Command reference - stepanblyschak/SONiC GitHub Wiki
- Document History
- Introduction
- Basic Configuration And Show
- AAA & TACACS Configuration And Show
- ACL Configuration And Show
- ARP & NDP
- BGP Configuration And Show Commands
- ECN Configuration And Show Commands
- Interface Configuration And Show-Commands
- Interface Naming Mode
- IP
- LLDP
- Loading, Reloading And Saving Configuration
- Mirroring Configuration And Show
- NTP
- Platform Specific Commands
- PortChannel Configuration And Show
- QoS Configuration & Show
- Startup & Running Configuration
- System State
- VLAN & FDB
- Warm Restart
- Watermark Configuration And Show
- Software Installation Commands
- Troubleshooting Commands
- Routing Stack Configuration And Show
| # | Date | Document Version | Details |
|---|---|---|---|
| 2 | Apr-22-2019 | SONiC architecture | CLI Guide for SONiC 201811 version (build#32) with complete "config" command set |
| 1 | Mar-23-2019 | v1 | Initial version of CLI Guide with minimal command set |
SONiC is an open source network operating system based on Linux that runs on switches from multiple vendors and ASICs. SONiC offers a full-suite of network functionality, like BGP and RDMA, that has been production-hardened in the data centers of some of the largest cloud-service providers. It offers teams the flexibility to create the network solutions they need while leveraging the collective strength of a large ecosystem and community.
SONiC software shall be loaded in these supported devices and this CLI guide shall be used to configure the devices as well as to display the configuration, state and status.
Follow the Quick Start Guide to boot the device in ONIE mode, install the SONiC software using the steps specified in the document and login to the device using the default username and password.
After logging into the device, SONiC software can be configured in following three methods.
- Command Line Interface (CLI)
- config_db.json
- minigraph.xml
This document explains the first method and gives the complete list of commands that are supported in SONiC 201811 version (build#32). All the configuration commands need root privileges to execute them. Note that show commands can be executed by all users without the root privileges. Root privileges can be obtained either by using "sudo" keyword in front of all config commands, or by going to root prompt using "sudo -i". Note that all commands are case sensitive.
- Example:
admin@sonic:~$ sudo config aaa authentication login tacacs+
OR
admin@sonic:~$ sudo -i
root@sonic:~# config aaa authentication login tacacs+
Note that the command list given in this document is just a subset of all possible configurations in SONiC. Please follow config_db.json based configuration for the complete list of configuration options.
Scope Of The Document
It is assumed that all configuration commands start with the keyword “config” as prefix.
Any other scripts/utilities/commands that need user configuration control are wrapped as sub-commands under the “config” command.
The direct scripts/utilities/commands (examples given below) that are not wrapped under the "config" command are not in the scope of this document.
- Acl_loader – This script is already wrapped inside “config acl” command; i.e. any ACL configuration that user is allowed to do is already part of “config acl” command; users are not expected to use the acl_loader script directly and hence this document need not explain the “acl_loader” script.
- Crm – this command is not explained in this document.
- Sonic-clear, sfputil, etc., This document does not explain these scripts also.
This section covers the basic configurations related to the following
- SSH login,
- configuring the management interface,
- Help for Config Commands,
- Help For Show Commands,
- show version,
- Show System Status and
- Show Hardware Platform.
All SONiC devices support both the serial console based login and the SSH based login by default. The default credential (if not modified at image build time) for login is admin/YourPaSsWoRd. In case of SSH login, users can login to the management interface (eth0) IP address after configuring the same using serial console. Refer the following section for configuring the IP address for management interface.
- Example:
At Console:
Debian GNU/Linux 9 sonic ttyS1
sonic login: admin
Password: YourPaSsWoRd
SSH from any remote server to sonic can be done by connecting to SONiC IP
user@debug:~$ ssh admin@sonic_ip_address(or SONIC DNS Name)
admin@sonic's password:
By default, login takes the user to the default prompt from which all the show commands can be executed.
Go Back To Beginning of the document or Beginning of this section
The management interface (eth0) in SONiC is configured (by default) to use DHCP client to get the IP address from the DHCP server. Connect the management interface to the same network in which your DHCP server is connected and get the IP address from DHCP server. The IP address received from DHCP server can be verified using the "/sbin/ifconfig eth0" linux command.
SONiC does not provide a CLI to configure the static IP for the management interface. There are few alternate ways by which a static IP address can be configured for the management interface.
- use "ifconfig eth0" linux command (example: ifconfig eth0 10.11.12.13/24). This configuration won't be preserved across reboot. Example:
admin@sonic:~$ /sbin/ifconfig eth0 10.11.12.13/24
- use config_db.json and configure the MGMT_INTERFACE key with the appropriate values. Refer here
- use minigraph.xml and configure "ManagementIPInterfaces" tag inside "DpgDesc" tag as given at the page
Once the IP address is configured, the same can be verified using "/sbin/ifconfig eth0" linux command. Users can SSH login to this management interface IP address from their management network.
- Example:
admin@sonic:~$ /sbin/ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.11.11.13 netmask 255.255.255.0 broadcast 10.11.12.255
Go Back To Beginning of the document or Beginning of this section
All commands has got in-built help that helps the user to understand the command as well as the possible sub-commands and options. "--help" can be used at any level of the command; i.e. it can be used at the command level, or sub-command level or at argument level. The in-built help will display the next possibilities corresponding to that particular command/sub-command.
config --help
This command lists all the possible configuration commands at the top level.
-
Usage:
config --help -
Example:
admin@sonic:~$ config --help Usage: config [OPTIONS] COMMAND [ARGS] SONiC command line - 'config' command Options: --help Show this message and exit. Commands: aaa AAA command line acl ACL-related configuration tasks bgp BGP-related configuration tasks ecn ECN-related configuration tasks interface Interface-related configuration tasks interface_naming_mode Modify interface naming mode for interacting... load Import a previous saved config DB dump file. load_mgmt_config Reconfigure hostname and mgmt interface based... load_minigraph Reconfigure based on minigraph. mirror_session platform Platform-related configuration tasks portchannel qos reload Clear current configuration and import a... save Export current config DB to a file on disk. tacacs TACACS+ server configuration vlan VLAN-related configuration tasks warm_restart warm_restart-related configuration tasks watermark Configure watermark
Go Back To Beginning of the document or Beginning of this section
show help
This command displays the full list of show commands available in the software; the output of each of those show commands can be used to analyze, debug or troubleshoot the network node.
-
Usage:
You can entershow -?,show -horshow --help -
Example:
admin@sonic:~$ show -? Usage: show [OPTIONS] COMMAND [ARGS]... SONiC command line - 'show' command Options: -?, -h, --help Show this message and exit. Commands: aaa Show AAA configuration acl Show ACL related information arp Show IP ARP table clock Show date and time ecn Show ECN configuration environment Show environmentals (voltages, fans, temps) interfaces Show details of the network interfaces ip Show IP (IPv4) commands ipv6 Show IPv6 commands line Show all /dev/ttyUSB lines and their info lldp LLDP (Link Layer Discovery Protocol)... logging Show system log mac Show MAC (FDB) entries mirror_session Show existing everflow sessions mmu Show mmu configuration ndp Show IPv6 Neighbour table ntp Show NTP information pfc Show details of the priority-flow-control... platform Show platform-specific hardware info priority-group Show details of the PGs processes Display process information queue Show details of the queues reboot-cause Show cause of most recent reboot route-map show route-map runningconfiguration Show current running configuration... services Show all daemon services startupconfiguration Show startup configuration information system-memory Show memory information tacacs Show TACACS+ configuration techsupport Gather information for troubleshooting uptime Show system uptime users Show users version Show version information vlan Show VLAN information warm_restart Show warm restart configuration and state watermark Show details of watermark
The same syntax applies to all subgroups of show which themselves contain subcommands, and subcommands which accept options/arguments.
- Example:
user@debug:~$ show interfaces -? Show details of the network interfaces Options: -?, -h, --help Show this message and exit. Commands: counters Show interface counters description Show interface status, protocol and... naming_mode Show interface naming_mode status neighbor Show neighbor related information portchannel Show PortChannel information status Show Interface status information transceiver Show SFP Transceiver information
Go Back To Beginning of the document or Beginning of this section
show version
This command displays software component versions of the currently running SONiC image. This includes the SONiC image version as well as Docker image versions.
This command displays relevant information as the SONiC and Linux kernel version being utilized, as well as the commit-id used to build the SONiC image. The second section of the output displays the various docker images and their associated id’s.
-
Usage:
show version -
Example:
admin@sonic:~$ show version SONiC Software Version: SONiC.HEAD.32-21ea29a Distribution: Debian 9.8 Kernel: 4.9.0-8-amd64 Build commit: 21ea29a Build date: Fri Mar 22 01:55:48 UTC 2019 Built by: johnar@jenkins-worker-4 Docker images: REPOSITORY TAG IMAGE ID SIZE docker-syncd-brcm HEAD.32-21ea29a 434240daff6e 362MB docker-syncd-brcm latest 434240daff6e 362MB docker-orchagent-brcm HEAD.32-21ea29a e4f9c4631025 287MB docker-orchagent-brcm latest e4f9c4631025 287MB docker-lldp-sv2 HEAD.32-21ea29a 9681bbfea3ac 275MB docker-lldp-sv2 latest 9681bbfea3ac 275MB docker-dhcp-relay HEAD.32-21ea29a 2db34c7bc6f4 257MB docker-dhcp-relay latest 2db34c7bc6f4 257MB docker-database HEAD.32-21ea29a badc6fc84cdb 256MB docker-database latest badc6fc84cdb 256MB docker-snmp-sv2 HEAD.32-21ea29a e2776e2a30b7 295MB docker-snmp-sv2 latest e2776e2a30b7 295MB docker-teamd HEAD.32-21ea29a caf957cd2ad1 275MB docker-teamd latest caf957cd2ad1 275MB docker-router-advertiser HEAD.32-21ea29a b1a62023958c 255MB docker-router-advertiser latest b1a62023958c 255MB docker-platform-monitor HEAD.32-21ea29a 40b40a4b2164 287MB docker-platform-monitor latest 40b40a4b2164 287MB docker-fpm-quagga HEAD.32-21ea29a 546036fe6838 282MB docker-fpm-quagga latest 546036fe6838 282MB
Go Back To Beginning of the document or Beginning of this section
This sub-section explains some set of sub-commands that are used to display the status of various parameters pertaining to the physical state of the network node.
show clock
This command displays the current date and time configured on the system
-
Usage:
show clock -
Example:
admin@sonic:~$ show clock Mon Mar 25 20:25:16 UTC 2019
show environment
This command displays the platform environmentals, such as voltages, temperatures and fan speeds
-
Usage:
show environment -
Example:
admin@sonic:~$ show environment coretemp-isa-0000 Adapter: ISA adapter Core 0: +28.0 C (high = +98.0 C, crit = +98.0 C) Core 1: +28.0 C (high = +98.0 C, crit = +98.0 C) Core 2: +28.0 C (high = +98.0 C, crit = +98.0 C) Core 3: +28.0 C (high = +98.0 C, crit = +98.0 C) SMF_Z9100_ON-isa-0000 Adapter: ISA adapter CPU XP3R3V_EARLY: +3.22 V <... few more things ...> Onboard Temperature Sensors: CPU: 30 C BCM56960 (PSU side): 35 C <... few more things ...> Onboard Voltage Sensors: CPU XP3R3V_EARLY 3.22 V <... few more things ...> Fan Trays: Fan Tray 1: Fan1 Speed: 6192 RPM Fan2 Speed: 6362 RPM Fan1 State: Normal Fan2 State: Normal Air Flow: F2B <... few more things ...> PSUs: PSU 1: Input: AC <... few more things ...>
Note: The show output has got lot of information; only the sample output is given in the above example. Though the displayed output slightly differs from one platform to another platform, the overall content will be similar to the example mentioned above.
show reboot-cause
This command displays the cause of the previous reboot
-
Usage:
show reboot-cause -
Example:
admin@sonic:~$ show reboot-cause
User issued reboot command [User: admin, Time: Mon Mar 25 01:02:03 UTC 2019]
show uptime
This command displays the current system uptime
-
Usage:
show uptime -
Example:
admin@sonic:~$ show uptime up 2 days, 21 hours, 30 minutes
show logging
This command displays all the currently stored log messages.
All the latest processes and corresponding transactions are stored in the "syslog" file.
This file is saved in the path /var/log and can be viewed by giving the command sudo cat syslog as this requires root login.
Individual process can also be viewed using the command `ps -ax | grep <\process name>
-
Usage:
show logging ([] [-l lines] | [-f]) -
Example:
admin@sonic:~$ show logging- It can be useful to pipe the output from
show loggingto the commandmorein order to examine one screenful of log messages at a time
- It can be useful to pipe the output from
-
Example:
admin@sonic:~$ show logging | more- Optionally, you can specify a process name in order to display only log messages mentioning that process
-
Example:
admin@sonic:~$ show logging sensord- Optionally, you can specify a number of lines to display using the
-l' or--lines` option. Only the most recent N lines will be displayed. Also note that this option can be combined with a process name.
- Optionally, you can specify a number of lines to display using the
-
Examples:
admin@sonic:~$ show logging --lines 50admin@sonic:~$ show logging sensord --lines 50- Optionally, you can follow the log live as entries are written to it by specifying the
-for--followflag
- Optionally, you can follow the log live as entries are written to it by specifying the
-
Example:
admin@sonic:~$ show logging --follow
show users
This command displays a list of users currently logged in to the device
-
Usage:
show users -
Examples:
admin@sonic:~$ show users admin pts/9 Mar 25 20:31 (100.127.20.23) admin@sonic:~$ show users admin ttyS1 2019-03-25 20:31
Go Back To Beginning of the document or Beginning of this section
The information displayed in this set of commands partially overlaps with the one generated by “show envinronment” instruction. In this case though, the information is presented in a more succinct fashion. In the future these two CLI stanzas may end up getting combined.
show platform summary
This command displays a summary of the device's hardware platform
-
Usage:
show platform summary -
Example:
admin@sonic:~$ show platform summary Platform: x86_64-dell_s6000_s1220-r0 HwSKU: Force10-S6000 ASIC: broadcom
show platform syseeprom
This command displays information stored on the system EEPROM.
