...
...
UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cd5909df, userName='null'} | REV5 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cd5909df, userName='null'} |
---|
REV6 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cd5909df, userName='null'} |
---|
REV3 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cb230570, userName='null'} |
---|
REV1 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26ccb808a4, userName='null'} |
---|
|
The request system
command applies to both system-level and configure modes except where noted.
...
admin
Command Syntax
...
...
...
...
Multiexcerpt include |
---|
nopanel | true |
---|
MultiExcerptName | adminRequestParameters |
---|
PageWithExcerpt | Admin - CLI |
---|
|
congestion
...
...
...
...
license loadLicenseFile
bundleName <license bundle name>
fileName <license filename>
loadConfig
allowOldVersion <no | yes>
filename
reenableOSaccount <username>
reGenerateSshRsaKeys
reKeyConfdEncryptionKeys
removeSavedConfig fileName <filename>
restart
saveConfig fileNameSuffix <suffix>
setHaConfig
bondMonitoring <currentValue | direct-connect | network-connect>
leaderElection <currentValue | enhanced | standard>
softReset
switchover
verifyDatabaseIntegrity <activeAndStandbyPolicy | activeConfigAndActivePolicy | all>
zeroizePersistenKeys |
Command Parameters
Include Page |
---|
| GRHA_not_in_SWe_Cloud |
---|
| GRHA_not_in_SWe_Cloud |
---|
|
...
...
ethernetPort
Command Syntax
Multiexcerpt |
---|
MultiExcerptName | ethernetPort_syntax |
---|
|
Code Block |
---|
| % request system ethernetPort packetAdmin <host name> <pkt0 | pkt1> switchover |
|
Command Parameter
Multiexcerpt |
---|
MultiExcerptName | ethernetPort_parameter |
---|
|
Caption |
---|
0 | Table |
---|
1 | Ethernet Port 'request' Parameter |
---|
| Parameter | Length/Range | Description |
---|
switchover
| N/A | Use this parameter to initiate a port switchover within a redundancy pair. Note |
---|
The switchover command only applies to pkt0 and pkt1 on active CE. |
|
|
|
ipPolicing
Command Syntax
Code Block |
---|
|
> request system ipPolicing resetOffendersList name
aclOffendersList
aggregateOffendersList
arpOffendersList
badEtherIpHdrOffendersList
discardRuleOffendersList
ipSecDecryptOffendersList
mediaOffendersList
rogueMediaOffendersList
uFlowOffendersList |
logout
Note |
---|
Operational mode only. |
Command Syntax
Code Block |
---|
|
> request system logout user <user_Id> |
policyServer
Command Syntax
Code Block |
---|
|
> request system policyServer remoteServer <server_name> |
security
For additional security configuration details, see PKI Security - CLI.
Command Syntax
...
MultiExcerptName | security_syntax |
---|
...
System Admin Parameters (request) |
|
|
...
cpuhistory type
...
Displays the CPU usage history.
all
– Displays all of the following usage histories.
oneSecSample
– Displays the CPU usage for every second. The usage is reported for the CPU that has highest utilization for that second. rsiAverage
– Displays the average of the one second samples for the resample interval, usually three (3) samples. The usage is reported for the CPU with the highest rsi average for the resample interval.
rsiWeightedAvg
– Displays the weighted average. The weighted average is a running average of waited samples where the current sample is computed using the formula below:
Info |
---|
resourceAVGFactor * ( previous weighted sample) * (1-resourceAVGFactor) * (current rsi average). |
The resourceAvgFactor usually = 30%. The usage is reported for the CPU that has weighted average for the resample interval.
...
Displays the memory usage history.
all
– Displays all of the following usage histories.
oneSecSample
– Displays the memory usage for every second. rsiAverage
– Displays the average of the one second samples for the resample interval, usually three (3) samples. rsiWeightedAvg
–
Displays the weighted average. The weighted average is a running average of waited samples where the current sample is computed using the formula below:
Info |
---|
resourceAVGFactor * ( previous weighted sample) * (1-resourceAVGFactor) * (current rsi average). |
The resourceAvgFactor usually = 30%.
...
Enable/disable the debug flag associated with system congestion.
...
Simulates CPU or memory resource congestion for the specified level.
level
mc0
– Simulate machine congestion level 0 ( no congestion).
mc1
– Simulate machine congestion level 1.
mc2
– Simulate machine congestion level 2
.
mc3
– Simulate machine congestion level 3
.
res
–cpu
– Simulate CPU congestion.
memory
– Simulate memory congestion.
...
Direct all calls of a specific type or SIP registrations to a specific instance of call processing engine.
instance <unsignedInt>
– Instance ID of the call processing engine.iptype
– Choose an IP type:
license loadLicenseFile | Load the specified license file stored in the directory /opt/sonus/external.bundleName <license bundle name> – The bundle name to use for the license installation.fileName <license filename> – The name of the license file to install.
