OpenDaylight Command-Line Interface (CLI) - Main - Daylight Project

OpenDaylight Command-Line Interface (CLI):Main
From Daylight Project
Contents
1 OpenDaylight Command Line Interface (CLI) User Guide 2 CLI concepts 2.1 Access and modes 2.2 Navigation and help 2.3 Conventions 3 CLI Commands 3.1 Boot Command 3.1.1 Configure system boot options 3.2 Clearterm Command 3.2.1 Clears and resets the terminal screen 3.3 Configure Command 3.3.1 Enter configure mode 3.4 Connect Command 3.4.1 Connect to a controller's rest api 3.5 Copy Command 3.5.1 Copy configs to other configs 3.6 Enable Command 3.6.1 Enter enable mode 3.7 Ha Command 3.7.1 Perform actions related to high availability 3.8 Ping Command 3.8.1 Ping a switch or ip address 3.9 Reload Command 3.9.1 Reload and reboot 3.10 Rollback Command 3.10.1 Rollback cluster to specified config 3.11 Set Command
3.11.1 Manage cli sessions settings 3.12 Traceroute Command 3.12.1 Determine the l3 path to some destination 3.13 Upgrade Command 3.13.1 Manage the controller upgrade process 3.13.2 Manage the controller upgrade process 3.14 Write Command 3.14.1 Write config to memory or terminal, or clear 3.15 Test Command 3.15.1 Perform various tests on the network 3.15.2 Perform various tests on the network 3.16 Configuration Commands 3.16.1 Address-space Commands 3.16.1.1 Enter address space submode 3.16.1.2 Set address-space active 3.16.1.3 Provide description for this address-space 3.16.1.4 Set an address-space identifier rule 3.16.1.5 Set rule to active 3.16.1.6 Provide description for identifier rule 3.16.1.7 Associate switch with identifier rule 3.16.1.8 Associate tag with identifier rule 3.16.1.9 Associate vlans with identifier rule 3.16.1.10 Describe priority for identifier rule 3.16.1.11 Describe address-space origin 3.16.1.12 Set address-space priority 3.16.1.13 Egress vlan tag 3.16.2 Onv Commands 3.16.2.1 Enter onv submode, manage access lists 3.16.2.2 Associate interface with access-list 3.16.2.3 Enter onv access-list submode 3.16.2.4 Provide a description for a onv access list 3.16.2.5 Define acl details for this access-list 3.16.2.6 Set onv priority 3.16.2.7 Enter onv-if submode 3.16.3 ONV-definition Commands 3.16.3.1 Enter onv definition submode 3.16.3.2 Set onv active 3.16.3.3 Configure arp mode 3.16.3.4 Configure broadcast mode 3.16.3.5 Provide description for a onv instance 3.16.3.6 Configure dhcp ip address 3.16.3.7 Set dhcp mode 3.16.3.8 Set rule to active 3.16.3.9 Enable multiple interface rule matches 3.16.3.10 Provide description for interface rule
3.16.3.11 Associate ip-subnet (ip or cidr range) for interface rule 3.16.3.12 Associate mac (host) with interface rule 3.16.3.13 Associate switch with interface rule 3.16.3.14 Associate tags with interface rule 3.16.3.15 Associate vlans with interface rule 3.16.3.16 Describe priority for interface rule 3.16.3.17 Describe onv origin 3.16.3.18 Associate address space 3.16.3.19 Set onv priority 3.16.4 Controller-node Commands 3.16.4.1 Enter configuration submode for controller-nodes 3.16.4.2 Set clock 3.16.4.3 Configure time zone 3.16.4.4 Associate dns, default gateway with the controller node 3.16.4.5 Attach alias to controller 3.16.4.6 Enter interface submode, configure controller interface 3.16.4.7 Configure firewall rule for controller-node 3.16.4.8 Associate ip address with interface 3.16.4.9 Configure logging (syslog) for controller-node 3.16.4.10 Configure ntp for controller-node 3.16.5 Feature Commands 3.16.5.1 Enable features for controller 3.16.6 Ha Commands 3.16.6.1 Configure high availability 3.16.7 Version Commands 3.16.7.1 Move to a specific version of command syntax 3.16.8 Forwarding Commands 3.16.8.1 Configure forwarding service properties 3.16.9 Host Commands 3.16.9.1 Host submode, configure host details 3.16.9.2 Attach alias to host 3.16.9.3 Configure security policies for host 3.16.10 Snmp-server Commands 3.16.10.1 Smnp configuration, enable server, configure parameters 3.16.11 Switch Commands 3.16.11.1 Enter switch submode, configure switch details 3.16.11.2 Set actions for this flow 3.16.11.3 Set flow active 3.16.11.4 Associate cookie for flow 3.16.11.5 Configure dst-ip match for flow 3.16.11.6 Configure dst-mac match for flow 3.16.11.7 Configure dst-port match for flow 3.16.11.8 Configure ether-type match for flow 3.16.11.9 Set hard-timeout for this flow 3.16.11.10 Set idle-timout for this flow
3.16.11.11 Configure wildcards for flow 3.16.11.12 Set priority of the flow 3.16.11.13 Configure ether-type match for flow 3.16.11.14 Configure src-ip match for flow 3.16.11.15 Configure src-mac match for flow 3.16.11.16 Configure src-port match for flow 3.16.11.17 Configure ether-type match for flow 3.16.11.18 Configure vlan-id match for flow 3.16.11.19 Configure vlan-priority match for flow 3.16.11.20 Configure wildcards for flow 3.16.11.21 Enter flow-entry submode, configure single static flow entry 3.16.11.22 Configure interface as connected to an external network 3.16.11.23 Enable core-switch property for this switch 3.16.11.24 Enter switch-if submode, configure switch interface 3.16.11.25 Attach alias to switch interface 3.16.11.26 Attach alias to switch 3.16.11.27 Enable/disable tunnel creation for this switch 3.16.12 Aaa Commands 3.16.12.1 Configure accounting parameters 3.16.13 Tacacs Commands 3.16.13.1 Tacacs timeout, ip server address 3.16.14 Tag Commands 3.16.14.1 Enter tag, configure switch details 3.16.14.2 Set the match rule for this tag 3.16.15 Tech-support-config Commands 3.16.15.1 Manage command output for show tech-support 3.16.16 Tenant Commands 3.16.16.1 Enter tenant definition submode 3.16.16.2 Set tenant active 3.16.16.3 Provide description for a tenant instance 3.16.16.4 Describe tenant origin 3.16.16.5 Set routing rule 3.16.16.6 Provide description for a virtual router instance 3.16.16.7 Describe virtual router origin 3.16.16.8 Describe virtual router interface origin 3.16.16.9 Add ip address to the gateway pool 3.16.16.10 Set virtual router interface active 3.16.16.11 Set virtual router interface ip address 3.16.16.12 Enter virtual router definition submode 3.16.16.13 Enter virtual router gateway pool definition submode 3.16.16.14 Enter virtual router interface definition submode 3.16.17 Topology Commands 3.16.17.1 Enable features for controller 3.16.18 Vcenter Commands 3.16.18.1 Enter vcenter submode, configure vcenter details
3.16.18.2 Enable vcenter connect 3.16.18.3 Enter vcenter-dvs submode, describe port groups 3.16.18.4 Associate ip address for vcenter connection 3.16.18.5 Configure vcenter password for login 3.16.18.6 Describe dvs portgroup 3.16.18.7 Associate http port for vcenter connection 3.16.18.8 Configure vcenter username for login 3.16.19 Arp Commands 3.16.19.1 Set static arp 3.17 Show Commands 3.17.1 Show Address-space Commands 3.17.1.1 Show all address spaces 3.17.1.2 Show a specific address space 3.17.1.3 Show the configured identifier-rules for a specific address space 3.17.2 Show onv-definition Commands 3.17.2.1 Show all defined onvs belong to current tenant 3.17.2.2 Show specific onv, identified by name 3.17.2.3 Show onv associated details based on name 3.17.3 Show onv-interface-access-list Commands 3.17.3.1 Show access-group details 3.17.4 Show onv-access-list Commands 3.17.4.1 Show onv access lists 3.17.5 Show onv-access-list-entry Commands 3.17.5.1 Show onv access list rules 3.17.6 Show onv-interface Commands 3.17.6.1 Show onv associated interfaces 3.17.7 Show Controller-interface Commands 3.17.7.1 Show controller-node associated interfaces 3.17.8 Show Controller-node Commands 3.17.8.1 Show controller nodes summaries 3.17.8.2 Show controller-node associated details by name 3.17.8.3 Show detailed controller-node related statistics 3.17.8.4 Show statistics for a given controller node 3.17.9 Show Config Commands 3.17.9.1 Show saved configs (ex: startup-config, etc) 3.17.10 Show Config-file Commands 3.17.10.1 Show a specific saved config file 3.17.11 Show Event-history Commands 3.17.11.1 Show recent network or system events 3.17.12 Show External-ports Commands 3.17.12.1 Show switch ports connected to external l2 networks 3.17.13 Show Feature Commands 3.17.13.1 Show enabled and disabled features 3.17.14 Show Firewall-rule Commands 3.17.14.1 Show firewall rules for controller interfaces
3.17.15 Show Flow-entry Commands 3.17.15.1 Show configured static flow-entries 3.17.16 Show Global-config Commands 3.17.16.1 Show high availability configuration 3.17.17 Show Logging Commands 3.17.17.1 Show various controller logs 3.17.18 Show Running-config Commands 3.17.18.1 Show the current active configuration 3.17.19 Show Switch-cluster Commands 3.17.19.1 Show groups of interconnected openflow switches 3.17.20 Show Tech-support Commands 3.17.20.1 Show tech-support, collect output of various commands 3.17.21 Show This Commands 3.17.21.1 Show the object associated with the current submode 3.17.22 Show Host Commands 3.17.22.1 Show host details based on query 3.17.22.2 Show various host related details by query 3.17.23 Show Link Commands 3.17.23.1 Show links, controller managed switch to switch interfaces 3.17.24 Show Snmp-server-config Commands 3.17.24.1 Show snmp configuration 3.17.25 Show Switches Commands 3.17.25.1 Show switch summary 3.17.25.2 Show realtime stats for switch 3.17.25.3 Show stats for selected switch 3.17.25.4 Show statistics for a given switch 3.17.25.5 Show interfaces for selected switch 3.17.25.6 Show switch tcpdump via controller 3.17.25.7 Show switch details via query 3.17.26 Show Switch-interfaces Commands 3.17.26.1 Show interfaces for switch associated with current submode 3.17.27 Show Switch Commands 3.17.27.1 Show tunnels for all switches 3.17.27.2 Show tunnels for selected switches 3.17.28 Show Tacacs-plus-config Commands 3.17.28.1 Show tacacs operational state 3.17.29 Show Tag Commands 3.17.29.1 Show configured tags 3.17.30 Show Tech-support-config Commands 3.17.30.1 Show tech-support configuration 3.17.31 Show Tenant Commands 3.17.31.1 Show defined tenants 3.17.31.2 Show specific tenant, identified by name 3.17.31.3 Show specific tenant, identified by name 3.17.32 Show Dvs Commands
3.17.32.1 Show vcenter dvs details 3.17.33 Show Dvs-port-group Commands 3.17.33.1 Show vcenter dvs port-group details 3.17.34 Show Vcenter Commands 3.17.34.1 Show vcenter configurations 3.17.34.2 Show vcenter description by name 3.17.34.3 Show vcenter operational status by name 3.17.35 Show Static-arp Commands 3.17.35.1 Show all configured static arps 3.17.36 Show Virtualrouter Commands 3.17.36.1 Show specific virtual router, identified by name 3.17.36.2 Show specific virtual router, identified by name
OpenDaylight Command Line Interface (CLI) User Guide

The OpenDaylight Command-Line Interface (CLI) is a management interface to the OpenDaylight Network Virtualization and OpenDaylight SDN Controller Platform. The CLI is packaged along with OSCP in the same source repository. Please see the OSCP User Guide for instructions on installation and configuration of OSCP.
CLI concepts
Access and modes
The CLI can be accessed through the console window of the virtual machine or by using ssh to connect to the virtual machine. Logging in as the admin user gives access to the CLI. The admin user will be logged into the CLI in login mode. The prompt will have a > to indicate this mode. Enter enable mode by typing the enable command. The prompt will have a # to indicate this mode. Enter config mode by typing the configure command. The prompt will have a (config)# to indicate this mode. There are a number of config submodes which will be indicated in the prompt as (config-<submode>)#, and each submode allows configuration of a specific type of object in the database. Type exit to return to the previous mode, or type end to exit all config modes and return to enable mode.
Navigation and help