Note that the output of this command is not the same for all vendor's platforms.
Couple of example outputs are given below.
-
Usage:
show platform syseeprom -
Example:
admin@sonic:~$ show platform syseeprom lsTLV Name Len Value -------------------- --- ----- PPID 20 XX-XXXXXX-00000-000-0000 DPN Rev 3 XXX Service Tag 7 XXXXXXX Part Number 10 XXXXXX Part Number Rev 3 XXX Mfg Test Results 2 FF Card ID 2 0x0000 Module ID 2 0 Base MAC Address 12 FE:EC:BA:AB:CD:EF (checksum valid)admin@arc-switch1025:~$ show platform syseeprom TlvInfo Header: Id String: TlvInfo Version: 1 Total Length: 527 TLV Name Code Len Value ---- --- ----- Product Name 0x21 64 MSN2700 Part Number 0x22 20 MSN2700-CS2FO Serial Number 0x23 24 MT1822K07815 Base MAC Address 0x24 6 50:6B:4B:8F:CE:40 Manufacture Date 0x25 19 05/28/2018 23:56:02 Device Version 0x26 1 16 MAC Addresses 0x2A 2 128 Manufacturer 0x2B 8 Mellanox Vendor Extension 0xFD 36 Vendor Extension 0xFD 164 Vendor Extension 0xFD 36 Vendor Extension 0xFD 36 Vendor Extension 0xFD 36 Platform Name 0x28 18 x86_64-mlnx_x86-r0 ONIE Version 0x29 21 2018.08-5.2.0006-9600 CRC-32 0xFE 4 0x11C017E1 (checksum valid)
show platform psustatus
This command displays the status of the device's power supply units
-
Usage:
show platform psustatus -
Example:
admin@sonic:~$ show platform psustatus PSU Status ----- -------- PSU 1 OK PSU 2 OK
Displays diagnostic monitoring information of the transceivers
show interfaces transceiver
This command displays information for all the interfaces for the transceiver requested or a specific interface if the optional "interface-name" is specified.
-
Usage:
show interfaces transceiver [eeprom | lpmode | presence] show interfaces transceiver [eeprom [-d | --dom] | lpmode | presence] [] -
Example (Decode and display information stored on the SFP EEPROM):
admin@sonic:~$ show interfaces transceiver eeprom --dom Ethernet0 Ethernet0: SFP detected Connector : No separable connector Encoding : Unspecified Extended Identifier : Unknown Extended RateSelect Compliance : QSFP+ Rate Select Version 1 Identifier : QSFP+ Length Cable Assembly(m) : 1 Specification compliance : 10/40G Ethernet Compliance Code : 40GBASE-CR4 Fibre Channel Speed : 1200 Mbytes/Sec Fibre Channel link length/Transmitter Technology : Electrical inter-enclosure (EL) Fibre Channel transmission media : Twin Axial Pair (TW) Vendor Date Code(YYYY-MM-DD Lot) : 2015-10-31 Vendor Name : XXXXX Vendor OUI : XX-XX-XX Vendor PN : 1111111111 Vendor Rev : Vendor SN : 111111111 ChannelMonitorValues: RX1Power: -1.1936dBm RX2Power: -1.1793dBm RX3Power: -0.9388dBm RX4Power: -1.0729dBm TX1Bias: 4.0140mA TX2Bias: 4.0140mA TX3Bias: 4.0140mA TX4Bias: 4.0140mA ModuleMonitorValues : Temperature : 1.1111C Vcc : 0.0000Volts -
Example (Display status of low-power mode):
admin@sonic:~$ show interfaces transceiver lpmode Ethernet100 Port Low-power Mode ----------- ---------------- Ethernet100 On -
Example (Display SFP transceiver presence):
admin@sonic:~$ show interfaces transceiver presence Ethernet100 Port Presence ----------- ---------- Ethernet100 Present
Go Back To Beginning of the document or Beginning of this section
This section captures the various show commands & configuration commands that are applicable for the AAA (Authentication, Authorization, and Accounting) module. Admins can configure the type of authentication (local or remote tacacs based) required for the users and also the authentication failthrough and fallback options. Following show command displays the current running configuration related to the AAA.
This command is used to view the Authentication, Authorization & Accounting settings that are configured in the network node.
show aaa
This command displays the AAA settings currently present in the network node
-
Usage:
show aaa -
Example:
admin@sonic:~$ show aaa AAA authentication login local (default) AAA authentication failthrough True (default) AAA authentication fallback True (default)
This sub-section explains all the possible CLI based configuration options for the AAA module. The list of commands/sub-commands possible for aaa is given below.
Command: aaa authentication
sub-commands:
aaa authentication failthrough
aaa authentication fallback
aaa authentication login
aaa authentication failthrough
This command is used to either enable or disable the failthrough option. This command is useful when user has configured more than one tacacs+ server and when user has enabled tacacs+ authentication. When authentication request to the first server fails, this configuration allows to continue the request to the next server. When this configuration is enabled, authentication process continues through all servers configured. When this is disabled and if the authentication request fails on first server, authentication process will stop and the login will be disallowed.
-
Usage:
config aaa authentication failthrough enable|disable|defaultAllow AAA fail-through [enable | disable | default] enable - this allows the AAA module to process with local authentication if remote authentication fails. disbale - this disallows the AAA module to proceed further if remote authentication fails. default - this reconfigures the default value, which is "enable". -
Example:
admin@sonic:~$ sudo -i root@sonic:~# config aaa authentication failthrough enable root@sonic:~#
aaa authentication fallback
The command is not used at the moment. When the tacacs+ authentication fails, it falls back to local authentication by default.
-
Usage:
config aaa authentication fallback enable|disable|defaultAllow AAA fallback [enable | disable | default] -
Example:
root@sonic:~# config aaa authentication fallback enable root@sonic:~#
aaa authentication login
This command is used to either configure whether AAA should use local database or remote tacacs+ database for user authentication. By default, AAA uses local database for authentication. New users can be added/deleted using the linux commands (note that the configuration done using linux commands are not preserved during reboot). Admin can enable remote tacacs+ server based authentication by selecting the AUTH_PROTOCOL as tacacs+ in this command. Admins need to configure the tacacs+ server accordingly and ensure that the connectivity to tacacas+ server is available via the management interface. Once if the admins choose the remote authentication based on tacacs+ server, all user logins will be authenticated by the tacacs+ server. If the authentication fails, AAA will check the "failthrough" configuration and authenticates the user based on local database if failthrough is enabled.
-
Usage:
Switch login authentication [ {tacacs+, local} | default ]Switch login authentication [ {tacacs+, local} | default ] tacacs+ - This enables remote authentication based on tacacs+ local - this disables remote authentication and uses local authentication default - reset back to default value, which is nothing but the "local" authentication -
Example:
root@sonic:~# config aaa authentication login tacacs+ root@sonic:~#
show tacacs
This command displays the global configuration fields and the list of all tacacs servers and their correponding configurations.
-
Usage:
show tacacs -
Example:
TACPLUS global auth_type pap (default) TACPLUS global timeout 99 TACPLUS global passkey <EMPTY_STRING> (default) TACPLUS_SERVER address 10.11.12.14 priority 9 tcp_port 50 auth_type mschap timeout 10 passkey testing789 TACPLUS_SERVER address 10.0.0.9 priority 1 tcp_port 49
This sub-section explains the command "config tacacs" and its sub-commands that are used to configure the following tacacs+ parameters. Some of the parameters like authtype, passkey and timeout can be either configured at per server level or at global level (global value will be applied if there no server level configuration)
- Add/Delete the tacacs+ server details.
- authtype - global configuration that is applied to all servers if there is no server specific configuration.
- default - reset the authtype or passkey or timeout to the default values.
- passkey - global configuration that is applied to all servers if there is no server specific configuration.
- timeout - global configuration that is applied to all servers if there is no server specific configuration.
config tacacs add
This command is used to add a TACACS+ server to the tacacs server list. Note that more than one tacacs+ (maximum of seven) can be added in the device. When user tries to login, tacacs client shall contact the servers one by one. When any server times out, device will try the next server one by one. When this command is executed, the configured tacacs+ server addresses are updated in /etc/pam.d/common-auth-sonic configuration file which is being used by tacacs service.
-
Usage:
config tacacs add <ip_address> [-t|--timeout SECOND] [-k|--key SECRET] [-a|--type TYPE] [-o|--port PORT] [-p|--pri PRIORITY] [-m|--use-mgmt-vrf]Arguments:
ip_address - TACACS+ server IP address. timeout - Transmission timeout interval in seconds, range 1 to 1000, default 5 key - Shared secret type - Authentication type, "chap" or "pap" or "mschap" or "login", default is "pap". port - TCP port range is 1 to 65535, default 49 pri - Priority, priority range 1 to 64, default 1. use-mgmt-vrf - this means that the server is part of Management vrf, default is "no vrf"
-
Example:
root@T1-2:~# config tacacs add 10.11.12.13 -t 10 -k testing789 -a mschap -o 50 -p 9 root@T1-2:~# Example Server Configuration in /etc/pam.d/common-auth-sonic configuration file: auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.11.12.14:50 secret=testing789 login=mschap timeout=10 try_first_pass auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.11.12.24:50 secret=testing789 login=mschap timeout=987654321098765433211 0987 try_first_pass auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.0.0.9:49 secret= login=mschap timeout=5 try_first_pass auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.0.0.8:49 secret= login=mschap timeout=5 try_first_pass auth [success=done new_authtok_reqd=done default=ignore] pam_tacplus.so server=10.11.12.13:50 secret=testing789 login=mschap timeout=10 try_first_pass auth [success=1 default=ignore] pam_unix.so nullok try_first_pass
config tacacs delete
This command is used to delete the tacacs+ servers configured.
-
Usage:
config tacacs delete <ip_address> -
Example:
root@T1-2:~# config tacacs delete 10.11.12.13 root@T1-2:~#
config tacacs authtype
This command is used to modify the global value for the TACACS+ authtype. When user has not configured server specific authtype, this global value shall be used for that server.
-
Usage:
config tacacs authtype chap|pap||mschap|login -
Example:
root@T1-2:~# config tacacs authtype mschap root@T1-2:~#
config tacacs default
This command is used to reset the global value for authtype or passkey or timeout to default value. Default for authtype is "pap", default for passkey is EMPTY_STRING and default for timeout is 5 seconds.
-
Usage:
config tacacs default authtype|passkey|timeout -
Example:
root@T1-2:~# config tacacs default authtype This will reset the global authtype back to the default value "pap".
config tacacs passkey
This command is used to modify the global value for the TACACS+ passkey. When user has not configured server specific passkey, this global value shall be used for that server.
-
Usage:
config tacacs passkey <pass_key> -
Example:
root@T1-2:~# config tacacs passkey testing123 root@T1-2:~#
config tacacs timeout
This command is used to modify the global value for the TACACS+ timeout. When user has not configured server specific timeout, this global value shall be used for that server.
-
Usage:
config tacacs timeout <timeout_value_in_seconds> -
Example:
root@T1-2:~# config tacacs timeout 99 root@T1-2:~#
Go Back To Beginning of the document or Beginning of this section
This section explains the various show commands and configuration commands available for users.
show acl table
This command displays either all the ACL tables that are configured or only the specified "TABLE_NAME". Output from the command displays the table name, type of the table, the list of interface(s) to which the table is bound and the description about the table.
-
Usage:
show acl table [TABLE_NAME] -
Example:
admin@sonic:~$ show acl table Name Type Binding Description -------- --------- --------------- ------------- EVERFLOW MIRROR Ethernet16 EVERFLOW Ethernet96 Ethernet108 Ethernet112 PortChannel0001 PortChannel0002 SNMP_ACL CTRLPLANE SNMP SNMP_ACL DT_ACL_T1 L3 Ethernet0 DATA_ACL_TABLE_1 Ethernet4 Ethernet112 Ethernet116 SSH_ONLY CTRLPLANE SSH SSH_ONLY
show acl rule
This command displays all the ACL rules present in all the ACL tables or only the rules present in specified table "TABLE_NAME" or only the rule matching the RULE_ID option. Output from the command gives the following information about the rules
- Table name - ACL table name to which the rule belongs to.
- Rule name - ACL rule name
- Priority - Priority for this rule.
- Action - Action to be performed if the packet matches with this ACL rule. It could be either Drop or Permit. Users can choose to have a default permit rule or default deny rule. In case of default "deny all" rule, add the permitted rules on top of the deny rule. In case of the default "permit all" rule, users can add the deny rules on top of it. If users have not confgured any rule, SONiC allows all traffic (which is "permit all").
- Match - The fields from the packet header that need to be matched against the same present in the incoming traffic.
-
Usage:
show acl rule [TABLE_NAME] [RULE_ID] -
Example:
admin@sonic:~$ show acl rule Table Rule Priority Action Match -------- ------------ ---------- -------- ------------------ SNMP_ACL RULE_1 9999 ACCEPT IP_PROTOCOL: 17 SRC_IP: 1.1.1.1/32 SSH_ONLY RULE_1 9999 ACCEPT IP_PROTOCOL: 6 SRC_IP: 1.1.1.1/32 SNMP_ACL DEFAULT_RULE 1 DROP ETHER_TYPE: 2048 SSH_ONLY DEFAULT_RULE 1 DROP ETHER_TYPE: 2048
This sub-section explains the list of configuration options available for ACL module. Note that there is no direct command to add or delete or modify the ACL table and ACL rule. Existing ACL tables and ACL rules can be updated by specifying the ACL rules in json file formats and configure those files using this CLI command.
Command :acl
update
full
incremental
config acl update full
This command is to update the rules in all the tables or in one specific table in full. If a table_name is provided, the operation will be restricted in the specified table. All existing rules in the specified table or all tables will be removed. New rules loaded from file will be installed. If the table_name is specified, only rules within that table will be removed and new rules in that table will be installed. If the table_name is not specified, all rules from all tables will be removed and only the rules present in the input file will be added.
The command does not modify anything in the list of acl tables. It modifies only the rules present in those pre-existing tables.
In order to create acl tables, either follow the config_db.json method or minigraph method to populate the list of ACL tables.
After creating tables, either the config_db.json method or the minigraph method or the CLI method (explained here) can be used to populate the rules in those ACL tables.
