WARNING!!: By no means this is an official supported/recommended Juniper command list !!!

Furthermore, care must be taken at the time to use Shell commands!! (only under JTAC supervision)
COMMAND Description Example

Chassis Management

show chassis alarm Chassis alarm status

show chassis craft-interface Information currently on craft display
set chassis display message "M40e unit for swap" displays a user defined message on the LCD craft interface
show chassis environment Environmental information & temperature
show chassis temperature-thresholds Displays temperature thresholds
show chassis routing-engine Displays info about the RE, memory & CPU utilization
show chassis hardware detail/frus/ext Hardware inventory + serial numbers; frus shows fans; ext shows eeprom, flash/disk capacity
show chassis fpc displays status of all FPCs installed (mem heap should be <80% !)
show chassis fpc detail includes also SRAM/SDRAM available Mem and usage
show chassis fpc pic-satus Displays info for all PICs
show chassis pic fpc-slot 0 pic-slot 1 Displays info about one particular PIC
show chassis mac-addresses MAC address
show chassis [feb | scb | ssb | sfm slot] displays satus about PFE system control board (temp, cpu%,DRAM…)

System management

show host ns lookup show host www.cisco.com

show version displays software running on the box
show system software detail displays installed packages
show system uptime uptime of the router
show system processes extensive/summary Show the process table
show system statistics ip, icmp,… Show protocol statistics
show system connections lists only active IP sockets on RE
show system users Show users currently logged into the system
show system storage displays the amount of amount of free disk space on file system
root% df -k show system storage from Shell
show system boot-messages displays contents of boot log (boot-up messages)
show system virtual-memory displays current memory state
request system reboot Restarts the system
request system halt Stops the router and prepares it to be shut down
request system reboot Reboot the system
request system snapshot Save config in /altconfig and software in /altroot before upgrade
request support information show tech
request system software add <pkgname> performs bsd pgkadd; always use jbundle (4->5 jinstall)
restart <process> [ gracefully, immediately, soft] Restart process
request chassis routing-engine diagnostics all (hidden) runs a diagnostic script in compact-flash,hard-disk & memory
request system storage cleanup Free storage space on the router by rotating log files and proposing a list
of files for deletion. User input is required for file deletion.

Configuration

configuration enters configuration mode

show displays the current configuration show protocols ospf
| match item filters the output of the command show config | match firewall
| find item filters starting with the regular expression show config | find firewall
| save <file> save configuration as <file>
edit modifies configuration statements edit protocols ospf
set sets configuration statements set chassis alarm sonet lo1 red
delete removes configuration statements
exit exists edit mode and also config mode
commit save, validate and activate a complete config
commit check just check config do not apply
commit confirmed x activates config for a x minutes and then ask for confirmation, x=10 default
commit and-quit activates config and exists edit mode
commit synchronize activates config on active RE and replicates it into backup RE
commit full (hidden) signals to all daemons a SIGHUP (kill -1) which forces them to read their config files (restarts all daemons)
root% mgd -l (hidden) from shell same as commit full but from shell
commit at activates config at a given time (schedule a commit) commit at "18:00:00"
clear system commit Clear all pending commit requests
rollback 0 deletes the new edited changes and returns to current config
rollback returns to the last commited config
rollback + commit it will return to previously saved config. Only at the top level!
load merge </var/home/user/config> combines the current config and the new one
load override </var/home/user/config> erases the candidate config and replaces it with "luis"
load merge terminal copy and paste portions of the config, vanaf root config
load factory-default loads the factory default settings config router# load override /packages/mnt/jbase/sbin/install/default-juniper.conf
show | compare compares the candidate config with the running config
show system rollback 40 displays a rollback file
show system rollback compare 0 32 shows differences between rollbacks 0 and 32 files
save saves config in /var/home directory save CJNR-reset
save username@host:filename saves config in remote system using ssh save [email protected]:SYD-AJNR-basic-intf
show configuration groups junos-defaults (hidden) displays only certain JUNOS default settins (system/services/apps)

