Common System Commands

Command(s)	Description	More Information
▿▹ `!!`	Replays last CLI command (same as !-1, which is one command back in the CLI history).	Event Designators
cumulus@leaf1$ echo "Hello World" Hello World cumulus@leaf1$ !! echo "Hello World" Hello World

▿▹ `cat /etc/lsb-release`	Displays software version information.	`lsb_release`
cumulus@leaf1$ cat /etc/lsb-release DISTRIB_ID="Cumulus Linux" DISTRIB_RELEASE=2.5.5 DISTRIB_DESCRIPTION=2.5.5-4cd66d9-201512071809-build

▿▹ `cat /etc/os-release`	Displays detailed software version information.	`os-release`
cumulus@leaf1$ cat /etc/os-release NAME="Cumulus Linux" VERSION_ID=2.5.2 VERSION="2.5.2-727a0c6-201504132125-build" PRETTY_NAME="Cumulus Linux" ID=cumulus-linux ID_LIKE=debian CPE_NAME=cpe:/o:cumulusnetworks:cumulus_linux:2.5.2-727a0c6-201504132125-build HOME_URL="http://www.cumulusnetworks.com/"

▿▹ `cl-license`	Displays license status and information; installs license.	License Installation
cumulus@leaf1$ sudo cl-license cwlicense@cumulusnetworks.com\|XXXXX

▿▹ `onie-select¹`	Uninstalls and reinstalls an image; boots into rescue mode.	Image Management
cumulus@leaf1$ sudo onie-select -i WARNING: WARNING: Operating System install requested. WARNING: This will wipe out all system data. WARNING: Are you sure (y/N)? y Enabling install at next reboot...done. Reboot required to take effect.

▿▹ `decode-syseeprom¹`	Displays hardware version information; sets EEPROM content.	Monitoring System Hardware
cumulus@leaf1$ sudo decode-syseeprom TlvInfo Header: Id String: TlvInfo Version: 1 Total Length: 108 TLV Name Code Len Value -------------------- ---- --- ----- Serial Number 0x23 10 ADXXXXXXXX Product Name 0x21 10 AS4600-54T Manufacture Date 0x25 19 06/30/2012 12:00:00 Base MAC Address 0x24 6 70:72:CF:XX:XX:XX Label Revision 0x27 4 R01A Platform Name 0x28 28 powerpc-accton_as4600_54t-r0 ONIE Version 0x29 7 2014.11 MAC Addresses 0x2A 2 65 CRC-32 0xFE 4 0x182BXXXX (checksum valid)

▿▹ `dmesg`	Displays system boot messages.	`dmesg`
cumulus@leaf1$ dmesg <snip for brevity> [ 2485.689082] bonding: bond0: Removing slave swp1. [ 2485.689169] bonding: bond0: releasing backup interface swp1 [ 2486.029832] ADDRCONF(NETDEV_UP): swp1: link is not ready [ 2489.431326] ADDRCONF(NETDEV_CHANGE): swp1: link becomes ready [ 2536.508917] bonding: bond0: enslaving swp1 as a backup interface with a down link. [ 2536.602285] bonding: bond0: link status definitely up for interface swp1, 0 Mbps half duplex. [ 2536.902216] bonding: bond0: link status definitely down for interface swp1, disabling it [ 2540.108185] bonding: bond0: link status definitely up for interface swp1, 1000 Mbps full duplex. [ 2569.010752] bonding: bond0: link status definitely down for interface swp1, disabling it [ 2571.810708] bonding: bond0: link status definitely up for interface swp1, 1000 Mbps full duplex.

▿▹ `/usr/lib/cumulus/onie/onie-version`	Displays ONIE version.	x86 Specific Instructions
cumulus@leaf1$ /usr/lib/cumulus/onie/onie-version ONIE version : 2018.08 ONIE vendor_id : 42623 ONIE build_machine : cumulus_vx ONIE machine_rev : 0 ONIE arch : x86_64 ONIE build_platform : x86_64-cumulus_vx-r0 ONIE config_version : 1 ONIE build_date : 2018-08-14T03:52-0700 ONIE partition_type : gpt ONIE kernel_version : 4.1.38 ONIE firmware : auto ONIE switch_asic : qemu ONIE skip_ethmgmt_macs: yes ONIE grub_image_name: grubx64.efi ONIE uefi_boot_loader: grubx64.efi ONIE uefi_arch : x64

▿▹ `history`	Displays CLI command history.	`history`
cumulus@leaf1$ history 1 exit 2 ping -I bond0 10.0.0.2 3 smonctl 4 sudo su - 5 echo hi 6 history

▿▹ `hostname` `cat /etc/hostname`	Displays/sets hostname. A reboot is required if changes to the /etc/hostname file are made.	`hostname`
cumulus@leaf1$ hostname leaf1

▿▹ `date¹`	Displays time and timezone information.	`date`
cumulus@leaf1:~# date Thu Feb 11 21:17:32 UTC 2016

▿▹ `ping -I bond0 <INTERFACE_IP>`	Pings sourced from a specified interface. This can also be a virtual interface.	`ping`
cumulus@leaf1$ ping -I bond0 10.0.0.1 PING 10.0.0.1 (10.0.0.1) from 10.0.0.1 bond0: 56(84) bytes of data. 64 bytes from 10.0.0.1: icmp_req=1 ttl=64 time=0.083 ms 64 bytes from 10.0.0.1: icmp_req=2 ttl=64 time=0.079 ms ^C --- 10.0.0.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 0.079/0.081/0.083/0.002 ms

▿▹ `sensors -f`	Displays PSU, fan, and environmental information (in Fahrenheit).	`sensors`
cumulus@leaf1$ sensors -f lm75a-i2c-0-4b Adapter: MPC adapter temp1: +86.9 F (high = +113.0 F, hyst = +113.0 F) lm75a-i2c-1-48 Adapter: MPC adapter temp1: +91.4 F (high = +149.0 F, hyst = +149.0 F) lm75a-i2c-1-49 Adapter: MPC adapter temp1: +88.7 F (high = +113.0 F, hyst = +113.0 F) lm75a-i2c-1-4e Adapter: MPC adapter temp1: +98.6 F (high = +149.0 F, hyst = +149.0 F) lm75a-i2c-1-4f Adapter: MPC adapter temp1: +79.7 F (high = +113.0 F, hyst = +113.0 F) emc2305-i2c-1-4d Adapter: MPC adapter fan1: 9060 RPM (div = 4) fan2: 9060 RPM (div = 4) fan3: 9060 RPM (div = 4) fan4: 8998 RPM (div = 4) fan5: 9018 RPM (div = 4)

▿▹ `tail -n<N> /var/log/syslog`	Displays the last N lines of syslog.	`tail`
cumulus@leaf1$ tail -n30 /var/log/syslog Sep 23 23:17:01 leaf1 CRON[31219]: pam_unix(cron:session): session closed for user root Sep 23 23:19:38 leaf1 sudo: cumulus : TTY=pts/0 ; PWD=/home/cumulus ; USER=root ; COMMAND=/usr/sbin/fw_printenv Sep 23 23:20:57 leaf1 dhclient: DHCPREQUEST on eth0 to 192.168.0.1 port 67 Sep 23 23:20:57 leaf1 dhclient: DHCPACK from 192.168.0.1 Sep 23 23:20:57 leaf1 dhclient: bound to 192.168.0.11 -- renewal in 1620 seconds. Sep 23 23:20:57 leaf1 cl-autoprovision[31423]: version: 0.4 Sep 23 23:20:57 leaf1 cl-autoprovision[31423]: Provisioning has already occured, use --force to override Sep 23 23:21:54 leaf1 sudo: cumulus : TTY=pts/0 ; PWD=/home/cumulus ; USER=root ; COMMAND=/bin/bash Sep 23 23:23:08 leaf1 sshd[23560]: Received disconnect from 192.168.0.1: 11: disconnected by user Sep 23 23:23:08 leaf1 sshd[23558]: pam_unix(sshd:session): session closed for user cumulus Sep 23 23:23:10 leaf1 sshd[31560]: Accepted publickey for cumulus from 192.168.0.1 port 44133 ssh2 Sep 23 23:23:10 leaf1 sshd[31560]: pam_unix(sshd:session): session opened for user cumulus by (uid=0) Sep 23 23:23:22 leaf1 sudo: cumulus : TTY=pts/0 ; PWD=/home/cumulus ; USER=root ; COMMAND=/bin/echo hi Sep 23 23:23:40 leaf1 sudo: cumulus : TTY=pts/0 ; PWD=/home/cumulus ; USER=root ; COMMAND=/sbin/hwclock Sep 23 23:25:03 leaf1 sshd[31562]: Received disconnect from 192.168.0.1: 11: disconnected by user Sep 23 23:25:03 leaf1 sshd[31560]: pam_unix(sshd:session): session closed for user cumulus Sep 23 23:25:04 leaf1 sshd[31673]: Accepted publickey for cumulus from 192.168.0.1 port 44134 ssh2 Sep 23 23:25:04 leaf1 sshd[31673]: pam_unix(sshd:session): session opened for user cumulus by (uid=0) Sep 23 23:30:01 leaf1 CRON[31946]: pam_unix(cron:session): session opened for user root by (uid=0) Sep 23 23:30:01 leaf1 CRON[31945]: pam_unix(cron:session): session opened for user root by (uid=0) Sep 23 23:30:01 leaf1 /USR/SBIN/CRON[31947]: (root) CMD ( /usr/sbin/logrotate /etc/logrotate.conf) Sep 23 23:30:01 leaf1 /USR/SBIN/CRON[31948]: (root) CMD ( /usr/sbin/logrotate /etc/logrotate.conf) Sep 23 23:30:01 leaf1 CRON[31946]: pam_unix(cron:session): session closed for user root Sep 23 23:30:01 leaf1 CRON[31945]: pam_unix(cron:session): session closed for user root Sep 23 23:45:01 leaf1 CRON[32703]: pam_unix(cron:session): session opened for user root by (uid=0) Sep 23 23:45:01 leaf1 CRON[32702]: pam_unix(cron:session): session opened for user root by (uid=0) Sep 23 23:45:01 leaf1 /USR/SBIN/CRON[32704]: (root) CMD ( /usr/sbin/logrotate /etc/logrotate.conf) Sep 23 23:45:01 leaf1 /USR/SBIN/CRON[32705]: (root) CMD ( /usr/sbin/logrotate /etc/logrotate.conf) Sep 23 23:45:01 leaf1 CRON[32703]: pam_unix(cron:session): session closed for user root Sep 23 23:45:01 leaf1 CRON[32702]: pam_unix(cron:session): session closed for user root