This command updates only the ACL rules and it does not disturb the ACL tables; i.e. the output of "show acl table" is not alterted by using this command; only the output of "show acl rule" will be changed after this command.
When "--session_name" optional argument is specified, command sets the session_name for the ACL table with this mirror session name. It fails if the specified mirror session name does not exist.
When the optional argument "max_priority" is specified, each rule’s priority is calculated by subtracting its “sequence_id” value from the “max_priority”. If this value is not passed, the default “max_priority” 10000 is used.
-
Usage:
config acl update full FILE_NAME
Some of the possible options are- --table_name <table_name>, Example: config acl update full " --table_name DT_ACL_T1 /etc/sonic/acl_table_1.json "
- --session_name <session_name>, Example: config acl update full " --session_name mirror_ses1 /etc/sonic/acl_table_1.json "
- --max_priority <priority_value>, Example: config acl update full " --max-priority 100 /etc/sonic/acl_table_1.json "
NOTE: All these optional parameters should be inside the double quotes. If none of the options are provided, double quotes is not required for specifying filename alone. Any number of optional parameters can be configured in the same command.
-
Example:
admin@sonic:~$ config acl update full /etc/sonic/acl_full_snmp_1_2_ssh_4.json admin@sonic:~$ config acl update full " --table_name SNMP-ACL /etc/sonic/acl_full_snmp_1_2_ssh_4.json " admin@sonic:~$ config acl update full " --session_name everflow0 /etc/sonic/acl_full_snmp_1_2_ssh_4.json " This command will remove all rules from all the ACL tables and insert all the rules present in this input file. Refer the example file [acl_full_snmp_1_2_ssh_4.json](#) that adds two rules for SNMP (Rule1 and Rule2) and one rule for SSH (Rule4) Refer an example for input file format [here](https://github.com/Azure/sonic-mgmt/blob/master/ansible/roles/test/files/helpers/config_service_acls.sh) Refer another example [here](https://github.com/Azure/sonic-mgmt/blob/master/ansible/roles/test/tasks/acl/acltb_test_rules_part_1.json)
config acl update incremental:
This command is used to perform incremental update of ACL rule table. This command gets existing rules from Config DB and compares with rules specified in input file and performs corresponding modifications.
With respect to DATA ACLs, the command does not assume that new dataplane ACLs can be inserted in betweeen by shifting existing ACLs in all ASICs. Therefore, this command performs a full update on dataplane ACLs. With respect to control plane ACLs, this command performs an incremental update. If we assume that "file1.json" is the already loaded ACL rules file and if "file2.json" is the input file that is passed as parameter for this command, the following requirements are valid for the input file.
- First copy the file1.json to file2.json.
- Remove the unwanted ACL rules from file2.json
- Add the newly required ACL rules into file2.json.
- Modify the existing ACL rules (that require changes) in file2.json.
NOTE: If any ACL rule that is already available in file1.json is required even after this command execution, such rules should remain unalterted in file2.json. Don't remove them. Note that "incremental" is working like "full".
When "--session_name" optional argument is specified, command sets the session_name for the ACL table with this mirror session name. It fails if the specified mirror session name does not exist.
When the optional argument "max_priority" is specified, each rule’s priority is calculated by subtracting its “sequence_id” value from the “max_priority”. If this value is not passed, the default “max_priority” 10000 is used.
-
Usage:
config acl update incremental FILE_NAME Some of the possible options are- --session_name <session_name>, Example: config acl update full " --session_name mirror_ses1 /etc/sonic/acl_table_1.json "
- --max-priority <priority_value>, Example: config acl update full " --max-priority 100 /etc/sonic/acl_table_1.json "
NOTE: All these optional parameters should be inside the double quotes. If none of the options are provided, double quotes is not required for specifying filename alone. Any number of optional parameters can be configured in the same command.
-
Example:
admin@sonic:~$ config acl update incremental /etc/sonic/acl_incremental_snmp_1_3_ssh_4.json admin@sonic:~$ config acl update incremental " --session_name everflow0 /etc/sonic/acl_incremental_snmp_1_3_ssh_4.json " Refer the example file [acl_incremental_snmp_1_3_ssh_4.json](#) that adds two rules for SNMP (Rule1 and Rule3) and one rule for SSH (Rule4) When this "incremental" command is executed after "full" command, it has removed SNMP Rule2 and added SNMP Rule3 in the example. File "acl_full_snmp_1_2_ssh_4.json" has got SNMP Rule1, SNMP Rule2 and SSH Rule4. File "acl_incremental_snmp_1_3_ssh_4.json" has got SNMP Rule1, SNMP Rule3 and SSH Rule4. This file is created by copying the file "acl_full_snmp_1_2_ssh_4.json" to "acl_incremental_snmp_1_3_ssh_4.json" and then removing SNMP Rule2 and adding SNMP Rule3.
Go Back To Beginning of the document or Beginning of this section
show arp
This command displays the ARP entries in the device with following options.
- Display the entire table.
- Display the ARP entries learnt on a specific interface.
- Display the ARP of a specific ip-address.
-
Usage:
show arp [-if ] [] show arp - displays all entries show arp -if - displays the ARP specific to the specified interface. show arp - displays the ARP specific to the specicied ip-address. -
Example:
admin@sonic:~$ show arp Address MacAddress Iface Vlan ------------- ----------------- ------- ------ 192.168.1.183 88:5a:92:fb:bf:41 Ethernet44 - 192.168.1.175 88:5a:92:fc:95:81 Ethernet28 - 192.168.1.181 e4:c7:22:c1:07:7c Ethernet40 - 192.168.1.179 88:5a:92:de:a8:bc Ethernet36 - 192.168.1.118 00:1c:73:3c:de:43 Ethernet64 - 192.168.1.11 00:1c:73:3c:e1:38 Ethernet88 - 192.168.1.161 24:e9:b3:71:3a:01 Ethernet0 - 192.168.1.189 24:e9:b3:9d:57:41 Ethernet56 - 192.168.1.187 74:26:ac:8b:8f:c1 Ethernet52 - 192.168.1.165 88:5a:92:de:a0:7c Ethernet8 - Total number of entries 10- Optionally, you can specify the interface in order to display the ARPs learnt on that particular interface
-
Example:
admin@sonic:~$ show arp -if Ethernet40 Address MacAddress Iface Vlan ------------- ----------------- ---------- ------ 192.168.1.181 e4:c7:22:c1:07:7c Ethernet40 - Total number of entries 1- Optionally, you can specify an IP address in order to display only that particular entry
-
Example:
admin@sonic:~$ show arp 192.168.1.181 Address MacAddress Iface Vlan ------------- ----------------- ---------- ------ 192.168.1.181 e4:c7:22:c1:07:7c Ethernet40 - Total number of entries 1
show ndp
This command displays either all the IPv6 neighbor mac addresses, or for a particular IPv6 neighbor, or for all IPv6 neighbors reachable via a specific interface.
-
Usage:
show ndp [-if|--iface <interface-name.] [IP6ADDRESS] -
Example:
**ALL IPv6 NEIGHBORS:** admin@sonic:~$ show ndp Address MacAddress Iface Vlan Status ------------------------ ----------------- ------- ------ --------- fe80::20c:29ff:feb8:b11e 00:0c:29:b8:b1:1e eth0 - REACHABLE fe80::20c:29ff:feb8:cff0 00:0c:29:b8:cf:f0 eth0 - REACHABLE fe80::20c:29ff:fef9:324 00:0c:29:f9:03:24 eth0 - REACHABLE Total number of entries 3 **SPECIFIC IPv6 NEIGHBOR** admin@sonic:~$ show ndp fe80::20c:29ff:feb8:b11e Address MacAddress Iface Vlan Status ------------------------ ----------------- ------- ------ --------- fe80::20c:29ff:feb8:b11e 00:0c:29:b8:b1:1e eth0 - REACHABLE Total number of entries 1 **SPECIFIC INTERFACE** admin@sonic:~$ show ndp -if eth0 Address MacAddress Iface Vlan Status ------------------------ ----------------- ------- ------ --------- fe80::20c:29ff:feb8:b11e 00:0c:29:b8:b1:1e eth0 - REACHABLE fe80::20c:29ff:feb8:cff0 00:0c:29:b8:cf:f0 eth0 - REACHABLE fe80::20c:29ff:fef9:324 00:0c:29:f9:03:24 eth0 - REACHABLE Total number of entries 3
Go Back To Beginning of the document or Beginning of this section
This section explains all the BGP show commands and BGP configuation commands that are supported in SONiC.
show ip bgp summary
This command displays the summary of all IPv4 bgp neighbors that are configured and the corresponding states.
-
Usage:
show ip bgp summary -
Example:
admin@sonic:~$ show ip bgp summary BGP router identifier 1.2.3.4, local AS number 65061 RIB entries 6124, using 670 KiB of memory Peers 2, using 143 KiB of memory Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.168.1.161 4 65501 88698 102781 0 0 0 08w5d14h 2 192.168.1.163 4 65502 88698 102780 0 0 0 08w5d14h 2 Total number of neighbors 2
show ip bgp neighbors
This command displays all the details of IPv4 & IPv6 BGP neighbors when no optional argument is specified.
When the optional argument IPv4_address is specified, it displays the detailed neighbor information about that specific IPv4 neighbor.
Command has got additional optional arguments to display only the advertised routes, or the received routes, or all routes.
In order to get details for an IPv6 neigbor, use "show ipv6 bgp neighbor <ipv6_address>" command.
-
Usage:
show ip bgp neighbors [ [advertised-routes | received-routes | routes]] -
Example:
admin@sonic:~$ show ip bgp neighbors BGP neighbor is 192.168.1.161, remote AS 65501, local AS 65061, external link Description: ARISTA01T0 BGP version 4, remote router ID 1.2.3.4 BGP state = Established, up for 08w5d14h Last read 00:00:46, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: 4 Byte AS: advertised and received Dynamic: received Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received Graceful Restart Capabilty: advertised and received Remote Restart timer is 120 seconds Address families by peer: IPv4 Unicast(not preserved) Graceful restart informations: End-of-RIB send: IPv4 Unicast End-of-RIB received: IPv4 Unicast Message statistics: Inq depth is 0 Outq depth is 0 Sent Rcvd Opens: 1 1 Notifications: 0 0 Updates: 14066 3 Keepalives: 88718 88698 Route Refresh: 0 0 Capability: 0 0 Total: 102785 88702 Minimum time between advertisement runs is 30 seconds For address family: IPv4 Unicast Community attribute sent to this neighbor(both) 2 accepted prefixes Connections established 1; dropped 0 Last reset never Local host: 192.168.1.160, Local port: 32961 Foreign host: 192.168.1.161, Foreign port: 179 Nexthop: 192.168.1.160 Nexthop global: fe80::f60f:1bff:fe89:bc00 Nexthop local: :: BGP connection: non shared network Read thread: on Write thread: off- Optionally, you can specify an IP address in order to display only that particular neighbor. In this mode, you can optionally specify whether you want to display all routes advertised to the specified neighbor, all routes received from the specified neighbor or all routes (received and accepted) from the specified neighbor.
-
Example:
admin@sonic:~$ show ip bgp neighbors 192.168.1.161 admin@sonic:~$ show ip bgp neighbors 192.168.1.161 advertised-routes admin@sonic:~$ show ip bgp neighbors 192.168.1.161 received-routes admin@sonic:~$ show ip bgp neighbors 192.168.1.161 routes
show ipv6 bgp summary
This command displays the summary of all IPv4 bgp neighbors that are configured and the corresponding states.
-
Usage:
show ipv6 bgp summary -
Example:
admin@sonic:~$ show ipv6 bgp summary BGP router identifier 10.1.0.32, local AS number 65100 RIB entries 12809, using 1401 KiB of memory Peers 8, using 36 KiB of memory Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd fc00::72 4 64600 12588 12591 0 0 0 06:51:17 6402 fc00::76 4 64600 12587 6190 0 0 0 06:51:28 6402 fc00::7a 4 64600 12587 9391 0 0 0 06:51:23 6402 fc00::7e 4 64600 12589 12592 0 0 0 06:51:25 6402 Total number of neighbors 4
show ipv6 bgp neighbors
This command displays all the details of one particular IPv6 Border Gateway Protocol (BGP) neighbor. Option is also available to display only the advertised routes, or the received routes, or all routes.
-
Usage:
show ipv6 bgp neighbors (advertised-routes | received-routes | routes)` -
Example:
admin@sonic:~$ show ipv6 bgp neighbors fc00::72 advertised-routes admin@sonic:~$ show ipv6 bgp neighbors fc00::72 received-routes admin@sonic:~$ show ipv6 bgp neighbors fc00::72 routes
show route-map
This command displays the routing policy that takes precedence over the other route processes that are configured.
-
Usage:
show route-map -
Example:
admin@T1-2:~$ show route-map
ZEBRA:
route-map RM_SET_SRC, permit, sequence 10
Match clauses:
Set clauses:
src 10.12.0.102
Call clause:
Action:
Exit routemap
ZEBRA:
route-map RM_SET_SRC6, permit, sequence 10
Match clauses:
Set clauses:
src fc00:1::102
Call clause:
Action:
Exit routemap
BGP:
route-map FROM_BGP_SPEAKER_V4, permit, sequence 10
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
BGP:
route-map TO_BGP_SPEAKER_V4, deny, sequence 10
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
BGP:
route-map ISOLATE, permit, sequence 10
Match clauses:
Set clauses:
as-path prepend 65000
Call clause:
Action:
Exit routemap
This sub-section explains the list of configuration options available for BGP module for both IPv4 and IPv6 BGP neighbors.
The list of possible BGP config commands are given below.
bgp
shutdown
all
neighbor
startup
all
neighbor
config bgp shut down all
This command is used to shutdown all the BGP IPv4 & IPv6 sessions. When the session is shutdown using this command, BGP state in "show ip bgp summary" is displayed as "Idle (Admin)"
-
Usage:
sudo config bgp shutdown all -
Examples:
admin@sonic:~$ sudo config bgp shutdown all
config bgp shutdown
This command is to shut down a BGP session with a neighbor by that neighbor's IP address or hostname
-
Usage:
sudo config bgp shutdown ( | ) -
Examples:
admin@sonic:~$ sudo config bgp shutdown neighbor 192.168.1.124admin@sonic:~$ sudo config bgp shutdown neighbor SONIC02SPINE
config bgp startup all
This command is used to start up all the IPv4 & IPv6 BGP neighbors
-
Usage:
sudo config bgp startup all` -
Examples:
admin@sonic:~$ sudo config bgp startup all
config bgp startup
This command is used to start up the particular IPv4 or IPv6 BGP neighbor using either the IP address or hostname.