Managing files

start shell
/config flashdisk contains active config and rollbacks 1,2 & 3
/var/db/config harddisk contains rollback files 4 through 49
/var/tmp harddisk contains core files generated by the daemons when they crash
/var/log harddisk files generated by the logging and traceoptions
/var/home harddisk contains subdirectory per user
/altroot harddisk contains a copy of the root file structure form the flash drive request system snapshot
/altconfig harddisk contains a copy of the /config file structure on the flash drive request system snapshot
file list displays all files on this user home directory
file list /config displays all files on the /config directory
file show <file> displays content of <file>
file delete deletes a file from hard disk file delete /var/tmp/smpd.core
file copy source destination copies files from one RE to the other GRTAMSTC1> file copy /var/home/jinstall-6.2-domestic-signed.tgz re0:/var/home/lgomez
root@host> file copy /config/juniper.conf ftp://jvserver.uu.net/tmp/juniper.conf
file copy filename ftp://hostname/filename ftp Copy Files from the Local Router to a Remote System
root@host> file copy /config/juniper.conf ftp://[email protected]/tmp/juniper.conf
file copy filename scp://user@hostname/filename scp root@host> file copy /config/juniper.conf scp://user@ssh-host/tmp/juniper.conf

file copy ftp://hostname/filename filename ftp Copy Files from a Remote System to the local router root@host> file copy ftp://jvserver.uu.net/jbundle-package-name /var/tmp/jbundle-package-name
root@host> file copy ftp://[email protected]/jbundle-package-name /var/tmp/jbundle-package-name
show system rollback 40 displays a rollback file
show system rollback compare 0 32 shows differences between rollbacks 0 and 32 files

Logs located in /var/log

show log messages shows all the logs, location is /var/log

show log file-name shows logs about an specific log file show log bgp-events.0
show log cli show logs about cli commands issued
show log chassisd show logs about chassis probs
show log install show logs releveant to an install JUNOS version
show log debug show daemon logs
show log messages? displays all the files with their dates of the collected logs
show log inventory shows logs about inventory
monitor start file-name monitors logs in real time
monitor stop stops monitoring
help syslog explanation of log meaning help syslog ASP_SFW_IP_FRAGMENT_ASSEMBLY_TIMEOUT

Show interfaces

show interfaces detail shows detailed info about an interface

extensive shows all possible info about an interface (very detailed)
terse shows ip interface brief
description shows interfaces description
media Display media information
 statistics Display statistics and detailed info
routing Display routing status
monitor interface x-x/x/x monitors interface real-time statistics
monitor traffic interface x-x/x/x prints packet headers to your terminal screen for info sent/received by the RE. No filtering allowed !!
monitor traffic interface x-x/x/x write-file [file] (hidden) writes output to this command to a file, with L2 headers present
all info is stored in a file so you can use tcpdump to read it monitor traffic interface fe-0/0/0 write-file dump
% tcpdump -r Shell command read the contents of a tcpdump file XR1.AMS6> start shell
% tcpdump -r dump icmp
monitor start <var/log/file> prints logfile to your terminal screen
show arp shows ARP entries
clear interfaces statistics so-2/0/1 reset counters & statistics for this particular interface
show interfaces diagnostics optics so-1/0/0 displays SONET signaling power values and laser Tx Rx

Routing

show route show ip route

show route protocol [static, isis…] show ip route for an specific protocol show route protocol static
show route x.x.x.x extensive extensive view of a route
show route advertising-protocol
show route receiving-protocol

Forwarding

show route forwarding-table destination x.x.x.x displays route entries in the master copy of the FT (on RE) XR1.AMS6> show route forwarding-table destination 192.168.20.1
clear route forwarding-table x.x.x.x clears entries from the FT (be careful! could lead to RIB/FIB inconsistencies!!)
SFM0 (vty)# show route ip prefix x.x.x.x Shell command displays route entries into the PFE FT (should be identical to RE FT)

