Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Add_workflow_for_techpubs
AUTH1UserResourceIdentifier{userKey=8a00a0c85fd202bb0160132c449a0026, userName='null'}
JIRAIDAUTHSBX-7541488859
REV5UserResourceIdentifier{userKey=8a00a0c85fd202bb0160132c449a0026, userName='null'}
REV6UserResourceIdentifier{userKey=8a00a0c85fd202bb0160132c449a0026, userName='null'}
REV3UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cdcd0ab1, userName='null'}
REV1REV2

 

UserResourceIdentifier{userKey=8a00a0c85f4199b1015f7e1be77a0005, userName='null'}



Panel
Panel

In this section:

Table of Contents
maxLevel2


The request system command applies to both system-level and configure modes except where noted.

Admin

Command Syntax

Code Block
languagenone
% request system admin <SYSTEM NAME>
    adManualSync	
    discardCandidateConfiguration
    license loadLicenseFile
		bundleName <license bundle name>
		fileName <license filename>
	loadConfig
		allowOldVersion <no | yes>
		filename 
	reenableOSaccount userName <username>
	reGenerateSshRsaKeys
	reKeyConfdEncryptionKeys
	removeSavedConfig fileName <filename>
	restart
    restoreRevision revision <revision number>
    saveAndActivate
	saveConfig fileNameSuffix <suffix>
    searchAdData adAttributeIdentifier <AD Attribute> searchString <search data>
	setHaConfig
		bondMonitoring <currentValue | direct-connect | network-connect> 
		leaderElection <currentValue | enhanced | standard>
	softReset
	switchover
	verifyDatabaseIntegrity <activeAndStandbyPolicy | activeConfigAndActivePolicy | all>
    viewConfigurationChanges
       revision <revision number>
	zeroizePersistenKeys

Command Parameters

Include Page
GRHA_not_in_SWe_Cloud
GRHA_not_in_SWe_Cloud

Caption
0Table
1System Admin Parameters (request)


Load saved configuration and restart the system without rebooting the servers.

allowOldVersion – This option is only intended for use to override checks for older releases which do not identify their version. In this case, the follow error results. Follow the instructions given:
"There is no version identifier on the saved file. Use the allowOldVersion parameter only if you are sure the version of the saved configuration file is compatible with the running software version."
  • no
  • yes
  • filename – Enter the configuration file to load.

  • NOTE: In a redundant system, using loadConfig restarts both CEs

    NOTE: If "reason Configuration file version not compatible with current software version. matrixFileNotAvailable" error is returned, the lswuMatrixSBX5000.bin/lswuMatrixSBX5000.txt file is missing from the/opt/sonus directory. You must must restore these files from the release package of the currently running software with the name pattern of "sbc-V0X.YY.ZZRQQQ.x86_64.tar.gz". Unzip and untar the current release's tar.gz file in that directory, return to the CLI and perform the command again.

    Parameter

    Description

    license loadLicenseFile

    Load the specified node-locked license file stored in the

    Spacevars
    0product
    directory /opt/sonus/external.

    • bundleName <license bundle name> – The bundle name to use for the license installation.
    • fileName <license filename> – The name of the license file to install.

    References:

    loadConfig

    reenableOSaccount

    Use this command to re-enable an OS account for a specific user.

    • userName <user name> - User name of account to re-enable.
    reGenerateSshRsaKeysUse this control to regenerate all SSH keys.
    reKeyConfdEncryptionKeys

    Use this control to regenerate system configuration database encryption keys.

    NOTE:

    Spacevars
    0company
    recommends backing up current encrypted parameters in plaintext, if possible. 
    Spacevars
    0company
    further recommends performing a full configuration backup immediately after this activity has successfully completed.

    removeSavedConfig

    Remove the saved configuration from the system.