-
Usage:
sudo config bgp startup ( | )` -
Examples:
admin@sonic:~$ sudo config bgp startup neighbor 192.168.1.124admin@sonic:~$ sudo config bgp startup neighbor SONIC02SPINE
Go Back To Beginning of the document or Beginning of this section
This section explains all the Explicit Congestion Notification (ECN) show commands and ECN configuation options that are supported in SONiC.
This sub-section contains the show commands that are supported in ECN.
show ecn
This command displays all the WRED profiles that are configured in the device.
-
Usage:
show ecn -
Example:
show ecn Profile: **AZURE_LOSSLESS** ----------------------- ------- red_max_threshold 2097152 red_drop_probability 5 yellow_max_threshold 2097152 ecn ecn_all green_min_threshold 1048576 red_min_threshold 1048576 wred_yellow_enable true yellow_min_threshold 1048576 green_max_threshold 2097152 green_drop_probability 5 wred_green_enable true yellow_drop_probability 5 wred_red_enable true ----------------------- ------- Profile: **wredprofileabcd** ----------------- --- red_max_threshold 100 ----------------- ---
This sub-section contains the configuration commands that can configure the WRED profiles.
config ecn
This command configures the possible fields in a particular WRED profile that is specified using "-profile " argument. The list of the WRED profile fields that are configurable is listed in the below "Usage".
- Usage:
config ecn [OPTIONS]
ECN Config OPTIONS:
-profile <profile_name> Profile name [required] - Even though the profile_name is specified as optional parameter, it is a mandatory parameter.
-rmax <red threshold max> Set red max threshold
-rmin <red threshold min> Set red min threshold
-ymax <yellow threshold max> Set yellow max threshold
-ymin <yellow threshold min> Set yellow min threshold
-gmax <green threshold max> Set green max threshold
-gmin <green threshold min> Set green min threshold
-v, --verbose Enable verbose output
--help Show this message and exit.
- Example:
root@T1-2:~# config ecn -profile wredprofileabcd -rmax 100 This command configures the "red max threshold" for the WRED profile name "wredprofileabcd". It will create the WRED profile if it does not exist.
Go Back To Beginning of the document or Beginning of this section
This sub-section lists all the possible show commands for the interfaces available in the device. Following example gives the list of possible shows on interfaces. Subsequent pages explain each of these commands in detail.
- Example:
user@debug:~$ show interfaces -? Show details of the network interfaces Options: -?, -h, --help Show this message and exit. Commands: counters Show interface counters description Show interface status, protocol and... naming_mode Show interface naming_mode status neighbor Show neighbor related information portchannel Show PortChannel information status Show Interface status information transceiver Show SFP Transceiver information
show interfaces counters
This show command displays packet counters for all interfaces since the last time the counters were cleared. There is no facility to display counters for one specific interface. Optional argument "-a" does not have any significance in this command. Optional argument "-c" can be used to clear the counters for all interfaces. Optional argument "-p" specify a period (in seconds) with which to gather counters over.
-
Usage:
show interfaces counters [OPTIONS]
OPTIONS:
-a, --printall
-c, --clear
-p, --period TEXT -
Example:
admin@sonic:~$ show interfaces counters IFACE STATE RX_OK RX_BPS RX_UTIL RX_ERR RX_DRP RX_OVR TX_OK TX_BPS TX_UTIL TX_ERR TX_DRP TX_OVR ----------- ------- --------------- ----------- --------- -------- -------- -------- --------------- ----------- --------- -------- -------- -------- Ethernet0 U 471,729,839,997 653.87 MB/s 12.77% 0 18,682 0 409,682,385,925 556.84 MB/s 10.88% 0 0 0 Ethernet4 U 453,838,006,636 632.97 MB/s 12.36% 0 1,636 0 388,299,875,056 529.34 MB/s 10.34% 0 0 0 Ethernet8 U 549,034,764,539 761.15 MB/s 14.87% 0 18,274 0 457,603,227,659 615.20 MB/s 12.02% 0 0 0 Ethernet12 U 458,052,204,029 636.84 MB/s 12.44% 0 17,614 0 388,341,776,615 527.37 MB/s 10.30% 0 0 0 Ethernet16 U 16,679,692,972 13.83 MB/s 0.27% 0 17,605 0 18,206,586,265 17.51 MB/s 0.34% 0 0 0 Ethernet20 U 47,983,339,172 35.89 MB/s 0.70% 0 2,174 0 58,986,354,359 51.83 MB/s 1.01% 0 0 0 Ethernet24 U 33,543,533,441 36.59 MB/s 0.71% 0 1,613 0 43,066,076,370 49.92 MB/s 0.97% 0 0 0- Optionally, you can specify a period (in seconds) with which to gather counters over. Note that this function will take
<period>seconds to execute.
- Optionally, you can specify a period (in seconds) with which to gather counters over. Note that this function will take
-
Example:
admin@sonic:~$ show interfaces counters -p 5 IFACE STATE RX_OK RX_BPS RX_UTIL RX_ERR RX_DRP RX_OVR TX_OK TX_BPS TX_UTIL TX_ERR TX_DRP TX_OVR ----------- ------- ------- ----------- --------- -------- -------- -------- ------- ----------- --------- -------- -------- -------- Ethernet0 U 515 59.14 KB/s 0.00% 0 0 0 1,305 127.60 KB/s 0.00% 0 0 0 Ethernet4 U 305 26.54 KB/s 0.00% 0 0 0 279 39.12 KB/s 0.00% 0 0 0 Ethernet8 U 437 42.96 KB/s 0.00% 0 0 0 182 18.37 KB/s 0.00% 0 0 0 Ethernet12 U 284 40.79 KB/s 0.00% 0 0 0 160 13.03 KB/s 0.00% 0 0 0 Ethernet16 U 377 32.64 KB/s 0.00% 0 0 0 214 18.01 KB/s 0.00% 0 0 0 Ethernet20 U 284 36.81 KB/s 0.00% 0 0 0 138 8758.25 B/s 0.00% 0 0 0 Ethernet24 U 173 16.09 KB/s 0.00% 0 0 0 169 11.39 KB/s 0.00% 0 0 0
show interfaces description
This command displays the key fields of the interfaces such as Operational Status, Administrative Status, Alias and Description.
-
Usage:
show interfaces description [INTERFACENAME] -
Example:
admin@sonic:~$ show interfaces description Interface Oper Admin Alias Description ----------- ------ ------- --------------- -------------------- Ethernet0 down up hundredGigE1/1 T0-1:hundredGigE1/30 Ethernet4 down up hundredGigE1/2 T0-2:hundredGigE1/30 Ethernet8 down down hundredGigE1/3 hundredGigE1/3 Ethernet12 down down hundredGigE1/4 hundredGigE1/4show the description for one particular interface. admin@sonic:~$ show interfaces description Ethernet4 Interface Oper Admin Alias Description ----------- ------ ------- -------------- -------------------- Ethernet4 down up hundredGigE1/2 T0-2:hundredGigE1/30
show interfaces naming_mode
Refer sub-section Interface-Naming-Mode
show interfaces neighbor
This command is used to display the list of expected neighbors for all interfaces (or for a particular interface) that is configured.
-
Usage:
show interfaces neighbor expected [INTERFACENAME] -
Example:
admin@sonic:~$ show interfaces neighbor expected LocalPort Neighbor NeighborPort NeighborLoopback NeighborMgmt NeighborType ----------- ---------- --------------- ------------------ -------------- -------------- Ethernet0 T0-1 hundredGigE1/30 None 10.11.162.45 ToRRouter Ethernet4 T0-2 hundredGigE1/30 None 10.11.162.44 ToRRouter Ethernet112 T2-1 hundredGigE1/2 None 10.11.150.201 SpineRouter Ethernet116 T2-2 hundredGigE1/2 None 10.11.150.202 SpineRouter
show interfaces portchannel
This command displays information regarding port-channel interfaces
-
Usage:
show interfaces portchannel -
Example:
admin@sonic:~$ show interfaces portchannel Flags: A - active, I - inactive, Up - up, Dw - Down, N/A - not available, S - selected, D - deselected No. Team Dev Protocol Ports ----- ------------- ----------- --------------------------- 24 PortChannel24 LACP(A)(Up) Ethernet28(S) Ethernet24(S) 48 PortChannel48 LACP(A)(Up) Ethernet52(S) Ethernet48(S) 40 PortChannel40 LACP(A)(Up) Ethernet44(S) Ethernet40(S) 0 PortChannel0 LACP(A)(Up) Ethernet0(S) Ethernet4(S) 8 PortChannel8 LACP(A)(Up) Ethernet8(S) Ethernet12(S)
show interface status
This command displays some more fields such as Lanes, Speed, MTU, Type, Asymmetric PFC status and also the operational and administrative status of the interfaces
-
Usage:
show interfaces status [INTERFACENAME] -
Example:
show interface status of all interfaces admin@sonic:~$ show interfaces status Interface Lanes Speed MTU Alias Oper Admin Type Asym PFC ----------- --------------- ------- ----- --------------- ------ ------- ------ ---------- Ethernet0 49,50,51,52 100G 9100 hundredGigE1/1 down up N/A off Ethernet4 53,54,55,56 100G 9100 hundredGigE1/2 down up N/A off Ethernet8 57,58,59,60 100G 9100 hundredGigE1/3 down down N/A off <contiues to display all the interfaces>show interface status for one particular interface admin@sonic:~$ show interface status Ethernet0 Interface Lanes Speed MTU Alias Oper Admin ----------- -------- ------- ----- -------------- ------ ------- Ethernet0 101,102 40G 9100 fortyGigE1/1/1 up up
show interfaces transceiver
This command is already explained here
This sub-section explains the following list of configuration on the interfaces.
- ip - To add or remove IP address for the interface
- pfc - to set the PFC configuration for the interface
- shutdown - to administratively shut down the interface
- speed - to set the interface speed
- startup - to bring up the administratively shutdown interface
config interface ip add/remove
This command is used for adding or removing the IP address for an interface. IP address for either physical interface or for portchannel or for VLAN interface can be configured using this command.
-
Usage:
config interface ip add <ip_addr> -
Examples:
Adding IP Address
admin@sonic:~$ sudo config interface Vlan100 ip add 10.11.12.13/24Removing IP Address
admin@sonic:~$ sudo config interface Vlan100 ip remove 10.11.12.13/24
config interface pfc
This command is used for setting the asymmetric PFC for an interface to either "on" or "off". Once if it is configured, use "show interfaces status" to check the same.
-
Usage:
config interface pfc asymmetric on/off -
Examples:
admin@sonic:~$ sudo config interface Ethernet0 pfc asymmetric on
config interface shutdown
This command is used to administratively shut down either the Physical interface or port channel interface. Once if it is configured, use "show interfaces status" to check the same.
-
Usage:
config interface shutdown -
Example:
admin@sonic:~$ sudo config interface Ethernet0 shutdown
config interface startup
This command is used for administratively bringing up the Physical interface or port channel interface.Once if it is configured, use "show interfaces status" to check the same.
-
Usage:
config interface startup -
Example:
admin@sonic:~$ sudo config interface Ethernet0 startup
config interface speed
This command is used to configure the speed for the Physical interface. Use the value 40000 for setting it to 40G and 100000 for 100G. Users need to know the device to configure it properly. Dynamic breakout feature is yet supported in SONiC and hence uses cannot configure any values other than 40G and 100G.
-
Usage:
config interface speed -
Example:
admin@sonic:~$ sudo config interface Ethernet0 speed 40000
Go Back To Beginning of the document or Beginning of this section
This command displays the current interface naming mode. Interface naming mode originally set to 'default'. Interfaces are referenced by default SONiC interface names. Users can change the naming_mode using "config interface_naming_mode" command.
show interfce naming mode
This command displays the current interface naming mode
-
Usage:
show interfaces naming_mode -
Example:
admin@sonic:~$ show interfaces naming_mode **default** - "default" is the name of the default naming_mode since users have not modified it in this example. Following example shows the modified interface_naming_mode admin@sonic:~$ show interfaces naming_mode **alias**
config interface naming mode
This command is used to change the interface naming mode.
Users can select between default mode (SONiC interface names) or alias mode (Hardware vendor names).
The user must log out and log back in for changes to take effect. Note that the newly-applied interface mode will affect all interface-related show/config commands.
NOTE: Some platforms do not support alias mapping. In such cases, this command is not applicable. Such platforms always use the same SONiC interface names.
-
Usage:
config interface_naming_mode (default | alias) -
Interface naming mode originally set to 'default'. Interfaces are referenced by default SONiC interface names:
-
Example:
admin@sonic:~$ show interfaces naming_mode default admin@sonic:~$ show interface status Ethernet0 Interface Lanes Speed MTU Alias Oper Admin ----------- -------- ------- ----- -------------- ------ ------- Ethernet0 101,102 40G 9100 fortyGigE1/1/1 up up admin@sonic:~$ sudo config interface_naming_mode alias Please logout and log back in for changes take effect.- After user logs out and back in again, interfaces now referenced by hardware vendor aliases:
admin@sonic:~$ show interfaces naming_mode alias admin@sonic:~$ sudo config interface fortyGigE1/1/1 shutdown admin@sonic:~$ show interface status fortyGigE1/1/1 Interface Lanes Speed MTU Alias Oper Admin ----------- -------- ------- ----- -------------- ------ ------- Ethernet0 101,102 40G 9100 fortyGigE1/1/1 down down
Go Back To Beginning of the document or Beginning of this section
This sub-section explains the various IP protocol specific show commands that are used to display the following.
- routes
- bgp details - Explained in the bgp section
- IP interfaces
- prefix-list
- protocol
show ip route
This command displays either all the route entries from the routing table or a specific route.
