Cumulus Linux Command Reference Guide

Common System Commands

CommandDescriptionExampleMore Information
!!Replays last CLI command (same as !-1, which is one command back in the CLI history).
cumulus@leaf1$ echo “Hello World”
Hello World
cumulus@leaf1$ !!
echo “Hello World”
Hello World
Event Designators
cat /etc/lsb-releaseDisplays software version information.
cumulus@leaf1$ cat /etc/lsb-release
DISTRIB_ID=“Cumulus Linux”
DISTRIB_RELEASE=4.2.0
DISTRIB_DESCRIPTION=“Cumulus Linux 4.2.0”
lsb_release
cat /etc/os-releaseDisplays detailed software version information.
NAME=“Cumulus Linux”
VERSION_ID=4.2.0
VERSION=“Cumulus Linux 4.2.0”
PRETTY_NAME=“Cumulus Linux”
ID=cumulus-linux
ID_LIKE=debian
CPE_NAME=cpe:/o:cumulusnetworks:cumulus_linux:4.2.0
HOME_URL=“http://www.nvidia.com/
SUPPORT_URL=“https://enterprise-support.nvidia.com/s/
os-release
cl-licenseDisplays license status and information; installs license.
cumulus@leaf1$ sudo cl-license
cwlicense@cumulusnetworks.com|XXXXX
License Installation
onie-selectUninstalls and reinstalls an image; boots into rescue mode.

Note: Requires sudo or root.
cumulus@leaf1$ sudo onie-select -i
WARNING:
WARNING: Operating System install requested.
WARNING: This will wipe out all system data.
WARNING:
Are you sure (y/N)? y
Enabling install at next reboot…done.
Reboot required to take effect.
Image Management
decode-syseeprom1Displays hardware version information; sets EEPROM content.
cumulus@leaf1$ sudo decode-syseeprom
TlvInfo Header:
Id String: TlvInfo
Version: 1
Total Length: 108
TLV Name Code Len Value
——————– —- — —–
Serial Number 0x23 10 ADXXXXXXXX
Product Name 0x21 10 AS4600-54T
Manufacture Date 0x25 19 06/30/2012 12:00:00
Base MAC Address 0x24 6 70:72:CF:XX:XX:XX
Label Revision 0x27 4 R01A
Platform Name 0x28 28 powerpc-accton_as4600_54t-r0
ONIE Version 0x29 7 2014.11
MAC Addresses 0x2A 2 65
CRC-32 0xFE 4 0x182BXXXX
(checksum valid)
Monitoring System Hardware
dmesgDisplays system boot messages.
cumulus@leaf1$ dmesg
<snip for brevity>
[ 2485.689082] bonding: bond0: Removing slave swp1.
[ 2485.689169] bonding: bond0: releasing backup interface swp1
[ 2486.029832] ADDRCONF(NETDEV_UP): swp1: link is not ready
[ 2489.431326] ADDRCONF(NETDEV_CHANGE): swp1: link becomes ready
[ 2536.508917] bonding: bond0: enslaving swp1 as a backup interface with a down link.
[ 2536.602285] bonding: bond0: link status definitely up for interface swp1, 0 Mbps half duplex.
[ 2536.902216] bonding: bond0: link status definitely down for interface swp1, disabling it
[ 2540.108185] bonding: bond0: link status definitely up for interface swp1, 1000 Mbps full duplex.
[ 2569.010752] bonding: bond0: link status definitely down for interface swp1, disabling it
[ 2571.810708] bonding: bond0: link status definitely up for interface swp1, 1000 Mbps full duplex.
dmesg
/usr/lib/cumulus/onie/onie-versionDisplays ONIE version.
cumulus@leaf1$ /usr/lib/cumulus/onie/onie-version
ONIE version : 2018.08
ONIE vendor_id : 42623
ONIE build_machine : cumulus_vx
ONIE machine_rev : 0
ONIE arch : x86_64
ONIE build_platform : x86_64-cumulus_vx-r0
ONIE config_version : 1
ONIE build_date : 2018-08-14T03:52-0700
ONIE partition_type : gpt
ONIE kernel_version : 4.1.38
ONIE firmware : auto
ONIE switch_asic : qemu
ONIE skip_ethmgmt_macs: yes
ONIE grub_image_name: grubx64.efi
ONIE uefi_boot_loader: grubx64.efi
ONIE uefi_arch : x64
ONIE command line reference
historyDisplays CLI command history.
cumulus@leaf1$ history
1 exit
2 ping -I bond0 10.0.0.2
3 smonctl
4 sudo su -
5 echo hi
6 history
history
hostname
cat /etc/hostname
Displays/sets hostname. Requires a reboot if you make changes to the /etc/hostname file.
cumulus@leaf1$ hostname
leaf1
hostname
date1Displays time and time zone information.
cumulus@leaf1:~# date
Thu Feb 11 21:17:32 UTC 2016
date
ping -I bond0 <INTERFACE_IP>Pings sourced from a specified interface. This can also be a virtual interface.
cumulus@leaf1$ ping -I bond0 10.0.0.1
PING 10.0.0.1 (10.0.0.1) from 10.0.0.1 bond0: 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_req=1 ttl=64 time=0.083 ms
64 bytes from 10.0.0.1: icmp_req=2 ttl=64 time=0.079 ms
^C
— 10.0.0.1 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.079/0.081/0.083/0.002 ms
ping
sensors -fDisplays PSU, fan, and environmental information (in Fahrenheit).
cumulus@leaf1$ sensors -f
lm75a-i2c-0-4b
Adapter: MPC adapter
temp1: +86.9 F (high = +113.0 F, hyst = +113.0 F)

lm75a-i2c-1-48
Adapter: MPC adapter
temp1: +91.4 F (high = +149.0 F, hyst = +149.0 F)

lm75a-i2c-1-49
Adapter: MPC adapter
temp1: +88.7 F (high = +113.0 F, hyst = +113.0 F)

lm75a-i2c-1-4e
Adapter: MPC adapter
temp1: +98.6 F (high = +149.0 F, hyst = +149.0 F)

lm75a-i2c-1-4f
Adapter: MPC adapter
temp1: +79.7 F (high = +113.0 F, hyst = +113.0 F)

emc2305-i2c-1-4d
Adapter: MPC adapter
fan1: 9060 RPM (div = 4)
fan2: 9060 RPM (div = 4)
fan3: 9060 RPM (div = 4)
fan4: 8998 RPM (div = 4)
fan5: 9018 RPM (div = 4)
sensors
tail -n<N> /var/log/syslogDisplays the last N lines of syslog.
cumulus@leaf1$ tail -n30 /var/log/syslog
Sep 23 23:17:01 leaf1 CRON[31219]: pam_unix(cron:session): session closed for user root
Sep 23 23:20:57 leaf1 dhclient: DHCPREQUEST on eth0 to 192.168.0.1 port 67
Sep 23 23:20:57 leaf1 dhclient: DHCPACK from 192.168.0.1
Sep 23 23:20:57 leaf1 dhclient: bound to 192.168.0.11 – renewal in 1620 seconds.
Sep 23 23:20:57 leaf1 cl-autoprovision[31423]: version: 0.4
Sep 23 23:20:57 leaf1 cl-autoprovision[31423]: Provisioning has already occurred, use –force to override
Sep 23 23:21:54 leaf1 sudo: cumulus : TTY=pts/0 ; PWD=/home/cumulus ; USER=root ; COMMAND=/bin/bash
Sep 23 23:23:08 leaf1 sshd[23560]: Received disconnect from 192.168.0.1: 11: disconnected by user
Sep 23 23:23:08 leaf1 sshd[23558]: pam_unix(sshd:session): session closed for user cumulus
Sep 23 23:23:10 leaf1 sshd[31560]: Accepted publickey for cumulus from 192.168.0.1 port 44133 ssh2
Sep 23 23:23:10 leaf1 sshd[31560]: pam_unix(sshd:session): session opened for user cumulus by (uid=0)
Sep 23 23:23:22 leaf1 sudo: cumulus : TTY=pts/0 ; PWD=/home/cumulus ; USER=root ; COMMAND=/bin/echo hi
Sep 23 23:23:40 leaf1 sudo: cumulus : TTY=pts/0 ; PWD=/home/cumulus ; USER=root ; COMMAND=/sbin/hwclock
Sep 23 23:25:03 leaf1 sshd[31562]: Received disconnect from 192.168.0.1: 11: disconnected by user
Sep 23 23:25:03 leaf1 sshd[31560]: pam_unix(sshd:session): session closed for user cumulus
Sep 23 23:25:04 leaf1 sshd[31673]: Accepted publickey for cumulus from 192.168.0.1 port 44134 ssh2
Sep 23 23:25:04 leaf1 sshd[31673]: pam_unix(sshd:session): session opened for user cumulus by (uid=0)
Sep 23 23:30:01 leaf1 CRON[31946]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 23 23:30:01 leaf1 CRON[31945]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 23 23:30:01 leaf1 /USR/SBIN/CRON[31947]: (root) CMD ( /usr/sbin/logrotate /etc/logrotate.conf)
Sep 23 23:30:01 leaf1 /USR/SBIN/CRON[31948]: (root) CMD ( /usr/sbin/logrotate /etc/logrotate.conf)
Sep 23 23:30:01 leaf1 CRON[31946]: pam_unix(cron:session): session closed for user root
Sep 23 23:30:01 leaf1 CRON[31945]: pam_unix(cron:session): session closed for user root
Sep 23 23:45:01 leaf1 CRON[32703]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 23 23:45:01 leaf1 CRON[32702]: pam_unix(cron:session): session opened for user root by (uid=0)
Sep 23 23:45:01 leaf1 /USR/SBIN/CRON[32704]: (root) CMD ( /usr/sbin/logrotate /etc/logrotate.conf)
Sep 23 23:45:01 leaf1 /USR/SBIN/CRON[32705]: (root) CMD ( /usr/sbin/logrotate /etc/logrotate.conf)
Sep 23 23:45:01 leaf1 CRON[32703]: pam_unix(cron:session): session closed for user root
Sep 23 23:45:01 leaf1 CRON[32702]: pam_unix(cron:session): session closed for user root
tail
topDisplays real time CPU/memory utilization and the top processes.
cumulus@leaf1$ top
top - 23:47:40 up 1 day, 3:13, 1 user, load average: 0.13, 0.24, 0.23
Tasks: 64 total, 1 running, 63 sleeping, 0 stopped, 0 zombie
%Cpu(s): 17.9 us, 7.6 sy, 0.0 ni, 74.5 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem: 2006792 total, 202936 used, 1803856 free, 23324 buffers
KiB Swap: 0 total, 0 used, 0 free, 77356 cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
3157 root 15 -5 166m 47m 11m S 24.5 2.4 342:24.96 switchd
368 cumulus 20 0 3696 1504 1084 R 0.3 0.1 0:00.06 top
top
uname -aDisplays machine information, including kernel version, release, operating system, and hostname.
cumulus@leaf1$ uname -a
Linux leaf1 3.2.65-1+deb7u2+cl2.5+2 #3.2.65-1+deb7u2+cl2.5+2 SMP Mon Jun 1 18:26:55 PDT 2015 ppc powerpc GNU/Linux
uname
whoamiDisplays the current active user/account.
cumulus@leaf1$ whoami
cumulus
whoami
dpkg-reconfigure tzdata1Configures the time zone.
cumulus@leaf1$ sudo dpkg-reconfigure tzdata
Configuring tzdata
——————

Please select the geographic area in which you live. Subsequent configuration questions will narrow this down by presenting a list of cities, representing the time zones in which they are located.