    • fileName – Specify filename of configuration to remove from the system.

    restart

    Restart system (all CEs).

    saveAndActivateSave and activate cluster configuration. Applies only to SBC SWe Cloud clusters operating in OAM or Direct Single configuration mode. Saves the configuration to EMS. Activates the configuration on the managed VMs, if a cluster is using OAM configuration mode. Refer to Accessing Configuration Interfaces for SBC SWe Clusters.

    saveConfig

    Save the current configuration.

    • fileNameSuffix – Use this parameter to specify the filename suffix to use when saving the configuration.
    setHaConfig

    Use this action command to configure SBC for Geographical Redundancy High Availability (GRHA) mode when active and standby servers are located in two different data centers to protect SBCs against data center and network failures. To configure/change just one setting, use currentValue option for the other setting.

    • bondMonitoring – Select the bond monitoring type for GRHA mode.
      • currentValue 
      • direct-connect
      • network-connect
    • leaderElection Select the leader election algorithm type to use for GRHA mode.
      • currentValue 
      • enhanced
      • standard

     

    References:

    NOTE: Bond monitoring is not applicable to the

    Spacevars
    0product2
    .

    softReset

    Restart the applications on the system without rebooting the server(s).

    switchover

    Perform a switchover of the management applications and restart all applications on currently active server.

    verifyDatabaseIntegrity

    Use this command to verify that the

    Spacevars
    0product
    policy and configuration databases on the active server are in sync and that the policy databases on the active and standby servers are in sync. Because these commands take a few seconds to execute, it is not advisable to constantly run these commands on systems.

    • activeAndStandbyPolicy – Check if policy databases on the active and standby servers are in sync.
    • activeConfigAndActivePolicy – Check if the policy and configuration databases on the active server are in sync.
    • all – Perform both of the above checks.

    To view the results of the above checks, use the 'show table system databaseIntegrity' command. Refer to Show Table System for details.

    zeroizePersistenKeys

    Use this control to securely erase all persistent CSPs from the system. The 

    Spacevars
    0product
    server reboots after confirmation.

    adManualSync 
    This is a request to sync with AD Server to fetch subscriber data. This is an optional parameter.

    discardCandidateConfiguration

    Use to discard candidate configuration changes that have been committed on the OAM node, but not yet activated on the managed SBC nodes with the saveAndActivate command. This command also restarts the OAM nodes, although it does not impact the managed SBC nodes. Applies only to SBC SWe cluster deployments operating in OAM configuration mode.

    license loadLicenseFile

    Load the specified node-locked license file stored in the

    Spacevars
    0product
    directory /opt/sonus/external.

    • bundleName <license bundle name> – The bundle name to use for the license installation.
    • fileName <license filename> – The name of the license file to install.

    References:

    loadConfig

    Load saved configuration and restart the system without rebooting the servers.

    • allowOldVersion – This option is only intended for use to override checks for older releases which do not identify their version. In this case, the follow error results. Follow the instructions given:

      "There is no version identifier on the saved file. Use the allowOldVersion parameter only if you are sure the version of the saved configuration file is compatible with the running software version."
      • no
      • yes
    • filename – Enter the configuration file to load.

    NOTE: In a redundant system, using loadConfig restarts both CEs

    NOTE: If "reason Configuration file version not compatible with current software version. matrixFileNotAvailable" error is returned, the lswuMatrixSBX5000.bin/lswuMatrixSBX5000.txt file is missing from the/opt/sonus directory. You must must restore these files from the release package of the currently running software with the name pattern of "sbc-V0X.YY.ZZRQQQ.x86_64.tar.gz". Unzip and untar the current release's tar.gz file in that directory, return to the CLI and perform the command again.

    reenableOSaccount

    Use this command to re-enable an OS account for a specific user.

    • userName <user name> - User name of account to re-enable.
    reGenerateSshRsaKeysUse this control to regenerate all SSH keys.
    reKeyConfdEncryptionKeys

    Use this control to regenerate system configuration database encryption keys.