-
Usage:
show ip route []` -
Example:
admin@sonic:~$ show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, P - PIM, A - Babel, > - selected route, * - FIB route S>* 0.0.0.0/0 [200/0] via 10.11.162.254, eth0 C>* 1.1.0.0/16 is directly connected, Vlan100 C>* 10.1.0.1/32 is directly connected, lo C>* 10.1.0.32/32 is directly connected, lo C>* 10.1.1.0/31 is directly connected, Ethernet112 C>* 10.1.1.2/31 is directly connected, Ethernet116 C>* 10.11.162.0/24 is directly connected, eth0 C>* 10.12.0.102/32 is directly connected, lo C>* 127.0.0.0/8 is directly connected, lo C>* 240.127.1.0/24 is directly connected, docker0 -
Optionally, you can specify an IP address in order to display only routes to that particular IP address
-
Example:
admin@sonic:~$ show ip route 10.1.1.0 Routing entry for 10.1.1.0/31 Known via "connected", distance 0, metric 0, best * directly connected, Ethernet112
show ip interfaces
This command displays the details about all the Layer3 IP interfaces in the device for which IP address has been assigned. The type of interfaces include the following.
- Front panel physical ports.
- PortChannel.
- VLAN interface.
- Loopback interfaces
- docker interface and
- management interface
-
Usage:
show ip interfaces -
Example:
admin@sonic:~$ show ip interfaces Interface IPv4 address/mask Admin/Oper --------------- ------------------- ------------ Ethernet112 10.1.1.0/31 up/up Ethernet116 10.1.1.2/31 up/up PortChannel0001 10.0.1.1/31 up/down PortChannel0002 10.0.1.3/31 up/down Vlan100 1.1.2.2/16 up/down docker0 240.127.1.1/24 up/down eth0 10.11.162.42/24 up/up lo 127.0.0.1/8 up/up 10.1.0.1/32 10.1.0.32/32 10.12.0.102/32
show ip protocol
This command displays the route-map that is configured for the routing protocol. Refer the routing stack Quagga Command Reference or FRR Command Reference to know more about this command.
-
Usage:
show ip protocol -
Example:
show ip protocol Protocol : route-map ------------------------ system : none kernel : none connected : none static : none rip : none ripng : none ospf : none ospf6 : none isis : none bgp : RM_SET_SRC pim : none hsls : none olsr : none babel : none any : none
This sub-section explains the various IPv6 protocol specific show commands that are used to display the following.
- routes
- IPv6 bgp details - Explained in the bgp section
- IP interfaces
- protocol
show ipv6 route
This command displays either all the IPv6 route entries from the routing table or a specific IPv6 route.
-
Usage:
show ipv6 route [] -
Example:
admin@sonic:~$ show ipv6 route Codes: K - kernel route, C - connected, S - static, R - RIPng, O - OSPFv6, I - IS-IS, B - BGP, A - Babel, > - selected route, * - FIB route C>* ::1/128 is directly connected, lo C>* 2018:2001::/126 is directly connected, Ethernet112 C>* 2018:2002::/126 is directly connected, Ethernet116 C>* fc00:1::32/128 is directly connected, lo C>* fc00:1::102/128 is directly connected, lo C>* fc00:2::102/128 is directly connected, eth0 C * fe80::/64 is directly connected, Vlan100 C * fe80::/64 is directly connected, Ethernet112 C * fe80::/64 is directly connected, Ethernet116 C * fe80::/64 is directly connected, Bridge C * fe80::/64 is directly connected, PortChannel0011 C>* fe80::/64 is directly connected, eth0 -
Optionally, you can specify an IPv6 address in order to display only routes to that particular IPv6 address
-
Example:
admin@sonic:~$ show ipv6 route fc00:1::32 Routing entry for fc00:1::32/128 Known via "connected", distance 0, metric 0, best * directly connected, lo
show ipv6 interfaces
This command displays the details about all the Layer3 IPv6 interfaces in the device for which IPv6 address has been assigned. The type of interfaces include the following.
- Front panel physical ports.
- PortChannel.
- VLAN interface.
- Loopback interfaces
- management interface
-
Usage:
show ipv6 interfaces -
Example:
admin@sonic:~$ show ipv6 interfaces Interface IPv6 address/mask Admin/Oper --------------- ------------------------------------------- ------------ Bridge fe80::d494:dcff:fe37:535e%Bridge/64 up/down Ethernet112 2018:2001::1/126 up/up fe80::3617:ebff:fe38:100%Ethernet112/64 Ethernet116 2018:2002::1/126 up/up fe80::3617:ebff:fe38:100%Ethernet116/64 PortChannel0001 2018:1002::2/126 up/down PortChannel0002 2018:1002::6/126 up/down PortChannel0011 fe80::3617:ebff:fe38:100%PortChannel0011/64 up/up Vlan100 fe80::3617:ebff:fe38:100%Vlan100/64 up/down eth0 fc00:2::102/128 up/up fe80::3617:ebff:fe38:100%eth0/64 lo fc00:1::102/128 up/up fc00:1::32/128 ::1/128
show ipv6 protocol
This command displays the route-map that is configured for the IPv6 routing protocol. Refer the routing stack Quagga Command Reference or FRR Command Reference to know more about this command.
-
Usage:
show ipv6 protocol -
Example:
show ipv6 protocol Protocol : route-map ------------------------ system : none kernel : none connected : none static : none rip : none ripng : none ospf : none ospf6 : none isis : none bgp : RM_SET_SRC6 pim : none hsls : none olsr : none babel : none any : none
Go Back To Beginning of the document or Beginning of this section
show lldp table
This command displays the brief summary of all LLDP neighbors.
-
Usage:
show lldp table` -
Example:
admin@sonic:~$ show lldp table Capability codes: (R) Router, (B) Bridge, (O) Other LocalPort RemoteDevice RemotePortID Capability RemotePortDescr ----------- ----------------- ------------------- ------------ -------------------- Ethernet112 T1-1 hundredGigE1/2 BR T0-2:hundredGigE1/29 Ethernet116 T1-2 hundredGigE1/2 BR T0-2:hundredGigE1/30 eth0 swtor-b2lab2-1610 GigabitEthernet 0/2 OBR -------------------------------------------------- Total entries displayed: 3
show lldp neighbors
This command displays more details about all LLDP neighbors or only the neighbors connected to a specific interface.
-
Usage:
show lldp neighbors [] -
Example:
admin@sonic:~$ show lldp neighbors ------------------------------------------------------------------------------- LLDP neighbors: ------------------------------------------------------------------------------- Interface: eth0, via: LLDP, RID: 1, Time: 0 day, 12:21:21 Chassis: ChassisID: mac 00:01:e8:81:e3:45 SysName: swtor-b2lab2-1610 SysDescr: Dell Force10 Networks Real Time Operating System Software. Dell Force10 Operating System Version: 1.0. Dell Force10 Application Software Version: 8.3.3.10d. Copyright (c) 1999-2012 by Dell Inc. All Rights Reserved.Build Time: Tue Sep 22 11:21:54 PDT 2015 TTL: 20 Capability: Repeater, on Capability: Bridge, on Capability: Router, on Port: PortID: ifname GigabitEthernet 0/2 VLAN: 162, pvid: yes ------------------------------------------------------------------------------- Interface: Ethernet116, via: LLDP, RID: 3, Time: 0 day, 12:20:49 Chassis: ChassisID: mac 4c:76:25:e7:f0:c0 SysName: T1-2 SysDescr: Debian GNU/Linux 8 (jessie) Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2015-12-19) x86_64 TTL: 120 MgmtIP: 10.11.162.40 Capability: Bridge, on Capability: Router, on Capability: Wlan, off Capability: Station, off Port: PortID: local hundredGigE1/2 PortDescr: T0-2:hundredGigE1/30 ------------------------------------------------------------------------------- Interface: Ethernet112, via: LLDP, RID: 2, Time: 0 day, 12:20:49 Chassis: ChassisID: mac 4c:76:25:e5:e6:c0 SysName: T1-1 SysDescr: Debian GNU/Linux 8 (jessie) Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2015-12-19) x86_64 TTL: 120 MgmtIP: 10.11.162.41 Capability: Bridge, on Capability: Router, on Capability: Wlan, off Capability: Station, off Port: PortID: local hundredGigE1/2 PortDescr: T0-2:hundredGigE1/29 -------------------------------------------------------------------------------- Optionally, you can specify an interface name in order to display only that particular interface
-
Example:
admin@sonic:~$ show lldp neighbors Ethernet112 show lldp neighbors Ethernet112 ------------------------------------------------------------------------------- LLDP neighbors: ------------------------------------------------------------------------------- Interface: Ethernet112, via: LLDP, RID: 2, Time: 0 day, 19:24:17 Chassis: ChassisID: mac 4c:76:25:e5:e6:c0 SysName: T1-1 SysDescr: Debian GNU/Linux 8 (jessie) Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2015-12-19) x86_64 TTL: 120 MgmtIP: 10.11.162.41 Capability: Bridge, on Capability: Router, on Capability: Wlan, off Capability: Station, off Port: PortID: local hundredGigE1/2 PortDescr: T0-2:hundredGigE1/29 -------------------------------------------------------------------------------
Go Back To Beginning of the document or Beginning of this section
This section explains the commands that are used to load the configuration from either the ConfigDB or from the minigraph.
This command is used to load the configuration from configDB. This command loads the configuration from the input file (if user specifies this optional filename, it will use that input file. Or else, it will use the /etc/sonic/config_db.json as the input file) into CONFIG_DB. The configurations present in the input file are applied on top of the already running configuration. This command does not flush the config DB before loading the new configuration. i.e. If the configuration present in the input file is same as the current running-configuration, nothing happens. If the config present in the input file is not present in running-configuration, it will be added. If the config present in the input file matches (when key matches) with the running-configuration, it will be modified as per the new values for those keys.
When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file.
-
Usage:
config load [OPTIONS] [FILENAME] OPTIONS : -y, --yes -
Example:
root@T1-2:~# config load Load config from the file /etc/sonic/config_db.json? [y/N]: y Running command: /usr/local/bin/sonic-cfggen -j /etc/sonic/config_db.json --write-to-db root@T1-2:~#
This command is used to reconfigure hostname and mgmt interface based on device description file. This command either uses the optional file specified as arguement or looks for the file "/etc/sonic/device_desc.xml". If the file does not exist or if the file does not have valid fields for "hostname" and "ManagementAddress", it fails.
When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file.
-
Usage:
config load_mgmt_config [OPTIONS] [FILENAME] OPTIONS : -y, --yes -
Example:
root@T1-2:~# config load_mgmt_config Reload config from minigraph? [y/N]: y Running command: /usr/local/bin/sonic-cfggen -M /etc/sonic/device_desc.xml --write-to-db root@T1-2:~#
This command is used to load the configuration from /etc/sonic/minigraph.xml. When users do not want to use configuration from config_db.json, they can copy the minigraph.xml configuration file to the device and load it using this command. This command restarts various services running in the device and it takes some time to complete the command. NOTE: If the user had logged in using SSH, users might get disconnected and some configuration failures might happen which might be hard to recover. Users need to reconnect their SSH sessions after configuring the management IP address. It is recommended to execute this command from console port. NOTE: Management interface IP address and default route (or specific route) may require reconfiguration in case if those parameters are not part of the minigraph.xml.
When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file.
-
Usage:
config load_minigraph [OPTIONS] OPTIONS : -y, --yes -
Example:
root@T1-2:~# config load_minigraph Reload config from minigraph? [y/N]: y Running command: /usr/local/bin/sonic-cfggen -j /etc/sonic/config_db.json --write-to-db root@T1-2:~#
This command is used to clear current configuration and import new configurationn from the input file or from /etc/sonic/config_db.json. This command shall stop all services before clearing the configuration and it then restarts those services.
This command restarts various services running in the device and it takes some time to complete the command. NOTE: If the user had logged in using SSH, users might get disconnected depending upon the new management IP address. Users need to reconnect their SSH sessions. In general, it is recommended to execute this command from console port after disconnecting all SSH sessions to the device. When users to do “config reload” the newly loaded config may have management IP address, or it may not have management IP address. If mgmtIP is there in the newly loaded config file, that mgmtIP might be same as previously configured value or it might be different. This difference in mgmtIP address values results in following possible behaviours.
Case1: Previously configured mgmtIP is same as newly loaded mgmtIP. The SSH session may not be affected at all, but it’s possible that there will be a brief interruption in the SSH session. But, assuming the client’s timeout value isn’t on the order of a couple of seconds, the session would most likely just resume again as soon as the interface is reconfigured and up with the same IP. Case2: Previously configured mgmtIP is different from newly loaded mgmtIP. Users will lose their SSH connections. Case3: Newly loaded config does not have any mgmtIP. Users will lose their SSH connections.
NOTE: Management interface IP address and default route (or specific route) may require reconfiguration in case if those parameters are not part of the minigraph.xml.
When user specifies the optional argument "-y" or "--yes", this command forces the loading without prompting the user for confirmation. If the argument is not specified, it prompts the user to confirm whether user really wants to load this configuration file.
-
Usage:
config reload [-y|--yes] [-l | --load-sysinfo] [FILENAME] -
Example:
root@T1-2:~# config reload Clear current config and reload config from the file /etc/sonic/config_db.json? [y/N]: y Running command: systemctl stop dhcp_relay Running command: systemctl stop swss Running command: systemctl stop snmp Warning: Stopping snmp.service, but it can still be activated by: snmp.timer Running command: systemctl stop lldp Running command: systemctl stop pmon Running command: systemctl stop bgp Running command: systemctl stop teamd Running command: /usr/local/bin/sonic-cfggen -H -k Force10-Z9100-C32 --write-to-db Running command: /usr/local/bin/sonic-cfggen -j /etc/sonic/config_db.json --write-to-db Running command: systemctl restart hostname-config Running command: systemctl restart interfaces-config Timeout, server 10.11.162.42 not responding. root@T1-2:~#
This command is to save the config DB configuration into the user-specified filename or into the default /etc/sonic/config_db.json. This saves the configuration into the disk which is available even after reboots. Saved file can be transferred to remote machines for debugging. If users wants to load the configuration from this new file at any point of time, they can use "config load" command and provide this newly generated file as input. If users wants this newly generated file to be used during reboot, they need to copy this file to /etc/sonic/config_db.json.
-
Usage:
config save [OPTIONS] [FILENAME] OPTIONS : -y, --yes -
Example:
root@T1-2:~# config save -y /etc/sonic/config2.json - this saves to the filename specified. root@T1-2:~# config save -y - this saves to /etc/sonic/config_db.json.