1. Africa 2. America 3. Antarctica 4. Australia 5. Arctic 6. Asia 7. Atlantic 8. Europe 9. Indian 10. Pacific 11. SystemV 12. US 13. Etc
Geographic area: 12

Please select the city or region corresponding to your time zone.

1. Alaska 2. Aleutian 3. Arizona 4. Central 5. Eastern 6. Hawaii 7. Indiana-Starke 8. Michigan 9. Mountain 10. Pacific 11. Pacific-New 12. Samoa
Time zone: 10

Current default time zone: ‘US/Pacific’
Local time is now: Wed Sep 23 17:01:00 PDT 2015.
Universal Time is now: Thu Sep 24 00:01:00 UTC 2015.
Debian wiki on timezone changes
reboot1Reboots the switch.
cumulus@leaf1$ sudo reboot

Broadcast message from root@leaf1 (pts/0) (Wed Sep 23 17:04:44 2015):

The system is going down for reboot NOW!
reboot
sudo su
sudo -i
sudo /bin/bash
Switches user to root/super user.
cumulus@leaf1$ sudo su
[sudo] password for cumulus:
root@leaf1:~#
Different ways to become root

File Editing Commands

CommandDescriptionMore Information
nanoBasic, user-friendly text editor with persistent on-screen keybindings.nano
viAdvanced text editor.vi for Beginners

Interface Commands

CommandDescriptionExampleMore Information
arp -n^1^
cat /proc/net/arp
Displays ARP table with IP addresses instead of trying to resolve hostnames (when using the -n flag).
cumulus@leaf1$ sudo arp -n
Address HWtype HWaddress Flags Mask Iface
10.1.1.2 ether 08:9e:01:ce:d8:64 C swp1s0
10.1.1.34 ether 00:e0:ec:25:7c:d7 C swp1s2
10.1.1.6 ether 08:9e:01:ce:d8:65 C swp1s1
192.168.0.1 ether 72:01:84:88:f5:8b C eth0
10.1.1.38 ether 00:e0:ec:25:7c:d8 C swp1s3
arp man page
cat /etc/network/interfacesDisplays the interface configuration, bridges, bonds, and VLANs. This file is not indicative of the current running state.
cumulus@leaf1$ cat /etc/network/interfaces
#Configured By Ansible

auto lo
iface lo inet loopback

auto lo:1
iface lo:1 inet static
address 10.2.1.1/32

auto eth0
iface eth0 inet dhcp
Configuring and Managing Network Interfaces
cat /proc/net/bonding/bond0Displays bond0’s bond (LAG) information.
cumulus@leaf1$ cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer3+4 (1)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

802.3ad info
LACP rate: fast
Min links: 1
Aggregator selection policy (ad_select): stable
System Identification: 65535 08:9e:01:f8:90:80
Active Aggregator Info:
Aggregator ID: 1
Number of ports: 2
Actor Key: 17
Partner Key: 17
Partner Mac Address: 08:9e:01:f8:98:c8
LACP Bypass Info:
Allowed: 0
Timeout: 0
All-active: 0

Slave Interface: swp2
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 1
Permanent HW addr: 08:9e:01:f8:90:80
Aggregator ID: 1
LACP bypass priority: 0
Slave queue ID: 0

Slave Interface: swp1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 08:9e:01:f8:90:7f
Aggregator ID: 1
LACP bypass priority: 0
Slave queue ID: 0
proc man page
cl-netstat
cl-netstat -c
Displays/clears counters for cl-netstat.
cumulus@leaf1$ cl-netstat

Kernel Interface table
Iface MTU Met RX_OK RX_ERR RX_DRP RX_OVR TX_OK TX_ERR TX_DRP TX_OVR Flg
——- —– —– ——- ——– ——– ——– ——- ——– ——– ——– —–
br0 1500 0 0 0 0 0 4 0 0 0 BMRU
br1 1500 0 0 0 0 0 5 0 0 0 BMRU
eth0 1500 0 9973 0 0 0 7761 0 0 0 BMRU
lo 16436 0 4 0 0 0 4 0 0 0 LRU
swp1s0 1500 0 2275 0 1 0 2485 0 0 0 BMRU
swp1s1 1500 0 2452 0 1 0 2324 0 0 0 BMRU
swp1s2 1500 0 2448 0 3 0 2338 0 0 0 BMRU
swp1s3 1500 0 2453 0 3 0 2442 0 0 0 BMRU
swp32s0 1500 0 0 0 0 0 10081 0 0 0 BMRU
swp32s1 1500 0 0 0 0 0 10082 0 0 0 BMRU
View and Clear Interface Counters
ethtool <INTERFACE>1Displays low level port information.
cumulus@leaf1$ sudo ethtool swp32s0
Settings for swp32s0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Full
100baseT/Full
1000baseT/Full
10000baseT/Full
Supported pause frame use: Symmetric Receive-only
Supports auto-negotiation: Yes
Advertised link modes: 1000baseT/Full
10000baseT/Full
Advertised pause frame use: Symmetric
Advertised auto-negotiation: No
Speed: 10000Mb/s
Duplex: Full
Port: FIBRE
PHYAD: 0
Transceiver: external
Auto-negotiation: off
Current message level: 0x00000000 (0)

Link detected: yes
Monitor Interfaces using ethtool
ethtool -S <INTERFACE>1Displays detailed low level statistics.
cumulus@leaf1$ sudo ethtool -S swp32s0
HwIfInOctets: 0
HwIfInUcastPkts: 0
HwIfInBcastPkts: 0
HwIfInMcastPkts: 0
HwIfOutOctets: 692670
HwIfOutUcastPkts: 0
HwIfOutMcastPkts: 10128
HwIfOutBcastPkts: 0
HwIfInDiscards: 0
HwIfInL3Drops: 0
HwIfInBufferDrops: 0
HwIfInAclDrops: 0
HwIfInDot3LengthErrors: 0
HwIfInErrors: 0
SoftInErrors: 0
SoftInDrops: 0
SoftInFrameErrors: 0
HwIfOutDiscards: 0
HwIfOutErrors: 0
HwIfOutQDrops: 0
HwIfOutNonQDrops: 0
SoftOutErrors: 0
SoftOutDrops: 0
SoftOutTxFifoFull: 0
HwIfOutQLen: 0
HwIfInDot3FrameErrors: 0
HwIfInPausePkt: 0
HwIfOutPausePkt: 0
HwIfInPfc0Pkt: 0
HwIfOutPfc0Pkt: 0
HwIfInPfc1Pkt: 0
HwIfOutPfc1Pkt: 0
HwIfInPfc2Pkt: 0
HwIfOutPfc2Pkt: 0
HwIfInPfc3Pkt: 0
HwIfOutPfc3Pkt: 0
HwIfInPfc4Pkt: 0
HwIfOutPfc4Pkt: 0
HwIfInPfc5Pkt: 0
HwIfOutPfc5Pkt: 0
HwIfInPfc6Pkt: 0
HwIfOutPfc6Pkt: 0
HwIfInPfc7Pkt: 0
HwIfOutPfc7Pkt: 0
Monitor Interfaces using ethtool
ifquery <INTERFACE>Displays configuration information for an interface.
cumulus@leaf1$ sudo ifquery -a
auto lo
iface lo inet loopback

auto lo
iface lo inet static
address 10.2.1.1/32

auto eth0
iface eth0 inet dhcp

auto swp1s0
iface swp1s0 inet static
address 10.1.1.1/30

auto swp1s1
iface swp1s1 inet static
address 10.1.1.5/30

auto swp1s2
iface swp1s2 inet static
address 10.1.1.33/30

auto swp1s3
iface swp1s3 inet static
address 10.1.1.37/30

auto br1
iface br1 inet static
address 10.4.1.129/25
bridge-ports swp32s1
bridge-stp on