    NOTE:

    Spacevars
    0company
    recommends backing up current encrypted parameters in plaintext, if possible. 
    Spacevars
    0company
    further recommends performing a full configuration backup immediately after this activity has successfully completed.

    removeSavedConfig

    Remove the saved configuration from the system.

    • fileName – Specify filename of configuration to remove from the system.

    restart

    Restart system (all CEs).

    restoreRevision

    Use this command along with a specific, prior configuration revision number to revert to that configuration. The OAM nodes and the SBC nodes automatically restart when you restore a prior configuration.  

    • revision <revision number>

    saveAndActivateSave and activate cluster configuration. Applies only to SBC SWe clusters operating in OAM or Direct Single configuration mode. Saves the configuration to EMS. Activates the configuration on the managed VMs, if a cluster is using OAM configuration mode. Refer to Modifying SBC Cluster Configuration.

    saveConfig

    Save the current configuration.

    • fileNameSuffix – Use this parameter to specify the filename suffix to use when saving the configuration.
    setHaConfig

    Use this action command to configure SBC for Geographical Redundancy High Availability (GRHA) mode when active and standby servers are located in two different data centers to protect SBCs against data center and network failures. To configure/change just one setting, use currentValue option for the other setting.

    • bondMonitoring – Select the bond monitoring type for GRHA mode.
      • currentValue 
      • direct-connect
      • network-connect
    • leaderElection Select the leader election algorithm type to use for GRHA mode.
      • currentValue 
      • enhanced
      • standard


    References:

    NOTE: Bond monitoring is not applicable to the

    Spacevars
    0product2
    .

    softReset

    Restart the applications on the system without rebooting the server(s).

    switchover

    Perform a switchover of the management applications and restart all applications on currently active server.

    verifyDatabaseIntegrity

    Use this command to verify that the

    Spacevars
    0product
    policy and configuration databases on the active server are in sync and that the policy databases on the active and standby servers are in sync. Because these commands take a few seconds to execute, it is not advisable to constantly run these commands on systems.

    • activeAndStandbyPolicy – Check if policy databases on the active and standby servers are in sync.
    • activeConfigAndActivePolicy – Check if the policy and configuration databases on the active server are in sync.
    • all – Perform both of the above checks.

    To view the results of the above checks, use the 'show table system databaseIntegrity' command. Refer to Show Table System for details.

    viewConfigurationChanges

    The behavior of this request command depends on whether you provide an optional revision number. Applies only to SBC SWe cluster deployments operating in OAM configuration mode.

    Issue this request command without specifying a revision number to list the candidate configuration changes that have been committed on the OAM node, but not yet activated on the managed SBC nodes with the saveAndActivate command.

    Specify a revision number to list the configuration changes associated with the specified revision.

    • revision <revision number>

    If the revision number refers to a configuration that was part of restore operation, no changes are shown.

    Note that viewing of configuration related to lawful intercept (LI) is restricted to authorized users and therefore output is filtered accordingly. LI-related changes are not present in the output shown to users that lack LI privileges. Similarly, users with only LI privileges can see only LI-related configuration changes.

    zeroizePersistenKeys

    Use this control to securely erase all persistent CSPs from the system. The 

    Spacevars
    0product
    server reboots after confirmation.

    searchAdDataSearches the local AD database
    adAttributeIdentifierAD Attribute Identifier
    searchStringA request to Search String


    Command Example

    The following is an example of how to request manual sync:

    Code Block
    request system admin TICKS adManualSync


    The following is an example of how to search AD Data: 

    Code Block
    request system admin TITAS searchAdData adAttributeIdentifier adAttribute2 searchString 8067100197

    Ethernet Port

    Command Syntax

    Multiexcerpt
    MultiExcerptNameethernetPort_syntax


    Code Block
    languagenone
    % request system ethernetPort packetAdmin <host name> <pkt0 | pkt1> switchover


    Command Parameter

    Multiexcerpt
    MultiExcerptNameethernetPort_parameter


    Caption
    0Table
    1Ethernet Port 'request' Parameter


    Parameter

    Description

    switchover

    Use this parameter to initiate a port switchover within a redundancy pair.