Firewall

show firewall show packet/byte counts for all policing filters

show firewall log detail log in memory resident buffer/kernel cache (detail: packet length)
clear firewall [all|filter-name|counter-name] clears counters
show interfaces filters displays all firewall filters on all interfaces
show interfaces policers displays all firewall policers on all interfaces
show policer displays all policers, where it is used and no. packets processed

Management & Interface testing

ping icmp echo-request/echo-response

ping atm interface <intf> vci <nr> ping remote atm interface using oam cells
traceroute send udp 33434/ttl=1- receive icmp time-exceeded
send udp 33435/ttl=2 - receive icmp time-exceeded
…
send udp 33439/ttl=6 - receive icmp port unreachable
Loopback test
set t3-options loopback local and delete sets loopback on PIC towards router
set t3-options loopback remote and delete sets loopback on PIC towards far-end

BERT test
set t3-options bert-period 120 BERT test duration
set t3-options bert-algorithm all-ones-repeating BERT test pattern
set t3-options bert-error-rate 0 BERT test error rate
test interface t3-1/2/0 t3-bert-start Starts BERT test
test interface t3-1/2/0 t3-bert-stop Stops BERT test
show interfaces t3-1/2/0 extensive | find bert

Policy

test policy <policy-name> 0/0 Pass all routes (0/0) through the policy as test
COMMAND
JTAC support info

request suport information

Restore factory settins

load override /packages/mnt/jbase/sbin/install/default-juniper.conf

load factory-default

Shell Commands (file related)

start shell
root% df -k
root% mgd -l
% sysctl -a | grep bootdev

Resetting cards

request chassis fpc slot 3 offline

request chassis fpc slot 3 online
request chassis pic fpc-slot 3 pic-slot 3 offline
request chassis pic fpc-slot 3 pic-slot 3 online

Processes & Connections

restart ….
#deactivate protocols ospf
% which rpd
% ps ax | grep rpd

% netstat -Aa from shell

% fstat | grep [PCB] from shell

show system connections

file show /etc/services

Core Files

file list detail /var/crash/

show system core-dumps
show system core-dumps core-file-info detail <core-filename>
request system core-dump [process] High mem tax!
% gcore -s path/binary-name pid disruptive!!
% gzip vmcore.0.gz
% cat vmcore.0 | gzip vmcore.0.gz

PCMCIA from root shell

dd if=filename of=/dev/rdevice address bs=64k
dd if=/deb/zero of=/dev/rad3 count=20
dd if=install-media-7.0R1.5-export of=/dev/rad3 bs=64k

RE & Redundancy

show chassis routing-engine

show chassis routing-engine bios
request chassis routing-engine master switch
request routing-engine login other-routing-engine
root# rsh -T re1
request chassis routing-engine diagnostics all (hidden)
fsck /dev/ad1s1f from root shell

PFE

show pfe terse

show pfe fpc 0
show pfe statistics error !!
clear pfe statistics Hidden!
show pfe route summary !!
show pfe next-hop
show pfe interface Hidden!
show lchip ifd Hidden!
show ichip ifd Hidden!

Logging into PFE Components

show tnp addresses Hidden!

start shell Shell required
%su requires su
%vty [ntp address]
FPC2(host vty)# show nvram
FPC2(host vty)# show syslog messages

(same but straight from CLI)

start shell pfe network fpc2

EGFPC2(GRTMIANA2 vty)# sh nvram
EGFPC2(GRTMIANA2 vty)# sh lchip
EGFPC2(GRTMIANA2 vty)# sh lchip 0 errors

SFM0/FEB/CFEB

show chassis sfm detail

start shell pfe network sfm0
(vty)# show nvram
(vty)# show syslog info
(vty)# show syslog messages
SFM0 (vty)# show sched
SFM0(vty)# sh throttle
SFM0(vty)# show cchip notif
SBR(Sydney vty)# bringup nic 0 reanimate !!!
SBR(Sydney vty)# test mem all verbosity 5 size 10 loops 1 !!!
JUNOS upgrades junos files are in /var/home

file copy ftp://hostname/filename filename ftp

file copy
root% dd if=/dev/rad3 of=/dev/null bs=1k count=1
show system storage
% sysctl -a | grep bootdev
% sysctl -w machdep.bootdevs=pcmcia-flash,compact-flash,disk,lan
request chassis routing-engine diagnostics all (hidden)
request system snapshot
request system software add validate /var/tmp/jinstall-6.4R3-domestic.tgz
request system reboot