Use the show table system licenseLocalBundleInfo command to view license bundle details. References: | loadConfig
| Load saved configuration and restart the system without rebooting the servers. NOTE: In a redundant system, using loadConfig restarts both CEs NOTE: If "reason Configuration file version not compatible with current software version. matrixFileNotAvailable " error is returned, the lswuMatrixSBX5000.bin/lswuMatrixSBX5000.txt file is missing from the/opt/sonus directory. You must must restore these files from the release package of the currently running software with the name pattern of "sbc-V0X.YY.ZZRQQQ.x86_64.tar.gz". Unzip and untar the current release's tar.gz file in that directory, return to the CLI and perform the command again. | reenableOSaccount | Use this command to re-enable an OS account for a specific user. userame - User name of account to re-enable.
| reGenerateSshRsaKeys | Use this control to regenerate all SSH keys. | reKeyConfdEncryptionKeys | Use this control to regenerate system configuration database encryption keys. NOTE: recommends backing up current encrypted parameters in plaintext, if possible. further recommends performing a full configuration backup immediately after this activity has successfully completed. | removeSavedConfig
| Remove the saved configuration from the system. fileName – Specify filename of configuration to remove from the system.
| restart
| Restart system (all CEs). | saveConfig
| Save the current configuration. fileNameSuffix – Use this parameter to specify the filename suffix to use when saving the configuration.
| setHaConfig | Use this action command to configure SBC for Geographical Redundancy High Availability (GRHA) mode when active and standby servers are located in two different data centers to protect SBCs against data center and network failures. To configure/change just one setting, use currentValue option for the other setting. bondMonitoring – Select the bond monitoring type for GRHA mode.currentValue direct-connect network-connect
leaderElection – Select the leader election algorithm type to use for GRHA mode.currentValue enhanced standard
References: NOTE: Bond monitoring is not applicable to the . | softReset
| Restart the applications on the system without rebooting the server(s). | switchover
| Perform a switchover of the management applications and restart all applications on currently active server. | verifyDatabaseIntegrity | Use this command to verify that the policy and configuration databases on the active server are in sync and that the policy databases on the active and standby servers are in sync. Because these commands take a few seconds to execute, it is not advisable to constantly run these commands on systems.activeAndStandbyPolicy – Check if policy databases on the active and standby servers are in sync.activeConfigAndActivePolicy – Check if the policy and configuration databases on the active server are in sync.all – Perform both of the above checks.
To view the results of the above checks, use the 'show table system databaseIntegrity' command. Refer to Show Table System for details. | zeroizePersistenKeys | Use this control to securely erase all persistent CSPs from the system. The server reboots after confirmation. |
|
Ethernet Port
Command Syntax
Multiexcerpt |
---|
MultiExcerptName | ethernetPort_syntax |
---|
|
Code Block |
---|
| % request system ethernetPort packetAdmin <host name> <pkt0 | pkt1> switchover |
|
Command Parameter
Multiexcerpt |
---|
MultiExcerptName | ethernetPort_parameter |
---|
|
Caption |
---|
0 | Table |
---|
1 | Ethernet Port 'request' Parameter |
---|
| Parameter | Description |
---|
switchover
| Use this parameter to initiate a port switchover within a redundancy pair. Note: The switchover command only applies to pkt0 and pkt1 on the and active server. |
|
|
IP Policing
Command Syntax
Code Block |
---|
|
> request system ipPolicing resetOffendersList <OffendersList name>
aclOffendersList
aggregateOffendersList
arpOffendersList
badEtherIpHdrOffendersList
discardRuleOffendersList
ipSecDecryptOffendersList
mediaOffendersList
rogueMediaOffendersList
uFlowOffendersList |
Offenders List Details
Multiexcerpt include |
---|
MultiExcerptName | Offenders List |
---|
PageWithExcerpt | Show Table System |
---|
|
Logout
Info |
---|
|
Operational mode only. |
Command Syntax
Code Block |
---|
|
> request system logout user <user_Id> |
Policy Server
Command Syntax
Code Block |
---|
|
> request system policyServer remoteServer <server_name> |
Security
For additional security configuration details, see PKI Security - CLI.