▿▹ `top`	Displays real time CPU/memory utilization and the top processes.	`top`
cumulus@leaf1$ top top - 23:47:40 up 1 day, 3:13, 1 user, load average: 0.13, 0.24, 0.23 Tasks: 64 total, 1 running, 63 sleeping, 0 stopped, 0 zombie %Cpu(s): 17.9 us, 7.6 sy, 0.0 ni, 74.5 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st KiB Mem: 2006792 total, 202936 used, 1803856 free, 23324 buffers KiB Swap: 0 total, 0 used, 0 free, 77356 cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 3157 root 15 -5 166m 47m 11m S 24.5 2.4 342:24.96 switchd 368 cumulus 20 0 3696 1504 1084 R 0.3 0.1 0:00.06 top

▿▹ `uname -a`	Displays machine information, including kernel version, release, operating system, and hostname.	`uname`
cumulus@leaf1$ uname -a Linux leaf1 3.2.65-1+deb7u2+cl2.5+2 #3.2.65-1+deb7u2+cl2.5+2 SMP Mon Jun 1 18:26:55 PDT 2015 ppc powerpc GNU/Linux

▿▹ `whoami`	Displays the current active user/account.	`whoami`
cumulus@leaf1$ whoami cumulus

▿▹ `dpkg-reconfigure tzdata¹`	Configures the timezone.	Debian wiki on timezone changes
cumulus@leaf1$ sudo dpkg-reconfigure tzdata Configuring tzdata ------------------ Please select the geographic area in which you live. Subsequent configuration questions will narrow this down by presenting a list of cities, representing the time zones in which they are located. 1. Africa 2. America 3. Antarctica 4. Australia 5. Arctic 6. Asia 7. Atlantic 8. Europe 9. Indian 10. Pacific 11. SystemV 12. US 13. Etc Geographic area: 12 Please select the city or region corresponding to your time zone. 1. Alaska 2. Aleutian 3. Arizona 4. Central 5. Eastern 6. Hawaii 7. Indiana-Starke 8. Michigan 9. Mountain 10. Pacific 11. Pacific-New 12. Samoa Time zone: 10 Current default time zone: 'US/Pacific' Local time is now: Wed Sep 23 17:01:00 PDT 2015. Universal Time is now: Thu Sep 24 00:01:00 UTC 2015.

▿▹ `reboot¹`	Reboots the switch.	`reboot`
cumulus@leaf1$ sudo reboot Broadcast message from root@leaf1 (pts/0) (Wed Sep 23 17:04:44 2015): The system is going down for reboot NOW!

▿▹ `sudo su` `sudo -i` `sudo /bin/bash`	Switches user to root/super user.	Different ways to become root
cumulus@leaf1$ sudo su [sudo] password for cumulus: root@leaf1:~#

File Editing Commands

Command	Description	More Information
`nano`	Basic, user-friendly text editor with persistent on-screen keybindings.	Nano
`vi`	Advanced text editor.	Cumulus Networks' `vi` for Beginners

Interface Commands

Command(s)	Description	More Information
▿▹ `arp -n`¹ `cat /proc/net/arp`	Displays ARP table with IP addresses instead of trying to resolve hostnames (when using the -n flag).	`arp`
cumulus@leaf1$ sudo arp -n Address HWtype HWaddress Flags Mask Iface 10.1.1.2 ether 08:9e:01:ce:d8:64 C swp1s0 10.1.1.34 ether 00:e0:ec:25:7c:d7 C swp1s2 10.1.1.6 ether 08:9e:01:ce:d8:65 C swp1s1 192.168.0.1 ether 72:01:84:88:f5:8b C eth0 10.1.1.38 ether 00:e0:ec:25:7c:d8 C swp1s3

▿▹ `cat /etc/network/interfaces`	Displays the interface configuration, bridges, bonds, and VLANs. This file is not indicative of the current running state.	Configuring and Managing Network Interfaces
cumulus@leaf1$ cat /etc/network/interfaces #Configured By Ansible auto lo iface lo inet loopback auto lo:1 iface lo:1 inet static address 10.2.1.1/32 auto eth0 iface eth0 inet dhcp

▿▹ `cat /proc/net/bonding/bond0`	Displays bond0's bond (LAG) information.	`/proc`
cumulus@leaf1$ cat /proc/net/bonding/bond0 Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011) Bonding Mode: IEEE 802.3ad Dynamic link aggregation Transmit Hash Policy: layer3+4 (1) MII Status: up MII Polling Interval (ms): 100 Up Delay (ms): 0 Down Delay (ms): 0 802.3ad info LACP rate: fast Min links: 1 Aggregator selection policy (ad_select): stable System Identification: 65535 08:9e:01:f8:90:80 Active Aggregator Info: Aggregator ID: 1 Number of ports: 2 Actor Key: 17 Partner Key: 17 Partner Mac Address: 08:9e:01:f8:98:c8 LACP Bypass Info: Allowed: 0 Timeout: 0 All-active: 0 Slave Interface: swp2 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 1 Permanent HW addr: 08:9e:01:f8:90:80 Aggregator ID: 1 LACP bypass priority: 0 Slave queue ID: 0 Slave Interface: swp1 MII Status: up Speed: 1000 Mbps Duplex: full Link Failure Count: 0 Permanent HW addr: 08:9e:01:f8:90:7f Aggregator ID: 1 LACP bypass priority: 0 Slave queue ID: 0

▿▹ `cl-netstat` `cl-netstat -c`	Displays/clears counters for cl-netstat.	Viewing and Clearing Interface Counters
cumulus@leaf1$ cl-netstat Kernel Interface table Iface MTU Met RX_OK RX_ERR RX_DRP RX_OVR TX_OK TX_ERR TX_DRP TX_OVR Flg ------- ----- ----- ------- -------- -------- -------- ------- -------- -------- -------- ----- br0 1500 0 0 0 0 0 4 0 0 0 BMRU br1 1500 0 0 0 0 0 5 0 0 0 BMRU eth0 1500 0 9973 0 0 0 7761 0 0 0 BMRU lo 16436 0 4 0 0 0 4 0 0 0 LRU swp1s0 1500 0 2275 0 1 0 2485 0 0 0 BMRU swp1s1 1500 0 2452 0 1 0 2324 0 0 0 BMRU swp1s2 1500 0 2448 0 3 0 2338 0 0 0 BMRU swp1s3 1500 0 2453 0 3 0 2442 0 0 0 BMRU swp32s0 1500 0 0 0 0 0 10081 0 0 0 BMRU swp32s1 1500 0 0 0 0 0 10082 0 0 0 BMRU

▿▹ `ethtool <INTERFACE>¹`	Displays low level port information.	Monitoring Interfaces using ethtool
cumulus@leaf1$ sudo ethtool swp32s0 Settings for swp32s0: Supported ports: [ TP ] Supported link modes: 10baseT/Full 100baseT/Full 1000baseT/Full 10000baseT/Full Supported pause frame use: Symmetric Receive-only Supports auto-negotiation: Yes Advertised link modes: 1000baseT/Full 10000baseT/Full Advertised pause frame use: Symmetric Advertised auto-negotiation: No Speed: 10000Mb/s Duplex: Full Port: FIBRE PHYAD: 0 Transceiver: external Auto-negotiation: off Current message level: 0x00000000 (0) Link detected: yes

▿▹ `ethtool -S <INTERFACE>¹`	Displays detailed low level statistics.	Monitoring Interfaces using ethtool
cumulus@leaf1$ sudo ethtool -S swp32s0 NIC statistics: HwIfInOctets: 0 HwIfInUcastPkts: 0 HwIfInBcastPkts: 0 HwIfInMcastPkts: 0 HwIfOutOctets: 692670 HwIfOutUcastPkts: 0 HwIfOutMcastPkts: 10128 HwIfOutBcastPkts: 0 HwIfInDiscards: 0 HwIfInL3Drops: 0 HwIfInBufferDrops: 0 HwIfInAclDrops: 0 HwIfInDot3LengthErrors: 0 HwIfInErrors: 0 SoftInErrors: 0 SoftInDrops: 0 SoftInFrameErrors: 0 HwIfOutDiscards: 0 HwIfOutErrors: 0 HwIfOutQDrops: 0 HwIfOutNonQDrops: 0 SoftOutErrors: 0 SoftOutDrops: 0 SoftOutTxFifoFull: 0 HwIfOutQLen: 0 HwIfInDot3FrameErrors: 0 HwIfInPausePkt: 0 HwIfOutPausePkt: 0 HwIfInPfc0Pkt: 0 HwIfOutPfc0Pkt: 0 HwIfInPfc1Pkt: 0 HwIfOutPfc1Pkt: 0 HwIfInPfc2Pkt: 0 HwIfOutPfc2Pkt: 0 HwIfInPfc3Pkt: 0 HwIfOutPfc3Pkt: 0 HwIfInPfc4Pkt: 0 HwIfOutPfc4Pkt: 0 HwIfInPfc5Pkt: 0 HwIfOutPfc5Pkt: 0 HwIfInPfc6Pkt: 0 HwIfOutPfc6Pkt: 0 HwIfInPfc7Pkt: 0 HwIfOutPfc7Pkt: 0

▿▹ `ifquery <INTERFACE>`	Displays configuration information for an interface.	Using ifquery
cumulus@leaf1$ sudo ifquery -a auto lo iface lo inet loopback auto lo iface lo inet static address 10.2.1.1/32 auto eth0 iface eth0 inet dhcp auto swp1s0 iface swp1s0 inet static address 10.1.1.1/30 auto swp1s1 iface swp1s1 inet static address 10.1.1.5/30 auto swp1s2 iface swp1s2 inet static address 10.1.1.33/30 auto swp1s3 iface swp1s3 inet static address 10.1.1.37/30 auto br1 iface br1 inet static address 10.4.1.129/25 bridge-ports swp32s1 bridge-stp on auto br0 iface br0 inet static address 10.4.1.1/25 bridge-ports swp32s0 bridge-stp on

▿▹ `ifreload -a¹` `service networking reload`	Runs ifdown, then ifup, on any interfaces with configuration changes.	Using ifupdown2
cumulus@leaf1$ ifreload -a cumulus@leaf1$

▿▹ `ifdown <INTERFACE>;ifup` `<INTERFACE>¹`	Brings a specified interface down, then back up.	Using ifupdown2
cumulus@leaf1$ sudo ifdown swp1s0 cumulus@leaf1$ sudo ifup swp1s0 cumulus@leaf1$