auto br0
iface br0 inet static
address 10.4.1.1/25
bridge-ports swp32s0
bridge-stp on
Use ifquery
ifreload -a1
service networking reload
Runs ifdown, then ifup, on any interfaces with configuration changes.
cumulus@leaf1$ ifreload -a
cumulus@leaf1$
Use ifupdown2
ifdown <INTERFACE>;ifup <INTERFACE>1Brings a specified interface down, then back up.
cumulus@leaf1$ sudo ifdown swp1s0
cumulus@leaf1$ sudo ifup swp1s0
cumulus@leaf1$
Use ifupdown2
ip addr showDisplays all configured IP addresses.
cumulus@leaf1$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet 10.2.1.1/32 scope global lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 44:38:39:00:49:8b brd ff:ff:ff:ff:ff:ff
inet 192.168.0.11/24 brd 192.168.0.255 scope global eth0
inet6 fe80::4638:39ff:fe00:498b/64 scope link
valid_lft forever preferred_lft forever
5: swp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 500
link/ether 44:38:39:00:49:8c brd ff:ff:ff:ff:ff:ff
inet 10.1.1.1/30 scope global swp1s0
inet6 fe80::4638:39ff:fe00:498c/64 scope link
valid_lft forever preferred_lft forever
6: swp1s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 500
link/ether 44:38:39:00:49:8d brd ff:ff:ff:ff:ff:ff
inet 10.1.1.5/30 scope global swp1s1
inet6 fe80::4638:39ff:fe00:498d/64 scope link
valid_lft forever preferred_lft forever
7: swp1s2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 500
link/ether 44:38:39:00:49:8e brd ff:ff:ff:ff:ff:ff
inet 10.1.1.33/30 scope global swp1s2
inet6 fe80::4638:39ff:fe00:498e/64 scope link
valid_lft forever preferred_lft forever
8: swp1s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 500
link/ether 44:38:39:00:49:8f brd ff:ff:ff:ff:ff:ff
inet 10.1.1.37/30 scope global swp1s3
inet6 fe80::4638:39ff:fe00:498f/64 scope link
valid_lft forever preferred_lft forever
ip man page
ip link showDisplays interface information.
cumulus@leaf1$ ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 44:38:39:00:49:8b brd ff:ff:ff:ff:ff:ff
5: swp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500
link/ether 44:38:39:00:49:8c brd ff:ff:ff:ff:ff:ff
6: swp1s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500
link/ether 44:38:39:00:49:8d brd ff:ff:ff:ff:ff:ff
7: swp1s2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500
link/ether 44:38:39:00:49:8e brd ff:ff:ff:ff:ff:ff
8: swp1s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500
link/ether 44:38:39:00:49:8f brd ff:ff:ff:ff:ff:ff
9: swp2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 500
link/ether 44:38:39:00:49:90 brd ff:ff:ff:ff:ff:ff
ip man page
ip -s linkDisplays interface statistics.
cumulus@leaf1$ ip -s link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
112 4 0 0 0 0
TX: bytes packets errors dropped carrier collsns
112 4 0 0 0 0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 44:38:39:00:49:8b brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
3208342 10725 0 0 0 0
TX: bytes packets errors dropped carrier collsns
1067425 8355 0 0 0 0
5: swp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500
link/ether 44:38:39:00:49:8c brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
1982 21 0 1 0 5
TX: bytes packets errors dropped carrier collsns
2071 23 0 0 0 0
6: swp1s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500
link/ether 44:38:39:00:49:8d brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
212068 2516 0 1 0 646
TX: bytes packets errors dropped carrier collsns
205763 2384 0 0 0 0
7: swp1s2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500
link/ether 44:38:39:00:49:8e brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
213608 2512 0 3 0 648
TX: bytes packets errors dropped carrier collsns
207061 2398 0 0 0 0
8: swp1s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500
link/ether 44:38:39:00:49:8f brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
213598 2517 0 3 0 648
TX: bytes packets errors dropped carrier collsns
214315 2506 0 0 0 0
9: swp2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 500
link/ether 44:38:39:00:49:90 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
ip man page
ip -br link showDisplays a brief, one line summary of each interface; appends up to show only administratively up interfaces.
cumulus@leaf1$ ip -br link show

lo UNKNOWN 00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP>
eth0 UP 44:38:39:00:49:8b <BROADCAST,MULTICAST,UP,LOWER_UP>
swp1s0 UP
swp1s1 UP 44:38:39:00:49:8d <BROADCAST,MULTICAST,UP,LOWER_UP>
swp1s2 UP 44:38:39:00:49:8e <BROADCAST,MULTICAST,UP,LOWER_UP>
swp1s3 UP 44:38:39:00:49:8f <BROADCAST,MULTICAST,UP,LOWER_UP>
swp2 DOWN 44:38:39:00:49:90 <BROADCAST,MULTICAST>
ip man page
lldpcli show neighbors1Displays LLDP neighbor information.
cumulus@leaf1$ sudo lldpcli show neighbors
——————————————————————————-
LLDP neighbors:
——————————————————————————-
Interface: eth0, via: LLDP, RID: 6, Time: 0 day, 05:22:26
Chassis:
ChassisID: mac 70:72:cf:f5:4a:3b
SysName: cwl42-prod-ag-tor-1
SysDescr: Cumulus Linux version 2.5.3 running on accton as4600_54t
MgmtIP: 10.70.6.194
Capability: Bridge, on
Capability: Router, on
Port:
PortID: ifname swp3
PortDescr: swp3
——————————————————————————-
Interface: swp1s2, via: LLDP, RID: 5, Time: 0 day, 05:22:45
Chassis:
ChassisID: mac 00:e0:ec:25:7c:a4
SysName: spine2
SysDescr: Cumulus Linux version 2.5.5 running on cel kennisis
MgmtIP: 10.2.1.4
Capability: Bridge, off
Capability: Router, on
Port:
PortID: ifname swp51
PortDescr: swp51
——————————————————————————-
Interface: swp1s3, via: LLDP, RID: 5, Time: 0 day, 05:22:45
Chassis:
ChassisID: mac 00:e0:ec:25:7c:a4
SysName: spine2
SysDescr: Cumulus Linux version 2.5.5 running on cel kennisis
MgmtIP: 10.2.1.4
Capability: Bridge, off
Capability: Router, on
Port:
PortID: ifname swp52
PortDescr: swp52
——————————————————————————-
Interface: swp1s0, via: LLDP, RID: 7, Time: 0 day, 05:22:13
Chassis:
ChassisID: mac 08:9e:01:ce:d8:33
SysName: spine1
SysDescr: Cumulus Linux version 2.5.5 running on quanta lb9
MgmtIP: 10.2.1.3
Capability: Bridge, off
Capability: Router, on
Port:
PortID: ifname swp49
PortDescr: swp49
——————————————————————————-
LLDP
netstat -iDisplays statistics for UP interfaces.
cumulus@leaf1$ netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
br0 1500 0 0 0 0 0 4 0 0 0 BMU
br1 1500 0 0 0 0 0 5 0 0 0 BMU
eth0 1500 0 11066 0 0 0 8640 0 0 0 BMRU
lo 16436 0 4 0 0 0 4 0 0 0 LRU
swp1s0 1500 0 29 0 1 0 33 0 0 0 BMRU
swp1s1 1500 0 2526 0 1 0 2392 0 0 0 BMRU
swp1s2 1500 0 2521 0 3 0 2406 0 0 0 BMRU
swp1s3 1500 0 2526 0 3 0 2514 0 0 0 BMRU
swp32s0 1500 0 0 0 0 0 11232 0 0 0 BMRU
swp32s1 1500 0 0 0 0 0 10179 0 0 0 BMRU
netstat man page

Bridge/STP Commands

CommandDescriptionExampleMore Information
brctl showDisplays bridge information.
cumulus@leaf1$ brctl show

bridge name bridge id STP enabled interfaces
br0 8000.7072cfbe0d6c yes swp32s0
br1 8000.7072cfbe0d6d yes swp32s1
Ethernet Bridging
brctl showmacs <BRIDGE>Displays the MAC FDB for a bridge.
cumulus@leaf1$ brctl showmacs br0
port name mac addr vlan is local? ageing timer
swp32s0 70:72:cf:be:0d:6c 0 yes 0.00
Ethernet Bridging
brctl showstp <BRIDGE>Displays the STP information for a bridge.
cumulus@leaf1$ brctl showstp br1
br1
bridge id 8000.7072cfbe0d6d
designated root 8000.7072cfbe0d6d
root port 0 path cost 0
max age 20.00 bridge max age 20.00
hello time 2.00 bridge hello time 2.00
forward delay 15.00 bridge forward delay 15.00
ageing time 300.00
hello timer 0.00 tcn timer 0.00
topology change timer 0.00 gc timer 277.39
hash elasticity 4096 hash max 4096
mc last member count 2 mc init query count 2
mc router 1 mc snooping 1
mc last member timer 1.00 mc membership timer 260.00
mc querier timer 255.00 mc query interval 125.00
mc response interval 10.00 mc init query interval 31.25
mc querier 0 mc query ifaddr 0
flags

swp32s1 (1)
port id 8001 state forwarding
designated root 8000.7072cfbe0d6d path cost 2
designated bridge 8000.7072cfbe0d6d message age timer 0.00
designated port 8001 forward delay timer 0.00
designated cost 0 hold timer 0.00
mc router 1 mc fast leave 0
flags
Ethernet Bridging
bridge fdb showDisplays the FDB for all bridges.
cumulus@leaf1$ bridge fdb show
70:72:cf:be:0d:6d dev swp32s1 vlan 0 master br1 permanent
70:72:cf:be:0d:6c dev swp32s0 vlan 0 master br0 permanent
Ethernet Bridging
bridge vlan showDisplays VLAN-aware bridge mode VLAN configuration.
cumulus@leaf1$ bridge vlan show