There are a number of ways users can navigate the CLI and receive help at any time.
For navigation, the CLI implements a Linux/shell-style navigation - for example: Ctrl-B - back one character Ctrl-F - forward one character Ctrl-A - move to the start of the line Ctrl-E - move to the end of the line Ctrl-P - display the previous command - can be repeated to go through history Ctrl-R - search for text among previous commands Refer to http://tiswww.case.edu/php/chet/readline/readline.html for more information on all keyboard shortcuts and facilities. Help is also accessible by typing the command help. The output will vary based on the specific mode the user is in. Command completion at any point can be pressing tab once or twice. Pressing tab once will complete the value if possible, and pressing tab twice will show all possible completions. Type the ? character to show completions at any time. The CLI will accept shortened versions of commands and options so long as there is no ambiguity in the commands. For example, sh run will be interpreted as show running-config. CLI conveniences: pipes, watching commands, and other tricks The output of any CLI command can be piped to common Unix shell utilities such as grep, awk, wc, tail, more, or less. This can make searching for data or browsing through output significantly easier. For example, to find all the ports of a given switch, type:
1 0 . 0 . 2 . 1 5 >s h o wp o r t|g r e p: 2 4 0 0 : 0 a : 0 0 : 2 4 : a 8 : c 4 : 6 9 : 0 05 2 2 8 0 0 : 0 a : 0 0 : 2 4 : a 8 : c 4 : 6 9 : 0 05 4 3 0 0 0 : 0 a : 0 0 : 2 4 : a 8 : c 4 : 6 9 : 0 05 6 3 2 0 0 : 0 a : 0 0 : 2 4 : a 8 : c 4 : 6 9 : 0 05 7 3 3 0 0 : 0 a : 0 0 : 2 4 : a 8 : c 4 : 6 9 : 0 05 8 3 4 1 0 . 0 . 2 . 1 5 >
0 0 : 2 4 : a 8 : c 4 : 6 9 : c c 0 0 : 2 4 : a 8 : c 4 : 6 9 : c a 0 0 : 2 4 : a 8 : c 4 : 6 9 : c 8 0 0 : 2 4 : a 8 : c 4 : 6 9 : c 7 0 0 : 2 4 : a 8 : c 4 : 6 9 : c 6
The CLI provides begin, include, and exclude as pipe options that may be familiar to administrators of existing network devices. begin is useful for starting to view large output at a particular point. For example, to see just the lsof output of show tech-support, type:
1 0 . 0 . 2 . 1 5 >s h o wt e c h s u p p o r t|b e g i nl s o f| m o r e E x e c u t i n go sc o m m a n d :s u d ol s o f C O M M A N D P I D U S E R F D T Y P E i n i t 1 r o o t c w d D I R i n i t 1 r o o t r t d D I R i n i t 1 r o o t t x t R E G i n i t 1 r o o t m e m R E G i n i t 1 r o o t m e m R E G i n i t 1 r o o t m e m R E G
D E V I C ES I Z E / O F F 8 , 1 6 4 0 9 6 8 , 1 6 4 0 9 6 8 , 1 6 1 2 5 6 4 0 8 , 1 6 5 1 7 1 2 8 , 1 6 4 3 5 5 2 8 , 1 6 9 7 2 5 6
N O D EN A M E 2/ 2/ 4 0 8 1/ s b i n / i n i t 1 9 7 3 8/ l i b / l i b n s s _ f i l e s 2 . 1 2 . 2 6 6 7 9/ l i b / l i b n s s _ n i s 2 . 1 2 . 1 . 1 9 5 7 9/ l i b / l i b n s l 2 . 1 2 . 1 . s o
. . .
The CLI also allows users to repeatedly invoke a command by prepending the command watch. For example, watch show switch <dpid> flow will allow the user to monitor the flows on a specific switch. This may be familiar to Unix users who use top or the corresponding watch command in Unix. Multiple CLI commands can be entered into the CLI on a single line, separated by a semi-colon. For example, to get all the way into a configuring a flow entry on a specific switch, type:
1 0 . 0 . 2 . 1 5 >e n a b l e ;c o n f ;s w i t c h0 0 : 0 a : 0 0 : 2 4 : a 8 : c 4 : 6 9 : 0 0 ;f l o w e n t r yf o o
1 0 . 0 . 2 . 1 5 ( c o n f i g f l o w e n t r y ) #
Finally, the CLI allows redirecting the output of a command to a local file or to the URL of an HTTP server or an FTP server. The local file is stored in the controller database (as general access to the local filesystem is not given). This is convenient for storing away show output or versions of configurations. For example, to store the output of show host, type:
1 0 . 0 . 2 . 1 5 #s h o wh o s t>c o n f i g : / / h o s t o u t p u t
u s e rd a t ac r e a t e d
1 0 . 0 . 2 . 1 5 #s h o wc o n f i g
N a m e
L e n g t hV e r s i o nT i m e s t a m p
| | | -
h o s t o u t p u t1 7 7 5
2 0 1 0 1 2 1 5 . 0 8 : 2 9 : 3 1
1 0 . 0 . 2 . 1 5 #s h o wc o n f i gh o s t o u t p u t|h e a d1 0
M A CA d d r e s s
N a m eS w i t c hI D
I n g r e s sP o r tI PA d d r e s s
V e n d o r
| | | | | -
0 0 : 0 c : 2 9 : 6 a : 8 3 : 8 c
0 0 : 0 a : 0 0 : 2 4 : a 8 : c 4 : 6 9 : 0 03 8
1 9 2 . 1 6 8 . 1 0 . 2 0 7V M w a r e ,I n c .
0 0 : 2 1 : f 7 : d e : e 9 : 0 0
0 0 : 0 c : 0 0 : 2 1 : f 7 : d e : e 9 : 0 0l o c a l ( 6 5 5 3 4 )1 9 2 . 1 6 8 . 1 2 . 1 0 2P r o C u r v eN e t w o r k i n gb yH P
0 0 : 2 5 : 9 0 : 0 8 : 9 4 : d 5
0 0 : 0 a : 0 0 : 2 1 : f 7 : d e : e 9 : 0 02
1 2 8 . 8 . 1 0 9 . 1 4 5 S u p e rM i c r oC o m p u t e r ,I n c .
0 0 : 3 0 : 4 8 : f 9 : c c : f 7
0 0 : 0 0 : 0 0 : 3 0 : 4 8 : f 9 : c c : f 7l o c a l ( 6 5 5 3 4 )1 9 2 . 1 6 8 . 2 . 9 9
S u p e r m i c r oC o m p u t e r ,I n c .
0 0 : 3 0 : 4 8 : f 9 : c d : 0 b
0 0 : 0 0 : 0 0 : 3 0 : 4 8 : f 9 : c d : 0 bl o c a l ( 6 5 5 3 4 )0 . 0 . 0 . 0
0 0 : 3 0 : 4 8 : f 9 : c d : 0 d
0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 11 7
1 9 2 . 1 6 8 . 1 1 . 2
0 0 : 5 0 : 8 d : 6 5 : b e : 4 b
0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 12 2
1 9 2 . 1 6 8 . 1 1 . 1
A B I TC O M P U T E RC O R P O R A T I O N
1 0 : 0 0 : 0 0 : 6 7 : a d : 0 7
0 0 : 0 0 : 0 0 : 3 0 : 4 8 : f 9 : c c : f 74
1 9 2 . 1 6 8 . 1 2 . 1 3 2u n k n o w n
Conventions
Text in courier font indicates either text that should be typed in by the user or output from a command. Text enclosed in parentheses ( ) indicates a set of required arguments. The options are separated by a vertical bar |. Text enclosed in square brackets [ ] indicates optional arguments. The options are separated by a vertical bar |. Text enclosed in angle brackets < > indicates a value that should be entered/substituted by the user.
CLI Commands
Boot Command
Configure system boot options Command Mode: enable mode
Command Syntax: b o o tf a c t o r y d e f a u l t Command Description: This command allows you to configure system boot parameters. At the moment, you can restore the controller to its factory default configuration using the 'factory-default' parameter. Next Keyword Descriptions: factory-default: Reset the controller to the factory default configuration. This will wipe out all configuration and logs files and restore the controller to its initial default configuration. This will require rebooting the controller node. When the controller finishes rebooting, you will need to go through the normal "first time setup" process, including reconfiguring the network interface configuration. Note that if you have customized the controller base image through debug facilities, then some configuration may not be restored through this command. If this is the case, it is recommended that you start with a fresh controller image. Command Examples:
R e s e tc o n t r o l l e rt oi t sf a c t o r yd e f a u l ts e t t i n g s .
n o d e 1 ( c o n f i g ) #b o o tf a c t o r y d e f a u l t
R e s e t t i n gc o n t r o l l e rt of a c t o r yd e f a u l t s. . .
W a r n i n g :T h i sw i l lr e s e ty o u rc o n t r o l l e rt of a c t o r y d e f a u l ts t a t e
a n dr e b o o ti t . Y o uw i l ll o s ea l ln o d e / c o n t r o l l e r
c o n f i g u r a t i o na n dt h el o g s
D oy o uw a n tt oc o n t i n u e[ n o ] ?y e s
R e s e t t i n gc a s s a n d r as t a t e. . .
R e m o v i n ge x i s t i n gl o gf i l e s. . .
r s y s l o gs t o p / w a i t i n g
R e s e t t i n gs y s t e ms t a t e. . .
C u r r e n td e f a u l tt i m ez o n e :' E t c / U T C '
L o c a lt i m ei sn o w :
W e dO c t2 40 0 : 0 5 : 4 1U T C2 0 1 2 .
U n i v e r s a lT i m ei sn o w : W e dO c t2 40 0 : 0 5 : 4 1U T C2 0 1 2 .
p a s s w d :p a s s w o r de x p i r yi n f o r m a t i o nc h a n g e d .
Clearterm Command
Clears and resets the terminal screen Command Mode: login mode Command Syntax: c l e a r t e r m
Configure Command
Enter configure mode Command Mode: enable mode Command Syntax: c o n f i g u r e[ t e r m i n a l ]
Connect Command
Connect to a controller's rest api Command Mode: login mode Command Syntax: c o n n e c t{ < c o n t r o l l e r i d >| }[ p o r t ]
Command Description: The connect command directs the CLI to issue REST API requests to the selected controller. The CLI uses the controller's REST API to perform all configuration, retrieve all the data for show commands, and also to generate the running config. The CLI is an application which presents the controller's REST API to the user, and can also provide some limited aid to an application write trying to use the REST API, since the requests issued by the CLI can be viewed with the 'debug rest' command (use 'help debug rest' for more details) When the controller is running as a HA slave, many commands will not be available. If the master has configured port 80 to be available (controller-node interface submode's firewall command), then by using the connect command to use the master's REST API, ssh can be avoided. This would preserve the command history, allowing an easy way to re-issue failed commands. The REST API for the controller is typically configured at port 80. Completion for the command will display all the currently known controllers. If the connect succeeds, the list of known controllers will very likely be different. Next Keyword Descriptions: controller-id: The alias or UUID to identfy the controller port <port>: Identify the tcp port number of the REST API ip-address: An ip address to identify the controller's REST API Command Examples:
c o n n e c tl o c a l h o s t
C o n n e c tt ot h ec u r r e n tc o n t r o l l e r( r e a l l yan o o p )
c o n n e c tc o n t r o l l e r n o d e b
C o n n e c tt ot h ec o n t r o l l e ri d e n t i f i e db ya na l i a s
c o n n e c t1 9 2 . 1 6 8 . 2 . 1 2 9p o r t8 0 0 0
C o n n e c tt ot h ei d e n t i f i e di pa d d r e s s
Copy Command
Copy configs to other configs Command Mode: enable mode Command Syntax: c o p y{ < s o u r c es p e c i f i e r > }[ < d e s t i n a t i o ns p e c i f i e r > ] Command Description: The copy command with one parameters copies the contents of the configuraion file out for display. The copy command with two parameters copies the contents of the requested source into the dessination. Next Keyword Descriptions: dest: Destination specifier for the copy The keyword 'running-config' can be used to specify the controller's current state (that is, overwrite the running state). The 'config://' URI scheme can be used to save config files to the local controller's disk. The 'http://' and 'ftp://' URI schemes can be used to reference remote resources. If the destination specifier is omitted, the resource referenced by the source specifier is sent to the Cli console. source: Source specifier for the copy The keyword 'running-config' can be used to specify the controller's current state. The 'config://' URI scheme can be used to reference saved config files from a previous 'copy' command. The 'http://' and 'ftp://' URI schemes can be used to reference remote resources. Command Examples:
c o p yr u n n i n g c o n f i g
V a r i a t i o no ft h e' s h o wr u n n i n g c o n f i g 'c o m m a n d
c o p yr u n n i n g c o n f i gc o n f i g : / / x y z
C o p yt h ec u r r e n tr u n n i n gc o n f i gi n t ot h ec o n f i g u r a t i o n
t a r g e tn a m e dc o n f i g : / / x y z
Enable Command
Enter enable mode Command Mode: login mode Command Syntax: e n a b l e
Ha Command
Perform actions related to high availability Command Mode: enable mode Command Syntax: h a{ f a i l o v e r|p r o v i s i o n|d e c o m m i s s i o n } Command Description: Configures failover parameters, or triggers a failover event. The 'failover' token directs the current node to fail over to a configured slave controller. The 'provision' token configures a slave controller by IP address that will function as a master controller after a failover event. Next Keyword Descriptions: id: Specify the name of one of the nodes in the controller cluster. Command Examples:
h af a i l o v e r
F a i lt h i sc o n t r o l l e rn o d e ,d e f e rt oas l a v ec o n t r o l l e r
h ap r o v i s i o n1 . 2 . 3 . 4
C o n f i g u r ean e wc o n t r o l l e rn o d et of u n c t i o na sas l a v e
Ping Command
Ping a switch or ip address Command Mode: login mode Command Syntax: p i n g[ c o u n t< c o u n t > ] Command Description: The ping command sends ICMP echo requests validates basic network connectivity between the CLI and the requested target. Next Keyword Descriptions: count <count>: This integer field identifies the number of ping requests sent to the target before exiting. The default value is '5'. ip-address: type Resolvable-ip-address A dotted-quat ip address (192.168.2.129), or a domain name (localhost), which can be resolved may be included here. Additionally, switch alias or dpids may also be included if they're currently active (an ip address is associated with the switch) Command Examples:
p i n g1 . 2 . 3 . 4
P i n gas p e c i f i ch o s tw i t had e f a u l tp a c k a g ec o u n t( 5 )
p i n g1 01 . 2 . 3 . 4
P i n gas p e c i f i ch o s tw i t haf i x e dn u m b e ro fp a c k e t s
Reload Command
Reload and reboot Command Mode: enable mode Command Syntax: r e l o a d Command Description: This command will restart this controller node. If you are running as part of a high availability cluster, this will trigger a failover to the remaining nodes, but you may wish to manually trigger this first using the "ha failover" command. Rebooting the controller will allow you to access the boot menu if you wish to revert to an older version of the controller software following an upgrade. If you wish to do this, select the appropriate image from the boot loader prompt from the controller console to choose a different image version. Command Examples:
R e b o o tt h ec o n t r o l l e r
n o d e 1 ( c o n f i g ) #r e l o a d
C o n f i r mR e l o a d( y e st oc o n t i n u e )y e s
Rollback Command
Rollback cluster to specified config Command Mode: enable mode Command Syntax: r o l l b a c k{ i m a g e s : / /|s a v e d c o n f i g s : / / }< f i l e >
Set Command
Manage cli sessions settings Command Mode: login mode Command Syntax: s e tl e n g t h{ < l e n g t h >|t e r m } Command Description: Set the terminal height for paging Cli command output. Command Examples:
s e tl e n g t h5 0
S e tt h et e r m i n a ll e n g t ht o5 0l i n e s .
s e tl e n g t ht e r m
S e tt h et e r m i n a ll e n g t ht ot h en a t u r a ls c r e e nh e i g h t .
Traceroute Command
Determine the l3 path to some destination Command Mode: login mode Command Syntax: t r a c e r o u t e Command Description: Compute the L3 path between the local host and the destination by using increasing TTL's, and reporting back ICMP timed-out messages Next Keyword Descriptions: ip-address: type Resolvable-ip-address A dotted-quat ip address (192.168.2.129), or a domain name (localhost, bigswtich.com), which can be resolved may be included here. Additionally, switch alias or dpids may also be included if they're currently active (an ip address is associated with the switch)
Command Examples:
t r a c e r o u t e1 . 2 . 3 . 4
C o m p u t et h eL 3p a t ht h eh o s tw i t hI Pa d d r e s s1 . 2 . 3 . 4
t r a c e r o u t ew w w . y a h o o . c o m
C o m p u t et h eL 3p a t ht h eh o s tw i t has p e c i f i ch o s t n a m e
Upgrade Command
Manage the controller upgrade process Command Mode: enable mode Command Syntax: u p g r a d ea b o r t Next Keyword Descriptions: abort: If you've already run an upgrade operation on this controller node, but want to abort the upgrade before you reboot into the new partition, run the "upgrade abort" command to configure the controller to boot by default from the current-active partition and set the controller status back to "Ready." This can allow you to restart a failed upgrade process, for example if a node failure occurs while attempting to upgrade. Command Examples:
u p g r a d ea b o r t
A b o r ta ni n p r o g r e s so rr e q u e s t e du p g r a d e
Manage the controller upgrade process Command Mode: enable mode Command Syntax: u p g r a d e[ f o r c e ][ d e t a i l s ] Command Description: Upgrade the controller from an uploaded controller image. To perform upgrade, you will first need to upload an upgrade image package by scping the file using the "images" user. Upgrade image package is a file with name of format "controller-upgrade-YYYY.MM.DD.XXXX.pkg". Following is an example to prepare upgrade for controller with IP address 192.168.67.141:" scp $path/controller-upgrade-2013.02.13.0921.pkg images@192.168.67.141:" After you run the upgrade, the new controller image will be installed on the second image partition, and will be configured as the default boot image. Running the "reload" command will boot the current node If you are upgrading a cluster with multiple nodes, begin by upgrading the slave nodes followed by the master node. You can find out which slave is the master by running "show controller-node all". You should upgrade each node by running the upgrade, then reloading the controller node. For example, if you have two nodes in your cluster, node1 (the current master) and node2 (the current slave), you should: 1. 2. 3. 4. Upgrade node2 using the "upgrade" command Reboot node2 using the "reload" command Upgrade node1 using the "upgrade" command Reboot node1 using the "reload" command
Note that when you reboot the master controller node1 there may be a brief disruption in your network. Please refer to the section on upgrading in the user guide for more detailed information, including information on how to revert if the upgrade fails. Next Keyword Descriptions: force: The "force" option will run the upgrade but will ignore any validation errors. These errors include validating the package checksum, minimum system requirements, and connectivity. Note that if you choose this option, there is an increased chance that your controller upgrade will be unsuccessful. details: The "details" option will cause verbose information to be printed out during each upgrade step.
This may be helpful in diagnosing failures during the upgrade process. Command Examples:
U p g r a d et h ec o n t r o l l e rn o d eu s i n ga nu p l o a d e du p g r a d ep a c k a g e
n o d e 1 >e n a b l e
n o d e 1 #u p g r a d e
U p g r a d ec o n t r o l l e rf r o mi m a g e' / h o m e / i m a g e s / c o n t r o l l e r u p g r a d e . p k g ' ?
( y e st oc o n t i n u e )y e s
E x e c u t i n gu p g r a d e . . .
1-V e r i f y i n gp a c k a g ec h e c k s u m
S u c c e e d e d
2-V e r i f y i n gc o n n e c t i v i t yt oo t h e rn o d e sv i ap i n g
S u c c e e d e d
3-C h e c k i n gm i n i m u ms y s t e mr e q u i r e m e n t s
S u c c e e d e d
4-C o p y i n gc o n f i g u r a t i o n
S u c c e e d e d
5-C r e a t i n gn e wf i l e s y s t e m
S u c c e e d e d
C o n t r o l l e rn o d eu p g r a d ec o m p l e t e .
U p g r a d ew i l ln o tt a k ee f f e c tu n t i ls y s t e mi sr e b o o t e d .U s e' r e l o a d 't o
r e b o o tt h i sc o n t r o l l e rn o d e .T or e v e r t ,s e l e c tt h ea p p r o p r i a t ei m a g e
f r o mt h eb o o tm e n u
Write Command
Write config to memory or terminal, or clear Command Mode: enable mode Command Syntax: w r i t et e r m i n a l Command Description: Write command allows you to view the current configuration or restore the system to its default configuration. Next Keyword Descriptions: terminal: Display the current active configuration on the terminal. Equivalent to "show running-config". Command Examples:
D i s p l a yt h ec u r r e n tr u n n i n g c o n f i g :
n o d e 1 #w r i t et e r m i n a l
!O S1 . 0-c u s t o mv e r s i o n
!C u r r e n tT i m e :2 0 1 2 1 0 2 3 . 2 0 : 3 7 : 5 1
. . .
R e s e tt of a c t o r yd e f a u l t s :
n o d e 1 #w r i t ee r a s e
R e s e t t i n gc o n t r o l l e rt of a c t o r yd e f a u l t s. . .
. . .
Command Syntax: w r i t ee r a s e Next Keyword Descriptions: erase: Reset the controller to the factory default configuration. This will wipe out all configuration and logs files and restore the controller to its initial default configuration. This will require rebooting the controller node. When the controller finishes rebooting, you will need to go through the normal "first time setup" process, including reconfiguring the network interface configuration. Note that if you have customized the controller base image through debug facilities, then some configuration may not be restored through this command. If this is the case, it is recommended that you start with a fresh controller image.
Test Command
Perform various tests on the network Command Mode: login mode Command Syntax: t e s tp a c k e t i ns r c h o s t< s r c h o s t >d s t h o s t< d s t h o s t >[ s r c s w i t c h
< s r c s w i t c h >< s r c s w i t c h p o r t > ][ v l a n< v l a n > ][ p r i o r i t y ][ s r c i p a d d r e s s < s r c i p a d d r e s s > ][ d s t i p a d d r e s s< d s t i p a d d r e s s > ][ p r o t o c o l ][ t o s< t o s > ] [ s r c p o r t< s r c p o r t > ][ d s t p o r t< d s t p o r t > ]
Command Description: The test command provides various tools to help perform root-cause analysis. Next Keyword Descriptions: src-host <src-host>:
This parameter identifies a host, used to identify an attachment point. The parameter's value is a mac address. vlan <vlan>: VLAN ID for tagging packets src-switch-port: This parameter identifies a physical switch port number, as part of the description of the attachment point dst-host <dst-host>: src-port <src-port>: Port number for injected packets src-ip-address <src-ip-address>: IP address for injected packets dst-ip-address <dst-ip-address>: src-switch <src-switch>: This parameter identifies a switch by DPID, as part of the description of the attachment point priority <priority>: Ether priority for injected packets protocol <protocol>: Protocol number for injected packets tos <tos>: TOS flags for injected packets dst-port <dst-port>: packet-in: The 'packet-in' test type provides a tools to determine whether a source and dest can transmit a frame. A frame is injected as if it originated from the indicated port on a source switch, and is directed to a destination switch and port. When it arrives, the command announces the path traversed. Command Examples:
t e s tp a c k e t i ns r c h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1d s t h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2
T e s tp a c k e ti n j e c t i o nb e t w e e nt w oh o s t s
t e s tp a c k e t i ns r c h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1d s t h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2s r c s w i t c h0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0
R u nt h ep a c k e t i nt e s t ,s p e c i f y i n gas p e c i f i cs w i t c hp h y s i c a lp o r t
t e s tp a c k e t i ns r c h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1d s t h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2. . .v l a n1 0 0 1
R u nt h ep a c k e t i nt e s t ,t a g g i n gp a c k e t sw i t has p e c i f i cV L A N
t e s tp a c k e t i ns r c h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1d s t h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2. . .p r i o r i t y2
R u nt h ep a c k e t i nt e s t ,t a g g i n gp a c k e t sw i t has p e c i f i ce t h e rp r i o r i t y
t e s tp a c k e t i ns r c h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1d s t h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2. . .s r c i p a d d r e s s1 . 2 . 3 . 4
R u nt h ep a c k e t i nt e s t ,t a g g i n gp a c k e t sw i t has p e c i f i cs o u r c eI Pa d d r e s s
t e s tp a c k e t i ns r c h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1d s t h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2. . .d s t i p a d d r e s s1 . 2 . 3 . 4
R u nt h ep a c k e t i nt e s t ,t a g g i n gp a c k e t sw i t has p e c i f i cd e s t i n a t i o nI Pa d d r e s s
t e s tp a c k e t i ns r c h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1d s t h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2. . .p r o t o c o l6
R u nt h ep a c k e t i nt e s t ,t a g g i n gp a c k e t sw i t has p e c i f i cI Pp r o t o c o ln u m b e r( T C P )
t e s tp a c k e t i ns r c h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1d s t h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2. . .t o s7
R u nt h ep a c k e t i nt e s t ,t a g g i n gp a c k e t sw i t has p e c i f i cs e to fT O Sb i t s
t e s tp a c k e t i ns r c h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1d s t h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2. . .s r c p o r t8 0
R u nt h ep a c k e t i nt e s t ,t a g g i n gp a c k e t sw i t has p e c i f i cs o u r c ep o r tn u m b e r
t e s tp a c k e t i ns r c h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1d s t h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2. . .d s t p o r t4 4 3
R u nt h ep a c k e t i nt e s t ,t a g g i n gp a c k e t sw i t has p e c i f i cd e s t i n a t i o np o r tn u m b e r
Perform various tests on the network Command Mode: login mode Command Syntax: t e s tp a t h{ s r c h o s t< s r c h o s t >|s r c i p< s r c i p >|s r c s w i t c h< s r c s w i t c h >< s r c s w i t c h p o r t > }{ d s t h o s t< d s t h o s t >|d s t i p< d s t i p >|d s t s w i t c h< d s t s w i t c h >< d s t s w i t c h p o r t > }
Command Description: The test command provides various tools to help perform root-cause analysis. Next Keyword Descriptions: src-host <src-host>: This parameter identifies the host, used to identify an attachment point. The parameter's value is a mac address. src-switch-port: This parameter identifies a specific switch's interface (physical port), to complete the attachment point description. dst-host <dst-host>: src-ip <src-ip>: This parameter identies an ip address used to determine an attachment point dst-switch-port: src-switch <src-switch>: This parameter identifies a switch via DPID, as part of the description of the attachment point dst-ip <dst-ip>: path: The 'test path' command requests the controller to compute the path between interfaces on switches, return, and display the result. No attempt it made to validate the connectivity between the two endpoints. To compute the path, and source and a destination needs to be provided. These can be described in a variety of different forms: hosts mac addresses, ip addresses, or switch and interface names. dst-switch <dst-switch>: Command Examples:
n o d e 1 >t e s tp a t hs r c i p1 0 . 0 . 0 . 1d s t i p1 0 . 0 . 0 . 3
#S w i t c h
I F
R xB y t e sR xP k t sR xE r r sT xB y t e sT xP k t sT xE r r s
| | | | | | | | -
10 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 6s 6 e t h 18 6 0
1 1
4 7 6 2
7 4
20 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 6s 6 e t h 32 2 0 8
3 5
2 2 0 8
3 5
30 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 5s 5 e t h 12 2 0 8
3 5
2 2 0 8
3 5
40 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 5s 5 e t h 22 2 0 8
3 5
2 3 9 1
3 8
50 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 7s 7 e t h 32 4 1 9
3 8
2 2 0 8
3 5
60 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 7s 7 e t h 18 6 0
1 1
4 6 8 4
7 3
Command Syntax: t u n n e l l i n k{ v e r i f y< s w i t c hd p i do ra l i a s >< s w i t c hd p i do ra l i a s > }
Configuration Commands
Address-space Commands
Enter address space submode Command Mode: config mode Command Syntax: [ n o ]a d d r e s s s p a c e< n a m e > Command Description: Set up or tear down address space definitions. Specifying an address space by name enters the address-space configuration sub-mode. Next Keyword Descriptions: name:
This is the name of the address-space. The address-space name "default" represents the default address space that will be used if no other address-space matches. Command Examples:
a d d r e s s p a c eM Y A D D R E S S
D e f i n ean e wa d d r e s ss p a c e ,a n de n t e ri t sc o n f i g u r a t i o ns u b m o d e
n oa d d r e s s s p a c eM Y A D D R E S S
D e l e t ea na d d r e s ss p a c eb yn a m e
Set address-space active Command Mode: config-address-space mode Command Syntax: [ n o ]a c t i v e Command Description: Set the address-space active. If an address-space is inactive the controller will not use it or its rules. Command Examples:
a c t i v e
W i t h i na na d d r e s s s p a c ec o n f i gs u b m o d e ,
s e tt h i sa d d r e s s s p a c ea sa c t i v e
n oa c t i v e
D e a c t i v a t et h ec u r r e n t l y c o n f i g u r e da d d r e s ss p a c e
Provide description for this address-space Command Mode: config-address-space mode Command Syntax: [ n o ]d e s c r i p t i o n< d e s c r i p t i o n > Command Description: A user provided textual description for this address-space. Command Examples:
d e s c r i p t i o n" T H I SI SM YA D D R E S S S P A C E "
A s s o c i a t eat e x t u a ld e s c r i p t i o nw i t ht h i sa d d r e s s s p a c e
Set an address-space identifier rule Command Mode: config-address-space mode Command Syntax: [ n o ]i d e n t i f i e r r u l e< r u l e > Command Description: Set an address-space identifier rule and enter submode. Devices are assigned into address-spaces based on identifier-rules. Next Keyword Descriptions: rule: Command Examples:
i d e n t i f i e r r u l er u l e 4 2
D e f i n ean e wi d e n t i f i e rr u l ef o rt h i sa d d r e s s s p a c ed e f i n i t i o n ,
a n de n t e rt h ei d e n t i f i e r r u l es u b m o d e
n oi d e n t i f i e r r u l er u l e 4 2
D e l e t ea ni d e n t i f i e rr u l ea s s o c i a t e dw i t ht h e
c u r r e n t l y d e f i n ea d d r e s s s p a c e
Set rule to active Command Mode: config-address-space-id-rule mode Command Syntax: [ n o ]a c t i v e Command Description: Configure this address space identifier rule as 'active' Command Examples:
a c t i v e
C o n f i g u r et h i sa d d r e s ss p a c ei d e n t i f i e rr u l ea sa c t i v e
n oa c t i v e
D e a c t i v a t et h i sa d d r e s ss p a c ei d e n t i f i e rr u l e
Provide description for identifier rule Command Mode: config-address-space-id-rule mode Command Syntax: [ n o ]d e s c r i p t i o n< d e s c r i p t i o n >
Command Description: A user provided textual description for this identifier-rule. Command Examples:
d e s c r i p t i o n" T h i si sr u l e 4 2 "
P r o v i d ead e s c r i p t i o nf o rt h ec u r r e n t l y d e f i n e da d d r e s s s p a c ei d e n t i f i e rr u l e
Associate switch with identifier rule Command Mode: config-address-space-id-rule mode Command Syntax: m a t c hs w i t c h{ < s w i t c hd p i do rs w i t c ha l i a s >[ < s w i t c hi n t e r f a c e ,o r r a n g e ,o rl i s t > ] } Next Keyword Descriptions: switch: Associate a switch or set of switch interfaces with this identifier rule. Devices present on the specified switch/interfaces will be matched. ports: Restrict the match to a switch interface or list/range of switch interfaces Command Examples:
m a t c hs w i t c h0 0 : 0 0 : 1 1 : 2 2 : 3 3 : 4 4 : 5 5 : 6 6
M a t c h e sa l li n t e r f a c e so nt h es w i t c hw i t ht h i sD P I D .
m a t c hs w i t c h0 0 : 0 0 : 1 1 : 2 2 : 3 3 : 4 4 : 5 5 : 6 6E t h e r n e t 1
M a t c h e si n t e r f a c eE t h e r n e t 1o nt h es p e c i f i e ds w i t c h .
m a t c hs w i t c h0 0 : 0 0 : 1 1 : 2 2 : 3 3 : 4 4 : 5 5 : 6 6E t h e r n e t 1 , E t h e r n e t 5 1 0 , p o r t 2
M a t c h e si n t e r f a c e sE t h e r n e t 1 ,E t h e r n e t 5 ,E t h e r n e t 6 ,. . .E t h e r n e t 1 0 ,
a n dp o r t 2o nt h es p e c i f i e ds w i t c h .
m a t c hs w i t c hT o R 1 1
M a t c h e st h es w i t c hw i t ht h ea l i a s' T o R 1 1 '
Associate tag with identifier rule Command Mode: config-address-space-id-rule mode Command Syntax: m a t c ht a g s< t a g > Next Keyword Descriptions: tags: Associate a tag or list of tags with this identifier-rule. If a list of tags is given all tags need to match. Command Examples:
m a t c ht a g sc o m . b s . t e n a n t = C u s t o m e r A
M a t c h e sd e v i c e st h a tm a t c ht h eg i v e nt a g .
m a t c ht a g sc o m . b s . t e n a n t = C u s t o m e r A , c o m . e x a m p l e . t y p e = r o u t e r
M a t c h e sd e v i c e st h a tm a t c h* a l l *o ft h eg i v e nt a g s .
Associate vlans with identifier rule Command Mode: config-address-space-id-rule mode Command Syntax: m a t c hv l a n s< V l a nn u m b e r( 1 4 0 9 5 )o rr a n g e ,o rl i s t > Next Keyword Descriptions: vlans: Associate VLANs with identifier-rule. In this software version the specified VLAN must be equal to value specified for 'vlan-tag-on-egress' Command Examples:
m a t c hv l a n s1 0 0 1
A s s o c i a t eo n eo rm o r eV L A NI D sw i t ht h i si d e n t i f e rr u l e
n om a t c hv l a n s1 0 0 1
R e m o v eaV L A NI Da s s o c i a t i o nf r o mt h i si d e n t i f i e rr u l e
n om a t c hv l a n s
R e m o v ea l lV L A NI Da s s o c i a t i o n sf r o mt h i si d e n t i f i e rr u l e
Describe priority for identifier rule Command Mode: config-address-space-id-rule mode Command Syntax: [ n o ]p r i o r i t y Command Description: The prirority of this identifier-rule. Higher numeric values represent higher priority. The highest priority identifier-rule that matches a given packet will be choosen.
Command Examples:
p r i o r i t y1 0 0
S e tt h ep r i o r i t yf o rt h ec u r r e n t l y d e f i n e da d d r e s s s p a c ei d e n t i f i e rr u l e
Describe address-space origin Command Mode: config-address-space mode Command Syntax: [ n o ]o r i g i n< o r i g i n > Command Description: Describe the origin of an address space Command Examples:
o r i g i nr e s t
N o t et h a tt h i sa d d r e s s s p a c ew a sc o n f i g u r e dv i aR E S T
n oo r i g i nr e s t
R e m o v et h eo r i g i nn o t a t i o nf o rt h i sa d d r e s s s p a c e
Set address-space priority Command Mode: config-address-space mode Command Syntax: [ n o ]p r i o r i t y
Command Description: The prirority of this address-space. Higher numeric values represent higher priority. All identifier-rules of the highest priority address-space will be evaluated before any rules of other address-spaces. Command Examples:
S e tt h ep r i o r i t yo ft h i sc u r r e n t l y d e f i n e da d d r e s s s p a c e
n op r i o r i t y1 0 0
R e m o v et h ep r e v i o u sp r i o r i t yd e c l a r a t i o n ,
a n dr e s e tt h i sa d d r e s s s p a c e ' sp r i o r i t yt ot h ed e f a u l tv a l u e
Egress vlan tag Command Mode: config-address-space mode Command Syntax: [ n o ]v l a n t a g o n e g r e s s< v l a n t a g o n e g r e s s > Command Description: Associates a VLAN with this address-space. This VLAN is used for internal disambiguation and for tagging packets that egress to other networks (according to identifier-rule configuration). Command Examples:
v l a n t a g o n e g r e s s4 2
A s s o c i a t eaV L A Nt a gw i t ht h i sa d d r e s s s p a c e .
E a c ha d d r e s s s p a c em u s th a v ea na s s o c i a t e dV L A N ,e l s et h i sa d d r e s s s p a c e
w i l lb ei g n o r e db yt h ec o n t r o l l e r
Onv Commands
Enter onv submode, manage access lists Command Mode: config mode Command Syntax: o n v< o n v n a m e > Command Description: This command is used to enter a submode to manage properties associated with the virtual switch. This currently includes acl managment, and association of the acls rules to interfaces. The named onv-id must already exist. See the onv-definition command to create new onv's. Withing this submode, two other submodes can be entered. The access-list submode associates specific acl rules with an access list, while the interface submode allows association of named access rules to specific interfaces. Next Keyword Descriptions: onvname: This is the name of the ONV. The ONV name "default" represents the default ONV in the default address space. A ONV name conforming to "<address-space-name>-default" represents the default ONV for the address-space "address-space-name" Command Examples:
o n v m y o n v d e f i n i t i o n
E n t e rO N Vd e f i n i t i o ns u b m o d e .
T h eO N Vn a m ec o r r e s p o n d st oap r i o ro n v d e f i n i t i o ni d e n t i f i e r .
Associate interface with access-list Command Mode: config-tenant-onv-if mode
Command Syntax: [ n o ]a c c e s s g r o u p< o n v a c c e s s l i s t >{ i n|o u t } Command Description: Associate an access-list configuration with this interface rule. Next Keyword Descriptions: out: Apply an access-list to outgoing traffic on this ONV interface. in: Apply an access-list to incoming traffic on this ONV interface. Command Examples:
a c c e s s g r o u pp a i r b l o c k e ri n
A s s o c i a t et h e' p a i r b l o c k e r 'A C Lw i t hi n p u tp a c k e t st ot h i sO N V
n oa c c e s s g r o u pp a i r b l o c k e ri n
R e m o v et h ei n p u tp a c k e tA C Lf o rt h i sO N Vi n s t a n c e
Enter onv access-list submode Command Mode: config-tenant-onv mode Command Syntax: [ n o ]a c c e s s l i s t< n a m e > Command Description: Enter submode to configure ONV access-list. Next Keyword Descriptions: name: The name of the access list Command Examples:
a c c e s s l i s ta c c e s s l i s t 1
D e f i n ean e wa c c e s sl i s tf o rt h i sO N V ,
a n de n t e ri t sc o n f i g u r a t i o ns u b m o d e
n oa c c e s s l i s ta c c e s s l i s t 1
R e m o v et h ed e f i n i t i o nf o rt h i sa c c e s sl i s t
Provide a description for a onv access list Command Mode: config-tenant-onv-acl mode Command Syntax: [ n o ]d e s c r i p t i o n< d e s c r i p t i o n > Command Description: A user provided textual description for this access-list. Command Examples:
d e s c r i p t i o n" A c c e s sl i s t# 1 "
A s s o c i a t eat e x td e s c r i p t i o nw i t ht h i sa c c e s sl i s t
Define acl details for this access-list Command Mode: config-tenant-onv-acl mode Command Syntax: < a c lr u l en u m b e r >{ p e r m i t|d e n y }{ { { i p|t c p|u d p }| }{ < s r c i p >< s r c i p m a s k >|< s r c i p >|< s r c c i d r >|a n y }[ { e q|n e q }{ < s r c t p p o r t >|{ h t t p|d n s|h t t p s|s s h ] [{<dst-ip>
<dst-ip-mask> | <dst-ip> | <dst-cidr> | any} [{eq | neq} {<dst-tp-port> | {http | dns | https | ssh}}]] | icmp {<src-ip> <src-ip-mask> | <src-ip> | <src-cidr> | any}
[{eq | neq} {<src-tp-port> | {http | dns | https | ssh}}] [{<dst-ip> <dst-ip-mask> | <dst-ip> | <dst-cidr> | any} [{eq | neq} {<dst-tp-port> | {http | dns | https | ssh}}]] [<icmp-type>] | mac {any | <src-mac>} {any | <dstmac>} [<ether-type> | {arp | lldp | 802.1Q | ip | mpls | rarp | mpls-mc | appletalk-aarp | ipv6 | novell | ipx}] [vlan <vlan>]}}} Command Description: Add an entry to this ONV access list Next Keyword Descriptions: ip: Access list entry for IP packets. src-ip-mask: An inverse netmask in dotted decimal notation. tcp: Access list entry for TCP packets. eq: Port number equals. any: Represents any IP address. https: Specify a port by service name ether-type: Specify an ether type by number (hex or decimal) type: dst-ip-mask: neq: Port number does not equal. udp: Access list entry for UDP packets. http: dns: dst-ip: IP address in dotted decimal notation. IP address in dotted decimal notation. IP address with prefix length in CIDR format. mac: Filter based on source/destionation MAC addresses, ether types and VLAN IDs ssh:o:p> icmp: deny: Deny traffic matching this entry. src-tp-port:
Port number in decimal or hex if prefixed with 0x. src-ip: dst-tp-port: permit: Permit traffic matching this entry. Command Examples:
1 0d e n yi p1 0 . 0 . 0 . 11 0 . 0 . 0 . 2
A d da nA C Lr u l et od e n yI Pt r a f f i cb e t w e e nt w oh o s t s
1 1a l l o wt c p1 0 . 0 . 0 . 3
A d da nA C Lr u l et oa l l o wT C Pt r a f f i cf r o mas p e c i f i ch o s t
1 2d e n y5 1
A d da nA C Lr u l et od e n yA Hp a c k e t s
1 3d e n yt c pa n ye qh t t p
A d da nA C Lr u l et od e n yH T T Pt r a f f i c
1 4d e n yt c pa n ye qh t t p
A d da nA C Lr u l et od e n yH T T Pt r a f f i c
1 5d e n ym a c0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1a n y
A d da nA C Lr u l et od e n yt r a f f i cb a s e do ns o u r c eM A Ca d d r e s s
1 6d e n ym a c0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 10 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2
A d da nA C Lr u l et od e n yt r a f f i cb e t w e e nM A Ca d d r e s s e s
1 6d e n ym a ca n ya n y0 x 0 8 4 2
A d da nA C Lr u l et od e n yw a k e o n L A Np a c k e t s
1 7d e n ym a ca n ya n yv l a n4 2
A d da nA C Lr u l et od e n yp a c k e t sf r o mas p e c i f i cV L A N
Set onv priority Command Mode: config-tenant-onv-acl mode Command Syntax: [ n o ]p r i o r i t y Command Description: Within a ONV access list definition, set the priority Command Examples:
S e tt h ep r i o r i t yo ft h i sA C Lt o1 0 0
Enter onv-if submode Command Mode: config-tenant-onv mode Command Syntax: [ n o ]i n t e r f a c e Command Description: Enter ONV interface submode, manage association to access lists. Next Keyword Descriptions: interface: The name of the ONV interface. Interface names are derived from interface-rules. Command Examples:
i n t e r f a c em a i n i n t e r f a c e
E n t e rt h eO N Vi n t e r f a c ec o n f i g u r a t i o ns u b m o d e .
T h ei n t e r f a c ei sn a m e db a s e do nac o r r e s p o n d i n gi n t e r f a c e r u l es p e c i f i e r .
ONV-definition Commands
Enter onv definition submode Command Mode: config mode Command Syntax: [ n o ]o n v d e f i n i t i o n< o n v n a m e > Command Description: This submode is used to create, then describe the membership of devices for the named ONV. Within this submode, properties of the ONV can be configured. Interface-rules are configured and managed, which configure the membership of devices. The controller provides a ONV named 'default' to collect devices which are not associated with any ONV. Part of the configuration associated with a ONV includes the association of a particular address-space. When not speficially configured, the 'default' address-space is associated with the ONV. Each address-space also has an associated default ONV. IF the address space is called 'yellow', then the default ONV for this address space is called 'yellow-default'
Next Keyword Descriptions: onvname: This is the name of the ONV. The ONV name "default" represents the default ONV in the default address space. A ONV name conforming to "<address-space-name>-default" represents the default ONV for the address-space "address-space-name" Command Examples:
o n v d e f i n i t i o nm y f i r s t o n v
D e f i n ean e wO N Vi n s t a n c eb yn a m e ,
a n de n t e rt h eO N Vd e f i n i t i o ns u b m o d e
n oo n v d e f i n i t i o nm y f i r s t o n v
R e m o v ean a m e dO N V
Set onv active Command Mode: config-tenant-def-onv mode Command Syntax: [ n o ]a c t i v e Command Description: Set the ONV active. If a ONV is inactive the controller will not use it or its rules. Command Examples:
a c t i v e
A c t i v a t et h i sO N Vi n s t a n c e
n oa c t i v e
D e a c t i v a t et h i sO N Vi n s t a n c e
Configure arp mode Command Mode: config-tenant-def-onv mode Command Syntax: [ n o ]a r p m o d e{ a l w a y s f l o o d|f l o o d i f u n k n o w n|d r o p i f u n k n o w n } Command Description: Configure the ARP behavior for this ONV instance. Next Keyword Descriptions: always-flood: Always flood ARP packets on all switch interfaces. No active managment of ARP, will leak packets across ONV. drop-if-unknown: Drop ARP packets if the host is unknown flood-if-unknown: Flood ARP packets if the destination is unknown. Might leak packets across ONV. Command Examples:
a r p m o d ea l w a y s f l o o d
D on o tm a n a g eA R Pp a c k e t s ,j u s tf l o o dt h e mo na l li n t e r f a c e s
a r p m o d ef l o o d i f u n k n o w n
O n l yf l o o dA R Pp a c k e t sf o ru n k n o w nd e s t i n a t i o n s
a r p m o d ed r o p i f u n k n o w n
D r o pA R Pp a c k e t sf r o mu n k n o w nd e s t i n a t i o n s
Configure broadcast mode Command Mode: config-tenant-def-onv mode Command Syntax: [ n o ]b r o a d c a s t{ a l w a y s f l o o d|f o r w a r d t o k n o w n|d r o p } Command Description: Configure broadcast characteristics of the ONV instance. Next Keyword Descriptions: always-flood: Always flood all non-ARP, non-DHCP broadcast packets on all switch interfaces. Will leak packets across ONV. forward-to-known: Forward all non-ARP, non-DHCP broadcast packets to all known hosts in this ONV. drop: Drop all non-ARP, non-DHCP broadcast packets. Command Examples:
b r o a d c a s ta l w a y s f l o o d
M i s c e l l a n e i o u sb r o a d c a s tp a c k e t sa r es e n to na l li n t e r f a c e s
b r o a d c a s tf o r w a r d t o k n o w n
M i s c e l l a n e o u sb r o a d c a s tp a c k e t sa r ef o r w a r d e do n l yt ok n o w nh o s t s
b r o a d c a s td r o p
M i s c e l l a n e o u sb r o a d c a s tp a c k e t sa r ed r o p p e d
Provide description for a onv instance Command Mode: config-tenant-def-onv mode Command Syntax: [ n o ]d e s c r i p t i o n< d e s c r i p t i o n > Command Description: Within a ONV definition sub-mode, declare a friendly descriptor for the ONV instance. Command Examples:
d e s c r i p t i o n" t h i si sm yf i r s tO N Vi n s t a n c e "
A d dat e x t u a ld e s c r i p t i o nt oaO N V
Configure dhcp ip address Command Mode: config-tenant-def-onv mode Command Syntax: [ n o ]d h c p i p< d h c p i p > Command Description: Specify the IP address of the local DHCP server or local DHCP relay. Used by dhcp-mode 'static'. Command Examples:
d h c p i p1 . 2 . 3 . 4
I ns t a t i cD H C Pm o d e ,c o n f i g u r et h el o c a lD H C Ps e r v e ro rr e l a ya d d r e s s
Set dhcp mode Command Mode: config-tenant-def-onv mode Command Syntax: [ n o ]d h c p m o d e{ a l w a y s f l o o d|f l o o d i f u n k n o w n|s t a t i c } Command Description: Configure ONV handling of DHCP broadcast packets. Next Keyword Descriptions: always-flood: Always flood all DHCP packets. Will leak packets across ONV. static: Forward DHCP packets to the configured local DHCP server or local DHCP relay. flood-if-unknown: Flood DHCP packets if the DHCP server location is unknown. DHCP server location will be discovered. Command Examples:
d h c p m o d es t a t i c
O N Vw i l lf o r w a r dD H C Pt r a f f i ct oas i n g l ek n o w nh o s t
d h c p m o d ef l o o d i f u n k n o w n
F l o o dD H C Pp a c k e t si ft h es e r v e ri sn o tk n o w n
d h c p m o d ea l w a y s f l o o d
D on o tm a n a g eD H C Pt r a f f i c e
Set rule to active
Command Mode: config-tenant-def-onv-if-rule mode Command Syntax: [ n o ]a c t i v e Command Description: Mark the rule as active. Only active rules will be matched. Command Examples:
a c t i v e
M a r kt h i si n t e r f a c er u l ea sa c t i v e
n oa c t i v e
M a r kt h i si n t e r f a c er u l ea si n a c t i v e
Enable multiple interface rule matches Command Mode: config-tenant-def-onv-if-rule mode Command Syntax: [ n o ]a l l o w m u l t i p l e Command Description: If allow-multiple is set devices matching this rule are allowed to be in multiple ONV at the same time. Command Examples:
a l l o w m u l t i p l e
D e v i c e sm a t c h i n gt h i sr u l ec a nb ei nm o r et h a no n eO N V
n oa l l o w m u l t i p l e
D e v i c e sm a t c h i n gt h i sr u l ec a nb ei nas i n g l eO N V
Provide description for interface rule Command Mode: config-tenant-def-onv-if-rule mode Command Syntax: [ n o ]d e s c r i p t i o n< d e s c r i p t i o n > Command Description: A user provided textual description for this interface-rule. Command Examples:
d e s c r i p t i o n" T h i si sm yf i r s tO N Vi n t e r f a c er u l e "
D e s c r i b eaO N Vi n t e r f a c er u l e
Associate ip-subnet (ip or cidr range) for interface rule Command Mode: config-tenant-def-onv-if-rule mode Command Syntax: m a t c hi p s u b n e t Command Description: Associate an IP address or IP subnet with interface-rule. Next Keyword Descriptions: ip-subnet: Command Examples:
m a t c hi p s u b n e t1 0 . 1 0 . 1 0 . 1 0
m a t c hi p s u b n e t1 0 . 4 2 . 1 0 . 0 / 2 4
Associate mac (host) with interface rule Command Mode: config-tenant-def-onv-if-rule mode Command Syntax: m a t c hm a c< h o s tm a co ra l i a s > Command Description: Associate MAC address (host) with interface-rule. Next Keyword Descriptions: mac: Command Examples:
m a t c hm a c0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1
M a t c has p e c i f i cM A Ca d d r e s s
Associate switch with interface rule Command Mode: config-tenant-def-onv-if-rule mode Command Syntax: m a t c hs w i t c h{ < s w i t c hd p i do rs w i t c ha l i a s >[ < s w i t c hi n t e r f a c e ,o r r a n g e ,o rl i s t > ] } Command Description: Associate a switch or set of switch interfaces with this interface-rule. Hosts present on the specified switch/interfaces will be matched. Command Examples:
m a t c hs w i t c h0 0 : 0 0 : 1 1 : 2 2 : 3 3 : 4 4 : 5 5 : 6 6
M a t c h e sa l li n t e r f a c e so nt h es w i t c hw i t ht h i sD P I D .
m a t c hs w i t c h0 0 : 0 0 : 1 1 : 2 2 : 3 3 : 4 4 : 5 5 : 6 6E t h e r n e t 1
M a t c h e si n t e r f a c eE t h e r n e t 1o nt h es p e c i f i e ds w i t c h .
m a t c hs w i t c h0 0 : 0 0 : 1 1 : 2 2 : 3 3 : 4 4 : 5 5 : 6 6E t h e r n e t 1 , E t h e r n e t 5 1 0 , p o r t 2
M a t c h e si n t e r f a c e sE t h e r n e t 1 ,E t h e r n e t 5 ,E t h e r n e t 6 ,. . .E t h e r n e t 1 0 ,
a n dp o r t 2o nt h es p e c i f i e ds w i t c h .
m a t c hs w i t c hT o R 1 1
M a t c h e st h es w i t c hw i t ht h ea l i a s' T o R 1 1 '
Associate tags with interface rule Command Mode: config-tenant-def-onv-if-rule mode Command Syntax: m a t c ht a g s< t a g s > Command Description: Associate a tag or list of tags with this interface-rule. If a list of tags is given all tags need to match. Command Examples:
m a t c ht a g sc o m . b s . t e n a n t = C u s t o m e r A
M a t c h e sd e v i c e st h a tm a t c ht h eg i v e nt a g .
m a t c ht a g sc o m . b s . t e n a n t = C u s t o m e r A , c o m . e x a m p l e . t y p e = r o u t e r
M a t c h e sd e v i c e st h a tm a t c h* a l l *o ft h eg i v e nt a g s .
Associate vlans with interface rule Command Mode: config-tenant-def-onv-if-rule mode Command Syntax: m a t c hv l a n s< V l a nn u m b e r( 0 4 0 9 6 )o rr a n g e ,o rl i s t > Command Description: Associate a vlan (or list or range) with this interface rule. Command Examples:
m a t c hv l a n s4 2
M a t c hp a c k e t si nV L A N4 2
Describe priority for interface rule Command Mode: config-tenant-def-onv-if-rule mode Command Syntax: [ n o ]p r i o r i t y Command Description: The priority of this interface-rule. Higher numeric values represent higher priority. The highest priority interface-rule that matches a given packet will be choosen. Command Examples:
A s s i g nap r i o r i t yt ot h i si n t e r f a c er u l e
Describe onv origin Command Mode: config-tenant-def-onv mode Command Syntax: [ n o ]o r i g i n< o r i g i n >
Command Description: Describe the origin of this ONV instance Command Examples:
o r i g i nr e s t
N o t et h a tt h i sO N Vi n s t a n c ew a sc o n f i g u r e dv i aR E S T
Associate address space Command Mode: config-tenant-def-onv mode Command Syntax: [ n o ]u s ea d d r e s s s p a c e< a d d r e s s s p a c e > Command Description: Associate this ONV with the specified address-space. Command Examples:
u s ea d d r e s s s p a c ea d d r e s s s p a c e 1
C h a n g et h ea s s o c i a t i o no ft h i sO N Vf r o m' d e f a u l t 't o' a d d r e s s s p a c e 1 ' .
n oa d d r e s s s p a c ea d d r e s s s p a c e 1
R e m o v et h ea d d r e s ss p a c ea s s o c i a t i o nf o rt h i sO N V .
====Enter interface-rule submode, configure onv