▿▹ `ip addr show`	Displays all configured IP addresses.	`ip man page`
cumulus@leaf1$ ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet 10.2.1.1/32 scope global lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 44:38:39:00:49:8b brd ff:ff:ff:ff:ff:ff inet 192.168.0.11/24 brd 192.168.0.255 scope global eth0 inet6 fe80::4638:39ff:fe00:498b/64 scope link valid_lft forever preferred_lft forever 5: swp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 500 link/ether 44:38:39:00:49:8c brd ff:ff:ff:ff:ff:ff inet 10.1.1.1/30 scope global swp1s0 inet6 fe80::4638:39ff:fe00:498c/64 scope link valid_lft forever preferred_lft forever 6: swp1s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 500 link/ether 44:38:39:00:49:8d brd ff:ff:ff:ff:ff:ff inet 10.1.1.5/30 scope global swp1s1 inet6 fe80::4638:39ff:fe00:498d/64 scope link valid_lft forever preferred_lft forever 7: swp1s2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 500 link/ether 44:38:39:00:49:8e brd ff:ff:ff:ff:ff:ff inet 10.1.1.33/30 scope global swp1s2 inet6 fe80::4638:39ff:fe00:498e/64 scope link valid_lft forever preferred_lft forever 8: swp1s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 500 link/ether 44:38:39:00:49:8f brd ff:ff:ff:ff:ff:ff inet 10.1.1.37/30 scope global swp1s3 inet6 fe80::4638:39ff:fe00:498f/64 scope link valid_lft forever preferred_lft forever

▿▹ `ip link show`	Displays interface information.	`ip man page`
cumulus@leaf1$ ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 44:38:39:00:49:8b brd ff:ff:ff:ff:ff:ff 5: swp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500 link/ether 44:38:39:00:49:8c brd ff:ff:ff:ff:ff:ff 6: swp1s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500 link/ether 44:38:39:00:49:8d brd ff:ff:ff:ff:ff:ff 7: swp1s2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500 link/ether 44:38:39:00:49:8e brd ff:ff:ff:ff:ff:ff 8: swp1s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500 link/ether 44:38:39:00:49:8f brd ff:ff:ff:ff:ff:ff 9: swp2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 500 link/ether 44:38:39:00:49:90 brd ff:ff:ff:ff:ff:ff

▿▹ `ip -s link`	Displays interface statistics.	`ip man page`
cumulus@leaf1$ ip -s link 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 RX: bytes packets errors dropped overrun mcast 112 4 0 0 0 0 TX: bytes packets errors dropped carrier collsns 112 4 0 0 0 0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether 44:38:39:00:49:8b brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 3208342 10725 0 0 0 0 TX: bytes packets errors dropped carrier collsns 1067425 8355 0 0 0 0 5: swp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500 link/ether 44:38:39:00:49:8c brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 1982 21 0 1 0 5 TX: bytes packets errors dropped carrier collsns 2071 23 0 0 0 0 6: swp1s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500 link/ether 44:38:39:00:49:8d brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 212068 2516 0 1 0 646 TX: bytes packets errors dropped carrier collsns 205763 2384 0 0 0 0 7: swp1s2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500 link/ether 44:38:39:00:49:8e brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 213608 2512 0 3 0 648 TX: bytes packets errors dropped carrier collsns 207061 2398 0 0 0 0 8: swp1s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500 link/ether 44:38:39:00:49:8f brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 213598 2517 0 3 0 648 TX: bytes packets errors dropped carrier collsns 214315 2506 0 0 0 0 9: swp2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 500 link/ether 44:38:39:00:49:90 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 0 0 0 0 0 0 TX: bytes packets errors dropped carrier collsns 0 0 0 0 0 0

▿▹ `ip -br link show`	Displays a brief, one line summary of each interface; appends `up` to show only administratively up interfaces.	`ip man page`
cumulus@leaf1$ ip -br link show lo UNKNOWN 00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> eth0 UP 44:38:39:00:49:8b <BROADCAST,MULTICAST,UP,LOWER_UP> swp1s0 UP 44:38:39:00:49:8c <BROADCAST,MULTICAST,UP,LOWER_UP> swp1s1 UP 44:38:39:00:49:8d <BROADCAST,MULTICAST,UP,LOWER_UP> swp1s2 UP 44:38:39:00:49:8e <BROADCAST,MULTICAST,UP,LOWER_UP> swp1s3 UP 44:38:39:00:49:8f <BROADCAST,MULTICAST,UP,LOWER_UP> swp2 DOWN 44:38:39:00:49:90 <BROADCAST,MULTICAST>

▿▹ `lldpcli show neighbors¹`	Displays LLDP neighbor information.	LLDP
cumulus@leaf1$ sudo lldpcli show neighbors ------------------------------------------------------------------------------- LLDP neighbors: ------------------------------------------------------------------------------- Interface: eth0, via: LLDP, RID: 6, Time: 0 day, 05:22:26 Chassis: ChassisID: mac 70:72:cf:f5:4a:3b SysName: cwl42-prod-ag-tor-1 SysDescr: Cumulus Linux version 2.5.3 running on accton as4600_54t MgmtIP: 10.70.6.194 Capability: Bridge, on Capability: Router, on Port: PortID: ifname swp3 PortDescr: swp3 ------------------------------------------------------------------------------- Interface: swp1s2, via: LLDP, RID: 5, Time: 0 day, 05:22:45 Chassis: ChassisID: mac 00:e0:ec:25:7c:a4 SysName: spine2 SysDescr: Cumulus Linux version 2.5.5 running on cel kennisis MgmtIP: 10.2.1.4 Capability: Bridge, off Capability: Router, on Port: PortID: ifname swp51 PortDescr: swp51 ------------------------------------------------------------------------------- Interface: swp1s3, via: LLDP, RID: 5, Time: 0 day, 05:22:45 Chassis: ChassisID: mac 00:e0:ec:25:7c:a4 SysName: spine2 SysDescr: Cumulus Linux version 2.5.5 running on cel kennisis MgmtIP: 10.2.1.4 Capability: Bridge, off Capability: Router, on Port: PortID: ifname swp52 PortDescr: swp52 ------------------------------------------------------------------------------- Interface: swp1s0, via: LLDP, RID: 7, Time: 0 day, 05:22:13 Chassis: ChassisID: mac 08:9e:01:ce:d8:33 SysName: spine1 SysDescr: Cumulus Linux version 2.5.5 running on quanta lb9 MgmtIP: 10.2.1.3 Capability: Bridge, off Capability: Router, on Port: PortID: ifname swp49 PortDescr: swp49 -------------------------------------------------------------------------------

▿▹ `netstat -i`	Displays statistics for UP interfaces.	`netstat`
cumulus@leaf1$ netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg br0 1500 0 0 0 0 0 4 0 0 0 BMU br1 1500 0 0 0 0 0 5 0 0 0 BMU eth0 1500 0 11066 0 0 0 8640 0 0 0 BMRU lo 16436 0 4 0 0 0 4 0 0 0 LRU swp1s0 1500 0 29 0 1 0 33 0 0 0 BMRU swp1s1 1500 0 2526 0 1 0 2392 0 0 0 BMRU swp1s2 1500 0 2521 0 3 0 2406 0 0 0 BMRU swp1s3 1500 0 2526 0 3 0 2514 0 0 0 BMRU swp32s0 1500 0 0 0 0 0 11232 0 0 0 BMRU swp32s1 1500 0 0 0 0 0 10179 0 0 0 BMRU

Bridge/STP Commands

Command	Description	More Information
▿▹ `brctl show`	Displays bridge information.	Ethernet Bridging
cumulus@leaf1$ brctl show bridge name bridge id STP enabled interfaces br0 8000.7072cfbe0d6c yes swp32s0 br1 8000.7072cfbe0d6d yes swp32s1

▿▹ `brctl showmacs <BRIDGE>`	Displays the MAC FDB for a bridge.	Ethernet Bridging
cumulus@leaf1$ brctl showmacs br0 port name mac addr vlan is local? ageing timer swp32s0 70:72:cf:be:0d:6c 0 yes 0.00

▿▹ `brctl showstp <BRIDGE>`	Displays the STP information for a bridge.	Ethernet Bridging
cumulus@leaf1$ brctl showstp br1 br1 bridge id 8000.7072cfbe0d6d designated root 8000.7072cfbe0d6d root port 0 path cost 0 max age 20.00 bridge max age 20.00 hello time 2.00 bridge hello time 2.00 forward delay 15.00 bridge forward delay 15.00 ageing time 300.00 hello timer 0.00 tcn timer 0.00 topology change timer 0.00 gc timer 277.39 hash elasticity 4096 hash max 4096 mc last member count 2 mc init query count 2 mc router 1 mc snooping 1 mc last member timer 1.00 mc membership timer 260.00 mc querier timer 255.00 mc query interval 125.00 mc response interval 10.00 mc init query interval 31.25 mc querier 0 mc query ifaddr 0 flags swp32s1 (1) port id 8001 state forwarding designated root 8000.7072cfbe0d6d path cost 2 designated bridge 8000.7072cfbe0d6d message age timer 0.00 designated port 8001 forward delay timer 0.00 designated cost 0 hold timer 0.00 mc router 1 mc fast leave 0 flags

▿▹ `bridge fdb show`	Displays the FDB for all bridges.	Ethernet Bridging
cumulus@leaf1$ bridge fdb show 70:72:cf:be:0d:6d dev swp32s1 vlan 0 master br1 permanent 70:72:cf:be:0d:6c dev swp32s0 vlan 0 master br0 permanent

▿▹ `bridge vlan show`	Displays VLAN-aware bridge mode VLAN configuration.	Ethernet Bridging
cumulus@leaf1$ bridge vlan show port vlan ids swp32s0 1 PVID Egress Untagged 100 200 swp32s1 1 PVID Egress Untagged 100 200 bridge None