Command Syntax
Multiexcerpt |
---|
MultiExcerptName | security_syntax |
---|
|
|
% request system security
generateSipHeaderEncryptionKeys
pki
certificate <certificate name>
generateCSR
csrSub (max 255 chars)
keySize (ketSize1K | keySize2K)
subjectAlternativeDnsName (0-512 chars)
importCert certContent (max 4096 chars)
retrieveCertContent
uploadCertificate |
|
Command Parameters
Multiexcerpt |
---|
MultiExcerptName | security_parameters |
---|
|
Caption |
---|
0 | Table |
---|
1 | request system security Parameters |
---|
| Parameter | Description |
---|
generateSipHeaderEncryptionKeys
| Use this command to generate header encryption keys. A "Success" or "Failure" indication is returned. The SBC then adds the key-Id to each encrypted header based on which key is selected as the correct key for decryption. The SBC stores up to two sets of keys at any given time. There is no limit to the number of times this command may be executed. Additionally, there is no specific time delay required before reissuing the command. |
|
|
...
NOTE: Generating new keys too frequently may lead to a situation where the SBC receives a request with an expired key-id (i.e. the current header encryption key is over-written due to the new key generation) causing unsuccessful decryption of headers. This may lead to call failures any calls caught in the transition to the new key-id. | pki | PKI certification configuration details. certificate <certificateName> – The name for a collection of certificates configured on SBC.generateCSR – Use this parameter to generate CSR (Certificate Signing Request).csrSub – CSR subject name (max 255 chars). Place the parameter value within quotation marks if a string contains a space.
keySize – Size of the key to generate private key via openssl command.
subjectAlternativeDnsName – Alternative DNS subject name(s). Multiple alternative names can be specified using "," (comma) separator. (0-512 chars). Example: "nj.sonusnet.com, in.sonusnet.com, uk.sonusnet.com, ca.sonusnet.com, tx.sonusnet.com"
importCert certContent – Import PEM format certificate (max 4096 characters). Note: When issuing this command, the SBC enables multi-line mode automatically. To exit multi-line mode you must press Ctrl+D manually.retrieveCertContent – Retrieve content of an existing PKI certificate (local, local-internal and remote).
uploadCertificate – Upload a pk12 certificate.
|
|
|
Command Example
Multiexcerpt |
---|
To retrieve certificate content of an existing PKI certificate: Code Block |
---|
| % request system security pki certificate server retrieveCertContent
result Certificate:
Data:
Version: 1 (0x0)
Serial Number: 13211600523504912060 (0xb75908ad95e006bc)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=MA, L=Westford, O=VeriSign
Validity
Not Before: Apr 28 09:56:54 2015 GMT
Not After : Jul 12 09:56:54 2033 GMT
Subject: C=IN, ST=TN, L=Chennai
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c5:80:dc:59:0a:8d:98:19:0b:bd:be:fd:ab:6c:
f7:e9:b6:28:d9:e8:fe:a5:84:fb:45:d9:16:97:f5:
fc:9f:df:7b:5b:03:6e:34:38:3f:10:2b:d0:d8:d6:
4a:03:5f:2a:78:85:4c:65:d4:0d:a6:e2:d3:be:1a:
fc:8b:96:a1:db:15:16:74:3e:9f:2a:34:95:88:6a:
49:3b:1e:78:15:bf:5c:e8:ec:a3:0d:8b:d4:2a:39:
d6:17:c1:a8:88:94:36:23:23:d5:3b:2c:49:fb:15:
d3:e6:7f:72:b0:e4:3d:e6:3a:44:f3:ac:a2:d3:2a:
62:f7:2f:d1:d4:a1:82:fe:03:57:49:1d:6b:12:14:
2c:28:f8:ef:6c:e0:c2:36:8c:7f:77:2a:32:d9:ce:
c7:9e:fc:4f:20:aa:43:db:b1:77:16:e9:d5:b5:44:
ff:06:8a:85:d4:74:63:af:3c:5e:f3:a3:e0:83:5a:
40:d1:5d:fc:84:36:34:b4:8b:ac:f1:5b:2c:b6:0e:
97:bc:1b:cd:a4:f8:17:b3:81:42:41:db:09:bb:79:
42:1f:92:dc:43:52:ca:78:e3:db:3d:db:e9:f6:39:
15:eb:3a:09:e5:ab:eb:18:5f:7e:14:ec:f9:b6:04:
9e:f5:6d:73:f4:ea:85:c4:4a:1f:5a:01:8f:2e:94:
b6:0d
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
1a:91:c0:8a:b8:66:4b:a2:67:bc:99:4f:b4:0b:f8:bc:67:0e:
de:23:37:42:bc:dd:96:64:7c:ef:e1:05:c7:eb:92:06:fa:ef:
7b:72:ee:7f:26:b5:1c:39:b5:f2:b2:04:6e:2e:0c:1d:7e:1f:
7a:87:b8:8b:9c:25:e2:8f:77:6f:ac:bb:a0:63:28:51:4f:7c:
35:30:ad:31:24:85:f3:99:6d:c2:f8:33:eb:49:45:ed:ab:26:
97:f4:04:a7:0a:06:dd:40:c3:f6:1a:0e:ec:72:0f:40:65:ab:
34:4a:dc:51:2b:f3:61:b6:3a:1c:26:09:a1:af:37:dc:bf:a5:
ba:dd
No Trusted Uses.
