for completion status.
 
Stark#
*May 26 13:21:18.689: %IOSXE_FMANRP_CCK-6-FMANRP_COMPLETED: Consistency Check for Run-Id 5 is completed. Check 'show consistency-checker run-id 5'.
Stark#
Stark#
Stark#
Stark#sh consistency-checker run-id 5 detail
Process: IOSD
  Object-Type:l3m_entry   Start-time:2021/05/26 13:21:07
    Key/data                                Reason
    (Ipv4, vrf:vrf3001, (*,229.1.1.1))      Success
    Entry flags: C
    Total entries: 2
    Obj_id: 4D Obj_flags: A
    Obj_id: F80004B1 Obj_flags: F
      
 
Process: FMAN-FP 
  Object-Type:l3m_entry   Start-time:2021/05/26 13:21:07
    Status:Completed   State:Inconsistent
    Key/data                                Reason                                 
    (Ipv4, vrf:4, ((*,229.1.1.1)))          Inconsistent
    Entry Flags: C
    Total entries: 2
    Obj_id: 6e Obj_flags: A
    Obj_id: f80004b1 Obj_flags: F
 
 
Process: FED 
  Object-Type:l3m_entry   Start-time:2021/05/26 13:21:07
    Status:Completed   State:Inconsistent
    Key/data                                Reason                                 
    (Ipv4, vrf:4 (*,229.1.1.1))             Inconsistent
    Entry Flags: C
    Total entries: 2
    Obj_id: 6e Obj_flags: A
    Obj_id: f80004b1 Obj_flags: F

The following is a sample output for the show diagnostic content switch all command:

Device#show diagnostic content switch all
switch 2  module 1: 

  Diagnostics test suite attributes:
    M/C/* - Minimal bootup level test / Complete bootup level test / NA
      B/* - Basic ondemand test / NA
    P/V/* - Per port test / Per device test / NA
    D/N/* - Disruptive test / Non-disruptive test / NA
      S/* - Only applicable to standby unit / NA
      X/* - Not a health monitoring test / NA
      F/* - Fixed monitoring interval test / NA
      E/* - Always enabled monitoring test / NA
      A/I - Monitoring is active / Monitoring is inactive

                                                          Test Interval   Thre-
  ID   Test Name                          Attributes      day hh:mm:ss.ms shold
  ==== ================================== ============    =============== =====
    1) TestGoldPktLoopback -------------> *BPN*X**I       not configured  n/a
    2) TestOBFL ------------------------> *B*N*X**I       not configured  n/a
    3) TestFantray ---------------------> *B*N****A       000 00:01:40.00 1
    4) TestPhyLoopback -----------------> *BPD*X**I       not configured  n/a
    5) TestThermal ---------------------> *B*N****A       000 00:01:30.00 1
    6) TestScratchRegister -------------> *B*N****A       000 00:01:30.00 5
    7) TestPortTxMonitoring ------------> *BPN****A       000 00:02:30.00 1
    8) TestConsistencyCheckL2 ----------> *B*N****A       000 00:01:30.00 1
    9) TestConsistencyCheckL3 ----------> *B*N****A       000 00:01:30.00 1
   10) TestConsistencyCheckMcast -------> *B*N****A       000 00:01:30.00 1
   11) TestConsistencyCheckL2m ---------> *B*N****A       000 00:01:30.00 1
   12) TestConsistencyCheckL3m ---------> *B*N****A       000 00:01:30.00 1  
This gives the status of consistency check for multicast

show consistency-checker objects

To run a consistency-checker and detect inconsistent states of software entries on objects, run the show consistency-checker objects command in privileged EXEC mode.

show consistency-checker objects { adjacency | | | interface | | | l2m_group | | | l2m_vlan | | | l3_entry | | | l3m_entry } [ run-id ] [ detail ]

Syntax Description

adjacency

Runs the consistenc-checker on adjacency entries.

interface

Runs the consistenc-checker on interface entries.

l2m_group

Runs the consistenc-checker on Layer 2 Multicast group entries.

l2m_vlan

Runs the consistenc-checker on Layer 2 Multicast VLAN entries.

l3_entry

Runs the consistenc-checker on Layer 3 Unicast entries.

l3m_entry

Runs the consistenc-checker on Layer 3 Multicast entries.

run-id

Runs the consistency-checker by run ID.

detail

Displays detailed output for the run ID.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Bengaluru 17.6.1

This command was introduced.

Usage Guidelines

The consistency checker has the following limitations:

  • There is no command to abort or terminate the consistency checker. It will stop only once the full report has been displayed.

  • FED hardware checks are partially implemented. Only errors in programming hardware will be reported.

  • False Positive cases: When the consistency checker is running and a large number of feature table entry delete/add/modify actions occur (triggered via clear * or relearn), the consistency checker may report inconsistent or missing entries across processes. It can also switch off the stale reporting due to a large number of changes in table entries.

Examples

The following is sample output for the show consistency-checker objects l2m_group command:

Device# show consistency-checker objects l2m_group
Process: IOSD
  Run-id    Start-time              Exception
  1         2021/02/17 05:20:42     0
  2         2021/02/17 06:19:05     0

Process: FMAN-FP
  *Statistics(A/I/M/S/Oth): Actual/Inherited/Missing/Stale/Others

  Run-id    Start-time              State           A/  I/  M/  S/Oth
  1         2021/02/17 05:20:42     Consistent      0/  0/  0/  0/  0
  2         2021/02/17 06:19:05     Consistent      0/  0/  0/  0/  0

Process: FED
  *Statistics(A/I/M/S/HW/Oth): Actual/Inherited/Missing/Stale/Hardware/Others

  Run-id    Start-time              State           A/  I/  M/  S/ HW/Oth
  1         2021/02/17 05:20:42     Consistent      0/  0/  0/  0/  0/  0
  2         2021/02/17 06:19:05     Inconsistent    4/  0/  2/  0/  0/  0

Device#

show consistency-checker run-id

To run a consistency-checker and detect inconsistent states of software entries by run ID, run the show consistency-checker run-id run-id command in privileged EXEC mode.

show consistency-checker run-id run-id [ detail | | | status ]

Syntax Description

run-id

Specifies the run ID.

detail

Displays detailed output for the run ID.

status

Displays the completion status of the checker.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Bengaluru 17.6.1

This command was introduced.