port vlan ids
swp32s0 1 PVID Egress Untagged
100
200

swp32s1 1 PVID Egress Untagged
100
200

bridge None
Ethernet Bridging
clagctl -vDisplays MLAG information.
cumulus@leaf1$ clagctl -v
The peer is alive
Our Priority, ID, and Role: 4096 34:17:eb:f6:15:fd primary
Peer Priority, ID, and Role: 4096 34:17:eb:f9:80:fd secondary
Peer Interface and IP: peerlink.4094 169.254.255.1
VxLAN Anycast IP: 10.254.4.1
Backup IP: 10.11.26.37 (active)
System MAC: 44:38:39:ff:00:01
CLAG Interfaces
Our Interface Peer Interface CLAG Id Conflicts Proto-Down Reason
—————- —————- ——- ——————– —————–
vni100 vni100 - - -
bond0 - 1 - -
bond1 bond1 2 - -
bond2 bond2 3 - -
vni30 vni30 - - -
vni20 vni20 - - -
vni40 vni40 - - -
Our LACP Information
Our Interface Partner MAC CIST PortId CLAG Id Oper St Flags
—————- —————– ———– ——- ——- —–
bond0 00:00:00:00:00:00 None 1 None -
bond1 b0:83:fe:eb:91:99 None 2 None D
bond2 00:01:e8:8b:c9:da None 3 None D
Peer LACP Information
Peer Interface Partner MAC CIST PortId CLAG Id Oper St Flags
—————- —————– ———– ——- ——- —–
bond0 00:00:00:00:00:00 None 1 None -
bond1 b0:83:fe:eb:91:99 None 2 None D
bond2 00:01:e8:8b:c9:da None 3 None D
Backup info:
IP: 10.11.26.37; State: active; Role: primary
Peer priority and id: 4096 34:17:eb:f9:80:fd; Peer role: secondary
Our Interface Dynamic MAC VLAN Id
—————- —————– ——-
vni100 00:00:02:00:00:06 0
vni100 00:00:02:00:00:01 0
bond1 00:0c:29:48:b1:38 20
vni20 00:0c:29:ea:71:3c 20
bond2 00:00:01:00:00:00 0
vni100 00:00:02:00:00:03 0
vni100 00:00:02:00:00:0a 0
bond2 00:00:01:00:00:01 0
vni100 00:00:02:00:00:04 0
bond2 00:00:01:00:00:02 0
vni100 00:00:02:00:00:08 0
bond2 00:00:01:00:00:03 0
Peer Interface Dynamic MAC VLAN Id
bond2 00:00:01:00:00:09 0
bond2 00:00:01:00:00:06 0
bond2 00:00:01:00:00:07 0
bond2 00:01:e8:8b:c9:dc 0
vni100 00:00:02:00:00:00 0
vni100 00:00:02:00:00:05 0
vni100 00:00:02:00:00:09 0
bond2 00:00:01:00:00:04 0
vni100 00:00:02:00:00:02 0
vni100 00:00:02:00:00:07 0
bond2 00:00:01:00:00:08 0
bond2 00:00:01:00:00:05 0
bond2 00:00:01:00:00:0a 0
Our Multicast Group Port VLAN Id Device Age
———————- —————- ——- —————- —
Peer Multicast Group Port VLAN Id Device Age
———————- —————- ——- —————- —
Our Router Port Device Age
—————- —————- —
Peer Router Port Device Age
—————- —————- —
Our VLAN Information
Our Interface VLAN Id
—————- ——-
vni100 None
bond1 20, 30, 40
bond2 None
vni30 None
vni20 None
vni40 None
Peer VLAN Information
Peer Interface VLAN Id
—————- ——-
vni100 None
bond1 20, 30, 40
bond2 None
vni30 None
vni20 None
Multi-Chassis Link Aggregation - MLAG
mstpctl showbridgeDisplays mstpd (RSTP) information.
cumulus@leaf1$ mstpctl showbridge
bridge CIST info
enabled yes
bridge id 8.000.70:72:CF:BE:0D:6C
designated root 8.000.70:72:CF:BE:0D:6C
regional root 8.000.70:72:CF:BE:0D:6C
root port none
path cost 0 internal path cost 0
max age 20 bridge max age 20
forward delay 15 bridge forward delay 15
tx hold count 6 max hops 20
hello time 2 ageing time 300
force protocol version rstp
time since topology change 69446s
topology change count 0
topology change no
topology change port None
last topology change port None
Spanning Tree and Rapid Spanning Tree
mstpctl showport <BRIDGE>Displays the summary of each port's role on a bridge.
cumulus@leaf1$ mstpctl showport bridge
E swp32s0 8.002 forw 8.000.70:72:CF:BE:0D:6C 8.000.70:72:CF:BE:0D:6C 8.002 Desg
E swp32s1 8.001 forw 8.000.70:72:CF:BE:0D:6C 8.000.70:72:CF:BE:0D:6C 8.001 Desg
Spanning Tree and Rapid Spanning Tree
mstpctl showportdetail <BRIDGE>Displays detailed mstpd port information for a bridge.
cumulus@leaf1$ mstpctl showportdetail bridge
bridge:swp32s0 CIST info
enabled yes role Designated
port id 8.002 state forwarding
external port cost 2000 admin external cost 0
internal port cost 2000 admin internal cost 0
designated root 8.000.70:72:CF:BE:0D:6C dsgn external cost 0
dsgn regional root 8.000.70:72:CF:BE:0D:6C dsgn internal cost 0
designated bridge 8.000.70:72:CF:BE:0D:6C designated port 8.002
admin edge port no auto edge port yes
oper edge port yes topology change ack no
point-to-point yes admin point-to-point auto
restricted role no restricted TCN no
port hello time 2 disputed no
bpdu guard port no bpdu guard error no
network port no BA inconsistent no
Num TX BPDU 34819 Num TX TCN 0
Num RX BPDU 0 Num RX TCN 0
Num Transition FWD 1 Num Transition BLK 0
bpdufilter port no
clag ISL no clag ISL Oper UP no
clag role unknown clag dual conn mac 0:0:0:0:0:0
clag remote portID F.FFF clag system mac 0:0:0:0:0:0
bridge:swp32s1 CIST info
enabled yes role Designated
port id 8.001 state forwarding
external port cost 2000 admin external cost 0
internal port cost 2000 admin internal cost 0
designated root 8.000.70:72:CF:BE:0D:6C dsgn external cost 0
dsgn regional root 8.000.70:72:CF:BE:0D:6C dsgn internal cost 0
designated bridge 8.000.70:72:CF:BE:0D:6C designated port 8.001
admin edge port no auto edge port yes
oper edge port yes topology change ack no
point-to-point yes admin point-to-point auto
restricted role no restricted TCN no
port hello time 2 disputed no
bpdu guard port no bpdu guard error no
network port no BA inconsistent no
Num TX BPDU 34819 Num TX TCN 0
Num RX BPDU 0 Num RX TCN 0
Num Transition FWD 1 Num Transition BLK 0
bpdufilter port no
clag ISL no clag ISL Oper UP no
clag role unknown clag dual conn mac 0:0:0:0:0:0
clag remote portID F.FFF clag system mac 0:0:0:0:0:0
Spanning Tree and Rapid Spanning Tree

Routing Commands

CommandDescriptionExampleMore Information
ip route showDisplays the Linux route table.
cumulus@leaf1$ ip route show
default via 192.168.0.1 dev eth0
10.1.1.0/30 dev swp1s0 proto kernel scope link src 10.1.1.1
10.1.1.4/30 dev swp1s1 proto kernel scope link src 10.1.1.5
10.1.1.16/30 via 10.1.1.2 dev swp1s0 proto zebra metric 20
10.1.1.20/30 via 10.1.1.2 dev swp1s0 proto zebra metric 20
10.1.1.32/30 dev swp1s2 proto kernel scope link src 10.1.1.33
10.1.1.36/30 dev swp1s3 proto kernel scope link src 10.1.1.37
10.1.1.48/30 via 10.1.1.34 dev swp1s2 proto zebra metric 20
10.1.1.52/30 via 10.1.1.34 dev swp1s2 proto zebra metric 20
10.2.1.2 via 10.1.1.2 dev swp1s0 proto zebra metric 20
10.2.1.3 via 10.1.1.2 dev swp1s0 proto zebra metric 20
10.2.1.4 via 10.1.1.34 dev swp1s2 proto zebra metric 20
10.4.1.0/25 dev br0 proto kernel scope link src 10.4.1.1
10.4.1.128/25 dev br1 proto kernel scope link src 10.4.1.129
10.4.2.0/25 via 10.1.1.2 dev swp1s0 proto zebra metric 20
10.4.2.128/25 via 10.1.1.2 dev swp1s0 proto zebra metric 20
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.11
Routing
ptmctl -dDisplays detailed Prescriptive Topology Manager (PTM) information.
cumulus@leaf1$ ptmctl -d
—————————————————————————————————————————-
port cbl exp act sysname portID portDescr match last BFD BFD BFD BFD BFD
status nbr nbr on upd status peer local type DownDiag
—————————————————————————————————————————-
swp1s0 pass spine1:swp49 spine1:swp49 spine1 swp49 swp49 IfName 37s N/A N/A N/A N/A N/A
swp1s1 pass spine1:swp50 spine1:swp50 spine1 swp50 swp50 IfName 37s N/A N/A N/A N/A N/A
swp1s2 pass spine2:swp51 spine2:swp51 spine2 swp51 swp51 IfName 37s N/A N/A N/A N/A N/A
swp1s3 pass spine2:swp52 spine2:swp52 spine2 swp52 swp52 IfName 37s N/A N/A N/A N/A N/A
swp17 N/A leaf2:swp17 no-info N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A
swp18 N/A leaf2:swp18 no-info N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A
swp32s0 N/A server1:eth3 no-info N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A
swp32s1 N/A server2:eth2 no-info N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A
PTM
vtysh1A modal (interactive industry standard) CLI for configuring FRRouting.
cumulus@leaf1$ sudo vtysh

Hello, this is FRRouting (version 7.0+cl4u1).
Copyright 1996-2005 Kunihiro Ishiguro, et al.

leaf01# show ver
FRRouting 7.0+cl4u1 (leaf01).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
Configure FRRouting - Modal
vtysh -c "show ip route"1Displays the FRRouting routing table.
cumulus@leaf1$ sudo vtysh -c “show ip route”

Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route

K>* 0.0.0.0/0 [0/0] via 192.168.0.254, eth0, 1d23h44m
C>* 10.0.0.11/32 is directly connected, lo, 1d23h44m
B>* 10.0.0.12/32 [20/0] via fe80::4638:39ff:fe00:25, swp52, 1d23h44m
* via fe80::4638:39ff:fe00:54, swp51, 1d23h44m
B>* 10.0.0.13/32 [20/0] via fe80::4638:39ff:fe00:25, swp52, 1d23h44m
* via fe80::4638:39ff:fe00:54, swp51, 1d23h44m
B>* 10.0.0.14/32 [20/0] via fe80::4638:39ff:fe00:25, swp52, 1d23h44m
* via fe80::4638:39ff:fe00:54, swp51, 1d23h44m
B>* 10.0.0.22/32 [20/0] via fe80::4638:39ff:fe00:25, swp52, 1d23h44m
B>* 10.0.0.121/32 [20/0] via fe80::4638:39ff:fe00:54, swp51, 1d23h44m
C * 172.16.1.0/24 [0/1024] is directly connected, vlan100-v0, 1d23h03m
C>* 172.16.1.0/24 is directly connected, vlan100, 1d23h03m
B>* 172.16.2.0/24 [20/0] via fe80::4638:39ff:fe00:25, swp52, 1d23h42m
* via fe80::4638:39ff:fe00:54, swp51, 1d23h42m
C>* 192.168.0.0/24 is directly connected, eth0, 1d23h44m
Configure FRRouting
net show ospf neighbor1Displays OSPF neighbors.
cumulus@switch:~$ net show ospf neighbor
Neighbor ID Pri State Dead Time Address Interface RXmtL RqstL DBsmL
10.0.255.101 1 Full/DROther 38.091s 10.0.255.11 swp51:10.0.255.21 0 0 0
10.0.255.102 1 Full/DROther 38.085s 10.0.255.12 swp52:10.0.255.21 0 0 0
OSPF
net show bgp summary1
vtysh -c "show ip bgp summary"1
Displays BGP summary information.
cumulus@leaf01:~$ sudo vtysh -c “show ip bgp summary”