details = = = =
Command Mode: config-tenant-def-onv mode Command Syntax: [ n o ]i n t e r f a c e r u l e< r u l e > Command Description: Set a ONV interface rule and enter submode. Devices are assigned into ONV based on interface-rules. Command Examples:
i n t e r f a c e r u l em y r u l e 1
D e f i n ean e wi n t e r f a c er u l e ,a n de n t e ri t sc o n f i g u r a t i o ns u b m o d e
n oi n t e r f a c e r u l em y r u l e 1
D e l e t ea ni n t e r f a c er u l eb yn a m e
Set onv priority Command Mode: config-tenant-def-onv mode Command Syntax: [ n o ]p r i o r i t y Command Description: Assign a priority to this ONV instance Command Examples:
W i t h i nao n vd e f i n i t i o n ,a s s i g nas p e c i f i cp r i o r i t yt ot h i si n s t a n c e
Controller-node Commands
Enter configuration submode for controller-nodes Command Mode: config mode Command Syntax: c o n t r o l l e r n o d e Command Description: Enter a submode to configure the settings for the controller node. Next Keyword Descriptions: id: Specify the name of one of the nodes in the controller cluster. Command Examples:
c o n t r o l l e r n o d el o c a l h o s t
E n t e rc o n f i g u r a t i o ns u b m o d ef o rt h ec u r r e n tc o n t r o l l e r
c o n t r o l l e r n o d e3 9 d f 9 a 3 0 0 c e 7 4 2 3 b 9 8 b a 8 6 d 5 4 3 a e c f 0 5
E n t e rc o n f i g u r a t i o ns u b m o d ef o ras p e c i f i c( p o s s i b l yr e m o t e )c o n t r o l l e r
Set clock Command Mode: config-controller mode Command Syntax: c l o c ks e t< t i m e >< d a y o f m o n t h >{ J a n u a r y|F e b r u a r y|M a r c h|A p r i l
|M a y|J u n e|J u l y|A u g u s t|S e p t e m b e r|O c t o b e r|N o v e m b e r|D e c e m b e r }< y e a r >
Command Description: Configure the clock for a controller instance. Within the controller-node configuration sub-mode, the user can configure set the clock. When operating in HA mode with multiple controllers, setting the clock of the controllers to different values will have an effect on database reconciliation. Since time stamps are used to determine which of the shared items are more up-to-date, if the time between controllers is very skewed, the any database updates applied may or may no
be aplied correctly. It is better to try to deal with time skew in the multiple controller enviromenment by using ntpdate. Command Examples:
c l o c ks e t1 7 : 3 0 : 0 01J a n u a r y1 9 7 0
S e tt h ec l o c km a n u a l l y
Configure time zone Command Mode: config-controller mode Command Syntax: [ n o ]c l o c kt i m e z o n e< t i m e z o n e > Command Description: Configure the timezone for a controller instance's clock. Within the controller-node configuration sub-mode, the user can configure the local timezone for the node. Command Examples:
c l o c kt i m e z o n eA m e r i c a / L o s _ A n g e l e s
C o n f i g u r eas p e c i f i ct i m e z o n ef o rt h i sc o n t r o l l e r
n oc l o c kt i m e z o n e
R e m o v ea n yt i m e z o n es e t t i n g ;t h ed e f a u l ti st ou s eU T C .
Associate dns, default gateway with the controller node Command Mode: config-controller mode
Command Syntax: [ n o ]i p{ d o m a i n{ l o o k u p|n a m e< d o m a i n n a m e > }|{ n a m e s e r v e r }| d e f a u l t g a t e w a y< d e f a u l t g a t e w a y > } Command Description: Configure the IP-related settings of the controller node. Next Keyword Descriptions: domain-lookups-enabled: Configure whether or not DNS lookups are enabled on the controller node. name <domain-name>: Specify the default domain name for the controller. name-server <ip>: Specify the IP address of the DNS server. default-gateway <default-gateway>: Specify the IP address of the default gateway. Attach alias to controller Command Mode: config-controller mode Command Syntax: c o n t r o l l e r a l i a s< a l i a s > Command Description: Configure an alias for the controller node. Next Keyword Descriptions: alias: Specify the name of the alias for the controller node. Enter interface submode, configure controller interface Command Mode: config-controller mode Command Syntax: [ n o ]i n t e r f a c e Command Description: Enter a submode to configure a network interface of the controller node. Next Keyword Descriptions: Ethernet: Specify the type of the network interface, e.g. Ethernet. number: Specify the number of the network interface. Configure firewall rule for controller-node
Command Mode: config-controller-if mode Command Syntax: [ n o ]f i r e w a l la l l o w[ f r o m< s r c i p > ][ l o c a l i p< v r r p i p > ]{ { o p e n f l o w |w e b|s s h|s s l }|{ u d p|t c p }{ { o p e n f l o w|w e b|s s h|s s l }| }|v r r p } Command Description: Configure a firewall rule to allow traffic to the specified port number and protocol (tcp, udp, or vrrp) of the controller node. Next Keyword Descriptions: web: The 'web' keyword identifies port 80. This is not only the typical web interface, but also the port for REST API requests. udp: By selecting the 'udp' keyword, the matched ip protocol is udp. A port number must be included for this selection. from <src-ip>: Associate the firewall rule with a specific source ip address. The rule will apply only to ip frames with this originating ip address. openflow: The 'openflow' keyword identifies port 6633. local-ip <vrrp-ip>: Associate the firewall rule with a specific destination ip address. The rule will apply only to ip frames for this destination ip address. tcp: By selecting the 'tcp' keyword, the matched ip protocol is tcp. A port number must be included for this selection. ssl: The 'ssl' keyword identifies port 443. vrrp: ssh: The 'ssh' keyword identified port 22. allow: The 'allow' keyword configures a firewall rule which describes a match condition for traffic. When the condition is satisfied, the traffic is allowed. port: Specify the port to which traffic is allowed in the firewall rule. The port can be an explicit port number or one of the following named ports: 'openflow' (port 6633), 'web' (port 80), 'ssl' (port 443) or 'ssh' (port 22). Associate ip address with interface Command Mode: config-controller-if mode
Command Syntax: [ n o ]i p{ a d d r e s s{ < n e t m a s k >|< c i d r a d d r e s s > }|m o d e { d h c p|s t a t i c }} Command Description: Configure the IP-related settings of the controller node. Next Keyword Descriptions: ip: Specify the statically-configured IP address of the controller node (e.g. 192.168.1.1). netmask: Specify the statically-configured IP netmask of the controller node (e.g. 255.255.255.0). static: Specify the mode for configuring the IP address, either 'static' to specify an explicit IP address or 'dhcp' to obtain the IP address from a DHCP server. cidr: Specify the statically-configured CIDR address of the controller node (e.g. 192.168.1.1/24). dhcp: Configure logging (syslog) for controller-node Command Mode: config-controller mode Command Syntax: l o g g i n g{ o n|s e r v e r< s e r v e r i p o r d o m a i n >[ l e v e l{ e m e r g|a l e r t| c r i t|e r r|w a r n i n g|n o t i c e|i n f o|d e b u g|0|1|2|3|4|5|6|7 } ] } Command Description: The controller-node logging command allows configuration of outgoing syslog messages associated with the current controller Next Keyword Descriptions: info: The logging level allows configuration of the syslog logging level. The keywords provided directly map to the syslog levels, although the command keywords are abbreviated versions of the typical syslog levels. 1: notice: err: 0: alert: logging-enabled: Using the 'on' keyword in this command enables syslog logging. debug: 3: emerg: 5:
4: 7: 6: crit: 2: server: The 'server' keyword prefixes the ip address of the syslog server. warning: Command Examples:
l o g g i n go n
E n a b l el o g g i n g
n ol o g g i n go n
D i s a b l el o g g i n g
l o g g i n gs e r v e r1 . 2 . 3 . 4
S e n ds y s l o gr e c o r d st oas p e c i f i cs e r v e ro rd o m a i nn a m e
l o g g i n gs e r v e r1 . 2 . 2 . 4l e v e lw a r n i n g
S e n ds y s l o gm e s s a g e sa tas p e c i f i cl e v e l( n u m e r i co rs y m b o l i c )
n ol o g g i n gs e r v e r1 . 2 . 3 . 4
Configure ntp for controller-node Command Mode: config-controller mode Command Syntax: [ n o ]n t ps e r v e r< n t p s e r v e r > Command Description: Configure the NTP server for the controller node. Next Keyword Descriptions: server <ntp-server>: Specify the host name or ip address of the NTP server. Command Examples:
n t ps e r v e r1 . 2 . 3 . 4
S e tt h eN T Ps e r v e ra d d r e s s
n on t ps e r v e r
D i s a b l et h eN T Ps e r v e r
Feature Commands
Enable features for controller Command Mode: config mode Command Syntax: [ n o ]f e a t u r e{ o n v|f l o w p u s h e r|p e r f o r m a n c e m o n i t o r } Command Description: Enable a named feature for the controller image Next Keyword Descriptions: onv: Configure this controller as a ONV
flow-pusher: Enable the static flow pusher feature performance-monitor: Configure the performance monitoring feature for this controller Command Examples:
f e a t u r eo n v
E n a b l et h eO N Vf e a t u r e
n of e a t u r eo n v
D i s a b l et h eO N Vf e a t u r e
Ha Commands
Configure high availability Command Mode: config mode Command Syntax: [ n o ]h a{ c l u s t e r n u m b e r< c l u s t e r n u m b e r > } Command Description: Configure parameters for the VRRP protocol Next Keyword Descriptions: cluster-number <cluster-number>: Command Examples:
h ac l u s t e r n u m b e r4 2
S e tt h ec l u s t e rn u m b e r( V R R Pr o u t e rI D )
n oh ac l u s t e r n u m b e r
R e s e tt h eV R R Pr o u t e rI Dt ot h ed e f a u l t( ' 1 ' )
Version Commands
Move to a specific version of command syntax Command Mode: config mode Command Syntax: v e r s i o n< v e r s i o n > Command Description: Switch to a specific version of command syntax. This command is reserved for future use (there are currently no alternate versions). Command Examples:
v e r s i o nX Y Z
S w i t c ht ov e r s i o nX Y Z .
Forwarding Commands
Configure forwarding service properties Command Mode: config mode Command Syntax: f o r w a r d i n g{ a c c e s s p r i o r i t y< a c c e s s p r i o r i t y >|c o r e p r i o r i t y< c o r e p r i o r i t y > } Command Description: The forwarding command configures attributes associated with the forwarding service.
Next Keyword Descriptions: core-priority: This attribute set the proprity for flows created by the forwarding service on a core switch access-priority: This attribute sets the proprity for flows created by the forwarding service on an access switch Command Examples:
f o r w a r d i n gc o r e p r i o r i t y1 0 0
T os e tp r i o r i t yf o rf o r w a r d i n gf l o w m o d so nc o r es w i t c h e st o1 0 0 ,u s e :
f o r w a r d i n ga c c e s s p r i o r i t y1 0 0
T os e tp r i o r i t yf o rf o r w a r d i n gf l o w m o d so na c c e s ss w i t c h e st o1 0 0 ,u s e :
Host Commands
Host submode, configure host details Command Mode: config mode Command Syntax: [ n o ]h o s t[ a d d r e s s s p a c e< a d d r e s s s p a c e > ][ v l a n< v l a n > ]< m a c > Command Description: The host command enters a submode which allows configuration for the identified device. The command's parameters identify a unique device, which may require the use of the optional address-space and vlan parameters. The identified device does not currently need to be known to the controller, providing for pre-configuraion of hosts. Various host configuration within the submode includes host-alias, and host security associations. If completion is requested for the hosts, the resulting entries shown are the collection of currently known hosts, and the collection of configured hosts.
The mac address identifying the specific host is case insensitive. The 'no' variation of the host command will remove all configured details for the identified device. If a 'show host' is issued afterwards, the host will still appear if the controller has any operational state assocaited with the host. Next Keyword Descriptions: address-space <address-space>: The optional address-space association for host allows the identified mac to be bound to a specific isolated address space. When this optional parameter is not included, the mac is associated with the address-space named 'default'. vlan <vlan>: The optional vlan parameter allows the identified mac address to be associated with a specific vlan. When this optional parameter isn't included, no vlan is associated with the mac. Currently, the vlan may only be associated with a mac for the associated address-space 'default'. Command Examples:
h o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1
D e f i n eah o s tw i t has p e c i f i cM A C ,a n de n t e ri t sc o n f i g u r a t i o ns u b m o d e
n oh o s t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1
D e l e t ead e f i n i t i o nf o ras p e c i f i ch o s t
h o s ta d d r e s s s p a c ed e f a u l t0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2
D e f i n eah o s ta n db i n di tt oas p e c i f i ca d d r e s ss p a c e
h o s tv l a n4 20 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 3
D e f i n eah o s ta n db i n di tt oas p e c i f i cV L A N .
N o t eh e r et h a tV L A Na s s o c i a t i o n sa r eo n l yv a l i dw i t ht h e' d e f a u l t 'a d d r e s ss p a c e .
Attach alias to host Command Mode: config-host mode Command Syntax: [ n o ]h o s t a l i a s Command Description: The host-alias command allows associating a more identifiable name with the host identified by entering the host submode. Host aliases must start with an alphabetic character, and can continue with alphanumerics, '_', or '-'. The maximum length of a host alias is 255 characters. Once an alias is associated with a host, various show commands will provide the alias along with, or instead of the mac address to identify the host. Command Examples:
h o s t a l i a sm y m a c b o o k
A s s o c i a t eaf r i e n d l yn a m ew i t ht h ec u r r e n th o s td e f i n i t i o n
n oh o s t a l i a sm y m a c b o o k
R e m o v eah o s t n a m ea s s o c i a t i o nf r o mt h i sh o s t
Configure security policies for host Command Mode: config-host mode
Command Syntax: [ n o ]s e c u r i t yp o l i c yb i n d{ i p a d d r e s s|a t t a c h m e n t p o i n t{ a l l|< s w i t c hd p i do ra l i a s > } } Command Description: The security command within the host submode is used to bind ip address and attachment points for the hosts identified by the submode. What a host is presented to the controller, the attachment point of the host is also identified. When the security command is used to constrain the attachment point, the controller can use the configured details to choose whether it will allow the host to join the network. When an ip address is bound to the host, no other host may use the indicated ip address. This is implemented by snooping arp's and the dhcp protocol. It is still possible for the host to send frames with spoofed src ip address, but the destination will not be able to reply to these frames. Next Keyword Descriptions: attachment-point: The attachment point portion is intended to identify the switch or interface name, otherwise the host cannot transmit or receive network traffic. if-name-regex: This field is a regular expression, which is used to match against an interface name associated with the switch. bind: The bind keywork of the security policy command is used to configure various associations restricting the behavior of the host. dpid: The switch is part of the attachment point description. This can be a switch dpid, or an alias identifying a single switch. policy: The policy keyword is used to configure security policies associated with this host. ip-address <ip-address>: This identifies an ip address, it will prevent other host's from using any other ip address. Command Examples:
s e c u r i t yp o l i c yb i n di p a d d r e s s1 0 . 1 0 . 1 0 . 1
W h e nt h eh o s ts e n d sa n yi pf r a m e s ,t h es r ca d d r e s s
o ft h e s ef r a m e sm u s tb e1 0 . 1 0 . 1 0 . 1 .
n os e c u r i t yp o l i c yb i n di p a d d r e s s1 0 . 1 0 . 1 0 . 1
R e m o v eas o u r c e a d d r e s sb i n d i n gr e q u i r e m e n tf o rt h i sh o s t
s e c u r i t yp o l i c yb i n da t t a c h m e n t p o i n tn t g r 7 3 2 8 3
T h eh o s ti d e n t i f i e db yt h i ss u b m o d ec a no n l ys e n d
a n dr e c e i v et r a f f i cw h e ni ta t t a c h e dt ot h i ss w i t c h .
n os e c u r i t yp o l i c yb i n da t t a c h m e n t p o i n tn t g r 7 3 2 8 3
R e m o v ea na t t a c h m e n tp o i n tr e q u i r e m e n tf o rt h i sh o s t
s e c u r i t yp o l i c yb i n da t t a c h m e n t p o i n tn t g r 7 3 2 8 31 2
T h eh o s ti d e n t i f i e db yt h i ss u b m o d ec a no n l ys e n d
a n dr e c e i v et r a f f i cw h e ni ta t t a c h e dt ot h i ss w i t c ha n d
i n t e r f a c en a m e d' 1 2 '
n os e c u r i t yp o l i c yb i n da t t a c h m e n t p o i n tn t g r 7 3 2 8 31 2
R e m o v ea na t t a c h m e n tp o i n t / i n t e r f a c er e q u i r e m e n tf o rt h i sh o s t
Snmp-server Commands
Smnp configuration, enable server, configure parameters
Command Mode: config mode Command Syntax: s n m p s e r v e r{ e n a b l e|c o m m u n i t yr o< c o m m u n i t y >|l o c a t i o n< l o c a t i o n > |c o n t a c t< c o n t a c t > } Command Description: Configure this device to respond to SNMP queries. Configure SNMP protocol parameters, and configure how responses to SNMP queries are composed. Next Keyword Descriptions: enable: Enable this device for responding to SNMP. Use the 'no' version of this command to disable SNMP features. location: Configure this device's location via the sysLocation SNMP MIB. Reset the location to the system default with the 'no' version of this command. community: Configure the community string for simple read-only SNMP client authentication. Reset the community string (default empty) with the 'no' version of this command. contact: Configure the adminstrative contact record (the SNMP sysContact MIB) for this device. Reset the contact information to system defaults with the 'no' version of this command. Command Examples:
s n m p s e r v e re n a b l e
E n a b l eS N M Ps u p p o r t .
n os n m p s e r v e re n a b l e
D i s a b l eS N M Ps u p p o r t .
s n m p s e r v e rc o m m u n i t yr oM Y S N M P
S e tt h ec o m m u n i t ys t r i n g( f o ra u t h e n t i c a t i n gt ot h i sS N M Ps e r v i c e )
t o" M Y S N M P "
n os n m p s e r v e rc o m m u n i t y
R e s e tt h ec o m m u n i t ys t r i n gt od e f a u l t( t h ee m p t ys t r i n g )
s n m p s e r v e rl o c a t i o ns n m p . e x a m p l e . c o m
S e tt h es e r v e rl o c a t i o nr e p o r t e dd u r i n gS N M Pq u e r i e s .
n os n m p s e r v e rl o c a t i o n
R e s e tt ot h es y s t e md e f a u l ts e r v e rl o c a t i o n .
s n m p s e r v e rc o n t a c ta d m i n @ e x a m p l e . c o m
S e tt h ea d m i n i s t r a t i v ec o n t a c tr e p o r t e dd u r i n gS N M Pq u e r i e s .
n os n m p s e r v e rc o n t a c t
R e s e tt ot h es y s t e md e f a u l ta d m i n i s t r a t i v ec o n t a c ts e t t i n g .
Switch Commands
Enter switch submode, configure switch details Command Mode: config mode Command Syntax: [ n o ]s w i t c h< d p i d > Command Description: The switch command enters the switch submode for a single identified switch. Within the submode, various configuraion can be performed on the switch, including setting the switch-alias, enable or disabling the tunnel features. The 'no' variation of the switch command will not remove swtich's currently connected to the controller, instead it will remove any user configured details of the identified switch. Command Examples:
s w i t c h0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1
D e f i n ean e ws w i t c h ,a n de n t e rt h es w i t c hc o n f i g u r a t i o ns u b m o d e
n os w i t c h0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1
D e l e t eas w i t c hd e f i n i t i o n
Set actions for this flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]a c t i o n s< a c t i o n s > Next Keyword Descriptions: actions: Set flow active
Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]a c t i v e{ T r u e|F a l s e } Command Description: Enable or disable this flow entry Next Keyword Descriptions: False: Make this flow entry inactive True: Make this flow entry active Command Examples:
a c t i v eT r u e
M a k ea c t i v e
a c t i v eF a l s e
M a k ei n a c t i v e
Associate cookie for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]c o o k i e< c o o k i e > Command Description: Assign a cookie value (32-bit integer) to the flow entry Command Examples:
c o o k i e4 2
A s s i g nac o o k i ev a l u et ot h i se n t r y
Configure dst-ip match for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]d s t i p{ |< c i d r r a n g e > } Command Description: Associate a destination IP address with this flow entry Next Keyword Descriptions: dst-ip: Enter an IP address or CIDR address range Command Examples:
d s t i p1 . 2 . 3 . 4
A s s o c i a t eas p e c i f i ch o s ta d d r e s sw i t ht h i sf l o we n t r y
d s t i p1 . 2 . 3 . 4 / 2 4
A s s o c i a t ead e s t i n a t i o na d d r e s sr a n g ew i t ht h i sf l o we n t r y
Configure dst-mac match for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]d s t m a c< d s t m a c > Command Description: Associate a destination MAC address with this flow entry Next Keyword Descriptions:
dst-mac: Enter a MAC address or host alias Command Examples:

d s t m a c0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1
A s s o c i a t eah o s tb yM A Ca d d r e s s
d s t m a cm y c o m p u t e r
A s s o c i a t eah o s ta l i a sw i t ht h i sf l o we n t r y
Configure dst-port match for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]d s t p o r t{ < d s t p o r t >|{ h t t p|d n s|h t t p s|s s h }} Command Description: Associate a TCP or UDP port with this flow entry Next Keyword Descriptions: dst-port: Enter a TCP or UDP port number, or well-known service name Command Examples:
d s t p o r t8 0
A s s o c i a t eap o r tb yn u m b e r
d s t p o r th t t p s
A s s o c i a t eap o r tb ys e r v i c en a m e
Configure ether-type match for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]e t h e r t y p e{ < e t h e r t y p e >|{ a r p|l l d p|8 0 2 . 1 Q|i p|m p l s| r a r p|m p l s m c|a p p l e t a l k a a r p|i p v 6|n o v e l l|i p x }} Command Description: Match flow entries by ether type Next Keyword Descriptions: ether-type: Specify an ether by by number or by alias Command Examples:
e t h e r t y p e0 x 8 8 a 2
M a t c hA O Ef r a m e s
e t h e r t y p ea r p
M a t c hA R Pf r a m e s
Set hard-timeout for this flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]h a r d t i m e o u t< h a r d t i m e o u t >
Command Description: Associate a hard timeout with this flow entry Next Keyword Descriptions: hard-timeout: Specify a timeout in seconds Command Examples:
h a r d t i m e o u t3 0
T i m eo u tt h i sf l o wa f t e r3 0 s
Set idle-timout for this flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]i d l e t i m e o u t Command Description: Set an idle timeout for this flow entry Next Keyword Descriptions: idle-timeout: Specify a timeout value in seconds Command Examples:
i d l e t i m e o u t3 0
S e tt h ei d l et i m e o u tf o r3 0s e c o n d s
Configure wildcards for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]i n g r e s s p o r t
Command Description: Associate an OF ingress port with this flow entry Next Keyword Descriptions: ingress-port: Specify an OF ingress port (16-bit number) Command Examples:
i n g r e s s p o r t3 2
A s s i c i a t ea ni n g r e s sp o r tb yn u m b e r
Set priority of the flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]p r i o r i t y Command Description: Assign a priority to this flow entry Next Keyword Descriptions: priority: Specify the priority as a 16-bit integer Command Examples:
p r i o r i t y1 0 0 0
G i v et h i sf l o we n t r yaf i x e dp r i o r i t y
Configure ether-type match for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]p r o t o c o l Command Description: Associate a specific prototype type to this flow entry
Next Keyword Descriptions: protocol: Specify a protocol by number Command Examples:

p r o t o t o l1 7
A s s o c i a t eT C Pp a c k e t sw i t ht h i sf l o we n t r y
Configure src-ip match for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]s r c i p{ |< c i d r r a n g e > } Command Description: Associate a source IP address or range with this flow entry Next Keyword Descriptions: src-ip: Specify an IP address or address range Command Examples:
s r c i p1 . 2 . 3 . 4
M a t c has p e c i f i ca d d r e s s
s r c i p1 . 2 . 3 . 4 / 2 3
M a t c ha nI Pa d d r e s sr a n g e
Configure src-mac match for flow
Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]s r c m a c< s r c m a c > Command Description: Associate a source MAC address with this flow entry Next Keyword Descriptions: src-mac: Specify a MAC address or host alias Command Examples:
s r c m a c0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2
S p e c i f yah o s tb yM A Ca d d r e s s
s r c m a cm y s e r v e r
S p e c i f yah o s tb ya l i a s
Configure src-port match for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]s r c p o r t{ < s r c p o r t >|{ h t t p|d n s|h t t p s|s s h }} Command Description: Associate a source TCP or UDP port with this flow entry Next Keyword Descriptions: src-port: Specify a TCP or UDP port by number or service name Command Examples:
s r c p o r t1 1 9
A s s o c i a t eap o r tb yn u m b e r
s r c p o r tf t p d a t a
A s s o c i a t eap o r tb ys e r v i c en a m e
Configure ether-type match for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]t o s b i t s< t o s b i t s > Command Description: Associate packets with this flow entry by TOS bits Next Keyword Descriptions: tos-bits: Specify TOS bits as a numeric mask Command Examples:
t o s b i t s6
M a t c hs p e c i f i cT O Sb i t s
Configure vlan-id match for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]v l a n i d< v l a n i d >
Command Description: Match packets to this flow entry with a specific VLAN id Next Keyword Descriptions: vlan-id: Specify a VLAN id (12-bit integer) Command Examples:
v l a n i d1 0
M a t c has p e c i f i cV L A Ni d
Configure vlan-priority match for flow Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]v l a n p r i o r i t y< v l a n p r i o r i t y > Command Description: Match packets with a specific VLAN priority field Next Keyword Descriptions: vlan-priority: Specify a priority field as a 3-bit integer Command Examples:
v l a n p r i o r i t y4
M a t c hp a c k e t sw i t hb yp r i o r i t yf i e l d( i nt h eV L A Nh e a d e r )
Configure wildcards for flow
Command Mode: config-switch-flow-entry mode Command Syntax: [ n o ]w i l d c a r d s< w i l d c a r d s > Command Description: Associate a wildcard value with this flow entry Next Keyword Descriptions: wildcards: Specify a wildcard value (32-bit integer) Command Examples:
w i l d c a r d s1 0 0 0
A s s o c i a t eaw i l d c a r dv a l u ew i t ht h ec u r r e n t l y d e f i n e df l o we n t r y
Enter flow-entry submode, configure single static flow entry Command Mode: config-switch mode Command Syntax: [ n o ]f l o w e n t r y< n a m e > Command Description: Define a flow-entry and enter its configuration sub-mode Command Examples:
f l o w e n t r ye x a m p l e 1
D e f i n ean e wf l o we n t r y
n of l o w e n t r ye x a m p l e 1
D e l e t eaf l o we n t r yb yn a m e
Configure interface as connected to an external network Command Mode: config-switch-if mode Command Syntax: [ n o ]s w i t c h p o r tm o d e Command Description: Configure this interface to connect to an external network Command Examples:
s w i t c h p o r tm o d ee x t e r n a l
W i t h i nas w i t c hi n t e r f a c ed e f i n i t o n ,c o n f i g u r et h i si n t e r f a c et ob e
c o n n e c t e dt oa ne x t e r n a ln e t w o r k
n os w i t c h p o r tm o d ee x t e r n a l
R e m o v et h ee x t e r n a lc o n n e c t i o na t t r i b u t ef o rt h i si n t e r f a c e
Enable core-switch property for this switch Command Mode: config-switch mode Command Syntax: [ n o ]c o r e s w i t c h Command Description: This switch is a core switch. Command Examples:
c o r e s w i t c h
C o n f i g u r et h ec u r r e n t l y c o n f i g u r e ds w i t c ha sac o r es w i t c h
n oc o r e s w i t c h
R e m o v et h ec o r e s w i t c hp r o p e r t y
Enter switch-if submode, configure switch interface Command Mode: config-switch mode Command Syntax: [ n o ]i n t e r f a c e< n a m e > Command Description: Specify a switch interface by name, and enter its configuration sub-mode Command Examples:
i n t e r f a c eE t h e r n e t 1
C o n f i g u r eas p e c i f i cp o r to nt h i ss w i t c h
n oi n t e r f a c eE t h e r n e t 1
D e l e t eas w i t c hi n t e r f a c ec o n f i g u r a t i o n
Attach alias to switch interface Command Mode: config-switch-if mode Command Syntax: [ n o ]i n t e r f a c e a l i a s Command Description: Configure an alias for this switch interface. Command Examples:
i n t e r f a c e a l i a sd e f i n t f
A s s i g na na l i a st ot h i ss w i t c hi n t e r f a c e
n oi n t e r f a c e a l i a sd e f i n t f
R e m o v ea na l i a sf o rt h i ss w i t c hi n t e r f a c e
Attach alias to switch Command Mode: config-switch mode Command Syntax: [ n o ]s w i t c h a l i a s Command Description: Assign an alias to this switch Command Examples:
a l i a ss w i t c h 1
A t t a c han a m et ot h i ss w i t c h
n oa l i a ss w i t c h 1
R e m o v eas w i t c ha l i a s
Enable/disable tunnel creation for this switch Command Mode: config-switch mode Command Syntax: t u n n e lt e r m i n a t i o n{ e n a b l e d|d i s a b l e d } Command Description: Configure tunnel attributes for this switch Command Examples:
t u n n e lt e r m i n a t i o ne n a b l e d
E n a b l et u n n e lt e r m i n a t i o nf o rt h i ss w i t c h
t u n n e lt e r m i n a t i o nd i s a b l e d
D i s a b l et u n n e lt e r m i n a t i o nf o rt h i ss w i t c h
n ot u n n e lt e r m i n a t i o n
D i s a b l et u n n e lt e r m i n a t i o nf o rt h i ss w i t c h
Aaa Commands
Configure accounting parameters Command Mode: config mode Command Syntax: a a aa c c o u n t i n ge x e cd e f a u l t{ n o n e|s t a r t s t o pg r o u pt a c a c s + } Command Description: Configure accounting (logging for user CLI events). Accounting is configured for a specific role, via a specific channel, for specific events, using one or more accounting services.
Next Keyword Descriptions: tacacs+: Configure the currently-defined TACACS+ servers (the 'tacacs+' group) as an accounting service. none: Disable accounting services for this role and channel. Note that local (/var/log) accounting is always enabled. start-stop: Configure accounting services to record 'start' (login) and 'stop' (logout) events. group: Configure accounting services to use a specific group of accounting servers. exec: Configure accounting services for exec mode (CLI access). default: Configure authorization sources while connecting via the default channel (currently SSH). Reset the authorization sources (currently to 'local' only) with the 'no' version of this command. Command Examples:
a a aa c c o u n t i n ge x e cd e f a u l tn o n e
T u r no f fa c c o u n t i n gs e r v i c e sf o rS S HC L Ia c c e s s e s .
T h en a t i v e( / v a r / l o g )a c c o u n t i n gc a n n o tb ed i s a b l e d .
n oa a aa c c o u n t i n ge x e cd e f a u l t
R e s e tt h ea c c o u n t i n gs e r v i c e sf o rS S HC L Ia c c e s s e st od e f a u l t s .
T h i sd i s a b l e sa l la c c o u n t i n gs e r v i c e s ,w i t ht h ee x c e p t i o n
o fn a t i v e( / v a r / l o g )a c c o u n t i n g ,w h i c hi sa l w a y se n a b l e d .
a a aa c c o u n t i n ge x e cd e f a u l ts t a r t s t o pg r o u pt a c a c s +
C o n f i g u r et h ec u r r e n t l y d e f i n e ds e to fT A C A C S +s e r v e r s
a sa na c c o u n t i n gs e r v i c ef o rS S HC L Il o g i na n dl o g o u t .
Tacacs Commands
Tacacs timeout, ip server address Command Mode: config mode Command Syntax: t a c a c ss e r v e r{ t i m e o u t< t i m e o u t >|k e y< k e y >|h o s t[ k e y { < k e y > } ] } Command Description: Configure server and protocol parameters for TACACS+. Specify remote TACACS+ servers, along with protocol timeouts and security settings. TACACS+ specific configuration here is enabled by a corresponding 'aaa' command to enable authentication, authorization, or accounting via the TACACS+ protocol. Next Keyword Descriptions: host <ip>: Configure TACACS+ servers by IP address for aaa roles.Hosts are not active for aaa rules unless the associated 'aaa' command is used. Delete the host with the 'no' form of this command. key: Configure the default TACACS+ protocol key used to secure the communications channel with the TACACS+ server(s). The default key is used if there is no key defined for an individual server. The default key can be reset (to an empty key) with the 'no' form of this command. Specify the TACACS+ encryption key used to communicate with this TACACS+ server. If no key is specified, the global key is used. Reset the per-host key (and fall back to the global key) with the 'no' version of this command. timeout:
Configure the global timeout for communicating with TACACS+ servers. The timeout is specified in seconds. If the timeout expires before the TACACS+ server responds, then the TACACS+ aaa action is considered 'failed', and other methods can be attempted. The server timeout is reset to the system default using the 'no' command prefix. Command Examples:
t a c a c ss e r v e rt i m e o u t5 0
C o n f i g u r et h eg l o b a lT A C A C S +p r o t o c o lt i m e o u tt o5 0 s .
n ot a c a c ss e r v e rt i m e o u t
C o n f i g u r et h ed e f a u l tT A C A C S +p r o t o t o lt i m e o u t .
t a c a c ss e r v e rk e yS E C R E T K E Y
C o n f i g u r et h e( p l a i n t e x t )k e yu s e dt oc o m m u n i c a t ew i t h
t h eT A C A C S +s e r v e r ,i fn ok e yi ss p e c i f i e df o rag i v e ns e r v e r .
n ot a c a c ss e r v e rk e y
R e s e tt h eg l o b a lT A C A C S +s e r v e rk e y .
I fn ok e yi ss p e c i f i e d ,a ne m p t yk e yi sa s s u m e d .
t a c a c ss e r v e rh o s tA A . B B . C C . D D
A d daT A C A C S +s e r v e rw i t ht h es p e c i f i e dI Pa d d r e s s .
n ot a c a c ss e r v e rh o s tA A . B B . C C . D D
D e l e t et h es p e c i f i e dT A C A C S +s e r v e r
t a c a c ss e r v e rh o s tA A . B B . C C . D Dk e yS E C R E T K E Y
S p e c i f ya ne n c r y p t i o nk e yf o rt h i sT A C A C S +s e r v e r .
n ot a c a c ss e r v e rh o s tA A . B B . C C . D Dk e y
R e m o v ea n yk e ya s s o c i a t e dw i t ht h i ss e r v e r ,
a n du s et h eg l o b a lT A C A C S +k e yi n s t e a d .
Tag Commands
Enter tag, configure switch details Command Mode: config mode Command Syntax: [ n o ]t a g Command Description: The tag command enters the tag submode for a single tag-value. The tag-value is composed of a tag and the value assigned to it, tag itself is composed of namespace that the tag belongs to and the tag's name itself. The syntax of tag-value - <namespace>.<name>=<value>. Example of tag-value is - "tenant.name=coke". Within the tag submode, this tag-value can be associated with hosts through match command.
The 'no' variation of the tag command will remove the tag-value and untag the hosts. Command Examples:
t a ge x a m p l e c o m . r o l e = p r i m a r y
D e f i n eat a ga s s o c i a t i o n ,a n de n t e rt h et a gc o n f i g u r a t i o ns u b m o d e
n ot a ge x a m p l e c o m . r o l e = p r i m a r y
R e m o v eat a gd e f i n i t i o n
Set the match rule for this tag Command Mode: config-tag mode Command Syntax: [ n o ]m a t c h[ m a c< m a c > ][ v l a n< v l a n > ][ s w i t c h< d p i d >[ ] ] Command Description: The match command is used to tag hosts. MAC-address, VLAN, switch, switch-port are the fields that can be matched to tag hosts. These fields can be matched individually or in conjunction. For instance, if match is specified to match a MAC-Address, VLAN and switch-port, then the logical host that has that MAC-Address, sending packets tagged with that VLAN and connected to that switch-port is tagged. Whereas, if the match is just on a switch, then all the hosts connected to that switch are tagged. Tag-value can be associated with multiple such match statements, thus tagging hosts that match atleast one of the match statements. The 'no' variation of the match command will remove the match statement and untag all the hosts that were tagged as a result of match on that match statement. Command Examples:
l o c a l h o s t ( c o n f i g ) #t a gt e n a n t . n a m e = c o k e
l o c a l h o s t ( c o n f i g t a g ) #
l o c a l h o s t ( c o n f i g t a g ) #m a t c hm a c0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1
l o c a l h o s t ( c o n f i g t a g ) #
l o c a l h o s t ( c o n f i g t a g ) #m a t c hv l a n2
l o c a l h o s t ( c o n f i g t a g ) #m a t c hs w i t c h0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1
l o c a l h o s t ( c o n f i g t a g ) #m a t c hs w i t c h0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 1e t h 1
l o c a l h o s t ( c o n f i g t a g ) #m a t c hm a c0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2v l a n3
l o c a l h o s t ( c o n f i g t a g ) #m a t c hm a c0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 3s w i t c h0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2
l o c a l h o s t ( c o n f i g t a g ) #m a t c hm a c0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 3s w i t c h0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2e t h 2
l o c a l h o s t ( c o n f i g t a g ) #m a t c hm a c0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 3v l a n3s w i t c h0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 0 2e t h 3
Tech-support-config Commands
Manage command output for show tech-support Command Mode: config mode Command Syntax: [ n o ]t e c h s u p p o r t c o n f i g{ c l i|s h e l l }< c m d > Command Description: This command sets a specific shell or cli command to be included in the show tech-support output. A 'no' prepended to this command will delete the shell/cli command from the show tech-support output. Next Keyword Descriptions: shell: Including the following as a shell command in the tech-support output cli: Include the following as a Cli command in the tech-support output Command Examples:
l o c a l h o s t ( c o n f i g ) #t e c h s u p p o r t c o n f i gs h e l ld a t e
l o c a l h o s t ( c o n f i g ) #
Tenant Commands
Enter tenant definition submode Command Mode: config mode Command Syntax: [ n o ]t e n a n t< n a m e > Command Description: This submode is used to create a named tenant. Within this submode, properties of the tenant can be configured. ONV are configured and managed, which configure the membership of devices. Virtual router is configured and managed, which defines the connectivity within and among tenants. The controller provides a tenant named 'default' to collect devices which are not associated with any tenant. The controller provides a tenant named 'system' to hold system virtual router which is used to define the connectivity among all tenants. The controller provides a tenant named 'external' to hold configuration for external network access. Next Keyword Descriptions: name: Command Examples:
t e n a n tm y f i r s t t e n a n t
D e f i n ean e wt e n a n ti n s t a n c eb yn a m e ,
a n de n t e rt h et e n a n ts u b m o d e
n ot e n a n tm y f i r s t t e n a n t
R e m o v ean a m e dt e n a n t
Set tenant active
Command Mode: config-tenant mode Command Syntax: [ n o ]a c t i v e Command Description: Set the tenant active. If a tenant is inactive the controller will not use it or its rules. Command Examples:
a c t i v e
A c t i v a t et h i st e n a n ti n s t a n c e
n oa c t i v e
D e a c t i v a t et h i st e n a n ti n s t a n c e
Provide description for a tenant instance Command Mode: config-tenant mode Command Syntax: [ n o ]d e s c r i p t i o n< d e s c r i p t i o n > Command Description: Within a tenant definition sub-mode, declare a friendly descriptor for the tenant instance. Command Examples:
d e s c r i p t i o n" t h i si sm yf i r s tt e n a n ti n s t a n c e "
A d dat e x t u a ld e s c r i p t i o nt oat e n a n t
Describe tenant origin
Command Mode: config-tenant mode Command Syntax: [ n o ]o r i g i n< o r i g i n > Set routing rule Command Mode: config-tenant-router mode Command Syntax: [ n o ]r o u t ef r o m{ t e n a n t< s o u r c et e n a n t >[ o n v< s o u r c eo n v > ]|o n v < s o u r c eo n v >|{ < s r c i p >< s r c i p m a s k >|< s r c i p >|< s r c c i d r >|a n yto {tenant <destination tenant> [onv <destination onv>] | onv <destination onv> | {<dst-ip> <dst-ip-mask> | <dst-ip> | <dst-cidr> | any}} [<next hop ip address> | gw-pool <gateway pool name>] [<outgoing interface>] {deny | permit}}} Command Description: This command is used to create a new routing rule for a given tenant virtual router. Next Keyword Descriptions: outgoing-intf: outgoing interface name src-ip-mask: An inverse netmask in dotted decimal notation. gateway-pool: gateway pool name nh-ip: IP address in dotted decimal notation. src-ip: IP address in dotted decimal notation. IP address with prefix length in CIDR format. any: Represents any IP address. dst-ip: dst-ip-mask: Command Examples:
r o u t ef r o mt e n a n tAt ot e n a n tBp e r m i t
c r e a t ear o u t i n gr u l et op e r m i tp a c k e t sf r o mt e n a n tAt ot e n a n tB
n or o u t ef r o mt e n a n tAt ot e n a n tBp e r m i t
r e m o v et h ec r e a t e dr o u t i n gr u l e
Provide description for a virtual router instance Command Mode: config-tenant-router mode Command Syntax: [ n o ]d e s c r i p t i o n< d e s c r i p t i o n > Command Description: Within a tenant virtual router definition sub-mode, declare a friendly descriptor for the virtual router instance. Command Examples:
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r ) #d e s c r i p t i o n" t h i si st h ev i r t u a lr o u t e rf o rt e s t i n g "
A d dat e x t u a ld e s c r i p t i o nt oat e n a n tv i r t u a lr o u t e r
Describe virtual router origin Command Mode: config-tenant-router mode Command Syntax: [ n o ]o r i g i n< o r i g i n > Describe virtual router interface origin Command Mode: config-tenant-router-intf mode Command Syntax: [ n o ]o r i g i n< o r i g i n > Add ip address to the gateway pool Command Mode: config-tenant-router-gw mode Command Syntax: [ n o ]i p Command Description: Add an IP address to a gateway pool Next Keyword Descriptions: ip-address: IP address in dotted decimal notation. Command Examples:
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r g w ) #i p 1 0 . 0 . 1 . 1 / 2 4
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r g w ) #n oi p 1 0 . 0 . 1 . 1 / 2 4
Set virtual router interface active Command Mode: config-tenant-router-intf mode Command Syntax: [ n o ]a c t i v e Command Description: Set the tenant virtual router active. If a tenant virtual router is inactive the controller will not use it or its rules. Command Examples:
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r i n t f ) #a c t i v e
A c t i v a t et h i si n t e r f a c ei n s t a n c e
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r i n t f ) #n oa c t i v e
D e a c t i v a t et h i si n t e r f a c ei n s t a n c e
Set virtual router interface ip address Command Mode: config-tenant-router-intf mode Command Syntax: [ n o ]i p{ < s u b n e t m a s k >|< s r c c i d r > }
Command Description: Associate an IP address and IP subnet with an virtual router interface. Next Keyword Descriptions: subnet-mask: An inverse netmask in dotted decimal notation. ip-address: IP address in dotted decimal notation. IP address with prefix length in CIDR format. Command Examples:
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r i n t f ) #i p 1 0 . 0 . 1 . 1 / 2 4
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r i n t f ) #n oi p 1 0 . 0 . 1 . 1 / 2 4
Enter virtual router definition submode Command Mode: config-tenant mode Command Syntax: [ n o ]r o u t e r< v r n a m e > Command Description: This submode is used to create, then describe the connectivity and routing rules for the named virtual router for a given tenant. Within this submode, properties of the virtual router can be configured. Command Examples:
r o u t e rm y f i r s t r o u t e r
D e f i n ean e wr o u t e ri n s t a n c eb yn a m e ,
a n de n t e rt h et e n a n t r o u t e rs u b m o d e
n or o u t e rm y f i r s t r o u t e r
R e m o v ean a m e dr o u t e r
Enter virtual router gateway pool definition submode Command Mode: config-tenant-router mode Command Syntax: [ n o ]g a t e w a y p o o l< v r g w n a m e > Command Description: This command is used to create a new next hop gateway pool. Any IP address within this gateway pool can be used as a next hop for a routing rule configured with the next hop as this gateway pool. Command Examples:
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r ) #g a t e w a y p o o lp o o l 1
c r e a t eag a t e w a yp o o lp o o l 1
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r ) #n og a t e w a y p o o lp o o l 1
r e m o v et h eg a t e w a yp o o ln a m e dp o o l 1
Enter virtual router interface definition submode Command Mode: config-tenant-router mode Command Syntax: [ n o ]i n t e r f a c e< v r i n a m e >[ o n v< o n v c o n n e c t e d >|t e n a n t< r o u t e r c o n n e c t e d t e n a n t >< r o u t e r c o n n e c t e d > ]
Command Description: This command is used to create a new virtual router interface and connect the named interface to a defined ONV or another virtual router. Next Keyword Descriptions: onv: the 'onv' keyword specifies the named virtual router interface connects to a ONV within the same tenant scope. tenant:
the 'tenant' keyword specifies the named virtual router interface connects to another tenant virtual router. Command Examples:
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r ) #i n t e r f a c ei f 1o n vA 1
c r e a t eav i r t u a lr o u t e ri n t e r f a c ei f 1a n dc o n n e c ti tt oO N VA 1
l o c a l h o s t ( c o n f i g t e n a n t r o u t e r ) #n oi n t e r f a c ei f 1
r e m o v et h en a m e dv i r t u a lr o u t e ri n t e r f a c ei f 1
Topology Commands
Enable features for controller Command Mode: config mode Command Syntax: [ n o ]t o p o l o g y{ a u t o p o r t f a s t } Command Description: The topology command configures attributes associated with the toplogy management of the controller. Next Keyword Descriptions: autoportfast: Command Examples:
t o p o l o g ya u t o p o r t f a s t
E n a b l ea u t o p o r t f a s ta n ds u p p r e s sl i n kd i s c o v e r yo nf a s tp o r t s .
n ot o p o l o g ya u t o p o r t f a s t
D on o ts u p p r e s sl i n kd i s c o v e r yo nf a s tp o r t s .
Vcenter Commands
Enter vcenter submode, configure vcenter details Command Mode: config mode Command Syntax: [ n o ]v c e n t e r< v c e n t e r n a m e > Enable vcenter connect Command Mode: config-vcenter mode Command Syntax: [ n o ]c o n n e c t Enter vcenter-dvs submode, describe port groups Command Mode: config-vcenter mode Command Syntax: [ n o ]d v sd a t a c e n t e r n a m e< d a t a c e n t e r >d v s n a m e< d v s n a m e >[ s w i t c h c l a s s< s w i t c h c l a s s > ]
Associate ip address for vcenter connection Command Mode: config-vcenter mode Command Syntax: i p{ a d d r e s s } Configure vcenter password for login Command Mode: config-vcenter mode Command Syntax: p a s s w o r d Describe dvs portgroup Command Mode: config-vcenter-dvs mode Command Syntax: p o r t g r o u p Associate http port for vcenter connection
Command Mode: config-vcenter mode Command Syntax: p o r t Configure vcenter username for login Command Mode: config-vcenter mode Command Syntax: u s e r n a m e
Arp Commands
Set static arp Command Mode: config mode Command Syntax: [ n o ]a r p< m a c > Command Description: The 'arp' command is used to create static arp <-> ip address bindings. Command Examples:
a r p1 0 . 0 . 0 . 11 1 : 2 2 : 3 3 : 4 4 : 5 5 : 6 6
c r e a t eas t a t i ca r pe n t r y
n oa r p1 0 . 0 . 0 . 11 1 : 2 2 : 3 3 : 4 4 : 5 5 : 6 6
r e m o v eas t a t i ca r pe n t r y
Show Commands
Show Address-space Commands
Show all address spaces Command Mode: login mode Command Syntax: s h o wa d d r e s s s p a c e
Show a specific address space Command Mode: login mode Command Syntax: s h o wa d d r e s s s p a c e{ < a d d r e s s s p a c e n a m e >|a l l }[ { d e t a i l s|b r i e f } ] Command Description: This 'show address-space' command variation is used to identify a specific address-space (the 'all' token provides display for every address-spaceJ), to describe particular operational or configured details. Next Keyword Descriptions: details: The details keyword requests a more verbose version of various show commands. brief: The brief keywork requests a less verbose version of output for various show commands. Show the configured identifier-rules for a specific address space Command Mode: login mode Command Syntax: s h o wa d d r e s s s p a c e{ < a d d r e s s s p a c e n a m e >|a l l }{ i d e n t i f i e r r u l e s } Command Description: The 'identifier-rules' keyword requests the display of the configured identifier-rules for the named adderss-space. The address-space identifier-rules describe the membership rules associated with an address-space.
Show onv-definition Commands