Usage Guidelines

The consistency checker has the following limitations:

  • There is no command to abort or terminate the consistency checker. It will stop only once the full report has been displayed.

  • FED hardware checks are partially implemented. Only errors in programming hardware will be reported.

  • False Positive cases: When the consistency checker is running and a large number of feature table entry delete/add/modify actions occur (triggered via clear * or relearn), the consistency checker may report inconsistent or missing entries across processes. It can also switch off the stale reporting due to a large number of changes in table entries.

Examples

The following is sample output for the show consistency-checker run-id run-id command:

Device# show consistency-checker run-id 6
Process: IOSD
Flags:    F - Full Table Scan, S - Single Entry Run
          RE -  Recursive Check, GD -  Garbage Detector
          Hw -  Hardware Check, HS - Hardware Shadow Copy
  Object-Type    Start-time              Entries  Exceptions  Flags
  l2m_vlan       2021/07/19 15:19:41          30         0    F Hw HS 
  l2m_group      2021/07/19 15:19:42          10         0    F Hw HS 

Process: FMAN-FP
  *Statistics(A/I/M/S/Oth): Actual/Inherited/Missing/Stale/Others

  Object-Type    Start-time              State             A/  I/  M/  S/Oth
  l2m_vlan       2021/07/19 15:19:41     Consistent        0/  0/  0/  0/  0
  l2m_group      2021/07/19 15:19:42     Consistent        0/  0/  0/  0/  0

Process: FED
  *Statistics(A/I/M/S/HW/Oth): Actual/Inherited/Missing/Stale/Hardware/Others

  Object-Type    Start-time              State              A/  I/  M/  S/ HW/Oth
  l2m_vlan       2021/07/19 15:19:41     Consistent         0/  0/  0/  0/  0/  0
  l2m_group      2021/07/19 15:19:42     Consistent         0/  0/  0/  0/  0/  0
          
Device#

The following is sample output for the show consistency-checker run-id run-id status command:

Device# show consistency-checker run-id 6 status 
Process: IOSD
  Object-Type      Status           Time(sec)     Exceptions
  l2m_vlan         Completed        13            No               
  l2m_group        Completed        13            No               

Process: FMAN-FP
  Object-Type      Status           Time(sec)     State
  l2m_vlan         Completed        12            Consistent       
  l2m_group        Completed        11            Consistent       

Process: FED
  Object-Type      Status           Time(sec)     State
  l2m_vlan         Completed        12            Consistent       
  l2m_group        Completed        11            Consistent       

Device#

show debug

To display all the debug commands available on a switch, use the show debug command in Privileged EXEC mode.

show debug

show debug condition Condition identifier | All conditions

Syntax Description

Condition identifier

Sets the value of the condition identifier to be used. Range is between 1 and 1000.

All conditions

Shows all conditional debugging options available.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Release 16.1

This command was introduced.

Usage Guidelines

Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support staff. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

This example shows the output of a show debug command:


Device# show debug condition all

To disable debugging, use the no debug all command.

show env

To display the list of sensors and all details like location, operational counters, status, history and so on, for the sensors, use the show env command in EXEC modes.

show env { all | counters | history sensor-name | location sensor-name | sensor sensor-name | status | summary | table sensor-name}

Syntax Description

all

Displays a list of sensors on the switch.

counters

Displays the operational counters.

history sensor-name

Displays the sensor state change history.

location

Displays sensors by location.

sensor sensor-name

Displays sensor summary.

status

Displays the environmental status of the power fan units (PFU).

summary

Displays a summary of all environmental monitoring sensors.

table sensor-name

Displays sensor state table.

Command Default

No default behavior or values.

Command Modes

User EXEC

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use the show env privileged EXEC command to display the device sensor information.

Examples

The following example shows how to display information for a sensor:

Switch#show env sensor Temp 
Sensor Summary:  Environmental Monitoring 
 Sensor: Temp: Coretemp    Location: R0              
 Current State: Normal             Reading: 46 Celsius

Sensor: Temp: DopplerD    Location: R0              
 Current State: Normal             Reading: 86 Celsius

Sensor: Temp:   outlet    Location: R0              
 Current State: Normal             Reading: 43 Celsius

Sensor: Temp:    inlet    Location: R0              
 Current State: Normal             Reading: 43 Celsius

Sensor: Temp:   Outlet    Location: 6/0             
 Current State: Normal             Reading: 39 Celsius

Sensor: Temp:    Inlet    Location: 6/0             
 Current State: Normal             Reading: 36 Celsius

Sensor: Temp:   Outlet    Location: 5/0             
 Current State: Normal             Reading: 33 Celsius

Sensor: Temp:    Inlet    Location: 5/0             
 Current State: Normal             Reading: 28 Celsius

The following example shows how to display the status of different sensors:

Switch#show env status     
Power                                                       Fan States
Supply  Model No              Type  Capacity  Status        1     2     3     4
------  --------------------  ----  --------  ------------  -----------------------
PS2     WS-XP3200AC           AC    3200 W    active        good  good  good  good 
PS3     WS-XP3200AC           AC    3200 W    active        good  good  good  good 

PS Current Configuration Mode : Combined
PS Current Operating State    : Combined

Power supplies currently active    : 2
Power supplies currently available : 2


Fantray : good
Power consumed by Fantray : 350 Watts
Fantray airflow direction : side-to-side
Fantray beacon LED: off
Fantray status LED: green
SYSTEM : GREEN

The following example shows how to display the sensor state table:


Switch#show env table Temp
Sensor State Table:  Environmental Monitoring 
 Sensor: Temp: Coretemp    Location: R0              
 Current State: Normal             Reading: 46 Celsius
0-Normal            Low:-2147483647  High:106          Margin:0      
         Action:RECORD               Alarm:NONE             
         Poll:60000                  Reminder:3600000 
1-Minor             Low:107          High:116          Margin:0      
         Action:RECORD               Alarm:MINOR            
         Poll:60000                  Reminder:3600000 
2-Major             Low:117          High:122          Margin:0      
         Action:RECORD               Alarm:MAJOR            
         Poll:60000                  Reminder:3600000 
3-Critical          Low:123          High:124          Margin:0      
         Action:RECORD               Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 
4-Shutdown          Low:125          High:2147483647   Margin:0      
         Action:SHUTDOWN             Alarm:NONE             
         Poll:60000                  Reminder:3600000 

Sensor State Table:  Environmental Monitoring 
 Sensor: Temp: DopplerD    Location: R0              
 Current State: Normal             Reading: 86 Celsius
0-Normal            Low:-2147483647  High:106          Margin:0      
         Action:RECORD               Alarm:NONE             
         Poll:60000                  Reminder:3600000 
1-Minor             Low:107          High:116          Margin:0      
         Action:RECORD               Alarm:MINOR            
         Poll:60000                  Reminder:3600000 
2-Major             Low:117          High:122          Margin:0      
         Action:RECORD               Alarm:MAJOR            
         Poll:60000                  Reminder:3600000 
3-Critical          Low:123          High:124          Margin:0      
         Action:RECORD               Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 
4-Shutdown          Low:125          High:2147483647   Margin:0      
         Action:RECORD               Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 

Sensor State Table:  Environmental Monitoring 
 Sensor: Temp:   outlet    Location: R0              
 Current State: Normal             Reading: 43 Celsius
0-Normal            Low:-2147483648  High:54           Margin:0      
         Action:RECORD               Alarm:NONE             
         Poll:60000                  Reminder:3600000 
1-Minor             Low:55           High:64           Margin:0      
         Action:RECORD               Alarm:MINOR            
         Poll:60000                  Reminder:3600000 
2-Major             Low:65           High:74           Margin:0      
         Action:RECORD               Alarm:MAJOR            
         Poll:60000                  Reminder:3600000 
3-Critical          Low:75           High:99           Margin:0      
         Action:RECORD               Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 
4-Shutdown          Low:100          High:2147483647   Margin:0      
         Action:SHUTDOWN             Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 

Sensor State Table:  Environmental Monitoring 
 Sensor: Temp:    inlet    Location: R0              
 Current State: Normal             Reading: 43 Celsius
0-Normal            Low:-2147483648  High:44           Margin:0      
         Action:RECORD               Alarm:NONE             
         Poll:60000                  Reminder:3600000 
1-Minor             Low:45           High:54           Margin:0      
         Action:RECORD               Alarm:MINOR            
         Poll:60000                  Reminder:3600000 
2-Major             Low:55           High:64           Margin:0      
         Action:RECORD               Alarm:MAJOR            
         Poll:60000                  Reminder:3600000 
3-Critical          Low:65           High:71           Margin:0      
         Action:RECORD               Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 
4-Shutdown          Low:72           High:2147483647   Margin:0      
         Action:SHUTDOWN             Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 

Sensor State Table:  Environmental Monitoring 
 Sensor: Temp:   Outlet    Location: 6/0             
 Current State: Normal             Reading: 39 Celsius
0-Normal            Low:-2147483648  High:54           Margin:0      
         Action:RECORD               Alarm:NONE             
         Poll:60000                  Reminder:3600000 
1-Minor             Low:55           High:64           Margin:0      
         Action:RECORD               Alarm:MINOR            
         Poll:60000                  Reminder:3600000 
2-Major             Low:65           High:74           Margin:0      
         Action:RECORD               Alarm:MAJOR            
         Poll:60000                  Reminder:3600000 
3-Critical          Low:75           High:99           Margin:0      
         Action:RECORD               Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 
4-Shutdown          Low:100          High:2147483647   Margin:0      
         Action:SHUTDOWN             Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 

Sensor State Table:  Environmental Monitoring 
 Sensor: Temp:    Inlet    Location: 6/0             
 Current State: Normal             Reading: 36 Celsius
0-Normal            Low:-2147483648  High:44           Margin:0      
         Action:RECORD               Alarm:NONE             
         Poll:60000                  Reminder:3600000 
1-Minor             Low:45           High:54           Margin:0      
         Action:RECORD               Alarm:MINOR            
         Poll:60000                  Reminder:3600000 
2-Major             Low:55           High:64           Margin:0      
         Action:RECORD               Alarm:MAJOR            
         Poll:60000                  Reminder:3600000 
3-Critical          Low:65           High:71           Margin:0      
         Action:RECORD               Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 
4-Shutdown          Low:72           High:2147483647   Margin:0      
         Action:SHUTDOWN             Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 

Sensor State Table:  Environmental Monitoring 
 Sensor: Temp:   Outlet    Location: 5/0             
 Current State: Normal             Reading: 33 Celsius
0-Normal            Low:-2147483648  High:54           Margin:0      
         Action:RECORD               Alarm:NONE             
         Poll:60000                  Reminder:3600000 
1-Minor             Low:55           High:64           Margin:0      
         Action:RECORD               Alarm:MINOR            
         Poll:60000                  Reminder:3600000 
2-Major             Low:65           High:74           Margin:0      
         Action:RECORD               Alarm:MAJOR            
         Poll:60000                  Reminder:3600000 
3-Critical          Low:75           High:99           Margin:0      
         Action:RECORD               Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 
4-Shutdown          Low:100          High:2147483647   Margin:0      
         Action:SHUTDOWN             Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 

Sensor State Table:  Environmental Monitoring 
 Sensor: Temp:    Inlet    Location: 5/0             
 Current State: Normal             Reading: 28 Celsius
0-Normal            Low:-2147483648  High:44           Margin:0      
         Action:RECORD               Alarm:NONE             
         Poll:60000                  Reminder:3600000 
1-Minor             Low:45           High:54           Margin:0      
         Action:RECORD               Alarm:MINOR            
         Poll:60000                  Reminder:3600000 
2-Major             Low:55           High:64           Margin:0      
         Action:RECORD               Alarm:MAJOR            
         Poll:60000                  Reminder:3600000 
3-Critical          Low:65           High:71           Margin:0      
         Action:RECORD               Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 
4-Shutdown          Low:72           High:2147483647   Margin:0      
         Action:SHUTDOWN             Alarm:CRITICAL         
         Poll:60000                  Reminder:3600000 

show env xps

To display budgeting, configuration, power, and system power information for the Cisco eXpandable Power System (XPS) 2200, use the show env xps command in privileged EXEC mode.

