diff --git a/docs/about_releases.mdx b/docs/about_releases.mdx index bf3a2d3b22..52aedcfdda 100644 --- a/docs/about_releases.mdx +++ b/docs/about_releases.mdx @@ -38,8 +38,9 @@ However, issues resolved in `4.3.12`, which was released on 3/12/2021 are not ad | Version | Initial GA Version | First Release Shipping Date | Latest GA Version | End of Software Engineering support | End of Support | | --| -- | -- | -- | -- | -- | -| Release 6.2 | [6.2.0](release_notes_128t_6.2.md#release-620-39) | November 16, 2023 | [6.2.6](release_notes_128t_6.2.md#release-626-15-sts) | September 6, 2026 | March 6, 2027 | -| Release 6.1 | [6.1.0](release_notes_128t_6.1.md#release-610-55) | April 14, 2023 | [6.1.10](release_notes_128t_6.1.md#release-6110-8) | July 14, 2025 | January 14, 2026 | +| Release 6.3 | [6.3.0](release_notes_128t_6.3.md#release-630-107r1) | September 30, 2024 | [6.3.0](release_notes_128t_6.3.md#release-630-107r1) | June 30, 2025 | March 30, 2026 | +| Release 6.2 | [6.2.0](release_notes_128t_6.2.md#release-620-39r1) | November 16, 2023 | [6.2.6](release_notes_128t_6.2.md#release-626-15-sts) | September 6, 2026 | March 6, 2027 | +| Release 6.1 | [6.1.0](release_notes_128t_6.1.md#release-610-55r1) | April 14, 2023 | [6.1.10](release_notes_128t_6.1.md#release-6110-8-lts) | July 14, 2025 | January 14, 2026 | | Release 5.6 | [5.6.7](release_notes_128t_5.6.md#release-567-4) | March 16, 2023 | [5.6.15](release_notes_128t_5.6.md#release-5615-1) | June 16, 2024 | December 16, 2024 | ## Out of Support diff --git a/docs/bcp_per-adjacency_traffic_engineering.md b/docs/bcp_per-adjacency_traffic_engineering.md index 2b03307e6e..de26ceb1dd 100644 --- a/docs/bcp_per-adjacency_traffic_engineering.md +++ b/docs/bcp_per-adjacency_traffic_engineering.md @@ -1,13 +1,13 @@ --- -title: Per Adjacency Traffic Engineering -sidebar_label: Per Adjacency Traffic Engineering +title: Adjacency Traffic Engineering +sidebar_label: Adjacency Traffic Engineering --- -Packet loss due to congestion in networks, particularly over WAN links, is inevitable. Depending on where drops occur, it can have a major impact on perceived quality of experience. Packet loss due to exceeding transmit caps between instances of SSR should be avoided. Per-adjacency traffic engineering can be enabled to regulate the upload and download rates between peers. +Adjacency traffic engineering can be enabled to regulate the upload and download rates between peers. ## Overview -Per-adjacency traffic engineering provides targeted traffic engineering for both directions on a bandwidth restricted link between two SSR instances. Traffic engineering on the device interface continues to be associated with the upload rate of a connected link; the `transmit-cap`. Traffic engineering at the adjacency level is associated with the download limit of the adjacent SSR instance; the `receive-cap`. +Adjacency traffic engineering provides targeted traffic engineering for both directions on a bandwidth restricted link between two SSR instances. While device interface traffic engineering is associated with the upload rate (`transmit-cap`) of a connected link, traffic engineering at the adjacency level is associated with the download limit of the adjacent SSR instance; the `receive-cap`. For example, in the following hub and spoke diagram the Datacenter router has 5 adjacencies off of the individual device interface with a `transmit-cap` upload speed configured at 50Mb. The adjacent branch routers have 10Mb, 5Mb, 1Mb, 5Mb, and 2.5Mb configured as their device interface transmit caps. With such a large `transmit-cap` at the Datacenter, traffic rates exceeding the allowed download speeds (10Mb, 5Mb, 1Mb, 5Mb, and 2.5Mb) on each of the paths to the branch routers will result in traffic being dropped by the ISP. @@ -64,12 +64,50 @@ network-interface foo exit exit ``` + +### Limitations + +Enabling traffic engineering will introduce a performance impact to the packet-per-second processing rate as the QoS engine works to ensure fairness of packet distribution under congestion scenarios. When used in conjunction with other traffic engineering settings (e.g., adjacency traffic engineering configured alongside device interface traffic engineering), performance may be further impacted. + ### Gathering Statistics To gather information about Per-Adjacency Traffic Engineering, query the following statistics using the `show stats traffic-eng device-interface peer-path` command within the CLI. These statistics are specific to the peer-path and provide insight into how the adjacency schedulers are operating. -- `enqueue-cycle-count`: The current enqueue cycle count in traffic engineering for this peer path. -- `dequeue-cycle-count`: The current dequeue cycle count in traffic engineering for this peer path. +``` +admin@combo-east-a.combo-east# show stats traffic-eng device-interface peer-path +Tue 2024-03-19 13:39:58 UTC +Retrieving statistics... + +Peer Path Traffic Engineering Stats +----------------------------------- + +==================================================== ============== ============ ============== ============= ====== ================== + Metric Node Peer-name Peer-host Device-name Vlan Value +==================================================== ============== ============ ============== ============= ====== ================== + dequeue-cycle-count combo-east-a combo-west 172.16.102.2 11-red 0 61474020 + enqueue-cycle-count combo-east-a combo-west 172.16.102.2 11-red 0 61474020 + packets-queued combo-east-a combo-west 172.16.102.2 11-red 0 0 + per-traffic-class buffer-capacity-exceeded-bytes combo-east-a combo-west 172.16.102.2 11-red 0 0 + per-traffic-class buffer-capacity-exceeded-packets combo-east-a combo-west 172.16.102.2 11-red 0 0 + per-traffic-class dequeue-aqm-drop-bytes combo-east-a combo-west 172.16.102.2 11-red 0 0 + per-traffic-class dequeue-aqm-drop-packets combo-east-a combo-west 172.16.102.2 11-red 0 0 + per-traffic-class dequeue-max-latency-drop-bytes combo-east-a combo-west 172.16.102.2 11-red 0 0 + per-traffic-class dequeue-max-latency-drop-packets combo-east-a combo-west 172.16.102.2 11-red 0 0 + per-traffic-class dequeue-success-bytes combo-east-a combo-west 172.16.102.2 11-red 0 94918726 + per-traffic-class dequeue-success-packets combo-east-a combo-west 172.16.102.2 11-red 0 244021 + per-traffic-class schedule-failure-bandwidth combo-east-a combo-west 172.16.102.2 11-red 0 0 + per-traffic-class schedule-failure-bytes combo-east-a combo-west 172.16.102.2 11-red 0 0 + per-traffic-class schedule-failure-packets combo-east-a combo-west 172.16.102.2 11-red 0 0 + per-traffic-class schedule-success-bandwidth combo-east-a combo-west 172.16.102.2 11-red 0 1201245 + per-traffic-class schedule-success-bytes combo-east-a combo-west 172.16.102.2 11-red 0 94918726 + per-traffic-class schedule-success-packets combo-east-a combo-west 172.16.102.2 11-red 0 244021 + scheduler-reset combo-east-a combo-west 172.16.102.2 11-red 0 0 +``` + +### Statistics Descriptions + +- `enqueue-cycle-count`: The current enqueue cycle count in traffic engineering for this peer path. This value is helpful when debugging. +- `dequeue-cycle-count`: The current dequeue cycle count in traffic engineering for this peer path. This value is helpful when debugging. - `packets-queued`: The current number of packets queued in traffic engineering for this peer path. - `per-traffic-class schedule-success-bytes`: The number of bytes successfully scheduled for transmission for this peer path. - `per-traffic-class schedule-success-packets`: The number of packets successfully scheduled for transmission for this peer path. diff --git a/docs/cc_fips_otp_router_install.md b/docs/cc_fips_otp_router_install.md index db85b970f1..15260ed651 100644 --- a/docs/cc_fips_otp_router_install.md +++ b/docs/cc_fips_otp_router_install.md @@ -88,7 +88,7 @@ Upon boot, the following screen is displayed. The default selection is booting t 2. Press the TAB key to edit the configuration. - To enable FIPS Enforcement for SSR software version 6.2.5-5r2, add the `fips=1` kernel option to the kernel command line during system installation as shown in the steps below. This ensures that key generation is done with FIPS approved algorithms and continuous monitoring tests in place. + To enable FIPS Enforcement for SSR software version 6.2.5-5-sts, add the `fips=1` kernel option to the kernel command line during system installation as shown in the steps below. This ensures that key generation is done with FIPS approved algorithms and continuous monitoring tests in place. :::important FIPS mode is required for Common Criteria compliance. Failure to configure FIPS mode, or the use of any other cryptographic engine nullifies compliance. @@ -108,6 +108,63 @@ When you modify the GRUB kernel behavior by editing the GRUB menu at boot time, This installation process is an automated workflow which does not require user interaction after selecting and initiating the OTP menu option. The system will power off after installation. +### Enable Strict Host Key Checking + +Enabling strict `host-key-checking` provides secure communication between the conductor and a router. +Similar to SSH, there are two `host-key-checking` options; `yes` which requires the host key to be provisioned manually, or `accept-new` which accepts the key on first connection. + +There are two configuration parameters where `host-key-checking` can be set: + +- **[`inter-router host-key-checking`](config_command_guide.md#configure-authority-router-node-ssh-settings-inter-router-host-key-checking)** controls host key verification between a router and the conductor. When set to `yes`, strict host key checking is enabled between the router and the conductor. However, the host keys must be manually provisioned on each router. + + ``` + config authority router RTR_EAST_COMBO node combo-east-1 ssh-settings inter-router host-key-checking yes + config authority router RTR_EAST_COMBO node combo-east-2 ssh-settings inter-router host-key-checking yes + ``` + +- **[`inter-node host-key-checking`](config_command_guide.md#configure-authority-router-node-ssh-settings-inter-node-host-key-checking)** controls host key verification between redundant HA nodes. When set to `yes`, strict host key checking is enabled between the router and the conductor **between each node** of an HA router. However, the host keys must be manually provisioned on each router. + +``` +config authority router RTR_EAST_COMBO node combo-east-1 ssh-settings inter-node host-key-checking yes +config authority router RTR_EAST_COMBO node combo-east-2 ssh-settings inter-node host-key-checking yes +``` + +To configure a new authorized key for ssh inter-node communication, use the [`create system connectivity authorized-keys`](cli_reference.md#create-system-connectivity-authorized-keys) command. This command adds an entry to the ssh authorized keys file. + +Use the following show commands to display additional key information: + +- [`show system connectivity authorized-keys`](cli_reference.md#show-system-connectivity-authorized-keys) displays the authorized keys for ssh inter-node communication and tunneling. + +- [`show system connectivity key-checking-mode`](cli_reference.md#show-system-connectivity-key-checking-mode) displays the key checking mode (Inter-Asset, Inter-Node, Inter-Router) across specified nodes. + +To save the work of manually provisioning the host key on the router, set the `accept-new` parameter. This automatically loads the host key on first connection. + +``` +config authority router RTR_EAST_COMBO node combo-east-1 ssh-settings inter-router host-key-checking accept-new +``` + +Use the [`show system connectivity known-hosts`](cli_reference.md#show-system-connectivity-known-hosts) to view the accepted host keys for the current node. + +#### Manual Provisioning of the Conductor Key + +If a router is configured for strict `inter-router host-key-checking` (set to `yes`), but **does not** have `accept-new` configured, it will be necessary to manually provision the conductor key **prior** to onboarding the router to the conductor. This will require the administrator to retrieve the host key of each node of the conductor and configure this in the router. + +On the conductor, identify the `key` for each node using the command [`show system connectivity host-keys node all`](cli_reference.md#show-system-connectivity-host-keys). + +From the router PCLI, provision each conductor key using the following command: +`create system connectivity known-hosts node ssh-rsa ` + +- `` is the router node. The key should be added on each router node in an HA pair. +- `` is the conductor address. This should be added for each conductor address of an HA conductor pair. +- `` is the `Key` retrieved from the previous step. +- `` is an option that can be used to identify the key; for example `Conductor1`. + +The following example manually configures the key to the conductor node `192.168.1.13`: + +`create system connectivity known-hosts router RTR_EAST_COMBO node combo-east-1 [192.168.1.13]:930 ssh-rsa ` + +For additional information, see [`create system connectivity known-hosts`](cli_reference.md#create-system-connectivity-known-hosts). + ### Root Access To permit root access to the SSR system, ensure that there is at least one user configured on each system with super user (sudo) privileges. Failure to do so may result in the loss of management connectivity to the router. **Logging in as `root` over SSH is not permitted.** @@ -158,7 +215,7 @@ The root account will not be used for day-to-day access, but the root account pa ### Software Compliance Validation -After installing the SSR Software, it is important to verify that the installation successfully completed and that the system is running in the FIPS enforcememt mode required for Common Criteria compliance. After starting the SSR router or conductor, the login screen appears on the console. Alternatively you may `ssh` to the SSR management IP address using the admin account. +After installing the SSR Software, it is important to verify that the installation successfully completed and that the system is running in the FIPS enforcement mode required for Common Criteria compliance. After starting the SSR router or conductor, the login screen appears on the console. Alternatively you may `ssh` to the SSR management IP address using the admin account. 1. Login using the admin credentials. 2. Use `show system version` to verify the correct software release is running: @@ -195,7 +252,7 @@ admin@conductor.conductor# - Execute the self-test scan `sudo systemctl start 128T-rpm-verify` - The self-test scan is intiated and takes approximately two minutes to complete. Upon completion, run: + The self-test scan is initiated and takes approximately two minutes to complete. Upon completion, run: `systemctl status 128T-rpm-verify` @@ -217,7 +274,7 @@ admin@conductor.conductor# The self-test is enabled on every subsequent reboot. If the self-test fails, the 128T service will not start. -6. Perform the following steps to verify that FIPS security enforcment mode is enabled in the OS: +6. Perform the following steps to verify that FIPS security enforcement mode is enabled in the OS: `openssl md5 /dev/null` Expected result: `digital envelope routines … Disabled for fips` @@ -249,4 +306,4 @@ To terminate an active session: - If using an account other than admin, type `exit` to end the login session. -Common Criteria certification does not require any restrictions on executing commands. See the [Configuration Command Reference Guide](https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_command_guide) for command information and usage. +Common Criteria certification does not require any restrictions on executing commands. See the [Configuration Command Reference Guide](https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_command_guide) for command information and usage. diff --git a/docs/cli_reference.md b/docs/cli_reference.md index 004cf13c4a..539c54336d 100644 --- a/docs/cli_reference.md +++ b/docs/cli_reference.md @@ -12,7 +12,7 @@ Assign the current router to a Mist organization. #### Usage ``` -adopt [{org-id | registration-code }] [force] [router-name ] +adopt [{org-id | registration-code }] [force] [router-name ] [mist-instance ] ``` ##### Keyword Arguments @@ -20,6 +20,7 @@ adopt [{org-id | registration-code }] [force] [route | name | description | | ---- | ----------- | | force | Skip confirmation prompt. | +| mist-instance | Global01 \| Global02 \| Global03 \| Global04 \| Global05 \| EMEA01 \| EMEA02 \| EMEA03 \| APAC01 \| APAC02 \| APAC03 \| APAC04 \| APAC05 \| USGov01 (default: Global01) | | org-id | The ID of the Mist organization where the router is assigned. | | registration-code | The registration code used to assign this router to an organization. | | router-name | Assign a name to the router. | @@ -34,9 +35,14 @@ adopt [{org-id | registration-code }] [force] [route If you know the ID of the organization in Mist, or the registration code for the router, you can use the optional `org-id` or `registration-code` arguments. Otherwise, use the interactive dialog to walk through entering Mist credentials and assigning the router to an organization. +:::note +This command can only be run on a Router. +::: + | Release | Modification | | ------- | ----------------------------| | 6.0.0 | This feature was introduced | +| 6.3.0 | Added `mist-instance` | ## `clear app-id cache` @@ -325,42 +331,6 @@ clear pim mroute [vrf ] [force] {router | resource-group -``` -##### Keyword Arguments - -| name | description | -| ---- | ----------- | -| force | Skip confirmation prompt | - -##### Positional Arguments - -| name | description | -| ---- | ----------- | -| name | An identifier for the router | -| new-name | The new value for the router name | - -#### Example -``` -admin@conductor-east-1.RTR_EAST_CONDUCTOR# configure authority clone router Boston NewYork -``` - -#### Description -The clone command duplicates the configuration data from the existing `Boston` router into a new router with the name `NewYork`, and stages it to the candidate configuration. - -#### Version History - -| Release | Modification | -| ------- | ----------------------------| -| 5.0.0 | This feature was introduced | - ## `commit` Commit the candidate config as the new running config. @@ -612,6 +582,12 @@ connect [username ] router node | router | The router to connect to | | username | Username to use for login to the Managed Router (default: <current user>) | +#### Description + +:::note +This command can only be run on a Conductor. +::: + ## `create capture-filter` Creates a capture-filter using BPF syntax (as used in wireshark) on the target interface. @@ -808,6 +784,85 @@ When session-count is not specified, default will be unlimited. When packet-count is not specified, default is 100 packets in each direction for each session matched. +## `create system connectivity authorized-keys` + +Adds an entry to the ssh authorized keys file. + +#### Usage + +``` +create system connectivity authorized-keys [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| key-type | The type of key (e.g. ssh-rsa) | +| key-value | The base64 encoded public key | +| comment | A comment (usually the asset-id) to be associated with entry | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`create system connectivity known-hosts`](#create-system-connectivity-known-hosts) | Adds an entry to the ssh known hosts file. | +| [`delete system connectivity authorized-keys entry`](#delete-system-connectivity-authorized-keys-entry) | Deletes entries from the ssh authorized keys file based on specified parameters. | +| [`delete system connectivity known-hosts entry`](#delete-system-connectivity-known-hosts-entry) | Deletes entries from the ssh known hosts file based on specified parameters. | +| [`show system connectivity authorized-keys`](#show-system-connectivity-authorized-keys) | Display ssh authorized keys for inter-node communication. | +| [`show system connectivity host-keys`](#show-system-connectivity-host-keys) | Displays the public keys used by the router for inter-node communication. | +| [`show system connectivity key-checking-mode`](#show-system-connectivity-key-checking-mode) | Shows the StrictHostKeyCheckingMode of various router services. | +| [`show system connectivity known-hosts`](#show-system-connectivity-known-hosts) | Display ssh known hosts for inter-node communication. | + +## `create system connectivity known-hosts` + +Adds an entry to the ssh known hosts file. + +#### Usage + +``` +create system connectivity known-hosts [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| host | The domains/IP addresses associated with the key | +| key-type | The type of key (e.g. ssh-rsa) | +| key-value | The base64 encoded public key | +| comment | A comment (usually the asset-id) to be associated with entry | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`create system connectivity authorized-keys`](#create-system-connectivity-authorized-keys) | Adds an entry to the ssh authorized keys file. | +| [`delete system connectivity authorized-keys entry`](#delete-system-connectivity-authorized-keys-entry) | Deletes entries from the ssh authorized keys file based on specified parameters. | +| [`delete system connectivity known-hosts entry`](#delete-system-connectivity-known-hosts-entry) | Deletes entries from the ssh known hosts file based on specified parameters. | +| [`show system connectivity authorized-keys`](#show-system-connectivity-authorized-keys) | Display ssh authorized keys for inter-node communication. | +| [`show system connectivity host-keys`](#show-system-connectivity-host-keys) | Displays the public keys used by the router for inter-node communication. | +| [`show system connectivity key-checking-mode`](#show-system-connectivity-key-checking-mode) | Shows the StrictHostKeyCheckingMode of various router services. | +| [`show system connectivity known-hosts`](#show-system-connectivity-known-hosts) | Display ssh known hosts for inter-node communication. | + ## `create user` Create a new user account interactively. @@ -845,7 +900,7 @@ create user [] The `create user` command allows administrators to create user accounts for user and/or administrative access to the SSR's management port. Issuing the `create user ` launches an interactive session that prompts for the new user's full name, password, whether they are an administrative or basic user, and the enabled/disabled state of that user account. :::note -Password policies have been updated with the release of version 5.6. Please see [Password Policies](config_password_policies.md) for additional information. +Please see [Password Policies](config_password_policies.md) for additional information. ::: #### Example @@ -1188,6 +1243,113 @@ The _delete sessions_ command removes all current sessions or a subset if argume This may be a service impacting operation. ::: +## `delete system connectivity authorized-keys autoclean` + +Automatically removes unrecognized entries from the ssh authorized keys file. + +#### Usage + +``` +delete system connectivity authorized-keys autoclean [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +## `delete system connectivity authorized-keys entry` + +Deletes entries from the ssh authorized keys file based on specified parameters. + +#### Usage + +``` +delete system connectivity authorized-keys entry [{router | resource-group }] [key-type ] [key-value ] [comment ] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| comment | Optionally specifies a comment to delete entries by (default: ) | +| force | Skip confirmation prompt. Only required when targeting all routers | +| key-type | Optionally specifies which key type to delete (default: ) | +| key-value | Optionally specifies a key value to delete entries by (default: ) | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`create system connectivity authorized-keys`](#create-system-connectivity-authorized-keys) | Adds an entry to the ssh authorized keys file. | +| [`create system connectivity known-hosts`](#create-system-connectivity-known-hosts) | Adds an entry to the ssh known hosts file. | +| [`delete system connectivity known-hosts entry`](#delete-system-connectivity-known-hosts-entry) | Deletes entries from the ssh known hosts file based on specified parameters. | +| [`show system connectivity authorized-keys`](#show-system-connectivity-authorized-keys) | Display ssh authorized keys for inter-node communication. | +| [`show system connectivity host-keys`](#show-system-connectivity-host-keys) | Displays the public keys used by the router for inter-node communication. | +| [`show system connectivity key-checking-mode`](#show-system-connectivity-key-checking-mode) | Shows the StrictHostKeyCheckingMode of various router services. | +| [`show system connectivity known-hosts`](#show-system-connectivity-known-hosts) | Display ssh known hosts for inter-node communication. | + +## `delete system connectivity known-hosts autoclean` + +Automatically removes unrecognized entries from the ssh known hosts file. + +#### Usage + +``` +delete system connectivity known-hosts autoclean [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +## `delete system connectivity known-hosts entry` + +Deletes entries from the ssh known hosts file based on specified parameters. + +#### Usage + +``` +delete system connectivity known-hosts entry [{router | resource-group }] [host ] [key-type ] [key-value ] [comment ] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| comment | Optionally specifies a comment to delete entries by | +| force | Skip confirmation prompt. Only required when targeting all routers | +| host | Optionally specifies a host to delete entries for | +| key-type | Optionally specifies which key type to delete | +| key-value | Optionally specifies a key value to delete entries by | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`create system connectivity authorized-keys`](#create-system-connectivity-authorized-keys) | Adds an entry to the ssh authorized keys file. | +| [`create system connectivity known-hosts`](#create-system-connectivity-known-hosts) | Adds an entry to the ssh known hosts file. | +| [`delete system connectivity authorized-keys entry`](#delete-system-connectivity-authorized-keys-entry) | Deletes entries from the ssh authorized keys file based on specified parameters. | +| [`show system connectivity authorized-keys`](#show-system-connectivity-authorized-keys) | Display ssh authorized keys for inter-node communication. | +| [`show system connectivity host-keys`](#show-system-connectivity-host-keys) | Displays the public keys used by the router for inter-node communication. | +| [`show system connectivity key-checking-mode`](#show-system-connectivity-key-checking-mode) | Shows the StrictHostKeyCheckingMode of various router services. | +| [`show system connectivity known-hosts`](#show-system-connectivity-known-hosts) | Display ssh known hosts for inter-node communication. | + ## `delete system software` Remove or cancel a previously started download. @@ -1195,13 +1357,17 @@ Remove or cancel a previously started download. #### Usage ``` -delete system software version +delete system software [{router | resource-group }] [force] [node ] version ``` ##### Keyword Arguments | name | description | | ---- | ----------- | +| force | Skip confirmation prompt | +| node | The node on which to cancel or remove SSR software | +| resource-group | The name of the resource group | +| router | The router on which to cancel or remove SSR software (default: <current router>) | | version | The version to cancel or remove. | ##### See Also @@ -1209,11 +1375,16 @@ delete system software version | command | description | | ------- | ----------- | | [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | | [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | -| [`set system software image`](#set-system-software-image) | Set the boot image. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | | [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | | [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | -| [`show system software upgrade`](#show-system-software-upgrade) | Follow an in-progress upgrade. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | | [`show system version`](#show-system-version) | Show system version information. | ## `delete user` @@ -1619,7 +1790,7 @@ export config #### Description -The _export_ command takes a configuration from a previously created backup (via _create config backup_), from the candidate configuration, or from the SSR's running configuration, and stores it as a file on the local filesystem. It can then be taken off, moved onto other systems, archived, etc. +The _export_ command takes the running or candidate configuration from the SSR and stores it as a file on the local filesystem. It can then be taken off, moved onto other systems, archived, etc. Exported files are stored in /etc/128technology/config-exports/ and are stored as GZIP compressed files. @@ -1752,33 +1923,70 @@ import iso [check-rpm-signature ] [force] [verbose] {hunt | | name | description | | ---- | ----------- | | check-rpm-signature | required \| allow-unsigned \| disabled (default: required) | -| filepath | The absolute filepath to the ISO | +| filepath | The absolute filepath to the ISO, tarball, checksum or signature file | | force | Skip confirmation prompt | -| hunt | Find and import all ISOs from the filesystem | +| hunt | Find and import all image, checksum and signature files from the filesystem matching 128T*.iso, SSR*.iso or SSR*.tar and any corresponding checksum and signature files | | verbose | Increase log level verbosity | -#### Example +## `initialize conductor` + +Initializes the current device as a conductor. + +#### Usage ``` -admin@conductor.Conductor# import iso hunt -This command is resource intensive and can take a while. Are you sure? [y/N]: y -Current Installer version: 2.5.0-0.20200326163206.snapshot -Installer will run in non-interactive mode -Refreshing DNF cache (this may take a few minutes) -Cleaning DNF data: expire-cache -Making the DNF cache -Cleaning legacy local repos (this may take a few minutes) -Installer will hunt for ISOs to import -Importing packages for 128T-4.4.0-0.202004021313.release.el7.x86_64.rpm -Installer complete -Import success +initialize conductor [artifactory-user ] [artifactory-password ] [dns-servers ] [node-ip ] [node-gateway ] [interface-name ] [clustered] [ha-ip ] [ha-interface-name ] [ha-peer-ip ] [ha-peer-name ] [learn-from-ha-peer] [ha-peer-username ] [unsafe-ha-peer-password ] router-name node-name ``` -#### Version History +##### Keyword Arguments -| Release | Modification | -| ------- | ----------------------------| -| 4.4.0 | This feature was introduced | +| name | description | +| ---- | ----------- | +| artifactory-password | Password portion of the artifactory credentials | +| artifactory-user | User portion of the artifactory credentials | +| clustered | Whether or not this conductor is to be configured as an HA pair | +| dns-servers | comma separated list of DNS servers | +| ha-interface-name | Interface name (matching a port in the device-map) to bind the ha-ip to. | +| ha-ip | The IPv4 address to assign to the HA interface on this node | +| ha-peer-ip | The IPv4 address of the node to be used as an HA peer | +| ha-peer-name | The name of the Node to be used as an HA peer | +| ha-peer-username | The user on the peer node to authenticate as. This user must have sudo privileges. Required if 'learn-from-ha-peer' is true. | +| interface-name | Interface name (matching a port in the device-map) to bind the node-ip and node-gateway to. | +| learn-from-ha-peer | If true, the Initializer will use the HA peer to obtain setup information. | +| node-gateway | The IP address of the gateway of the node being provisioned | +| node-ip | The IPv4 address of the node being provisioned (x.x.x.x/y) | +| node-name | The name of the node being provisioned | +| router-name | Assign a name to the router | +| unsafe-ha-peer-password | The password for the user on the peer node to authenticate as. WARNING: If this field is used, the preferences file should not be world-readable to avoid leaking the peer node password. Required if 'learn-from-ha-peer' is true. | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`initialize conductor-managed`](#initialize-conductor-managed) | Initializes the current device as a conductor-managed router. | + +## `initialize conductor-managed` + +Initializes the current device as a conductor-managed router. + +#### Usage + +``` +initialize conductor-managed router-name conductor-ip
[
] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| conductor-ip | The address(es) of the conductor node(s) | +| router-name | Assign a name to the router | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`initialize conductor`](#initialize-conductor) | Initializes the current device as a conductor. | ## `lookup application by-address` @@ -1884,6 +2092,12 @@ manage plugin install [node ] [] | [`show plugins categories`](#show-plugins-categories) | Shows all possible plugin categories. | | [`show plugins installed`](#show-plugins-installed) | Shows installed plugins. | +#### Description + +:::note +This command can only be run on a Conductor. +::: + ## `manage plugin remove` Remove an installed plugin. @@ -1915,6 +2129,12 @@ manage plugin remove [node ] | [`show plugins categories`](#show-plugins-categories) | Shows all possible plugin categories. | | [`show plugins installed`](#show-plugins-installed) | Shows installed plugins. | +#### Description + +:::note +This command can only be run on a Conductor. +::: + ## `migrate` Migrate an SSR to a new conductor. For more details on the SSR router migration refer to [How to: Conductor Migration](howto_conductor_migration.md). @@ -1939,15 +2159,18 @@ migrate [skip-validation] [force] conductor
[
] router +request system software download [{router | resource-group }] [skip-version-check] [cohort-id ] [force] [node ] version ``` ##### Keyword Arguments | name | description | | ---- | ----------- | +| cohort-id | Assign a cohort ID to the operation. | +| force | Skip confirmation prompt | +| node | The node on which to download SSR software | +| resource-group | The name of the resource group | +| router | The router on which to download SSR software (default: <current router>) | +| skip-version-check | Skip the version check to allow downloading SSR software at a lower version than what is currently installed. | | version | The version to download. | ##### See Also @@ -2290,13 +2519,108 @@ request system software download version | command | description | | ------- | ----------- | | [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | +| [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | +| [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | +| [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | +| [`show system version`](#show-system-version) | Show system version information. | + +## `request system software health-check` + +Perform a health check of an SSR. + +#### Usage + +``` +request system software health-check [{router | resource-group }] [force] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The node on which to perform the health-check | +| resource-group | The name of the resource group | +| router | The router on which to perform the health-check (default: <current router>) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| target | The target health-check (default: steady-state) | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | +| [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | +| [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | +| [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | +| [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | +| [`show system version`](#show-system-version) | Show system version information. | + +## `request system software revert` + +Revert to a previous version of the SSR. + +#### Usage + +``` +request system software revert [{router | resource-group }] [simultaneous] [cohort-id ] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| cohort-id | Assign a cohort ID to the operation. | +| force | Skip confirmation prompt | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The router on which to revert to previous SSR software (default: <current router>) | +| simultaneous | Revert both nodes in an HA router at the same time to maximize speed but interrupt service. Only valid when targeting a router. | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | +| [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | | [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | -| [`set system software image`](#set-system-software-image) | Set the boot image. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | | [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | | [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | -| [`show system software upgrade`](#show-system-software-upgrade) | Follow an in-progress upgrade. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | | [`show system version`](#show-system-version) | Show system version information. | +#### Description + +Revert a router or node to a previous version of the SSR software. When targeting a router with the revert command the default behavior for HA routers is to perform a sequenced revert, which will revert each node one at a time to minimize service impact. The 'simultaneous' flag will revert both nodes at once to maximize speed but impact service. + +When targeting a node in an HA router with the revert command, only the target node will be reverted. + +:::warning +This may be a service impacting operation. +::: + ## `request system software upgrade` Upgrade to a new version of the SSR. @@ -2304,13 +2628,22 @@ Upgrade to a new version of the SSR. #### Usage ``` -request system software upgrade version +request system software upgrade [{router | resource-group }] [simultaneous] [skip-package-transfer] [skip-pre-health-check] [skip-post-health-check] [cohort-id ] [force] [node ] version ``` ##### Keyword Arguments | name | description | | ---- | ----------- | +| cohort-id | Assign a cohort ID to the operation. | +| force | Skip confirmation prompt | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The router on which to upgrade SSR software (default: <current router>) | +| simultaneous | Upgrade both nodes in an HA router at the same time to maximize speed but interrupt service. Only valid when targeting a router. | +| skip-package-transfer | Don't transfer any packages installed on top of the current SSR ISO to the new SSR ISO. Only valid for image based systems. | +| skip-post-health-check | Skip the post upgrade health check, which reverts to the previous version upon failure. | +| skip-pre-health-check | Skip the pre upgrade health check, which prevents the upgrade from starting upon failure. | | version | The version to upgrade to. | ##### See Also @@ -2319,14 +2652,23 @@ request system software upgrade version | ------- | ----------- | | [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | | [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | -| [`set system software image`](#set-system-software-image) | Set the boot image. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | | [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | | [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | -| [`show system software upgrade`](#show-system-software-upgrade) | Follow an in-progress upgrade. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | | [`show system version`](#show-system-version) | Show system version information. | #### Description +Upgrade a router or node to a new version of the SSR software. When targeting a router with the upgrade command the default behavior for HA routers is to perform a sequenced upgrade, which will upgrade each node one at a time to minimize service impact. The 'simultaneous' flag will upgrade both nodes at once to maximize speed but impact service. + +When targeting a node in an HA router with the upgrade command, only the target node will be upgraded. + :::warning This may be a service impacting operation. ::: @@ -2913,10 +3255,7 @@ search config running [limit ] | name | description | | ---- | ----------- | -| case-sensitive | Interpret the search query as case-sensitive | | limit | limit the maximum number of results [type: int] | -| regex | Process the query as a regular expression | -| whole-word | Don't allow partial matches of words | ##### Positional Arguments @@ -3009,12 +3348,12 @@ Configuration Attributes: ## `send command download` -Download SSR software on a router +This download command is now obsolete. #### Usage ``` -send command download [dry-run] [force] {router | resource-group } [] +send command download [{router | resource-group }] [force] [node ] ``` ##### Keyword Arguments @@ -3023,36 +3362,58 @@ send command download [dry-run] [force] {router | resource-group node +``` + +##### Keyword Arguments | name | description | | ---- | ----------- | -| version | The version of SSR as semantic version and optionally a release identifier (e.g. "3.0.0" or "3.0.1-snapshot1"); if not provided, the latest is assumed | +| force | Skip confirmation prompt | +| node | The node to reboot | +| router | The router to reboot | ##### See Also | command | description | | ------- | ----------- | -| [`migrate`](#migrate) | Migrate an SSR to a new conductor | +| [`migrate`](#migrate) | Migrate a SSR router to a new conductor | | [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | | [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | | [`send command restart`](#send-command-restart) | Restart an SSR node | -| [`send command rollback`](#send-command-rollback) | Rollback an SSR to the previously installed version | | [`send command start`](#send-command-start) | Start an SSR node | | [`send command stop`](#send-command-stop) | Stop an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command upgrade`](#send-command-upgrade) | Upgrade an SSR node | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | +| [`send command sync`](#send-command-sync) | Transition an asset back to 'synchronizing' and perform a sync. | +| [`send command system-check post-operation`](#send-command-system-check-post-operation) | Post-operation an SSR node | +| [`send command system-check pre-operation`](#send-command-system-check-pre-operation) | Pre-operation an SSR node | | [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | | [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | #### Description -_send command_ is only available within the PCLI of an SSR Conductor. +:::note +This command can only be run on a Conductor. +::: ## `send command reconnect` @@ -3081,18 +3442,16 @@ send command reconnect [router ] [node ] | command | description | | ------- | ----------- | -| [`migrate`](#migrate) | Migrate an SSR to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | +| [`migrate`](#migrate) | Migrate a SSR router to a new conductor | +| [`send command reboot`](#send-command-reboot) | Reboot an SSR node | | [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | | [`send command restart`](#send-command-restart) | Restart an SSR node | -| [`send command rollback`](#send-command-rollback) | Rollback an SSR to the previously installed version | | [`send command start`](#send-command-start) | Start an SSR node | | [`send command stop`](#send-command-stop) | Stop an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command upgrade`](#send-command-upgrade) | Upgrade an SSR node | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | +| [`send command sync`](#send-command-sync) | Transition an asset back to 'synchronizing' and perform a sync. | +| [`send command system-check post-operation`](#send-command-system-check-post-operation) | Post-operation an SSR node | +| [`send command system-check pre-operation`](#send-command-system-check-pre-operation) | Pre-operation an SSR node | | [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | | [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | ## `send command reconnect disconnected` @@ -3115,20 +3474,24 @@ send command reconnect disconnected [force] | command | description | | ------- | ----------- | -| [`migrate`](#migrate) | Migrate an SSR to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | +| [`migrate`](#migrate) | Migrate a SSR router to a new conductor | +| [`send command reboot`](#send-command-reboot) | Reboot an SSR node | | [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | | [`send command restart`](#send-command-restart) | Restart an SSR node | -| [`send command rollback`](#send-command-rollback) | Rollback an SSR to the previously installed version | | [`send command start`](#send-command-start) | Start an SSR node | -| [`send command stop`](#send-command-stop) | Stop an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command upgrade`](#send-command-upgrade) | Upgrade an SSR node | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | +| [`send command stop`](#send-command-stop) | Stop an SSR node | +| [`send command sync`](#send-command-sync) | Transition an asset back to 'synchronizing' and perform a sync. | +| [`send command system-check post-operation`](#send-command-system-check-post-operation) | Post-operation an SSR node | +| [`send command system-check pre-operation`](#send-command-system-check-pre-operation) | Pre-operation an SSR node | | [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | | [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | +#### Description + +:::note +This command can only be run on a Conductor. +::: + ## `send command restart` Restart an SSR node @@ -3151,32 +3514,32 @@ send command restart [force] router node | command | description | | ------- | ----------- | -| [`migrate`](#migrate) | Migrate an SSR to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | +| [`migrate`](#migrate) | Migrate a SSR router to a new conductor | +| [`send command reboot`](#send-command-reboot) | Reboot an SSR node | | [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | | [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | -| [`send command rollback`](#send-command-rollback) | Rollback an SSR to the previously installed version | | [`send command start`](#send-command-start) | Start an SSR node | | [`send command stop`](#send-command-stop) | Stop an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command upgrade`](#send-command-upgrade) | Upgrade an SSR node | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | +| [`send command sync`](#send-command-sync) | Transition an asset back to 'synchronizing' and perform a sync. | +| [`send command system-check post-operation`](#send-command-system-check-post-operation) | Post-operation an SSR node | +| [`send command system-check pre-operation`](#send-command-system-check-pre-operation) | Pre-operation an SSR node | | [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | | [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | #### Description -_send command_ is only available within the PCLI of an SSR Conductor. +:::note +This command can only be run on a Conductor. +::: ## `send command rollback` -Rollback an SSR to the previously installed version +This rollback command is now obsolete. #### Usage ``` -send command rollback [force] {router | resource-group } +send command rollback [{router | resource-group }] [force] [node ] ``` ##### Keyword Arguments @@ -3184,30 +3547,18 @@ send command rollback [force] {router | resource-group | name | description | | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node | | resource-group | The name of the resource group | -| router | The router to rollback | - -##### See Also - -| command | description | -| ------- | ----------- | -| [`migrate`](#migrate) | Migrate an SSR to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | -| [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | -| [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | -| [`send command restart`](#send-command-restart) | Restart an SSR node | -| [`send command start`](#send-command-start) | Start an SSR node | -| [`send command stop`](#send-command-stop) | Stop an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command upgrade`](#send-command-upgrade) | Upgrade an SSR node | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | -| [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | -| [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | +| router | The name of the router (default: <current router>) | #### Description -_send command_ is only available within the PCLI of an SSR Conductor. +Please use the following commands to perform software maintenance: + +show system software ... +request system software ... +set system software ... +delete system software ... ## `send command start` @@ -3232,22 +3583,22 @@ send command start [force] router node | command | description | | ------- | ----------- | | [`migrate`](#migrate) | Migrate an SSR to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | +| [`send command reboot`](#send-command-reboot) | Reboot an SSR node | | [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | | [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | | [`send command restart`](#send-command-restart) | Restart an SSR node | -| [`send command rollback`](#send-command-rollback) | Rollback an SSR to the previously installed version | | [`send command stop`](#send-command-stop) | Stop an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command upgrade`](#send-command-upgrade) | Upgrade an SSR node | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | +| [`send command sync`](#send-command-sync) | Transition an asset back to 'synchronizing' and perform a sync. | +| [`send command system-check post-operation`](#send-command-system-check-post-operation) | Post-operation an SSR node | +| [`send command system-check pre-operation`](#send-command-system-check-pre-operation) | Pre-operation an SSR node | | [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | | [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | #### Description -_send command_ is only available within the PCLI of an SSR Conductor. +:::note +This command can only be run on a Conductor. +::: ## `send command stop` @@ -3271,27 +3622,27 @@ send command stop [force] router node | command | description | | ------- | ----------- | -| [`migrate`](#migrate) | Migrate an SSR to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | +| [`migrate`](#migrate) | Migrate a SSR router to a new conductor | +| [`send command reboot`](#send-command-reboot) | Reboot an SSR node | | [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | | [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | | [`send command restart`](#send-command-restart) | Restart an SSR node | -| [`send command rollback`](#send-command-rollback) | Rollback an SSR to the previously installed version | | [`send command start`](#send-command-start) | Start an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command upgrade`](#send-command-upgrade) | Upgrade an SSR node | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | +| [`send command sync`](#send-command-sync) | Transition an asset back to 'synchronizing' and perform a sync. | +| [`send command system-check post-operation`](#send-command-system-check-post-operation) | Post-operation an SSR node | +| [`send command system-check pre-operation`](#send-command-system-check-pre-operation) | Pre-operation an SSR node | | [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | | [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | #### Description -_send command_ is only available within the PCLI of an SSR Conductor. +:::note +This command can only be run on a Conductor. +::: ## `send command sync` -Transition an asset back to **connected** and perform a sync. +Transition an asset back to 'synchronizing' and perform a sync. #### Usage @@ -3313,111 +3664,161 @@ send command sync [{router | resource-group }] [force] | command | description | | ------- | ----------- | | [`migrate`](#migrate) | Migrate a SSR router to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | +| [`send command reboot`](#send-command-reboot) | Reboot an SSR node | | [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | | [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | -| [`send command restart`](#send-command-restart) | Restart a SSR node | -| [`send command rollback`](#send-command-rollback) | Rollback a SSR router to the previously installed version | -| [`send command start`](#send-command-start) | Start a SSR node | -| [`send command stop`](#send-command-stop) | Stop a SSR node | -| [`send command upgrade`](#send-command-upgrade) | Upgrade a SSR node | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | +| [`send command restart`](#send-command-restart) | Restart an SSR node | +| [`send command start`](#send-command-start) | Start an SSR node | +| [`send command stop`](#send-command-stop) | Stop an SSR node | +| [`send command system-check post-operation`](#send-command-system-check-post-operation) | Post-operation an SSR node | +| [`send command system-check pre-operation`](#send-command-system-check-pre-operation) | Pre-operation an SSR node | | [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | | [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | #### Description -Transition an asset back to **connected** and perform a sync. The sync operation ensures the asset is provisioned correctly and all plugin changes are applied. +Transition an asset back to 'synchronizing' and perform a sync. The sync operation ensures the asset is provisioned correctly and all plugin changes are applied. -#### Version History -| Release | Modification | -| ------- | --------------------------- | -| 5.6.7 | This feature was introduced | +:::note +This command can only be run on a Conductor. +::: -## `send command upgrade` +## `send command system-check post-operation` -Upgrade an SSR node +Post-operation an SSR node #### Usage ``` -send command upgrade [dry-run] [force] {router | resource-group } +send command system-check post-operation [cohort-id ] [force] router ``` ##### Keyword Arguments | name | description | | ---- | ----------- | -| dry-run | View version changes without command execution | -| force | Skip confirmation prompt. Only required when targeting all routers | -| resource-group | The name of the resource group | -| router | The router to upgrade | - -##### Positional Arguments - -| name | description | -| ---- | ----------- | -| version | The version of SSR as semantic version and optionally a release identifier (e.g. "3.0.0" or "3.0.1-snapshot1"); if not provided, the latest is assumed | +| cohort-id | Assign a cohort ID to the operation. | +| force | Skip confirmation prompt | +| router | The router to post-operation | ##### See Also | command | description | | ------- | ----------- | -| [`migrate`](#migrate) | Migrate an SSR to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | +| [`migrate`](#migrate) | Migrate a SSR router to a new conductor | +| [`send command reboot`](#send-command-reboot) | Reboot an SSR node | | [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | | [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | | [`send command restart`](#send-command-restart) | Restart an SSR node | -| [`send command rollback`](#send-command-rollback) | Rollback an SSR to the previously installed version | | [`send command start`](#send-command-start) | Start an SSR node | | [`send command stop`](#send-command-stop) | Stop an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | +| [`send command sync`](#send-command-sync) | Transition an asset back to 'synchronizing' and perform a sync. | +| [`send command system-check pre-operation`](#send-command-system-check-pre-operation) | Pre-operation an SSR node | | [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | | [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | #### Description -_send command_ is only available within the PCLI of an SSR Conductor. +:::note +This command can only be run on a Conductor. +::: -## `send command yum-cache-refresh` +## `send command system-check pre-operation` -Refresh the yum cache as well as the SSR software versions available for download and upgrade. +Pre-operation an SSR node #### Usage ``` -send command yum-cache-refresh [force] {router | resource-group } +send command system-check pre-operation [cohort-id ] [force] router ``` ##### Keyword Arguments | name | description | | ---- | ----------- | -| force | Skip confirmation prompt. Only required when targeting all routers | -| resource-group | The name of the resource group | -| router | The router to refresh | +| cohort-id | Assign a cohort ID to the operation. | +| force | Skip confirmation prompt | +| router | The router to pre-operation | ##### See Also | command | description | | ------- | ----------- | -| [`migrate`](#migrate) | Migrate an SSR to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | +| [`migrate`](#migrate) | Migrate an SSR router to a new conductor | +| [`send command reboot`](#send-command-reboot) | Reboot an SSR node | | [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | | [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | | [`send command restart`](#send-command-restart) | Restart an SSR node | -| [`send command rollback`](#send-command-rollback) | Rollback an SSR to the previously installed version | | [`send command start`](#send-command-start) | Start an SSR node | | [`send command stop`](#send-command-stop) | Stop an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command upgrade`](#send-command-upgrade) | Upgrade an SSR node | +| [`send command sync`](#send-command-sync) | Transition an asset back to 'synchronizing' and perform a sync. | +| [`send command system-check post-operation`](#send-command-system-check-post-operation) | Post-operation an SSR node | | [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | | [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | +#### Description + +:::note +This command can only be run on a Conductor. +::: + +## `send command upgrade` + +This upgrade command is now obsolete. + +#### Usage + +``` +send command upgrade [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +#### Description + +Please use the following commands to perform software maintenance: + +show system software ... +request system software ... +set system software ... +delete system software ... + +## `send command yum-cache-refresh` + +This yum-cache-refresh command is now obsolete. + +#### Usage + +``` +send command yum-cache-refresh [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +#### Description + +Please use the following commands to perform software maintenance: + +show system software ... +request system software ... +set system software ... +delete system software ... + ## `service-ping` Send an ICMP request using a service or tenant @@ -3829,7 +4230,7 @@ set password The _set password_ command allows a PCLI user to change their password. As is typical with most password changing routines, as a security precaution the user must enter their current password before they're permitted to change it. :::note -If a password is lost or forgotten and the account is inaccessible, the account cannot be recovered. Please keep password records accessible and secure. +This command can only be run on a locally authenticated user. ::: #### Version History @@ -3894,49 +4295,51 @@ Successfully set provisional status for device 10 ## `set software access-token` -Save credentials for accessing SSR software repositories. +Set credentials for accessing SSR software repositories on the local node. #### Usage ``` -set software access-token [{router | resource-group }] [force] [node ] +set software access-token [force] [] ``` ##### Keyword Arguments | name | description | | ---- | ----------- | -| force | Skip confirmation prompt. Only required when targeting all routers. | -| node | The name of the node. | -| resource-group | The name of the resource group. | -| router | The name of the router (default: <current router>). | +| force | Skip confirmation prompt | ##### Positional Arguments | name | description | | ---- | ----------- | -| username | The username for the software access account. | -| token | Authentication token for SSR software. | - -| Release | Modification | -| ------- | ----------------------------| -| 5.5.2 | This feature was introduced | +| username | The username for the software access account | +| token | Authentication token for SSR software | +| channel | The software access channel (default: release) | -## `set system software image` +## `set system software boot-volume` -Set the boot image. +Set the boot volume. #### Usage ``` -set system software image +set system software boot-volume [force] [router ] [node ] ``` +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt | +| node | The node on which to set the boot volume | +| router | The router on which to set the boot volume (default: <current router>) | + ##### Positional Arguments | name | description | | ---- | ----------- | -| image | The image to load on next boot | +| id | The boot volume ID to load on next boot | ##### See Also @@ -3944,10 +4347,15 @@ set system software image | ------- | ----------- | | [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | | [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | | [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | | [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | | [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | -| [`show system software upgrade`](#show-system-software-upgrade) | Follow an in-progress upgrade. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | | [`show system version`](#show-system-version) | Show system version information. | | Release | Modification | @@ -4019,6 +4427,10 @@ shell [ ...] The shell command allows administrators to execute a bash shell, or to execute a command within the context of a bash shell (specified as a series of optional parameters to the _shell_ command). +:::note +This command can only be run by users that are a part of the 'admin' group. +::: + #### Example ``` @@ -4456,31 +4868,32 @@ show assets [{router | resource-group }] [force] [node | command | description | | ------- | ----------- | | [`errors`](#show-assets-errors) | Shows the SSR nodes that have errors. | -| [`software`](#show-assets-software) | Shows assets software information. | | [`summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | ##### See Also | command | description | | ------- | ----------- | -| [`migrate`](#migrate) | Migrate an SSR to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | +| [`migrate`](#migrate) | Migrate a SSR router to a new conductor | +| [`send command reboot`](#send-command-reboot) | Reboot an SSR node | | [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | | [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | | [`send command restart`](#send-command-restart) | Restart an SSR node | -| [`send command rollback`](#send-command-rollback) | Rollback an SSR to the previously installed version | | [`send command start`](#send-command-start) | Start an SSR node | | [`send command stop`](#send-command-stop) | Stop an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command upgrade`](#send-command-upgrade) | Upgrade an SSR node | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | +| [`send command sync`](#send-command-sync) | Transition an asset back to 'synchronizing' and perform a sync. | +| [`send command system-check post-operation`](#send-command-system-check-post-operation) | Post-operation an SSR node | +| [`send command system-check pre-operation`](#send-command-system-check-pre-operation) | Pre-operation an SSR node | | [`show assets summary`](#show-assets-summary) | A summary of assets connected to the Conductor. | #### Description The _show assets_ command displays the automated provisioning status of the SSR nodes within an Authority. With SSR's automated provisioning feature set, each "asset" represents a platform into which the SSR software is installed, updated, managed, etc. The _show assets_ command allows administrators to see, at a glance, the state of all assets – including which software versions have been installed on which nodes, what their router and node identifiers are, etc. +:::note +This command can only be run on a Conductor. +::: + #### Example ``` @@ -4546,6 +4959,10 @@ show assets errors [{router | resource-group }] [force] _show assets errors_ will display all assets with at least one automated provisioner related error. +:::note +This command can only be run on a Conductor. +::: + #### Example ``` @@ -4611,6 +5028,10 @@ Displays software related information for each managed asset. The following info - Software versions currently being downloaded. - Previously downloaded versions that can be used to upgrade the platform. +:::note +This command can only be run on a Conductor. +::: + #### Example ``` @@ -4666,24 +5087,26 @@ show assets summary [{router | resource-group }] [force | command | description | | ------- | ----------- | -| [`migrate`](#migrate) | Migrate an SSR to a new conductor | -| [`send command download`](#send-command-download) | Download SSR software on a router | +| [`migrate`](#migrate) | Migrate a SSR router to a new conductor | +| [`send command reboot`](#send-command-reboot) | Reboot an SSR node | | [`send command reconnect`](#send-command-reconnect) | Attempt to reconnect an asset | | [`send command reconnect disconnected`](#send-command-reconnect-disconnected) | Attempt to reconnect all disconnected assets. | | [`send command restart`](#send-command-restart) | Restart an SSR node | -| [`send command rollback`](#send-command-rollback) | Rollback an SSR to the previously installed version | | [`send command start`](#send-command-start) | Start an SSR node | | [`send command stop`](#send-command-stop) | Stop an SSR node | -| [`send command sync`](#send-command-sync) | Transition an asset back to 'connected' and perform a sync. | -| [`send command upgrade`](#send-command-upgrade) | Upgrade an SSR node | -| [`send command yum-cache-refresh`](#send-command-yum-cache-refresh) | Refresh the yum cache as well as the SSR software versions available for download and upgrade. | +| [`send command sync`](#send-command-sync) | Transition an asset back to 'synchronizing' and perform a sync. | +| [`send command system-check post-operation`](#send-command-system-check-post-operation) | Post-operation an SSR node | +| [`send command system-check pre-operation`](#send-command-system-check-pre-operation) | Pre-operation an SSR node | | [`show assets`](#show-assets) | Shows the automated provisioning status of SSR nodes. | -| [`show assets software`](#show-assets-software) | Shows assets software information. | #### Description _show assets summary_ will display a total of all assets in each state. +:::note +This command can only be run on a Conductor. +::: + #### Example ``` @@ -5171,17 +5594,17 @@ show certificate webserver admin@labsystem1.fiedler# show certificate webserver Certificate: -​ Data: -​ Version: 3 (0x2) -​ Serial Number: 17087 (0x42bf) -​ Signature Algorithm: sha256WithRSAEncryption -​ Issuer: C=US, ST=MA, O=a, CN=a -​ Validity -​ Not Before: May 5 04:49:02 2016 GMT -​ Not After : May 6 04:49:02 2017 GMT -​ Subject: C=US, ST=MA, O=a, CN=a -​ Subject Public Key Info: -​ Public Key Algorithm: rsaEncryption + Data: + Version: 3 (0x2) + Serial Number: 17087 (0x42bf) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=MA, O=a, CN=a + Validity + Not Before: May 5 04:49:02 2016 GMT + Not After : May 6 04:49:02 2017 GMT + Subject: C=US, ST=MA, O=a, CN=a + Subject Public Key Info: + Public Key Algorithm: rsaEncryption ... ``` @@ -5212,20 +5635,20 @@ Note that the output from _show config candidate_ is formatted in such a way so ``` admin@labsystem1.fiedler# show config candidate config -​ authority -​ router Fabric128 -​ name Fabric128 -​ node labsystem1 -​ name labsystem1 -​ id 1 -​ description "Primary lab system" -​ location "Newton, MA" -​ role combo -​ device-interface 1 -​ id 1 -​ description "external network" -​ type ethernet -​ pci-address 0000:02:00.0 + authority + router Fabric128 + name Fabric128 + node labsystem1 + name labsystem1 + id 1 + description "Primary lab system" + location "Newton, MA" + role combo + device-interface 1 + id 1 + description "external network" + type ethernet + pci-address 0000:02:00.0 ... ``` The same configuration using the _flat_ flag is displayed quite differently: @@ -5248,21 +5671,21 @@ The _show config candidate_ command also lets users show specific portions of th ``` admin@labsystem1.fiedler# show config candidate authority session-type verbose all config -​ authority -​ session-type HTTP -​ name HTTP -​ service-class Standard -​ timeout 7200000 -​ transport tcp -​ protocol tcp -​ port-range 80 -​ start-port 80 -​ exit -​ port-range 8080 -​ start-port 8080 -​ exit -​ exit -​ exit + authority + session-type HTTP + name HTTP + service-class Standard + timeout 7200000 + transport tcp + protocol tcp + port-range 80 + start-port 80 + exit + port-range 8080 + start-port 8080 + exit + exit + exit ... ``` @@ -5277,15 +5700,8 @@ config | command | description | | ------- | ----------- | -| [`authority`](#show-config-candidate) | Show configuration data for `authority` | -| [`generated`](#show-config-candidate) | Show configuration data for `generated` | - -#### Version History - -| Release | Modification | -| ------- | ----------------------------| -| 1.0.0 | This feature was introduced as "show candidate-config" | -| 2.0.0 | Renamed and reorganized as "show config candidate". _flat_, _verbose_, and configuration branch arguments added | +| `authority` | Show configuration data for a specified section of the configuration | +| `generated` | Show configuration data for a specified section of the generated configuration | ## `show config disk-cache` @@ -5473,6 +5889,12 @@ Display all routers with a locally modified config version. show config locally-modified ``` +#### Description + +:::note +This command can only be run on a Conductor. +::: + ## `show config out-of-sync` Display all routers with a config version that is out of sync with the conductor. @@ -5483,6 +5905,12 @@ Display all routers with a config version that is out of sync with the conductor show config out-of-sync ``` +#### Description + +:::note +This command can only be run on a Conductor. +::: + ## `show config running` Display running configuration data @@ -5504,12 +5932,12 @@ Note that the output from _show config running_ is formatted in such a way so as ``` admin@labsystem1.fiedler# show config running config -​ authority -​ name Authority128 -​ router Fabric128 -​ name Fabric128 -​ description "Default router" -​ inter-node-security internal + authority + name Authority128 + router Fabric128 + name Fabric128 + description "Default router" + inter-node-security internal ... ``` @@ -5518,24 +5946,24 @@ The _show config running_ command also lets users show specific portions of the ``` admin@labsystem1.fiedler# show config running authority service-class verbose all config -​ authority -​ service-class Standard -​ name Standard -​ dscp 0 -​ priority 0 -​ rate-limit false -​ max-flow-rate 0 -​ max-flow-burst 0 -​ exit - -​ service-class NetworkControl -​ name NetworkControl -​ dscp 48 -​ priority 0 -​ rate-limit false -​ max-flow-rate 0 -​ max-flow-burst 0 -​ exit + authority + service-class Standard + name Standard + dscp 0 + priority 0 + rate-limit false + max-flow-rate 0 + max-flow-burst 0 + exit + + service-class NetworkControl + name NetworkControl + dscp 48 + priority 0 + rate-limit false + max-flow-rate 0 + max-flow-burst 0 + exit ... ``` @@ -5550,16 +5978,7 @@ config | command | description | | ------- | ----------- | -| [`authority`](#show-config-running) | Show configuration data for `authority` | -| [`generated`](#show-config-running) | Show configuration data for `generated` | - -#### Version History - -| Release | Modification | -| ------- | ----------------------------| -| 1.0.0 | This feature was introduced as "show running-config" | -| 2.0.0 | Renamed and reorganized as "show config running" | - +| `authority` | Show configuration data for a specific section of the authority | ## `show config version` @@ -6118,6 +6537,12 @@ show dynamic-peer-update [{router | resource-group }] [ | [`show stats dynamic-peer-update`](cli_stats_reference.md#show-stats-dynamic-peer-update) | Stats pertaining to dynamic peer update processes | | [`sync peer addresses`](#sync-peer-addresses) | Synchronize dynamic addresses (DHCP and PPPoE) between routers and a conductor. | +#### Description + +:::note +This command can only be run on a Conductor. +::: + ## `show entitlement` Displays entitlement utilized. @@ -6392,7 +6817,7 @@ show fib [{service-name | hierarchy-service-name | contains-servic | name | description | | ---- | ----------- | | contains-service-name | The partial substring match to show for the fib | -| force | Skip confirmation prompt. Only required when targeting all routers. | +| force | Skip confirmation prompt. Only required when targeting all routers | | hierarchy-service-name | The hierarchy root to show for the fib | | match-service-name | The regex to match service names to show for the fib | | node | The node from which to retrieve fib entries | @@ -7555,6 +7980,8 @@ show network-interface [name ] [force] [node ] {router | re | command | description | | ------- | ----------- | | [`application`](#show-network-interface-application) | Display application data info for network-interfaces. | +| [`redundancy`](#show-network-interface-redundancy) | Display redundancy info for network-interfaces. | +| [`source-nat-rules`](#show-network-interface-source-nat-rules) | Display source NAT rules on a network-interface. Source NAT ports usage is available in the detail view for dynamic rules. | #### Description @@ -7664,14 +8091,61 @@ Tue 2020-04-21 15:26:19 UTC role: primary state: standalone - Interface: gouda:lan-untrusted - state: Interface not configured for any managed application + Interface: gouda:lan-untrusted + state: Interface not configured for any managed application + + Interface: gouda:mgmt-interface + state: Interface not configured for any managed application + +Completed in 0.76 seconds +``` +## `show network-interface redundancy` + +Display redundancy info for network-interfaces. + +#### Usage + +``` +show network-interface redundancy [name ] [force] [node ] {router | resource-group } +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| name | Network interface to display (if omitted, all will be displayed) | +| node | The node for which to display redundancy data | +| resource-group | The name of the resource group | +| router | The router for which to display redundancy data | + +#### Description + +The command _show network-interface redundancy_ can be used to display information regarding network-interface redundancy status + +## `show network-interface source-nat-rules` + +Display source NAT rules on a network-interface. Source NAT ports usage is available in the detail view for dynamic rules. - Interface: gouda:mgmt-interface - state: Interface not configured for any managed application +#### Usage -Completed in 0.76 seconds ``` +show network-interface source-nat-rules name router node [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| name | The network-interface where the source NAT rules are configured | +| node | The node on which to run show source-nat-rules | +| router | The router on which to run show source-nat-rules | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary (default: summary) | ## `show ntp` @@ -9077,6 +9551,10 @@ show peers hostnames [{router | resource-group }] [forc | resource-group | The name of the resource group | | router | The router on which to display peer hostnames (default: all) | +:::note +This command can only be run on a Conductor. +::: + #### Example ``` @@ -9278,7 +9756,7 @@ show platform [{router | resource-group }] [force] [nod | name | description | | ---- | ----------- | -| category | all \| cpu \| device-interfaces \| disk \| fan-speeds \| memory \| operating-system \| temperatures \| vendor (default: all) | +| category | all \| cpu \| device-interfaces \| disk \| memory \| operating-system \| vendor (default: all) | ##### See Also @@ -9350,6 +9828,12 @@ show plugins available [{name | category }] [node ] | [`show plugins categories`](#show-plugins-categories) | Shows all possible plugin categories. | | [`show plugins installed`](#show-plugins-installed) | Shows installed plugins. | +#### Description + +:::note +This command can only be run on a Conductor. +::: + ## `show plugins categories` Shows all possible plugin categories. @@ -9369,6 +9853,12 @@ show plugins categories | [`show plugins available`](#show-plugins-available) | Shows latest verison of plugins available for install. | | [`show plugins installed`](#show-plugins-installed) | Shows installed plugins. | +#### Description + +:::note +This command can only be run on a Conductor. +::: + ## `show plugins installed` Shows installed plugins. @@ -9395,6 +9885,12 @@ show plugins installed [category ] [node ] | [`show plugins available`](#show-plugins-available) | Shows latest verison of plugins available for install. | | [`show plugins categories`](#show-plugins-categories) | Shows all possible plugin categories. | +#### Description + +:::note +This command can only be run on a Conductor. +::: + ## `show plugins state` Show plugin state data for a given plugin @@ -9839,7 +10335,7 @@ Displays service path information at the specified node. #### Usage ``` -show service-path [{service-name | hierarchy-service-name | contains-service-name }] [{rows | detail}] router node +show service-path [{service-name | hierarchy-service-name | contains-service-name }] [{rows | detail | idp}] router node ``` ##### Keyword Arguments @@ -10010,8 +10506,8 @@ show sessions [{service-name | hierarchy-service-name | contains-s | command | description | | ------- | ----------- | -| [`by-id`](#show-sessions-by-id) | Show information of a session for a given Id | -| [`top`](#show-sessions) | <bandwidth> | +| [`by-id`](#show-sessions-by-id) | Show information of a session for a given ID | +| [`top`](#show-sessions-top-bandwidth) | Display the top sessions ordered by bandwidth | #### Description @@ -10256,7 +10752,7 @@ Show STEP routes #### Usage ``` -show step routes [rows ] [node ] [service ] [ip-prefix ] [force] {router | resource-group } [] +show step routes [rows ] [service ] [ip-prefix ] [force] {router | resource-group } [] ``` ##### Keyword Arguments @@ -10265,7 +10761,6 @@ show step routes [rows ] [node ] [service ] [ip-p | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | ip-prefix | STEP routes for this ip prefix [type: IP prefix] | -| node | STEP routes on this node | | resource-group | The name of the resource group | | router | The router to request STEP information from | | rows | The number of items to display at once [type: int or 'all'] (default: 50) | @@ -10293,7 +10788,11 @@ show step-repo clients [] | ---- | ----------- | | verbosity | detail \| summary (default: summary) | +#### Description +:::note +This command can only be run on a Conductor. +::: ## `show system` @@ -10322,7 +10821,7 @@ show system [{router | resource-group }] [force] [node | [`processes`](#show-system-processes) | Display a table summarizing the statuses of processes. | | [`registry`](#show-system-registry) | Shows registered services from the system services coordinator for the specified process, node or router. | | [`services`](#show-system-services) | Display a table summarizing statuses of SSR systemd services. | -| [`software`](#show-system-software-available) | <available> \| <download> \| <upgrade> | +| [`software`](#show-system-software) | <available> \| <download> \| <health-check> \| <revert> \| <sources> \| <upgrade> | | [`version`](#show-system-version) | Show system version information. | ##### See Also @@ -10376,7 +10875,11 @@ show system connectivity [{router | resource-group }] [ | command | description | | ------- | ----------- | +| [`authorized-keys`](#show-system-connectivity-authorized-keys) | Display ssh authorized keys for inter-node communication. | +| [`host-keys`](#show-system-connectivity-host-keys) | Displays the public keys used by the router for inter-node communication. | | [`internal`](#show-system-connectivity-internal) | Displays inter-node secure communication connections. | +| [`key-checking-mode`](#show-system-connectivity-key-checking-mode) | Shows the StrictHostKeyCheckingMode of various router services. | +| [`known-hosts`](#show-system-connectivity-known-hosts) | Display ssh known hosts for inter-node communication. | #### Description @@ -10398,6 +10901,67 @@ Fri 2018-02-09 09:30:48 EST Completed in 0.20 seconds ``` +## `show system connectivity authorized-keys` + +Display ssh authorized keys for inter-node communication. + +#### Usage + +``` +show system connectivity authorized-keys [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`create system connectivity authorized-keys`](#create-system-connectivity-authorized-keys) | Adds an entry to the ssh authorized keys file. | +| [`create system connectivity known-hosts`](#create-system-connectivity-known-hosts) | Adds an entry to the ssh known hosts file. | +| [`delete system connectivity authorized-keys entry`](#delete-system-connectivity-authorized-keys-entry) | Deletes entries from the ssh authorized keys file based on specified parameters. | +| [`delete system connectivity known-hosts entry`](#delete-system-connectivity-known-hosts-entry) | Deletes entries from the ssh known hosts file based on specified parameters. | +| [`show system connectivity host-keys`](#show-system-connectivity-host-keys) | Displays the public keys used by the router for inter-node communication. | +| [`show system connectivity key-checking-mode`](#show-system-connectivity-key-checking-mode) | Shows the StrictHostKeyCheckingMode of various router services. | +| [`show system connectivity known-hosts`](#show-system-connectivity-known-hosts) | Display ssh known hosts for inter-node communication. | + +## `show system connectivity host-keys` + +Displays the public keys used by the router for inter-node communication. + +#### Usage +``` +show system connectivity host-keys [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`create system connectivity authorized-keys`](#create-system-connectivity-authorized-keys) | Adds an entry to the ssh authorized keys file. | +| [`create system connectivity known-hosts`](#create-system-connectivity-known-hosts) | Adds an entry to the ssh known hosts file. | +| [`delete system connectivity authorized-keys entry`](#delete-system-connectivity-authorized-keys-entry) | Deletes entries from the ssh authorized keys file based on specified parameters. | +| [`delete system connectivity known-hosts entry`](#delete-system-connectivity-known-hosts-entry) | Deletes entries from the ssh known hosts file based on specified parameters. | +| [`show system connectivity authorized-keys`](#show-system-connectivity-authorized-keys) | Display ssh authorized keys for inter-node communication. | +| [`show system connectivity key-checking-mode`](#show-system-connectivity-key-checking-mode) | Shows the StrictHostKeyCheckingMode of various router services. | +| [`show system connectivity known-hosts`](#show-system-connectivity-known-hosts) | Display ssh known hosts for inter-node communication. | + ## `show system connectivity internal` Displays inter-node secure communication connections. @@ -10437,6 +11001,71 @@ Fri 2018-02-09 09:31:38 EST Completed in 0.27 seconds ``` +## `show system connectivity key-checking-mode` + +Shows the StrictHostKeyCheckingMode of various router services. + +#### Usage + +``` +show system connectivity key-checking-mode [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The node for which to display key checking modes for | +| resource-group | The name of the resource group | +| router | The router for which to display key checking modes for (default: <current router>) | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`create system connectivity authorized-keys`](#create-system-connectivity-authorized-keys) | Adds an entry to the ssh authorized keys file. | +| [`create system connectivity known-hosts`](#create-system-connectivity-known-hosts) | Adds an entry to the ssh known hosts file. | +| [`delete system connectivity authorized-keys entry`](#delete-system-connectivity-authorized-keys-entry) | Deletes entries from the ssh authorized keys file based on specified parameters. | +| [`delete system connectivity known-hosts entry`](#delete-system-connectivity-known-hosts-entry) | Deletes entries from the ssh known hosts file based on specified parameters. | +| [`show system connectivity authorized-keys`](#show-system-connectivity-authorized-keys) | Display ssh authorized keys for inter-node communication. | +| [`show system connectivity host-keys`](#show-system-connectivity-host-keys) | Displays the public keys used by the router for inter-node communication. | +| [`show system connectivity known-hosts`](#show-system-connectivity-known-hosts) | Display ssh known hosts for inter-node communication. | + +#### Description + +Displayes the StrictHostKeyCheckingMode for Inter-Node, and Inter-Router SSH tunnels. + +## `show system connectivity known-hosts` + +Display ssh known hosts for inter-node communication. + +#### Usage + +``` +show system connectivity known-hosts [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node | +| resource-group | The name of the resource group | +| router | The name of the router (default: <current router>) | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`create system connectivity authorized-keys`](#create-system-connectivity-authorized-keys) | Adds an entry to the ssh authorized keys file. | +| [`create system connectivity known-hosts`](#create-system-connectivity-known-hosts) | Adds an entry to the ssh known hosts file. | +| [`delete system connectivity authorized-keys entry`](#delete-system-connectivity-authorized-keys-entry) | Deletes entries from the ssh authorized keys file based on specified parameters. | +| [`delete system connectivity known-hosts entry`](#delete-system-connectivity-known-hosts-entry) | Deletes entries from the ssh known hosts file based on specified parameters. | +| [`show system connectivity authorized-keys`](#show-system-connectivity-authorized-keys) | Display ssh authorized keys for inter-node communication. | +| [`show system connectivity host-keys`](#show-system-connectivity-host-keys) | Displays the public keys used by the router for inter-node communication. | +| [`show system connectivity key-checking-mode`](#show-system-connectivity-key-checking-mode) | Shows the StrictHostKeyCheckingMode of various router services. | ## `show system processes` @@ -10636,6 +11265,52 @@ Wed 2020-04-15 20:41:18 UTC Completed in 0.11 seconds ``` +## `show system software` + +Display information about system software status related to download, upgrade, current health, and other information. + +#### Usage + +``` +show system software [available | download | health-check | revert | sources | upgrade] +``` +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| node | The target node to show SSR versions to download. | +| router | The target router to show SSR versions available for download (default: <current router>). | + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [available](#show-system-software-available) | Display new versions of the SSR that can be installed. | +| [download](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | +| [health-check](#show-system-software-health-check) | Show available health checks of an SSR. | +| [revert](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [sources](#show-system-software-sources) | Display information about software sources. | +| [upgrade](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | +| [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | +| [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | +| [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | +| [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | +| [`show system version`](#show-system-version) | Show system version information. | + + ## `show system software available` Display new versions of the SSR that can be installed. @@ -10643,9 +11318,17 @@ Display new versions of the SSR that can be installed. #### Usage ``` -show system software available [] +show system software available [skip-version-check] [router ] [node ] [] ``` +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| node | The target node to show SSR versions to download. | +| router | The target router to show SSR versions available for download (default: <current router>). | +| skip-version-check | Skip the version check to show available SSR software at a lower version than what is currently installed. | + ##### Positional Arguments | name | description | @@ -10658,10 +11341,15 @@ show system software available [] | ------- | ----------- | | [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | | [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | | [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | -| [`set system software image`](#set-system-software-image) | Set the boot image. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | | [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | -| [`show system software upgrade`](#show-system-software-upgrade) | Follow an in-progress upgrade. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | | [`show system version`](#show-system-version) | Show system version information. | ## `show system software download` @@ -10671,14 +11359,139 @@ Display in-progress and completed downloads of new SSR versions. #### Usage ``` -show system software download [version ] +show system software download [{router | resource-group }] [version ] [skip-version-check] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers. | +| node | The target node to show downloaded SSR versions. | +| resource-group | The name of the resource group | +| router | The target router to show downloaded SSR versions (default: <current router>). | +| skip-version-check | Skip the version check to allow showing downloaded SSR software at a lower version than what is currently installed. | +| version | Display state about only a single version. | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | +| [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | +| [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | +| [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | +| [`show system version`](#show-system-version) | Show system version information. | + +## `show system software health-check` + +Show available health checks of an SSR. + +#### Usage + +``` +show system software health-check [{router | resource-group }] [force] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers. | +| node | The node on which to show available health-checks. | +| resource-group | The name of the resource group. | +| router | The router on which to show available health-checks (default: <current router>). | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary (default: summary) | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | +| [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | +| [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | +| [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | +| [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | +| [`show system version`](#show-system-version) | Show system version information. | + +## `show system software revert` + +Display in-progress and reversions to previous SSR versions. + +#### Usage + +``` +show system software revert [{router | resource-group }] [force] [node ] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers. | +| node | The target node to show an in-progress reversion. | +| resource-group | The name of the resource group | +| router | The target router to show an in-progress reversion (default: <current router>). | + +##### See Also + +| command | description | +| ------- | ----------- | +| [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | +| [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | +| [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | +| [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | +| [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | +| [`show system version`](#show-system-version) | Show system version information. | + +## `show system software sources` + +Display information about software sources. + +#### Usage + +``` +show system software sources [include-disabled] [router ] [node ] [] [] ``` ##### Keyword Arguments | name | description | | ---- | ----------- | -| version | Display state about only a single version | +| include-disabled | Include disabled sources in the output. | +| node | The target node to show software sources. | +| router | The target router to show software sources. (default: <current router>) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| type | The software source type (default: all) | +| verbosity | detail \| summary (default: summary) | ##### See Also @@ -10686,32 +11499,51 @@ show system software download [version ] | ------- | ----------- | | [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | | [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | | [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | -| [`set system software image`](#set-system-software-image) | Set the boot image. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | | [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | -| [`show system software upgrade`](#show-system-software-upgrade) | Follow an in-progress upgrade. | +| [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | | [`show system version`](#show-system-version) | Show system version information. | ## `show system software upgrade` -Follow an in-progress upgrade. +Display in-progress and completed upgrades to higher SSR versions. #### Usage ``` -show system software upgrade +show system software upgrade [{router | resource-group }] [force] [node ]` ``` +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers. | +| node | The target node to show an in-progress upgrade. | +| resource-group | The name of the resource group. | +| router | The target router to show an in-progress upgrade (default: <current router>). | + ##### See Also | command | description | | ------- | ----------- | | [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | | [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | | [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | -| [`set system software image`](#set-system-software-image) | Set the boot image. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | | [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | | [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | | [`show system version`](#show-system-version) | Show system version information. | ## `show system version` @@ -10728,10 +11560,10 @@ show system version [{router | resource-group }] [force | name | description | | ---- | ----------- | -| force | Skip confirmation prompt. Only required when targeting all routers | -| node | The node to show version information for | +| force | Skip confirmation prompt. Only required when targeting all routers. | +| node | The node to show version information. | | resource-group | The name of the resource group | -| router | The router to show version information for (default: <current router>) | +| router | The router to show version information (default: <current router>). | ##### Positional Arguments @@ -10745,11 +11577,16 @@ show system version [{router | resource-group }] [force | ------- | ----------- | | [`delete system software`](#delete-system-software) | Remove or cancel a previously started download. | | [`request system software download`](#request-system-software-download) | Download a new version of the SSR. | +| [`request system software health-check`](#request-system-software-health-check) | Perform a health check of an SSR. | +| [`request system software revert`](#request-system-software-revert) | Revert to a previous version of the SSR. | | [`request system software upgrade`](#request-system-software-upgrade) | Upgrade to a new version of the SSR. | -| [`set system software image`](#set-system-software-image) | Set the boot image. | +| [`set system software boot-volume`](#set-system-software-boot-volume) | Set the boot volume. | | [`show system software available`](#show-system-software-available) | Display new versions of the SSR that can be installed. | | [`show system software download`](#show-system-software-download) | Display in-progress and completed downloads of new SSR versions. | -| [`show system software upgrade`](#show-system-software-upgrade) | Follow an in-progress upgrade. | +| [`show system software health-check`](#show-system-software-health-check) | Show available health checks of an SSR. | +| [`show system software revert`](#show-system-software-revert) | Display in-progress and reversions to previous SSR versions. | +| [`show system software sources`](#show-system-software-sources) | Display information about software sources. | +| [`show system software upgrade`](#show-system-software-upgrade) | Display in-progress and completed upgrades to higher SSR versions. | #### Description @@ -10789,7 +11626,7 @@ show tenant members [rows ] [force] [node ] {router | resou | name | description | | ---- | ----------- | -| force | Skip confirmation prompt. Only required when targeting all routers | +| force | Skip confirmation prompt. Only required when targeting all routers. | | node | The node from which to retrieve tenant members | | resource-group | The name of the resource group | | router | The router from which to retrieve tenant members | @@ -11146,6 +11983,10 @@ sync peer addresses [{router | resource-group }] [force This command will force a network element (or group of network elements) to synchronize any dynamically-learned IP addresses to its conductor. (The conductor will redistribute these dynamic addresses to other members of the Authority as necessary.) +:::note +This command can only be run on a Conductor, or a Router that is managed by a Conductor. +::: + #### Example ``` diff --git a/docs/cli_stats_reference.md b/docs/cli_stats_reference.md old mode 100644 new mode 100755 index 23b9948360..afbaa3de60 --- a/docs/cli_stats_reference.md +++ b/docs/cli_stats_reference.md @@ -189,7 +189,7 @@ show stats aggregate-session [since ] [force] [router ] [] [force] [router ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -7947,7 +7947,7 @@ show stats aggregate-session by-node bandwidth [since ] [force] [router < | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -7972,7 +7972,7 @@ show stats aggregate-session by-node bandwidth-other-protocol [since ] [f | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -7997,7 +7997,7 @@ show stats aggregate-session by-node bandwidth-received [since ] [force] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8022,7 +8022,7 @@ show stats aggregate-session by-node bandwidth-received-forward [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8032,7 +8032,7 @@ show stats aggregate-session by-node bandwidth-received-forward [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bandwidth-received-other-protocol` @@ -8051,7 +8051,7 @@ show stats aggregate-session by-node bandwidth-received-other-protocol [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8144,7 +8144,7 @@ show stats aggregate-session by-node bandwidth-received-reverse [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bandwidth-received-tcp` @@ -8163,7 +8163,7 @@ show stats aggregate-session by-node bandwidth-received-tcp [since ] [for | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8188,7 +8188,7 @@ show stats aggregate-session by-node bandwidth-received-tcp-forward [since ] [for | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8271,7 +8271,7 @@ show stats aggregate-session by-node bandwidth-received-udp-forward [since ] [force] [rout | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8354,7 +8354,7 @@ show stats aggregate-session by-node bandwidth-transmitted [since ] [forc | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8379,7 +8379,7 @@ show stats aggregate-session by-node bandwidth-transmitted-forward [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8545,7 +8545,7 @@ show stats aggregate-session by-node bandwidth-transmitted-tcp-forward [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8628,7 +8628,7 @@ show stats aggregate-session by-node bandwidth-transmitted-udp-forward [since ] [force] [rout | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8711,7 +8711,7 @@ show stats aggregate-session by-node bytes [since ] [force] [router ] [force] [router ] [forc | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8750,7 +8750,7 @@ show stats aggregate-session by-node bytes-dropped-forward [since ] [forc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-dropped-other-protocol-forward` @@ -8769,7 +8769,7 @@ show stats aggregate-session by-node bytes-dropped-other-protocol-forward [since | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8779,7 +8779,7 @@ show stats aggregate-session by-node bytes-dropped-other-protocol-forward [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-dropped-other-protocol-reverse` @@ -8798,7 +8798,7 @@ show stats aggregate-session by-node bytes-dropped-other-protocol-reverse [since | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8808,7 +8808,7 @@ show stats aggregate-session by-node bytes-dropped-other-protocol-reverse [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-dropped-reverse` @@ -8827,7 +8827,7 @@ show stats aggregate-session by-node bytes-dropped-reverse [since ] [forc | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8837,7 +8837,7 @@ show stats aggregate-session by-node bytes-dropped-reverse [since ] [forc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-dropped-tcp-forward` @@ -8856,7 +8856,7 @@ show stats aggregate-session by-node bytes-dropped-tcp-forward [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8866,7 +8866,7 @@ show stats aggregate-session by-node bytes-dropped-tcp-forward [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-dropped-tcp-reverse` @@ -8885,7 +8885,7 @@ show stats aggregate-session by-node bytes-dropped-tcp-reverse [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8895,7 +8895,7 @@ show stats aggregate-session by-node bytes-dropped-tcp-reverse [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-dropped-udp-forward` @@ -8914,7 +8914,7 @@ show stats aggregate-session by-node bytes-dropped-udp-forward [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8924,7 +8924,7 @@ show stats aggregate-session by-node bytes-dropped-udp-forward [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-dropped-udp-reverse` @@ -8943,7 +8943,7 @@ show stats aggregate-session by-node bytes-dropped-udp-reverse [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8953,7 +8953,7 @@ show stats aggregate-session by-node bytes-dropped-udp-reverse [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-other-protocol` @@ -8972,7 +8972,7 @@ show stats aggregate-session by-node bytes-other-protocol [since ] [force | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -8982,7 +8982,7 @@ show stats aggregate-session by-node bytes-other-protocol [since ] [force #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-received` @@ -9001,7 +9001,7 @@ show stats aggregate-session by-node bytes-received [since ] [force] [rou | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9011,7 +9011,7 @@ show stats aggregate-session by-node bytes-received [since ] [force] [rou #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-received-forward` @@ -9030,7 +9030,7 @@ show stats aggregate-session by-node bytes-received-forward [since ] [for | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9040,7 +9040,7 @@ show stats aggregate-session by-node bytes-received-forward [since ] [for #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-received-other-protocol` @@ -9059,7 +9059,7 @@ show stats aggregate-session by-node bytes-received-other-protocol [since ] [for | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9156,7 +9156,7 @@ show stats aggregate-session by-node bytes-received-reverse [since ] [for #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-received-tcp` @@ -9175,7 +9175,7 @@ show stats aggregate-session by-node bytes-received-tcp [since ] [force] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9185,7 +9185,7 @@ show stats aggregate-session by-node bytes-received-tcp [since ] [force] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-received-tcp-forward` @@ -9204,7 +9204,7 @@ show stats aggregate-session by-node bytes-received-tcp-forward [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9214,7 +9214,7 @@ show stats aggregate-session by-node bytes-received-tcp-forward [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-received-tcp-reverse` @@ -9233,7 +9233,7 @@ show stats aggregate-session by-node bytes-received-tcp-reverse [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9243,7 +9243,7 @@ show stats aggregate-session by-node bytes-received-tcp-reverse [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-received-udp` @@ -9262,7 +9262,7 @@ show stats aggregate-session by-node bytes-received-udp [since ] [force] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9272,7 +9272,7 @@ show stats aggregate-session by-node bytes-received-udp [since ] [force] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-received-udp-forward` @@ -9291,7 +9291,7 @@ show stats aggregate-session by-node bytes-received-udp-forward [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9301,7 +9301,7 @@ show stats aggregate-session by-node bytes-received-udp-forward [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-received-udp-reverse` @@ -9320,7 +9320,7 @@ show stats aggregate-session by-node bytes-received-udp-reverse [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9330,7 +9330,7 @@ show stats aggregate-session by-node bytes-received-udp-reverse [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-tcp` @@ -9349,7 +9349,7 @@ show stats aggregate-session by-node bytes-tcp [since ] [force] [router < | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9359,7 +9359,7 @@ show stats aggregate-session by-node bytes-tcp [since ] [force] [router < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-transmitted` @@ -9378,7 +9378,7 @@ show stats aggregate-session by-node bytes-transmitted [since ] [force] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9388,7 +9388,7 @@ show stats aggregate-session by-node bytes-transmitted [since ] [force] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-transmitted-forward` @@ -9407,7 +9407,7 @@ show stats aggregate-session by-node bytes-transmitted-forward [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9417,7 +9417,7 @@ show stats aggregate-session by-node bytes-transmitted-forward [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-transmitted-other-protocol` @@ -9436,7 +9436,7 @@ show stats aggregate-session by-node bytes-transmitted-other-protocol [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9533,7 +9533,7 @@ show stats aggregate-session by-node bytes-transmitted-reverse [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-transmitted-tcp` @@ -9552,7 +9552,7 @@ show stats aggregate-session by-node bytes-transmitted-tcp [since ] [forc | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9562,7 +9562,7 @@ show stats aggregate-session by-node bytes-transmitted-tcp [since ] [forc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-transmitted-tcp-forward` @@ -9581,7 +9581,7 @@ show stats aggregate-session by-node bytes-transmitted-tcp-forward [since ] [forc | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9649,7 +9649,7 @@ show stats aggregate-session by-node bytes-transmitted-udp [since ] [forc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node bytes-transmitted-udp-forward` @@ -9668,7 +9668,7 @@ show stats aggregate-session by-node bytes-transmitted-udp-forward [since ] [force] [router < | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9736,7 +9736,7 @@ show stats aggregate-session by-node bytes-udp [since ] [force] [router < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node gross-entitlement` @@ -9755,7 +9755,7 @@ show stats aggregate-session by-node gross-entitlement [since ] [force] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9780,7 +9780,7 @@ show stats aggregate-session by-node packets [since ] [force] [router ] [fo | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9815,7 +9815,7 @@ show stats aggregate-session by-node packets-dropped-forward [since ] [fo #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-dropped-other-protocol-forward` @@ -9834,7 +9834,7 @@ show stats aggregate-session by-node packets-dropped-other-protocol-forward [sin | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9844,7 +9844,7 @@ show stats aggregate-session by-node packets-dropped-other-protocol-forward [sin #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-dropped-other-protocol-reverse` @@ -9863,7 +9863,7 @@ show stats aggregate-session by-node packets-dropped-other-protocol-reverse [sin | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9873,7 +9873,7 @@ show stats aggregate-session by-node packets-dropped-other-protocol-reverse [sin #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-dropped-reverse` @@ -9892,7 +9892,7 @@ show stats aggregate-session by-node packets-dropped-reverse [since ] [fo | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9902,7 +9902,7 @@ show stats aggregate-session by-node packets-dropped-reverse [since ] [fo #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-dropped-tcp-forward` @@ -9921,7 +9921,7 @@ show stats aggregate-session by-node packets-dropped-tcp-forward [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9931,7 +9931,7 @@ show stats aggregate-session by-node packets-dropped-tcp-forward [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-dropped-tcp-reverse` @@ -9950,7 +9950,7 @@ show stats aggregate-session by-node packets-dropped-tcp-reverse [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9960,7 +9960,7 @@ show stats aggregate-session by-node packets-dropped-tcp-reverse [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-dropped-udp-forward` @@ -9979,7 +9979,7 @@ show stats aggregate-session by-node packets-dropped-udp-forward [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -9989,7 +9989,7 @@ show stats aggregate-session by-node packets-dropped-udp-forward [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-dropped-udp-reverse` @@ -10008,7 +10008,7 @@ show stats aggregate-session by-node packets-dropped-udp-reverse [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10018,7 +10018,7 @@ show stats aggregate-session by-node packets-dropped-udp-reverse [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-other-protocol` @@ -10037,7 +10037,7 @@ show stats aggregate-session by-node packets-other-protocol [since ] [for | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10062,7 +10062,7 @@ show stats aggregate-session by-node packets-received [since ] [force] [r | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10087,7 +10087,7 @@ show stats aggregate-session by-node packets-received-forward [since ] [f | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10097,7 +10097,7 @@ show stats aggregate-session by-node packets-received-forward [since ] [f #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-received-other-protocol` @@ -10116,7 +10116,7 @@ show stats aggregate-session by-node packets-received-other-protocol [since ] [f | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10209,7 +10209,7 @@ show stats aggregate-session by-node packets-received-reverse [since ] [f #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-received-tcp` @@ -10228,7 +10228,7 @@ show stats aggregate-session by-node packets-received-tcp [since ] [force | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10253,7 +10253,7 @@ show stats aggregate-session by-node packets-received-tcp-forward [since | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10263,7 +10263,7 @@ show stats aggregate-session by-node packets-received-tcp-forward [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-received-tcp-reverse` @@ -10282,7 +10282,7 @@ show stats aggregate-session by-node packets-received-tcp-reverse [since | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10292,7 +10292,7 @@ show stats aggregate-session by-node packets-received-tcp-reverse [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-received-udp` @@ -10311,7 +10311,7 @@ show stats aggregate-session by-node packets-received-udp [since ] [force | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10336,7 +10336,7 @@ show stats aggregate-session by-node packets-received-udp-forward [since | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10346,7 +10346,7 @@ show stats aggregate-session by-node packets-received-udp-forward [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-received-udp-reverse` @@ -10365,7 +10365,7 @@ show stats aggregate-session by-node packets-received-udp-reverse [since | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10375,7 +10375,7 @@ show stats aggregate-session by-node packets-received-udp-reverse [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-tcp` @@ -10394,7 +10394,7 @@ show stats aggregate-session by-node packets-tcp [since ] [force] [router | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10419,7 +10419,7 @@ show stats aggregate-session by-node packets-transmitted [since ] [force] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10444,7 +10444,7 @@ show stats aggregate-session by-node packets-transmitted-forward [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10454,7 +10454,7 @@ show stats aggregate-session by-node packets-transmitted-forward [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-transmitted-other-protocol` @@ -10473,7 +10473,7 @@ show stats aggregate-session by-node packets-transmitted-other-protocol [since < | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10498,7 +10498,7 @@ show stats aggregate-session by-node packets-transmitted-other-protocol-forward | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10508,7 +10508,7 @@ show stats aggregate-session by-node packets-transmitted-other-protocol-forward #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-transmitted-other-protocol-reverse` @@ -10527,7 +10527,7 @@ show stats aggregate-session by-node packets-transmitted-other-protocol-reverse | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10537,7 +10537,7 @@ show stats aggregate-session by-node packets-transmitted-other-protocol-reverse #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-transmitted-reverse` @@ -10556,7 +10556,7 @@ show stats aggregate-session by-node packets-transmitted-reverse [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10566,7 +10566,7 @@ show stats aggregate-session by-node packets-transmitted-reverse [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node packets-transmitted-tcp` @@ -10585,7 +10585,7 @@ show stats aggregate-session by-node packets-transmitted-tcp [since ] [fo | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10610,7 +10610,7 @@ show stats aggregate-session by-node packets-transmitted-tcp-forward [since ] [fo | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10693,7 +10693,7 @@ show stats aggregate-session by-node packets-transmitted-udp-forward [since ] [force] [router | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10776,7 +10776,7 @@ show stats aggregate-session by-node session-arrival-rate [since ] [force | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10801,7 +10801,7 @@ show stats aggregate-session by-node session-count [since ] [force] [rout | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10826,7 +10826,7 @@ show stats aggregate-session by-node session-departure-rate [since ] [for | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10851,7 +10851,7 @@ show stats aggregate-session by-node tcp-bad-flag-combinations [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10861,7 +10861,7 @@ show stats aggregate-session by-node tcp-bad-flag-combinations [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-bad-flag-combinations-forward` @@ -10880,7 +10880,7 @@ show stats aggregate-session by-node tcp-bad-flag-combinations-forward [since ] [force] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10948,7 +10948,7 @@ show stats aggregate-session by-node tcp-duplicate-acks [since ] [force] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-duplicate-acks-forward` @@ -10967,7 +10967,7 @@ show stats aggregate-session by-node tcp-duplicate-acks-forward [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -10977,7 +10977,7 @@ show stats aggregate-session by-node tcp-duplicate-acks-forward [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-duplicate-acks-reverse` @@ -10996,7 +10996,7 @@ show stats aggregate-session by-node tcp-duplicate-acks-reverse [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11006,7 +11006,7 @@ show stats aggregate-session by-node tcp-duplicate-acks-reverse [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-invalid-state-transitions` @@ -11025,7 +11025,7 @@ show stats aggregate-session by-node tcp-invalid-state-transitions [since ] [force] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11122,7 +11122,7 @@ show stats aggregate-session by-node tcp-out-of-window [since ] [force] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-out-of-window-forward` @@ -11141,7 +11141,7 @@ show stats aggregate-session by-node tcp-out-of-window-forward [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11151,7 +11151,7 @@ show stats aggregate-session by-node tcp-out-of-window-forward [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-out-of-window-reverse` @@ -11170,7 +11170,7 @@ show stats aggregate-session by-node tcp-out-of-window-reverse [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11180,7 +11180,7 @@ show stats aggregate-session by-node tcp-out-of-window-reverse [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-resets` @@ -11199,7 +11199,7 @@ show stats aggregate-session by-node tcp-resets [since ] [force] [router | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11209,7 +11209,7 @@ show stats aggregate-session by-node tcp-resets [since ] [force] [router #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-resets-received` @@ -11228,7 +11228,7 @@ show stats aggregate-session by-node tcp-resets-received [since ] [force] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11238,7 +11238,7 @@ show stats aggregate-session by-node tcp-resets-received [since ] [force] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-resets-received-forward` @@ -11257,7 +11257,7 @@ show stats aggregate-session by-node tcp-resets-received-forward [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11267,7 +11267,7 @@ show stats aggregate-session by-node tcp-resets-received-forward [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-resets-received-reverse` @@ -11286,7 +11286,7 @@ show stats aggregate-session by-node tcp-resets-received-reverse [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11296,7 +11296,7 @@ show stats aggregate-session by-node tcp-resets-received-reverse [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-resets-transmitted` @@ -11315,7 +11315,7 @@ show stats aggregate-session by-node tcp-resets-transmitted [since ] [for | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11325,7 +11325,7 @@ show stats aggregate-session by-node tcp-resets-transmitted [since ] [for #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-resets-transmitted-forward` @@ -11344,7 +11344,7 @@ show stats aggregate-session by-node tcp-resets-transmitted-forward [since ] [force] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11427,7 +11427,7 @@ show stats aggregate-session by-node tcp-retransmissions-received [since | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11452,7 +11452,7 @@ show stats aggregate-session by-node tcp-retransmissions-received-forward [since | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11462,7 +11462,7 @@ show stats aggregate-session by-node tcp-retransmissions-received-forward [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-retransmissions-received-reverse` @@ -11481,7 +11481,7 @@ show stats aggregate-session by-node tcp-retransmissions-received-reverse [since | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11491,7 +11491,7 @@ show stats aggregate-session by-node tcp-retransmissions-received-reverse [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-node tcp-retransmissions-transmitted` @@ -11510,7 +11510,7 @@ show stats aggregate-session by-node tcp-retransmissions-transmitted [since ] [since ] [for | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11752,7 +11752,7 @@ show stats aggregate-session by-service bandwidth [service ] [since ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -11829,7 +11829,7 @@ show stats aggregate-session by-service bandwidth-received-forward [service ] [since | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12169,7 +12169,7 @@ show stats aggregate-session by-service bandwidth-transmitted [service | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12195,7 +12195,7 @@ show stats aggregate-session by-service bandwidth-transmitted-forward [service < | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12205,7 +12205,7 @@ show stats aggregate-session by-service bandwidth-transmitted-forward [service < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bandwidth-transmitted-other-protocol` @@ -12225,7 +12225,7 @@ show stats aggregate-session by-service bandwidth-transmitted-other-protocol [se | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12251,7 +12251,7 @@ show stats aggregate-session by-service bandwidth-transmitted-other-protocol-for | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12261,7 +12261,7 @@ show stats aggregate-session by-service bandwidth-transmitted-other-protocol-for #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bandwidth-transmitted-other-protocol-reverse` @@ -12281,7 +12281,7 @@ show stats aggregate-session by-service bandwidth-transmitted-other-protocol-rev | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12291,7 +12291,7 @@ show stats aggregate-session by-service bandwidth-transmitted-other-protocol-rev #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bandwidth-transmitted-reverse` @@ -12311,7 +12311,7 @@ show stats aggregate-session by-service bandwidth-transmitted-reverse [service < | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12321,7 +12321,7 @@ show stats aggregate-session by-service bandwidth-transmitted-reverse [service < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bandwidth-transmitted-tcp` @@ -12340,7 +12340,7 @@ show stats aggregate-session by-service bandwidth-transmitted-tcp [service ] [since | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12535,7 +12535,7 @@ show stats aggregate-session by-service bytes [service ] [since | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12545,7 +12545,7 @@ show stats aggregate-session by-service bytes [service ] [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-dropped-forward` @@ -12565,7 +12565,7 @@ show stats aggregate-session by-service bytes-dropped-forward [service | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12575,7 +12575,7 @@ show stats aggregate-session by-service bytes-dropped-forward [service #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-dropped-other-protocol-forward` @@ -12595,7 +12595,7 @@ show stats aggregate-session by-service bytes-dropped-other-protocol-forward [se | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12605,7 +12605,7 @@ show stats aggregate-session by-service bytes-dropped-other-protocol-forward [se #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-dropped-other-protocol-reverse` @@ -12625,7 +12625,7 @@ show stats aggregate-session by-service bytes-dropped-other-protocol-reverse [se | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12635,7 +12635,7 @@ show stats aggregate-session by-service bytes-dropped-other-protocol-reverse [se #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-dropped-reverse` @@ -12655,7 +12655,7 @@ show stats aggregate-session by-service bytes-dropped-reverse [service | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned.| +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12665,7 +12665,7 @@ show stats aggregate-session by-service bytes-dropped-reverse [service #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-dropped-tcp-forward` @@ -12685,7 +12685,7 @@ show stats aggregate-session by-service bytes-dropped-tcp-forward [service ] | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12815,7 +12815,7 @@ show stats aggregate-session by-service bytes-other-protocol [service ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-received` @@ -12834,7 +12834,7 @@ show stats aggregate-session by-service bytes-received [service ] [sinc | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -12844,7 +12844,7 @@ show stats aggregate-session by-service bytes-received [service ] [sinc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-received-forward` @@ -12864,7 +12864,7 @@ show stats aggregate-session by-service bytes-received-forward [service ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -13023,7 +13023,7 @@ show stats aggregate-session by-service bytes-received-tcp [service ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-received-tcp-forward` @@ -13043,7 +13043,7 @@ show stats aggregate-session by-service bytes-received-tcp-forward [service ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -13112,7 +13112,7 @@ show stats aggregate-session by-service bytes-received-udp [service ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-received-udp-forward` @@ -13132,7 +13132,7 @@ show stats aggregate-session by-service bytes-received-udp-forward [service ] [since ] [since ] [s | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -13230,7 +13230,7 @@ show stats aggregate-session by-service bytes-transmitted [service ] [s #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-transmitted-forward` @@ -13250,7 +13250,7 @@ show stats aggregate-session by-service bytes-transmitted-forward [service | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -13409,7 +13409,7 @@ show stats aggregate-session by-service bytes-transmitted-tcp [service #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-transmitted-tcp-forward` @@ -13429,7 +13429,7 @@ show stats aggregate-session by-service bytes-transmitted-tcp-forward [service < | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -13439,7 +13439,7 @@ show stats aggregate-session by-service bytes-transmitted-tcp-forward [service < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-transmitted-tcp-reverse` @@ -13459,7 +13459,7 @@ show stats aggregate-session by-service bytes-transmitted-tcp-reverse [service < | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -13469,7 +13469,7 @@ show stats aggregate-session by-service bytes-transmitted-tcp-reverse [service < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-transmitted-udp` @@ -13488,7 +13488,7 @@ show stats aggregate-session by-service bytes-transmitted-udp [service | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -13498,7 +13498,7 @@ show stats aggregate-session by-service bytes-transmitted-udp [service #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-transmitted-udp-forward` @@ -13518,7 +13518,7 @@ show stats aggregate-session by-service bytes-transmitted-udp-forward [service < | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -13528,7 +13528,7 @@ show stats aggregate-session by-service bytes-transmitted-udp-forward [service < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-transmitted-udp-reverse` @@ -13548,7 +13548,7 @@ show stats aggregate-session by-service bytes-transmitted-udp-reverse [service < | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -13558,7 +13558,7 @@ show stats aggregate-session by-service bytes-transmitted-udp-reverse [service < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service bytes-udp` @@ -13577,7 +13577,7 @@ show stats aggregate-session by-service bytes-udp [service ] [since ] [since ] [since ] [si | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -13923,7 +13923,7 @@ show stats aggregate-session by-service packets-received-forward [service ] | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -14094,7 +14094,7 @@ show stats aggregate-session by-service packets-received-tcp-forward [service ] | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -14179,7 +14179,7 @@ show stats aggregate-session by-service packets-received-udp-forward [service ] [since < | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -14263,7 +14263,7 @@ show stats aggregate-session by-service packets-transmitted [service ] | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -14289,7 +14289,7 @@ show stats aggregate-session by-service packets-transmitted-forward [service ] [since < | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -14629,7 +14629,7 @@ show stats aggregate-session by-service session-arrival-rate [service ] | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -14654,7 +14654,7 @@ show stats aggregate-session by-service session-count [service ] [since | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -14679,7 +14679,7 @@ show stats aggregate-session by-service session-departure-rate [service ] [ | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -14805,7 +14805,7 @@ show stats aggregate-session by-service tcp-duplicate-acks [service ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service tcp-duplicate-acks-forward` @@ -14825,7 +14825,7 @@ show stats aggregate-session by-service tcp-duplicate-acks-forward [service ] [s | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -14985,7 +14985,7 @@ show stats aggregate-session by-service tcp-out-of-window [service ] [s #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service tcp-out-of-window-forward` @@ -15005,7 +15005,7 @@ show stats aggregate-session by-service tcp-out-of-window-forward [service ] [since ] [since ] | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -15103,7 +15103,7 @@ show stats aggregate-session by-service tcp-resets-received [service ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-service tcp-resets-received-forward` @@ -15123,7 +15123,7 @@ show stats aggregate-session by-service tcp-resets-received-forward [service ] | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service | The name of the service generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -15296,7 +15296,7 @@ show stats aggregate-session by-service tcp-retransmissions-received [service ] [s | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service-class | The name of the service class generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -15625,7 +15625,7 @@ show stats aggregate-session by-service-class bandwidth [service-class ] [s | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service-group | The name of the service group generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -19497,7 +19498,7 @@ show stats aggregate-session by-service-group bandwidth [service-group ] [s | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | | service-route | The name of the service route generating this metric (comma-separated list) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | ##### Positional Arguments @@ -23370,7 +23371,7 @@ show stats aggregate-session by-service-route bandwidth [service-route ] [since ] [force] | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -27242,7 +27243,7 @@ show stats aggregate-session by-tenant bandwidth [tenant ] [since | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -27293,7 +27294,7 @@ show stats aggregate-session by-tenant bandwidth-received [tenant ] [sin | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -27319,7 +27320,7 @@ show stats aggregate-session by-tenant bandwidth-received-forward [tenant ] | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -27490,7 +27491,7 @@ show stats aggregate-session by-tenant bandwidth-received-tcp-forward [tenant ] | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -27575,7 +27576,7 @@ show stats aggregate-session by-tenant bandwidth-received-udp-forward [tenant ] [since ] [ | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -27685,7 +27686,7 @@ show stats aggregate-session by-tenant bandwidth-transmitted-forward [tenant ] [since ] [since ] [ | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28036,7 +28037,7 @@ show stats aggregate-session by-tenant bytes [tenant ] [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-dropped-forward` @@ -28055,7 +28056,7 @@ show stats aggregate-session by-tenant bytes-dropped-forward [tenant ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28066,7 +28067,7 @@ show stats aggregate-session by-tenant bytes-dropped-forward [tenant ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-dropped-other-protocol-forward` @@ -28085,7 +28086,7 @@ show stats aggregate-session by-tenant bytes-dropped-other-protocol-forward [ten | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28096,7 +28097,7 @@ show stats aggregate-session by-tenant bytes-dropped-other-protocol-forward [ten #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-dropped-other-protocol-reverse` @@ -28115,7 +28116,7 @@ show stats aggregate-session by-tenant bytes-dropped-other-protocol-reverse [ten | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28126,7 +28127,7 @@ show stats aggregate-session by-tenant bytes-dropped-other-protocol-reverse [ten #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-dropped-reverse` @@ -28145,7 +28146,7 @@ show stats aggregate-session by-tenant bytes-dropped-reverse [tenant ] [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28156,7 +28157,7 @@ show stats aggregate-session by-tenant bytes-dropped-reverse [tenant ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-dropped-tcp-forward` @@ -28175,7 +28176,7 @@ show stats aggregate-session by-tenant bytes-dropped-tcp-forward [tenant ] [s | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28306,7 +28307,7 @@ show stats aggregate-session by-tenant bytes-other-protocol [tenant ] [s #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-received` @@ -28324,7 +28325,7 @@ show stats aggregate-session by-tenant bytes-received [tenant ] [since < | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28335,7 +28336,7 @@ show stats aggregate-session by-tenant bytes-received [tenant ] [since < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-received-forward` @@ -28354,7 +28355,7 @@ show stats aggregate-session by-tenant bytes-received-forward [tenant ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28365,7 +28366,7 @@ show stats aggregate-session by-tenant bytes-received-forward [tenant ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-received-other-protocol` @@ -28384,7 +28385,7 @@ show stats aggregate-session by-tenant bytes-received-other-protocol [tenant ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28485,7 +28486,7 @@ show stats aggregate-session by-tenant bytes-received-reverse [tenant ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-received-tcp` @@ -28503,7 +28504,7 @@ show stats aggregate-session by-tenant bytes-received-tcp [tenant ] [sin | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28514,7 +28515,7 @@ show stats aggregate-session by-tenant bytes-received-tcp [tenant ] [sin #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-received-tcp-forward` @@ -28533,7 +28534,7 @@ show stats aggregate-session by-tenant bytes-received-tcp-forward [tenant ] [sin | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28603,7 +28604,7 @@ show stats aggregate-session by-tenant bytes-received-udp [tenant ] [sin #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-received-udp-forward` @@ -28622,7 +28623,7 @@ show stats aggregate-session by-tenant bytes-received-udp-forward [tenant ] [since ] [since ] [sinc | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28721,7 +28722,7 @@ show stats aggregate-session by-tenant bytes-transmitted [tenant ] [sinc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-transmitted-forward` @@ -28740,7 +28741,7 @@ show stats aggregate-session by-tenant bytes-transmitted-forward [tenant ] [ | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28900,7 +28901,7 @@ show stats aggregate-session by-tenant bytes-transmitted-tcp [tenant ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-transmitted-tcp-forward` @@ -28919,7 +28920,7 @@ show stats aggregate-session by-tenant bytes-transmitted-tcp-forward [tenant ] [ | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -28989,7 +28990,7 @@ show stats aggregate-session by-tenant bytes-transmitted-udp [tenant ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant bytes-transmitted-udp-forward` @@ -29008,7 +29009,7 @@ show stats aggregate-session by-tenant bytes-transmitted-udp-forward [tenant ] [since ] [since ] [since ] | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29122,7 +29123,7 @@ show stats aggregate-session by-tenant packets-dropped-forward [tenant ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29133,7 +29134,7 @@ show stats aggregate-session by-tenant packets-dropped-forward [tenant ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-dropped-other-protocol-forward` @@ -29152,7 +29153,7 @@ show stats aggregate-session by-tenant packets-dropped-other-protocol-forward [t | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29163,7 +29164,7 @@ show stats aggregate-session by-tenant packets-dropped-other-protocol-forward [t #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-dropped-other-protocol-reverse` @@ -29182,7 +29183,7 @@ show stats aggregate-session by-tenant packets-dropped-other-protocol-reverse [t | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29193,7 +29194,7 @@ show stats aggregate-session by-tenant packets-dropped-other-protocol-reverse [t #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-dropped-reverse` @@ -29212,7 +29213,7 @@ show stats aggregate-session by-tenant packets-dropped-reverse [tenant ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29223,7 +29224,7 @@ show stats aggregate-session by-tenant packets-dropped-reverse [tenant ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-dropped-tcp-forward` @@ -29242,7 +29243,7 @@ show stats aggregate-session by-tenant packets-dropped-tcp-forward [tenant ] | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29387,7 +29388,7 @@ show stats aggregate-session by-tenant packets-received [tenant ] [since | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29413,7 +29414,7 @@ show stats aggregate-session by-tenant packets-received-forward [tenant | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29424,7 +29425,7 @@ show stats aggregate-session by-tenant packets-received-forward [tenant #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-received-other-protocol` @@ -29443,7 +29444,7 @@ show stats aggregate-session by-tenant packets-received-other-protocol [tenant < | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29469,7 +29470,7 @@ show stats aggregate-session by-tenant packets-received-other-protocol-forward [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29480,7 +29481,7 @@ show stats aggregate-session by-tenant packets-received-other-protocol-forward [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-received-other-protocol-reverse` @@ -29499,7 +29500,7 @@ show stats aggregate-session by-tenant packets-received-other-protocol-reverse [ | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29510,7 +29511,7 @@ show stats aggregate-session by-tenant packets-received-other-protocol-reverse [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-received-reverse` @@ -29529,7 +29530,7 @@ show stats aggregate-session by-tenant packets-received-reverse [tenant | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29540,7 +29541,7 @@ show stats aggregate-session by-tenant packets-received-reverse [tenant #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-received-tcp` @@ -29558,7 +29559,7 @@ show stats aggregate-session by-tenant packets-received-tcp [tenant ] [s | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29584,7 +29585,7 @@ show stats aggregate-session by-tenant packets-received-tcp-forward [tenant ] [s | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29669,7 +29670,7 @@ show stats aggregate-session by-tenant packets-received-udp-forward [tenant ] [since ] [si | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29779,7 +29780,7 @@ show stats aggregate-session by-tenant packets-transmitted-forward [tenant ] | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29950,7 +29951,7 @@ show stats aggregate-session by-tenant packets-transmitted-tcp-forward [tenant < | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29961,7 +29962,7 @@ show stats aggregate-session by-tenant packets-transmitted-tcp-forward [tenant < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-transmitted-tcp-reverse` @@ -29980,7 +29981,7 @@ show stats aggregate-session by-tenant packets-transmitted-tcp-reverse [tenant < | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -29991,7 +29992,7 @@ show stats aggregate-session by-tenant packets-transmitted-tcp-reverse [tenant < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-transmitted-udp` @@ -30009,7 +30010,7 @@ show stats aggregate-session by-tenant packets-transmitted-udp [tenant ] | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -30035,7 +30036,7 @@ show stats aggregate-session by-tenant packets-transmitted-udp-forward [tenant < | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -30046,7 +30047,7 @@ show stats aggregate-session by-tenant packets-transmitted-udp-forward [tenant < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-transmitted-udp-reverse` @@ -30065,7 +30066,7 @@ show stats aggregate-session by-tenant packets-transmitted-udp-reverse [tenant < | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -30076,7 +30077,7 @@ show stats aggregate-session by-tenant packets-transmitted-udp-reverse [tenant < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant packets-udp` @@ -30094,7 +30095,7 @@ show stats aggregate-session by-tenant packets-udp [tenant ] [since ] [s | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -30144,7 +30145,7 @@ show stats aggregate-session by-tenant session-count [tenant ] [since ] | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -30195,7 +30196,7 @@ show stats aggregate-session by-tenant tcp-bad-flag-combinations [tenant ] [sin | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -30296,7 +30297,7 @@ show stats aggregate-session by-tenant tcp-duplicate-acks [tenant ] [sin #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant tcp-duplicate-acks-forward` @@ -30315,7 +30316,7 @@ show stats aggregate-session by-tenant tcp-duplicate-acks-forward [tenant ] [sinc | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -30476,7 +30477,7 @@ show stats aggregate-session by-tenant tcp-out-of-window [tenant ] [sinc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant tcp-out-of-window-forward` @@ -30495,7 +30496,7 @@ show stats aggregate-session by-tenant tcp-out-of-window-forward [tenant ] [since ] [since ] [si | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -30594,7 +30595,7 @@ show stats aggregate-session by-tenant tcp-resets-received [tenant ] [si #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant tcp-resets-received-forward` @@ -30613,7 +30614,7 @@ show stats aggregate-session by-tenant tcp-resets-received-forward [tenant ] | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -30683,7 +30684,7 @@ show stats aggregate-session by-tenant tcp-resets-transmitted [tenant ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats aggregate-session by-tenant tcp-resets-transmitted-forward` @@ -30702,7 +30703,7 @@ show stats aggregate-session by-tenant tcp-resets-transmitted-forward [tenant ] [si | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | | router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp]. The since argument (command) is a general utility which performs a delta between the two values supplied by the arguments. The primary use is for cumulative metrics - ones that keep incrementing. aggregate-session are rate metrics which return a per 5 second view of the stat. Rate in the past could be higher then the current rate (or rate at the selected time) and a negative value may be returned. | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | | tenant | The name of the tenant generating this metric (comma-separated list) | ##### Positional Arguments @@ -30786,7 +30787,7 @@ show stats aggregate-session by-tenant tcp-retransmissions-received [tenant ] [force] [router #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id application-director cache miss` @@ -31135,7 +31136,7 @@ show stats app-id application-director cache miss [since ] [force] [route #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id application-director cache size` @@ -31176,7 +31177,7 @@ show stats app-id application-director cache size [since ] [force] [route #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id application-director lookup` @@ -31238,7 +31239,7 @@ show stats app-id application-director lookup failure [since ] [force] [r #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id application-director lookup miss` @@ -31267,7 +31268,7 @@ show stats app-id application-director lookup miss [since ] [force] [rout #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id application-director lookup success` @@ -31296,7 +31297,7 @@ show stats app-id application-director lookup success [since ] [force] [r #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications` @@ -31494,7 +31495,7 @@ show stats app-id applications acknowledgement-round-trip forward count [netintf #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications acknowledgement-round-trip forward max` @@ -31535,7 +31536,7 @@ show stats app-id applications acknowledgement-round-trip forward max [netintf < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications acknowledgement-round-trip forward min` @@ -31576,7 +31577,7 @@ show stats app-id applications acknowledgement-round-trip forward min [netintf < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications acknowledgement-round-trip forward total` @@ -31617,7 +31618,7 @@ show stats app-id applications acknowledgement-round-trip forward total [netintf #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications acknowledgement-round-trip reverse` @@ -31704,7 +31705,7 @@ show stats app-id applications acknowledgement-round-trip reverse count [netintf #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications acknowledgement-round-trip reverse max` @@ -31745,7 +31746,7 @@ show stats app-id applications acknowledgement-round-trip reverse max [netintf < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications acknowledgement-round-trip reverse min` @@ -31786,7 +31787,7 @@ show stats app-id applications acknowledgement-round-trip reverse min [netintf < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications acknowledgement-round-trip reverse total` @@ -31827,7 +31828,7 @@ show stats app-id applications acknowledgement-round-trip reverse total [netintf #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications bytes-received-reverse` @@ -31867,7 +31868,7 @@ show stats app-id applications bytes-received-reverse [netintf ] [appli #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications bytes-transmitted-forward` @@ -31907,7 +31908,7 @@ show stats app-id applications bytes-transmitted-forward [netintf ] [ap #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications capacity-limits` @@ -31980,7 +31981,7 @@ show stats app-id applications capacity-limits quad-zero-client-used [since ] [force] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications classify-source` @@ -32092,7 +32093,7 @@ show stats app-id applications classify-source domain-name [application-name ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications expiration next-hop timer-set-timestamp` @@ -32485,7 +32486,7 @@ show stats app-id applications expiration next-hop timer-set-timestamp [netintf #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications expiration timer-cleared` @@ -32520,7 +32521,7 @@ show stats app-id applications expiration timer-cleared [since ] [force] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications expiration timer-set` @@ -32555,7 +32556,7 @@ show stats app-id applications expiration timer-set [since ] [force] [rou #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications next-hops-added` @@ -32657,7 +32658,7 @@ show stats app-id applications packets-received-reverse [netintf ] [app #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications packets-transmitted-forward` @@ -32697,7 +32698,7 @@ show stats app-id applications packets-transmitted-forward [netintf ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications reclassified-from` @@ -32733,7 +32734,7 @@ show stats app-id applications reclassified-from [application-name ] [application #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications sessions close-before-establishment` @@ -32894,7 +32895,7 @@ show stats app-id applications sessions close-before-establishment [netintf ] [application #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications sessions length` @@ -33019,7 +33020,7 @@ show stats app-id applications sessions length count [netintf ] [protoc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications sessions length max` @@ -33060,7 +33061,7 @@ show stats app-id applications sessions length max [netintf ] [protocol #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications sessions length min` @@ -33101,7 +33102,7 @@ show stats app-id applications sessions length min [netintf ] [protocol #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications sessions length total` @@ -33142,7 +33143,7 @@ show stats app-id applications sessions length total [netintf ] [protoc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications sessions success` @@ -33182,7 +33183,7 @@ show stats app-id applications sessions success [netintf ] [application #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-bad-flag-combinations-forward` @@ -33222,7 +33223,7 @@ show stats app-id applications tcp-bad-flag-combinations-forward [netintf ] [a #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-duplicate-acks-reverse` @@ -33342,7 +33343,7 @@ show stats app-id applications tcp-duplicate-acks-reverse [netintf ] [a #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-invalid-state-transitions-forward` @@ -33382,7 +33383,7 @@ show stats app-id applications tcp-invalid-state-transitions-forward [netintf ] [ap #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-out-of-window-reverse` @@ -33502,7 +33503,7 @@ show stats app-id applications tcp-out-of-window-reverse [netintf ] [ap #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-resets-received-forward` @@ -33542,7 +33543,7 @@ show stats app-id applications tcp-resets-received-forward [netintf ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-resets-received-reverse` @@ -33582,7 +33583,7 @@ show stats app-id applications tcp-resets-received-reverse [netintf ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-resets-transmitted-forward` @@ -33622,7 +33623,7 @@ show stats app-id applications tcp-resets-transmitted-forward [netintf #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-resets-transmitted-reverse` @@ -33662,7 +33663,7 @@ show stats app-id applications tcp-resets-transmitted-reverse [netintf #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-retransmission-packets-received-forward` @@ -33702,7 +33703,7 @@ show stats app-id applications tcp-retransmission-packets-received-forward [neti #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-retransmission-packets-received-reverse` @@ -33742,7 +33743,7 @@ show stats app-id applications tcp-retransmission-packets-received-reverse [neti #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-retransmission-packets-transmitted-forward` @@ -33782,7 +33783,7 @@ show stats app-id applications tcp-retransmission-packets-transmitted-forward [n #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications tcp-retransmission-packets-transmitted-reverse` @@ -33822,7 +33823,7 @@ show stats app-id applications tcp-retransmission-packets-transmitted-reverse [n #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications time-to-first-data-packet` @@ -33909,7 +33910,7 @@ show stats app-id applications time-to-first-data-packet count [netintf ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications time-to-first-data-packet min` @@ -33991,7 +33992,7 @@ show stats app-id applications time-to-first-data-packet min [netintf ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id applications time-to-first-data-packet total` @@ -34032,7 +34033,7 @@ show stats app-id applications time-to-first-data-packet total [netintf ] [since ] [fo #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id subcategory-lookup miss` @@ -34450,7 +34451,7 @@ show stats app-id subcategory-lookup miss [service ] [since ] [f #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id subcategory-lookup service-not-applicable` @@ -34479,7 +34480,7 @@ show stats app-id subcategory-lookup service-not-applicable [since ] [for #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id url-lookup` @@ -34542,7 +34543,7 @@ show stats app-id url-lookup hit [service ] [since ] [force] [ro #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id url-lookup miss` @@ -34572,7 +34573,7 @@ show stats app-id url-lookup miss [service ] [since ] [force] [r #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats app-id url-lookup service-not-applicable` @@ -34601,7 +34602,7 @@ show stats app-id url-lookup service-not-applicable [since ] [force] [rou #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-director` @@ -34728,7 +34729,7 @@ show stats application-director classify-session cache request [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-director classify-session cache success` @@ -34757,7 +34758,7 @@ show stats application-director classify-session cache success [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-director classify-session classified` @@ -34820,7 +34821,7 @@ show stats application-director classify-session classified domain [since ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-director classify-session classified transport` @@ -34878,7 +34879,7 @@ show stats application-director classify-session classified transport [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-director classify-session unclassified` @@ -34970,7 +34971,7 @@ show stats application-director classify-session unclassified domain [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-director classify-session unclassified transport` @@ -35028,7 +35029,7 @@ show stats application-director classify-session unclassified transport [since < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-director classify-session unclassified url` @@ -35057,7 +35058,7 @@ show stats application-director classify-session unclassified url [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-director classify-session websense` @@ -35089,6 +35090,7 @@ show stats application-director classify-session websense [since ] [force | command | description | | ------- | ----------- | | [`request`](#show-stats-application-director-classify-session-websense-request) | Websense Request (requests) (in-memory) | +| [`response-time`](#show-stats-application-director-classify-session-websense-response-time) | Response time (requests) (in-memory) | | [`success`](#show-stats-application-director-classify-session-websense-success) | Websense Success (requests) (in-memory) | ## `show stats application-director classify-session websense request` @@ -35119,7 +35121,37 @@ show stats application-director classify-session websense request [status ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| duration | The response time duration (comma-separated list) | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-director classify-session websense success` @@ -35148,7 +35180,7 @@ show stats application-director classify-session websense success [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-director requests` @@ -35179,7 +35211,7 @@ show stats application-director requests [endpoint ] [status ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats application-framework` @@ -36762,7 +36794,7 @@ show stats audit events produced [collector ] [type ] [subtype #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats automated-provisioner` @@ -37389,7 +37421,7 @@ show stats bfd by-peer-path async received miss [peer-name ] [peer-ho #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path async received success` @@ -37429,7 +37461,7 @@ show stats bfd by-peer-path async received success [peer-name ] [peer #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path async sent` @@ -37513,7 +37545,7 @@ show stats bfd by-peer-path async sent arp-failure [peer-name ] [peer #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path async sent buffer-allocation-failure` @@ -37553,7 +37585,7 @@ show stats bfd by-peer-path async sent buffer-allocation-failure [peer-name ] [peer-hos #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path average-latency` @@ -37712,7 +37744,7 @@ show stats bfd by-peer-path dynamic-damping current-hold-down-time [peer-name

] [peer-host ] [peer- #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path echo sent buffer-allocation-failure` @@ -37959,7 +37991,7 @@ show stats bfd by-peer-path echo sent buffer-allocation-failure [peer-name ] [peer-host #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path jitter` @@ -38156,7 +38188,7 @@ show stats bfd by-peer-path link-down local-oper-down [peer-name ] [p #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path link-down remote-admin-down` @@ -38196,7 +38228,7 @@ show stats bfd by-peer-path link-down remote-admin-down [peer-name ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path link-down remote-down` @@ -38236,7 +38268,7 @@ show stats bfd by-peer-path link-down remote-down [peer-name ] [peer- #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path link-down timer-expiry` @@ -38276,7 +38308,7 @@ show stats bfd by-peer-path link-down timer-expiry [peer-name ] [peer #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path link-up` @@ -38316,7 +38348,7 @@ show stats bfd by-peer-path link-up [peer-name ] [peer-host ] [pee #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path local-source-nat-reset` @@ -38396,7 +38428,7 @@ show stats bfd by-peer-path local-source-nat-reset [peer-name ] [peer #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path loss` @@ -38551,7 +38583,7 @@ show stats bfd by-peer-path neighbor failover [peer-name ] [peer-host #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd by-peer-path neighbor source-nat-change` @@ -38591,7 +38623,7 @@ show stats bfd by-peer-path neighbor source-nat-change [peer-name ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd dynamic-damping` @@ -38665,7 +38697,7 @@ show stats bfd dynamic-damping hold-down-link-flaps [since ] [force] [rou #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd echo` @@ -39517,7 +39549,7 @@ show stats bfd received-invalid hostname-collision-with-static-ip [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats bfd received-invalid local-discriminator` @@ -41173,7 +41205,7 @@ show stats conflux messages write rate [pipeline ] [source ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats conflux messages write success` @@ -41231,7 +41263,7 @@ show stats conflux messages write total [pipeline ] [source ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats conflux stream` @@ -41300,7 +41332,7 @@ show stats conflux stream continue [pipeline ] [source ] [sinc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats conflux stream delay` @@ -41331,7 +41363,7 @@ show stats conflux stream delay [pipeline ] [source ] [since < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats conflux stream end` @@ -41362,7 +41394,7 @@ show stats conflux stream end [pipeline ] [source ] [since ] [source ] [sinc #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats conflux stream responses` @@ -41459,7 +41491,7 @@ show stats conflux stream responses empty [pipeline ] [source #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats conflux stream responses error` @@ -41525,7 +41557,7 @@ show stats conflux stream responses error boundary [pipeline ] [source #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats conflux stream responses error connection` @@ -41556,7 +41588,7 @@ show stats conflux stream responses error connection [pipeline ] [sour #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats conflux stream responses error other` @@ -41587,7 +41619,7 @@ show stats conflux stream responses error other [pipeline ] [source ] [source ] [source ] [since < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats cpu` @@ -43739,7 +43771,7 @@ show stats external-protocols agent errors pim-over-svr-drops [since ] [f #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats external-protocols agent errors session-collision` @@ -43877,7 +43909,7 @@ show stats external-protocols agent packets pim-secure-vector-routed [since ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability icmp time-to-establishment` @@ -44611,7 +44643,7 @@ show stats highway destination-reachability icmp time-to-establishment max [serv #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability icmp time-to-establishment mean` @@ -44644,7 +44676,7 @@ show stats highway destination-reachability icmp time-to-establishment mean [ser #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability icmp time-to-establishment min` @@ -44677,7 +44709,7 @@ show stats highway destination-reachability icmp time-to-establishment min [serv #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability icmp timeout-before-establishment` @@ -44710,7 +44742,7 @@ show stats highway destination-reachability icmp timeout-before-establishment [s #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability icmp unreachable` @@ -44743,7 +44775,7 @@ show stats highway destination-reachability icmp unreachable [service ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability other` @@ -44814,7 +44846,7 @@ show stats highway destination-reachability other established [service #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability other time-to-establishment` @@ -44884,7 +44916,7 @@ show stats highway destination-reachability other time-to-establishment max [ser #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability other time-to-establishment mean` @@ -44917,7 +44949,7 @@ show stats highway destination-reachability other time-to-establishment mean [se #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability other time-to-establishment min` @@ -44950,7 +44982,7 @@ show stats highway destination-reachability other time-to-establishment min [ser #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability other timeout-before-establishment` @@ -44983,7 +45015,7 @@ show stats highway destination-reachability other timeout-before-establishment [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability other unreachable` @@ -45016,7 +45048,7 @@ show stats highway destination-reachability other unreachable [service #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tcp` @@ -45088,7 +45120,7 @@ show stats highway destination-reachability tcp close-before-establishment [serv #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tcp established` @@ -45121,7 +45153,7 @@ show stats highway destination-reachability tcp established [service ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tcp time-to-establishment` @@ -45191,7 +45223,7 @@ show stats highway destination-reachability tcp time-to-establishment max [servi #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tcp time-to-establishment mean` @@ -45224,7 +45256,7 @@ show stats highway destination-reachability tcp time-to-establishment mean [serv #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tcp time-to-establishment min` @@ -45257,7 +45289,7 @@ show stats highway destination-reachability tcp time-to-establishment min [servi #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tcp timeout-before-establishment` @@ -45290,7 +45322,7 @@ show stats highway destination-reachability tcp timeout-before-establishment [se #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tcp unreachable` @@ -45323,7 +45355,7 @@ show stats highway destination-reachability tcp unreachable [service ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tls` @@ -45394,7 +45426,7 @@ show stats highway destination-reachability tls close-before-establishment [serv #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tls established` @@ -45427,7 +45459,7 @@ show stats highway destination-reachability tls established [service ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tls time-to-establishment` @@ -45497,7 +45529,7 @@ show stats highway destination-reachability tls time-to-establishment max [servi #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tls time-to-establishment mean` @@ -45530,7 +45562,7 @@ show stats highway destination-reachability tls time-to-establishment mean [serv #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tls time-to-establishment min` @@ -45563,7 +45595,7 @@ show stats highway destination-reachability tls time-to-establishment min [servi #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability tls timeout-before-establishment` @@ -45596,7 +45628,7 @@ show stats highway destination-reachability tls timeout-before-establishment [se #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability udp` @@ -45667,7 +45699,7 @@ show stats highway destination-reachability udp established [service ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability udp time-to-establishment` @@ -45737,7 +45769,7 @@ show stats highway destination-reachability udp time-to-establishment max [servi #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability udp time-to-establishment mean` @@ -45770,7 +45802,7 @@ show stats highway destination-reachability udp time-to-establishment mean [serv #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability udp time-to-establishment min` @@ -45803,7 +45835,7 @@ show stats highway destination-reachability udp time-to-establishment min [servi #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability udp timeout-before-establishment` @@ -45836,7 +45868,7 @@ show stats highway destination-reachability udp timeout-before-establishment [se #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway destination-reachability udp unreachable` @@ -45869,7 +45901,7 @@ show stats highway destination-reachability udp unreachable [service ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats highway firewall-detector` @@ -46468,7 +46500,7 @@ show stats icmp reachability-probe service-routes jitter [probe-profile-name ] [force] [router ] [node ] [force] [router ] [node #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats idp attacks received` @@ -47384,7 +47416,7 @@ show stats idp attacks received [since ] [force] [router ] [node #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats idp attacks total` @@ -47430,7 +47462,7 @@ show stats idp attacks total [since ] [force] [router ] [node ] [force] [router ] [node < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats idp packets processed` @@ -47710,7 +47742,7 @@ show stats idp packets processed [since ] [force] [router ] [node #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats idp packets protocol` @@ -47807,7 +47839,7 @@ show stats idp packets protocol icmp [since ] [force] [router ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats idp packets protocol other` @@ -47853,7 +47885,7 @@ show stats idp packets protocol other [since ] [force] [router ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats idp packets protocol tcp` @@ -47899,7 +47931,7 @@ show stats idp packets protocol tcp [since ] [force] [router ] [n #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats idp packets protocol udp` @@ -47945,7 +47977,7 @@ show stats idp packets protocol udp [since ] [force] [router ] [n #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats idp packets received` @@ -48040,7 +48072,7 @@ Stats pertaining to Ethernet Interface #### Usage ``` -show stats interface [port ] [since ] [force] [router ] [node ] [] +show stats interface [since ] [force] [router ] [] ``` ##### Keyword Arguments @@ -48048,8 +48080,6 @@ show stats interface [port ] [since ] [force] [router ] [no | name | description | | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | -| node | The name of the node generating this metric | -| port | The device interface for which this metric was generated (comma-separated list) | | router | The router for which to display stats (default: <current router>) | | since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | @@ -48100,7 +48130,7 @@ Statistics for 'received' #### Usage ``` -show stats interface received [port ] [since ] [force] [router ] [node ] [] +show stats interface received [since ] [force] [router ] [] ``` ##### Keyword Arguments @@ -48108,8 +48138,6 @@ show stats interface received [port ] [since ] [force] [router ] [since ] [force] [router ] [me #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats interface received lacp packets` @@ -48359,7 +48388,7 @@ show stats interface received lacp packets [bond-interface ] [me #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats interface received lacp unknown` @@ -48389,7 +48418,7 @@ show stats interface received lacp unknown [bond-interface ] [me #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats interface received missed` @@ -48614,8 +48643,6 @@ show stats interface sent [since ] [force] [router ] [ | name | description | | ---- | ----------- | | force | Skip confirmation prompt. Only required when targeting all routers | -| node | The name of the node generating this metric | -| port | The device interface for which this metric was generated (comma-separated list) | | router | The router for which to display stats (default: <current router>) | | since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | @@ -48748,7 +48775,7 @@ show stats interface sent lacp packets [bond-interface ] [member #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats interface sent lacp queue-full` @@ -48778,7 +48805,7 @@ show stats interface sent lacp queue-full [bond-interface ] [mem #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats interface sent packets` @@ -48928,7 +48955,7 @@ show stats ipfix dropped invalid-interface [since ] [force] [router ] [force] [router #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats ipfix enqueue` @@ -49017,7 +49044,7 @@ show stats ipfix enqueue attempts [since ] [force] [router ] [nod #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats ipfix record-export-rate` @@ -49046,7 +49073,7 @@ show stats ipfix record-export-rate [since ] [force] [router ] [n #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats ipfix time-per-export` @@ -49075,7 +49102,7 @@ show stats ipfix time-per-export [since ] [force] [router ] [node #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats ipfix time-per-session` @@ -49104,7 +49131,7 @@ show stats ipfix time-per-session [since ] [force] [router ] [nod #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats ipfix total-generation-time` @@ -49133,7 +49160,7 @@ show stats ipfix total-generation-time [since ] [force] [router ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats ipfix total-records` @@ -49162,7 +49189,7 @@ show stats ipfix total-records [since ] [force] [router ] [node < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats mars` @@ -49257,7 +49284,7 @@ show stats mars requests bad-response [process-name ] [since ] [status ] [ #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats memory` @@ -49748,7 +49775,7 @@ show stats mtu-discovery peer-path probe-timeout [peer-name ] [peer-h #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats mtu-discovery peer-path received` @@ -49781,7 +49808,7 @@ show stats mtu-discovery peer-path received [peer-name ] [peer-host < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats mtu-discovery peer-path received-icmp-fragmentation-needed` @@ -49814,7 +49841,7 @@ show stats mtu-discovery peer-path received-icmp-fragmentation-needed [peer-name #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats mtu-discovery peer-path sent` @@ -49884,7 +49911,7 @@ show stats mtu-discovery peer-path sent arp-failure [peer-name ] [pee #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats mtu-discovery peer-path sent buffer-allocation-failure` @@ -49917,7 +49944,7 @@ show stats mtu-discovery peer-path sent buffer-allocation-failure [peer-name ] [peer-ho #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats mtu-discovery probe-timeout` @@ -50232,7 +50259,7 @@ show stats network-interface received bytes [port ] [netintf ] [s #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats network-interface received packets` @@ -50263,7 +50290,7 @@ show stats network-interface received packets [port ] [netintf ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats network-interface sent` @@ -50328,7 +50355,7 @@ show stats network-interface sent bytes [port ] [netintf ] [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats network-interface sent packets` @@ -50359,7 +50386,7 @@ show stats network-interface sent packets [port ] [netintf ] [sin #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-capture` @@ -50442,7 +50469,7 @@ show stats packet-capture cloud-send-failure [core ] [port ] [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-capture cloud-send-success` @@ -50481,7 +50508,7 @@ show stats packet-capture cloud-send-success [core ] [port ] [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-capture success` @@ -51754,7 +51781,7 @@ show stats packet-processing action failure fec add allocation [core ] [po #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action failure fec add buffer-expansion` @@ -51785,7 +51812,7 @@ show stats packet-processing action failure fec add buffer-expansion [core #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action failure fec remove parity-discard` @@ -51946,7 +51973,7 @@ show stats packet-processing action failure fec remove parity-discard [core #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action failure tcp-stitch server-sack-disabled` @@ -54256,7 +54283,7 @@ show stats packet-processing action failure tcp-stitch server-sack-disabled [cor #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action failure tcp-stitch unexpected-packet` @@ -54287,7 +54314,7 @@ show stats packet-processing action failure tcp-stitch unexpected-packet [core < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action failure tcp-stitch window-rounded-up` @@ -54318,7 +54345,7 @@ show stats packet-processing action failure tcp-stitch window-rounded-up [core < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action failure tcp-stitch window-truncated` @@ -54349,7 +54376,7 @@ show stats packet-processing action failure tcp-stitch window-truncated [core ] [p #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action success fec add trailer-added` @@ -56039,7 +56066,7 @@ show stats packet-processing action success fec add trailer-added [core ] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action success fec remove` @@ -56108,7 +56135,7 @@ show stats packet-processing action success fec remove completed-round [core #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action success fec remove regenerated-packet` @@ -56170,7 +56197,7 @@ show stats packet-processing action success fec remove regenerated-packet [core #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action success fec remove resync` @@ -56201,7 +56228,7 @@ show stats packet-processing action success fec remove resync [core ] [por #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing action success fec remove trailer-removed` @@ -56232,7 +56259,7 @@ show stats packet-processing action success fec remove trailer-removed [core ] [port < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats packet-processing classifier received q-in-q` @@ -65218,8 +65245,8 @@ show stats packet-processing received [core ] [port ] [since | [`interface-invalid-chain`](#show-stats-packet-processing-received-interface-invalid-chain) | The number of invalid chain packets received from the interface | | [`interface-invalid-metadata-length`](#show-stats-packet-processing-received-interface-invalid-metadata-length) | The number of packets received from the interface having metadata with an invalid length | | [`interface-sanitized`](#show-stats-packet-processing-received-interface-sanitized) | The number of sanitized packets received from the interface | -| [`interface-standby`](#show-stats-packet-processing-received-interface-standby) | The number of packets received on the interface while in standby mode. | -| [`interface-standby-drop`](#show-stats-packet-processing-received-interface-standby-drop) | The number of packets dropped because the interface is in standby mode. | +| [`interface-standby`](#show-stats-packet-processing-received-interface-standby) | The number of packets received on the device interface while in standby mode. | +| [`interface-standby-drop`](#show-stats-packet-processing-received-interface-standby-drop) | The number of packets dropped because the device interface is in standby mode. | | [`interface-standby-empty-head`](#show-stats-packet-processing-received-interface-standby-empty-head) | The number of empty head packets received from the standby interface. | | [`interface-standby-invalid-chain`](#show-stats-packet-processing-received-interface-standby-invalid-chain) | The number of invalid chain packets received from the standby interface | | [`interface-standby-invalid-metadata-length`](#show-stats-packet-processing-received-interface-standby-invalid-metadata-length) | The number of invalid metadata length packets received from the standby interface | @@ -65227,7 +65254,10 @@ show stats packet-processing received [core ] [port ] [since | [`interface-standby-unhandled-exception`](#show-stats-packet-processing-received-interface-standby-unhandled-exception) | The number of packets received from the standby interface which encountered an unhandled exception | | [`interface-success`](#show-stats-packet-processing-received-interface-success) | The number of packets received from the interface | | [`interface-unhandled-exception`](#show-stats-packet-processing-received-interface-unhandled-exception) | The number of packets received from the interface which encountered an unhandled exception | +| [`mac-filtered-discards`](#show-stats-packet-processing-received-mac-filtered-discards) | The number of packets dropped because the destination MAC address doesn't match the interface. | | [`max-burst`](#show-stats-packet-processing-received-max-burst) | Maximum-Sized Receive Bursts Per Interface | +| [`network-interface-standby`](#show-stats-packet-processing-received-network-interface-standby) | The number of packets received on the network interface while in standby mode. | +| [`network-interface-standby-drop`](#show-stats-packet-processing-received-network-interface-standby-drop) | The number of packets dropped because the network interface is in standby mode. | ## `show stats packet-processing received burst-size` @@ -65646,7 +65676,7 @@ show stats packet-processing received interface-sanitized [core ] [port

] [port | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | +## `show stats packet-processing received mac-filtered-discards` + +The number of packets dropped because the destination MAC address doesn't match the interface. + +#### Usage + +``` +show stats packet-processing received mac-filtered-discards [core ] [port ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| core | The core number for which this metric was generated (comma-separated list) | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node generating this metric | +| port | The device interface for which this metric was generated (comma-separated list) | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + ## `show stats packet-processing received max-burst` Maximum-Sized Receive Bursts Per Interface @@ -66003,6 +66060,60 @@ show stats packet-processing received max-burst transition-to [core ] [por | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | +## `show stats packet-processing received network-interface-standby` + +The number of packets received on the network interface while in standby mode. + +#### Usage + +``` +show stats packet-processing received network-interface-standby [core ] [port ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| core | The core number for which this metric was generated (comma-separated list) | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node generating this metric | +| port | The device interface for which this metric was generated (comma-separated list) | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +## `show stats packet-processing received network-interface-standby-drop` + +The number of packets dropped because the network interface is in standby mode. + +#### Usage + +``` +show stats packet-processing received network-interface-standby-drop [core ] [port ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| core | The core number for which this metric was generated (comma-separated list) | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node generating this metric | +| port | The device interface for which this metric was generated (comma-separated list) | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + ## `show stats packet-processing sent` Statistics for 'sent' @@ -66036,10 +66147,13 @@ show stats packet-processing sent [core ] [port ] [since ] [f | ------- | ----------- | | [`interface-failure`](#show-stats-packet-processing-sent-interface-failure) | The number of packets failed to be transmitted on the interface | | [`interface-retry`](#show-stats-packet-processing-sent-interface-retry) | The number of packet send retry attempts on this interface | -| [`interface-standby`](#show-stats-packet-processing-sent-interface-standby) | The number of packets transmitted while interface is in standby mode | -| [`interface-standby-drop`](#show-stats-packet-processing-sent-interface-standby-drop) | The number of packets not transmitted because the interface is in standby mode | +| [`interface-standby`](#show-stats-packet-processing-sent-interface-standby) | The number of packets transmitted while device interface is in standby mode | +| [`interface-standby-drop`](#show-stats-packet-processing-sent-interface-standby-drop) | The number of packets not transmitted because the device interface is in standby mode | | [`interface-success`](#show-stats-packet-processing-sent-interface-success) | The number of packets transmitted out this interface | | [`interface-unconfigured-drop`](#show-stats-packet-processing-sent-interface-unconfigured-drop) | The number of packets received and dropped because the interface has not been configured. | +| [`network-interface-standby`](#show-stats-packet-processing-sent-network-interface-standby) | The number of packets transmitted while network interface is in standby mode | +| [`network-interface-standby-drop`](#show-stats-packet-processing-sent-network-interface-standby-drop) | The number of packets not transmitted because the network interface is in standby mode | +| [`network-interface-unconfigured-drop`](#show-stats-packet-processing-sent-network-interface-unconfigured-drop) | The number of packets received and dropped because the network interface has not been configured. | | [`to-wire-empty-head`](#show-stats-packet-processing-sent-to-wire-empty-head) | The number of empty head packets destined to wire | | [`to-wire-invalid-chain`](#show-stats-packet-processing-sent-to-wire-invalid-chain) | The number of invalid chain packets destined to wire | | [`to-wire-sanitized`](#show-stats-packet-processing-sent-to-wire-sanitized) | The number of sanitized packets destined to wire | @@ -66100,7 +66214,7 @@ show stats packet-processing sent interface-retry [core ] [port ] [s ## `show stats packet-processing sent interface-standby` -The number of packets transmitted while interface is in standby mode +The number of packets transmitted while device interface is in standby mode #### Usage @@ -66127,7 +66241,7 @@ show stats packet-processing sent interface-standby [core ] [port ] ## `show stats packet-processing sent interface-standby-drop` -The number of packets not transmitted because the interface is in standby mode +The number of packets not transmitted because the device interface is in standby mode #### Usage @@ -66206,14 +66320,14 @@ show stats packet-processing sent interface-unconfigured-drop [core ] [por | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | -## `show stats packet-processing sent to-wire-empty-head` +## `show stats packet-processing sent network-interface-standby` -The number of empty head packets destined to wire +The number of packets transmitted while network interface is in standby mode #### Usage ``` -show stats packet-processing sent to-wire-empty-head [core ] [port ] [since ] [force] [router ] [node ] [] +show stats packet-processing sent network-interface-standby [core ] [port ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -66233,14 +66347,14 @@ show stats packet-processing sent to-wire-empty-head [core ] [port ] | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | -## `show stats packet-processing sent to-wire-invalid-chain` +## `show stats packet-processing sent network-interface-standby-drop` -The number of invalid chain packets destined to wire +The number of packets not transmitted because the network interface is in standby mode #### Usage ``` -show stats packet-processing sent to-wire-invalid-chain [core ] [port ] [since ] [force] [router ] [node ] [] +show stats packet-processing sent network-interface-standby-drop [core ] [port ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -66260,14 +66374,14 @@ show stats packet-processing sent to-wire-invalid-chain [core ] [port ] [port ] [since ] [force] [router ] [node ] [] +show stats packet-processing sent network-interface-unconfigured-drop [core ] [port ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -66287,23 +66401,24 @@ show stats packet-processing sent to-wire-sanitized [core ] [port ] | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | -## `show stats path-tree` +## `show stats packet-processing sent to-wire-empty-head` -Metrics tracking PathTree server and client behavior +The number of empty head packets destined to wire #### Usage ``` -show stats path-tree [process ] [since ] [force] [router ] [node ] [] +show stats packet-processing sent to-wire-empty-head [core ] [port ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments | name | description | | ---- | ----------- | +| core | The core number for which this metric was generated (comma-separated list) | | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | -| process | The name of the process generating this metric (comma-separated list) | +| port | The device interface for which this metric was generated (comma-separated list) | | router | The router for which to display stats (default: <current router>) | | since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | @@ -66313,30 +66428,24 @@ show stats path-tree [process ] [since ] [force] [router ] [since ] [force] [router ] [node ] [] +show stats packet-processing sent to-wire-invalid-chain [core ] [port ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments | name | description | | ---- | ----------- | +| core | The core number for which this metric was generated (comma-separated list) | | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | -| process | The name of the process generating this metric (comma-separated list) | +| port | The device interface for which this metric was generated (comma-separated list) | | router | The router for which to display stats (default: <current router>) | | since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | @@ -66346,31 +66455,24 @@ show stats path-tree client [process ] [since ] [force] [router | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | -##### Subcommands - -| command | description | -| ------- | ----------- | -| [`received`](#show-stats-path-tree-client-received) | Statistics for 'received' | -| [`sent`](#show-stats-path-tree-client-sent) | Statistics for 'sent' | -| [`transactions`](#show-stats-path-tree-client-transactions) | Statistics for 'transactions' | - -## `show stats path-tree client received` +## `show stats packet-processing sent to-wire-sanitized` -Statistics for 'received' +The number of sanitized packets destined to wire #### Usage ``` -show stats path-tree client received [process ] [since ] [force] [router ] [node ] [] +show stats packet-processing sent to-wire-sanitized [core ] [port ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments | name | description | | ---- | ----------- | +| core | The core number for which this metric was generated (comma-separated list) | | force | Skip confirmation prompt. Only required when targeting all routers | | node | The name of the node generating this metric | -| process | The name of the process generating this metric (comma-separated list) | +| port | The device interface for which this metric was generated (comma-separated list) | | router | The router for which to display stats (default: <current router>) | | since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | @@ -66380,22 +66482,14 @@ show stats path-tree client received [process ] [since ] [force] | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | -##### Subcommands - -| command | description | -| ------- | ----------- | -| [`notifications`](#show-stats-path-tree-client-received-notifications) | Statistics for 'notifications' | -| [`responses`](#show-stats-path-tree-client-received-responses) | Statistics for 'responses' | -| [`unknown`](#show-stats-path-tree-client-received-unknown) | Statistics for 'unknown' | - -## `show stats path-tree client received notifications` +## `show stats path-tree` -Statistics for 'notifications' +Metrics tracking PathTree server and client behavior #### Usage ``` -show stats path-tree client received notifications [process ] [since ] [force] [router ] [node ] [] +show stats path-tree [process ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -66418,18 +66512,17 @@ show stats path-tree client received notifications [process ] [since ] [since ] [force] [router ] [node ] [] +show stats path-tree client [process ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -66448,40 +66541,22 @@ show stats path-tree client received notifications duration [process ] | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | -## `show stats path-tree client received notifications error` - -The number of invalid or malformed notification messages received (count) - -#### Usage - -``` -show stats path-tree client received notifications error [process ] [since ] [force] [router ] [node ] [] -``` - -##### Keyword Arguments - -| name | description | -| ---- | ----------- | -| force | Skip confirmation prompt. Only required when targeting all routers | -| node | The name of the node generating this metric | -| process | The name of the process generating this metric (comma-separated list) | -| router | The router for which to display stats (default: <current router>) | -| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | - -##### Positional Arguments +##### Subcommands -| name | description | -| ---- | ----------- | -| verbosity | detail \| summary \| debug (default: detail) | +| command | description | +| ------- | ----------- | +| [`received`](#show-stats-path-tree-client-received) | Statistics for 'received' | +| [`sent`](#show-stats-path-tree-client-sent) | Statistics for 'sent' | +| [`transactions`](#show-stats-path-tree-client-transactions) | Statistics for 'transactions' | -## `show stats path-tree client received notifications total` +## `show stats path-tree client received` -The number of notification messages received successfully (count) +Statistics for 'received' #### Usage ``` -show stats path-tree client received notifications total [process ] [since ] [force] [router ] [node ] [] +show stats path-tree client received [process ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -66500,14 +66575,22 @@ show stats path-tree client received notifications total [process ] [si | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | -## `show stats path-tree client received responses` +##### Subcommands -Statistics for 'responses' +| command | description | +| ------- | ----------- | +| [`notifications`](#show-stats-path-tree-client-received-notifications) | Statistics for 'notifications' | +| [`responses`](#show-stats-path-tree-client-received-responses) | Statistics for 'responses' | +| [`unknown`](#show-stats-path-tree-client-received-unknown) | Statistics for 'unknown' | + +## `show stats path-tree client received notifications` + +Statistics for 'notifications' #### Usage ``` -show stats path-tree client received responses [process ] [since ] [force] [router ] [node ] [] +show stats path-tree client received notifications [process ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -66530,18 +66613,18 @@ show stats path-tree client received responses [process ] [since ] [since ] [force] [router ] [node ] [] +show stats path-tree client received notifications duration [process ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -66560,14 +66643,14 @@ show stats path-tree client received responses duration [process ] [sin | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | -## `show stats path-tree client received responses error` +## `show stats path-tree client received notifications error` -The number of invalid or malformed transaction response messages received (count) +The number of invalid or malformed notification messages received (count) #### Usage ``` -show stats path-tree client received responses error [process ] [since ] [force] [router ] [node ] [] +show stats path-tree client received notifications error [process ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -66586,14 +66669,14 @@ show stats path-tree client received responses error [process ] [since | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | -## `show stats path-tree client received responses total` +## `show stats path-tree client received notifications total` -The number of transaction response messages received successfully (count) +The number of notification messages received successfully (count) #### Usage ``` -show stats path-tree client received responses total [process ] [since ] [force] [router ] [node ] [] +show stats path-tree client