This chapter describes the CONFIG process configuration and operational commands. It includes the following sections:
The Configuration process (CONFIG) is a second-level process of the device user interface. Using CONFIG commands, you can:
| Note: | Refer to the chapter "Migrating to a New Code Level" in IBM 2212 Access Utility Service and Maintenance Manual for information about migrating to a new code level. |
CONFIG lets you display or change the configuration information stored in the device's nonvolatile configuration memory. Changes to system and protocol parameters do not take effect until you restart the device or reload the device software. (For more information, refer to the OPCON reload command in "What is the OPCON Process?").
| Note: | You must enter the write command to save the changes in the device's flash memory. |
The CONFIG command interface is made up of levels that are called modes. Each mode has its own prompt. For example, the prompt for the SNMP protocol is SNMP config>.
If you want to know the process and mode you are communicating with, press Enter to display the prompt. Some commands in this chapter, such as the network and protocol commands, allow you to access and exit the various levels in CONFIG. See Table 7 for a list of the commands you can issue from the CONFIG process.
Config-Only mode is entered if the configuration file that you are using is empty or no protocols are configured. Config-Only mode can also be entered manually to recover from an invalid configuration that is causing the router to crash during start-up.
Config-Only mode is entered if the router is booting with an empty configuration file or the configuration file contains incomplete configuration data.
The following conditions cause the router to enter Config-Only mode:
To enter Config-Only mode, do one of the following:
To reload or restart the router with no configuration, use the erase change management configuration command. Then use the set change management configuration command to select the empty configuration file. You can access these commands from the Boot> promptor from the service recovery interface.
To create a configuration that has no protocols configured, use the clear command to clear the protocol configuration information.
Quick Configuration (Quick Config) provides a minimal set of commands that allow you to configure bridging protocols and routing protocols present in the router load. You can also configure an SNMP community with WRITE_READ_TRAP access. This is useful during initial setup because the configuration program uses SNMP SET commands to transfer the configuration.
| Important: | At least one network device must be configured before using quick config. To add a device, use the add device command at the config(only)> or config> prompt. See Accessing the Network Interface Configuration Process for more information. |
The following table lists the protocols supported by Quick Config.
Table 6. Quick Config Capabilities
| Bridging Protocols | Routing Protocols |
|---|---|
| STB, SRT, SRB | IP, IPX, DNA IV |
Quick Config complements the existing configuration process by offering a shortcut. This shortcut allows you to configure the minimum number of parameters for these bridging protocols and routing protocols without having to exit and enter the different configuration processes. The other parameters are set to selected defaults.
Situations that call for the router to be quickly configured are:
Quick Config operates as follows:
Quick Config sets a number of default parameters based upon how you answer the configuration questions. What cannot be configured with Quick Config can be configured using Config after exiting Quick Config.
You cannot delete Quick Config information from within Quick Config. However, you can correct information either by exiting and returning to Quick Config, or by entering the reload command as a response to some Quick Config questions.
For complete information on using the Quick Config software, see Appendix A, "Quick Configuration Reference".
You might want to run Quick Config manually to demonstrate the router's capabilities or to reconfigure dynamically to perform benchmark tests without having to learn the router's operating system commands.
To enter Quick Config, type qconfig at the Config> prompt.
To exit Quick Config, restart by entering r from any prompt. Follow the queries until you enter no and then enter q to quit. The router returns to either the Config (only)> or the Config> prompt.
The device configuration process allows for a maximum of 50 user names, passwords, and levels of permission. Each user needs to be assigned a password and level of permission. There are three levels of permission: Administration, Operation, and Monitoring.
For more information, see ***.
If you are the system administrator, when you add a new user for the first time, you are asked if you want to add Technical Support access. If you answer yes, Technical Support is granted the same access privileges that you have as system administrator.
The password for this account is automatically selected by the software and is known by your service representative. This password can be changed using the change user command; however, if you do change the password, customer service cannot provide remote support. For additional information on the use of the change user command, see "Change".
Occasionally, you may need to configure a new interface along with its bridging and routing protocols without having to restart the device. You can accomplish this by configuring a number of spare interfaces on your device. Spare interfaces are useful if:
Use spare interfaces to add new V.25bis, V.34, or ISDN dial circuits on an existing V.25bis, V.34, or ISDN interface.
| Note: | You cannot add spare interfaces to channelized ISDN T1/E1 interfaces. |
To configure a spare interface:
* configuration Config> set spare 2 Config> *reload Are you sure you want to reload the gateway? (Yes or [No]) yes
When the device reloads, the spare interfaces are installed as null devices.
To use one of the spare interfaces:
The following example shows how to configure and activate a new dial circuit on which the IP protocol is enabled. The dial circuit and IP protocol configuration are not shown.
Example:
*configuration Config> add device dial-circuit Config> net 6 Circuit configuration Circuit config> · Here you would configure the dial circuit · Circuit config> exit Config> protocol ip IP> · Here you would configure the IP protocol on the dial circuit. · IP> exit Config> *console +activate 6
The following example shows how to configure and activate a new ATM LAN Emulation Client on which the IP protocol is configured. The ATM LAN Emulation Client and IP configurations are not shown.
* configuration Config> net 0 ATM User Configuration ATM Config> le-client ATM LAN Emulation Clients Configuration LE Client config> add token-ring Added Emulated LAN as interface 6 LE Client config> config 6 ATM LAN Emulation Client configuration · (Here you would configure the ATM LAN Emulation Client) · Token Ring Forum Compliant LEC Config> exit LE Client config> exit ATM Config> exit Config> protocol ip IP Conifg> · (Here you would configure IP on the ATM LAN Emulation Client) · IP Config> exit Config> write ctrl-p * console + activate 6 Interface 6 activated successfully
The activate command cannot be used to activate a new interface on the network under the following conditions:
You can configure the following interfaces as spare interfaces, but you cannot activate them on the network using the activate command:
You must restart the device to bring these interfaces online.