    Note: The switchover command only applies to pkt0 and pkt1 on the

    Spacevars
    0series2
    and
    Spacevars
    0product3
    active server.

     

     




    IP Policing

    Command Syntax

    Code Block
    languagenone
    > request system ipPolicing resetOffendersList <OffendersList name> 
      aclOffendersList 
      aggregateOffendersList 
      arpOffendersList 
      badEtherIpHdrOffendersList 
      discardRuleOffendersList 
      ipSecDecryptOffendersList 
      mediaOffendersList 
      rogueMediaOffendersList 
      uFlowOffendersList

    Offenders List Details

    Multiexcerpt include
    MultiExcerptNameOffenders List
    PageWithExcerptShow Table System

    Logout

    Info
    titleNote

    Operational mode only.

     


    Command Syntax

    Code Block
    languagenone
    > request system logout user <user_Id>

    Policy Server

    Command Syntax

    Code Block
    languagenone
    > request system policyServer remoteServer <server_name>

    Security

    For additional security configuration details, see PKI Security - CLI.

    Command Syntax

    Multiexcerpt
    MultiExcerptNamesecurity_syntax


    Code Block
    languagenone
    % request system security 
    	eventLogValidation 
            deleteUserPrivateKey
            generateDefaultKeys
            setUserPrivateKey <uniqueUserPrivateKeyName> <userPrivateKey>
            showPublicKey <default/user>
        generateSipHeaderEncryptionKeys
    	pki 
    		certificate <certificate name>
    			generateCSR
    				csrSub (max 255 chars)
    				keySize (ketSize1K | keySize2K)
    				subjectAlternativeDnsName (0-512 chars)
    			importCert certContent (max 4096 chars)
    			retrieveCertContent
    		uploadCertificate


    Command Parameters

    Multiexcerpt
    MultiExcerptNamesecurity_parameters


    Caption
    0Table
    1request system security Parameters


    Parameter

    Description

    eventLogValidation

    deleteUserPrivateKey – Delete an existing user-submitted private key. When the key is removed the SBC will revert back to using its default private key.

    generateDefaultKeys – Requests the generation of a new default SBC-generated private key pair.

    setUserPrivateKey <uniqueUserPrivateKeyName> <userPrivateKey>Configures the user-submitted private key. The private key is encrypted in CDB using existing CDB encryption methods. The user-submitted private key is only available internally. The key is encrypted and hidden, thus not displayable, once configured in CDB.

    showPublicKey <user/default> – Access the public key associated with the chosen private key. 

    generateSipHeaderEncryptionKeys

    Use this command to generate header encryption keys. A "Success" or "Failure" indication is returned. The SBC then adds the key-Id to each encrypted header based on which key is selected as the correct key for decryption.

    The SBC stores up to two sets of keys at any given time. There is no limit to the number of times this command may be executed. Additionally, there is no specific time delay required before reissuing the command.

    NOTE: Generating new keys too frequently may lead to a situation where the SBC receives a request with an expired key-id (i.e. the current header encryption key is over-written due to the new key generation) causing unsuccessful decryption of headers. This may lead to call failures any calls caught in the transition to the new key-id.

    pki

    PKI certification configuration details.

    • certificate <certificateName>The name for a collection of certificates configured on SBC.
      • generateCSR – Use this parameter to generate CSR (Certificate Signing Request).
        • csrSub CSR subject name (max 255 chars). Place the parameter value within quotation marks if a string contains a space.

        • keySize  Size of the key to generate private key via openssl command.