Go Back To Beginning of the document or Beginning of this section
show mirror_session
This command displays all the mirror sessions that are configured.
-
Usage:
show mirror_session -
Example:
admin@sonic:~$ show mirror session Name Status SRC IP DST IP GRE DSCP TTL Queue --------- -------- --------- -------- ----- ------ ----- ------- everflow0 active 10.1.0.32 10.0.0.7
This command is used to add or remove mirroring sessions. Mirror session is identified by "session_name". While adding a new session, users need to configure the following fields that are used while forwarding the mirrored packets.
- source IP address,
- destination IP address,
- DSCP (QoS) value with which mirrored packets are forwarded
- TTL value
- optional - GRE Type in case if user wants to send the packet via GRE tunnel. GRE type could be anything; it could also be left as empty; by default, it is 0x8949 for Mellanox; and 0x88be for the rest of the chips.
- optional - Queue in which packets shall be sent out of the device. Valid values 0 to 7 for most of the devices. Users need to know their device and the number of queues supported in that device.
-
Usage:
config mirror_session add <session_name> <src_ip> <dst_ip>
[gre_type] [queue] -
Example:
root@T1-2:~# config mirror_session add mrr_abcd 1.2.3.4 20.21.22.23 8 100 0x6558 0 root@T1-2:~# show mirror_session Name Status SRC IP DST IP GRE DSCP TTL Queue --------- -------- ----------- ----------- ------ ------ ----- ------- mrr_abcd inactive 1.2.3.4 20.21.22.23 0x6558 8 100 0 root@T1-2:~#
Go Back To Beginning of the document or Beginning of this section
show ntp
This command displays a list of NTP peers known to the server as well as a summary of their state.
-
Usage:
show ntp -
Example:
admin@sonic:~$ show ntp remote refid st t when poll reach delay offset jitter ============================================================================== 23.92.29.245 .XFAC. 16 u - 1024 0 0.000 0.000 0.000 *204.2.134.164 46.233.231.73 2 u 916 1024 377 3.079 0.394 0.128
Go Back To Beginning of the document or Beginning of this section
config platform mlnx
This command is valid only on mellanox devices. The sub-commands for "config platform" gets populated only on mellanox platforms.
There are no other subcommands on non-Mellanox devices and hence this command appears empty and useless in other platforms.
Mellanox specific commands shall be filled in later.
show interfaces portchannel
This command displays all the port channels that are configured in the device and its current status.
-
Usage:
show interfaces portchannel -
Example:
admin@sonic:~$ show interfaces portchannel Flags: A - active, I - inactive, Up - up, Dw - Down, N/A - not available, S - selected, D - deselected No. Team Dev Protocol Ports ----- ------------- ----------- --------------------------- 24 PortChannel24 LACP(A)(Up) Ethernet28(S) Ethernet24(S) 48 PortChannel48 LACP(A)(Up) Ethernet52(S) Ethernet48(S) 40 PortChannel40 LACP(A)(Up) Ethernet44(S) Ethernet40(S) 0 PortChannel0 LACP(A)(Up) Ethernet0(S) Ethernet4(S) 8 PortChannel8 LACP(A)(Up) Ethernet8(S) Ethernet12(S)
This sub-section explains how to configure the portchannel and its member ports.
config portchannel add/del <portchannel_name>
This command is used to add or delete the portchannel.
It is recommended to use portchannel names in the format "PortChannelxxxx", where "xxxx" is number of 1 to 4 digits. Ex: "PortChannel0002".
NOTE: If users specify any other name like "pc99", command will succeed, but such names are not supported. Such names are not printed properly in the "show interface portchannel" command. It is recommended not to use such names.
When any port is already member of any other portchannel and if user tries to add the same port in some other portchannel (without deleting it from the current portchannel), the command fails internally. But, it does not print any error message. In such cases, remove the member from current portchannel and then add it to new portchannel.
Command takes two optional arguements given below.
- min-links - minimum number of links required to bring up the portchannel
- fallback - true/false. LACP fallback feature can be enabled / disabled. When it is set to true, only one member port will be selected as active per portchannel during fallback mode. Refer https://github.com/Azure/SONiC/blob/master/doc/lag/LACP%20Fallback%20Feature%20for%20SONiC_v0.5.md for more details about fallback feature.
-
Usage:
config portchannel add/del <portchannel_name> [min-links INTEGER] [fallback true/false] -
Example:
admin@sonic:~$ sudo config portchannel add PortChannel0011 This command will create the portchannel with name "PortChannel0011".
config portchannel member add/del <portchannel_name> <member_portname>
This command is to add or delete a member port into the already created portchannel.
-
Usage:
config portchannel member add/del <portchannel_name> <member_portname> -
Example:
admin@sonic:~$ sudo config portchannel member add PortChannel0011 Ethernet4 This command will add Ethernet4 as member of the portchannel "PortChannel0011".
Go Back To Beginning of the document or Beginning of this section
show pfc counters
This command displays the details of Rx & Tx priority-flow-control (pfc) for all ports. This command can be used to clear the counters using -c option.
-
Usage:
show pfc counters [-c or --clear] -
Example:
admin@sonic:~$ show pfc counters Port Rx PFC0 PFC1 PFC2 PFC3 PFC4 PFC5 PFC6 PFC7 ----------- ------ ------ ------ ------ ------ ------ ------ ------ Ethernet0 0 0 0 0 0 0 0 0 Ethernet4 0 0 0 0 0 0 0 0 Ethernet8 0 0 0 0 0 0 0 0 Ethernet12 0 0 0 0 0 0 0 0 Port Tx PFC0 PFC1 PFC2 PFC3 PFC4 PFC5 PFC6 PFC7 ----------- ------ ------ ------ ------ ------ ------ ------ ------ Ethernet0 0 0 0 0 0 0 0 0 Ethernet4 0 0 0 0 0 0 0 0 Ethernet8 0 0 0 0 0 0 0 0 Ethernet12 0 0 0 0 0 0 0 0
This sub-section explains the following queue parameters that can be displayed using "show queue" command.
- queue counters
- queue watermark
- priority-group watermark
- queue persistent-watermark
show queue counters
This command displays packet and byte counters for all queues of all ports or one specific-port given as arguement. This command can be used to clear the counters for all queues of all ports. Note that port specific clear is not supported.
-
Usage:
show queue counters [-c or --clear] [] -
Example:
This example gives the sample output from two ports Ethernet0 and Ethernet4. admin@sonic:~$ show queue counters Port TxQ Counter/pkts Counter/bytes Drop/pkts Drop/bytes --------- ----- -------------- --------------- ----------- ------------ Ethernet0 UC0 0 0 0 0 Ethernet0 UC1 0 0 0 0 Ethernet0 UC2 0 0 0 0 Ethernet0 UC3 0 0 0 0 Ethernet0 UC4 0 0 0 0 Ethernet0 UC5 0 0 0 0 Ethernet0 UC6 0 0 0 0 Ethernet0 UC7 0 0 0 0 Ethernet0 UC8 0 0 0 0 Ethernet0 UC9 0 0 0 0 Ethernet0 MC0 0 0 0 0 Ethernet0 MC1 0 0 0 0 Ethernet0 MC2 0 0 0 0 Ethernet0 MC3 0 0 0 0 Ethernet0 MC4 0 0 0 0 Ethernet0 MC5 0 0 0 0 Ethernet0 MC6 0 0 0 0 Ethernet0 MC7 0 0 0 0 Ethernet0 MC8 0 0 0 0 Ethernet0 MC9 0 0 0 0 Port TxQ Counter/pkts Counter/bytes Drop/pkts Drop/bytes --------- ----- -------------- --------------- ----------- ------------ Ethernet4 UC0 0 0 0 0 Ethernet4 UC1 0 0 0 0 Ethernet4 UC2 0 0 0 0 Ethernet4 UC3 0 0 0 0 Ethernet4 UC4 0 0 0 0 Ethernet4 UC5 0 0 0 0 Ethernet4 UC6 0 0 0 0 Ethernet4 UC7 0 0 0 0 Ethernet4 UC8 0 0 0 0 Ethernet4 UC9 0 0 0 0 Ethernet4 MC0 0 0 0 0 Ethernet4 MC1 0 0 0 0 Ethernet4 MC2 0 0 0 0 Ethernet4 MC3 0 0 0 0 Ethernet4 MC4 0 0 0 0 Ethernet4 MC5 0 0 0 0 Ethernet4 MC6 0 0 0 0 Ethernet4 MC7 0 0 0 0 Ethernet4 MC8 0 0 0 0 Ethernet4 MC9 0 0 0 0- Optionally, you can specify an interface name in order to display only that particular interface
-
Example:
admin@sonic:~$ show queue counters Ethernet72
show queue watermark
This command displays the user watermark for the queues (Egress shared pool occupancy per queue) for either the unicast queues or multicast queues for all ports
-
Usage:
show queue watermark <multicast|unicast> -
Example:
admin@sonic:~$ show queue watermark unicast Egress shared pool occupancy per unicast queue: Port UC0 UC1 UC2 UC3 UC4 UC5 UC6 UC7 ----------- ----- ----- ----- ----- ----- ----- ----- ----- Ethernet0 0 0 0 0 0 0 0 0 Ethernet4 0 0 0 0 0 0 0 0 Ethernet8 0 0 0 0 0 0 0 0 Ethernet12 0 0 0 0 0 0 0 0 admin@sonic:~$ show queue watermark multicast (Egress shared pool occupancy per multicast queue)
show priority-group watermark|persistent-watermark
This command displays the user watermark or persistent-watermark for the Ingress "headroom" or "shared pool occupancy" per priority-group for all ports
-
Usage:
show priority-group <watermark|persistent-watermark> <headroom|shared> -
Example:
admin@sonic:~$ show priority-group watermark shared Ingress shared pool occupancy per PG: Port PG0 PG1 PG2 PG3 PG4 PG5 PG6 PG7 ----------- ----- ----- ----- ----- ----- ----- ----- ----- Ethernet0 0 0 0 0 0 0 0 0 Ethernet4 0 0 0 0 0 0 0 0 Ethernet8 0 0 0 0 0 0 0 0 Ethernet12 0 0 0 0 0 0 0 0 admin@sonic:~$ show priority-group watermark headroom (Ingress headroom per PG) admin@sonic:~$ show priority-group persistent-watermark shared (Ingress shared pool occupancy per PG) admin@sonic:~$ show priority-group persistent-watermark headroom (Ingress headroom per PG)
In addition to user watermark("show queue|priority-group watermark ..."), a persistent watermark is available. It hold values independently of user watermark. This way user can use "user watermark" for debugging, clear it, etc, but the "persistent watermark" will not be affected.
show queue persistent-watermark
This command displays the user persistet-watermark for the queues (Egress shared pool occupancy per queue) for either the unicast queues or multicast queues for all ports
-
Usage:
show queue persistent-watermark <unicast|multicast> -
Example:
admin@sonic:~$ show queue persistent-watermark unicast Egress shared pool occupancy per unicast queue: Port UC0 UC1 UC2 UC3 UC4 UC5 UC6 UC7 ----------- ----- ----- ----- ----- ----- ----- ----- ----- Ethernet0 N/A N/A N/A N/A N/A N/A N/A N/A Ethernet4 N/A N/A N/A N/A N/A N/A N/A N/A Ethernet8 N/A N/A N/A N/A N/A N/A N/A N/A Ethernet12 N/A N/A N/A N/A N/A N/A N/A N/A admin@sonic:~$ show queue persistent-watermark multicast (Egress shared pool occupancy per multicast queue)Both "user watermark" and "persistent watermark" can be cleared by user:
root@sonic:~# sonic-clear queue persistent-watermark unicast root@sonic:~# sonic-clear queue persistent-watermark multicast root@sonic:~# sonic-clear priority-group persistent-watermark shared root@sonic:~# sonic-clear priority-group persistent-watermark headroom
config qos clear
This command is used to clear all the QoS configuration from all the following QOS Tables in ConfigDB.
- TC_TO_PRIORITY_GROUP_MAP,
- MAP_PFC_PRIORITY_TO_QUEUE,
- TC_TO_QUEUE_MAP,
- DSCP_TO_TC_MAP,
- SCHEDULER,
- PFC_PRIORITY_TO_PRIORITY_GROUP_MAP,
- PORT_QOS_MAP,
- WRED_PROFILE,
- QUEUE,
- CABLE_LENGTH,
- BUFFER_POOL,
- BUFFER_PROFILE,
- BUFFER_PG,
- BUFFER_QUEUE
-
Usage:
config qos clear -
Example:
admin@sonic:~$ sudo config qos clear
config qos reload
This command is used to reload the QoS configuration. QoS configuration has got two sets of configurations.
-
Generic QOS Configuration - This gives complete list of all possible QOS configuration. Its given in the file /usr/share/sonic/templates/qos_config.j2 in the device. Reference: https://github.com/Azure/sonic-buildimage/blob/master/files/build_templates/qos_config.j2 Users have flexibility to have platform specific qos configuration by placing the qos_config.j2 file at /usr/share/sonic/device///. If users want to modify any of this loaded QOS configuration, they can modify this file in the device and then issue the "config qos reload" command.
-
Platform specific buffer configuration. Every platform has got platform specific and topology specific (T0 or T1 or T2) buffer configuration at /usr/share/sonic/device///buffers_defaults_tx.j2 In addition to platform specific configuration file, a generic configuration file is also present at /usr/share/sonic/templates/buffers_config.j2. Reference: https://github.com/Azure/sonic-buildimage/blob/master/files/build_templates/buffers_config.j2 Users can either modify the platform specific configuration file, or the generic configuration file and then issue this "config qos reload" command.
These configuration files are already loaded in the device as part of the reboot process. In case if users wants to modify any of these configurations, they need to modify the appropriate QOS tables and fields in these files and then use this reload command. This command uses those modified buffers.json.j2 file & qos.json.j2 file and reloads the new QOS configuration. If users have not made any changes in these configuration files, this command need not be executed.
Some of the example QOS configurations that users can modify are given below.
- TC_TO_PRIORITY_GROUP_MAP
- MAP_PFC_PRIORITY_TO_QUEUE
- TC_TO_QUEUE_MAP
- DSCP_TO_TC_MAP
- SCHEDULER
- PFC_PRIORITY_TO_PRIORITY_GROUP_MAP
- PORT_QOS_MAP
- WRED_PROFILE
- CABLE_LENGTH
- BUFFER_QUEUE
-
Usage:
config qos reload -
Example:
root@T1-2:~# config qos reload Running command: /usr/local/bin/sonic-cfggen -d -t /usr/share/sonic/device/x86_64-dell_z9100_c2538-r0/Force10-Z9100-C32/buffers.json.j2 >/tmp/buffers.json Running command: /usr/local/bin/sonic-cfggen -d -t /usr/share/sonic/device/x86_64-dell_z9100_c2538-r0/Force10-Z9100-C32/qos.json.j2 -y /etc/sonic/sonic_version.yml >/tmp/qos.json Running command: /usr/local/bin/sonic-cfggen -j /tmp/buffers.json --write-to-db Running command: /usr/local/bin/sonic-cfggen -j /tmp/qos.json --write-to-db root@T1-2:~# In this example, it uses the buffers.json.j2 file and qos.json.j2 file from platform specific folders. When there are no changes in the platform specific configutation files, they internally use the file "/usr/share/sonic/templates/buffers_config.j2" and "/usr/share/sonic/templates/qos_config.j2" to generate the configuration.
Go Back To Beginning of the document or Beginning of this section
show startupconfiguration bgp
This command is used to display the startup configuration for the BGP module.
-
Usage:
show startupconfiguration bgp` -
Example:
admin@sonic:~$ show startupconfiguration bgp Routing-Stack is: quagga ! ! =========== Managed by sonic-cfggen DO NOT edit manually! ==================== ! generated by templates/quagga/bgpd.conf.j2 with config DB data ! file: bgpd.conf ! ! hostname T1-2 password zebra log syslog informational log facility local4 ! enable password ! ! ! bgp multiple-instance ! route-map FROM_BGP_SPEAKER_V4 permit 10 ! route-map TO_BGP_SPEAKER_V4 deny 10 ! router bgp 65000 bgp log-neighbor-changes bgp bestpath as-path multipath-relax no bgp default ipv4-unicast bgp graceful-restart restart-time 180 <Only the partial output is shown here. In actual command, more configuration information will be displayed>
This sub-section explains the show commands for displaying the running configuration for the following modules.
- bgp
- interfaces
- ntp
- snmp
- all
show runningconfiguration all
This command displays the entire running configuration.
-
Usage:
show runningconfiguration all -
Example:
admin@sonic:~$ show runningconfiguration all
show runningconfiguration bgp
This command displays the running configuration of the BGP module.
-
Usage:
show runningconfiguration bgp -
Example:
admin@sonic:~$ show runningconfiguration bgp
show runningconfiguration interfaces
This command displays the running configuration for the "interfaces".
-
Usage:
show runningconfiguration interfaces -
Example:
admin@sonic:~$ show runningconfiguration interfaces
show runningconfiguration ntp
This command displays the running configuration of the ntp module.
-
Usage:
show runningconfiguration ntp -
Example:
admin@sonic:~$ show runningconfiguration ntp
show runningconfiguration snmp
This command displays the running configuration of the snmp module.
-
Usage:
show runningconfiguration snmp -
Example:
admin@sonic:~$ show runningconfiguration snmp
Go Back To Beginning of the document or Beginning of this section
This command is used to determine the CPU utilization. It also lists the active processes along with their corresponding process ID and other relevant parameters.
This sub-section explains the various "processes" specific data that includes the following.
- cpu Show processes CPU info
- memory Show processes memory info
- summary Show processes info
“show processes” commands provide a wrapper over linux’s “top” command. “show process cpu” sorts the processes being displayed by cpu-utilization, whereas “show process memory” does it attending to processes’ memory-utilization.
show processes cpu
This command displays the current CPU usage by process. This command uses linux's "top -bn 1 -o %CPU" command to display the output.
-
Usage:
show processes cpuNote that pipe option can be used using " | head -n" to display only the "n" number of lines.
-
Example:
admin@SONiC:~$ show processes cpu top - 23:50:08 up 1:18, 1 user, load average: 0.25, 0.29, 0.25 Tasks: 161 total, 1 running, 160 sleeping, 0 stopped, 0 zombie %Cpu(s): 3.8 us, 1.0 sy, 0.0 ni, 95.1 id, 0.1 wa, 0.0 hi, 0.0 si, 0.0 st KiB Mem: 8181216 total, 1161060 used, 7020156 free, 105656 buffers KiB Swap: 0 total, 0 used, 0 free. 557560 cached Mem PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 2047 root 20 0 683772 109288 39652 S 23.8 1.3 7:44.79 syncd 1351 root 20 0 43360 5616 2844 S 11.9 0.1 1:41.56 redis-server 10093 root 20 0 21944 2476 2088 R 5.9 0.0 0:00.03 top 1 root 20 0 28992 5508 3236 S 0.0 0.1 0:06.42 systemd 2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd 3 root 20 0 0 0 0 S 0.0 0.0 0:00.56 ksoftirqd/0 5 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
show processes memory
This command displays the current memory usage by processes. This command uses linux's "top -bn 1 -o %MEM" command to display the output.
-
Usage:
show processes memoryNote that pipe option can be used using " | head -n" to display only the "n" number of lines.
-
Example:
admin@SONiC:~$ show processes memory top - 23:41:24 up 7 days, 39 min, 2 users, load average: 1.21, 1.19, 1.18 Tasks: 191 total, 2 running, 189 sleeping, 0 stopped, 0 zombie %Cpu(s): 2.8 us, 20.7 sy, 0.0 ni, 76.3 id, 0.0 wa, 0.0 hi, 0.2 si, 0.0 st KiB Mem : 8162264 total, 5720412 free, 945516 used, 1496336 buff/cache KiB Swap: 0 total, 0 free, 0 used. 6855632 avail Mem PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 18051 root 20 0 851540 274784 8344 S 0.0 3.4 0:02.77 syncd 17760 root 20 0 1293428 259212 58732 S 5.9 3.2 96:46.22 syncd 508 root 20 0 725364 76244 38220 S 0.0 0.9 4:54.49 dockerd 30853 root 20 0 96348 56824 7880 S 0.0 0.7 0:00.98 show 17266 root 20 0 509876 49772 30640 S 0.0 0.6 0:06.36 docker 24891 admin 20 0 515864 49560 30644 S 0.0 0.6 0:05.54 docker 17643 admin 20 0 575668 49428 30628 S 0.0 0.6 0:06.29 docker 23885 admin 20 0 369552 49344 30840 S 0.0 0.6 0:05.57 docker 18055 root 20 0 509076 49260 30296 S 0.0 0.6 0:06.36 docker 17268 root 20 0 371120 49052 30372 S 0.0 0.6 0:06.45 docker 1227 root 20 0 443284 48640 30100 S 0.0 0.6 0:41.91 docker 23785 admin 20 0 443796 48552 30128 S 0.0 0.6 0:05.58 docker 17820 admin 20 0 435088 48144 29480 S 0.0 0.6 0:06.33 docker 506 root 20 0 1151040 43140 23964 S 0.0 0.5 8:51.08 containerd 18437 root 20 0 84852 26388 7380 S 0.0 0.3 65:59.76 python3.6
show processes summary
This command displays the current summary information about all the processes
-
Usage:
show processes summary -
Example:
admin@SONiC:~$ show processes summary PID PPID CMD %MEM %CPU 1 0 /sbin/init 0.0 0.0 2 0 [kthreadd] 0.0 0.0 3 2 [ksoftirqd/0] 0.0 0.0 5 2 [kworker/0:0H] 0.0 0.0
These commands are used to know the services that are running and the memory that is utilized currently.
show services
This command displays the state of all the SONiC processes running inside a docker container. This helps to identify the status of SONiC’s critical processes.
-
Usage:
sonic_installer remove <image_name> -
Example:
admin@lnos-x1-a-asw02:~$ show services dhcp_relay docker --------------------------- UID PID PPID C STIME TTY TIME CMD root 1 0 0 05:26 ? 00:00:12 /usr/bin/python /usr/bin/supervi root 24 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n snmp docker --------------------------- UID PID PPID C STIME TTY TIME CMD root 1 0 0 05:26 ? 00:00:16 /usr/bin/python /usr/bin/supervi root 24 1 0 05:26 ? 00:00:02 /usr/sbin/rsyslogd -n Debian-+ 29 1 0 05:26 ? 00:00:04 /usr/sbin/snmpd -f -LS4d -u Debi root 31 1 1 05:26 ? 00:15:10 python3.6 -m sonic_ax_impl syncd docker --------------------------- UID PID PPID C STIME TTY TIME CMD root 1 0 0 05:26 ? 00:00:13 /usr/bin/python /usr/bin/supervi root 12 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n root 17 1 0 05:26 ? 00:00:00 /usr/bin/dsserve /usr/bin/syncd root 27 17 22 05:26 ? 04:09:30 /usr/bin/syncd --diag -p /usr/sh root 51 27 0 05:26 ? 00:00:01 /usr/bin/syncd --diag -p /usr/sh swss docker --------------------------- UID PID PPID C STIME TTY TIME CMD root 1 0 0 05:26 ? 00:00:29 /usr/bin/python /usr/bin/supervi root 25 1 0 05:26 ? 00:00:00 /usr/sbin/rsyslogd -n root 30 1 0 05:26 ? 00:00:13 /usr/bin/orchagent -d /var/log/s root 42 1 1 05:26 ? 00:12:40 /usr/bin/portsyncd -p /usr/share root 45 1 0 05:26 ? 00:00:00 /usr/bin/intfsyncd root 48 1 0 05:26 ? 00:00:03 /usr/bin/neighsyncd root 59 1 0 05:26 ? 00:00:01 /usr/bin/vlanmgrd root 92 1 0 05:26 ? 00:00:01 /usr/bin/intfmgrd root 3606 1 0 23:36 ? 00:00:00 bash -c /usr/bin/arp_update; sle root 3621 3606 0 23:36 ? 00:00:00 sleep 300
show system-memory
This command displays the system-wide memory utilization information – just a wrapper over linux native “free” command
-
Usage:
sonic_installer remove <image_name> -
Example:
admin@lnos-x1-a-asw02:~$ show system-memory Command: free -m -h total used free shared buffers cached Mem: 3.9G 2.0G 1.8G 33M 324M 791M -/+ buffers/cache: 951M 2.9G Swap: 0B 0B 0B
show mmu
This command displays virtual address to the physical address translation status of the Memory Management Unit (MMU).
-
Usage:
show mmu -
Example:
admin@T1-2:~$ show mmu Pool: ingress_lossless_pool ---- -------- xoff 4194112 type ingress mode dynamic size 10875072 ---- -------- Pool: egress_lossless_pool ---- -------- type egress mode static size 15982720 ---- -------- Pool: egress_lossy_pool ---- ------- type egress mode dynamic size 9243812 ---- ------- Profile: egress_lossy_profile ---------- ------------------------------- dynamic_th 3 pool [BUFFER_POOL|egress_lossy_pool] size 1518 ---------- ------------------------------- Profile: pg_lossless_100000_300m_profile ---------- ----------------------------------- xon_offset 2288 dynamic_th -3 xon 2288 xoff 268736 pool [BUFFER_POOL|ingress_lossless_pool] size 1248 ---------- ----------------------------------- Profile: egress_lossless_profile --------- ---------------------------------- static_th 3995680 pool [BUFFER_POOL|egress_lossless_pool] size 1518 --------- ---------------------------------- Profile: pg_lossless_100000_40m_profile ---------- ----------------------------------- xon_offset 2288 dynamic_th -3 xon 2288 xoff 177632 pool [BUFFER_POOL|ingress_lossless_pool] size 1248 ---------- ----------------------------------- Profile: ingress_lossy_profile ---------- ----------------------------------- dynamic_th 3 pool [BUFFER_POOL|ingress_lossless_pool] size 0 ---------- ----------------------------------- Profile: pg_lossless_40000_40m_profile ---------- ----------------------------------- xon_offset 2288 dynamic_th -3 xon 2288 xoff 71552 pool [BUFFER_POOL|ingress_lossless_pool] size 1248 ---------- -----------------------------------
show line
This command displays serial port or a virtual network connection status. This command is used only when SONiC is used as console switch. This command is not applicable when SONiC used as regular switch. NOTE: This command is not working. It crashes as follows. A bug ticket is opened for this issue.
-
Usage:
show line -
Example:
admin@T1-2:~$ show line
Go Back To Beginning of the document or Beginning of this section
show vlan brief
This command displays brief information about all the vlans configured in the device. It displays the vlan ID, IP address (if configured for the vlan), list of vlan member ports, whether the port is tagged or in untagged mode and the DHCP Helper Address.
-
Usage:
show vlan brief -
Example:
admin@sonic:~$ show vlan brief +-----------+--------------+-----------+----------------+-----------------------+ | VLAN ID | IP Address | Ports | Port Tagging | DHCP Helper Address | +===========+==============+===========+================+=======================+ | 100 | 1.1.2.2/16 | Ethernet0 | tagged | 192.0.0.1 | | | | Ethernet4 | tagged | 192.0.0.2 | | | | | | 192.0.0.3 | +-----------+--------------+-----------+----------------+-----------------------+
show vlan config
This command displays all the vlan configuration.
-
Usage:
show vlan config -
Example:
admin@sonic:~$ show vlan config Name VID Member Mode ------- ----- --------- ------ Vlan100 100 Ethernet0 tagged Vlan100 100 Ethernet4 tagged
This sub-section explains how to configure the vlan and its member ports.
config vlan add/del
This command is used to add or delete the vlan.
-
Usage:
config vlan add/del <vlan__id> -
Example:
admin@sonic:~$ sudo config vlan add 100 This command will create the vlan 100 if not exists.
config vlan member add/del
This command is to add or delete a member port into the already created vlan.
-
Usage:
config vlan member add/del [-u or --untagged] <vlan_id> <member_portname>
-u will set the port in untagged mode. -
Example:
admin@sonic:~$ sudo config vlan member add 100 Ethernet0 This command will add Ethernet0 as member of the vlan 100 admin@sonic:~$ sudo config vlan member add 100 Ethernet4 This command will add Ethernet4 as member of the vlan 100.
show mac
This command displays the MAC (FDB) entries either in full or partial as given below.