show env xps { budgeting | configuration | port [ all | number ] | power | system | thermal | upgrade | version }

Syntax Description

budgeting

Displays XPS power budgeting, the allocated and budgeted power of all switches in the power stack.

configuration

Displays the configuration resulting from the power xps privileged EXEC commands. The XPS configuration is stored in the XPS. Enter the show env xps configuration command to retrieve the non-default configuration.

port [ all | number ]

Displays the configuration and status of all ports or the specified XPS port. Port numbers are from 1 to 9.

power

Displays the status of the XPS power supplies.

system

Displays the XPS system status.

thermal

Displays the XPS thermal status.

upgrade

Displays the XPS upgrade status.

version

Displays the XPS version details.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(55)SE1

This command was introduced.

Usage Guidelines

Use the show env xps privileged EXEC command to display the information for XPS 2200.

Examples

This is an example of output from the show env xps budgeting command:

Switch#
=======



XPS 0101.0100.0000 :
=========================================================
Data                  Current    Power     Power Port  Switch #  PS A  PS B  Role-State Committed  
Budget
----  --------  ----  ----  ---------- ---------  ------ 1     -        -    715  SP-PS      223    
    1543
2     -        -    -    SP-PS      223       223
3     -        -    -    -          -         -
4     -        -    -    -          -         -
5     -        -    -    -          -         -
6     -        -    -    -          -         -
7     -        -    -    -          -         -
8     -        -    -    -          -         -
9     1        1100 -    RPS-NB     223        070
XPS  -        -    1100  -          -

This is an example of output from the show env xps configuration command:

Switch# show env xps configuration
=============================================
XPS 0101.0100.0000 :
=============================================
power xps port 4 priority 5
power xps port 5 mode disable
power xps port 5 priority 6
power xps port 6 priority 7
power xps port 7 priority 8
power xps port 8 priority 9
power xps port 9 priority 4

This is an example of output from the show env xps port all command:

Switch#
XPS 010



-----------------------------------------
Port name          : -
Connected          : Yes
Mode               : Enabled (On)
Priority           : 1
Data stack switch # : - Configured role    : Auto-SP
Run mode            : SP-PS : Stack Power Power-Sharing Mode
Cable faults        : 0x0 XPS 0101.0100.0000 Port 2
-----------------------------------------
Port name          : -
Connected          : Yes
Mode               : Enabled (On)
Priority           : 2
Data stack switch # : - Configured role    : Auto-SP
Run mode            : SP-PS : Stack Power Power-Sharing Mode
Cable faults        : 0x0 XPS 0101.0100.0000 Port 3
-----------------------------------------
Port name          : -
Connected          : No
Mode               : Enabled (On)
Priority           : 3
Data stack switch # : - Configured role    : Auto-SP Run mode            : -
Cable faults
<output truncated>

This is an example of output from the show env xps power command:

=============================================================================
XPS 0101.0100.0000 :
=============================================================================
Port-Supply SW PID                 Serial#     Status         Mode Watts
----------- -- ------------------  ----------- --------------  ----  -----
XPS-A           Not present
XPS-B           NG3K-PWR-1100WAC   LIT13320NTV OK             SP   1100
1-A         -  -                   -           -
1-B         -  -                   -           -               SP    715
2-A         -  -                   -           -
2-B         -  -                   -           -
9-A                       100WAC    LIT141307RK OK              RPS  1100
9-B                   esent

This is an example of output from the show env xps system command:

Switch#
=======


XPS 0101.0100.0000 :
============================================================================
XPS                        Cfg  Cfg      RPS Switch  Current    Data Port  XPS Port Name        
Mode Role    Pri Conn    Role-State  Switch #
----  --------------------  ---- -------  --- ------  ----------  --------
1     -                    On   Auto-SP  1   Yes     SP-PS      -
2     -                    On   Auto-SP  2   Yes     SP-PS      -
3     -                    On   Auto-SP  3   No      -          -
4     none                 On   Auto-SP  5   No      -          -
5     -                    Off  Auto-SP  6   No      -          -
6     -                    On   Auto-SP  7   No      -          -
7     -                    On   Auto-SP  8   No      -          -
8     -                    On   Auto-SP  9   No      -
9     test                 On   Auto-SP  4   Yes     RPS-NB

This is an example of output from the show env xps thermal command:

Switch#
=======



XPS 0101.0100.0000 :
=============================================
Fan  Status
----  -----------
1     OK
2     OK
3     NOT PRESENT PS-1  NOT PRESENT PS-2  OK Temperature is OK

This is an example of output from the show env xps upgrade command when no upgrade is occurring:

Switch# show env xps upgrade
No XPS is connected and upgrading.

These are examples of output from the show env xps upgrade command when an upgrade is in process:

Switch# show env xps upgrade
XPS Upgrade Xfer

SW Status Prog
-- ----------- ----
1 Waiting 0%
Switch#
*Mar 22 03:12:46.723: %PLATFORM_XPS-6-UPGRADE_START: XPS 0022.bdd7.9b14 upgrade has
started through the Service Port.
Switch# show env xps upgrade
XPS Upgrade Xfer
SW Status Prog
-- ----------- ----
1 Receiving 1%
Switch# show env xps upgrade
XPS Upgrade Xfer
SW Status Prog
-- ----------- ----
1 Receiving 5%
Switch# show env xps upgrade
XPS Upgrade Xfer
SW Status Prog
-- ----------- ----
1 Reloading 100%
Switch#
*Mar 22 03:16:01.733: %PLATFORM_XPS-6-UPGRADE_DONE: XPS 0022.bdd7.9b14 upgrade has
completed and the XPS is reloading.