Memory & processes issues

show system processes extensive/summa

show task memory detail

Shell Commands

i) Kernel related

% sysctl -a
% sysctl -a | grep dump
% sysctl -a | grep bootdev
% sysctl -w

ii) FreBSD related

boot: /boot/loader
Description

collects shoversion, uptime, hardware, processes, pfe stats, fpc detail, boot messages, memory, buffers, stats, etc

Restores the router to its default config

Restores the router to its default config

shows files in the directory

initializes configuration database (commit related problems)
shows boot devices

puts fpc in slot 3 in offline state

puts fpc in slot 3 back in online state
puts pic in fpc 3 slot 3 in offline state
puts pic in fpc 3 slot 3 back in online state

restart a particular daemon process (kill -1)

bounces a particular instance of rpd only
obtains process path
obtains the PID associated with a process

Displays all connections (ports) on which the RE listens

displays sockets (-a) & all Protocol Control Blocks (PCB) info (-A)

Displays info about a file. If you specify a particular PCB you will
determine what PROCESS is actually using one particular port
(get the PCB from the netstat -Aa command listed port)

lists only active IP sockets on RE

similar to netstat but restricted only to Internet connections
gives you a list of services-to-port mappings

lists core files if there are

lists core files if there are
decode a core file
forces a core file for one particular process (creates copy of process)
forces a core file by suspending the daemon
compresses corefile to gz
same thing, but keeps original file
copies a file to a removable media
erases removable media (PCMCIA)
copies an install media from /var/tmp to flash

Displays info about the RE, memory & CPU utilization

Displays revision level of the RE BIOS
changes RE mastership from active to backup REs
logs into the other RE
logs into the other RE from a root shell promt
runs a diagnostic script in compact-flash,hard-disk & memory
file system check

Show list of Packet Forwarding Engine component

Show FPC status and statistics
displays FPE ASIC-related errors
clears PFE statistics
Show summary version of routing tables (size and # of routes)
Show PFE next-hop information
shows interfaces and indexes (not snmp!)
shows which interface belongs to which PFE for T-series
shows which interface belongs to which PFE for I-chip based PFE

obtains list of tnp endpoints addresses

connects to vty ntp address (FPC, SSB, SFM…)

collects disagnostic info from FPC
shows syslog messages

status of the SFM and mastership

login into the SFM
collects data from the SFM
displays logs about the SFM
displays log messages
displays scheduler information (SFM CPU%)
Interrupt throttle information
shows C chip notification registers
restarts a dead FPC
runs memory address data tests (10 meg, loop 1)
os files are in /var/home

Copy Files from a Remote System to the local router

copies files from one place to the other (i.e. between REs)
Checks there is no removable media inserted.
displays the amount of amount of free disk space on file system
shows boot devices
alters the order of the booting devices
runs a diagnostic script in compact-flash,hard-disk & memory
Save config in /altconfig and software in /altroot before upgrade
Installs JUNOS package, validating against potential config errors
Reboot the system

Show the process table

Shows memory tasks

displays all ( -a ) kernel parameters

confirms if kernel core dumps are enabled
shows boot devices in order
writes ( -w ) parameters to kernel components

If your router gets stuck after a reload and you get a

FreeBSD Prompt you might have to help your system
to find the CF
 Example

pc detail, boot messages, memory, buffers, stats, etc

Restores the router to its default config

GRTMADPE2> request chassis fpc slot 2 offline

GRTMADPE2> request chassis fpc slot 2 online
GRTMADPE2> request chassis pic fpc-slot 3 pic-slot 2 offline
GRTMADPE2> request chassis pic fpc-slot 3 pic-slot 2 online