You can configure the following protocols on spare interfaces, but you cannot activate them on the network using the activate command:
| Note: | When using the configuration program, use the following to work with spare
interfaces:
|
There are requirements for certain functions. These are:
| APPN | To activate this protocol on a spare interface, you must first activate the interface and then configure the protocol on the activated interface. |
| Bandwidth Reservation (BRS) | To configure BRS on a spare interface, you must enable BRS on each network interface where Frame Relay circuits will be active before activating the spare interface. After activating the spare interface, you can then use BRS configuration commands to make changes such as adding a traffic class or assigning a protocol to a traffic class. |
| DECnet IV | To activate this protocol on a spare interface, you must first activate the interface and then configure the protocol on the activated interface. Use the DECnet IV set command to activate the configuration changes. |
| Frame Relay |
|
| BGP | Use the BGP reset neighbor command to activate new neighbors. |
| IPX | Use the reset command to activate static routes, static services, and filter lists on the spare interface. |
| PPP |
|
| Bridging |
|
| IP | Use the reset IP command to bring configuration changes online for access-controls and packet-filters. |
| WAN Restoral/ WAN Reroute | The spare interface cannot be activated if any of the following
conditions exist:
|
Occasionally, you might need to change the configuration of a network interface along with its bridging and routing protocols without restarting the device. The reset command allows you to disable a network interface and then enable it using new interface, bridging and routing configuration parameters.
The interface, protocols and features configuration parameters are changed using the CONFIG process (talk 6) commands. The talk 6 commands affect the contents of the configuration memory. The configuration changes are activated by issuing the GWCON process (talk 5) reset command.
To reset an interface:
Example:
* configuration
Config>net 1
PPP Config>
. . . change PPP parameters . . .
PPP Config>exit
Config>protocol ipx
IPX Config>
. . . change IPX parameters on the PPP interface . . .
IPX Config>exit
Config>
*talk 5
+reset 1
Resetting net 1 PPP/0...successful
| Note: | When using the configuration program, do the following to make configuration
changes to existing interfaces:
|
The reset command cannot be used to reset a network interface if:
In these situations, you must restart or reload the device to activate the configuration changes.
You can change the configuration parameters of the following types of interfaces, but you cannot activate the changes using the reset command:
You must restart or reload the device to activate the configuration changes.
You can change the configuration parameters of the following protocols and features, but you cannot activate the changes using the reset command:
You must restart or reload the device to activate the configuration changes.
There are also requirements for certain functions. They are:
| PPP dial circuits | A PPP dial circuit cannot be reset if any of the dial circuit parameters have changed. |
| Frame Relay dial circuits | A Frame Relay dial circuit cannot be reset if any of the dial circuit parameters have changed. |
| Compression | Compression requires large header and trailer sizes. Unless compression is already enabled on some other interface, it is likely that the header and trailer sizes will be too small. In this case, compression is disabled automatically on the interface and an ELS message is logged (rather than causing the entire reset interface to fail). |
| Bridging |
|
| BGP | Use the BGP reset neighbor command to activate neighbor configuration changes. |
| APPN | Use the activate_new_config command to activate configuration changes. |
| IPX | Use the IPX reset command to activate configuration changes for static routes, static services, and filter-lists. |
| DNA IV | Use the DNA IV set command to activate configuration changes. |
| SNMP | Use the SNMP revert command to activate configuration changes. |
A useful tool for debugging problems with the 2212 is the system dump. The dump is a compressed snapshot that the system saves to the hard file.
To configure dumping:
You can view the status of system dumping or retrieve a dump from the system. See "System View" and System Retrieve, respectively.
To enter the CONFIG process from OPCON and obtain the CONFIG prompt, enter the configuration command. Alternatively, you can enter the OPCON talk command and the PID for CONFIG. The PID for CONFIG is 6.
* configuration
or
* talk 6
The console displays the CONFIG prompt (Config>). If the prompt does not appear, press the Enter key again.
To exit CONFIG and return to the OPCON prompt (*), enter the intercept character. (The default is Ctrl-P .)
This section describes each of the CONFIG commands. Each command includes a description, syntax requirements, and an example. The CONFIG commands are summarized in Table 7.
After accessing the CONFIG environment, enter the configuration commands at
the Config> prompt.
Table 7. CONFIG Command Summary
| Command | Function |
|---|---|
| ? (Help) | Displays all the commands available for this command level or lists the options for specific commands (if available). See "Getting Help". |
| Add | Adds an interface to the device configuration, or a user to the device. |
| Boot | Enters Boot CONFIG command mode. |
| Change | Changes a user's password or a user's parameter values associated with this interface. Also changes a slot/port of an interface. |
| Clear | Clears configuration information. |
| Delete | Deletes an interface from the router configuration or deletes a configured user. Also deletes system dump files. |
| Disable | Disables command completion, login from a remote console, disables modem use |
| Enable | Enables command completion, login from a remote console, enables modem use |
| Event | Enters the Event Logging System configuration environment. |
| Feature | Provides access to configuration commands for independent device features outside the usual protocol and network interface configuration processes. |
| List | Displays system parameters, hardware configuration, a complete user list. |
| Load | Lists, adds, or deletes optional software packages. |
| Network | Enters the configuration environment of the specified network. |
| Patch | Modifies the device's global configuration. |
| Performance | Provides a snapshot of the main processor utilization statistics. |
| Protocol | Enters the command environment of the specified protocol. |
| Qconfig | Initiates the Quick Config process. |
| Set | Sets system-wide parameters for buffers, host name, inactivity timer, packet size, prompt level, number of spare interfaces, dump parameters, location, and contact person. |
| System Retreive | Retrieves dumps |
| System View | Displays the dump settings and the current dump status. Also displays a summary of the dumps. |
| Time | Keeps track of system time and displays it on the console. |
| Unpatch | Restores patch variables to default values. |
| Write | Writes the current configuration information to the nonvolatile memory. |
Use the add command to add an interface to the configuration, or user-access.
This command also recreates device records if the configuration is inadvertently lost.
Syntax:
| Note: | If you are adding more than one interface, the order in which you add them is important because the device assigns a sequential interface number to the device when it is added. This interface number is an index number in the device list; it links the device with other protocol configuration information, such as the IP addresses associated with the device. (For more information, refer to the list devices command, "List".) |
All device and protocol configuration information related to network interfaces is stored by interface number. Any changes made to interface numbers will invalidate much of the device configuration information in the protocols.
In addition to devices that add interfaces to the network, such as single-port and multi-port adapters, the 2212 has a coprocessor called the Compression/Encryption adapter (CEA). This adapter processes packets that require compression or encryption. The command to add this device is add device cea.