This is an example of output from the show env xps version command:

Switch# show env xps version
=============================================
XPS 0022.bdd7.9b14:
=============================================
Serial Number: FDO13490KUT
Hardware Version: 8
Bootloader Version: 7
Software Version: 18
Table 3. Related Commands

Command

Description

power xps(global configuration command)

Configures XPS and XPS port names.

power xps(privileged EXEC command)

Configures the XPS ports and system.

show flow monitor

To display the status and statistics for a flow monitor, use the show flow monitor command in privileged EXEC mode.

Syntax Description

name

(Optional) Specifies the name of a flow monitor.

monitor-name

(Optional) Name of a flow monitor that was previously configured.

cache

(Optional) Displays the contents of the cache for the flow monitor.

format

(Optional) Specifies the use of one of the format options for formatting the display output.

csv

(Optional) Displays the flow monitor cache contents in comma-separated variables (CSV) format.

record

(Optional) Displays the flow monitor cache contents in record format.

table

(Optional) Displays the flow monitor cache contents in table format.

statistics

(Optional) Displays the statistics for the flow monitor.

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

The cache keyword uses the record format by default.

The uppercase field names in the display output of the show flowmonitor monitor-name cache command are key fields that uses to differentiate flows. The lowercase field names in the display output of the show flow monitor monitor-name cache command are nonkey fields from which collects values as additional data for the cache.

Examples

The following example displays the status for a flow monitor:

# show flow monitor FLOW-MONITOR-1
 
Flow Monitor FLOW-MONITOR-1:
  Description:       Used for basic traffic analysis
  Flow Record:       flow-record-1
  Flow Exporter:     flow-exporter-1
                     flow-exporter-2
  Cache:
    Type:              normal
    Status:            allocated
    Size:              4096 entries / 311316 bytes
    Inactive Timeout:  15 secs
    Active Timeout:    1800 secs


This table describes the significant fields shown in the display.

Table 4. show flow monitor monitor-name Field Descriptions

Field

Description

Flow Monitor

Name of the flow monitor that you configured.

Description

Description that you configured or the monitor, or the default description User defined.

Flow Record

Flow record assigned to the flow monitor.

Flow Exporter

Exporters that are assigned to the flow monitor.

Cache

Information about the cache for the flow monitor.

Type

Flow monitor cache type. The value is always normal, as it is the only supported cache type.

Status

Status of the flow monitor cache.

The possible values are:

  • allocated—The cache is allocated.

  • being deleted—The cache is being deleted.

  • not allocated—The cache is not allocated.

Size

Current cache size.

Inactive Timeout

Current value for the inactive timeout in seconds.

Active Timeout

Current value for the active timeout in seconds.

The following example displays the status, statistics, and data for the flow monitor named FLOW-MONITOR-1:

This table describes the significant fields shown in the display.

The following example displays the status, statistics, and data for the flow monitor named FLOW-MONITOR-1 in a table format:

The following example displays the status, statistics, and data for the flow monitor named FLOW-MONITOR-IPv6 (the cache contains IPv6 data) in record format:

The following example displays the status and statistics for a flow monitor:

show idprom module

To display the identification programmable read-only memory (IDPROM) information for a specific module, use the show idprom module command in privileged EXEC mode.

show idprom module slot-number eeprom [ detail | dump ]

Syntax Description

slot-number

Specifies the slot number.

eeprom

Specifies EEPROM information.

detail

(Optional) Specifies detailed EEPROM information.

dump

(Optional) Specifies EEPROM information in hexadecimal or ASCII format.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Examples

The following is sample output from the show idprom module command:

Device# show idprom module 1 eeprom detail
Slot 1 EEPROM data:

        EEPROM version           : 4
        Compatible Type          : 0xFF
        Controller Type          : 3481
        Hardware Revision        : 0.5
        PCB Part Number          : 73-18351-03
        Board Revision           : 03
        Deviation Number         : 0
        Fab Version              : 03
        PCB Serial Number        : CAT2232L0ND
        RMA Test History         : 00
        RMA Number               : 0-0-0-0
        RMA History              : 00
        Top Assy. Part Number    : 068-101548-01
        Top Assy. Revision       : 11  
        CLEI Code                : UNDEFINED 
        ECI Number               : 0
        Product Identifier (PID) : C9600-LC-48YL
        Version Identifier (VID) : V00 
        Base MAC Address         : 78 72 5D EC 6C 00 
        MAC Address block size   : 128
        Environment Monitor Data : 06 00 00 00 12 C1 2C 00 
                                   FB 
        Environment Monitor Data : 00 06 00 FA 
        Manufacturing Test Data  : 00 00 00 00 00 00 00 00 
        Field Diagnostics Data   : 00 00 00 00 00 00 00 00 
        Platform features        : 00 00 00 00 00 00 00 00 
                                   00 00 00 00 00 00 00 00 
                                   00 00 00 00 00 00 00 00 

show install

To display information about install packages, use the show install command in privileged EXEC mode.

show install {active | committed | inactive | log | package {bootflash: | flash: | webui:} | rollback | summary | uncommitted}

Syntax Description

active

Displays information about active packages.

committed

Displays package activations that are persistent.

inactive

Displays inactive packages.

log

Displays entries stored in the logging installation buffer.

package

Displays metadata information about the package, including description, restart information, components in the package, and so on.

{bootflash: | flash: | harddisk: |webui:}

Specifies the location of the install package.

rollback

Displays the software set associated with a saved installation.

summary

Displays information about the list of active, inactive, committed, and superseded packages.

uncommitted Displays package activations that are nonpersistent.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Everest 16.6.3

This command was introduced.

Usage Guidelines

Use the show commands to view the status of the install package.

Examples

The following is sample output from the show install package command:

Device# show install package bootflash:cat3k-universalk9.2017-01-10_13.15.1.
CSCxxx.SSA.dmp.bin
Name:  cat3k-universalk9.2017-01-10_13.15.1.CSCxxx.SS
Version:  16.6.1.0.199.1484082952..Everest
Platform:  Catalyst3k
Package Type:  dmp
Defect ID:  CSCxxx
Package State:  Added
Supersedes List:  {}
Smu ID:  1

The following is sample output from the show install summary command:

Device# show install summary 

Active Packages:
    bootflash:cat3k-universalk9.2017-01-10_13.15.1.CSCxxx.SSA.dmp.bin
Inactive Packages:
   No packages
Committed Packages:
    bootflash:cat3k-universalk9.2017-01-10_13.15.1.CSCxxx.SSA.dmp.bin
Uncommitted Packages:
   No packages
Device#

The table below lists the significant fields shown in the display.