GRTAMSTC1> restart routing

% netstat -Aa | grep 179

c3780200 tcp4 0 0 10.0.9.7.179 10.0.9.6.3651 ESTABLISHED

% fstat | grep c3780200

root rpd 2456 20* internet stream tcp c3780200

GRTAMSTC1> file list detail /var/crash/

GRTAMSTC1>show system core-dumps

GRTAMSTC1> request system core-dump routing

root% gcore -s /usr/sbin/rpd 2275
GRTAMSTC1>dd if=install-media-7.0R1.5-export of=/dev/rad3 bs=64k

root@Sydney-3% fsck /dev/ad1s1f

show tnp addresses

lgomez@GRTAMSTC1> start shell pfe network sfm0

SFM0(GRTAMSTC1 vty)# show nvram
SFM0(GRTAMSTC1 vty)# show syslog info
root@host> file copy ftp://jvserver.uu.net/jbundle-package-name /var/tmp/jbundle-package-name
root@host> file copy ftp://[email protected]/jbundle-package-name /var/tmp/jbundle-package-name
GRTAMSTC1> file copy /var/home/jinstall-6.2-20040424.0-domestic-signed.tgz re0:/var/home/lgomez

kern.coredump flag must be set to 1

% sysctl -w machdep.bootdevs=pcmcia-flash,compact-flash,disk,lan

>> FreeBSD/i386 BOOT

Default: 0:ad(0,a)mfs
boot:
COMMAND Description Example

Show commands

show rip neighbor view status of neighbors, send/receive mode (ripv1/2)

show route protocol rip view all RIP routes in the routing table
show route advertising-protocol rip 10.1.1.1 displays routes that a rip interface sends
show route receiving-protocol rip 10.1.1.1 displays routes that a rip interface receives
show rip statistics displays various rip statistics
COMMAND Description Example

Show commands

show ospf neighbor view status of OSPF neighbors, priority, dead intervals, FSM state
show ospf neighbor extensive view detailed info about an ospf neighbor (area, option
fields, DR, BDR...)
clear ospf neighbor [192.168.254.225] restarts an adjacency or all
show ospf statistics view basic ospf statistics, number of Hellos, DD
LSRs, LSUs, LSAcks. OSPF packet types + LSA rexmit
show ospf interface view status of an interface, Area, DR, BDR, Neighbors,
State (DR, BDR, DRother, PtoP, Down)
show ospf interface extensive ...also cost, MTU
show ospf route abr The results of the SPF algorithm, LSA type, metric...
asbr
extern
show route protocol ospf viet ospf routes in inet.0 (routing table) show route protocol ospf 192.168/16 terse
show ospf database view the LSA database per area, Seq no./Age/Checksum, Options
show ospf database summary view how many LSA types per area (usefull!!)
show ospf database brief view the LSA database briefly described
clear ospf database purge deletes de database and restarts adjacencies, purge floods LSA with maxage
show ospf database router view the LSA specific type database
network
netsummary
asbrsummary
extern
nssa
show ospf database router advertising-router 10.0.3.3 detail view LSAs advertised by a paricular router ID show ospf database router advertising-router 10.0.3.4 detail
show ospf database router area 0 extensive view the LSA database in a particular area
LSA header (opt bits, ID, advertis rtr)
LSA type content (V E B bits and all packet)
show ospf database area 0 lsa-id extensive view one particular LSA in detail show ospf database area 0 lsa-id 192.168.1.1 extensive
show ospf log displays how often the SPF is being initiated

show bfd session verify BFD operation

COMMAND Description Example

Show commands

show isis adjacency view status of ISIS adjacencies, Level, state, SNPA, Hold time
show isis adjacency extensive restart capability, piority, circuit type, ip address
clear isis adjacency clears and restarts an adjacency
show isis interface displays the interfaces that are operational for isis
show isis interface details interface, level, circuit ID, DR Level 1/2, Metric
show isis hostname verifies the dynamic hostname resolution of system ID values
show isis spf log displays history of SPF calculations, why it was performed
show isis statistics verifies which isis PDUs are being transmitted/received
(IIH, LSP, CSNP, PSNP) and number of SPF runs
show isis route displays the results of the SPF calculations before the
routes are places into the routing table.
show route protocol isis view routes in inet.0
show isis database displays LSPs on the database, including sequence, checksum,
lifetime and attributes
show isis database detail displays advertised prefixes, metrics, origin for each route
show isis database GRTMADPE2 detail
show isis database extensive [level 1 | 2] … plus LSP headers and all TVL details