Show all defined onvs belong to current tenant Command Mode: login mode Command Syntax: s h o wo n v Show specific onv, identified by name Command Mode: login mode Command Syntax: s h o wo n v{ < o n v i d >|a l l }[ { d e t a i l s|b r i e f } ] Command Description: This 'show onv <id>' command variation is used to identify a specific onv or ONVs defined under current tenant mode. This 'show onv all' command variation is used to display all ONVs defined across all tenants. Being backward compatible, 'show onv' command under non config-tenant mode is also accepted and displays the ONVs for default tenant only.
Next Keyword Descriptions: details: The details keyword requests a more verbose version of various show commands. brief: The brief keywork requests a less verbose version of output for various show commands. Show onv associated details based on name Command Mode: login mode Command Syntax: s h o wo n v{ < o n v i d >|a l l }{ i n t e r f a c e s|m a c a d d r e s s t a b l e|
i n t e r f a c e r u l e s|a c c e s s l i s t s|r u n n i n g c o n f i g|s w i t c h|f l o w[ { b r i e f|f u l l d e t a i l |d e t a i l s|s u m m a r y } ] }
Command Description: This 'show onv <id>' command variation is used to identify a specific onv or ONVs defined under current tenant mode. This 'show onv all' command variation is used to display all ONVs defined across all tenants. Being backward compatible, 'show onv' command under non config-tenant mode is also accepted and displays the ONVs for default tenant only. Next Keyword Descriptions: access-lists: The 'access-list' keyword requests display of the configured access-lists associated with the onv. The output includes not only the access-list, but a brief descripion of the acl rules associated with the access-list. full-detail: For a few show commands, the 'full-detail' is a request to display more information than the 'defails' keyword. flow: The 'flow' keyword requests the display of all openflow flow-match entries inserted into various switches to implement the onv isolation. brief: The brief keywork requests a less verbose version of output for various show commands. summary: A more terse output format. interface-rules: The 'interface-rules' keyword requests the display of the configured interface-rules for the named onv. The onv interface-rules describe the membership rules associated with a onv. details: The details keyword requests a more verbose version of various show commands.
Show onv-interface-access-list Commands