IPv4 Unicast Summary:
BGP router identifier 10.0.0.11, local AS number 65011 vrf-id 0
BGP table version 89
RIB entries 15, using 2760 bytes of memory
Peers 2, using 41 KiB of memory
Peer groups 1, using 64 bytes of memory

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
spine01(swp51) 4 65020 57399 57432 0 0 0 1d23h47m 5
spine02(swp52) 4 65020 57400 57432 0 0 0 1d23h47m 5

Total number of neighbors 2
BGP
net show bgp ipv4 unicast
vtysh -c "show ip bgp"1
Displays the BGP routing table.
cumulus@leaf1$ sudo vtysh -c “show ip bgp”
BGP table version is 220, local router ID is 10.2.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
> 10.1.1.0/30 0.0.0.0 0 32768 ?
i 10.1.1.2 0 100 0 ?
* i 10.1.1.6 0 100 0 ?
*> 10.1.1.4/30 0.0.0.0 0 32768 ?
* i 10.1.1.6 0 100 0 ?
* i 10.1.1.2 0 100 0 ?
* i10.1.1.16/30 10.1.1.6 0 100 0 ?
*>i 10.1.1.2 0 100 0 ?
* i 10.1.1.38 0 100 0 ?
* i 10.1.1.34 0 100 0 ?
* i10.1.1.20/30 10.1.1.6 0 100 0 ?
*>i 10.1.1.2 0 100 0 ?
* i 10.1.1.38 0 100 0 ?
* i 10.1.1.34 0 100 0 ?
*> 10.1.1.32/30 0.0.0.0 0 32768 ?
* i 10.1.1.38 0 100 0 ?
* i 10.1.1.34 0 100 0 ?
*> 10.1.1.36/30 0.0.0.0 0 32768 ?
* i 10.1.1.38 0 100 0 ?
* i 10.1.1.34 0 100 0 ?
* i10.1.1.48/30 10.1.1.38 0 100 0 ?
*>i 10.1.1.34 0 100 0 ?
* i 10.1.1.6 0 100 0 ?
* i 10.1.1.2 0 100 0 ?
* i10.1.1.52/30 10.1.1.38 0 100 0 ?
*>i 10.1.1.34 0 100 0 ?
* i 10.1.1.6 0 100 0 ?
* i 10.1.1.2 0 100 0 ?
*> 10.2.1.1/32 0.0.0.0 0 32768 ?
* i10.2.1.2/32 10.1.1.38 0 100 0 ?
* i 10.1.1.34 0 100 0 ?
* i 10.1.1.6 0 100 0 ?
*>i 10.1.1.2 0 100 0 ?
* i10.2.1.3/32 10.1.1.6 0 100 0 ?
*>i 10.1.1.2 0 100 0 ?
* i10.2.1.4/32 10.1.1.38 0 100 0 ?
*>i 10.1.1.34 0 100 0 ?
* i10.4.2.0/25 10.1.1.38 0 100 0 ?
* i 10.1.1.34 0 100 0 ?
* i 10.1.1.6 0 100 0 ?
*>i 10.1.1.2 0 100 0 ?
* i10.4.2.128/25 10.1.1.38 0 100 0 ?
* i 10.1.1.34 0 100 0 ?
* i 10.1.1.6 0 100 0 ?
*>i 10.1.1.2 0 100 0 ?
*> 192.168.0.0 0.0.0.0 0 32768 ?
* i 10.1.1.6 0 100 0 ?
* i 10.1.1.2 0 100 0 ?
* i 10.1.1.38 0 100 0 ?
* i 10.1.1.34 0 100 0 ?

Total number of prefixes 15
BGP

ACL Commands

CommandDescriptionExampleMore Information
cl-acltool -L all1Displays all filter rules.
cumulus@leaf1$ sudo cl-acltool -L all
——————————-
Listing rules of type iptables:
——————————-
TABLE filter :
Chain INPUT (policy ACCEPT 11749 packets, 1752K bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all – swp+ any 240.0.0.0/5 anywhere
0 0 DROP all – swp+ any loopback/8 anywhere
0 0 DROP all – swp+ any base-address.mcast.net/8 anywhere
0 0 DROP all – swp+ any 255.255.255.255 anywhere
0 0 SETCLASS udp – swp+ any anywhere anywhere udp dpt:3785 SETCLASS class:7
0 0 POLICE udp – any any anywhere anywhere udp dpt:3785 POLICE mode:pkt rate:2000 burst:2000
0 0 SETCLASS udp – swp+ any anywhere anywhere udp dpt:3784 SETCLASS class:7
0 0 POLICE udp – any any anywhere anywhere udp dpt:3784 POLICE mode:pkt rate:2000 burst:2000
0 0 SETCLASS udp – swp+ any anywhere anywhere udp dpt:4784 SETCLASS class:7
0 0 POLICE udp – any any anywhere anywhere udp dpt:4784 POLICE mode:pkt rate:2000 burst:2000
0 0 SETCLASS ospf – swp+ any anywhere anywhere SETCLASS class:7
0 0 POLICE ospf – any any anywhere anywhere POLICE mode:pkt rate:2000 burst:2000
20312 1650K SETCLASS tcp – swp+ any anywhere anywhere tcp dpt:bgp SETCLASS class:7
20312 1732K POLICE tcp – any any anywhere anywhere tcp dpt:bgp POLICE mode:pkt rate:2000 burst:2000
5 453 SETCLASS tcp – swp+ any anywhere anywhere tcp spt:bgp SETCLASS class:7
5 473 POLICE tcp – any any anywhere anywhere tcp spt:bgp POLICE mode:pkt rate:2000 burst:2000
0 0 SETCLASS tcp – swp+ any anywhere anywhere tcp dpt:5342 SETCLASS class:7
0 0 POLICE tcp – any any anywhere anywhere tcp dpt:5342 POLICE mode:pkt rate:2000 burst:2000
0 0 SETCLASS tcp – swp+ any anywhere anywhere tcp spt:5342 SETCLASS class:7
0 0 POLICE tcp – any any anywhere anywhere tcp spt:5342 POLICE mode:pkt rate:2000 burst:2000
5 330 SETCLASS icmp – swp+ any anywhere anywhere SETCLASS class:2
8 574 POLICE icmp – any any anywhere anywhere POLICE mode:pkt rate:100 burst:40
0 0 SETCLASS udp – swp+ any anywhere anywhere udp dpts:bootps:bootpc SETCLASS class:2
16 5248 POLICE udp – any any anywhere anywhere udp dpt:bootps POLICE mode:pkt rate:100 burst:100
108 40068 POLICE udp – any any anywhere anywhere udp dpt:bootpc POLICE mode:pkt rate:100 burst:100
0 0 SETCLASS tcp – swp+ any anywhere anywhere tcp dpts:bootps:bootpc SETCLASS class:2
0 0 POLICE tcp – any any anywhere anywhere tcp dpt:bootps POLICE mode:pkt rate:100 burst:100
0 0 POLICE tcp – any any anywhere anywhere tcp dpt:bootpc POLICE mode:pkt rate:100 burst:100
0 0 SETCLASS udp – swp+ any anywhere anywhere udp dpt:10001 SETCLASS class:3
0 0 POLICE udp – any any anywhere anywhere udp dpt:10001 POLICE mode:pkt rate:2000 burst:2000
0 0 SETCLASS igmp – swp+ any anywhere anywhere SETCLASS class:6
0 0 POLICE igmp – any any anywhere anywhere POLICE mode:pkt rate:300 burst:100
0 0 POLICE all – swp+ any anywhere anywhere ADDRTYPE match dst-type LOCAL POLICE mode:pkt rate:1000 burst:1000 class:0
0 0 POLICE all – swp+ any anywhere anywhere ADDRTYPE match dst-type IPROUTER POLICE mode:pkt rate:400 burst:100 class:0
0 0 SETCLASS all – swp+ any anywhere anywhere SETCLASS class:0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all – swp+ any 240.0.0.0/5 anywhere
0 0 DROP all – swp+ any loopback/8 anywhere
0 0 DROP all – swp+ any base-address.mcast.net/8 anywhere
0 0 DROP all – swp+ any 255.255.255.255 anywhere

Chain OUTPUT (policy ACCEPT 31983 packets, 2328K bytes)
pkts bytes target prot opt in out source destination


TABLE mangle :
Chain PREROUTING (policy ACCEPT 31472 packets, 2689K bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 11137 packets, 1399K bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 31390 packets, 2272K bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 31394 packets, 2272K bytes)
pkts bytes target prot opt in out source destination


TABLE raw :
Chain PREROUTING (policy ACCEPT 31473 packets, 2689K bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 31391 packets, 2272K bytes)
pkts bytes target prot opt in out source destination