- show mac - displays the full table
- show mac -v - displays the MACs learnt on the particular VLAN ID.
- show mac -p - displays the MACs learnt on the particular port.
-
Usage:
show mac [-v vlan_id] [-p port_name] -
Example:
admin@sonic:~$ show mac No. Vlan MacAddress Port ----- ------ ----------------- ----------- 1 1000 E2:8C:56:85:4A:CD Ethernet192 2 1000 A0:1B:5E:47:C9:76 Ethernet192 3 1000 AA:54:EF:2C:EE:30 Ethernet192 4 1000 A4:3F:F2:17:A3:FC Ethernet192 5 1000 0C:FC:01:72:29:91 Ethernet192 6 1000 48:6D:01:7E:C9:FD Ethernet192 7 1000 1C:6B:7E:34:5F:A6 Ethernet192 8 1000 EE:81:D9:7B:93:A9 Ethernet192 9 1000 CC:F8:8D:BB:85:E2 Ethernet192 10 1000 0A:52:B3:9C:FB:6C Ethernet192 11 1000 C6:E2:72:02:D1:23 Ethernet192 12 1000 8A:C9:5C:25:E9:28 Ethernet192 13 1000 5E:CD:34:E4:94:18 Ethernet192 14 1000 7E:49:1F:B5:91:B5 Ethernet192 15 1000 AE:DD:67:F3:09:5A Ethernet192 16 1000 DC:2F:D1:08:4B:DE Ethernet192 17 1000 50:96:23:AD:F1:65 Ethernet192 18 1000 C6:C9:5E:AE:24:42 Ethernet192 Total number of entries 18- Optionally, you can specify a VLAN ID or interface name in order to display only that particular entries
-
Example:
admin@sonic:~$ show mac -v 1000 No. Vlan MacAddress Port ----- ------ ----------------- ----------- 1 1000 E2:8C:56:85:4A:CD Ethernet192 2 1000 A0:1B:5E:47:C9:76 Ethernet192 3 1000 AA:54:EF:2C:EE:30 Ethernet192 4 1000 A4:3F:F2:17:A3:FC Ethernet192 5 1000 0C:FC:01:72:29:91 Ethernet192 6 1000 48:6D:01:7E:C9:FD Ethernet192 7 1000 1C:6B:7E:34:5F:A6 Ethernet192 8 1000 EE:81:D9:7B:93:A9 Ethernet192 9 1000 CC:F8:8D:BB:85:E2 Ethernet192 10 1000 0A:52:B3:9C:FB:6C Ethernet192 11 1000 C6:E2:72:02:D1:23 Ethernet192 12 1000 8A:C9:5C:25:E9:28 Ethernet192 13 1000 5E:CD:34:E4:94:18 Ethernet192 14 1000 7E:49:1F:B5:91:B5 Ethernet192 15 1000 AE:DD:67:F3:09:5A Ethernet192 16 1000 DC:2F:D1:08:4B:DE Ethernet192 17 1000 50:96:23:AD:F1:65 Ethernet192 18 1000 C6:C9:5E:AE:24:42 Ethernet192 Total number of entries 18 admin@sonic:~$ show mac -p Ethernet192 No. Vlan MacAddress Port ----- ------ ----------------- ----------- 1 1000 E2:8C:56:85:4A:CD Ethernet192 2 1000 A0:1B:5E:47:C9:76 Ethernet192 3 1000 AA:54:EF:2C:EE:30 Ethernet192 4 1000 A4:3F:F2:17:A3:FC Ethernet192 5 1000 0C:FC:01:72:29:91 Ethernet192 6 1000 48:6D:01:7E:C9:FD Ethernet192 7 1000 1C:6B:7E:34:5F:A6 Ethernet192 8 1000 EE:81:D9:7B:93:A9 Ethernet192 9 1000 CC:F8:8D:BB:85:E2 Ethernet192 10 1000 0A:52:B3:9C:FB:6C Ethernet192 11 1000 C6:E2:72:02:D1:23 Ethernet192 12 1000 8A:C9:5C:25:E9:28 Ethernet192 13 1000 5E:CD:34:E4:94:18 Ethernet192 14 1000 7E:49:1F:B5:91:B5 Ethernet192 15 1000 AE:DD:67:F3:09:5A Ethernet192 16 1000 DC:2F:D1:08:4B:DE Ethernet192 17 1000 50:96:23:AD:F1:65 Ethernet192 18 1000 C6:C9:5E:AE:24:42 Ethernet192 Total number of entries 18 -
sonic-clear fdb [OPTIONS]- Clear FDB table
-
Example:
admin@sonic:~$ sonic-clear fdb all FDB entries are cleared.
Go Back To Beginning of the document or Beginning of this section
show warm_restart config
This command displays all the configuration related to warm_restart.
-
Usage:
show warm_restart config -
Example:
admin@sonic:~$ show warm_restart config name enable timer_name timer_duration ------ -------- ---------------- ---------------- bgp true bgp_timer 100 teamd false teamsyncd_timer 300 swss false neighsyncd_timer 200 system true NULL NULL
show warm_restart state
This command displays the warm_restart state.
-
Usage:
show warm_restart state -
Example:
name restore_count state ---------- --------------- ---------- orchagent 0 vlanmgrd 0 bgp 1 reconciled portsyncd 0 teammgrd 1 neighsyncd 0 teamsyncd 1 syncd 0
Go Back To Beginning of the document or Beginning of this section
This sub-section explains the various configuration related to warm restart feature. Following parameters can be configured using this command.
- bgp_timer
- disable
- enable
- neighsyncd_timer
- teamsyncd_timer Each of these sub-commands are explained in the following section.
Users can use an optional parameter "-s" to use the unix domain socket for communicating with the RedisDB which will be faster when compared to using the default network sockets. All these commands have the following option.
Options: -s, --redis-unix-socket-path TEXT unix socket path for redis connection
config warm_restart bgp_timer
This command is used to set the bgp_timer value for warm_restart of BGP service. bgp_timer holds the time interval utilized by fpmsyncd during warm-restart episodes. During this interval fpmsyncd will recover all the routing state previously pushed to AppDB, as well as all the new state coming from zebra/bgpd. Upon expiration of this timer, fpmsyncd will execute the reconciliation logic to eliminate all the stale entries from AppDB. This timer should match the BGP-GR restart-timer configured within the elected routing-stack. Supported range: 1-3600.
-
Usage:
config warm_restart bgp_timer seconds range 1 to 3600. -
Example:
admin@sonic:~$ sudo config warm_restart bgp_timer 1000
config warm_restart enable/disable
This command is used to enable or disable the warm_restart for a particular service that supports warm reboot. Following four services support warm reboot. When user restarts the particular service using "systemctl restart <service_name>", this configured value will be checked for whether it is enabled or disabled. If this configuration is enabled for that service, it will perform warm reboot for that service. Otherwise, it will do cold restart of the service.
-
Usage:
config warm_restart enable [<module_name>]module_name can be either system or swss or bgp or teamd. If "module_name" argument is not specified, it will enable "system" module.
-
Example:
admin@sonic:~$ sudo config warm_restart enable The above command will set warm_restart as "enable" for the "system" service. admin@sonic:~$ sudo config warm_restart enable swss The above command will set warm_restart as "enable" for the "swss" service. When user does "systemctl restart swss", it will perform warm reboot instead of cold reboot. admin@sonic:~$ sudo config warm_restart enable teamd The above command will set warm_restart as "enable" for the "teamd" service. When user does "systemctl restart teamd", it will perform warm reboot instead of cold reboot.
config warm_restart neighsyncd_timer
This command is used to set the neighsyncd_timer value for warm_restart of "swss" service. neighsyncd_timer is the timer used for "swss" (neighsyncd) service during the warm restart. Timer is started after the neighborTable is restored to internal data structures. neighborsyncd then starts to read all linux kernel entries and mark the entries in the data structures accordingly. Once the timer is expired, reconciliation is done and the delta is pushed to appDB Valid value is 1-9999. 0 is invalid.
-
Usage:
config warm_restart bgp_timerneighsyncd_timer seconds range 1 to 9999. -
Example:
admin@sonic:~$ sudo config warm_restart neighsyncd_timer 2000
config warm_restart teamsyncd_timer
This command is used to set the teamsyncd_timer value for warm_restart of teamd service. teamsyncd_timer holds the time interval utilized by teamsyncd during warm-restart episodes. The timer is started when teamsyncd starts. During the timer interval, teamsyncd will preserve all LAG interface changes, but it will not apply them. The changes will only be applied when the timer expires. When the changes are applied, the stale LAG entries will be removed, the new LAG entries will be created. Supported range: 1-9999. 0 is invalid
-
Usage:
config warm_restart teamsyncd_timer seconds range 1 to 9999. -
Example:
admin@sonic:~$ sudo config warm_restart teamsyncd_timer 3000
Go Back To Beginning of the document or Beginning of this section
show watermark telemetry interval
This command displays the configured interval for the telemetry.
-
Usage:
show watermark telemetry interval -
Example:
admin@sonic:~$ show watermark telemetry interval Telemetry interval 120 second(s)
config watermark telemetry interval
This command is used to configure the interval for telemetry. The default interval is 120 seconds. There is no regulation on the valid range of values; it leverages linux timer.
-
Usage:
config watermark telemetry interval -
Example:
admin@sonic:~$ sudo config watermark telemetry interval 999
Go Back To Beginning of the document or Beginning of this section
SONiC software can be installed in two methods, viz, "using sonic_installer tool", "ONIE Installer".
This is a command line tool available as part of the SONiC software; If the device is already running the SONiC software, this tool can be used to install an alternate image in the partition. This tool has facility to install an alternate image, list the available images and to set the next reboot image.
sonic_installer install
This command is used to install a new image on the alternate image partition. This command takes a path to an installable SONiC image or URL and installs the image.
-
Usage:
sonic_installer install -
Example:
admin@sonic:~$ sonic_installer install https://sonic-jenkins.westus.cloudapp.azure.com/job/xxxx/job/buildimage-xxxx-all/xxx/artifact/target/sonic-xxxx.bin New image will be installed, continue? [y/N]: y Downloading image... ...100%, 480 MB, 3357 KB/s, 146 seconds passed Command: /tmp/sonic_image Verifying image checksum ... OK. Preparing image archive ... OK. ONIE Installer: platform: XXXX onie_platform: Installing SONiC in SONiC Installing SONiC to /host/image-xxxx Directory /host/image-xxxx/ already exists. Cleaning up... Archive: fs.zip creating: /host/image-xxxx/boot/ inflating: /host/image-xxxx/boot/vmlinuz-3.16.0-4-amd64 inflating: /host/image-xxxx/boot/config-3.16.0-4-amd64 inflating: /host/image-xxxx/boot/System.map-3.16.0-4-amd64 inflating: /host/image-xxxx/boot/initrd.img-3.16.0-4-amd64 creating: /host/image-xxxx/platform/ extracting: /host/image-xxxx/platform/firsttime inflating: /host/image-xxxx/fs.squashfs inflating: /host/image-xxxx/dockerfs.tar.gz Log file system already exists. Size: 4096MB Installed SONiC base image SONiC-OS successfully Command: cp /etc/sonic/minigraph.xml /host/ Command: grub-set-default --boot-directory=/host 0 Done
sonic_installer list
This command displays information about currently installed images. It displays a list of installed images, currently running image and image set to be loaded in next reboot.
-
Usage:
sonic_installer list -
Example:
admin@sonic:~$ sonic_installer list Current: SONiC-OS-HEAD.XXXX Next: SONiC-OS-HEAD.XXXX Available: SONiC-OS-HEAD.XXXX SONiC-OS-HEAD.YYYY
sonic_installer set_default
This command is be used to change the image which can be loaded by default in all the subsequent reboots.
-
Usage:
sonic_installer set_default <image_name> -
Example:
admin@sonic:~$ sonic_installer set_default SONiC-OS-HEAD.XXXX
sonic_installer set_next_boot
This command is used to change the image that can be loaded in the next reboot only. Note that it will fallback to current image in all other subsequent reboots after the next reboot.
-
Usage:
sonic_installer set_next_boot <image_name> -
Example:
admin@sonic:~$ sonic_installer set_next_boot SONiC-OS-HEAD.XXXX
sonic_installer remove
This command is used to remove the unused SONiC image from the disk. Note that it's not allowed to remove currently running image.
-
Usage:
sonic_installer remove <image_name> -
Example:
admin@sonic:~$ sonic_installer remove SONiC-OS-HEAD.YYYY Image will be removed, continue? [y/N]: y Updating GRUB... Done Removing image root filesystem... Done Command: grub-set-default --boot-directory=/host 0 Image removed
Go Back To Beginning of the document or Beginning of this section
For troubleshooting and debugging purposes, this command gathers pertinent information about the state of the device; information is as diverse as syslog entries, database state, routing-stack state, etc., It then compresses it into an archive file. This archive file can be sent to the SONiC development team for examination.
Resulting archive file is saved as /var/dump/<DEVICE_HOST_NAME>_YYYYMMDD_HHMMSS.tar.gz
-
Usage:
show techsupport -
Example:
admin@sonic:~$ show techsupport
If the SONiC system was running for quite some time show techsupport will produce a large dump file. To reduce the amount of syslog and core files gathered during system dump use --since option:
- Example:
admin@sonic:~$ show techsupport --since=yesterday # Will collect syslog and core files for the last 24 hours admin@sonic:~$ show techsupport --since='hour ago' # Will collect syslog and core files for the last one hour
Go Back To Beginning of the document or Beginning of this section
SONiC software is agnostic of the routing software that is being used in the device. For example, users can use either Quagga or FRR routing stack as per their requirement. A separate shell (vtysh) is provided to configure such routing stacks. Once if users go to "vtysh", they can use the routing stack specific commands as given in the following example.
- Example: Quagga Routing Stack
admin@T1-2:~$ vtysh
Hello, this is Quagga (version 0.99.24.1).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
T1-2# show route-map (This command displays the route-map that is configured for the routing protocol.)
ZEBRA:
route-map RM_SET_SRC, permit, sequence 10
Match clauses:
Set clauses:
src 10.12.0.102
Call clause:
Action:
Exit routemap
Refer the routing stack Quagga Command Reference or FRR Command Reference to know more about about the routing stack configuration.
Go Back To Beginning of the document