Example:
add device dial-circuit Adding device as interface 2
To determine which devices you can add, use the add devices ? command.
| Note: | You can use punctuation, such as parentheses and dashes, but the punctuation is not significant (the router uses only the numbers). |
Example: add isdn-address line 1 local Assign network dial address [0 - 32 digits]? 1 2345 67 Assign network subdial address [0 - 19 digits]? 98765
| Note: | MPPE cannot use the RADIUS, TACACS, or TACACS+ server. For MPPE, the PPP user data base must be local. |
If ECP has been enabled for the user, you are prompted for the PPP user name, password, IP address, and encryption key .
If the DIALs feature is in the software load, you are asked if this is a DIALs user.
If you are adding a user for a DIALs client, then you are prompted for the hostname, type of route, network mask, connect time, call-back information, and dial-out capability.
See "Using a Dial-In Access to LANs (DIALs) Server" in the Using and Configuring Features for more information.
A user profile stored locally on the device consists of the following:
Valid values: yes, no
Default value: no
Valid values: yes, no
Default value: no
Valid values: 0 to 360
Default value: 180
Valid values: 0 to 100
Default value: 0
A host route is generally applied for single-user access. A net route is generally applied to a network access. A net route allows you to enter a net mask.
A user profile-based IP address to offer to a dial-in client if requested. There are a number of ways for a 2212 to obtain an IP address for a dial-in client. See "IP Control Protocol" for more information.
Valid values: any valid IP address
Default value: none
If the dial-in user is connecting to a DIALs-enabled PPP interface, the router automatically adds a temporary static route to that client for the duration of the PPP session. Typically, this static route has a net mask of 255.255.255.255 (the default value), which implies that there is a single IP host at the other end of the PPP link. However, the net mask can be overridden. If configured, this mask is used when adding the temporary route. An example of this is a small router with a single network of hosts that dials into a DIALs-enabled router. The single route to the small office router will be installed automatically based on the user profile, making it unnecessary to configure routing protocols between the two hosts and cutting down on routing traffic overhead over a potentially slow link.
Valid Values: 0 to 71 827 788 minutes (0=unlimited)
Default Value: 0
This parameter is specific to clients using the DIALs dial-out client. Enabling dial-out for a ppp-user allows this user to access a modem-pool of dial-out circuits. See "Using a Dial-In Access to LANs (DIALs) Server" in Using and Configuring Features for more information.
Valid values: yes, no
Default value: no
This parameter is displayed only if PPP Encryption Control Protocol (ECP) has been enabled using the talk 6 PPP Config> enable ecp command. MPPE does not require an encryption key. This ECP encryption key is used by the PPP Encryption Control Protocol (ECP). See "Using and Configuring Encryption Protocols" in Using and Configuring Features.
Valid values: yes, no
Default value: no
Example:
Config> add ppp-user
Enter name: [ ]? pppusr01
Password:
Enter again to verify:
Allow inbound access for user? (Yes, No): [yes]
Will user be tunneled? (Yes, No): [No]
Number of days before account expiry[0-1000] [0]? 10
Number of grace logins allowed after an expiry[0-100] [0]? 5
IP address: [0.0.0.0]? 1.1.1.1
Set ECP encryption key for this user? (Yes, No): [No] no
Disable user ? (Yes, No): [No]
PPP user name: pppusr01
User IP address: 1.1.1.1
Virtual Conn: disabled
Encryption: disabled
Status: enabled
Login Attempts: 0
Login Failures: 0
Lockout Attempts: 0
Account expires: Sun 17Feb2036 06:28:16
Account duration: 10 days 00.00.00
Password Expiry: <unlimited>
User 'pppusr01' has been added
Example:
Config> add ppp-user Enter name: [ ]? tunusr01 Password: Enter again to verify: Allow inbound access for user? (Yes, No): [yes] Will user be tunneled? (Yes, No): [No] yes Enter hostname to use when connection to this peer: []? host01 Tunnel-Server endpoint address: [0.0.0.0]? 1.1.1.1 --more-- PPP user name: tunusr01 --more-- Endpoint: 1.1.1.1 --more-- Hostname: host01 User 'tunusr01' has been added
Example with ECP encryption:
Config>add ppp-user
Enter name: [ ]? ppp_user2
Password:
Enter again to verify:
Allow inbound access for user? (Yes, No): [Yes]
Will user be tunneled? (Yes, No): [No]
Is this a 'DIALs' user? (Yes, No): [Yes]
Type of route? (hostroute, netroute): [hostroute]
Number of days before account expiry[0-1000] [0]?
Number of grace logins allowed after an expiry[0-100] [0]?
IP address: [11.0.0.185]?
Allow virtual connections? (Yes, No): [No]
Give user default time allotted ? (Yes, No): [Yes]
Enable callback for user? (Yes, No): [No]
Will user be able to dial-out ? (Yes, No): [No]
Set ECP encryption key for this user? (Yes, No): [No] y
Encryption key should be 16 characters long.
Encryption Key (16 characters ) in Hex(0-9, a-f, A-F):
Encryption Key again (16 characters) in Hex(0-9, a-f, A-F):
ECP encryption key is set.
Disable user ? (Yes, No): [No]
PPP user name: ppp_user2
User IP address: 11.0.0.185
Netroute Mask: 255.255.255.255
Hostname: Virtual Conn: disabled
Time alotted: Box Default
Callback type: disabled
Dial-out: disabled
Encryption: enabled
Status: enabled
Login Attempts: 0
Login Failures: 0
Lockout Attempts: 0
Account Expiry: Password Expiry:
Is information correct? (Yes, No, Quit): [Yes]
User 'ppp_user1' has been added
Example:
Config> add tunnel
Enter name: []? tunnel02
Enter hostname to use when connecting to this peer: []? host02
Set shared secret? (Yes, No): [No]? yes
Shared secret for tunnel authentication:
Enter again to verify:
Tunnel-Server endpoint address: [0.0.0.0]? 2.2.2.22
Tunnel name: tunnel02
Endpoint: 2.2.2.22
When the first user is added, console login is automatically enabled. Each user added must be assigned one of the permission levels defined in Table 8.