▿▹ `clagctl -v`	Displays MLAG information.	Multi-Chassis Link Aggregation - MLAG
cumulus@leaf1$ clagctl -v The peer is alive Our Priority, ID, and Role: 4096 34:17:eb:f6:15:fd primary Peer Priority, ID, and Role: 4096 34:17:eb:f9:80:fd secondary Peer Interface and IP: peerlink.4094 169.254.255.1 VxLAN Anycast IP: 10.254.4.1 Backup IP: 10.11.26.37 (active) System MAC: 44:38:39:ff:00:01 CLAG Interfaces Our Interface Peer Interface CLAG Id Conflicts Proto-Down Reason ---------------- ---------------- ------- -------------------- ----------------- vni100 vni100 - - - bond0 - 1 - - bond1 bond1 2 - - bond2 bond2 3 - - vni30 vni30 - - - vni20 vni20 - - - vni40 vni40 - - - Our LACP Information Our Interface Partner MAC CIST PortId CLAG Id Oper St Flags ---------------- ----------------- ----------- ------- ------- ----- bond0 00:00:00:00:00:00 None 1 None - bond1 b0:83:fe:eb:91:99 None 2 None D bond2 00:01:e8:8b:c9:da None 3 None D Peer LACP Information Peer Interface Partner MAC CIST PortId CLAG Id Oper St Flags ---------------- ----------------- ----------- ------- ------- ----- bond0 00:00:00:00:00:00 None 1 None - bond1 b0:83:fe:eb:91:99 None 2 None D bond2 00:01:e8:8b:c9:da None 3 None D Backup info: IP: 10.11.26.37; State: active; Role: primary Peer priority and id: 4096 34:17:eb:f9:80:fd; Peer role: secondary Our Interface Dynamic MAC VLAN Id ---------------- ----------------- ------- vni100 00:00:02:00:00:06 0 vni100 00:00:02:00:00:01 0 bond1 00:0c:29:48:b1:38 20 vni20 00:0c:29:ea:71:3c 20 bond2 00:00:01:00:00:00 0 vni100 00:00:02:00:00:03 0 vni100 00:00:02:00:00:0a 0 bond2 00:00:01:00:00:01 0 vni100 00:00:02:00:00:04 0 bond2 00:00:01:00:00:02 0 vni100 00:00:02:00:00:08 0 bond2 00:00:01:00:00:03 0 Peer Interface Dynamic MAC VLAN Id bond2 00:00:01:00:00:09 0 bond2 00:00:01:00:00:06 0 bond2 00:00:01:00:00:07 0 bond2 00:01:e8:8b:c9:dc 0 vni100 00:00:02:00:00:00 0 vni100 00:00:02:00:00:05 0 vni100 00:00:02:00:00:09 0 bond2 00:00:01:00:00:04 0 vni100 00:00:02:00:00:02 0 vni100 00:00:02:00:00:07 0 bond2 00:00:01:00:00:08 0 bond2 00:00:01:00:00:05 0 bond2 00:00:01:00:00:0a 0 Our Multicast Group Port VLAN Id Device Age ---------------------- ---------------- ------- ---------------- --- Peer Multicast Group Port VLAN Id Device Age ---------------------- ---------------- ------- ---------------- --- Our Router Port Device Age ---------------- ---------------- --- Peer Router Port Device Age ---------------- ---------------- --- Our VLAN Information Our Interface VLAN Id ---------------- ------- vni100 None bond1 20, 30, 40 bond2 None vni30 None vni20 None vni40 None Peer VLAN Information Peer Interface VLAN Id ---------------- ------- vni100 None bond1 20, 30, 40 bond2 None vni30 None vni20 None

▿▹ `mstpctl showbridge`	Displays mstpd (RSTP) information.	Spanning Tree and Rapid Spanning Tree
cumulus@leaf1$ mstpctl showbridge bridge CIST info enabled yes bridge id 8.000.70:72:CF:BE:0D:6C designated root 8.000.70:72:CF:BE:0D:6C regional root 8.000.70:72:CF:BE:0D:6C root port none path cost 0 internal path cost 0 max age 20 bridge max age 20 forward delay 15 bridge forward delay 15 tx hold count 6 max hops 20 hello time 2 ageing time 300 force protocol version rstp time since topology change 69446s topology change count 0 topology change no topology change port None last topology change port None

▿▹ `mstpctl showport <BRIDGE>`	Displays the summary of each port's role on a bridge.	Spanning Tree and Rapid Spanning Tree
cumulus@leaf1$ mstpctl showport bridge E swp32s0 8.002 forw 8.000.70:72:CF:BE:0D:6C 8.000.70:72:CF:BE:0D:6C 8.002 Desg E swp32s1 8.001 forw 8.000.70:72:CF:BE:0D:6C 8.000.70:72:CF:BE:0D:6C 8.001 Desg

▿▹ `mstpctl showportdetail <BRIDGE>`	Displays detailed mstpd port information for a bridge.	Spanning Tree and Rapid Spanning Tree
cumulus@leaf1$ mstpctl showportdetail bridge bridge:swp32s0 CIST info enabled yes role Designated port id 8.002 state forwarding external port cost 2000 admin external cost 0 internal port cost 2000 admin internal cost 0 designated root 8.000.70:72:CF:BE:0D:6C dsgn external cost 0 dsgn regional root 8.000.70:72:CF:BE:0D:6C dsgn internal cost 0 designated bridge 8.000.70:72:CF:BE:0D:6C designated port 8.002 admin edge port no auto edge port yes oper edge port yes topology change ack no point-to-point yes admin point-to-point auto restricted role no restricted TCN no port hello time 2 disputed no bpdu guard port no bpdu guard error no network port no BA inconsistent no Num TX BPDU 34819 Num TX TCN 0 Num RX BPDU 0 Num RX TCN 0 Num Transition FWD 1 Num Transition BLK 0 bpdufilter port no clag ISL no clag ISL Oper UP no clag role unknown clag dual conn mac 0:0:0:0:0:0 clag remote portID F.FFF clag system mac 0:0:0:0:0:0 bridge:swp32s1 CIST info enabled yes role Designated port id 8.001 state forwarding external port cost 2000 admin external cost 0 internal port cost 2000 admin internal cost 0 designated root 8.000.70:72:CF:BE:0D:6C dsgn external cost 0 dsgn regional root 8.000.70:72:CF:BE:0D:6C dsgn internal cost 0 designated bridge 8.000.70:72:CF:BE:0D:6C designated port 8.001 admin edge port no auto edge port yes oper edge port yes topology change ack no point-to-point yes admin point-to-point auto restricted role no restricted TCN no port hello time 2 disputed no bpdu guard port no bpdu guard error no network port no BA inconsistent no Num TX BPDU 34819 Num TX TCN 0 Num RX BPDU 0 Num RX TCN 0 Num Transition FWD 1 Num Transition BLK 0 bpdufilter port no clag ISL no clag ISL Oper UP no clag role unknown clag dual conn mac 0:0:0:0:0:0 clag remote portID F.FFF clag system mac 0:0:0:0:0:0

Routing Commands

Command(on)	Description	More Information
▿▹ `ip route show`	Displays the Linux route table.	Routing
cumulus@leaf1$ ip route show default via 192.168.0.1 dev eth0 10.1.1.0/30 dev swp1s0 proto kernel scope link src 10.1.1.1 10.1.1.4/30 dev swp1s1 proto kernel scope link src 10.1.1.5 10.1.1.16/30 via 10.1.1.2 dev swp1s0 proto zebra metric 20 10.1.1.20/30 via 10.1.1.2 dev swp1s0 proto zebra metric 20 10.1.1.32/30 dev swp1s2 proto kernel scope link src 10.1.1.33 10.1.1.36/30 dev swp1s3 proto kernel scope link src 10.1.1.37 10.1.1.48/30 via 10.1.1.34 dev swp1s2 proto zebra metric 20 10.1.1.52/30 via 10.1.1.34 dev swp1s2 proto zebra metric 20 10.2.1.2 via 10.1.1.2 dev swp1s0 proto zebra metric 20 10.2.1.3 via 10.1.1.2 dev swp1s0 proto zebra metric 20 10.2.1.4 via 10.1.1.34 dev swp1s2 proto zebra metric 20 10.4.1.0/25 dev br0 proto kernel scope link src 10.4.1.1 10.4.1.128/25 dev br1 proto kernel scope link src 10.4.1.129 10.4.2.0/25 via 10.1.1.2 dev swp1s0 proto zebra metric 20 10.4.2.128/25 via 10.1.1.2 dev swp1s0 proto zebra metric 20 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.11

▿▹ `ptmctl -d`	Displays detailed Prescriptive Topology Manager (PTM) information.	PTM
cumulus@leaf1$ ptmctl -d ---------------------------------------------------------------------------------------------------------------------------- port cbl exp act sysname portID portDescr match last BFD BFD BFD BFD BFD status nbr nbr on upd status peer local type DownDiag ---------------------------------------------------------------------------------------------------------------------------- swp1s0 pass spine1:swp49 spine1:swp49 spine1 swp49 swp49 IfName 37s N/A N/A N/A N/A N/A swp1s1 pass spine1:swp50 spine1:swp50 spine1 swp50 swp50 IfName 37s N/A N/A N/A N/A N/A swp1s2 pass spine2:swp51 spine2:swp51 spine2 swp51 swp51 IfName 37s N/A N/A N/A N/A N/A swp1s3 pass spine2:swp52 spine2:swp52 spine2 swp52 swp52 IfName 37s N/A N/A N/A N/A N/A swp17 N/A leaf2:swp17 no-info N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A swp18 N/A leaf2:swp18 no-info N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A swp32s0 N/A server1:eth3 no-info N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A swp32s1 N/A server2:eth2 no-info N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A

▿▹ `vtysh¹`	A modal (interactive industry standard) CLI for configuring FRRouting.	Configuring FRRouting - Modal
cumulus@leaf1$ sudo vtysh Hello, this is FRRouting (version 7.0+cl4u1). Copyright 1996-2005 Kunihiro Ishiguro, et al. leaf01# show ver FRRouting 7.0+cl4u1 (leaf01). Copyright 1996-2005 Kunihiro Ishiguro, et al.