          • keySize1K

          • keySize2K

        • subjectAlternativeDnsName Alternative DNS subject name(s). Multiple alternative names can be specified using "," (comma) separator. (0-512 chars). Example:  "nj.sonusnetexample.com, in.sonusnetexample.com, uk.sonusnetexample.com, ca.sonusnetexample.com, tx.sonusnetexample.com"

      • importCert certContent Import PEM format certificate (max 4096 characters).
        Note: When issuing this command, the SBC enables multi-line mode automatically. To exit multi-line mode you must press Ctrl+D manually.
      • retrieveCertContent – Retrieve content of an existing PKI certificate (local, local-internal and remote).
    • uploadCertificate – Upload a pk12 certificate.

     

     




    Command Example

    Multiexcerpt

    To retrieve certificate content of an existing PKI certificate:

    Code Block
    languagenone
    % request system security pki certificate server retrieveCertContent
    result Certificate:
        Data:
            Version: 1 (0x0)
            Serial Number: 13211600523504912060 (0xb75908ad95e006bc)
        Signature Algorithm: sha1WithRSAEncryption
            Issuer: C=US, ST=MA, L=Westford, O=VeriSign
            Validity
                Not Before: Apr 28 09:56:54 2015 GMT
                Not After : Jul 12 09:56:54 2033 GMT
            Subject: C=IN, ST=TN, L=Chennai
            Subject Public Key Info:
                Public Key Algorithm: rsaEncryption
                    Public-Key: (2048 bit)
                    Modulus:
                        00:c5:80:dc:59:0a:8d:98:19:0b:bd:be:fd:ab:6c:
                        f7:e9:b6:28:d9:e8:fe:a5:84:fb:45:d9:16:97:f5:
                        fc:9f:df:7b:5b:03:6e:34:38:3f:10:2b:d0:d8:d6:
                        4a:03:5f:2a:78:85:4c:65:d4:0d:a6:e2:d3:be:1a:
                        fc:8b:96:a1:db:15:16:74:3e:9f:2a:34:95:88:6a:
                        49:3b:1e:78:15:bf:5c:e8:ec:a3:0d:8b:d4:2a:39:
                        d6:17:c1:a8:88:94:36:23:23:d5:3b:2c:49:fb:15:
                        d3:e6:7f:72:b0:e4:3d:e6:3a:44:f3:ac:a2:d3:2a:
                        62:f7:2f:d1:d4:a1:82:fe:03:57:49:1d:6b:12:14:
                        2c:28:f8:ef:6c:e0:c2:36:8c:7f:77:2a:32:d9:ce:
                        c7:9e:fc:4f:20:aa:43:db:b1:77:16:e9:d5:b5:44:
                        ff:06:8a:85:d4:74:63:af:3c:5e:f3:a3:e0:83:5a:
                        40:d1:5d:fc:84:36:34:b4:8b:ac:f1:5b:2c:b6:0e:
                        97:bc:1b:cd:a4:f8:17:b3:81:42:41:db:09:bb:79:
                        42:1f:92:dc:43:52:ca:78:e3:db:3d:db:e9:f6:39:
                        15:eb:3a:09:e5:ab:eb:18:5f:7e:14:ec:f9:b6:04:
                        9e:f5:6d:73:f4:ea:85:c4:4a:1f:5a:01:8f:2e:94:
                        b6:0d
                    Exponent: 65537 (0x10001)
        Signature Algorithm: sha1WithRSAEncryption
             1a:91:c0:8a:b8:66:4b:a2:67:bc:99:4f:b4:0b:f8:bc:67:0e:
             de:23:37:42:bc:dd:96:64:7c:ef:e1:05:c7:eb:92:06:fa:ef:
             7b:72:ee:7f:26:b5:1c:39:b5:f2:b2:04:6e:2e:0c:1d:7e:1f:
             7a:87:b8:8b:9c:25:e2:8f:77:6f:ac:bb:a0:63:28:51:4f:7c:
             35:30:ad:31:24:85:f3:99:6d:c2:f8:33:eb:49:45:ed:ab:26:
             97:f4:04:a7:0a:06:dd:40:c3:f6:1a:0e:ec:72:0f:40:65:ab:
             34:4a:dc:51:2b:f3:61:b6:3a:1c:26:09:a1:af:37:dc:bf:a5:
             ba:dd
    No Trusted Uses.
    No Rejected Uses.
    Alias: Server Cert
    Key Id: 79:70:FC:99:1A:2B:15:A7:A1:33:21:F7:8A:57:0C:A7:07:7B:96:35
     
    status 0 

     