——————————–
Listing rules of type ip6tables:
——————————–
TABLE filter :
Chain INPUT (policy ACCEPT 9473 packets, 836K
pkts bytes target prot opt in out source destination
0 0 DROP all swp+ any ip6-mcastprefix/8 anywhere
0 0 DROP all swp+ any ::/128 anywhere
0 0 DROP all swp+ any ::ffff:0.0.0.0/96 anywhere
0 0 DROP all swp+ any localhost/128 anywhere
0 0 POLICE udp swp+ any anywhere anywhere udp dpt:3785 POLICE mode:pkt rate:2000 burst:2000 class:7
0 0 POLICE udp swp+ any anywhere anywhere udp dpt:3784 POLICE mode:pkt rate:2000 burst:2000 class:7
0 0 POLICE udp swp+ any anywhere anywhere udp dpt:4784 POLICE mode:pkt rate:2000 burst:2000 class:7
0 0 POLICE ospf swp+ any anywhere anywhere POLICE mode:pkt rate:2000 burst:2000 class:7
0 0 POLICE tcp swp+ any anywhere anywhere tcp dpt:bgp POLICE mode:pkt rate:2000 burst:2000 class:7
0 0 POLICE tcp swp+ any anywhere anywhere tcp spt:bgp POLICE mode:pkt rate:2000 burst:2000 class:7
0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmp router-solicitation POLICE mode:pkt rate:100 burst:100 class:2
0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmp router-advertisement POLICE mode:pkt rate:500 burst:500 class:2
0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmp neighbour-solicitation POLICE mode:pkt rate:400 burst:400 class:2
0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmp neighbour-advertisement POLICE mode:pkt rate:400 burst:400 class:2
0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmptype 130 POLICE mode:pkt rate:200 burst:100 class:6
0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmptype 131 POLICE mode:pkt rate:200 burst:100 class:6
0 0 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmptype 132 POLICE mode:pkt rate:200 burst:100 class:6
4 376 POLICE ipv6-icmp swp+ any anywhere anywhere ipv6-icmptype 143 POLICE mode:pkt rate:200 burst:100 class:6
0 0 POLICE ipv6-icmp swp+ any anywhere anywhere POLICE mode:pkt rate:64 burst:40 class:2
0 0 POLICE udp swp+ any anywhere anywhere udp dpts:dhcpv6-client:dhcpv6-server POLICE mode:pkt rate:100 burst:100 class:2
0 0 POLICE tcp swp+ any anywhere anywhere tcp dpts:dhcpv6-client:dhcpv6-server POLICE mode:pkt rate:100 burst:100 class:2
0 0 POLICE all swp+ any anywhere anywhere ADDRTYPE match dst-type LOCAL POLICE mode:pkt rate:1000 burst:1000 class:0
0 0 POLICE all swp+ any anywhere anywhere ADDRTYPE match dst-type IPROUTER POLICE mode:pkt rate:400 burst:100 class:0
0 0 SETCLASS all swp+ any anywhere anywhere SETCLASS class:0

Chain FORWARD (policy ACCEPT 2 packets, 208 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all swp+ any ip6-mcastprefix/8 anywhere
0 0 DROP all swp+ any ::/128 anywhere
0 0 DROP all swp+ any ::ffff:0.0.0.0/96 anywhere
0 0 DROP all swp+ any localhost/128 anywhere

Chain OUTPUT (policy ACCEPT 9683 packets, 884K bytes)
pkts bytes target prot opt in out source destination


TABLE mangle :
Chain PREROUTING (policy ACCEPT 9455 packets, 835K bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 9449 packets, 834K bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 2 packets, 208 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 9641 packets, 880K bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 9625 packets, 879K bytes)
pkts bytes target prot opt in out source destination


TABLE raw :
Chain PREROUTING (policy ACCEPT 9455 packets, 835K bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 9641 packets, 880K bytes)
pkts bytes target prot opt in out source destination


——————————-
Listing rules of type ebtables:
——————————-
TABLE filter :
Bridge table: filter

Bridge chain: INPUT, entries: 16, policy: ACCEPT
-d BGA -i swp+ -j setclass –class 7 , pcnt = 0 – bcnt = 0
-d BGA -j police –set-mode pkt –set-rate 2000 –set-burst 2000 , pcnt = 0 – bcnt = 0
-d 1:80:c2:0:0:2 -i swp+ -j setclass –class 7 , pcnt = 0 – bcnt = 0
-d 1:80:c2:0:0:2 -j police –set-mode pkt –set-rate 2000 –set-burst 2000 , pcnt = 0 – bcnt = 0
-d 1:80:c2:0:0:e -i swp+ -j setclass –class 6 , pcnt = 23045 – bcnt = 2926715
-d 1:80:c2:0:0:e -j police –set-mode pkt –set-rate 200 –set-burst 200 , pcnt = 23045 – bcnt = 3018895
-d 1:0:c:cc:cc:cc -i swp+ -j setclass –class 6 , pcnt = 0 – bcnt = 0
-d 1:0:c:cc:cc:cc -j police –set-mode pkt –set-rate 200 –set-burst 200 , pcnt = 0 – bcnt = 0
-p ARP -i swp+ -j setclass –class 2 , pcnt = 45529 – bcnt = 2913856
-p ARP -j police –set-mode pkt –set-rate 400 –set-burst 100 , pcnt = 45529 – bcnt = 3095972
-d 1:0:c:cc:cc:cd -i swp+ -j setclass –class 7 , pcnt = 0 – bcnt = 0
-d 1:0:c:cc:cc:cd -j police –set-mode pkt –set-rate 2000 –set-burst 2000 , pcnt = 0 – bcnt = 0
-p IPv4 -i swp+ -j ACCEPT , pcnt = 0 – bcnt = 0
-p IPv6 -i swp+ -j ACCEPT , pcnt = 4 – bcnt = 376
-i swp+ -j setclass –class 0 , pcnt = 0 – bcnt = 0
-j police –set-mode pkt –set-rate 100 –set-burst 100 , pcnt = 0 – bcnt = 0

Bridge chain: FORWARD, entries: 0, policy: ACCEPT

Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
Netfilter - ACLs
iptables -L1Displays the IPv4 filter rules.
cumulus@leaf1$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all – 240.0.0.0/5 anywhere
DROP all – loopback/8 anywhere
DROP all – base-address.mcast.net/8 anywhere
DROP all – 255.255.255.255 anywhere
SETCLASS udp – anywhere anywhere udp dpt:3785 SETCLASS class:7
POLICE udp – anywhere anywhere udp dpt:3785 POLICE mode:pkt rate:2000 burst:2000
SETCLASS udp – anywhere anywhere udp dpt:3784 SETCLASS class:7
POLICE udp – anywhere anywhere udp dpt:3784 POLICE mode:pkt rate:2000 burst:2000
SETCLASS udp – anywhere anywhere udp dpt:4784 SETCLASS class:7
POLICE udp – anywhere anywhere udp dpt:4784 POLICE mode:pkt rate:2000 burst:2000
SETCLASS ospf – anywhere anywhere SETCLASS class:7
POLICE ospf – anywhere anywhere POLICE mode:pkt rate:2000 burst:2000
SETCLASS tcp – anywhere anywhere tcp dpt:bgp SETCLASS class:7
POLICE tcp – anywhere anywhere tcp dpt:bgp POLICE mode:pkt rate:2000 burst:2000
SETCLASS tcp – anywhere anywhere tcp spt:bgp SETCLASS class:7
POLICE tcp – anywhere anywhere tcp spt:bgp POLICE mode:pkt rate:2000 burst:2000
SETCLASS tcp – anywhere anywhere tcp dpt:5342 SETCLASS class:7
POLICE tcp – anywhere anywhere tcp dpt:5342 POLICE mode:pkt rate:2000 burst:2000
SETCLASS tcp – anywhere anywhere tcp spt:5342 SETCLASS class:7
POLICE tcp – anywhere anywhere tcp spt:5342 POLICE mode:pkt rate:2000 burst:2000
SETCLASS icmp – anywhere anywhere SETCLASS class:2
POLICE icmp – anywhere anywhere POLICE mode:pkt rate:100 burst:40
SETCLASS udp – anywhere anywhere udp dpts:bootps:bootpc SETCLASS class:2
POLICE udp – anywhere anywhere udp dpt:bootps POLICE mode:pkt rate:100 burst:100
POLICE udp – anywhere anywhere udp dpt:bootpc POLICE mode:pkt rate:100 burst:100
SETCLASS tcp – anywhere anywhere tcp dpts:bootps:bootpc SETCLASS class:2
POLICE tcp – anywhere anywhere tcp dpt:bootps POLICE mode:pkt rate:100 burst:100
POLICE tcp – anywhere anywhere tcp dpt:bootpc POLICE mode:pkt rate:100 burst:100
SETCLASS udp – anywhere anywhere udp dpt:10001 SETCLASS class:3
POLICE udp – anywhere anywhere udp dpt:10001 POLICE mode:pkt rate:2000 burst:2000
SETCLASS igmp – anywhere anywhere SETCLASS class:6
POLICE igmp – anywhere anywhere POLICE mode:pkt rate:300 burst:100
POLICE all – anywhere anywhere ADDRTYPE match dst-type LOCAL POLICE mode:pkt rate:1000 burst:1000 class:0
POLICE all – anywhere anywhere ADDRTYPE match dst-type IPROUTER POLICE mode:pkt rate:400 burst:100 class:0
SETCLASS all – anywhere anywhere SETCLASS class:0

Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP all – 240.0.0.0/5 anywhere
DROP all – loopback/8 anywhere
DROP all – base-address.mcast.net/8 anywhere
DROP all – 255.255.255.255 anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Netfilter - ACLs
ip6tables -L1Displays the IPv6 filter rules.
cumulus@leaf1$ sudo ip6tables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all ip6-mcastprefix/8 anywhere
DROP all ::/128 anywhere
DROP all ::ffff:0.0.0.0/96 anywhere
DROP all localhost/128 anywhere
POLICE udp anywhere anywhere udp dpt:3785 POLICE mode:pkt rate:2000 burst:2000 class:7
POLICE udp anywhere anywhere udp dpt:3784 POLICE mode:pkt rate:2000 burst:2000 class:7
POLICE udp anywhere anywhere udp dpt:4784 POLICE mode:pkt rate:2000 burst:2000 class:7
POLICE ospf anywhere anywhere POLICE mode:pkt rate:2000 burst:2000 class:7
POLICE tcp anywhere anywhere tcp dpt:bgp POLICE mode:pkt rate:2000 burst:2000 class:7
POLICE tcp anywhere anywhere tcp spt:bgp POLICE mode:pkt rate:2000 burst:2000 class:7
POLICE ipv6-icmp anywhere anywhere ipv6-icmp router-solicitation POLICE mode:pkt rate:100 burst:100 class:2
POLICE ipv6-icmp anywhere anywhere ipv6-icmp router-advertisement POLICE mode:pkt rate:500 burst:500 class:2
POLICE ipv6-icmp anywhere anywhere ipv6-icmp neighbour-solicitation POLICE mode:pkt rate:400 burst:400 class:2
POLICE ipv6-icmp anywhere anywhere ipv6-icmp neighbour-advertisement POLICE mode:pkt rate:400 burst:400 class:2
POLICE ipv6-icmp anywhere anywhere ipv6-icmptype 130 POLICE mode:pkt rate:200 burst:100 class:6
POLICE ipv6-icmp anywhere anywhere ipv6-icmptype 131 POLICE mode:pkt rate:200 burst:100 class:6
POLICE ipv6-icmp anywhere anywhere ipv6-icmptype 132 POLICE mode:pkt rate:200 burst:100 class:6
POLICE ipv6-icmp anywhere anywhere ipv6-icmptype 143 POLICE mode:pkt rate:200 burst:100 class:6
POLICE ipv6-icmp anywhere anywhere POLICE mode:pkt rate:64 burst:40 class:2
POLICE udp anywhere anywhere udp dpts:dhcpv6-client:dhcpv6-server POLICE mode:pkt rate:100 burst:100 class:2
POLICE tcp anywhere anywhere tcp dpts:dhcpv6-client:dhcpv6-server POLICE mode:pkt rate:100 burst:100 class:2
POLICE all anywhere anywhere ADDRTYPE match dst-type LOCAL POLICE mode:pkt rate:1000 burst:1000 class:0
POLICE all anywhere anywhere ADDRTYPE match dst-type IPROUTER POLICE mode:pkt rate:400 burst:100 class:0
SETCLASS all anywhere anywhere SETCLASS class:0

Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP all ip6-mcastprefix/8 anywhere
DROP all ::/128 anywhere
DROP all ::ffff:0.0.0.0/96 anywhere
DROP all localhost/128 anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Netfilter - ACLs
ebtables -L1Displays the ebtables (layer 2 MAC address) filter rules.
cumulus@leaf1$ sudo ebtables -L
Bridge table: filter

Bridge chain: INPUT, entries: 16, policy: ACCEPT
-d BGA -i swp+ -j setclass –class 7
-d BGA -j police –set-mode pkt –set-rate 2000 –set-burst 2000
-d 1:80:c2:0:0:2 -i swp+ -j setclass –class 7
-d 1:80:c2:0:0:2 -j police –set-mode pkt –set-rate 2000 –set-burst 2000
-d 1:80:c2:0:0:e -i swp+ -j setclass –class 6
-d 1:80:c2:0:0:e -j police –set-mode pkt –set-rate 200 –set-burst 200
-d 1:0:c:cc:cc:cc -i swp+ -j setclass –class 6
-d 1:0:c:cc:cc:cc -j police –set-mode pkt –set-rate 200 –set-burst 200
-p ARP -i swp+ -j setclass –class 2
-p ARP -j police –set-mode pkt –set-rate 400 –set-burst 100
-d 1:0:c:cc:cc:cd -i swp+ -j setclass –class 7
-d 1:0:c:cc:cc:cd -j police –set-mode pkt –set-rate 2000 –set-burst 2000
-p IPv4 -i swp+ -j ACCEPT
-p IPv6 -i swp+ -j ACCEPT
-i swp+ -j setclass –class 0
-j police –set-mode pkt –set-rate 100 –set-burst 100

Bridge chain: FORWARD, entries: 0, policy: ACCEPT

Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
Netfilter - ACLs

Miscellaneous Commands

CommandDescriptionExampleMore Information
netstat -lDisplays all active listening port connections.
cumulus@leaf1$ netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:zebra 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:bgpd 0.0.0.0:* LISTEN
tcp 0 0 localhost:http-alt 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:bgp 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2616 0.0.0.0:* LISTEN
tcp6 0 0 [::]:zebra [::]:* LISTEN
tcp6 0 0 [::]:bgpd [::]:* LISTEN
tcp6 0 0 [::]:bgp [::]:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 [::]:2616 [::]:* LISTEN
tcp6 0 0 fe80::4638:39ff:fe:5342 [::]:* LISTEN
udp 0 0 0.0.0.0:bootpc 0.0.0.0:*
udp 0 0 leaf01:ntp 0.0.0.0:*
udp 0 0 localhost:ntp 0.0.0.0:*
udp 0 0 0.0.0.0:ntp 0.0.0.0:*
udp 0 0 0.0.0.0:4784 0.0.0.0:*
udp 0 0 0.0.0.0:34489 0.0.0.0:*
udp 0 0 0.0.0.0:3784 0.0.0.0:*
udp 0 0 0.0.0.0:3785 0.0.0.0:*
udp 0 0 0.0.0.0:5342 0.0.0.0:*
udp6 0 0 fe80::a200:ff:fe00::ntp [::]:*
udp6 0 0 localhost:ntp [::]:*
udp6 0 0 [::]:ntp [::]:*
udp6 0 0 [::]:4784 [::]:*
udp6 0 0 [::]:3784 [::]:*
raw6 0 0 [::]:ipv6-icmp [::]:* 7
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 30989 /var/run/frr/bgpd.vty
unix 2 [ ACC ] STREAM LISTENING 95538 /var/run/clag-zebra.socket
unix 2 [ ACC ] STREAM LISTENING 95545 /var/run/clagd.socket
unix 2 [ ACC ] STREAM LISTENING 31033 /var/run/frr/staticd.vty
unix 2 [ ACC ] STREAM LISTENING 27316 @/var/run/ptmd.socket
unix 2 [ ACC ] STREAM LISTENING 10123 /run/systemd/private
unix 2 [ ACC ] STREAM LISTENING 30869 /var/run/frr/watchfrr.vty
unix 2 [ ACC ] STREAM LISTENING 10138 /run/lvm/lvmpolld.socket
unix 2 [ ACC ] STREAM LISTENING 10149 /run/systemd/fsck.progress
unix 2 [ ACC ] STREAM LISTENING 12197 /run/uuidd/request
unix 2 [ ACC ] SEQPACKET LISTENING 10152 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 10155 /run/systemd/journal/stdout
unix 2 [ ACC ] STREAM LISTENING 12213 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 27308 @/var/run/ptmd-quagga.socket
unix 2 [ ACC ] STREAM LISTENING 28094 /run/nclu/uds
unix 2 [ ACC ] STREAM LISTENING 27594 /var/run/lldpd.socket
unix 2 [ ACC ] STREAM LISTENING 26838 /var/run/neighmgrd/uds
unix 2 [ ACC ] STREAM LISTENING 30952 /var/run/frr/zserv.api
unix 2 [ ACC ] STREAM LISTENING 30959 /var/run/frr/zebra.vty
netstat man page
netstat -atDisplays all active listening TCP socket connections.
cumulus@leaf1$ netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:bgp *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost.localdom:2812 *:* LISTEN
tcp 0 0 localhost.localdo:zebra *:* LISTEN
tcp 0 0 localhost.localdo:ospfd *:* LISTEN
tcp 0 0 localhost.localdom:bgpd *:* LISTEN
tcp 0 0 10.1.1.1:bgp 10.1.1.2:57267 ESTABLISHED
tcp 0 0 10.1.1.5:bgp 10.1.1.6:47451 ESTABLISHED
tcp 0 0 10.1.1.33:bgp 10.1.1.34:56332 ESTABLISHED
tcp 0 0 leaf1.lab.local:ssh wbench.lab.local:50308 ESTABLISHED
tcp 0 0 10.1.1.37:bgp 10.1.1.38:45210 ESTABLISHED
tcp6 0 0 [::]:bgp [::]:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
netstat man page
netstat -auDisplays all active listening UDP socket connections.
cumulus@leaf1$ netstat -au
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 :46609 :
udp 0 0 :bootpc :
udp 0 0 leaf1.lab.local:ntp :
udp 0 0 localhost.localdoma:ntp :
udp 0 0 :ntp :
udp 0 0 :4784 :
udp 0 0 :3784 :
udp 0 0 :3785 :
udp6 0 0 [::]:5638 [::]:

udp6 0 0 fe80::7272:cfff:feb:ntp [::]:

udp6 0 0 localhost:ntp [::]:

udp6 0 0 [::]:ntp [::]:

udp6 0 0 [::]:4784 [::]:

udp6 0 0 [::]:3784 [::]:
netstat man page
ps -efDisplays all running processes.
cumulus@leaf1$ ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 Aug27 ? 00:00:21 /sbin/init
root 2 0 0 Aug27 ? 00:00:00 [kthreadd]
root 3 2 0 Aug27 ? 00:00:00 [rcu_gp]
root 4 2 0 Aug27 ? 00:00:00 [rcu_par_gp]
root 6 2 0 Aug27 ? 00:00:00 [kworker/0:0H-kblockd]
root 8 2 0 Aug27 ? 00:00:00 [mm_percpu_wq]
root 9 2 0 Aug27 ? 00:00:05 [ksoftirqd/0]
root 10 2 0 Aug27 ? 00:00:34 [rcu_sched]
root 11 2 0 Aug27 ? 00:00:00 [rcu_bh]
root 12 2 0 Aug27 ? 00:00:00 [migration/0]
root 14 2 0 Aug27 ? 00:00:00 [cpuhp/0]
root 15 2 0 Aug27 ? 00:00:00 [kdevtmpfs]
root 16 2 0 Aug27 ? 00:00:00 [netns]
root 17 2 0 Aug27 ? 00:00:00 [kauditd]
root 18 2 0 Aug27 ? 00:00:00 [khungtaskd]
root 19 2 0 Aug27 ? 00:00:00 [oom_reaper]
root 20 2 0 Aug27 ? 00:00:00 [writeback]
root 21 2 0 Aug27 ? 00:00:00 [kcompactd0]
root 22 2 0 Aug27 ? 00:00:00 [ksmd]
root 23 2 0 Aug27 ? 00:00:00 [khugepaged]
root 24 2 0 Aug27 ? 00:00:00 [crypto]
root 25 2 0 Aug27 ? 00:00:00 [kintegrityd]
root 26 2 0 Aug27 ? 00:00:00 [kblockd]
root 27 2 0 Aug27 ? 00:00:00 [ata_sff]
root 28 2 0 Aug27 ? 00:00:00 [edac-poller]
root 29 2 0 Aug27 ? 00:00:00 [watchdogd]
root 30 2 0 Aug27 ? 00:00:00 [rpciod]
root 31 2 0 Aug27 ? 00:00:00 [kworker/u3:0]
root 32 2 0 Aug27 ? 00:00:00 [xprtiod]
root 33 2 0 Aug27 ? 00:00:00 [kswapd0]
root 34 2 0 Aug27 ? 00:00:00 [nfsiod]
root 49 2 0 Aug27 ? 00:00:00 [kthrotld]
root 50 2 0 Aug27 ? 00:00:01 [kworker/0:1H-kblockd]
root 51 2 0 Aug27 ? 00:00:00 [scsi_eh_0]
root 52 2 0 Aug27 ? 00:00:00 [scsi_tmf_0]
root 53 2 0 Aug27 ? 00:00:00 [scsi_eh_1]
root 54 2 0 Aug27 ? 00:00:00 [scsi_tmf_1]
root 56 2 0 Aug27 ? 00:00:00 [ipv6_addrconf]
root 115 2 0 Aug27 ? 00:00:03 [jbd2/vda4-8]
root 116 2 0 Aug27 ? 00:00:00 [ext4-rsv-conver]
root 207 1 0 Aug27 ? 00:01:44 /lib/systemd/systemd-journald
root 221 1 0 Aug27 ? 00:00:00 /lib/systemd/systemd-udevd
root 232 1 0 Aug27 ? 00:00:03 /usr/sbin/haveged –Foreground –verbose=1 -w 1024
root 238 1 0 Aug27 ? 00:00:00 /sbin/auditd
root 268 1 0 Aug27 ? 00:00:28 /usr/sbin/rsyslogd -n -iNONE
message+ 273 1 0 Aug27 ? 00:00:00 /usr/bin/dbus-daemon –system –address=systemd: –no
root 275 1 0 Aug27 ? 00:00:00 /usr/sbin/rasdaemon -f -r
root 279 1 0 Aug27 ? 00:00:00 /lib/systemd/systemd-logind
root 284 1 0 Aug27 ? 00:00:00 /usr/sbin/cron -f -L 38
root 292 1 0 Aug27 ? 00:00:01 /usr/sbin/wd_keepalive
root 293 1 0 Aug27 tty1 00:00:00 /sbin/agetty -o -p – \u –noclear tty1 linux
root 294 1 0 Aug27 ? 00:01:22 /sbin/mstpd -d -v2
root 326 1 0 Aug27 ? 00:00:00 nginx: master process /usr/sbin/nginx -g daemon on; m
www-data 327 326 0 Aug27 ? 00:00:00 nginx: worker process
root 468 1 0 Aug27 ? 00:00:00 /usr/sbin/switchd -vx
root 488 1 0 Aug27 ? 00:06:46 /usr/bin/python2 /usr/sbin/smond
root 493 1 0 Aug27 ? 00:00:49 /usr/bin/python2 /usr/sbin/pwmd
root 494 1 0 Aug27 ? 00:00:31 /usr/bin/python2 /usr/sbin/ledmgrd
root 564 1 0 Aug27 ? 00:00:02 /sbin/dhclient -pf /run/dhclient.eth0.pid -lf /var/li
root 635 1 0 Aug27 ? 00:13:29 /usr/bin/python2 /usr/bin/neighmgrd
root 637 1 0 Aug27 ? 00:00:07 /bin/bash /usr/lib/cumulus/sysmonitor
root 646 1 0 Aug27 ? 00:00:01 /usr/bin/python -O /usr/sbin/netd -d
root 657 1 0 Aug27 ? 00:00:00 /usr/sbin/sshd -D
ntp 700 1 0 Aug27 ? 00:00:30 /usr/sbin/ntpd -n -u ntp:ntp -g
root 704 1 0 Aug27 ttyS0 00:00:00 /sbin/agetty -o -p – \u –keep-baud 115200,38400,960
root 705 1 0 Aug27 ? 00:00:19 /usr/sbin/ptmd -l INFO
_lldpd 707 1 0 Aug27 ? 00:00:00 lldpd: monitor.
_lldpd 711 707 0 Aug27 ? 00:01:00 lldpd: 10 neighbors.
root 1055 2 0 Aug27 ? 00:00:00 [peerlink]
root 1157 2 0 Aug27 ? 00:00:00 [server01]
root 1165 2 0 Aug27 ? 00:00:00 [server02]
root 1537 1 0 Aug27 ? 00:00:23 /usr/lib/frr/watchfrr -d zebra bgpd staticd
frr 1553 1 0 Aug27 ? 00:02:18 /usr/lib/frr/zebra -d
frr 1557 1 0 Aug27 ? 00:00:52 /usr/lib/frr/bgpd -d
frr 1563 1 0 Aug27 ? 00:00:08 /usr/lib/frr/staticd -d
root 3352 2 0 01:51 ? 00:00:00 [kworker/0:1]
root 3559 2 0 01:57 ? 00:00:03 [kworker/0:0-events]
root 4478 1 1 Aug27 ? 00:43:46 /usr/bin/python /usr/sbin/clagd –daemon linklocal pe
root 4613 2 0 02:24 ? 00:00:00 [kworker/u2:1-server02]
root 5433 2 0 02:49 ? 00:00:00 [kworker/u2:0-peerlink]
root 5637 657 0 02:55 ? 00:00:00 sshd: cumulus [priv]
cumulus 5672 5637 0 02:55 ? 00:00:00 sshd: cumulus@pts/0
cumulus 5673 5672 0 02:55 pts/0 00:00:00 -bash
root 6317 2 0 03:12 ? 00:00:00 [kworker/u2:2-events_unbound]
root 6372 637 0 03:13 ? 00:00:00 sleep 60
cumulus 6398 5673 0 03:14 pts/0 00:00:00 ps -ef
ps man page

NCLU net show Command

The NCLU net show command displays a lot of useful information about the network, including netstat counters, interface details and LLDP information, as just three examples.

CommandDescriptionExampleMore Information
net show countersDisplays interface counters.
cumulus@leaf1$ net show counters
Kernel Interface table
Iface MTU Met RX_OK RX_ERR RX_DRP RX_OVR TX_OK TX_ERR TX_DRP TX_OVR Flg
————- —– —– ——- ——– ——– ——– ——- ——– ——– ——– —–
bond-swp1 1500 0 1298 0 0 0 1950 0 0 0 BMmRU
bond-swp2 1500 0 1322 0 0 0 1976 0 0 0 BMmRU
bridge 1500 0 26 0 0 0 27 0 0 0 BMRU
eth0 1500 0 9306 0 0 0 6462 0 0 0 BMRU
lo 65536 0 0 0 0 0 0 0 0 0 LRU
mgmt 65536 0 6001 0 0 0 4907 0 0 0 OmRU
peerlink 1500 0 4643 0 4 0 4645 0 0 0 BMmRU
peerlink.4094 1500 0 1533 0 0 0 1534 0 0 0 BMRU
swp1 1500 0 1306 0 0 0 1950 0 0 0 BMsRU
swp2 1500 0 1330 0 0 0 1976 0 0 0 BMsRU
swp49 1500 0 2328 0 0 0 2324 0 0 0 BMsRU
swp50 1500 0 2315 0 2 0 2321 0 0 0 BMsRU
swp51 1500 0 1235 0 0 0 1212 0 0 0 BMRU
swp52 1500 0 1046 0 0 0 1049 0 0 0 BMRU
vlan20 1500 0 24 0 0 0 20 0 0 0 BMRU
vlan20-v0 1500 0 15 0 0 0 13 0 0 0 BMRU
NCLU
net show lldpDisplays all LLDP neighbors, in a table format.
cumulus@leaf1$ net show lldp

LocalPort Speed Mode RemoteHost RemotePort
——— —– ———- ————— ———-
eth0 1G Mgmt oob-mgmt-switch swp6
eth0 1G Mgmt oob-mgmt-switch swp6
swp1 1G BondMember server01 eth1
swp2 1G BondMember server02 eth1
swp49 1G BondMember leaf02 swp49
swp49 1G BondMember leaf02 to Leaf01
swp50 1G BondMember leaf02 swp50
swp50 1G BondMember leaf02 to Leaf01
swp51 1G Default spine01 to Leaf01
swp51 1G Default spine01 swp1
swp52 1G Default spine02 swp1
swp52 1G Default spine02 to Leaf01
NCLU
net show interfaceDisplays significant and relevant information for all 'up' interfaces.
cumulus@leaf1$ net show interface

Name Master Speed MTU Mode Remote Host Remote Port Summary
—– ————- ——— ——- —– ————– ————— —————– —————————————
UP lo None N/A 65536 Loopback IP: 10.254.0.3/32, 127.0.0.1/8, ::1/128
UP eth0 mgmt 1G 1500 Mgmt oob-mgmt-switch swp8 IP: 192.168.0.13/24(DHCP)
UP swp1 bond-swp1 1G 1500 BondMember server03 44:38:39:00:00:28 Master: bond-swp1(UP)
UP swp2 bond-swp2 1G 1500 BondMember server04 44:38:39:00:00:23 Master: bond-swp2(UP)
UP swp49 peerlink 1G 1500 BondMember leaf04 swp49 Master: peerlink(UP)
UP swp50 peerlink 1G 1500 BondMember leaf04 swp50 Master: peerlink(UP)
UP swp51 None 1G 1500 BGP Unnumbered spine01 swp3
UP swp52 None 1G 1500 BGP Unnumbered spine02 swp3
UP bond-swp1 bridge 1G 1500 Bond/Access Bond Members: swp1(UP)
UP bond-swp2 bridge 1G 1500 Bond/Access Bond Members: swp2(UP)
UP bridge None N/A 1500 Bridge/L2 Untagged Members: bond-swp1-2, peerlink
UP mgmt None N/A 65536 Interface/L3 IP: 127.0.0.1/8
UP peerlink bridge 2G 1500 Bond/Trunk Bond Members: swp49(UP), swp50(UP)
UP peerlink.4094 None 2G 1500 SubInt/L3 IP: 169.254.1.1/30
ADMDN vagrant None 0M 1500 NotConfigured
UP vlan20 None N/A 1500 Interface/L3 IP: 10.3.20.253/24
UP vlan20-v0 None N/A 1500 Interface/L3 IP: 10.3.20.254/32
NCLU

  1. Requires sudo or logging in as root. ↩︎