No Rejected Uses.
Alias: Server Cert
Key Id: 79:70:FC:99:1A:2B:15:A7:A1:33:21:F7:8A:57:0C:A7:07:7B:96:35
status 0 |
|
...
Server Admin
Command Syntax
Code Block |
---|
|
> request system serverAdmin <server_name>
forceCoreDump coreDumpType <full | partial> |
...
removeCoredump coredumpFileName <filename>
restart
softReset
startSoftwareUpgrade
integrityCheck <perform | skip>
package <pkg_name>
rpmName <name>
versionCheck <perform | skip> |
Command Parameters
Caption |
---|
0 | Table |
---|
1 | 'request system serverAdmin' Command Parameters |
---|
|
|
...
...
| The unique name of the server. | forceCoreDump |
|
...
| Use this command to force the termination of a fixed set of application processes with accompanying core dumps for troubleshooting purposes. By default, a full dump is performed if no option is specified. Before the command executes, the user is prompted to confirm or cancel the operation. If canceled, no further action is taken, and application operation is not affected. coreDumpType – Choose an option below:full (default) – Full set of processes to dump (see Table 2 below).partial – Partial set of processes to dump (see Table 3 below).
|
|
...
The duration (in seconds) to illuminate the locator LED of this server. The LED illuminates for the specified number of seconds and then extinguishes. A duration of "0" turns off the locator LED and a duration of "255" turns on the locator LED indefinitely. If the duration is not specified, the default value of 15 seconds is used.
...
Use this object to remove the specified coredump from the chosen server.
coredumpFileName
<filename>
– The name of the coredump file.
...
Use this control to start a software upgrade on the specified server.
removeCoredump | Use this object to remove the specified coredump from the chosen server. coredumpFileName <filename> – The name of the coredump file.
| restart | Restart the specified server. | softReset | Restart the application on the server without rebooting the server. | startSoftwareUpgrade | Use this control to start a software upgrade on the specified server. integrityCheck – Use this flag to specify whether or not to perform an integrity check (signature validation) against software updates and patches as they are uploaded to the system.package – Name of the new package.rpmName – Name of the rpm/package, if different from the file name of the .tar.gz.versionCheck – Use this flag to perform/skip version checking during software upgrades.
|
|
Caption |
---|
0 | Table |
---|
1 | Full Application Process List |
---|
|
CamProcess | ChmProcess | CpxAppProc | DiamProcess | DnsProcess | DsProcess | EmaProcess | EnmProcessMain | FmMasterProcess | IkeProcess | ImProcess | IpmProcess | PathchkProcess | PesProcess | PipeProcess | PrsProcess | RtmProcess | SamProcess | ScmProcess_0 | ScmProcess_1 | ScmProcess_2 | ScmProcess_3 | ScpaProcess | SmProcess | SsaProcess | SsreqProcess | | |
|
...
...
...
...
...
Partial Application Process |
|
...
CamProcess | ChmProcess | CpxAppProc | DiamProcess |
DnsProcess | DsProcess | EmaProcess | EnmProcessMain |
FmMasterProcess | IkeProcess | ImProcess | IpmProcess |
PathchkProcess | PesProcess | PipeProcess | PrsProcess |
RtmProcess | SamProcess | ScmProcess_0 | ScmProcess_1 |
ScmProcess_2 | ScmProcess_3 | ScpaProcess | SmProcess |
SsaProcess | SsreqProcess | | |
|
Process | PrsProcess | RtmProcess | SamProcess | ScmProcess_0 | ScmProcess_1 | ScmProcess_2 | ScmProcess_3 | SmProcess |
|
Command Examples
To set bond monitoring type to 'network-connect' and leader election algorithm type to 'enhanced':
Code Block |
---|
|
request system admin sbx1 setHaConfig bondMonitoring network-connect leaderElection enhanced |
To set bond monitoring type to 'direct-connect' and retain current setting of leader election algorithm:
Code Block |
---|
|
request system admin sbx1 setHaConfig bondMonitoring direct-connect leaderElection currentValue |
To load a license file:
Code Block |
---|
request system admin WFDSBC01 license loadLicenseFile bundleName BUND fileName FN
This command will load the license file kept in /opt/sonus/external path. Do you want to continue? [yes,no] yes |
...
0 | Table |
---|
1 | Partial Application Process List |
---|
...
Process
...
PrsProcess
...
RtmProcess
...
SamProcess
...
ScmProcess_0
...
ScmProcess_1
...
ScmProcess_2
...
ScmProcess_3
...