When users are added, set login authentication to local. Otherwise a
remote server must be used.
| Permission Level | Description |
|---|---|
| Administrator (A) | Displays configuration and user information, adds/modifies/deletes configuration and user information. The Administrator can access any router function. |
| Operator (O) | Views router configuration, views statistics, runs potentially disruptive tests, dynamically changes router operation, and restarts the router. Operators cannot modify the permanent router configuration. All actions can be undone with a system restart. |
| Monitor (M) | Views router configuration and statistics but cannot modify or disrupt the operation of the router. |
| Tech Support | Allows your service representative to gain access to the router if a password is forgotten. Cannot be assigned to users. |
| Note: | To add a user, you must have administrative permission. You do not have to reinitialize the router after adding a user. |
Example:
add user John Enter password: Enter password again: Enter permission (A)dmin, (O)perations, (M)onitor [A]? Do you want to add Technical Support access? (Yes or [No]):
| Note: | You can use punctuation, such as parentheses and dashes, but the punctuation is not significant (the router uses only the numbers). |
Example: add v25-bis-address remote-site baltimore 1-909-555-0983
| Note: | You can use punctuation, such as parentheses and dashes, but the punctuation is not significant (the router uses only the numbers). |
Example: add v34-address
Assign address name [1-23] chars []? remote-site-baltimore Assign network dial address [1-20 digits][]? 1-909-555-1234
Use the boot command to enter the Boot CONFIG command environment. For Boot CONFIG information, see "Using BOOT Config to Perform Change Management".
Syntax:
Use the change command to modify an interface in the configuration,change your own password, or change user information.
Syntax:
When the target slot is occupied:
When the target port is occupied:
Example - Change slot 5 on interface 0 to unoccupied slot 7:
Config>li dev Ifc 0 WAN PPP Ifc 1 WAN PPP Ifc 2 WAN PPP Ifc 3 WAN PPP Ifc 4 1-port IBM Token Ring Slot: 5 Port: 1 Ifc 5 2-port IBM Token Ring Slot: 1 Port: 1 Ifc 6 2-port IBM Token Ring Slot: 1 Port: 2 Ifc 7 2-port IBM Token Ring Slot: 2 Port: 1 Ifc 8 2-port IBM Token Ring Slot: 2 Port: 2 Ifc 9 2-port 10/100 Ethernet Slot: 3 Port: 1 Ifc 10 2-port 10/100 Ethernet Slot: 3 Port: 2 Ifc 11 ISDN Basic Slot: 4 Port: 1 Config>change device Which configured slot would you like to change? (1, 2, 3, 4, 5, 6)[1]? 5 Change all ports on slot # 5 (Yes or No)? [Yes]: y Which slot would you like to change to? (1-8) [1]? 4 Changed slot 5 to slot 4 in 1 intf (port) record... Config>li dev Ifc 0 WAN PPP Ifc 1 WAN PPP Ifc 2 WAN PPP Ifc 3 WAN PPP Ifc 4 1-port IBM Token Ring Slot: 4 Port: 1 Ifc 5 2-port IBM Token Ring Slot: 1 Port: 1 Ifc 6 2-port IBM Token Ring Slot: 1 Port: 2 Ifc 7 2-port IBM Token Ring Slot: 2 Port: 1 Ifc 8 2-port IBM Token Ring Slot: 2 Port: 2 Ifc 9 2-port 10/100 Ethernet Slot: 3 Port: 1 Ifc 10 2-port 10/100 Ethernet Slot: 3 Port: 2 Ifc 11 ISDN Basic Slot: 5 Port: 1
| Note: | To change a user password, you must have administrative permission. |
Example:
change password Enter current password: Enter new password: Enter new password again:
Syntax:
Example - Change Encryption key:
Config>change ppp_user encryption-key Enter user name: []? leslie Enable encryption for this user/port (y/n) [No]:y Encryption key should be 16 characters long. Encryption Key (16 characters ) in Hex(0-9, a-f, A-F): Encryption Key again (16 characters) in Hex(0-9, a-f, A-F): User 'leslie' has been updated Config>
Example - Change password:
Config>change ppp_user password Enter user name: []? sam Password: Enter password again: User 'sam' has been updated Config>
| Note: | To change a user, you must have administrative permission. |
Example:
change user User name: [] Change password? (Yes or No) Change permission? (Yes or [No])
Config>change tunnel-profile Enter name: []? lac.org Enter hostname to use when connecting to this peer: [lns.org]? set shared secret? (Yes, No): [No] Tunnel-Server endpoint address: [11.0.0.1]? 11.0.0.2 profile 'lac.org' has been updated Config>
Use the clear command to delete the device's configuration information from nonvolatile configuration memory.
Attention: Use this command only after calling your service representative.
Syntax:
| *Note: | HOD and WEBC do not coexist in the same software image. |
To clear a process from nonvolatile configuration memory, enter the clear command and the process name. To clear all information from configuration memory, except for device information, use the clear all command. To clear all information, including the device information, use the clear all command and then the clear device command.
The clear user command clears all user information except the device console login information. This is left as enabled (if it was configured as enabled) even though the default value is "disabled".
Notes:
Example: clear els
You are about to clear all Event Logging configuration information Are you sure you want to do this (Yes or No):
| Note: | The previous message appears for any parameter configuration you are clearing. |
Use the delete command to remove an interface or range of interfaces from the list of devices stored in the configuration, or to remove a user. To use the delete command, you must have administrative permission.
Syntax:
This command deletes the device configuration and any protocol information for that coprocessor. However, these changes will not take effect until the 2212 is reloaded or restarted.
The delete interface command deletes the device configuration and any protocol information for that interface. However, the device will continue to run the previous configuration until it is reloaded.
If deleting a base ISDN interface , all virtual interfaces running on that base net will also be deleted. So, any dial circuits configured on a base ISDN interface will be removed when the ISDN interface is deleted.
To delete a range of interfaces, specify the first and last interface in the range separated by a hyphen, as shown in the following example:
delete interface 13-21
You can also enter an interface number or range of interface numbers, when prompted.
The delete interface command deletes the device configuration and any protocol information for that interface. However, the device will continue to run the previous configuration until it is reloaded.
If deleting a base ISDN interface , all virtual interfaces running on that base net will also be deleted. So, any dial circuits configured on a base ISDN interface will be removed when the ISDN interface is deleted.