received notifications total [process ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -66612,14 +66695,126 @@ show stats path-tree client received responses total [process ] [since | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | -## `show stats path-tree client received unknown` +## `show stats path-tree client received responses` -Statistics for 'unknown' +Statistics for 'responses' #### Usage ``` -show stats path-tree client received unknown [process ] [since ] [force] [router ] [node ] [] +show stats path-tree client received responses [process ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node generating this metric | +| process | The name of the process generating this metric (comma-separated list) | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [`duration`](#show-stats-path-tree-client-received-responses-duration) | Average time to process transaction responses on the client (microseconds) | +| [`error`](#show-stats-path-tree-client-received-responses-error) | The number of invalid or malformed transaction response messages received (count) | +| [`total`](#show-stats-path-tree-client-received-responses-total) | The number of transaction response messages received successfully (count) | + +## `show stats path-tree client received responses duration` + +Average time to process transaction responses on the client (microseconds) + +#### Usage + +``` +show stats path-tree client received responses duration [process ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node generating this metric | +| process | The name of the process generating this metric (comma-separated list) | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +## `show stats path-tree client received responses error` + +The number of invalid or malformed transaction response messages received (count) + +#### Usage + +``` +show stats path-tree client received responses error [process ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node generating this metric | +| process | The name of the process generating this metric (comma-separated list) | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +## `show stats path-tree client received responses total` + +The number of transaction response messages received successfully (count) + +#### Usage + +``` +show stats path-tree client received responses total [process ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node generating this metric | +| process | The name of the process generating this metric (comma-separated list) | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +## `show stats path-tree client received unknown` + +Statistics for 'unknown' + +#### Usage + +``` +show stats path-tree client received unknown [process ] [since ] [force] [router ] [node ] [] ``` ##### Keyword Arguments @@ -68329,7 +68524,7 @@ show stats performance-monitoring peer-path jitter [peer-name ] [peer #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats performance-monitoring peer-path latency` @@ -68364,7 +68559,7 @@ show stats performance-monitoring peer-path latency [peer-name ] [pee #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats performance-monitoring peer-path loss` @@ -68399,7 +68594,7 @@ show stats performance-monitoring peer-path loss [peer-name ] [peer-h #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats performance-monitoring peer-path mos` @@ -68434,7 +68629,7 @@ show stats performance-monitoring peer-path mos [peer-name ] [peer-ho #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats performance-monitoring peer-path received` @@ -68508,7 +68703,7 @@ show stats performance-monitoring peer-path received loss [peer-name #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats performance-monitoring peer-path received marked-packets` @@ -68543,7 +68738,7 @@ show stats performance-monitoring peer-path received marked-packets [peer-name < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats performance-monitoring peer-path received marked-packets-acknowledged` @@ -68578,7 +68773,7 @@ show stats performance-monitoring peer-path received marked-packets-acknowledged #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats performance-monitoring peer-path transmit` @@ -68652,7 +68847,7 @@ show stats performance-monitoring peer-path transmit loss [peer-name #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats performance-monitoring peer-path transmit marked-packets` @@ -68687,7 +68882,7 @@ show stats performance-monitoring peer-path transmit marked-packets [peer-name < #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats performance-monitoring peer-path transmit marked-packets-acknowledged` @@ -68722,7 +68917,7 @@ show stats performance-monitoring peer-path transmit marked-packets-acknowledged #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats performance-monitoring peer-path updated` @@ -68757,7 +68952,7 @@ show stats performance-monitoring peer-path updated [peer-name ] [pee #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats process` @@ -69566,7 +69761,7 @@ show stats process thread queue total [process-name ] [thread-name #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats process thread task` @@ -69645,7 +69840,7 @@ show stats process thread task errors [process-name ] [thread-name #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats process thread task execution-time` @@ -69684,7 +69879,7 @@ show stats process thread task execution-time [process-name ] [thr #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats process thread task timeouts` @@ -69721,7 +69916,7 @@ show stats process thread task timeouts [process-name ] [thread-na #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats process thread task total` @@ -69759,7 +69954,7 @@ show stats process thread task total [process-name ] [thread-name #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats queue` @@ -69855,7 +70050,7 @@ show stats queue consumed bytes [topic ] [since ] [force] [router #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats queue consumed messages` @@ -69885,7 +70080,7 @@ show stats queue consumed messages [topic ] [since ] [force] [rout #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats queue produced` @@ -69948,7 +70143,7 @@ show stats queue produced bytes [topic ] [since ] [force] [router #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats queue produced messages` @@ -69978,7 +70173,7 @@ show stats queue produced messages [topic ] [since ] [force] [rout #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats redis-server-manager` @@ -75210,7 +75405,7 @@ show stats service-area mist-events failed [since ] [force] [router ] [force] [router ] [force] [router ] [node | [`invalid-reverse-metadata-packets`](#show-stats-service-area-received-invalid-reverse-metadata-packets) | Number of invalid reverse metadata packets received | | [`keep-alive-modify-ignore-for-peer-mismatch`](#show-stats-service-area-received-keep-alive-modify-ignore-for-peer-mismatch) | Number of keep-alive packets from a different peer that did not trigger session update | | [`keep-alive-modify-ignore-for-pinhole`](#show-stats-service-area-received-keep-alive-modify-ignore-for-pinhole) | Number of keep-alive packets for a non-established pinhole session that did not trigger session update | +| [`keep-alive-modify-ignore-for-reverse-fabric-path-mismatch`](#show-stats-service-area-received-keep-alive-modify-ignore-for-reverse-fabric-path-mismatch) | Number of keep-alive packets from a different reverse-fabric-path that did not trigger session update | | [`keep-alive-modify-ignore-no-metadata`](#show-stats-service-area-received-keep-alive-modify-ignore-no-metadata) | Number of keep-alive packets without valid metadata that did not trigger session update | | [`keep-alive-modify-ignore-no-session`](#show-stats-service-area-received-keep-alive-modify-ignore-no-session) | Number of keep-alive packets that did not match a session and did not trigger session update | | [`metadata-parse-failure-wayport-range-miss`](#show-stats-service-area-received-metadata-parse-failure-wayport-range-miss) | Number of packets with metadata parse failure that missed the waypoint range | @@ -76351,6 +76547,31 @@ show stats service-area received keep-alive-modify-ignore-for-pinhole [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + ## `show stats service-area received keep-alive-modify-ignore-no-metadata` Number of keep-alive packets without valid metadata that did not trigger session update @@ -76578,7 +76799,7 @@ show stats service-area received packets-with-stale-flow-move-keep-alive [since #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats service-area received packets-with-stale-reverse-metadata` @@ -80598,6 +80819,7 @@ show stats traffic-eng [since ] [force] [router ] [node ] [ | ------- | ----------- | | [`device-interface`](#show-stats-traffic-eng-device-interface) | Stats pertaining to device interface traffic engineering | | [`internal-application`](#show-stats-traffic-eng-internal-application) | Stats pertaining to traffic engineering stats for internal applications | +| [`network-interface`](#show-stats-traffic-eng-network-interface) | Stats pertaining to network-interface traffic engineering | ## `show stats traffic-eng device-interface` @@ -80628,7 +80850,7 @@ show stats traffic-eng device-interface [since ] [force] [router | command | description | | ------- | ----------- | -| [`common`](#show-stats-traffic-eng-device-interface-common) | Stats pertaining to both device interface and peer path traffic engineering | +| [`common`](#show-stats-traffic-eng-device-interface-common) | Common stats pertaining to traffic engineering | | [`dequeue-cycle-count`](#show-stats-traffic-eng-device-interface-dequeue-cycle-count) | The current dequeue cycle count in traffic engineering (cycles) | | [`enqueue-cycle-count`](#show-stats-traffic-eng-device-interface-enqueue-cycle-count) | The current enqueue cycle count in traffic engineering (cycles) | | [`packets-queued`](#show-stats-traffic-eng-device-interface-packets-queued) | The current number of packets queued for this device interface | @@ -80638,7 +80860,7 @@ show stats traffic-eng device-interface [since ] [force] [router ## `show stats traffic-eng device-interface common` -Stats pertaining to both device interface and peer path traffic engineering +Common stats pertaining to traffic engineering #### Usage @@ -80900,7 +81122,7 @@ show stats traffic-eng device-interface peer-path dequeue-cycle-count [peer-name #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats traffic-eng device-interface peer-path enqueue-cycle-count` @@ -80933,7 +81155,7 @@ show stats traffic-eng device-interface peer-path enqueue-cycle-count [peer-name #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats traffic-eng device-interface peer-path packets-queued` @@ -80966,7 +81188,7 @@ show stats traffic-eng device-interface peer-path packets-queued [peer-name ] [internal | ---- | ----------- | | verbosity | detail \| summary \| debug (default: detail) | +## `show stats traffic-eng network-interface` + +Stats pertaining to network-interface traffic engineering + +#### Usage + +``` +show stats traffic-eng network-interface [netintf ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [`dequeue-cycle-count`](#show-stats-traffic-eng-network-interface-dequeue-cycle-count) | The current dequeue cycle count in traffic engineering for this network-interface (cycles) (in-memory) | +| [`enqueue-cycle-count`](#show-stats-traffic-eng-network-interface-enqueue-cycle-count) | The current enqueue cycle count in traffic engineering for this network-interface (cycles) (in-memory) | +| [`packets-queued`](#show-stats-traffic-eng-network-interface-packets-queued) | The current number of packets queued in traffic engineering for this network-interface (in-memory) | +| [`per-traffic-class`](#show-stats-traffic-eng-network-interface-per-traffic-class) | Stats pertaining to network-interface per traffic class traffic engineering | +| [`scheduler-reset`](#show-stats-traffic-eng-network-interface-scheduler-reset) | The number of times the scheduler has been reset | + +## `show stats traffic-eng network-interface dequeue-cycle-count` + +The current dequeue cycle count in traffic engineering for this network-interface (cycles) (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface dequeue-cycle-count [netintf ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface enqueue-cycle-count` + +The current enqueue cycle count in traffic engineering for this network-interface (cycles) (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface enqueue-cycle-count [netintf ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface packets-queued` + +The current number of packets queued in traffic engineering for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface packets-queued [netintf ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class` + +Stats pertaining to network-interface per traffic class traffic engineering + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [`buffer-capacity-exceeded-bytes`](#show-stats-traffic-eng-network-interface-per-traffic-class-buffer-capacity-exceeded-bytes) | The number of bytes failed to be scheduled for transmission due to exceeded buffer capacity for this network-interface (in-memory) | +| [`buffer-capacity-exceeded-packets`](#show-stats-traffic-eng-network-interface-per-traffic-class-buffer-capacity-exceeded-packets) | The number of packets failed to be scheduled for transmission due to exceeded buffer capacity for this network-interface (in-memory) | +| [`dequeue-aqm-drop-bytes`](#show-stats-traffic-eng-network-interface-per-traffic-class-dequeue-aqm-drop-bytes) | The number of bytes scheduled for transmission that were dropped due to Active Queue Management for this network-interface (in-memory) | +| [`dequeue-aqm-drop-packets`](#show-stats-traffic-eng-network-interface-per-traffic-class-dequeue-aqm-drop-packets) | The number of packets scheduled for transmission that were dropped due to Active Queue Management for this network-interface (in-memory) | +| [`dequeue-max-latency-drop-bytes`](#show-stats-traffic-eng-network-interface-per-traffic-class-dequeue-max-latency-drop-bytes) | The number of bytes scheduled for transmission that were dropped due to excessive latency for this network-interface (in-memory) | +| [`dequeue-max-latency-drop-packets`](#show-stats-traffic-eng-network-interface-per-traffic-class-dequeue-max-latency-drop-packets) | The number of packets scheduled for transmission that were dropped due to excessive latency for this network-interface (in-memory) | +| [`dequeue-success-bytes`](#show-stats-traffic-eng-network-interface-per-traffic-class-dequeue-success-bytes) | The number of bytes successfully dequeued from the scheduler for transmission for this network-interface (in-memory) | +| [`dequeue-success-packets`](#show-stats-traffic-eng-network-interface-per-traffic-class-dequeue-success-packets) | The number of packets successfully dequeued from the scheduler for transmission for this network-interface (in-memory) | +| [`schedule-failure-bandwidth`](#show-stats-traffic-eng-network-interface-per-traffic-class-schedule-failure-bandwidth) | Traffic bandwidth dropped by the scheduler for this network-interface (bytes per second) (in-memory) | +| [`schedule-failure-bytes`](#show-stats-traffic-eng-network-interface-per-traffic-class-schedule-failure-bytes) | The number of bytes failed to be scheduled for transmission due to bandwidth oversubscription for this network-interface (in-memory) | +| [`schedule-failure-packets`](#show-stats-traffic-eng-network-interface-per-traffic-class-schedule-failure-packets) | The number of packets failed to scheduled for transmission due to bandwidth oversubscription for this network-interface (in-memory) | +| [`schedule-success-bandwidth`](#show-stats-traffic-eng-network-interface-per-traffic-class-schedule-success-bandwidth) | Traffic bandwidth successfully scheduled for transmission for this network-interface (bytes per second) (in-memory) | +| [`schedule-success-bytes`](#show-stats-traffic-eng-network-interface-per-traffic-class-schedule-success-bytes) | The number of bytes successfully scheduled for transmission for this network-interface (in-memory) | +| [`schedule-success-packets`](#show-stats-traffic-eng-network-interface-per-traffic-class-schedule-success-packets) | The number of packets successfully scheduled for transmission for this network-interface (in-memory) | + +## `show stats traffic-eng network-interface per-traffic-class buffer-capacity-exceeded-bytes` + +The number of bytes failed to be scheduled for transmission due to exceeded buffer capacity for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class buffer-capacity-exceeded-bytes [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class buffer-capacity-exceeded-packets` + +The number of packets failed to be scheduled for transmission due to exceeded buffer capacity for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class buffer-capacity-exceeded-packets [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class dequeue-aqm-drop-bytes` + +The number of bytes scheduled for transmission that were dropped due to Active Queue Management for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class dequeue-aqm-drop-bytes [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class dequeue-aqm-drop-packets` + +The number of packets scheduled for transmission that were dropped due to Active Queue Management for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class dequeue-aqm-drop-packets [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class dequeue-max-latency-drop-bytes` + +The number of bytes scheduled for transmission that were dropped due to excessive latency for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class dequeue-max-latency-drop-bytes [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class dequeue-max-latency-drop-packets` + +The number of packets scheduled for transmission that were dropped due to excessive latency for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class dequeue-max-latency-drop-packets [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class dequeue-success-bytes` + +The number of bytes successfully dequeued from the scheduler for transmission for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class dequeue-success-bytes [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class dequeue-success-packets` + +The number of packets successfully dequeued from the scheduler for transmission for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class dequeue-success-packets [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class schedule-failure-bandwidth` + +Traffic bandwidth dropped by the scheduler for this network-interface (bytes per second) (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class schedule-failure-bandwidth [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class schedule-failure-bytes` + +The number of bytes failed to be scheduled for transmission due to bandwidth oversubscription for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class schedule-failure-bytes [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class schedule-failure-packets` + +The number of packets failed to scheduled for transmission due to bandwidth oversubscription for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class schedule-failure-packets [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class schedule-success-bandwidth` + +Traffic bandwidth successfully scheduled for transmission for this network-interface (bytes per second) (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class schedule-success-bandwidth [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class schedule-success-bytes` + +The number of bytes successfully scheduled for transmission for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class schedule-success-bytes [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface per-traffic-class schedule-success-packets` + +The number of packets successfully scheduled for transmission for this network-interface (in-memory) + +#### Usage + +``` +show stats traffic-eng network-interface per-traffic-class schedule-success-packets [netintf ] [traffic-class ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | +| traffic-class | The traffic class for which this metric was generated (comma-separated list) | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + +#### Description + +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ + +## `show stats traffic-eng network-interface scheduler-reset` + +The number of times the scheduler has been reset + +#### Usage + +``` +show stats traffic-eng network-interface scheduler-reset [netintf ] [since ] [force] [router ] [node ] [] +``` + +##### Keyword Arguments + +| name | description | +| ---- | ----------- | +| force | Skip confirmation prompt. Only required when targeting all routers | +| netintf | The network interface for which this metric was generated (comma-separated list) | +| node | The name of the node generating this metric | +| router | The router for which to display stats (default: <current router>) | +| since | The displayed stats will be calculated as a delta from the given time. The given time can either be a timestamp or a delta, such as 45m, 1d, or 1mo. Providing "launch" ensures that no start time for the delta is set [type: timestamp] | + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| verbosity | detail \| summary \| debug (default: detail) | + ## `show stats traffic-export` Stats pertaining to exported traffic events @@ -82442,7 +83296,7 @@ show stats traffic-export enqueue-failure [core ] [since ] [force] #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats traffic-export error-enqueue-failure` @@ -82471,7 +83325,7 @@ show stats traffic-export error-enqueue-failure [since ] [force] [router #### Description -For more information regarding in-memory metrics, please refer to [Configuring In-Memory Metrics](config_in-memory_metrics.md) +For more information regarding in-memory metrics, please refer to this retention document - https://www.juniper.net/documentation/us/en/software/session-smart-router/docs/config_in-memory_metrics/ ## `show stats traffic-export rate-limit-exceeded` @@ -82500,7 +83354,7 @@ show stats traffic-export rate-limit-exceeded [since ] [force] [router ] [force] [router ] [force] [router ] [force] [router `](config_command_guide.md#configure-authority-alarm-shelving-shelf) and one or more of the following parameters. There are several configuration attributes used to define an alarm shelf: + +| command | description | +| ------- | ----------- | +| [`applies-to`](config_command_guide.md#configure-authority-alarm-shelving-shelf-applies-to) | Logical group to which a configuration element applies | +| [`category`](config_command_guide.md#configure-authority-alarm-shelving-shelf-category) | Shelve alarms for this category. | +| `clone` | Clone a list item | +| `delete` | Delete configuration data | +| [`generated`](config_command_guide.md#configure-authority-alarm-shelving-shelf-generated) | Indicates whether or not the Shelf was automatically generated as a result of Alarm Shelf generation. | +| [`match-type`](config_command_guide.md#configure-authority-alarm-shelving-shelf-match-type) | How the individual items in the shelf should be matched in order to trigger the shelving | +| [`message-regex`](config_command_guide.md#configure-authority-alarm-shelving-shelf-message-regex) | Shelve alarms with messages that match this regex. | +| [`name`](config_command_guide.md#configure-authority-alarm-shelving-shelf-name) | A name for the alarm shelf. | +| [`node-name`](config_command_guide.md#configure-authority-alarm-shelving-shelf-node-name) | Shelve alarms from this node. | +| [`node-name-regex`](config_command_guide.md#configure-authority-alarm-shelving-shelf-node-name-regex) | Shelve alarms from nodes that match this regex. | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| [`router-name`](config_command_guide.md#configure-authority-alarm-shelving-shelf-router-name) | Shelve alarms from this router. | +| [`router-name-regex`](config_command_guide.md#configure-authority-alarm-shelving-shelf-router-name-regex) | Shelve alarms from routers that match this regex. | +| [`severity`](config_command_guide.md#configure-authority-alarm-shelving-shelf-severity) | Shelve alarms for this severity. | +| `show` | Show configuration data for 'shelf' | + +#### `applies-to` +The logical group to which this alarm shelf applies. Valid options are: + +- authority - Applies to all routers in the authority. +- router - Router(s) to which the configuration applies. +- router-group - Logical group of router(s) to which the configuration applies. +- resource-group - An RBAC (Resource Based Access Control) management group to which the configuration applies. + +When this field is used, the conductor automatically filters which routers receive the alarm shelf configuration. For instance, if a router-group is specified here, only routers in the router-group receive the alarm-shelf configuration. Only those routers will compare their alarms against the configuration. This prevents sending alarm-filters to every router in the authority, and limits those performance implications. + +Routers specified in the `applies-to` configuration are not used in the comparison operation with an alarm. If a shelf needs to target a specific router, it must be specified using the `router-name` parameter. + +#### `category` +The `category` parameter has the following values: + +- none - A `category` of `none` indicates that `category` will not be considered when evaluating alarms against this shelf. +- extensible-alarm +- system +- process +- interface +- platform +- peer +- base +- node-base +- global-base +- network-interface +- platform-stat +- redundancy +- giid +- asset +- prefix-delegation +- service +- bgp-neighbor +- msdp-neighbor + +#### `match-type` +The `match-type` defines the behavior when multiple dimensions are specified for an alarm shelf: + +- All – All items specified in the shelf must match an alarm to trigger the shelving. +- Any – At least one item specified in the shelf must match an alarm to trigger the shelving. + +#### `message-regex` +The `message-regex` parameter is defined as a regular expression string and allows you to target messages in alarms that may share some commonality. In this way, a single alarm shelf may shelve many alarms. + +#### `name` +The name of the shelf. + +#### `node-name` +The `node-name` is defined as a string, and is intended to match a single node name. + +#### `node-name-regex` +The `node-name-regex` parameter is defined as a regular expression string. It is used to filter node names that may conform to a user defined scheme. In this way, a single alarm shelf may shelve many alarms. + +#### `router-name` +The `router-name` is a string intended to match a single router name. + +#### `router-name-regex` +The `router-name-regex`parameter is a regular expression string. It is used to filter router names that may conform to a user defined scheme. In this way, a single alarm shelf may shelve many alarms. + +#### `severity` +The `severity` parameter has the following values: + +- none - A `severity` of `none` indicates that `severity` will not be considered when evaluating alarms against this shelf. +- info +- minor +- major +- critical + +### Configuration Example - CLI +``` +config authority alarm-shelving shelf test-shelf name test-shelf +config authority alarm-shelving shelf test-shelf category system +config authority alarm-shelving shelf test-shelf severity info +config authority alarm-shelving shelf test-shelf router-name testRouterName +config authority alarm-shelving shelf test-shelf node-name testNodeName +config authority alarm-shelving shelf test-shelf match-type any +``` + +``` +admin@conductor-east-1.RTR_EAST_CONDUCTOR# show alarms shelved +Tue 2024-07-09 14:25:28 UTC +WARNING: Targeting router 'all' may take a long time. Continue anyway? [y/N]: y +✔ Retrieving alarms... + +================================ ===================== ========== ======== =========== =================================== ============ + ID Time Severity Source Category Message Reason +================================ ===================== ========== ======== =========== =================================== ============ + combo-east-1.RTR_EAST_COMBO:30 2024-07-09 14:24:47 INFO INTERFACE Intf 11 (2) administratively down test-shelf + +Completed in 0.02 seconds +``` + +### Configuration Example - GUI + +1. Under Authority Settings, scroll down to Alarm Shelves, and select ADD. + + ![Authority Settings - Alarm Shelves](/img/alarm_suppression_gui1.png) + +2. In the New Shelf window, enter a shelf name and click SAVE. + + ![New Shelf window](/img/alarm_suppression_gui2.png) + +3. Enter the shelf information. + + ![Shelf Basic Information](/img/alarm_suppression_gui3.png) + +4. Under Alarm Shelf Applies To, select ADD. + +5. Select a Service Group Type from the list and click SAVE. + + ![Service Group](/img/alarm_suppression_gui3a.png) + +6. Validate and Commit the changes. + +#### To display the shelved alarms: + +1. From the Dashboard, select the Alarms notification icon. + + ![Dashboard](/img/alarm_suppression_gui4.png) + +2. In the Alarms view, select the Filter icon, and select Shelved from the list. + + ![Alarm Filter List](/img/alarm_suppression_gui5.png) + +3. The shelved alarms list is displayed. Selecting an alarm displays details in the bottom of the window. + + ![Shelved Alarms Display](/img/alarm_suppression_gui6.png) + + diff --git a/docs/config_command_guide.md b/docs/config_command_guide.md index 294e309776..0f7b9b2793 100755 --- a/docs/config_command_guide.md +++ b/docs/config_command_guide.md @@ -12,6 +12,7 @@ Authority configuration is the top-most level in the SSR configuration hierarchy | command | description | | ------- | ----------- | | [`access-management`](#configure-authority-access-management) | Role Based Access Control (RBAC) configuration. | +| [`alarm-shelving`](#configure-authority-alarm-shelving) | Configuration to control alarm shelving behavior. | | [`asset-connection-resiliency`](#configure-authority-asset-connection-resiliency) | Configure Asset Connection Resiliency | | [`backwards-compatible-vrf-bgp-tenants`](#configure-authority-backwards-compatible-vrf-bgp-tenants) | When generating tenant names for VRF BGP over SVR, do not use leading or trailing underscores. This enables backwards compatibility with router versions smaller than 5.1.3 | | [`bgp-service-generation`](#configure-authority-bgp-service-generation) | Configure Bgp Service Generation | @@ -23,7 +24,7 @@ Authority configuration is the top-most level in the SSR configuration hierarchy | `delete` | Delete configuration data | | [`district`](#configure-authority-district) | Districts in the authority. | | [`dscp-map`](#configure-authority-dscp-map) | Configure Dscp Map | -| [`dynamic-hostname`](#configure-authority-dynamic-hostname) | Hostname format for interfaces with dynamic addresses. It is a template with subsitution variables used to generate a unique hostname corresponding to Network Interfaces that have dynamically learned IP addresses. Uses the following substitution variables: \{interface-id\} for Network Interface Global Identifier \{router-name\} for Router Name \{authority-name\} for Authority Name For example, 'interface-\{interface-id\}.\{router-name\}.\{authority-name\}'. | +| [`dynamic-hostname`](#configure-authority-dynamic-hostname) | Hostname format for interfaces with dynamic addresses. It is a template with subsitution variables used to generate a unique hostname corresponding to Network Interfaces that have dynamically learned IP addresses. Uses the following substitution variables: `{interface-id}` for Network Interface Global Identifier, `{router-name}` for Router Name, `{authority-name}` for Authority Name. For example, `interface-\{interface-id\}.\{router-name\}.