Show access-group details
Command Mode: config-tenant-onv-if mode Command Syntax: s h o wa c c e s s g r o u p
Show onv-access-list Commands

Show onv access lists Command Mode: config-tenant-onv- mode Command Syntax: s h o wa c c e s s l i s t
Show onv-access-list-entry Commands

Show onv access list rules Command Mode: config-tenant-onv mode Command Syntax: s h o wa c c e s s l i s t e n t r y
Show onv-interface Commands

Show onv associated interfaces Command Mode: config-tenant-onv config-tenant-onv-if mode Command Syntax: [ n o ]s h o wi n t e r f a c e s Command Description: Show ONV interfaces associated with this ONV and its state and configuration.
Show Controller-interface Commands

Show controller-node associated interfaces Command Mode: config-controller mode Command Syntax: s h o wi n t e r f a c e s[ t y p e< t y p e > ][ n u m b e r< n u m b e r > ] Command Description: Display all the interfaces associated with the specified controller-node. Next Keyword Descriptions: type <type>: Specify the type of the network interface to show, e.g. Ethernet.
number <number>: Specify the number of the network interface to show.
Show Controller-node Commands

Show controller nodes summaries Command Mode: login mode Command Syntax: s h o wc o n t r o l l e r n o d e Command Description: Show controller-node displays operational details for the identified controller nodes. Among the items displayed are the controller-alias, the HA role, and also a column labeled '@' to identify the controller currently connected to the CLI Show controller-node associated details by name Command Mode: login mode Command Syntax: s h o wc o n t r o l l e r n o d e{ |a l l }[ i n t e r f a c e s|f i r e w a l l|s u m m a r y|
s w i t c h e s|a l i a s ][ { d e t a i l s|b r i e f } ]
Command Description: Show controller node associated information, for example the interfaces or switches related to a controller. Next Keyword Descriptions: all: The 'all' token is used in place of an identifier's value to request every item associated with the command. The 'all' token is reserved, identifiers may not use the 'all' token as their name, no switch-alias or host-alias may be called 'all' firewall: Show the firewall rules for the specified controller node. interfaces: Display all the interfaces associated with the specified controller-node. brief: Specify the detail level for the show command. Value is either 'detail' or 'brief'. summary: Show a summary of the configuration for the specified controller node. switches: Show the switches connected to the specified controller node. alias: Show the alias for the specified controller node. details: id:
Specify the id or alias of the controller node. Show detailed controller-node related statistics Command Mode: login mode Command Syntax: s h o wc o n t r o l l e r n o d e{ |a l l }s t a t s{ c p u u s e r|d i s k r o o t|m e m u s e d|m e m f r e e|c l i c p u|d a t a b a s e c p u|s w a p u s e d|d i s k b o o t|s t a t d c p u|c p u s y s t e m|c p u i d l e|a p a c h e c p u|c p u n i c e|d i s k l o g|f l c p u }[ s t a r t t i m e< s t a r t t i m e > ][ e n d t i m e< e n d t i m e > ][ d u r a t i o n< d u r a t i o n > ][ s a m p l e i n t e r v a l< s a m p l e i n t e r v a l > ] [ s a m p l e c o u n t< s a m p l e c o u n t > ][ s a m p l e w i n d o w< s a m p l e w i n d o w > ][ d a t a f o r m a t{ v a l u e| r a t e } ][ d i s p l a y{ l a t e s t v a l u e|g r a p h|t a b l e } ]
Next Keyword Descriptions: cpu-user: Specify the type of controller stats to show. end-time <end-time>: Specify the end time for displaying the controller stats. all: The 'all' token is used in place of an identifier's value to request every item associated with the command. The 'all' token is reserved, identifiers may not use the 'all' token as their name, no switch-alias or host-alias may be called 'all' cpu-idle: swap-used: database-cpu: latest-value: Show the specified stats as either the latest value, graph or table. table: sample-interval <sample-interval>: Specify the interval between sample points. disk-root: disk-boot: graph: cli-cpu: sample-window <sample-window>: Specify the sample window for showing the stats. The sample window is the number of raw stat values to average around a down-sampled data point. mem-used: mem-free: sample-count <sample-count>: Specify the number of data points to show across the specified time range. start-time <start-time>: Specify the start time for displaying the stats. apache-cpu: cpu-system:
rate: Show either the actual value or the rate of change of the value for the specified stats type. value: duration <duration>: Specify the duration for which to display stats. If this value is specified you should specify either the start-time or end-time but not both. statd-cpu: cpu-nice: disk-log: fl-cpu: f Show statistics for a given controller node Command Mode: login mode Command Syntax: s h o wc o n t r o l l e r n o d e{ |a l l }s t a t s Next Keyword Descriptions: all: The 'all' token is used in place of an identifier's value to request every item associated with the command. The 'all' token is reserved, identifiers may not use the 'all' token as their name, no switch-alias or host-alias may be called 'all' id: Specify the id or alias of the controller node.
Show Config Commands

Show saved configs (ex: startup-config, etc) Command Mode: login mode Command Syntax: s h o wc o n f i g[ < f i r s t >d i f f< s e c o n d >[ < v e r s i o n > ]|< c o n f i g >
[ < v e r s i o n > ] ]
Next Keyword Descriptions: second: Second configuration file selection. version: config: When a single config file is selected, the complete contents of the file is displayed first: When a pair of configuration files are selected, with the 'diff' keyword separating the two files,
this positional parammeter identifies the first of the two config files to diff.
Show Config-file Commands

Show a specific saved config file Command Mode: login mode Command Syntax: s h o wc o n f i g f i l e[ < c o n f i g > ]
Show Event-history Commands

Show recent network or system events Command Mode: login mode Command Syntax: s h o we v e n t h i s t o r y{ t o p o l o g y l i n k|t o p o l o g y s w i t c h|t o p o l o g y c l u s t e r }[ l a s t< c o u n t > ]
Next Keyword Descriptions: last <count>: Limit the output to indicated number of lines topology-switch: topology-link: topology-cluster:
Show External-ports Commands

Show switch ports connected to external l2 networks Command Mode: login mode Command Syntax: s h o we x t e r n a l p o r t s Command Description: The external-ports command displays the set of switch ports connected to external L2 networks.
Show Feature Commands

Show enabled and disabled features Command Mode: login mode
Command Syntax: s h o wf e a t u r e
Show Firewall-rule Commands

Show firewall rules for controller interfaces Command Mode: login mode Command Syntax: s h o wf i r e w a l l r u l e[ c o n t r o l l e r< c o n t r o l l e r > ][ t y p e< t y p e > ][ n u m b e r
< n u m b e r > ][ p o r t ][ p r o t o{ t c p|u d p|v r r p } ][ s r c i p< s r c i p > ][ l o c a l i p< v r r p i p > ]
Next Keyword Descriptions: udp: Filter the show command output by the indicated protocol. local-ip <vrrp-ip>: Select the rules which match this source ip address. src-ip <src-ip>: tcp: type <type>: Filter the show command output by the indicated interface type vrrp: port <port>: Filter the show command output by the indicated filtered port. number <number>: Filter the show command output by the indicated interface number. controller <controller>: Filter the show command output to the indicateed controller.
Show Flow-entry Commands

Show configured static flow-entries Command Mode: login mode Command Syntax: s h o wf l o w e n t r y[ < n a m e > ][ s w i t c h< s w i t c h > ]
Show Global-config Commands

Show high availability configuration Command Mode: login mode Command Syntax: s h o wh a[ d e t a i l s ]
Next Keyword Descriptions: details: The details keyword requests a more verbose version of various show commands.
Show Logging Commands

Show various controller logs Command Mode: login mode Command Syntax: s h o wl o g g i n g[ c o n t r o l l e r{ a l l|< c o n t r o l l e r n o d e > } ]< l o g n a m e > Next Keyword Descriptions: log-name:
Show Running-config Commands

Show the current active configuration Command Mode: login mode Command Syntax: s h o wr u n n i n g c o n f i g[ f e a t u r e|c o n t r o l l e r n o d e[ < w o r d > ]|s w i t c h
[ < w o r d > ]|h o s t[ < w o r d > ]|o n v[ < w o r d > ]|t e n a n t[ < w o r d > ]|s t a t i c a r p|a d d r e s s s p a c e [ < w o r d > ]|f o r w a r d i n g|s n m p|t a c a c s|t a g[ < w o r d > ]|t e c h s u p p o r t|t o p o l o g y ]
Command Description: The 'show running-config' command displays the complete configuration for the controller. When the controller is operating with HA enabled, 'show running-config' displays the configuraion of the HA cluster. The running-config is intended to show the configuration necessary to update a default configuration to the current configuration. The running-config then displays deviations from the default configuration; configuration whice arises from the default configuration will not be shown in the running-config While operating with HA enabled, a replay of the running config will not cause a slave to be (re)configured into HA-enabled if it is not already operating as HA-enabled. Next Keyword Descriptions: onv: The 'onv' keyword filters the running-config output to only display the onv configuration. address-space: The 'address-space' keyword filters the running-config output to only display the address-space related configuration. controller-node: The 'controller-node' keyword filter the running config to only display controller-node
configuration. This includes descriptions for the controller node interfaces, and firewall rules. snmp: The 'snmp' keyword filters the running-config output to only display the snmp configuration. switch: The 'switch' keyword filters the running-config output to only display switch related configuration. feature: The 'feature' keyword filters the running-config output to display the features enabled or disabled which differ from the default features. host: The 'host' keyword filters the running-config output to only display the host related configuration. This includes host aliases, and any host security associations. tag: The 'tag' keyword filters the running-config to only display the tag submode related configuration. Uses of the tag within onv, address-space, or other submodes is not included. tacacs: tech-support: forwarding: static-arp: tenant: topology: Command Examples:
s h o wr u n n i n g c o n f i g
S h o wt h ec o m p l e t er u n n i n g c o n f i g
s h o wr u n n i n g c o n f i gs w t i c h0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 7 3 : 2 8 : 0 3
S h o wt h er u n n i n gc o f i gd e t a i l sf o rap a r t i c u l a rs w i t c h
s w i t c h0 0 : 0 0 : 0 0 : 0 0 : 0 0 : 7 3 : 2 8 : 0 3
s w i t c h a l i a sn t g r 7 3 2 8 3
Show Switch-cluster Commands

Show groups of interconnected openflow switches Command Mode: login mode Command Syntax: s h o ws w i t c h c l u s t e r
Show Tech-support Commands