monitor traffic interface so-0/0/0 size 1514 detail Monitor IS-IS messages

show bfd session verify BFD operation

COMMAND Description Example

Show commands

show bgp summary peers, ASN, Flaps, routes active/received/damped + total/active paths
show bgp group view the configured peer groups
show bgp neighbor detailed info about bgp peers
(AS number, hold time, router IDs, prefixes, NLRI support, capabilities
and received routes, no of input/output packets, state...)
show route next-hop database shows the bgp next-hop dB
show route protocol bgp RIB shows the Local-RIB database as part of inet.0, next-hop, metric1/2 AS-path
show route protocol bgp terse shows next-hop but not protocol next-hop
show route receive-protocol bgp RIB shows the Adjacency-RIB-In table.
(routes received by a peer before a routing policy is applied)
show route advertising-protocol bgp RIB shows the Adjacency-RIB-Out table
(routes being advertised to a peer after routing policy is applied)

show route detail 10.10.1/24 all of the BGP attributes of this route, metric=MED, metric2=IGP cost
show route hidden shows routes with unreachable next-hops

show route community <reg-ex> detail/terse show routes matching community …

show route terse community-name <name> detail/terse shows all routes with this community name configured
show route aspath-regex "regex" detail/terse

show route damping [history|decayed|surpressed] detail show routes being damped

clear bgp damping clear damping and reuse damped routes immediately

clear bgp neighbor soft inbound to regain routes not in Adj-Rib-In (keep none or loops)

monitor traffic interface fe-0/0/0 size 4096 detail Monitors BGP messages
COMMAND Description Example

Show commands

IGMP

show igmp interface shows state, querier (DR for that segment), version (default 2) and IGMP timers
show igmp group shows the multicast groups joined
show igmp statistics shows igmp message statistics

PIM

show pim interface lists configured PIM interfaces -- mode (default sparse), state (DR, ptp), neighbors
show pim neighbors detail shows info about pim neighboring routers
show pim statistics shows pim messages being sent or received
show pim join extensive shows current state of pim joins, multicast group address & interface used to forward streams. Also rpt or stp tree in use
displays (*,G) and (S,G) states and also RPF interface info
clear pim join flushes join states!
show pim source detail shows active multicast sources and their RPF intf.
also multicast groups serviced by these source
show pim rps extensive shows the RP addresses, how it was learned and which groups are served
show pim bootstrap shows the BSR election process and state

RPF

show multicast usage to view packets/bytes seen for every multicast group address
show multicast rpf !!!! to view the RPF table used during multicast forwarding, similar to inet.0
displays source prefix, from which protocol was learned & the uptsream interface
show multicast route to verify multicast group addresses and their sources (S,G)
extensive also displais NHID which are a numerical reference to the OIL
show route table inet.1 as above with protocol and preference (S,G)
show multicast next-hops displays the multicast outgoing interface list (OIL), mapping of NHid to interfaces
show nhdb id … extensive next-hop database with IFL-list

MSDP

show msdp detail shows MSDP sessions and their status

show msdp source-active shows MSDP sources active (SA) and whether the SA is accepted, rejected or filtered
show route table inet.4 MSPD table. Almost the same as the above but with (S,G) notation

show multicast rpf inet summary displays what table multicast uses (inet.0 by default)
COMMAND Description Example