Table 5. show install summary Field Descriptions

Field

Description

Active Packages

Name of the active install package.

Inactive Packages

List of inactive packages.

Committed Packages

Install packages that have saved or committed changes to the harddisk, so that the changes become persistent across reloads.

Uncommitted Packages

Intall package activations that are nonpersistent.

The following is sample output from the show install log command:

Device# show install log

[0|install_op_boot]: START Fri Feb 24 19:20:19 Universal 2017
[0|install_op_boot]: END SUCCESS  Fri Feb 24 19:20:23 Universal 2017
[3|install_add]: START Sun Feb 26 05:55:31 UTC 2017
[3|install_add( FATAL)]: File path (scp) is not yet supported for this command
[4|install_add]: START Sun Feb 26 05:57:04 UTC 2017
[4|install_add]: END SUCCESS /bootflash/cat3k-universalk9.2017-01-10_13.15.1.CSCvb12345.SSA.dmp.bin 
Sun Feb 26 05:57:22 UTC 2017
[5|install_activate]: START Sun Feb 26 05:58:41 UTC 2017

show license all

To display all licensing information enter the show license all command in privileged EXEC mode. This command displays status, authorization, UDI, and usage information, all combined.

show license all

Syntax Description

This command has no arguments or keywords.

Command Default

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Cisco IOS XE Amsterdam 17.3.2a

Command output was updated to display information relating to Smart Licensing Using Policy.

Command output no longer displays Smart Account and Virtual account information.

Cisco IOS XE Cupertino 17.7.1

The output of the command was enhanced to display the following information:

  • RUM report statistics, in section Usage Report Summary.

  • Smart Account and Virtual Account information, in section Account Information.

Usage Guidelines

This command concatenates the output of other show license commands, enabling you to display different kinds of licensing information together. For field descriptions, refer to the corresponding commands.

Smart Licensing: If the software version on the device is Cisco IOS XE Amsterdam 17.3.1 or an earlier release, command output displays fields pertinent to Smart Licensing (whether smart licensing is enabled, all associated licensing certificates, compliance status, and so on).

Smart Licensing Using Policy: If the software version on the device (also referred to as a product instance) is Cisco IOS XE Amsterdam 17.3.2a or a later release, command output displays fields pertinent to Smart Licensing Using Policy.

  • The Smart Licensing Status section corresponds with the output of the show license status command.

  • The License Usage section corresponds with the output of the show license usage command.

  • The Product Information section corresponds with the output of the show license udi command.

  • The Agent Version section of the show license all command displays the Smart Agent version and is available only in this command.

  • The License Authorizations section corresponds with the output of the show license authorization command.

  • The Usage Report Summary section corresponds with the output in the show license tech command.

Examples

show license all for Smart Licensing Using Policy (Cisco Catalyst 9300 Series Switches)

The following is sample output of the show license all command in a stacking set-up. All the product instances in the stack are C9300X switches, which support the Export Control Key for High Security (HSECK9) starting from Cisco IOS XE Bengaluru 17.6.2. An HSECK9 key is used here and the requisite Smart Licensing Authorization Code (SLAC) is installed (SMART AUTHORIZATION INSTALLED on Oct 29 17:45:28 2021 UTC).
Device# show license all
 
Smart Licensing Status
======================
 
Smart Licensing is ENABLED
 
Export Authorization Key:
  Features Authorized:
    <none>
 
Utility:
  Status: DISABLED
 
Smart Licensing Using Policy:
  Status: ENABLED
 
Data Privacy:
  Sending Hostname: yes
    Callhome hostname privacy: DISABLED
    Smart Licensing hostname privacy: DISABLED
  Version privacy: DISABLED
 
Transport:
  Type: cslu
  Cslu address: <empty>
  Proxy:
    Not Configured
 
Miscellaneous:
  Custom Id: <empty>
 
Policy:
  Policy in use: Installed On Oct 29 17:44:15 2021 UTC
  Policy name: Custom Policy
  Reporting ACK required: yes (Customer Policy)
  Unenforced/Non-Export Perpetual Attributes:
    First report requirement (days): 365 (Customer Policy)
    Reporting frequency (days): 0 (Customer Policy)
    Report on change (days): 90 (Customer Policy)
  Unenforced/Non-Export Subscription Attributes:
    First report requirement (days): 90 (Customer Policy)
    Reporting frequency (days): 90 (Customer Policy)
    Report on change (days): 90 (Customer Policy)
  Enforced (Perpetual/Subscription) License Attributes:
    First report requirement (days): 0 (CISCO default)
    Reporting frequency (days): 90 (Customer Policy)
    Report on change (days): 90 (Customer Policy)
  Export (Perpetual/Subscription) License Attributes:
    First report requirement (days): 0 (CISCO default)
    Reporting frequency (days): 90 (Customer Policy)
    Report on change (days): 90 (Customer Policy)
 
Usage Reporting:
  Last ACK received: Oct 29 17:48:51 2021 UTC
  Next ACK deadline: Jan 27 17:48:51 2022 UTC
  Reporting push interval: 30  days
  Next ACK push check: <none>
  Next report push: Oct 29 18:32:43 2021 UTC
  Last report push: Oct 29 17:44:50 2021 UTC
  Last report file write: <none>
 
Trust Code Installed:
  Active: PID:C9300X-24HX,SN:FOC2519L8R7
    INSTALLED on Oct 29 17:44:15 2021 UTC
  Standby: PID:C9300X-48HXN,SN:FOC2524L39P
    INSTALLED on Oct 29 17:44:15 2021 UTC
  Member: PID:C9300X-48HX,SN:FOC2516LC92
    INSTALLED on Oct 29 17:44:15 2021 UTC
 