To delete a range of interfaces, specify the first and last interface in the range separated by a hyphen, as shown in the following example:
delete interface 13-21
You can also enter an interface number or range of interface numbers, when prompted.
| Note: | If the address-name contains spaces (for example, remote site XYZ), you cannot enter the command on one line. Type delete isdn-address and press Return. Then enter the name when prompted. |
| Note: | If the address-name contains spaces (for example, remote site Baltimore), you cannot enter the command on one line. Type delete v25-bis-address and press Return. Then enter the name when prompted. |
| Note: | If the address-name contains spaces (for example, remote site New York), you cannot enter the command on one line. Type delete v34-address and press Return. Then enter the name when prompted. |
Use the disable command to disable command completion, login from a remote console, disables modem use
Syntax:
Use the disable command-completion command to disable the automatic command completion function. See "Command Completion" for a discussion of the automatic command completion function.
| Note: | Command completion defaults to disabled for existing configurations and defaults to enabled for new configurations. If you are using an existing configuration and want to use command completion, you need to use the enable command-completion command to enable this function. |
System reboot not disabled: memory dumping must be disabled first
Use the enable command to enable command completion, login from a remote console, disables modem use
Syntax:
Use the enable command-completion command to enable the automatic command completion function, which assists with the command syntax. See "Command Completion" for a discussion of the automatic command completion function.
Warning: Console login is disabled until an administrative user is added.
| Attention: | Before enabling console login, save the configuration with console login disabled. If login authentication is set to a remote server using Radius or Tacacs+ and the device is unable to reach the authentication server, then access to the device is denied. By disabling the console login, a lock-out situation is prevented. |
System memory dump function not enabled: rebooting must be enabled first
If you configured system dumping to save the first 3 dump files and 3 dump files already exist, the system displays the following message when you enable dump memory:
*** System dump cannot be enabled until the *** *** existing dump files are deleted. ***
| Note: | If the dump target is set to Network, only small dump summary files will exist on the local disk. The full dump files are sent to a remote host. |
See the set dump enable-mode, set dump save-mode, and set dump target commands.
Example:
Config> enable dump Current System Dump Status: System dump is currently disabled. Number of existing dump files: 0 Enable system memory dumping? [No]: Yes Current System Dump Status: System dump is currently enabled. Number of existing dump files: 0
| Note: | If you enter this command and the dump target is set to local hard disk but a hard file is not available, you will receive a message indicating that the drive is unavailable. |
Set your modem for auto-answer.
Verify that the console baud rate is equal to the modem baud rate.
Verify that the cable connecting the modem to the device is configured correctly.
Turn echo off by using the ATE0 command.
Run in quiet mode by using the ATQ1 command.
Verify that any necessary jumpers are set. Refer to your device's User's Guide more information. The device automatically hangs up the modem when you log out. Also, if your modem becomes disconnected from the device while you are using it, the device logs you out.
Specify the service port for both the enable modem-control carrier-wait and the enable modem-control ring-wait commands. For devices with two service ports, also specify to which service port you connected the modem, either service1 or service2. To enable both service ports, enable them separately.
| Note: | No console connection can be made with the device after enabling modem control unless you clear all configuration and restart the device. |
You can tell the device to wait for the carrier-detect signal from the modem before sending Request to Send. This is the standard method of modem control.
You can tell the device to wait for the ring-indication signal before raising Request to Send or Data Terminal Ready. This is provided for countries requiring an earlier handshake.
Example:
Config> enable modem-control carrier-wait service1
Use the event command to enter the Event Logging System (ELS) environment so that you can define the messages that will appear on the console. Refer to "Using the Event Logging System (ELS)" for information about ELS.
Syntax:
Use the feature command to access configuration commands for specific device features outside of the protocol and network interface configuration processes.
Syntax:
All 2212 features have commands that are executed by:
The procedure for accessing these processes is the same for all features. The following information describes the procedure.
Enter a question mark after the feature command to obtain a listing of the features available for your software release.
To access a feature's configuration prompt, enter the
feature command followed by the feature number or short
name. Table 9 lists available feature numbers and names.
Table 9. IBM 2212 Feature Numbers and Names
|
Feature Number |
Feature Short Name |
Accesses the following feature configuration process |
|---|---|---|
| 0 | WRS | WAN Restoral/Reroute |
| 1 | BRS | Bandwidth Reservation |
| 2 | MCF | MAC Filtering |
| 4 | VCRM | Virtual Circuit and Resource Management |
| 7 | ES | Encoding Subsystem |
| 8 | NDR | Network Dispatcher |
| 9 | DIALs | Dial-In-Access to LANs |
| 10 | AUTH | Authentication |
| 11 | IPSec | IP Security feature user configuration |
| 12 | LAYER | Layer 2 Tunneling Protocol, Layer 2 Filtering, Point-to-Point Tunneling Protocol |
| 13 | NAT | Network Address Translator user configuration |
| 14 | TSF | Thin Server Function |
| 15 | WEBC | Web Server Cache1 |
| 15 | HOD | Host on Demand Client Cache1 |
| 16 | DHCP | DHCP Services |
| 19 | VOICE | Voice adapter features |
| 20 | POLICY | Policy feature |
| 21 | DS | Differentiated services |
| 1HOD and WEBC do not coexist in the same software image; that is why they have the same feature number. These features are available only on the release 2 system card of the2212. | ||
Once you access the configuration prompt for a feature, you can begin entering specific configuration commands for the feature. To return to the CONFIG prompt, enter the exit command at the feature's configuration prompt.
Use the list command to display configuration information for all network interfaces, or configuration information for the device.