Show commands

show mpls interface shows status of an mpls interface and admin groups (colors)
show mpls lsp verify the establishment of the LSP at ingress, egress or transit level AND the label in/out/Pushed values
show mpls lsp extensive history of LSP, paths and RRO is shown
show mpls lsp ingress extensive show the originated LSPs at ingress. Also secondary paths are showed and fast reroute
show mpls lsp transit show transit LSPs

clear mpls lsp [optimize|optimze-aggressive] Rebuilds all LSPs, [non-preemptive|aggressive] now

show ted database extensive Examines the info in the TE database, including all IGP extensions
(admin groups -colors-, BW priority reservations)
RSVP

show rsvp interface shows status of RSVP interfaces, Active resv, Subscription rate, Bandwidth allocations
show rsvp neighbor shows RSVP neighbors which has an LSP active, also Hello-interval
show rsvp session detail shows ingress/egress/transit sessions and the label in/out values assigned!!! RRO, Style, ERO and also bypass LSPs
show rsvp session ingress detail shows also the links used by detour paths and their status
show rsvp version shows RSVP version, soft-state refresh timer, keep-multiplier (hello & soft-state use same)

show route table mpls.0 shows MPLS switching table (label values)
show route table inet.3 shows LSP table. RSVP info is installed here

LDP

show ldp neighbors displays all LDP neighbors

show ldp session displays all established sessions, state and hold-time
show ldp database [session peer] displays all label-to-FEC mappings [from specific peer]
COMMAND Description Example

L3 VPN COMMANDS

Show commands

show route table vpn-a detail shows this particular VRF table, containing watch for the inner (VPN) & outer (LSP) labels
* all routes learned from CE
* all routes imported from l3vpn.bgp table coming from other PEs
show route table vpn-a hidden If LSP is missing between PEs, VPN IPv4 routes will be visible but with and invalid NH
show route forwarding-table vpn vpn-a shows a VRF forwwarding table (note the double push operation)

ping x.x.x.x routing-instance vpn-a ping using a particular VRF table

traceroute x.x.x.x routing-instance vpn-a traceroute using a partiuclar VRF table
telnet x.x.x.x routing-instance vpn-a telnet using a particular VRF table
ping mpls l3vpn vpn-a prefix 172.20.4/24 checks if route at destination VRF exists and reachability to it no need for 127.0.0.1 in lo0

show route table bgp.l3vpn.0 houses all VPN IPv4 routes learned from all PEs
DEFAULT: only store routes with a matched RT
"keep all" knob: store all MBGP routes even if there is no matched RT

show route advertising-protocol bgp x.x.x.x view routes sent to other PEs
show route receive-protocol bgp x.x.x.x view routes received from other PEs
show arp displays ARP entries in both inet.0 and VRF tables
clear arp vpn vpn-a clears ARP entries off the VRP table

OSPF VPN commands

show ospf interface instance vpn-a displays all configured OSPF interfaces on this VRF
show ospf neighbor instance vpn-a displays all OSPF neighbors on this VRF
show ospf database instance vpn-a displays the LSDB for this particular VRF

L2 VPN COMMANDS

Kompella Show commands

show l2vpn connections extensive shows states of layer 2 vpns connections (site to site)
show route table vpn-a detail shows contents of a VFT, including L2 NLRI = RD + Site ID + label offset
* local site L2 NLRIs advertised to other PEs [L2VPN]
* remote site L2 NLRIs coming from other PEs [BGP]
show route table bgp.l2vpn.0 houses all L2 VPN NLRIs with at least one matching RT
show route advertising-protocol bgp x.x.x.x view L2 VPN NLRIs sent to other PEs
show route receive-protocol bgp x.x.x.x view L2 VPN NLRIs received from other PEs

show route table mpls.o detail shows MPLS switching table entries for L2 VPNs
(displays VRF interfaces to label -double push operation- mappings)
((which VRF interface is mapped to which LSP))
show route forwarding-table family mpls view FT entries for L2 VPN connections

ping mpls l2vpn instance vpn-a remote-site-id 2 local-site-id 1 test the l2vpn connection site to site (PE to PE)
ping mpls l2vpn interface fe-0/0/0.512 test the l2vpn local interface