Show tech-support, collect output of various commands Command Mode: login mode Command Syntax: s h o wt e c h s u p p o r t
Show This Commands

Show the object associated with the current submode Command Mode: config- mode Command Syntax: s h o wt h i s
Show Host Commands

Show host details based on query Command Mode: login mode Command Syntax: s h o wh o s t{ < h o s tm a co ra l i a s >|a d d r e s s s p a c e< a d d r e s ss p a c e >|i p a d d r e s s|s w i t c h< s w i t c hd p i do ra l i a s >|a l l }[ b yl a s t s e e n ][ { d e t a i l s| b r i e f } ]
Command Description: This command variation allows filtering based on the provided mac address. In addition, the hosts can be selected either by the switch of their attachment point, or the host's associated ip address Next Keyword Descriptions: all: The 'all' keyword is a positional parameter replacement which allows additional parameters to be included. 'all' may not be used as a host alias. address-space <address-space>: This positional parameter allows filtering on the address space associated with the hosts. mac: This positional parameter allows filtering on the mac address. last-seen: Order the output by the last seen time of the attachment point brief: The brief keywork requests a less verbose version of output for various show commands. switch <dpid>: The 'switch <dpid>' keyword pair can be used to restrict the hosts displayed by the identified <dpid>. The hosts displayed will all have attachement points associated with the requested <dpid>. If completion is requested after the 'switch' keyword, the list of switches displayed are the switches associated with the active attachment points of the known hosts. details: The details keyword requests a more verbose version of various show commands. ip-address <ipv4>: The 'ip-address <ip-address>' keyword pair can be used to restrict the host's displayed by the ip-address associaited with the currently known hosts. If completion is requested after the ip-address keyword, the list of ip-addresses displayed are the ip-addresses currently associated with the known hosts. by: Show various host related details by query Command Mode: login mode Command Syntax: s h o wh o s t{ < h o s tm a co ra l i a s >|i p a d d r e s s|s w i t c h
< s w i t c hd p i do ra l i a s >|a l l }{ a t t a c h m e n t p o i n t[ b y{ h o s t l a s t s e e n|l a s t s e e n } ] [ { d e t a i l s|b r i e f } ]|i p a d d r e s s[ b y{ h o s t l a s t s e e n|l a s t s e e n } ][ { d e t a i l s|b r i e f } ] |a l i a s }
Command Description: This 'show host' variant allows the selection of particular related host details, for example the attachment point or the ip address. The variant exists to more completely list the host's associated attributes. In the more basic version of the command, these columns may have abbreviated information (displaying only one ip address, for example), to provide a more concise display. Next Keyword Descriptions: attachment-point: all: The 'all' keyword is a positional parameter replacement which allows additional parameters to be included. 'all' may not be used as a host alias. switch <dpid>: The 'switch <dpid>' keyword pair can be used to restrict the hosts displayed by the identified <dpid>. The hosts displayed will all have attachement points associated with the requested <dpid>. If completion is requested after the 'switch' keyword, the list of switches displayed are the switches associated with the active attachment points of the known hosts. host-last-seen: Order the output by the time the host was last seen by the controller brief: The brief keywork requests a less verbose version of output for various show commands. mac: This positional parameter allows filtering on the mac address. alias: details: The details keyword requests a more verbose version of various show commands. ip-address: last-seen: Order the output by the last seen time of the attachment point ip-address <ipv4>: The 'ip-address <ip-address>' keyword pair can be used to restrict the host's displayed by the ip-address associaited with the currently known hosts. If completion is requested after the ip-address keyword, the list of ip-addresses displayed are the ip-addresses currently associated with the known hosts. by:
Show Link Commands
Show links, controller managed switch to switch interfaces Command Mode: login mode Command Syntax: s h o wl i n k
Show Snmp-server-config Commands

Show snmp configuration Command Mode: login mode Command Syntax: s h o ws n m p Command Description: Display operational parameters of this device's SNMP support. Show the configurable parameters for the SNMP MIBs, and show the status of the network firewall (which might be blocking some SNMP requests) Command Examples:
s h o ws n m p
D i s p l a yS N M Po p e r a t i o n a ls t a t e .
Show Switches Commands

Show switch summary Command Mode: login mode Command Syntax: s h o ws w i t c h Command Description: The show switch commands displays operational state for switches currently connected to the controller. Next Keyword Descriptions: switch:
Show realtime stats for switch Command Mode: login mode Command Syntax: s h o ws w i t c h{ < s w i t c hd p i do ra l i a s >|a l l }{ { a g g r e g a t e|f l o w|p o r t |t a b l e|d e s c|q u e u e }[ { d e t a i l s|b r i e f } ]|f e a t u r e s[ { d e t a i l s|b r i e f } ] } Next Keyword Descriptions: all: The 'all' token is used in place of an identifier's value to request every item associated with the command. The 'all' token is reserved, identifiers may not use the 'all' token as their name, no switch-alias or host-alias may be called 'all' features: flow: The flow selection request the controller to query the selected switch for all the flows currently active. brief: The brief keywork requests a less verbose version of output for various show commands. queue: The queue option is a request for the controller to query the indicated switch to acquire the switch queue details The returned value is an association between the interface names, the queue numbers, and some statitics for each of the queues. details: The details keyword requests a more verbose version of various show commands. aggregate: The aggregate option displays aggregated flow statistics. It is a request for the controller to activly query the indicated switch to acquire and display the results. table: The table option is a request for the controller to query the indicated switch, for the switch's table details. The returned values the names of the tables, the size of the tables, and some usage statistics port: The port option is a request for the controller to send to the indicated switch, the reply is the openflow protocol port reply, which lists all the interfaces and provides tx and rx statistics. desc: The desc option is a request for the controller to query the indicated switch. to acquire the switch description. The returned values include the switch model and version, the switch vendor, serial number, and software version currently running. Show stats for selected switch Command Mode: login mode Command Syntax: s h o ws w i t c h< s w i t c hd p i do ra l i a s >s t a t s
Show statistics for a given switch Command Mode: login mode Command Syntax: s h o ws w i t c h< s w i t c hd p i do ra l i a s >s t a t s{ O F A c t i v e F l o w|O F F l o w M o d|
O F P a c k e t I n }[ s t a r t t i m e< s t a r t t i m e > ][ e n d t i m e< e n d t i m e > ][ d u r a t i o n< d u r a t i o n > ] [ s a m p l e i n t e r v a l< s a m p l e i n t e r v a l > ][ s a m p l e c o u n t< s a m p l e c o u n t > ][ s a m p l e w i n d o w < s a m p l e w i n d o w > ][ d a t a f o r m a t{ v a l u e|r a t e } ][ d i s p l a y{ l a t e s t v a l u e|g r a p h|t a b l e } ]
Show interfaces for selected switch Command Mode: login mode Command Syntax: s h o ws w i t c h{ < s w i t c hd p i do ra l i a s >|a l l }{ i n t e r f a c e s[ s t a t s ]
[ a l i a s ]|o n v|a l i a s }[ { d e t a i l s|b r i e f } ]
Next Keyword Descriptions: alias: Interfaces may have aliases assigned to them, this keyword diesplays any aliases associated with the switch This selection displays the alias associated with the requested switch (or all the swtiches when all is selected) interfaces: The 'interfaces' keyword lists the interfaces on the switch. This information is posed by the switch to the controller when the switch first connects, and then updated by the switch if new interfaces are created or deleted. Show switch tcpdump via controller Command Mode: login mode Command Syntax: s h o ws w i t c h< s w i t c hd p i do ra l i a s >t r a c e[ o n e l i n e ][ s i n g l e s e s s i o n ]
[ e c h o r e p l y ][ e c h o r e q u e s t ][ f e a t u r e s r e p ][ f l o w m o d ][ f l o w r e m o v e d ][ g e t c o n f i g r e p ] [ h e l l o ][ p a c k e t i n ][ p a c k e t o u t ][ p o r t s t a t u s ][ s e t c o n f i g ][ s t a t s r e p l y ][ s t a t s r e q u e s t ][ d e t a i l ]
Show switch details via query Command Mode: login mode Command Syntax: s h o ws w i t c h{ < s w i t c hd p i do ra l i a s >|a l l }[ b y{ i p a d d r e s s|
c o n n e c t t i m e } ][ { d e t a i l s|b r i e f } ]
Next Keyword Descriptions:
brief: The brief keyword requests a less verbose version for the output of various show commands by: The 'by' keyword describes a sort-by token, The sort selection is the next keyword details: The details keyword requests a more verbose version of the output format.
Show Switch-interfaces Commands

Show interfaces for switch associated with current submode Command Mode: config-switch mode Command Syntax: s h o wi n t e r f a c e s
Show Switch Commands

Show tunnels for all switches Command Mode: login mode Command Syntax: s h o wt u n n e l Show tunnels for selected switches Command Mode: login mode Command Syntax: s h o wt u n n e l{ a l l|< d p i d > }
Show Tacacs-plus-config Commands

Show tacacs operational state Command Mode: login mode Command Syntax: s h o wt a c a c s Command Description: Show TACACS+ aaa operational state. Print out the global aaa sources and services, as well as any configured TACACS+ servers and parameters. Command Examples:
s h o wt a c a c s
D i s p l a yt h eT A C A C S +a a ao p e r a t i o n a ls t a t e .
Show Tag Commands

Show configured tags Command Mode: login mode Command Syntax: s h o wt a g[ n a m e s p a c e< n a m e s p a c e > ][ n a m e< n a m e > ][ v a l u e< v a l u e > ] Command Description: The show tag command lists all the tags configured. Each tag's namespace, name and value are shown. Also shown is whether this tag is persisted or not, meaning, whether this tag was created internally by the controller itself or the user created this.
Show Tech-support-config Commands

Show tech-support configuration Command Mode: login mode Command Syntax: s h o wt e c h s u p p o r t c o n f i g[ { c l i|s h e l l } ][ c m d< c m d > ] Command Description: This commands shows customized commands shown in 'show tech-support' output. Command Examples:
M e i s M a c B o o k P r o . l o c a l ( c o n f i g ) #t e c h s u p p o r t c o n f i gs h e l ld a t e
M e i s M a c B o o k P r o . l o c a l ( c o n f i g ) #s h o wt e c h s u p p o r t c o n f i g
T y p eo fc o m m a n dC o m m a n dn a m e
| -
s h e l l
d a t e
M e i s M a c B o o k P r o . l o c a l ( c o n f i g ) #
Show Tenant Commands

Show defined tenants Command Mode: login mode Command Syntax: s h o wt e n a n t Show specific tenant, identified by name Command Mode: login mode Command Syntax: s h o wt e n a n t< t e n a n t i d >{ o n v[ < o n v i d >[ i n t e r f a c e s|m a c a d d r e s s t a b l e|i n t e r f a c e r u l e s|a c c e s s l i s t s|r u n n i n g c o n f i g|s w i t c h|f l o w[ { b r i e f| f u l l d e t a i l|d e t a i l s|s u m m a r y } ] ] ]|r o u t e r[ < v i r t u a l r o u t e r i d >[ i p a d d r e s s p o o l| r o u t e|i n t e r f a c e s|g a t e w a y p o o l s|g w a d d r e s s p o o l ] ]|r u n n i n g c o n f i g|{ d e t a i l s| b r i e f }}
Command Description: This 'show tenant <tenant-name>' command is used to identify a specific tenant, to describe particular configured details. 'show tenant' command provides display for every defined tenant. Next Keyword Descriptions: onv: The 'onv' keyword requests the display of the configured onvs for the named tenant. access-lists: The 'access-list' keyword requests display of the configured access-lists associated with the onv. The output includes not only the access-list, but a brief descripion of the acl rules associated with the access-list. full-detail: For a few show commands, the 'full-detail' is a request to display more information than the 'defails' keyword. route: The 'route' keyword requests the display of the configured routing rule for the named virtual router. gw-address-pool: The 'gw-address-pool' keyword requests the display of the configured gateway ip addresses for all the gateway pools of the named virtual router. flow: The 'flow' keyword requests the display of all openflow flow-match entries inserted into various switches to implement the onv isolation.
brief: The brief keywork requests a less verbose version of output for various show commands. summary: A more terse output format. interface-rules: The 'interface-rules' keyword requests the display of the configured interface-rules for the named onv. The onv interface-rules describe the membership rules associated with a onv. gateway-pools: The 'gateway-pools' keyword requests the display of the configured next hop gateway pools for the named virtual router. details: The details keyword requests a more verbose version of various show commands. router: The 'router' keyword requests the display of the configured virtual router for the named or current tenant. ip-address-pool: The 'ip-address-pool' keyword requests the display of the configured ip address/subnet for all the interfaces of the named virtual router. interfaces: The 'interfaces' keyword requests the display of the configured interfaces for the named virtual router. Show specific tenant, identified by name Command Mode: login mode Command Syntax: s h o wt e n a n t{ < t e n a n t i d >|a l l } Command Description: This 'show tenant <tenant-name>' command is used to identify a specific tenant, to describe particular configured details. 'show tenant' command provides display for every defined tenant. Command Examples:
l o c a l h o s t #s h o wt e n a n ta l l
#T e n a n tI DA c t i v eD e s c r i p t i o nR o u t e rI D
| | | | -
1A
T r u e
v r A
2d e f a u l t
T r u e
3r e d
T r u e
4s y s t e m
T r u e
v r s y s t e m
l o c a l h o s t #s h o wt e n a n tA
#T e n a n tI DA c t i v eD e s c r i p t i o nR o u t e rI D
| | | | -
1A
T r u e
v r A
Show Dvs Commands

Show vcenter dvs details Command Mode: login mode Command Syntax: s h o wd v s[ v c e n t e r< v c e n t e r > ][ d a t a c e n t e r< d a t a c e n t e r > ][ d v s< d v s > ]
Show Dvs-port-group Commands

Show vcenter dvs port-group details Command Mode: login mode Command Syntax: s h o wd v s p o r t g r o u p[ v c e n t e r< v c e n t e r > ][ d a t a c e n t e r< d a t a c e n t e r > ]
[ d v s< d v s > ][ p o r t g r o u p ]
Show Vcenter Commands

Show vcenter configurations Command Mode: login mode Command Syntax: s h o wv c e n t e r Show vcenter description by name Command Mode: login mode Command Syntax: s h o wv c e n t e r{ < v c e n t e r n a m e >|a l l }[ d v s|d v s p o r t g r o u p|s t a t u s|
d e t a i l s ]
Next Keyword Descriptions: status: dvs-port-group: dvs: Show vcenter operational status by name Command Mode: login mode Command Syntax: s h o wv c e n t e r< v c e n t e r n a m e >d v s< d v s n a m e >s t a t u s
Show Static-arp Commands

Show all configured static arps Command Mode: login mode Command Syntax: s h o wa r p
Command Description: The 'show arp' command shows the configured static arp table. Command Examples:
l o c a l h o s t #s h o wa r p
#I p
M a c
| | -
11 0 . 0 . 0 . 11 1 : 2 2 : 3 3 : 4 4 : 5 5 : 6 6
Show Virtualrouter Commands

Show specific virtual router, identified by name Command Mode: config-tenant mode Command Syntax: s h o wr o u t e r Command Description: The 'router' keyword requests the display of the configured virtual router for the named or current tenant. Show specific virtual router, identified by name Command Mode: config-tenant mode Command Syntax: s h o wr o u t e r< v i r t u a l r o u t e r i d >[ i p a d d r e s s p o o l|r o u t e|i n t e r f a c e s
[ < v r i n a m e >[ i p a d d r e s s p o o l ] ]|g a t e w a y p o o l s[ < v r g w n a m e >[ g w a d d r e s s p o o l ] ] ]
Next Keyword Descriptions: gateway-pools:
The 'gateway-pools' keyword requests the display of the configured next hop gateway pools for the named virtual router. route: The 'route' keyword requests the display of the configured routing rule for the named virtual router. ip-address-pool: The 'ip-address-pool' keyword requests the display of the configured ip address/subnet for all the interfaces of the named virtual router. interfaces: The 'interfaces' keyword requests the display of the configured interfaces for the named virtual router. </div> Retrieved from "https://wiki.opendaylight.org/index.php?title=OpenDaylight_CommandLine_Interface_(CLI):Main&oldid=383" Category: OpenDaylight SDN Controller Platform This page was last modified on 17 April 2013, at 18:16.

OpenDaylight Command-Line Interface (CLI) - Main - Daylight Project

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

OpenDaylight Command-Line Interface (CLI) - Main - Daylight Project

Uploaded by

Copyright:

Available Formats

OpenDaylight Command-Line Interface (CLI):Main

From Daylight Project

OpenDaylight Command Line Interface (CLI) User Guide

Navigation and help

Command Syntax: t u n n e l l i n k{ v e r i f y< s w i t c hd p i do ra l i a s >< s w i t c hd p i do ra l i a s > }

Associate interface with access-list Command Mode: config-tenant-onv-if mode

Set rule to active

C h a n g et h ea s s o c i a t i o no ft h i sO N Vf r o m' d e f a u l t 't o' a d d r e s s s p a c e 1 ' .

====Enter interface-rule submode, configure onv

Configure security policies for host Command Mode: config-host mode

dst-mac: Enter a MAC address or host alias Command Examples:

Next Keyword Descriptions: protocol: Specify a protocol by number Command Examples:

Configure src-mac match for flow

Configure wildcards for flow

Set tenant active

Describe tenant origin

Show onv-definition Commands

Show onv-interface-access-list Commands

Command Mode: config-tenant-onv-if mode Command Syntax: s h o wa c c e s s g r o u p

Show onv-access-list Commands

Show onv-access-list-entry Commands

Show onv-interface Commands

Show Controller-interface Commands

number <number>: Specify the number of the network interface to show.

Show Controller-node Commands

Show Config Commands

Show Config-file Commands

Show Event-history Commands

Show External-ports Commands

Show Feature Commands

Show Firewall-rule Commands

Show Flow-entry Commands

Show Global-config Commands

Show Logging Commands

Show Running-config Commands

Show Switch-cluster Commands

Show Tech-support Commands

Show This Commands

Show Host Commands

Show Link Commands

Show Snmp-server-config Commands

Show Switches Commands

Next Keyword Descriptions:

Show Switch-interfaces Commands

Show Switch Commands

Show Tacacs-plus-config Commands

Show Tag Commands

Show Tech-support-config Commands

Show Tenant Commands

Show Dvs Commands

Show Dvs-port-group Commands

Show Vcenter Commands

Show Static-arp Commands

Show Virtualrouter Commands

Next Keyword Descriptions: gateway-pools:

You might also like