Syntax:
Example: list configuration
Config>list config Hostname: [none] Maximum packet size: [autoconfigured] Maximum number of global buffers: [autoconfigured] Number of spare interfaces: 0 Console inactivity timer (minutes): 0 Physical console login: disabled System rebooting on error: disabled System memory dump enable-mode: Disable System Dump following the next system dump. System memory dump save-mode: Save the last 3 (most recent) compressed dump files. System memory dumping: disabled Contact person for this node: [none] Location of this node: [none] Configurable Protocols: Num Name Protocol 0 IP DOD-IP 3 ARP Address Resolution 4 DN DNA Phase IV 6 VIN Banyan Vines 7 IPX NetWare IPX 8 OSI ISO CLNP/ESIS/ISIS 9 DVM Distance Vector Multicast Routing Protocol 10 BGP Border Gateway Protocol 11 SNMP Simple Network Management Protocol 12 OSPF Open SPF-Based Routing Protocol 13 IPv6 IPv6 20 SDLC SDLC/HDLC-Relay 22 AP2 AppleTalk Phase 2 23 ASRT Adaptive Source Routing Transparent Enhanced Bridge 24 HST TCP/IP Host Services 25 LNM LAN Network Manager 26 DLS Data Link Switching 27 XTP X.25 Transport Protocol 31 RSVP Resource reSerVation Protocol 33 PIM6 Protocol Independant Multicast for IP6 35 NDP6 NDP6 for IPv6 36 RIP6 RIP6 for IPv6 38 BRLY Bisync Relay Configurable Features: Num Name Feature 0 WRS WAN Restoral 1 BRS Bandwidth Reservation 2 MCF MAC Filtering 4 VCRM VC & Resource Management 7 CMPRS Data Compression Subsystem 8 NDR Network Dispatching Router 9 DIALs Dial-in Access to LANs 10 AUTH Authentication 11 IPSec IPSecurity 12 L2TP Layer-2-Tunneling 13 NAT Network Address Translation
You can also specify a range of devices to list as shown in the following example:
Ifc 2 WAN PPP Ifc 3 WAN PPP Ifc 4 1-port IBM Token Ring Slot: 5 Port: 1 Ifc 5 2-port IBM Token Ring Slot: 1 Port: 1
| Note: | If you do not specify an interface number or a range of interfaces, all interfaces are displayed. |
Example: list devices
Ifc 0 Token Ring Slot: 1 Port: 1 Ifc 1 Token Ring Slot: 1 Port: 2 Ifc 2 Token Ring Slot: 2 Port: 1 Ifc 3 Token Ring Slot: 2 Port: 2 Ifc 4 Ethernet Slot: 4 Port: 1 Ifc 5 Ethernet Slot: 4 Port: 2 Ifc 6 Ethernet Slot: 5 Port: 1 Ifc 7 Ethernet Slot: 5 Port: 2 Ifc 8 Ethernet Slot: 6 Port: 1 Ifc 9 Ethernet Slot: 6 Port: 2 Ifc 10 V.35/V.36 Frame Relay Slot: 8 Port: 0 Ifc 11 V.35/V.36 X.25 Slot: 8 Port: 1 Ifc 12 V.35/V.36 PPP Slot: 8 Port: 2 Ifc 13 V.35/V.36 PPP Slot: 8 Port: 3 Ifc 14 V.35/V.36 PPP Slot: 8 Port: 4 Ifc 15 V.35/V.36 PPP Slot: 8 Port: 5
| Note: | The number of receive buffers noted are exceptions from the receive buffer defaults. The set receive buffers command is discussed under "Set". |
Example: list isdn-address Address assigned name Network Address Network Subdial Address --------------------- --------------- ----------------------- remote site XYZ 1 2345 67 98765
Example:
list patches Patched variable Value ping-size 60 ping-ttl 59 ethernet-security 3
Example: List of PPP users when DIALs is not in the software load
Config> list ppp_users
List (Name, Verb, User, Addr, Encr):
PPP User Name: joe
User IP Address: Interface Default
Encryption: Not Enabled
Example: List of PPP users when DIALs is in the software load
Config> list ppp_users
List (Name, Verb, User, Addr, Call, Time, Dial, Encr):
PPP User Name: joe
User IP Address: Interface Default
Net-Route Mask: 255.255.255.255
Hostname: <undefined>
Time-Allotted: Box Default
Call-Back Type: Not Enabled
Dial-Out: Not Enabled
Encryption: Not Enabled
When you enter list ppp_users, the software will prompt you to enter one of the following:
Example:
Config>list tunnel-profile Endpoint Tunnel name Hostname 11.0.0.192 lac lns 1 TUNNEL record displayed. Config>
Example:
list users USER PERMISSION joe operations mary administrative peter monitor
Example: list v25-bis-address Address assigned name Network Address --------------------- --------------- v25-1 8982800 v25-2 8980001 delaware 1-666-555-4444
Example: list v34-address Local Network Address Name = v403 Local Network Address = 1-508-898-2403
Use the load command to list packages in the software load that are available but not configured, or packages that are configured in the software load. The load command is also used to add or delete a software package.
Syntax:
The software is divided into multiple load modules. These load modules are grouped into software packages. Some of these software packages are optional because, although they are shipped with the product, they are not automatically loaded.
Software packages containing encryption are available from the 2212 Web server accessible using the Internet.
To load and run optional software packages:
Example: load add package appn
Example: load delete package appn
Use the network command to enter the network interface configuration environment for supported networks. Enter the interface or network number as part of the command. (To obtain the interface number, use the CONFIG list device command.) The appropriate configuration prompt (for example, TKR Config>) will be displayed. See the network interface configuration chapters in this book for complete information on configuring your types of network interfaces.
Syntax:
Notes:
Use the patch command for modifying the device's global configuration. Patch variables are recorded in nonvolatile configuration memory and take effect immediately; you do not have to wait for the next restart of the device. This command should be used only for handling uncommon configurations. Anything that you commonly configure should still be handled by using the specific configuration commands. The following is a list of the current patch variables documented and supported for this release.
Syntax:
| Note: | It is preferable to set this parameter with the set ttl IP configuration command. (See the "Set" section of the "Using and Configuring IP" chapter of Protocol Configuration and Monitoring Reference Volume 1 .) This patch variable remains for compatibility with configurations from older releases. |
When set to 1, the LNM link is allowed.
When set to 0, the default, the LNM link is not allowed.
When the operator receives notification, the operator can reconfigure the device and then reboot, minimizing the outage to the network. Specifying 0 for this parameter suppresses this warning.
Valid Values: 0 to 100
Default Value: 10
tftp-max-rxto-time allows you to specify the maximum time to wait for a response from the partner before failing the transfer. Default value: 5 minutes
The units for this patch variable are seconds.
tftp-min-rexmtime allows you to specify the smallest interval of time to wait for a response from the partner before retransmitting the last packet sent. Default value: 1
The units for this patch variable are seconds.
| Note: | You must specify the complete name of the patch variable that you want to change. You cannot use an abbreviated syntax for the patch name. |
Use the performance command at the Config> prompt to enter the configuration environment for performance. See "Configuring and Monitoring Performance" for more information.
Use the protocol command at the Config> prompt to enter the configuration environment for the protocol software installed in the device.