Martini Show commands

show l2circuit connections extensive shows states of layer 2 circuits connections (site to site)
show ldp neighbor detail check if neighbor relationship is successful between PEs
(use of extended neighbor discovery has worked)
show ldp database detail check the presence of a FEC associated with the l2circuit
COMMAND
Show commands

show interface xx-x/x/x detail

show interface queue xx-x/x/x

show interfaces so-1/0/0 extensive

show class-of-service ...

show class-of-service interfaces so-1/0/0

show class-of-service code-point-aliases

show class-of-service code-point-aliases dscp

show class-of-service code-point-aliases inet-prec
show class-of-service code-point-aliases exp

show class-of-service forwarding-class

show class-of-service classifier [name]
show class-of-service scheduler-map
show class-of-service rewrite-rule
show class-of-service drop-profile

show class-of-service forwarding-table (all)

show class-of-service forwarding-table classifier mapping
show class-of-service forwarding-table scheduler-map
Description

shows classification results at ingress (BE, EF, AF, NC)

SHOWS HOW TRAFFIC IS CLASSIFIED. Provides info about FC (queue) and RED and priority counters for this interface
show queue statistics for this interface
determines how many queues an interface supports & check the CoS queues

shows what CoS parameters are in effect for a given interface. Number of queues
i.e. which scheduler map, classifier, rewrite is applied
shows listing of cos bits to simbolic name mapings: DSCP, inet-prec, exp…

shows mappings between simbolic names and dscp values (unless configured, default will apply)
shows mappings between simbolic names and IP prec values
shows mappings between simbolic names and EXP values

shows mappings of forwarding class names to queue numbers

Show contents of a specific code point to forwarding class & PLP classifier
shows mapping of forwarding classes to schedulers details
Show mapping of forwarding class/loss priority to code point. Displays rewrite table
Shows available drop profiles and interpolated data points of named drop profile

displays CoS parameters in effect within the forwarding table

displays which classifiers are mapped to what logical units
displays the scheduler map in service for each interface
 Example

ueue) and RED and priority counters for this interface

show interfaces queue forwarding-class best-effort so-0/* | match "Physical| Bytes"

igured, default will apply)

COMMAND
Show commands

show interfaces filters

show firewall

show firewall filter <filter-name>

show firewall filter <name> prefix-action <psa-name> from 1 to 8
show firewall log detail
show log <log-file-name>

clear firewall <name>

show policer
show interface policer fe-0/1/0
show log /var/tmp/<sample file>
show log sampled
Description

displays all firewall filters on all interfaces

displays counter and policer statistics for all firewall filters

displays the contents of a particular firewall filter name

displays the n policers & counters of a Prefix-Specific Counter & Policer (PSCP)
displays the contents of the kernel firewall log
displays logged entries into syslog.
Needs an action of syslog on the filter and also create a file with that name
under system syslog.
Basically is all about redirect all logs into syslog system

resets counters associated with a firewall

displays a list of interface policers
displays details about interface policers
displays a sample file created by the otuput of traffic sampling
displays a copy of cflowd aggregates that are sent to the cflowd server
requires local-dump command on the cflowd config
Example

root@r3> show firewall

Filter: lo0-in
Counters:
Name Bytes Packets
denied-traffic 3480 61
Policers:
Name Packets
police-icmp-icmp 132

root@r3> show log filtering

requires enabling this particular file

syslog {
file filtering {
firewall info;
}
COMMAND
Show commands

show snmp statistics extensive

show snmp mib walk .1.3.6.1.2.1.4.18
show snmp mib walk ipfragfails
show interface lo0 extensive | display xml
Description

shows SNMP statistics

(hidden!) shows snmwalk of an OID

shows output of xml tags. What variables are consulted for the display
Example
COMMAND Description Example

Show commands

show interface terse displays the IPv6 address configuration

show route table inet6 displays the IPv6 routing table
show ipv6 neighbor shows IPv6 cache of neighbors neighbors have to be discorev
show interface lo0 extensive | display xml shows output of xml tags. What variables are consulted for the display
 neighbors have to be discorever (via ping i.e.)
sulted for the display