    Server Admin

    Command Syntax

    Code Block
    languagenone
    > request system serverAdmin <server_name>  
    	forceCoreDump coreDumpType <full | partial>
    	removeCoredump coredumpFileName <filename> 
    	restart  
    	softReset  
    	startSoftwareUpgrade  
    		integrityCheck <perform | skip>
    		package <pkg_name> 
    		rpmName <name> 
    		versionCheck <perform | skip> 

    Command Parameters

    Caption
    0Table
    1'request system serverAdmin' Command Parameters


    ParameterDescription

    <serverName>

    The unique name of the server.

    forceCoreDump

    Include Page
    _forceCoreDump_warning
    _forceCoreDump_warning

    Use this command to force the termination of a fixed set of application processes with accompanying core dumps for troubleshooting purposes. By default, a full dump is performed if no option is specified.

    Before the command executes, the user is prompted to confirm or cancel the operation. If canceled, no further action is taken, and application operation is not affected.

    • coreDumpType– Choose an option below:
      • full (default) – Full set of processes to dump (see Table 2 below).
      • partial – Partial set of processes to dump (see Table 3 below).
    removeCoredump

    Use this object to remove the specified coredump from the chosen server.

    • coredumpFileName <filename> – The name of the coredump file.
    restart Restart the specified server.
    softReset Restart the application on the server without rebooting the server.
    startSoftwareUpgrade

    Use this control to start a software upgrade on the specified server.

    • integrityCheck – Use this flag to specify whether or not to perform an integrity check (signature validation) against
      Spacevars
      0product
      software updates and patches as they are uploaded to the
      Spacevars
      0product
      system.
      • perform (default)
      • skip 
    • package – Name of the new package.
    • rpmName – Name of the rpm/package, if different from the file name of the .tar.gz.
    • versionCheck– Use this flag to perform/skip version checking during software upgrades.
      • perform (default)
      • skip
     

     




    Caption
    0Table
    1 Full Application Process List


    CamProcess

    ChmProcess

    CpxAppProc

    DiamProcess

    DnsProcess

    DsProcess

    EmaProcess

    EnmProcessMain

    FmMasterProcess

    IkeProcess

    ImProcess

    IpmProcess

    PathchkProcess

    PesProcess

    PipeProcess

    PrsProcess

    RtmProcess

    SamProcess

    ScmProcess_0

    ScmProcess_1

    ScmProcess_2

    ScmProcess_3

    ScpaProcess

    SmProcess

    SsaProcess

    SsreqProcess

     

     





    Caption
    0Table
    1 Partial Application Process List


    Process

    PrsProcess

    RtmProcess

    SamProcess

    ScmProcess_0

    ScmProcess_1

    ScmProcess_2

    ScmProcess_3

    SmProcess

     


    Command Examples

    To set bond monitoring type to 'network-connect' and leader election algorithm type to 'enhanced':

    Code Block
    languagenone
    request system admin sbx1 setHaConfig bondMonitoring network-connect leaderElection enhanced  

     


    To set bond monitoring type to 'direct-connect' and retain current setting of leader election algorithm:

    Code Block
    languagenone
    request system admin sbx1 setHaConfig bondMonitoring direct-connect leaderElection currentValue
     


    To load a license file:

    Code Block
    request system admin WFDSBC01 license loadLicenseFile bundleName BUND fileName FN
    This command will load the license file kept in /opt/sonus/external path. Do you want to continue? [yes,no] yes

     

     


    Pagebreak