Syntax:
The protocol command followed by the desired protocol number or short name lets you enter a protocol's command environment. After you enter this command, the prompt of the specified protocol appears. From the prompt, you can enter commands specific to that protocol. To return to Config>, enter the exit command.
Notes:
The changes you make through CONFIG are kept in a configuration database in nonvolatile memory and are recalled when you restart the device.
Use the qconfig command to initiate Quick Config. Quick Config allows you to configure parameters for bridging and routing protocols without entering separate configuration environments.
Syntax:
| Note: | For complete information on using the Quick Config software provided with your device, see Appendix A, Quick Configuration Reference. |
Use the set command to configure various system-wide parameters.
Syntax:
This variable is for information purposes only and has no effect on device operation. It is useful for SNMP management identification of the system.
Notes:
| Note: | When you change the data-link type, none of the protocol or feature configuration data associated with the interface is changed. Therefore, you must re-configure any protocol or feature configuration support that is data-link dependent. |
The set down-notify command is used primarily when tunneling LLC traffic over an IP network using OSPF. If an interface goes down, OSPF cannot detect it fast enough because of the length of time that it takes for an interface to be declared down. Therefore, LLC sessions would begin to timeout. You can set the down-notify timer to a lower value, allowing OSPF to sense that an interface is down quicker. This enables an alternate route to be chosen more quickly, which will prevent the LLC sessions from timing out.
| Note: | If the set down-notify command is executed on one end of a serial
link, the same command must be performed at the other end of the link or the
link may not come up and stay up.
The list devices command will show the down notification time setting for any interface that has the default value overridden. |
Active Dump Detected. Dump Compression in Progress, please be patient ... *** System dumping is being DISABLED because dumping is *** *** configured to save the 3 initial dumps, but 3 *** *** dump files already exist. ***
Example:
Config> set dump enable-mode Current System Dump Settings: Disable System Dump following the next system dump. Save the last 3 (most recent) dump files. Do you want to change system dump enable-mode to re-enable System Dump following the next system dump ? (Yes, No): [No] Yes Current System Dump Settings: Re-enable System Dump following the next system dump. Save the last 3 (most recent) dump files. Current System Dump Status: System dump is currently enabled. Number of existing dump files: 2
Default value: disable
| Note: | Dumping is enabled with the enable dump-memory command. |
Example:
Config> set dump save-mode Current System Dump Settings: Re-enable System Dump following the next system dump. Save the last 3 (most recent) dump files. Do you want to change system dump save-mode to save the first (initial) dump files ? (Yes, No): [No] Yes Current System Dump Settings: Re-enable System Dump following the next system dump. Save the first 3 (initial) dump files, then disable system dump. Current System Dump Status: System dump is currently enabled. Number of existing dump files: 2
If the target is a network, then IP and TFTP parameters of both the local LAN interface and the remote host are required. An additional parameter determines whether the file will be sent by TFTP as compressed or uncompressed data.
Example:
Config>set dump target
Current System Dump Target Settings:
Dump Target: Local Hard Disk
Do you want to change the System Dump Target ? (Yes, No): [No] Yes
Enter Dump Target (D-Disk or N-Network): [D]? N
Setting Dump Target to "Network".
Set or Change settings for dumping to the Network ? (Yes, No): [No] Yes
Enter Local LAN Interface Type (E-Eth or T-Tkr): [E]? E
Enter Slot Number (1-2): [1]? 1
Enter Port Number (1-2): [1]? 1
Enter Local IP Address: [9.9.9.6]? 9.9.9.5
Enter Local Netmask: [255.255.255.0]?
Enter Remote IP Address: [9.9.9.1]? 9.9.9.11
Remote Path and File name: /tmp/netdump
Enter Path and File name (32 chars max): /tmp/dump_to_host
Enter File Compression Mode (C-Comp or U-Uncomp): [U]? C
Do you want to save your changes ? (Yes, No): [No] Yes
New System Dump Target Settings:
Dump Target: Remote Host on Network
Local Interface Settings:
Device Type: Ethernet
Slot Number: 1
Port Number: 1
IP address: 9.9.9.5
Net Mask: 255.255.255.0
Remote Host Settings:
IP address: 9.9.9.11
Remote Filename: /tmp/dump_to_host
Remote file will be compressed and "0.cmp", "1.cmp", or "2.cmp" will be
appended to the end of the filename.
When the system dump file is sent by TFTP to the remote host, it will be written as multiple files, which must first be concatenated. For example, if the remote file was specified as /tmp/dump_to_host, and remote files are sent as compressed. The files written on the remote workstation are:
Depending on the total size of the dump, there may be additional files, named as:
In order to decompress and view the dump information, the files must be combined as follows into a single file (note that order is critical):
/tmp> cat dump_to_host0.cmp dump_to_host0.cm1 dump_to_host0.cm2 dump_to_host0.cm3 > dump_to_host0_cat.cmp
As a result, the combined file dump_to_host0_cat.cmp will contain a complete system memory dump image.
If the file was sent by TFTP as uncompressed, the file extensions are .unc, .un1, .un2, and .un3 instead of .cmp, .cm1, .cm2, and .cm3. The uncompressed files must also be concatenated to create a complete system memory dump image. For Example:
/tmp>cat dump_to_host0.unc dump_to_host0.un1 dump_to_host0.un2 dump_to_host0.un3 > dump_to_host0_cat
| Note: | The output file, dump_to_host0_cat. does not require a file extension because the file is not compressed. |
Lowering the low threshold value will make it less likely that packets from this interface will be dropped when sent on congested networks. However, lowering the value may negatively affect performance if underruns occur because the receive buffer queue is empty. Raising the value has the opposite effect. To determine if underruns are occurring, use the GWCON interface command and specify the interface number. To determine if packets from this interface are being dropped because the low threshold has been reached, use the GWCON (Talk 5) error command and look at the Input Flow Drop counter value for the interface.
The range of values is 1 to 255. The default is both product-specific and device-specific. The low threshold should be less than the requested number of receive buffers. Specifying a value of 0 restores the autoconfigured default.
Use the GWCON (Talk 5) buffer and queue commands to show the low threshold setting.
Interface# is the number of the interface you are configuring. Low_#_of_receive_buffers is the low threshold value.
Example: set logging level 76
| Attention: | Use this command only under direct instructions from your service representative. Never use it to reduce packet size - only to increase it. |
The user-defined-name can be any combination of characters, numbers, and spaces up to 80 characters. Special characters may be used to request additional functions as described in Table 10.