License Usage
=============
 
network-advantage (C9300-24 Network Advantage):
  Description: C9300-24 Network Advantage
  Count: 1
  Version: 1.0
  Status: IN USE
  Export status: NOT RESTRICTED
  Feature Name: network-advantage
  Feature Description: C9300-24 Network Advantage
  Enforcement type: NOT ENFORCED
  License type: Perpetual
 
dna-advantage (C9300-24 DNA Advantage):
  Description: C9300-24 DNA Advantage
  Count: 1
  Version: 1.0
  Status: IN USE
  Export status: NOT RESTRICTED
  Feature Name: dna-advantage
  Feature Description: C9300-24 DNA Advantage
  Enforcement type: NOT ENFORCED
  License type: Subscription
 
network-advantage (C9300-48 Network Advantage):
  Description: C9300-48 Network Advantage
  Count: 2
  Version: 1.0
  Status: IN USE
  Export status: NOT RESTRICTED
  Feature Name: network-advantage
  Feature Description: C9300-48 Network Advantage
  Enforcement type: NOT ENFORCED
  License type: Perpetual
 
dna-advantage (C9300-48 DNA Advantage):
  Description: C9300-48 DNA Advantage
  Count: 2
  Version: 1.0
  Status: IN USE
  Export status: NOT RESTRICTED
  Feature Name: dna-advantage
  Feature Description: C9300-48 DNA Advantage
  Enforcement type: NOT ENFORCED
  License type: Subscription
 
hseck9 (Cat9K HSEC):
  Description: hseck9
  Count: 1
  Version: 1.0
  Status: IN USE
  Export status: RESTRICTED - ALLOWED
  Feature Name: hseck9
  Feature Description: hseck9
  Enforcement type: EXPORT RESTRICTED
  License type: Perpetual
 
Product Information
===================
UDI: PID:C9300X-24HX,SN:FOC2519L8R7
 
HA UDI List:
    Active:PID:C9300X-24HX,SN:FOC2519L8R7
    Standby:PID:C9300X-48HXN,SN:FOC2524L39P
    Member:PID:C9300X-48HX,SN:FOC2516LC92
 
Agent Version
=============
Smart Agent for Licensing: 5.1.23_rel/104
 
License Authorizations
======================
Overall status:
  Active: PID:C9300X-24HX,SN:FOC2519L8R7
      Status: SMART AUTHORIZATION INSTALLED on Oct 29 17:45:28 2021 UTC
      Last Confirmation code: 6746c5b5
  Standby: PID:C9300X-48HXN,SN:FOC2524L39P
      Status: NOT INSTALLED
  Member: PID:C9300X-48HX,SN:FOC2516LC92
      Status: NOT INSTALLED
 
Authorizations:
  C9K HSEC (Cat9K HSEC):
    Description: HSEC Key for Export Compliance on Cat9K Series Switches
    Total available count: 1
    Enforcement type: EXPORT RESTRICTED
    Term information:
      Active: PID:C9300X-24HX,SN:FOC2519L8R7
        Authorization type: SMART AUTHORIZATION INSTALLED 
        License type: PERPETUAL
          Term Count: 1
 
Purchased Licenses:
  No Purchase Information Available
 

show license all for Smart Licensing Using Policy (Cisco Catalyst 9500 Series Switches)

The following is sample output of the show license all command on a Cisco Catalyst 9500 switch. The software version running on the product instance here is Cisco IOS XE Cupertino 17.7.1. Similar output is displayed on all Cisco Catalyst Access, Core, and Aggregation Switches.
Device# show license all

Smart Licensing Status
======================

Smart Licensing is ENABLED

Export Authorization Key:
  Features Authorized:
    <none>

Utility:
  Status: DISABLED

Smart Licensing Using Policy:
  Status: ENABLED

Account Information:
  Smart Account: <none>
  Virtual Account: <none>

Data Privacy:
  Sending Hostname: no
    Callhome hostname privacy: DISABLED
    Smart Licensing hostname privacy: ENABLED
  Version privacy: DISABLED
          
Transport:
  Type: Smart
  URL: https://smartreceiver.cisco.com/licservice/license
  Proxy:  
    Not Configured
  VRF:    
    Not Configured
          
Miscellaneous:
  Custom Id: <empty>
          
Policy:   
  Policy in use: Merged from multiple sources.
  Reporting ACK required: yes (CISCO default)
  Unenforced/Non-Export Perpetual Attributes:
    First report requirement (days): 365 (CISCO default)
    Reporting frequency (days): 0 (CISCO default)
    Report on change (days): 90 (CISCO default)
  Unenforced/Non-Export Subscription Attributes:
    First report requirement (days): 90 (CISCO default)
    Reporting frequency (days): 90 (CISCO default)
    Report on change (days): 90 (CISCO default)
  Enforced (Perpetual/Subscription) License Attributes:
    First report requirement (days): 0 (CISCO default)
    Reporting frequency (days): 0 (CISCO default)
    Report on change (days): 0 (CISCO default)
  Export (Perpetual/Subscription) License Attributes:
    First report requirement (days): 0 (CISCO default)
    Reporting frequency (days): 0 (CISCO default)
    Report on change (days): 0 (CISCO default)
          
Usage Reporting:
  Last ACK received: <none>
  Next ACK deadline: Mar 30 22:32:22 2020 EST
  Reporting push interval: 30  days
  Next ACK push check: <none>
  Next report push: Oct 19 04:39:08 2021 EST
  Last report push: <none>
  Last report file write: <none>
          
Trust Code Installed: <none>
          
License Usage
=============
          
network-advantage (C9500 Network Advantage):
  Description: C9500 Network Advantage
  Count: 1
  Version: 1.0
  Status: IN USE
  Export status: NOT RESTRICTED
  Feature Name: network-advantage
  Feature Description: C9500 Network Advantage
  Enforcement type: NOT ENFORCED
  License type: Perpetual
          
dna-advantage (C9500-40X DNA Advantage):
  Description: C9500-40X DNA Advantage
  Count: 1
  Version: 1.0
  Status: IN USE
  Export status: NOT RESTRICTED
  Feature Name: dna-advantage
  Feature Description: C9500-40X DNA Advantage
  Enforcement type: NOT ENFORCED
  License type: Subscription
          