▿▹ `vtysh -c "show ip route"¹`	Displays the FRRouting routing table.	Configuring FRRouting
cumulus@leaf1$ sudo vtysh -c "show ip route" Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, > - selected route, * - FIB route, q - queued route, r - rejected route K>* 0.0.0.0/0 [0/0] via 192.168.0.254, eth0, 1d23h44m C>* 10.0.0.11/32 is directly connected, lo, 1d23h44m B>* 10.0.0.12/32 [20/0] via fe80::4638:39ff:fe00:25, swp52, 1d23h44m * via fe80::4638:39ff:fe00:54, swp51, 1d23h44m B>* 10.0.0.13/32 [20/0] via fe80::4638:39ff:fe00:25, swp52, 1d23h44m * via fe80::4638:39ff:fe00:54, swp51, 1d23h44m B>* 10.0.0.14/32 [20/0] via fe80::4638:39ff:fe00:25, swp52, 1d23h44m * via fe80::4638:39ff:fe00:54, swp51, 1d23h44m B>* 10.0.0.22/32 [20/0] via fe80::4638:39ff:fe00:25, swp52, 1d23h44m B>* 10.0.0.121/32 [20/0] via fe80::4638:39ff:fe00:54, swp51, 1d23h44m C * 172.16.1.0/24 [0/1024] is directly connected, vlan100-v0, 1d23h03m C>* 172.16.1.0/24 is directly connected, vlan100, 1d23h03m B>* 172.16.2.0/24 [20/0] via fe80::4638:39ff:fe00:25, swp52, 1d23h42m * via fe80::4638:39ff:fe00:54, swp51, 1d23h42m C>* 192.168.0.0/24 is directly connected, eth0, 1d23h44m

▿▹ `net show ospf neighbor¹`	Displays OSPF neighbors.	OSPF
cumulus@switch:~$ net show ospf neighbor Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL 10.0.255.101 1 Full/DROther 38.091s 10.0.255.11 swp51:10.0.255.21 0 0 0 10.0.255.102 1 Full/DROther 38.085s 10.0.255.12 swp52:10.0.255.21 0 0 0

▿▹ `net show bgp summary¹` `vtysh -c "show ip bgp summary"¹`	Displays BGP summary information.	BGP
cumulus@leaf01:~$ sudo vtysh -c "show ip bgp summary" IPv4 Unicast Summary: BGP router identifier 10.0.0.11, local AS number 65011 vrf-id 0 BGP table version 89 RIB entries 15, using 2760 bytes of memory Peers 2, using 41 KiB of memory Peer groups 1, using 64 bytes of memory Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd spine01(swp51) 4 65020 57399 57432 0 0 0 1d23h47m 5 spine02(swp52) 4 65020 57400 57432 0 0 0 1d23h47m 5 Total number of neighbors 2

▿▹ `net show bgp ipv4 unicast` `vtysh -c "show ip bgp"¹`	Displays the BGP routing table.	BGP
cumulus@leaf1$ sudo vtysh -c "show ip bgp" BGP table version is 220, local router ID is 10.2.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path > 10.1.1.0/30 0.0.0.0 0 32768 ? i 10.1.1.2 0 100 0 ? * i 10.1.1.6 0 100 0 ? > 10.1.1.4/30 0.0.0.0 0 32768 ? i 10.1.1.6 0 100 0 ? * i 10.1.1.2 0 100 0 ? * i10.1.1.16/30 10.1.1.6 0 100 0 ? >i 10.1.1.2 0 100 0 ? i 10.1.1.38 0 100 0 ? * i 10.1.1.34 0 100 0 ? * i10.1.1.20/30 10.1.1.6 0 100 0 ? >i 10.1.1.2 0 100 0 ? i 10.1.1.38 0 100 0 ? * i 10.1.1.34 0 100 0 ? > 10.1.1.32/30 0.0.0.0 0 32768 ? i 10.1.1.38 0 100 0 ? * i 10.1.1.34 0 100 0 ? > 10.1.1.36/30 0.0.0.0 0 32768 ? i 10.1.1.38 0 100 0 ? * i 10.1.1.34 0 100 0 ? * i10.1.1.48/30 10.1.1.38 0 100 0 ? >i 10.1.1.34 0 100 0 ? i 10.1.1.6 0 100 0 ? * i 10.1.1.2 0 100 0 ? * i10.1.1.52/30 10.1.1.38 0 100 0 ? >i 10.1.1.34 0 100 0 ? i 10.1.1.6 0 100 0 ? * i 10.1.1.2 0 100 0 ? > 10.2.1.1/32 0.0.0.0 0 32768 ? i10.2.1.2/32 10.1.1.38 0 100 0 ? * i 10.1.1.34 0 100 0 ? * i 10.1.1.6 0 100 0 ? >i 10.1.1.2 0 100 0 ? i10.2.1.3/32 10.1.1.6 0 100 0 ? >i 10.1.1.2 0 100 0 ? i10.2.1.4/32 10.1.1.38 0 100 0 ? >i 10.1.1.34 0 100 0 ? i10.4.2.0/25 10.1.1.38 0 100 0 ? * i 10.1.1.34 0 100 0 ? * i 10.1.1.6 0 100 0 ? >i 10.1.1.2 0 100 0 ? i10.4.2.128/25 10.1.1.38 0 100 0 ? * i 10.1.1.34 0 100 0 ? * i 10.1.1.6 0 100 0 ? >i 10.1.1.2 0 100 0 ? > 192.168.0.0 0.0.0.0 0 32768 ? * i 10.1.1.6 0 100 0 ? * i 10.1.1.2 0 100 0 ? * i 10.1.1.38 0 100 0 ? * i 10.1.1.34 0 100 0 ? Total number of prefixes 15

ACL Commands

Command	Description	More Information
▿▹ `cl-acltool -L all¹`	Displays all filter rules.	Netfilter - ACL
cumulus@leaf1$ sudo cl-acltool -L all ------------------------------- Listing rules of type iptables: ------------------------------- TABLE filter : Chain INPUT (policy ACCEPT 11749 packets, 1752K bytes) pkts bytes target prot opt in out source destination 0 0 DROP all -- swp+ any 240.0.0.0/5 anywhere 0 0 DROP all -- swp+ any loopback/8 anywhere 0 0 DROP all -- swp+ any base-address.mcast.net/8 anywhere 0 0 DROP all -- swp+ any 255.255.255.255 anywhere 0 0 SETCLASS udp -- swp+ any anywhere anywhere udp dpt:3785 SETCLASS class:7 0 0 POLICE udp -- any any anywhere anywhere udp dpt:3785 POLICE mode:pkt rate:2000 burst:2000 0 0 SETCLASS udp -- swp+ any anywhere anywhere udp dpt:3784 SETCLASS class:7 0 0 POLICE udp -- any any anywhere anywhere udp dpt:3784 POLICE mode:pkt rate:2000 burst:2000 0 0 SETCLASS udp -- swp+ any anywhere anywhere udp dpt:4784 SETCLASS class:7 0 0 POLICE udp -- any any anywhere anywhere udp dpt:4784 POLICE mode:pkt rate:2000 burst:2000 0 0 SETCLASS ospf -- swp+ any anywhere anywhere SETCLASS class:7 0 0 POLICE ospf -- any any anywhere anywhere POLICE mode:pkt rate:2000 burst:2000 20312 1650K SETCLASS tcp -- swp+ any anywhere anywhere tcp dpt:bgp SETCLASS class:7 20312 1732K POLICE tcp -- any any anywhere anywhere tcp dpt:bgp POLICE mode:pkt rate:2000 burst:2000 5 453 SETCLASS tcp -- swp+ any anywhere anywhere tcp spt:bgp SETCLASS class:7 5 473 POLICE tcp -- any any anywhere anywhere tcp spt:bgp POLICE mode:pkt rate:2000 burst:2000 0 0 SETCLASS tcp -- swp+ any anywhere anywhere tcp dpt:5342 SETCLASS class:7 0 0 POLICE tcp -- any any anywhere anywhere tcp dpt:5342 POLICE mode:pkt rate:2000 burst:2000 0 0 SETCLASS tcp -- swp+ any anywhere anywhere tcp spt:5342 SETCLASS class:7 0 0 POLICE tcp -- any any anywhere anywhere tcp spt:5342 POLICE mode:pkt rate:2000 burst:2000 5 330 SETCLASS icmp -- swp+ any anywhere anywhere SETCLASS class:2 8 574 POLICE icmp -- any any anywhere anywhere POLICE mode:pkt rate:100 burst:40 0 0 SETCLASS udp -- swp+ any anywhere anywhere udp dpts:bootps:bootpc SETCLASS class:2 16 5248 POLICE udp -- any any anywhere anywhere udp dpt:bootps POLICE mode:pkt rate:100 burst:100 108 40068 POLICE udp -- any any anywhere anywhere udp dpt:bootpc POLICE mode:pkt rate:100 burst:100 0 0 SETCLASS tcp -- swp+ any anywhere anywhere tcp dpts:bootps:bootpc SETCLASS class:2 0 0 POLICE tcp -- any any anywhere anywhere tcp dpt:bootps POLICE mode:pkt rate:100 burst:100 0 0 POLICE tcp -- any any anywhere anywhere tcp dpt:bootpc POLICE mode:pkt rate:100 burst:100 0 0 SETCLASS udp -- swp+ any anywhere anywhere udp dpt:10001 SETCLASS class:3 0 0 POLICE udp -- any any anywhere anywhere udp dpt:10001 POLICE mode:pkt rate:2000 burst:2000 0 0 SETCLASS igmp -- swp+ any anywhere anywhere SETCLASS class:6 0 0 POLICE igmp -- any any anywhere anywhere POLICE mode:pkt rate:300 burst:100 0 0 POLICE all -- swp+ any anywhere anywhere ADDRTYPE match dst-type LOCAL POLICE mode:pkt rate:1000 burst:1000 class:0 0 0 POLICE all -- swp+ any anywhere anywhere ADDRTYPE match dst-type IPROUTER POLICE mode:pkt rate:400 burst:100 class:0 0 0 SETCLASS all -- swp+ any anywhere anywhere SETCLASS class:0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 DROP all -- swp+ any 240.0.0.0/5 anywhere 0 0 DROP all -- swp+ any loopback/8 anywhere 0 0 DROP all -- swp+ any base-address.mcast.net/8 anywhere 0 0 DROP all -- swp+ any 255.255.255.255 anywhere Chain OUTPUT (policy ACCEPT 31983 packets, 2328K bytes) pkts bytes target prot opt in out source destination TABLE mangle : Chain PREROUTING (policy ACCEPT 31472 packets, 2689K bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 11137 packets, 1399K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 31390 packets, 2272K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 31394 packets, 2272K bytes) pkts bytes target prot opt in out source destination TABLE raw : Chain PREROUTING (policy ACCEPT 31473 packets, 2689K bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 31391 packets, 2272K bytes) pkts bytes target prot opt in out source destination -------------------------------- Listing rules of type ip6tables: -------------------------------- TABLE filter : Chain INPUT (policy ACCEPT 9473 packets, 836K bytes) pkts bytes target prot opt in out source destination 0 0 DROP all swp+ any ip6-mcastprefix/8 anywhere 0 0 DROP all swp+ any ::/128 anywhere 0 0 DROP all swp+ any ::ffff:0.0.0.0/96 anywhere 0 0 DROP all swp+ any localhost/128 anywhere 0 0 POLICE udp swp+ any anywhere anywhere udp dpt:3785 POLICE mode:pkt rate:2000 burst:2000 class:7 0 0 POLICE udp swp+ any anywhere anywhere udp dpt:3784 POLICE mode:pkt rate:2000 burst:2000 class:7 0 0 POLICE udp swp+ any anywhere anywhere udp dpt:4784 POLICE mode:pkt rate:2000 burst:2000 class:7 0 0 POLICE ospf swp+ any anywhere anywhere POLICE mode:pkt rate:2000 burst:2000 class:7 0 0 POLICE tcp swp+ any anywhere anywhere tcp dpt:bgp POLICE mode:pkt rate:2000 burst:2000 class:7 0 0 POLICE tcp swp+ any anywhere anywhere tcp spt:bgp POLICE mode:pkt rate:2000 burst:2000 class:7 0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmp router-solicitation POLICE mode:pkt rate:100 burst:100 class:2 0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmp router-advertisement POLICE mode:pkt rate:500 burst:500 class:2 0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmp neighbour-solicitation POLICE mode:pkt rate:400 burst:400 class:2 0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmp neighbour-advertisement POLICE mode:pkt rate:400 burst:400 class:2 0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmptype 130 POLICE mode:pkt rate:200 burst:100 class:6 0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmptype 131 POLICE mode:pkt rate:200 burst:100 class:6 0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmptype 132 POLICE mode:pkt rate:200 burst:100 class:6 4 376 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmptype 143 POLICE mode:pkt rate:200 burst:100 class:6 0 0 POLICE ipv6-icmp swp+ any anywhere anywhere POLICE mode:pkt rate:64 burst:40 class:2 0 0 POLICE udp swp+ any anywhere anywhere udp dpts:dhcpv6-client:dhcpv6-server POLICE mode:pkt rate:100 burst:100 class:2 0 0 POLICE tcp swp+ any anywhere anywhere tcp dpts:dhcpv6-client:dhcpv6-server POLICE mode:pkt rate:100 burst:100 class:2 0 0 POLICE all swp+ any anywhere anywhere ADDRTYPE match dst-type LOCAL POLICE mode:pkt rate:1000 burst:1000 class:0 0 0 POLICE all swp+ any anywhere anywhere ADDRTYPE match dst-type IPROUTER POLICE mode:pkt rate:400 burst:100 class:0 0 0 SETCLASS all swp+ any anywhere anywhere SETCLASS class:0 Chain FORWARD (policy ACCEPT 2 packets, 208 bytes) pkts bytes target prot opt in out source destination 0 0 DROP all swp+ any ip6-mcastprefix/8 anywhere 0 0 DROP all swp+ any ::/128 anywhere 0 0 DROP all swp+ any ::ffff:0.0.0.0/96 anywhere 0 0 DROP all swp+ any localhost/128 anywhere Chain OUTPUT (policy ACCEPT 9683 packets, 884K bytes) pkts bytes target prot opt in out source destination TABLE mangle : Chain PREROUTING (policy ACCEPT 9455 packets, 835K bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 9449 packets, 834K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 2 packets, 208 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 9641 packets, 880K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 9625 packets, 879K bytes) pkts bytes target prot opt in out source destination TABLE raw : Chain PREROUTING (policy ACCEPT 9455 packets, 835K bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 9641 packets, 880K bytes) pkts bytes target prot opt in out source destination ------------------------------- Listing rules of type ebtables: ------------------------------- TABLE filter : Bridge table: filter Bridge chain: INPUT, entries: 16, policy: ACCEPT -d BGA -i swp+ -j setclass --class 7 , pcnt = 0 -- bcnt = 0 -d BGA -j police --set-mode pkt --set-rate 2000 --set-burst 2000 , pcnt = 0 -- bcnt = 0 -d 1:80:c2:0:0:2 -i swp+ -j setclass --class 7 , pcnt = 0 -- bcnt = 0 -d 1:80:c2:0:0:2 -j police --set-mode pkt --set-rate 2000 --set-burst 2000 , pcnt = 0 -- bcnt = 0 -d 1:80:c2:0:0:e -i swp+ -j setclass --class 6 , pcnt = 23045 -- bcnt = 2926715 -d 1:80:c2:0:0:e -j police --set-mode pkt --set-rate 200 --set-burst 200 , pcnt = 23045 -- bcnt = 3018895 -d 1:0:c:cc:cc:cc -i swp+ -j setclass --class 6 , pcnt = 0 -- bcnt = 0 -d 1:0:c:cc:cc:cc -j police --set-mode pkt --set-rate 200 --set-burst 200 , pcnt = 0 -- bcnt = 0 -p ARP -i swp+ -j setclass --class 2 , pcnt = 45529 -- bcnt = 2913856 -p ARP -j police --set-mode pkt --set-rate 400 --set-burst 100 , pcnt = 45529 -- bcnt = 3095972 -d 1:0:c:cc:cc:cd -i swp+ -j setclass --class 7 , pcnt = 0 -- bcnt = 0 -d 1:0:c:cc:cc:cd -j police --set-mode pkt --set-rate 2000 --set-burst 2000 , pcnt = 0 -- bcnt = 0 -p IPv4 -i swp+ -j ACCEPT , pcnt = 0 -- bcnt = 0 -p IPv6 -i swp+ -j ACCEPT , pcnt = 4 -- bcnt = 376 -i swp+ -j setclass --class 0 , pcnt = 0 -- bcnt = 0 -j police --set-mode pkt --set-rate 100 --set-burst 100 , pcnt = 0 -- bcnt = 0 Bridge chain: FORWARD, entries: 0, policy: ACCEPT Bridge chain: OUTPUT, entries: 0, policy: ACCEPT