Example:
set prompt What is the new MOS prompt [y]? AnyHost 99 AnyHost 99 Config>
Table 10. Additional Functions Provided by the Set Prompt Level Command
| Special Characters | Function Provided by the Set Prompt Level Command | ||
|---|---|---|---|
| $n | Displays the hostname. This is useful when you want the hostname
included in the prompt. For example:
| ||
| $t | Displays the time. For example:
| ||
| $d | Displays the current date-month-year. For example:
| ||
| $v | Displays the software VPD information in the following format: program-product-name Feature xxxx Vx Rx.x PTFx RPQx | ||
| $e | Erases one character after this combination within the user-defined prompt. | ||
| $h | Erases one character before this combination within the user-defined prompt. | ||
| $_ | Adds a carriage return to the user-defined prompt. | ||
| $$ | Displays the $. | ||
| |||
| Note: | This command is not applicable for the 2212 Digital Modem adapter. There are always 5 receive buffers allocated per channel. |
| Note: | This command is not applicable for ISDN Primary Rate Interfaces. For ISDN PRI, the number of receive buffers is fixed at 5 per B-channel, 115 for T1 and 150 for E1. When in channelized mode, the PRI gets 5 receive buffers per configured timeslot. |
Table 11. Default and Maximum Settings for Interfaces
| Interface | Default | Maximum |
|---|---|---|
| 10/100 Mbps Ethernet | 64 | 1000 |
| WAN/Serial | 24 | 255 |
| Note: The WAN/Serial row values apply to interfaces on integrated WAN ports, WAN adapters, and analog modem adapters. | ||
| Voice | 20 | 255 |
| ISDN BRI | 10 | 30 |
| Note: The maximum number of receive numbers for an ISDN-BRI adapter that is running in I.430 mode is 24. | ||
| TKR | 40 | 250 |
Use the system retrieve command to retrieve one or more memory image files from the installed hard file after a serious error has occurred. If dumping is configured to dump to a remote host on the network, only the summary headers will be retrieved.
Syntax:
Uses TFTP to send selected memory image files to a remote host. The system will prompt you for the remote host's IP address and file names.
If there are no dump files, you will receive the following message:
No dump files exist to retrieve
Example:
Config>system retrieve Current System Dump Settings: Dump Target: Local Hard Disk Re-enable System Dump following the next system dump. Save the last 3 (most recent) dump files. Number of existing dump files: 1 Do you want to see a summary of the dump files ? (Yes, No): [No] Yes ------------------------------------------------------ Filename: core0.cmp Dump Date: Mon Jul 27 10:20:03 1998 Fatal messages: Data St. Excp Reading 0x40000000 at 0x123d0 in thread MOSDBG (0x1b1cb8) STACK:0x123D0< 0x123C8< 0x1155C< 0x306C44EC< 0x306BE888< 0x3050ABC0< 0x2DB48 CMVC Build: cc_157a Builder: build Build Name: LML.ld Retain Name: AIS.EH1 Product Number: 2212-AIS Build Date: Mon Jul 27 14:07:09 1998 ------------------------------------------------------ Destination IP address [0.0.0.0]? 9.9.9.1 Filename: core0.cmp Dump Date: Mon Jul 27 10:20:03 1998 Do you want to retrieve this file ? (Yes, No): [No] Yes Fully qualified destination path/file name [/tmp/dump0.cmp]? /tmp/dump_from_disk0.cmp The memory image file is 11.7 Mb long. Proceed? [No]: Yes Sending memory image file by tftp TFTP transfer of /hd0/core0.cmp complete, size=11734001 status: OK tftp transfer completed successfully.
Use the system view command to display the current system dump settings and the status of the system dumps, including how many dump files exist. You can also display a summary of the dump files.
Syntax:
Example:
Config>system view
Current System Dump Settings:
Dump Target: Remote Host on Network
Local Interface Settings:
Device Type: Ethernet
Slot Number: 1
Port Number: 1
IP address: 9.9.9.6
Net Mask: 255.255.255.0
Remote Host Settings:
IP address: 9.9.9.1
Remote Filename: /tmp/netdump
Remote file will be uncompressed and "0.unc", "1.unc", or "2.unc" will be
appended to the end of the filename.
Re-enable System Dump following the next system dump.
Save the last 3 (most recent) dump files.
Current System Dump Status:
System dump is currently enabled.
Number of existing dump files: 1
Do you want to see a summary of the dump files ? (Yes, No): [No] Yes
------------------------------------------------------
Filename: core0.cmp
Dump Date: Mon Jul 27 10:20:03 1998
Fatal messages:
Data St. Excp Reading 0x40000000 at 0x123d0 in thread MOSDBG (0x1b1cb8)
STACK:0x123D0< 0x123C8< 0x1155C< 0x306C44EC< 0x306BE888< 0x3050ABC0< 0x2DB48
CMVC Build: cc_157a
Builder: build
Build Name: LML.ld
Retain Name: AIS.EH1
Product Number: 2212-AIS
Build Date: Mon Jul 27 14:07:09 1998
------------------------------------------------------
Use the time command to set the 2212 system clock and date, and to display the values on the user console. These values can then be used to time-stamp ELS messages.
| Note: | The 2212 has a hardware clock that maintains the date and time after device reinitialization. |
Syntax:
Example: time list 05:20:27 Wednesday December 7, 1994 Set by: operator Time Host: 131.210.4.1 Sync Interval: 10 seconds GMT Offset: -300 minutes
Valid values: -720 to 720
Default value: 0
Example: time set year [1996] 1997 month [12]? date [6]? 7 hour [11]? 12 minute [3]? second [2]?
Use the unpatch command to restore the values of the patch variables entered with the patch command to their default values. See the patch command in "Patch" for details.
Syntax:
| Note: | You must specify the complete name of the patch variable to be restored. |
Use the update command to update the configuration memory when you receive a new software load.
Syntax:
Follow the instructions on the release notice sent with the software. The update command is the last command that you enter when loading new software. After you enter this command, the console displays a message indicating configuration memory is being updated.
Use the write command to save a configuration to the device before reloading.
Syntax:
If you fail to issue the write command and try to reload the device, you will be asked if you want to save the configuration. The configuration is saved in the next CONFIG on the hard disk in the bank you are currently using.