Product Information
===================
UDI: PID:C9500-40X,SN:FCW2227A4NC
          
Agent Version
=============
Smart Agent for Licensing: 5.3.9_rel/22
          
License Authorizations
======================
Overall status:
  Active: PID:C9500-40X,SN:FCW2227A4NC
      Status: NOT INSTALLED
          
Purchased Licenses:
  No Purchase Information Available
          
          
Derived Licenses:
  Entitlement Tag: regid.2017-03.com.cisco.advantagek9-Nyquist-C9500,1.0_f1563759-2e03-4a4c-bec5-5feec525a12c
  Entitlement Tag: regid.2017-07.com.cisco.C9500-DNA-40X-A,1.0_7eb18f4c-2d44-4077-8346-818defbd9ad9
          
Usage Report Summary:
=====================
Total: 26,  Purged: 0
Total Acknowledged Received: 0,  Waiting for Ack: 0
Available to Report: 26  Collecting Data: 2 

show license all for Smart Licensing

The following is sample output from the show license all command:
Device# show license all
Smart Licensing Status
======================

Smart Licensing is ENABLED

Registration:
  Status: REGISTERED
  Smart Account: CISCO Systems
  Virtual Account: NPR
  Export-Controlled Functionality: Not Allowed
  Initial Registration: SUCCEEDED on Jul 27 08:38:44 2018 EDT
  Last Renewal Attempt: None
  Next Renewal Attempt: Jan 23 08:38:44 2019 EDT
  Registration Expires: Jul 27 08:32:51 2019 EDT

License Authorization: 
  Status: AUTHORIZED on Jul 27 08:38:49 2018 EDT
  Last Communication Attempt: SUCCEEDED on Jul 27 08:38:49 2018 EDT
  Next Communication Attempt: Aug 26 08:38:49 2018 EDT
  Communication Deadline: Oct 25 08:32:57 2018 EDT

Utility:
  Status: DISABLED

Data Privacy:
  Sending Hostname: yes
    Callhome hostname privacy: DISABLED
    Smart Licensing hostname privacy: DISABLED
  Version privacy: DISABLED

Transport:
  Type: Callhome

License Usage
==============

C9400 DNA Advantage (dna_advantage-C9400):
  Description: C9400 DNA Advantage
  Count: 1
  Version: 1.0
  Status: AUTHORIZED

C9400 Network Advantage (advantagek9-C9400):
  Description: C9400 Network Advantage
  Count: 2
  Version: 1.0
  Status: AUTHORIZED

Product Information
===================
UDI: PID:C9410R,SN:FXS2132Q0GU

HA UDI List:
    Active:PID:C9410R,SN:FXS2132Q0GU
    Standby:PID:C9410R,SN:FXS2132Q0GU

Agent Version
=============
Smart Agent for Licensing: 4.4.13_rel/116
Component Versions: SA:(1_3_dev)1.0.15, SI:(dev22)1.2.1, CH:(rel5)1.0.3, PK:(dev18)1.0.3

Reservation Info
================ 
License reservation: DISABLED

show license authorization

To display authorization-related information for (export-controlled and enforced) licenses, enter the show license authorization command in privileged EXEC mode.

show license authorization

This command has no arguments or keywords.

Command Modes

Privileged EXEC (Device#)

Command History

Release Modification

Cisco IOS XE Amsterdam 17.3.2a

This command was introduced.

Usage Guidelines

Use this command to display information about authorization codes. This includes SLR authorization codes and Smart Licensing Authorization Codes (SLAC).

Examples

For information about fields shown in the display, see Table 1 .

For sample outputs, see:

Table 6. show license authorization Field Descriptions

Field

Description

Overall Status

Header for UDI information for all product instances in the set-up, the type of authorization that is installed, and configuration errors, if any.

In a High Availability set-up, all UDIs in the set-up are listed.

Active:

Status:

The active product instance UDI, followed by the status of the authorization code installation for this UDI.

If the status indicates that the authorization code is installed and there is a confirmation code, this is also displayed.

Standby:

Status:

The standby product instance UDI, followed by the status of the authorization code installation for this UDI.

If the status indicates that the authorization code is installed and there is a confirmation code, this is also displayed.

Member:

Status:

The member product instance UDI, followed by the status of the authorization code installation for this UDI.

If the status indicates that the authorization code is installed and there is a confirmation code, this is also displayed.

ERROR:

Configuration errors or discrepancies in the High Availability set-up, if any.

Authorizations

Header for detailed license authorization information. All licenses, their enforcement types, and validity durations are displayed. Errors are displayed for each product instance if its authorization or mode does not match what is installed on the active.

This section is displayed only if the product instance is using a license with an authorization code.

():

License name and a shortened form of the license name.

Description

License description.

Total available count:

Total count of licenses that are available to consume.

This includes licenses of all durations (perpetual and subscription), including expired subscription licenses, for all the product instances in a High Availability setup.

Enforcement type

Enforcement type for the license. This may be one of the following:

  • Enforced

  • Not enforced

  • Export-Controlled

Term information:

Header providing license duration information. The following fields maybe included under this header:

  • Active: The active product instance UDI, followed by the status of the authorization code installation for this UDI.

  • Authorization type: Type of authorization code installed and date of installation. The type can be: SLAC, UNIVERSAL, SPECIFIED, PAK, RTU.

  • Start Date: Displays validity start date if the license is for a specific term or time period.

  • Start Date: Displays validity end date if the license is for a specific term or time period.

  • Term Count: License count.

  • Subscription ID: Displays ID if the license is for a specific term or time period.

  • License type: License duration. This can be: SUBSCRIPTION or PERPETUAL.

  • Standby: The standby product instance UDI, followed by the status of the authorization code installation for this UDI.

  • Member: The member product instance UDI, followed by the status of the authorization code installation for this UDI.

Purchased Licenses

Header for license purchase information.

Active:

The active product instance and its the UDI.

Count:

License count.

Description:

License description.

License type: