Versions Compared

Old Version 4

changes.mady.by.user Ribbon Communications

Saved on

compared with

New Version 5

changes.mady.by.user Ribbon Communications

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Multiexcerpt
MultiExcerptNameadminRequestSyntax
Code Block
languagenone
% request system admin <SYSTEM NAME>
	identify duration <0-255 seconds>
	loadConfig
		allowOldVersion <no | yes>
		filename 
	reGenerateSshRsaKeys
	reKeyConfdEncryptionKeys
	removeSavedConfig fileName <filename>
	restart
	saveConfig fileNameSuffix <suffix>
	setHaConfig
		bondMonitoring <currentValue | direct-connect | network-connect> 
		leaderElection <currentValue | enhanced | standard>
	softReset
	switchover
	verifyDatabaseIntegrity <activeAndStandbyPolicy | activeConfigAndActivePolicy | all>
	zeroizePersistenKeys

...

Multiexcerpt
MultiExcerptNameadminRequestParameters
Caption
0Table
1System Admin Parameters (request)

 

Div
classpdf8pttext

Parameter

Description

identify

Turn on/off the locator LED of the specified server for the amount of time set with the duration sub-parameter below.

  • duration – The duration (in seconds) to illuminate the locator LED of specified server (range: 0-255). The LED illuminates for the specified number of seconds and then extinguishes. A duration of "0" turns off the locator LED and a duration of "255" turns on the locator LED indefinitely. If the duration is not specified, 15 seconds is set as the default value.

loadConfig

Load saved configuration and restart the system without rebooting the servers.

  • allowOldVersion – This option is only intended for use to override checks for older releases which do not identify their version. In this case, the follow error results. Follow the instructions given:

    "There is no version identifier on the saved file. Use the allowOldVersion parameter only if you are sure the version of the saved configuration file is compatible with the running software version."
    • no
    • yes

  • filename – Enter the configuration file to load.

Note
In a redundant system, using loadConfig restarts both CEs.
Note

If "reason Configuration file version not compatible with current software version. matrixFileNotAvailable" error is returned, the lswuMatrixSBX5000.bin/lswuMatrixSBX5000.txt file is missing from the/opt/sonus directory. You must must restore these files from the release package of the currently running software with the name pattern of "sbc-V0X.YY.ZZRQQQ.x86_64.tar.gz". Unzip and untar the current release's tar.gz file in that directory, return to the CLI and perform the command again.

reGenerateSshRsaKeysUse this control to regenerate all SSH keys.
reKeyConfdEncryptionKeys

Use this control to regenerate system configuration database encryption keys.

Note

Spacevars
0company
recommends backing up current encrypted parameters in plaintext, if possible. 
Spacevars
0company
 further recommends performing a full configuration backup immediately after this activity has successfully completed.

removeSavedConfig

Remove the saved configuration from the system.

  • fileName – Specify filename of configuration to remove from the system.

restart

Restart system (all CEs).

saveConfig

Save the current configuration.

  • fileNameSuffix – Use this parameter to specify the filename suffix to use when saving the configuration.
setHaConfig

Use this action command to configure SBC for Geographical Redundancy High Availability (GRHA) mode when active and standby servers are located in two different data centers to protect SBCs against data center and network failures. To configure/change just one setting, use currentValue option for the other setting.

  • bondMonitoring – Select the bond monitoring type for GRHA mode.
    • currentValue 
    • direct-connect
    • network-connect
  • leaderElection Select the leader election algorithm type to use for GRHA mode.
    • currentValue 
    • enhanced
    • standard

References:

softReset

Restart the applications on the system without rebooting the server(s).

softReset

Restart the applications on the system without rebooting the server(s).

switchover

Perform a switchover of the management applications and restart all applications on currently active server.

verifyDatabaseIntegrity

Use this command to verify that the

Spacevars
0product
policy and configuration databases on the active server are in sync and that the policy databases on the active and standby servers are in sync. Because these commands take a few seconds to execute, it is not advisable to constantly run these commands on systems.

  • activeAndStandbyPolicy – Check if policy databases on the active and standby servers are in sync.
  • activeConfigAndActivePolicy – Check if the policy and configuration databases on the active server are in sync.
  • all – Perform both of the above checks.

To view the results of the above checks, use the 'show table system databaseIntegrity' command. See show table system for details.

zeroizePersistenKeys

Use this control to securely erase all persistent CSPs from the system. The 

Spacevars
0product
server reboots after confirmation.

...

The following example displays system administrative information:

Code Block
languagenone
admin@sbx1%% show system admin
admin sbx1 {
    auditLogState       enabled;
    dspMismatchAction   preserveRedundancy;
    passwordRules {
        minimumLength                 8;
        minimumNumberOfUppercaseChars 1;
        minimumNumberOfLowercaseChars 1;
        minimumNumberOfDigits         1;
        minimumNumberOfOtherChars     1;
        passwordHistoryDepth          4;
        maximumRepeatingCharsCount    3;
        minimumDiffWithOldPassword    4;
    }
    fips-140-2 {
        mode disabled;
    }
    dod {
        mode disabled;
    }
}

...

The following example uses the Account Management feature to accomplishes accomplish the following actions:

  • Allows a locked account to unlock after five minutes
  • Enables 
    Spacevars
    0product
    to defend against brute force attacks
  • Sets the number of consecutive failed attempts to "3"
Code Block
languagenone
% set system admin MYSBC accountManagement bruteForceAttack state enabled allowAutoUnlock enabled consecutiveFailedAttemptAllowed 3 unlockTime 300

% show system admin MYSBC accountManagement bruteForceAttack
state                           enabled;
consecutiveFailedAttemptAllowed 3;
allowAutoUnlock                 enabled;
unlockTime                      300;

To set bond monitoring type to 'network-connect' and leader election algorithm type to 'enhanced':

Code Block
languagenone
% request system admin sbx1 setHaConfig bondMonitoring network-connect leaderElection enhanced  

To set bond monitoring type to 'direct-connect' and retain current setting of leader election algorithm:

Code Block
languagenone
% request system admin sbx1 setHaConfig bondMonitoring direct-connect    300;
leaderElection currentValue

 

Pagebreak

 

Noprint

Back to Top