▿▹ `iptables -L¹`	Displays the IPv4 filter rules.	Netfilter - ACL
cumulus@leaf1$ sudo iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP all -- 240.0.0.0/5 anywhere DROP all -- loopback/8 anywhere DROP all -- base-address.mcast.net/8 anywhere DROP all -- 255.255.255.255 anywhere SETCLASS udp -- anywhere anywhere udp dpt:3785 SETCLASS class:7 POLICE udp -- anywhere anywhere udp dpt:3785 POLICE mode:pkt rate:2000 burst:2000 SETCLASS udp -- anywhere anywhere udp dpt:3784 SETCLASS class:7 POLICE udp -- anywhere anywhere udp dpt:3784 POLICE mode:pkt rate:2000 burst:2000 SETCLASS udp -- anywhere anywhere udp dpt:4784 SETCLASS class:7 POLICE udp -- anywhere anywhere udp dpt:4784 POLICE mode:pkt rate:2000 burst:2000 SETCLASS ospf -- anywhere anywhere SETCLASS class:7 POLICE ospf -- anywhere anywhere POLICE mode:pkt rate:2000 burst:2000 SETCLASS tcp -- anywhere anywhere tcp dpt:bgp SETCLASS class:7 POLICE tcp -- anywhere anywhere tcp dpt:bgp POLICE mode:pkt rate:2000 burst:2000 SETCLASS tcp -- anywhere anywhere tcp spt:bgp SETCLASS class:7 POLICE tcp -- anywhere anywhere tcp spt:bgp POLICE mode:pkt rate:2000 burst:2000 SETCLASS tcp -- anywhere anywhere tcp dpt:5342 SETCLASS class:7 POLICE tcp -- anywhere anywhere tcp dpt:5342 POLICE mode:pkt rate:2000 burst:2000 SETCLASS tcp -- anywhere anywhere tcp spt:5342 SETCLASS class:7 POLICE tcp -- anywhere anywhere tcp spt:5342 POLICE mode:pkt rate:2000 burst:2000 SETCLASS icmp -- anywhere anywhere SETCLASS class:2 POLICE icmp -- anywhere anywhere POLICE mode:pkt rate:100 burst:40 SETCLASS udp -- anywhere anywhere udp dpts:bootps:bootpc SETCLASS class:2 POLICE udp -- anywhere anywhere udp dpt:bootps POLICE mode:pkt rate:100 burst:100 POLICE udp -- anywhere anywhere udp dpt:bootpc POLICE mode:pkt rate:100 burst:100 SETCLASS tcp -- anywhere anywhere tcp dpts:bootps:bootpc SETCLASS class:2 POLICE tcp -- anywhere anywhere tcp dpt:bootps POLICE mode:pkt rate:100 burst:100 POLICE tcp -- anywhere anywhere tcp dpt:bootpc POLICE mode:pkt rate:100 burst:100 SETCLASS udp -- anywhere anywhere udp dpt:10001 SETCLASS class:3 POLICE udp -- anywhere anywhere udp dpt:10001 POLICE mode:pkt rate:2000 burst:2000 SETCLASS igmp -- anywhere anywhere SETCLASS class:6 POLICE igmp -- anywhere anywhere POLICE mode:pkt rate:300 burst:100 POLICE all -- anywhere anywhere ADDRTYPE match dst-type LOCAL POLICE mode:pkt rate:1000 burst:1000 class:0 POLICE all -- anywhere anywhere ADDRTYPE match dst-type IPROUTER POLICE mode:pkt rate:400 burst:100 class:0 SETCLASS all -- anywhere anywhere SETCLASS class:0 Chain FORWARD (policy ACCEPT) target prot opt source destination DROP all -- 240.0.0.0/5 anywhere DROP all -- loopback/8 anywhere DROP all -- base-address.mcast.net/8 anywhere DROP all -- 255.255.255.255 anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination

▿▹ `ip6tables -L¹`	Displays the IPv6 filter rules.	Netfilter - ACL
cumulus@leaf1$ sudo ip6tables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP all ip6-mcastprefix/8 anywhere DROP all ::/128 anywhere DROP all ::ffff:0.0.0.0/96 anywhere DROP all localhost/128 anywhere POLICE udp anywhere anywhere udp dpt:3785 POLICE mode:pkt rate:2000 burst:2000 class:7 POLICE udp anywhere anywhere udp dpt:3784 POLICE mode:pkt rate:2000 burst:2000 class:7 POLICE udp anywhere anywhere udp dpt:4784 POLICE mode:pkt rate:2000 burst:2000 class:7 POLICE ospf anywhere anywhere POLICE mode:pkt rate:2000 burst:2000 class:7 POLICE tcp anywhere anywhere tcp dpt:bgp POLICE mode:pkt rate:2000 burst:2000 class:7 POLICE tcp anywhere anywhere tcp spt:bgp POLICE mode:pkt rate:2000 burst:2000 class:7 POLICE ipv6-icmp anywhere anywhere ipv6-icmp router-solicitation POLICE mode:pkt rate:100 burst:100 class:2 POLICE ipv6-icmp anywhere anywhere ipv6-icmp router-advertisement POLICE mode:pkt rate:500 burst:500 class:2 POLICE ipv6-icmp anywhere anywhere ipv6-icmp neighbour-solicitation POLICE mode:pkt rate:400 burst:400 class:2 POLICE ipv6-icmp anywhere anywhere ipv6-icmp neighbour-advertisement POLICE mode:pkt rate:400 burst:400 class:2 POLICE ipv6-icmp anywhere anywhere ipv6-icmptype 130 POLICE mode:pkt rate:200 burst:100 class:6 POLICE ipv6-icmp anywhere anywhere ipv6-icmptype 131 POLICE mode:pkt rate:200 burst:100 class:6 POLICE ipv6-icmp anywhere anywhere ipv6-icmptype 132 POLICE mode:pkt rate:200 burst:100 class:6 POLICE ipv6-icmp anywhere anywhere ipv6-icmptype 143 POLICE mode:pkt rate:200 burst:100 class:6 POLICE ipv6-icmp anywhere anywhere POLICE mode:pkt rate:64 burst:40 class:2 POLICE udp anywhere anywhere udp dpts:dhcpv6-client:dhcpv6-server POLICE mode:pkt rate:100 burst:100 class:2 POLICE tcp anywhere anywhere tcp dpts:dhcpv6-client:dhcpv6-server POLICE mode:pkt rate:100 burst:100 class:2 POLICE all anywhere anywhere ADDRTYPE match dst-type LOCAL POLICE mode:pkt rate:1000 burst:1000 class:0 POLICE all anywhere anywhere ADDRTYPE match dst-type IPROUTER POLICE mode:pkt rate:400 burst:100 class:0 SETCLASS all anywhere anywhere SETCLASS class:0 Chain FORWARD (policy ACCEPT) target prot opt source destination DROP all ip6-mcastprefix/8 anywhere DROP all ::/128 anywhere DROP all ::ffff:0.0.0.0/96 anywhere DROP all localhost/128 anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination

▿▹ `ebtables -L¹`	Displays the ebtables (L2 MAC address) filter rules.	Netfilter - ACL
cumulus@leaf1$ sudo ebtables -L Bridge table: filter Bridge chain: INPUT, entries: 16, policy: ACCEPT -d BGA -i swp+ -j setclass --class 7 -d BGA -j police --set-mode pkt --set-rate 2000 --set-burst 2000 -d 1:80:c2:0:0:2 -i swp+ -j setclass --class 7 -d 1:80:c2:0:0:2 -j police --set-mode pkt --set-rate 2000 --set-burst 2000 -d 1:80:c2:0:0:e -i swp+ -j setclass --class 6 -d 1:80:c2:0:0:e -j police --set-mode pkt --set-rate 200 --set-burst 200 -d 1:0:c:cc:cc:cc -i swp+ -j setclass --class 6 -d 1:0:c:cc:cc:cc -j police --set-mode pkt --set-rate 200 --set-burst 200 -p ARP -i swp+ -j setclass --class 2 -p ARP -j police --set-mode pkt --set-rate 400 --set-burst 100 -d 1:0:c:cc:cc:cd -i swp+ -j setclass --class 7 -d 1:0:c:cc:cc:cd -j police --set-mode pkt --set-rate 2000 --set-burst 2000 -p IPv4 -i swp+ -j ACCEPT -p IPv6 -i swp+ -j ACCEPT -i swp+ -j setclass --class 0 -j police --set-mode pkt --set-rate 100 --set-burst 100 Bridge chain: FORWARD, entries: 0, policy: ACCEPT Bridge chain: OUTPUT, entries: 0, policy: ACCEPT

Miscellaneous Commands

Command	Description	More Information
▿▹ `netstat -l`	Displays all active listening port connections.	man netstat
cumulus@leaf1$ netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:zebra 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:bgpd 0.0.0.0:* LISTEN tcp 0 0 localhost:http-alt 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:bgp 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:2616 0.0.0.0:* LISTEN tcp6 0 0 [::]:zebra [::]:* LISTEN tcp6 0 0 [::]:bgpd [::]:* LISTEN tcp6 0 0 [::]:bgp [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 [::]:2616 [::]:* LISTEN tcp6 0 0 fe80::4638:39ff:fe:5342 [::]:* LISTEN udp 0 0 0.0.0.0:bootpc 0.0.0.0:* udp 0 0 leaf01:ntp 0.0.0.0:* udp 0 0 localhost:ntp 0.0.0.0:* udp 0 0 0.0.0.0:ntp 0.0.0.0:* udp 0 0 0.0.0.0:4784 0.0.0.0:* udp 0 0 0.0.0.0:34489 0.0.0.0:* udp 0 0 0.0.0.0:3784 0.0.0.0:* udp 0 0 0.0.0.0:3785 0.0.0.0:* udp 0 0 0.0.0.0:5342 0.0.0.0:* udp6 0 0 fe80::a200:ff:fe00::ntp [::]:* udp6 0 0 localhost:ntp [::]:* udp6 0 0 [::]:ntp [::]:* udp6 0 0 [::]:4784 [::]:* udp6 0 0 [::]:3784 [::]:* raw6 0 0 [::]:ipv6-icmp [::]:* 7 Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 30989 /var/run/frr/bgpd.vty unix 2 [ ACC ] STREAM LISTENING 95538 /var/run/clag-zebra.socket unix 2 [ ACC ] STREAM LISTENING 95545 /var/run/clagd.socket unix 2 [ ACC ] STREAM LISTENING 31033 /var/run/frr/staticd.vty unix 2 [ ACC ] STREAM LISTENING 27316 @/var/run/ptmd.socket unix 2 [ ACC ] STREAM LISTENING 10123 /run/systemd/private unix 2 [ ACC ] STREAM LISTENING 30869 /var/run/frr/watchfrr.vty unix 2 [ ACC ] STREAM LISTENING 10138 /run/lvm/lvmpolld.socket unix 2 [ ACC ] STREAM LISTENING 10149 /run/systemd/fsck.progress unix 2 [ ACC ] STREAM LISTENING 12197 /run/uuidd/request unix 2 [ ACC ] SEQPACKET LISTENING 10152 /run/udev/control unix 2 [ ACC ] STREAM LISTENING 10155 /run/systemd/journal/stdout unix 2 [ ACC ] STREAM LISTENING 12213 /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 27308 @/var/run/ptmd-quagga.socket unix 2 [ ACC ] STREAM LISTENING 28094 /run/nclu/uds unix 2 [ ACC ] STREAM LISTENING 27594 /var/run/lldpd.socket unix 2 [ ACC ] STREAM LISTENING 26838 /var/run/neighmgrd/uds unix 2 [ ACC ] STREAM LISTENING 30952 /var/run/frr/zserv.api unix 2 [ ACC ] STREAM LISTENING 30959 /var/run/frr/zebra.vty

▿▹ `netstat -at`	Displays all active listening TCP socket connections.	man netstat
cumulus@leaf1$ netstat -at Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 :bgp :* LISTEN tcp 0 0 :ssh :* LISTEN tcp 0 0 localhost.localdom:2812 : LISTEN tcp 0 0 localhost.localdo:zebra : LISTEN tcp 0 0 localhost.localdo:ospfd : LISTEN tcp 0 0 localhost.localdom:bgpd : LISTEN tcp 0 0 10.1.1.1:bgp 10.1.1.2:57267 ESTABLISHED tcp 0 0 10.1.1.5:bgp 10.1.1.6:47451 ESTABLISHED tcp 0 0 10.1.1.33:bgp 10.1.1.34:56332 ESTABLISHED tcp 0 0 leaf1.lab.local:ssh wbench.lab.local:50308 ESTABLISHED tcp 0 0 10.1.1.37:bgp 10.1.1.38:45210 ESTABLISHED tcp6 0 0 [::]:bgp [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN

▿▹ `netstat -au`	Displays all active listening UDP socket connections.	man netstat
cumulus@leaf1$ netstat -au Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 :46609 :* udp 0 0 :bootpc :* udp 0 0 leaf1.lab.local:ntp : udp 0 0 localhost.localdoma:ntp : udp 0 0 :ntp :* udp 0 0 :4784 :* udp 0 0 :3784 :* udp 0 0 :3785 :* udp6 0 0 [::]:5638 [::]:* udp6 0 0 fe80::7272:cfff:feb:ntp [::]:* udp6 0 0 localhost:ntp [::]:* udp6 0 0 [::]:ntp [::]:* udp6 0 0 [::]:4784 [::]:* udp6 0 0 [::]:3784 [::]:*

