Inventum SR command reference

Uncategorized
admin

SR Troubleshooting:

Administrator can troubleshoot Service Router by using below commands and all these commands will run from Privileged ­Exec mode of Service Router. However administrator can run these commands from Global­ Configuration mode also, by prepend a “do” to the command, refer the second one command.

1. Check SR running configuration from Privileged-Exec mode.

# show running-config

1.1 Check SR running configuration from Global-Configuration mode.

(config)# do show running-config

2. To save SR configuration

# copy running-config startup-config

3. To restart authentication service

# service authsrv restart

4. To fetch the QOS policy

# service authsrv fetch-policy

5. To check QOS policy

# show qos-policy

6. To check QOS class

# show qos-class

7. To check all sessions

# show sessions

8. To check customer sessions through their ip

# show session ip <CLIENT IP ADDRESS>

9. To check individual customer session

# show session id <sessions id>

10. To check all links all together

# show links

11. To check individual link

# show link cpeth0

12. To check unauthenticated sessions

# show session unauthenticated

13. To stop, start authentication service

# service authsrv stop
# service authsrv start

14.To logout client session through their ip address

# session logout ip <Client IP Address>

15. To logout individaul customer session

# session logout id <Session id>

16. To check all interfaces of SR

# show interfaces

17. To check individual interface

# show interface cpeth0

18. To check Network Address Translation(NAT)

# show ip nat

19. To check SNAT pool status

# show ip snat pool

20. To check interface specific status

# show port cpeth0 stats all

21. To check DHCP Server lease status

# show ip dhcp lease-status

22. To check DHCP Server pool status

# show ip dhcp pool

23. To check DHCP relay status

# show ip dhcp relay

24. To check license

# show license

25. To reload-license in SR

# reload-license

26. To check SR version

# show version

27. To check DPI engines

# show dpi-engines

28. To check DPI version

# show dpi-version

29. To check SR uptime & load

# show uptime

30. To check SR logged-in user detail

# show users

31. To check the bandwidth utilization on interface.

# show bandwidth-monitor interfaces <INTERFACE NAME>

32. To update SR version

# update firmware

33. To check arp-binding on interface

# show arp-bindings port cpeth1 all

34. To check dns-server status

# show dns-server stats

35. To check Network traffic on Interface.

Configure Mirror Interface to check packetdump:

Mirror interfaces are virtual and useful to debug network packets without actually marking a whole physical interface as a Mirror interface.With the help of these interface, administrator can monitor Layer 3 network traffic passing in or out of, a set of Ethernet interfaces. Administrator can see this traffic in a network analyzer (packetdump) for analysis.

Data plane traffic cannot be seen on any of physical interfaces (cpethX) so, mirror interfaces are required to capture traffic not destined for Service router.

Control plane traffic is destined for SR and hence can be seen using network analyzer tools like tcpdump on cpeth interfaces.

There are two types of modes/tap points that we used.
1.TX tap – It will show the transmitted traffic by the port
2.RX tap – It will show the receiving traffic in the port
Packet selectors (matches) can be configured to mirror packets that match specific conditions.

Restrictions for Mirror interfaces:

  1. A maximum of 10 mirror interfaces are supported in our service router
  2. Mirroring a traffic on an individual sub-interface/vlan/qinq is not supported.

Performance Impact with Mirror Interfaces:

It is recommended that you do not configure mirror interfaces when not being used. otherwise it is going to reduce the throughput rate.

Sample Mirror interface configuration on interface cpeth1.

# configure terminal
(config)# interface ethernet cpeth1
(config-if-cpeth1)# mirror to mirror1 tap rx src 0.0.0.0/0
To verification:
(config-if-cpeth1)# show
!
interface ethernet cpeth1
enable
ip address 192.168.10.1 netmask 255.255.255.0
mirror to mirror1 tap rx src 0.0.0.0/0

Run the packetdump tool from the CLI, run the below command as same as packetdump syntax, to check the status.

# run eth-cp-dump -nn -q -i mirror1 -v

To Remove Mirror interface

# configure terminal
(config)# interface ethernet cpeth1
(config-if-cpeth1)# no mirror to mirror1 tap rx src 0.0.0.0/0
To verification:
(config-if-cpeth1)# show
!
interface ethernet cpeth1
enable
ip address 192.168.10.1 netmask 255.255.255.0

Note: Remove the mirror interface, if not being not used. Otherwise it is going to reduce the throughput rate.