▿▹ `ps -ef`	Displays all running processes.	man ps
cumulus@leaf1$ ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 Aug27 ? 00:00:21 /sbin/init root 2 0 0 Aug27 ? 00:00:00 [kthreadd] root 3 2 0 Aug27 ? 00:00:00 [rcu_gp] root 4 2 0 Aug27 ? 00:00:00 [rcu_par_gp] root 6 2 0 Aug27 ? 00:00:00 [kworker/0:0H-kblockd] root 8 2 0 Aug27 ? 00:00:00 [mm_percpu_wq] root 9 2 0 Aug27 ? 00:00:05 [ksoftirqd/0] root 10 2 0 Aug27 ? 00:00:34 [rcu_sched] root 11 2 0 Aug27 ? 00:00:00 [rcu_bh] root 12 2 0 Aug27 ? 00:00:00 [migration/0] root 14 2 0 Aug27 ? 00:00:00 [cpuhp/0] root 15 2 0 Aug27 ? 00:00:00 [kdevtmpfs] root 16 2 0 Aug27 ? 00:00:00 [netns] root 17 2 0 Aug27 ? 00:00:00 [kauditd] root 18 2 0 Aug27 ? 00:00:00 [khungtaskd] root 19 2 0 Aug27 ? 00:00:00 [oom_reaper] root 20 2 0 Aug27 ? 00:00:00 [writeback] root 21 2 0 Aug27 ? 00:00:00 [kcompactd0] root 22 2 0 Aug27 ? 00:00:00 [ksmd] root 23 2 0 Aug27 ? 00:00:00 [khugepaged] root 24 2 0 Aug27 ? 00:00:00 [crypto] root 25 2 0 Aug27 ? 00:00:00 [kintegrityd] root 26 2 0 Aug27 ? 00:00:00 [kblockd] root 27 2 0 Aug27 ? 00:00:00 [ata_sff] root 28 2 0 Aug27 ? 00:00:00 [edac-poller] root 29 2 0 Aug27 ? 00:00:00 [watchdogd] root 30 2 0 Aug27 ? 00:00:00 [rpciod] root 31 2 0 Aug27 ? 00:00:00 [kworker/u3:0] root 32 2 0 Aug27 ? 00:00:00 [xprtiod] root 33 2 0 Aug27 ? 00:00:00 [kswapd0] root 34 2 0 Aug27 ? 00:00:00 [nfsiod] root 49 2 0 Aug27 ? 00:00:00 [kthrotld] root 50 2 0 Aug27 ? 00:00:01 [kworker/0:1H-kblockd] root 51 2 0 Aug27 ? 00:00:00 [scsi_eh_0] root 52 2 0 Aug27 ? 00:00:00 [scsi_tmf_0] root 53 2 0 Aug27 ? 00:00:00 [scsi_eh_1] root 54 2 0 Aug27 ? 00:00:00 [scsi_tmf_1] root 56 2 0 Aug27 ? 00:00:00 [ipv6_addrconf] root 115 2 0 Aug27 ? 00:00:03 [jbd2/vda4-8] root 116 2 0 Aug27 ? 00:00:00 [ext4-rsv-conver] root 207 1 0 Aug27 ? 00:01:44 /lib/systemd/systemd-journald root 221 1 0 Aug27 ? 00:00:00 /lib/systemd/systemd-udevd root 232 1 0 Aug27 ? 00:00:03 /usr/sbin/haveged --Foreground --verbose=1 -w 1024 root 238 1 0 Aug27 ? 00:00:00 /sbin/auditd root 268 1 0 Aug27 ? 00:00:28 /usr/sbin/rsyslogd -n -iNONE message+ 273 1 0 Aug27 ? 00:00:00 /usr/bin/dbus-daemon --system --address=systemd: --no root 275 1 0 Aug27 ? 00:00:00 /usr/sbin/rasdaemon -f -r root 279 1 0 Aug27 ? 00:00:00 /lib/systemd/systemd-logind root 284 1 0 Aug27 ? 00:00:00 /usr/sbin/cron -f -L 38 root 292 1 0 Aug27 ? 00:00:01 /usr/sbin/wd_keepalive root 293 1 0 Aug27 tty1 00:00:00 /sbin/agetty -o -p -- \u --noclear tty1 linux root 294 1 0 Aug27 ? 00:01:22 /sbin/mstpd -d -v2 root 326 1 0 Aug27 ? 00:00:00 nginx: master process /usr/sbin/nginx -g daemon on; m www-data 327 326 0 Aug27 ? 00:00:00 nginx: worker process root 468 1 0 Aug27 ? 00:00:00 /usr/sbin/switchd -vx root 488 1 0 Aug27 ? 00:06:46 /usr/bin/python2 /usr/sbin/smond root 493 1 0 Aug27 ? 00:00:49 /usr/bin/python2 /usr/sbin/pwmd root 494 1 0 Aug27 ? 00:00:31 /usr/bin/python2 /usr/sbin/ledmgrd root 564 1 0 Aug27 ? 00:00:02 /sbin/dhclient -pf /run/dhclient.eth0.pid -lf /var/li root 635 1 0 Aug27 ? 00:13:29 /usr/bin/python2 /usr/bin/neighmgrd root 637 1 0 Aug27 ? 00:00:07 /bin/bash /usr/lib/cumulus/sysmonitor root 646 1 0 Aug27 ? 00:00:01 /usr/bin/python -O /usr/sbin/netd -d root 657 1 0 Aug27 ? 00:00:00 /usr/sbin/sshd -D ntp 700 1 0 Aug27 ? 00:00:30 /usr/sbin/ntpd -n -u ntp:ntp -g root 704 1 0 Aug27 ttyS0 00:00:00 /sbin/agetty -o -p -- \u --keep-baud 115200,38400,960 root 705 1 0 Aug27 ? 00:00:19 /usr/sbin/ptmd -l INFO _lldpd 707 1 0 Aug27 ? 00:00:00 lldpd: monitor. _lldpd 711 707 0 Aug27 ? 00:01:00 lldpd: 10 neighbors. root 1055 2 0 Aug27 ? 00:00:00 [peerlink] root 1157 2 0 Aug27 ? 00:00:00 [server01] root 1165 2 0 Aug27 ? 00:00:00 [server02] root 1537 1 0 Aug27 ? 00:00:23 /usr/lib/frr/watchfrr -d zebra bgpd staticd frr 1553 1 0 Aug27 ? 00:02:18 /usr/lib/frr/zebra -d frr 1557 1 0 Aug27 ? 00:00:52 /usr/lib/frr/bgpd -d frr 1563 1 0 Aug27 ? 00:00:08 /usr/lib/frr/staticd -d root 3352 2 0 01:51 ? 00:00:00 [kworker/0:1] root 3559 2 0 01:57 ? 00:00:03 [kworker/0:0-events] root 4478 1 1 Aug27 ? 00:43:46 /usr/bin/python /usr/sbin/clagd --daemon linklocal pe root 4613 2 0 02:24 ? 00:00:00 [kworker/u2:1-server02] root 5433 2 0 02:49 ? 00:00:00 [kworker/u2:0-peerlink] root 5637 657 0 02:55 ? 00:00:00 sshd: cumulus [priv] cumulus 5672 5637 0 02:55 ? 00:00:00 sshd: cumulus@pts/0 cumulus 5673 5672 0 02:55 pts/0 00:00:00 -bash root 6317 2 0 03:12 ? 00:00:00 [kworker/u2:2-events_unbound] root 6372 637 0 03:13 ? 00:00:00 sleep 60 cumulus 6398 5673 0 03:14 pts/0 00:00:00 ps -ef

NCLU net show Command

The NCLU net show command displays a lot of useful information about the network, including netstat counters, interface details and LLDP information, as just three examples.

Command	Description	More Information
▿▹ `net show counters`	Displays interface counters.	NCLU
cumulus@leaf1$ net show counters Kernel Interface table Iface MTU Met RX_OK RX_ERR RX_DRP RX_OVR TX_OK TX_ERR TX_DRP TX_OVR Flg ------------- ----- ----- ------- -------- -------- -------- ------- -------- -------- -------- ----- bond-swp1 1500 0 1298 0 0 0 1950 0 0 0 BMmRU bond-swp2 1500 0 1322 0 0 0 1976 0 0 0 BMmRU bridge 1500 0 26 0 0 0 27 0 0 0 BMRU eth0 1500 0 9306 0 0 0 6462 0 0 0 BMRU lo 65536 0 0 0 0 0 0 0 0 0 LRU mgmt 65536 0 6001 0 0 0 4907 0 0 0 OmRU peerlink 1500 0 4643 0 4 0 4645 0 0 0 BMmRU peerlink.4094 1500 0 1533 0 0 0 1534 0 0 0 BMRU swp1 1500 0 1306 0 0 0 1950 0 0 0 BMsRU swp2 1500 0 1330 0 0 0 1976 0 0 0 BMsRU swp49 1500 0 2328 0 0 0 2324 0 0 0 BMsRU swp50 1500 0 2315 0 2 0 2321 0 0 0 BMsRU swp51 1500 0 1235 0 0 0 1212 0 0 0 BMRU swp52 1500 0 1046 0 0 0 1049 0 0 0 BMRU vlan20 1500 0 24 0 0 0 20 0 0 0 BMRU vlan20-v0 1500 0 15 0 0 0 13 0 0 0 BMRU

▿▹ `net show lldp`	Displays all LLDP neighbors, in a table format.	NCLU
cumulus@leaf1$ net show lldp LocalPort Speed Mode RemoteHost RemotePort --------- ----- ---------- --------------- ---------- eth0 1G Mgmt oob-mgmt-switch swp6 eth0 1G Mgmt oob-mgmt-switch swp6 swp1 1G BondMember server01 eth1 swp2 1G BondMember server02 eth1 swp49 1G BondMember leaf02 swp49 swp49 1G BondMember leaf02 to Leaf01 swp50 1G BondMember leaf02 swp50 swp50 1G BondMember leaf02 to Leaf01 swp51 1G Default spine01 to Leaf01 swp51 1G Default spine01 swp1 swp52 1G Default spine02 swp1 swp52 1G Default spine02 to Leaf01

▿▹ `net show interface`	Displays significant and relevant information for all 'up' interfaces.	NCLU
cumulus@leaf1$ net show interface Name Master Speed MTU Mode Remote Host Remote Port Summary ----- ------------- --------- ------- ----- -------------- --------------- ----------------- --------------------------------------- UP lo None N/A 65536 Loopback IP: 10.254.0.3/32, 127.0.0.1/8, ::1/128 UP eth0 mgmt 1G 1500 Mgmt oob-mgmt-switch swp8 IP: 192.168.0.13/24(DHCP) UP swp1 bond-swp1 1G 1500 BondMember server03 44:38:39:00:00:28 Master: bond-swp1(UP) UP swp2 bond-swp2 1G 1500 BondMember server04 44:38:39:00:00:23 Master: bond-swp2(UP) UP swp49 peerlink 1G 1500 BondMember leaf04 swp49 Master: peerlink(UP) UP swp50 peerlink 1G 1500 BondMember leaf04 swp50 Master: peerlink(UP) UP swp51 None 1G 1500 BGP Unnumbered spine01 swp3 UP swp52 None 1G 1500 BGP Unnumbered spine02 swp3 UP bond-swp1 bridge 1G 1500 Bond/Access Bond Members: swp1(UP) UP bond-swp2 bridge 1G 1500 Bond/Access Bond Members: swp2(UP) UP bridge None N/A 1500 Bridge/L2 Untagged Members: bond-swp1-2, peerlink UP mgmt None N/A 65536 Interface/L3 IP: 127.0.0.1/8 UP peerlink bridge 2G 1500 Bond/Trunk Bond Members: swp49(UP), swp50(UP) UP peerlink.4094 None 2G 1500 SubInt/L3 IP: 169.254.1.1/30 ADMDN vagrant None 0M 1500 NotConfigured UP vlan20 None N/A 1500 Interface/L3 IP: 10.3.20.253/24 UP vlan20-v0 None N/A 1500 Interface/L3 IP: 10.3.20.254/32

¹ - Requires sudo or root

Cumulus Linux Command Reference Guide

{{table_of_contents}}

Common System Commands

File Editing Commands

Interface Commands

Bridge/STP Commands

Routing Commands

ACL Commands

Miscellaneous Commands

NCLU net show Command

Comments

{{table_of_contents}}

Common System Commands

File Editing Commands

Interface Commands

Bridge/STP Commands

Routing Commands

ACL Commands

Miscellaneous Commands

NCLU net show Command

Comments

This support portal has moved