\{authority-name\}`. | | [`fib-service-match`](#configure-authority-fib-service-match) | When creating FIB entries by matching route updates to service addresses, consider the specified service addresses. | | [`forward-error-correction-profile`](#configure-authority-forward-error-correction-profile) | A profile for Forward Error Correection parameters, describing how often to send parity packets. | | [`icmp-control`](#configure-authority-icmp-control) | Settings for ICMP packet handling | @@ -52,6 +53,7 @@ Authority configuration is the top-most level in the SSR configuration hierarchy | [`session-recovery-detection`](#configure-authority-session-recovery-detection) | Configure Session Recovery Detection | | [`session-type`](#configure-authority-session-type) | Type of session classification based on protocol and port, and associates it with a default class of service. | | `show` | Show configuration data for 'authority' | +| [`software-access`](#configure-authority-software-access) | Configuration for SSR software access for the authority. Supported on managed assets only. | | [`software-update`](#configure-authority-software-update) | Configure Software Update | | [`step`](#configure-authority-step) | Configure Step | | [`step-repo`](#configure-authority-step-repo) | List of Service and Topology Exchange Protocol repositories. | @@ -130,9 +132,10 @@ configure authority access-management role capability [] A value from a set of predefined names. Options: -- `config-read`: Configuration Read Capability -- `config-write`: Configuration Write Capability -- `provisioning`: Asset Provisioning Capability + +- config-read: Configuration Read Capability +- config-write: Configuration Write Capability +- provisioning: Asset Provisioning Capability ## `configure authority access-management role description` @@ -182,7 +185,7 @@ configure authority access-management role exclude-resource ## `configure authority access-management role exclude-resource id` -Configure Id +Configure ID #### Usage @@ -208,7 +211,7 @@ an asterisk, or a path that contains only valid yang names and list-keys separated by forward-slashes and optionally followed by a forward-slash and an asterisk. -Example: 128t:/authority/router/MyRouter/* +Example: SSR:/authority/router/MyRouter/* ## `configure authority access-management role name` @@ -283,7 +286,7 @@ configure authority access-management role resource generated [] A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority access-management role resource id` @@ -313,7 +316,7 @@ an asterisk, or a path that contains only valid yang names and list-keys separated by forward-slashes and optionally followed by a forward-slash and an asterisk. -Example: 128t:/authority/router/MyRouter/* +Example: SSR:/authority/router/MyRouter/* ## `configure authority access-management role resource-group` @@ -378,18 +381,450 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) uint64 +##### (0) uint64 An unsigned 64-bit integer. Range: 1-18446744073709551615 -###### (1) enumeration +##### (1) enumeration + +A value from a set of predefined names. + +Options: +never Never expire + +## `configure authority alarm-shelving` + +Configuration to control alarm shelving behavior. + +##### Subcommands + +| command | description | +| ------- | ----------- | +| `clone` | Clone a list item | +| `delete` | Delete configuration data | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| [`shelf`](#configure-authority-alarm-shelving-shelf) | Shelf configuration and criteria for classifying alarms as shelved. | +| `show` | Show configuration data for 'alarm-shelving' | + +## `configure authority alarm-shelving shelf` + +Shelf configuration and criteria for classifying alarms as shelved. + +#### Usage + +``` +configure authority alarm-shelving shelf +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| name | An arbitrary name for the alarm shelf. | + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [`applies-to`](#configure-authority-alarm-shelving-shelf-applies-to) | Logical group to which a configuration element applies | +| [`category`](#configure-authority-alarm-shelving-shelf-category) | Shelve alarms for this category. | +| `clone` | Clone a list item | +| `delete` | Delete configuration data | +| [`generated`](#configure-authority-alarm-shelving-shelf-generated) | Indicates whether or not the Shelf was automatically generated as a result of Alarm Shelf generation. | +| [`match-type`](#configure-authority-alarm-shelving-shelf-match-type) | How the individual items in the shelf should be matched in order to trigger the shelving | +| [`message-regex`](#configure-authority-alarm-shelving-shelf-message-regex) | Shelve alarms with messages that match this regex. | +| [`name`](#configure-authority-alarm-shelving-shelf-name) | An arbitrary name for the alarm shelf. | +| [`node-name`](#configure-authority-alarm-shelving-shelf-node-name) | Shelve alarms from this node. | +| [`node-name-regex`](#configure-authority-alarm-shelving-shelf-node-name-regex) | Shelve alarms from nodes that match this regex. | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| [`router-name`](#configure-authority-alarm-shelving-shelf-router-name) | Shelve alarms from this router. | +| [`router-name-regex`](#configure-authority-alarm-shelving-shelf-router-name-regex) | Shelve alarms from routers that match this regex. | +| [`severity`](#configure-authority-alarm-shelving-shelf-severity) | Shelve alarms for this severity. | +| `show` | Show configuration data for 'shelf' | + +## `configure authority alarm-shelving shelf applies-to` + +Logical group to which a configuration element applies + +#### Usage + +``` +configure authority alarm-shelving shelf applies-to +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| type | Type of group to which the configuration applies. | + +##### Subcommands + +| command | description | +| ------- | ----------- | +| `delete` | Delete configuration data | +| [`group-name`](#configure-authority-alarm-shelving-shelf-applies-to-group-name) | Name of the router-group to which this configuration applies. | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| [`resource-group`](#configure-authority-alarm-shelving-shelf-applies-to-resource-group) | Name of the resource-group to which this configuration applies. | +| [`router-name`](#configure-authority-alarm-shelving-shelf-applies-to-router-name) | Name of the router to which this configuration applies. | +| `show` | Show configuration data for 'applies-to' | +| [`type`](#configure-authority-alarm-shelving-shelf-applies-to-type) | Type of group to which the configuration applies. | + +## `configure authority alarm-shelving shelf applies-to group-name` + +Name of the router-group to which this configuration applies. + +#### Usage + +``` +configure authority alarm-shelving shelf applies-to group-name [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| leafref | Value to add to this list | + +#### Description + +##### leafref + +A reference to an existing value in the instance data. + +## `configure authority alarm-shelving shelf applies-to resource-group` + +Name of the resource-group to which this configuration applies. + +#### Usage + +``` +configure authority alarm-shelving shelf applies-to resource-group [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| resource-group-ref | Value to add to this list | + +#### Description + +##### resource-group-ref (leafref) + +This type is used by other entities that need to reference configured resource groups. + +## `configure authority alarm-shelving shelf applies-to router-name` + +Name of the router to which this configuration applies. + +#### Usage + +``` +configure authority alarm-shelving shelf applies-to router-name [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| leafref | Value to add to this list | + +#### Description + +##### leafref + +A reference to an existing value in the instance data. + +## `configure authority alarm-shelving shelf applies-to type` + +Type of group to which the configuration applies. + +#### Usage + +``` +configure authority alarm-shelving shelf applies-to type [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| enumeration | The value to set for this field | + +#### Description + +##### enumeration + +A value from a set of predefined names. + +Options: +authority Applies to all routers in the authority. +router Router(s) to which the configuration applies. +router-group Logical group of router(s) to which the configuration applies. +resource-group An RBAC management group to which the configuration applies + +## `configure authority alarm-shelving shelf category` + +Shelve alarms for this category. + +#### Usage + +``` +configure authority alarm-shelving shelf category [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| enumeration | The value to set for this field | + +#### Description + +Default: none + +##### enumeration + +A value from a set of predefined names. + +Options: +none A Category of "none" indicates that Category will not be considered when evaluating alarms against this shelf +extensible-alarm Shelve alarms with a category of "extensible-alarm" +system Shelve alarms with a category of "system" +process Shelve alarms with a category of "process" +interface Shelve alarms with a category of "interface" +platform Shelve alarms with a category of "platform" +peer Shelve alarms with a category of "peer" +base Shelve alarms with a category of "base" +node-base Shelve alarms with a category of "node-base" +global-base Shelve alarms with a category of "global-base" +network-interface Shelve alarms with a category of "network-interface" +platform-stat Shelve alarms with a category of "platform-stat" +redundancy Shelve alarms with a category of "redundancy" +giid Shelve alarms with a category of "giid" +asset Shelve alarms with a category of "asset" +prefix-delegation Shelve alarms with a category of "prefix-delegation" +service Shelve alarms with a category of "service" +bgp-neighbor Shelve alarms with a category of "bgp-neighbor" +msdp-neighbor Shelve alarms with a category of "msdp-neighbor" + +## `configure authority alarm-shelving shelf generated` + +Indicates whether or not the Shelf was automatically generated as a result of Alarm Shelf generation. + +#### Usage + +``` +configure authority alarm-shelving shelf generated [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| boolean | The value to set for this field | + +#### Description + +##### boolean + +A true or false value. + +Options: true or false + +## `configure authority alarm-shelving shelf match-type` + +How the individual items in the shelf should be matched in order to trigger the shelving + +#### Usage + +``` +configure authority alarm-shelving shelf match-type [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| enumeration | The value to set for this field | + +#### Description + +Default: all + +##### enumeration A value from a set of predefined names. Options: -- `never`: Never expire +all All items in the shelf must match an alarm in order to trigger the shelving. +any At least one item in the shelf must match an alarm in order to trigger the shelving + +## `configure authority alarm-shelving shelf message-regex` + +Shelve alarms with messages that match this regex. + +#### Usage + +``` +configure authority alarm-shelving shelf message-regex [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| regex | The value to set for this field | + +#### Description + +##### regex (string) + +A regular expression (regex) type. + +## `configure authority alarm-shelving shelf name` + +An arbitrary name for the alarm shelf. + +#### Usage + +``` +configure authority alarm-shelving shelf name [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| string | The value to set for this field | + +#### Description + +##### string + +A text value. + +## `configure authority alarm-shelving shelf node-name` + +Shelve alarms from this node. + +#### Usage + +``` +configure authority alarm-shelving shelf node-name [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| string | The value to set for this field | + +#### Description + +##### string + +A text value. + +## `configure authority alarm-shelving shelf node-name-regex` + +Shelve alarms from nodes that match this regex. + +#### Usage + +``` +configure authority alarm-shelving shelf node-name-regex [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| regex | The value to set for this field | + +#### Description + +##### regex (string) + +A regular expression (regex) type. + +## `configure authority alarm-shelving shelf router-name` + +Shelve alarms from this router. + +#### Usage + +``` +configure authority alarm-shelving shelf router-name [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| string | The value to set for this field | + +#### Description + +##### string + +A text value. + +## `configure authority alarm-shelving shelf router-name-regex` + +Shelve alarms from routers that match this regex. + +#### Usage + +``` +configure authority alarm-shelving shelf router-name-regex [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| regex | The value to set for this field | + +#### Description + +##### regex (string) + +A regular expression (regex) type. + +## `configure authority alarm-shelving shelf severity` + +Shelve alarms for this severity. + +#### Usage + +``` +configure authority alarm-shelving shelf severity [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| enumeration | The value to set for this field | + +#### Description + +Default: none + +##### enumeration + +A value from a set of predefined names. + +Options: +info Shelve alarms with a severity level of "info" +minor Shelve alarms with a severity level of "minor" +major Shelve alarms with a severity level of "major" +critical Shelve alarms with a severity level of "critical" +none A Severity of "none" indicates that Severity will not be considered when evaluating alarms against this shelf ## `configure authority asset-connection-resiliency` @@ -429,7 +864,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority asset-connection-resiliency ssh-only` @@ -447,6 +882,16 @@ configure authority asset-connection-resiliency ssh-only [] | ---- | ----------- | | boolean | The value to set for this field | +#### Description + +Default: false + +##### boolean + +A true or false value. + +Options: true or false + ## `configure authority backwards-compatible-vrf-bgp-tenants` When generating tenant names for VRF BGP over SVR, do not use leading or trailing underscores. This enables backwards compatibility with router versions smaller than 5.1.3 @@ -471,7 +916,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority bgp-service-generation` @@ -512,7 +957,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority bgp-service-generation security-policy` @@ -641,6 +1086,7 @@ configure authority client-certificate | [`name`](#configure-authority-client-certificate-name) | An identifier for the client certificate. | | `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | | `show` | Show configuration data for 'client-certificate' | +| [`validation-mode`](#configure-authority-client-certificate-validation-mode) | Client certificate validation mode. | ## `configure authority client-certificate content` @@ -689,6 +1135,32 @@ A string identifier which only uses alphanumerics, underscores, or dashes, and c Must contain only alphanumeric characters or any of the following: _ - Length: 0-63 +## `configure authority client-certificate validation-mode` + +Client certificate validation mode. + +#### Usage + +``` +configure authority client-certificate validation-mode [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| certificate-validation-mode | The value to set for this field | + +#### Description + +##### certificate-validation-mode (enumeration) + +Sets the mode of certificate validation + +Options: +strict Reject insecure certificates during import. +warn Warn when importing insecure certificates + ## `configure authority conductor-address` IP address or FQDN of the conductor @@ -713,13 +1185,13 @@ The host type represents either an IPv4 address or a DNS domain name. Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) domain-name (string) +##### (1) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -1160,6 +1632,7 @@ configure authority dscp-map dscp-traffic-class traffic-class [] Predefined policies for intrusion detection actions. Options: + - alert: A policy that only alerts. - standard: The standard blocking and alerting policy. - strict: A strict blocking and alerting policy. @@ -1621,7 +2099,7 @@ The ip-prefix type represents an IP prefix and is IP version neutral. The format Must be one of the following types: -###### (0) ipv4-prefix (string) +##### (0) ipv4-prefix (string) The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -1635,7 +2113,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string) +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -1684,7 +2162,7 @@ The ip-prefix type represents an IP prefix and is IP version neutral. The format Must be one of the following types: -###### (0) ipv4-prefix (string) +##### (0) ipv4-prefix (string) The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -1698,7 +2176,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string) +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -1746,6 +2224,7 @@ configure authority idp-profile rule match severities [] Severity levels for IDP rules. Options: + - minor: Filter minor or higher vulnerabilities. - major: Filter major or higher vulnerabilities. - critical: Filter only critical vulnerabilities. @@ -1773,6 +2252,7 @@ configure authority idp-profile rule match severity [] Severity levels for IDP rules. Options: + - minor: Filter minor or higher vulnerabilities. - major: Filter major or higher vulnerabilities. - critical: Filter only critical vulnerabilities. @@ -1861,6 +2341,7 @@ configure authority idp-profile rule outcome action [] A value from a set of predefined names. Options: + - alert: Alert only. - drop: Drop session. - close-tcp-connection: Close TCP Connection. @@ -1888,6 +2369,7 @@ configure authority idp-profile rule outcome severity [] Severity levels for IDP rules. Options: + - minor: Filter minor or higher vulnerabilities. - major: Filter major or higher vulnerabilities. - critical: Filter only critical vulnerabilities. @@ -1977,7 +2459,7 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) (required) +##### (0) ip-address (union) (required) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. @@ -2004,10 +2486,9 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. -###### (1) domain-name (string) (required) +##### (1) domain-name (string) (required) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -2123,6 +2604,7 @@ Default: tcp Transport (Layer 4) protocol. Options: + - tcp: Transmission Control Protocol. - udp: User Datagram Protocol. @@ -2174,18 +2656,19 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) decimal64 +##### (0) decimal64 A 64-bit decimal value. Range: 0-100 Fraction digits: 16 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: + - dynamic: Dynamically determine sampling based on data volume. ## `configure authority ipfix-collector template-refresh-interval` @@ -2277,6 +2760,7 @@ Default: allow-all A value from a set of predefined names. Options: + - allow-all: Allow all packets that contain options headers. - drop-all: Drop all packets that contain options headers except for those defined in the exclusion list. @@ -2377,7 +2861,7 @@ The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) (required): +##### (1) ipv6-address (string) (required) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -2392,10 +2876,9 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. -###### (1) domain-name (string) (required) +##### (2) domain-name (string) (required) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -2459,7 +2942,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority ldap-server bind-type` @@ -2486,6 +2969,7 @@ Default: anonymous A value from a set of predefined names. Options: + - anonymous: Bind to this server anonymously. - unauthenticated: Bind to this server with a distinguished name only. - password: Bind to this server with a distinguished name and password. @@ -2515,6 +2999,7 @@ Default: strong A value from a set of predefined names. Options: + - weak: Do not request or check any server certificates. - mild: Ignore invalid or missing certificates but check for hostname - moderate: Terminate on invalid certificate but ignore missing certificates. @@ -2643,17 +3128,18 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) l4-port (uint16) +##### (0) l4-port (uint16) Transport (layer 4) port number. Range: 0-65535 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: + - server-type-default: Use the default based on server-type. ## `configure authority ldap-server resource-group` @@ -2727,6 +3213,7 @@ Default: ldaps A value from a set of predefined names. Options: + - starttls: Connect to this server using STARTTLS. Default port is 389. - ldaps: Connect to this server via LDAPS. Default port is 636. - global-catalog: Connect to this server as an Active Directory Global Catalog. Default port is 3269. @@ -2816,6 +3303,7 @@ Default: paths-as-next-hop A value from a set of predefined names. Options: + - paths-as-next-hop: Generate paths on a node as next-hops - paths-as-service-route: Generate paths on a node as service-route @@ -3460,7 +3948,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority performance-monitoring-profile name` @@ -3533,9 +4021,12 @@ configure authority radius-server | [`address`](#configure-authority-radius-server-address) | The IP address or FQDN of the Radius server. | | `delete` | Delete configuration data | | [`name`](#configure-authority-radius-server-name) | The name of the Radius server. | +| [`ocsp`](#configure-authority-radius-server-ocsp) | Whether to check the revocation status of the Radius server's certificate. | | `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | | [`port`](#configure-authority-radius-server-port) | The port number Radius server listens on. | +| [`protocol`](#configure-authority-radius-server-protocol) | Use TLS or UDP protocol to communicate with Radius server. | | [`secret`](#configure-authority-radius-server-secret) | The secret key to bind to the Radius server. | +| [`server-name`](#configure-authority-radius-server-server-name) | Hostname of the Radius server. | | `show` | Show configuration data for 'radius-server' | | [`timeout`](#configure-authority-radius-server-timeout) | Radius Request Timeout. | @@ -3553,7 +4044,20 @@ configure authority radius-server account-creation [] | name | description | | ---- | ----------- | -| manual or automatic | Manual is the default value, requires the user to be created using `create-user`. Automatic allows remote users that exist only in Radius to connect to the device without needing a local account. | +| enumeration | The value to set for this field | + +#### Description + +Default: manual + +##### enumeration + +A value from a set of predefined names. + +Options: + +- manual: Accounts must be created locally on the Router or Conductor before a user can log in. +- automatic: Create accounts automatically on first time login. The Radius server must contain the Vendor Specific Attribute (VSA) 'Juniper-Local-User-Name' set to the role that the user will be assigned. The role must be prefixed with 'SSR-', so to assign the user the admin role the VSA key would be set to 'SSR-admin'. ## `configure authority radius-server address` @@ -3579,7 +4083,7 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) (required) +##### (0) ip-address (union) (required) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. @@ -3591,7 +4095,7 @@ The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) (required): +##### (1) ipv6-address (string) (required) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -3606,10 +4110,9 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. -###### (1) domain-name (string) (required) +##### (2) domain-name (string) (required) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -3674,6 +4177,32 @@ A string identifier which only uses alphanumerics, underscores, or dashes, and c Must contain only alphanumeric characters or any of the following: _ - Length: 0-63 +## `configure authority radius-server ocsp` + +Whether to check the revocation status of the Radius server's certificate. + +#### Usage + +``` +configure authority radius-server ocsp [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| ocsp | The value to set for this field | + +#### Description + +##### ocsp (enumeration) + +Whether to check the revocation status of a server's certificate. + +Options: +strict Require a successful OCSP check in order to establish a connection. +off Do not check revocation status of the server certificate. + ## `configure authority radius-server port` The port number Radius server listens on. @@ -3710,6 +4239,34 @@ to the InetPortNumber textual convention of the SMIv2. Range: 0-65535 +## `configure authority radius-server protocol` + +Use TLS or UDP protocol to communicate with Radius server. + +#### Usage + +``` +configure authority radius-server protocol [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| enumeration | The value to set for this field | + +#### Description + +Default: udp + +##### enumeration + +A value from a set of predefined names. + +Options: +udp Use UDP protocol to communicate with Radius server. +tls Use TLS over TCP protocol to communicate with Radius server. + ## `configure authority radius-server secret` The secret key to bind to the Radius server. @@ -3734,6 +4291,28 @@ A text value. Length: 1-16 +## `configure authority radius-server server-name` + +Hostname of the Radius server. + +#### Usage + +``` +configure authority radius-server server-name [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| string | The value to set for this field | + +#### Description + +##### string + +A text value. + ## `configure authority radius-server timeout` Radius Request Timeout. @@ -3790,17 +4369,18 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) uint32 +##### (0) uint32 An unsigned 32-bit integer. Range: 1-720 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: + - never: Never regenerate security keys ## `configure authority remote-login` @@ -3840,7 +4420,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority resource-group` @@ -4091,7 +4671,8 @@ configure authority router application-identification auto-update day-of-week [< A value from a set of predefined names. Options: -- sun: Download each Sunday + +- sun: Download each Sunday - mon: Download each Monday - tue: Download each Tuesday - wed: Download each Wednesday @@ -4123,7 +4704,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router application-identification auto-update update-frequency` @@ -4150,6 +4731,7 @@ Default: weekly A value from a set of predefined names. Options: + - daily: Download each day - weekly: Download each week - monthly: Download each month @@ -4253,6 +4835,7 @@ configure authority router application-identification mode [] A value from a set of predefined names. Options: + - module: Learn application via modules. - tls: Learn application via TLS server name parsing. - http: Learn application via HTTP host name parsing. @@ -4282,7 +4865,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router application-identification summary-retention` @@ -4348,7 +4931,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router application-identification summary-tracking` @@ -4374,7 +4957,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router application-identification use-application-director-in-memory-db` @@ -4400,7 +4983,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router application-identification web-filtering` @@ -4536,7 +5119,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router application-identification web-filtering max-retransmission-attempts-before-allow` @@ -4640,7 +5223,8 @@ Default: sha256 A value from a set of predefined names. Options: -- simple: Simple Password + +- simple: Simple Password. - sha256: SHA256 ## `configure authority router bfd desired-tx-interval` @@ -4722,6 +5306,7 @@ Default: disabled A value from a set of predefined names. Options: + - enabled: Extend hold-down time exponentially if link flaps occur during hold-down time. - disabled: Use simple hold-down timer for every link up event. @@ -4914,6 +5499,7 @@ Default: enabled A value from a set of predefined names. Options: + - enabled: BFD is enabled on all nodes of this router. - disabled: BFD is disabled on all nodes of this router. @@ -4941,13 +5527,13 @@ The host type represents either an IPv4 address or a DNS domain name. Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) domain-name (string) +##### (1) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -5236,19 +5822,21 @@ configure authority router dns-config address [] #### Description +The order of elements matters. + ##### ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -5288,10 +5876,10 @@ configure authority router dns-config mode [] A value from a set of predefined names. Options: + - static: Static list of DNS nameservers - automatic: Populate DNS nameservers from learned sources - ## `configure authority router entitlement` Project configuration for entitlement reporting. @@ -5405,17 +5993,18 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) uint32 +##### (0) uint32 An unsigned 32-bit integer. Range: 100-4294967295 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: + - unlimited: No limit on this value ## `configure authority router icmp-probe-profile` @@ -5521,13 +6110,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) (required) +##### (0) ipv4-address (string) (required) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) (required) +##### (1) ipv6-address (string) (required) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -5597,6 +6186,7 @@ Default: any A value from a set of predefined names. Options: + - any: Failure to ping any probe-address brings state down. - all: Failure to ping all probe-addresses brings state down. @@ -5774,7 +6364,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router idp mode` @@ -5801,6 +6391,7 @@ Default: auto A value from a set of predefined names. Options: + - auto: Automatically toggle IDP based on idp-policies - disabled: Disable IDP - spoke: Enable spoke mode for IDP @@ -5896,7 +6487,7 @@ configure authority router maintenance-mode [] A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router management-service-generation` @@ -5937,7 +6528,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router management-service-generation service-policy` @@ -5986,6 +6577,7 @@ Default: paths-as-next-hop A value from a set of predefined names. Options: + - paths-as-next-hop: Generate paths on a node as next-hops - paths-as-service-route: Generate paths on a node as service-route @@ -6038,7 +6630,7 @@ configure authority router name [] #### Description :::warning -A restart is required if the name is created or deleted +A restart is required if name is created or deleted ::: ##### reserved-name-id (string) @@ -6103,6 +6695,10 @@ configure authority router nat-pool address-pool

| `show` | Show configuration data for 'address-pool' | | [`tenant-name`](#configure-authority-router-nat-pool-address-pool-tenant-name) | Tenant for which this nat pool is applied | +#### Description + +The order of elements matters. + ## `configure authority router nat-pool address-pool address` IP Prefix for the pool of NAT ports. @@ -6191,8 +6787,9 @@ Default: static A value from a set of predefined names. Options: + - static: Static IP assignment per endpoint -- dynamic: Dynamic IP & port assignment per session +- dynamic: Dynamic IP port assignment per session ## `configure authority router nat-pool address-pool tenant-name` @@ -6284,7 +6881,8 @@ configure authority router node | [`session-processor-mode`](#configure-authority-router-node-session-processor-mode) | The method by which the number of threads used for session processing should be determined. | | [`session-setup-scaling`](#configure-authority-router-node-session-setup-scaling) | Whether or not to enable session setup scaling. | | `show` | Show configuration data for 'node' | -| [`ssh-keepalive`](#configure-authority-router-node-ssh-keepalive) | Configure Ssh Keepalive | +| [`ssh-keepalive`](#configure-authority-router-node-ssh-keepalive) | Configure SSH Keepalive | +| [`ssh-settings`](#configure-authority-router-node-ssh-settings) | Configure SSH Settings | | [`top-sessions`](#configure-authority-router-node-top-sessions) | Views of top sessions by an ordering criteria. | ## `configure authority router node asset-id` @@ -6335,7 +6933,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node description` @@ -6422,10 +7020,66 @@ Configure Bond Settings | command | description | | ------- | ----------- | | `delete` | Delete configuration data | +| [`force-up`](#configure-authority-router-node-device-interface-bond-settings-force-up) | Force up when not receiving partner LACP PDUs. | +| [`force-up-timeout`](#configure-authority-router-node-device-interface-bond-settings-force-up-timeout) | Number of seconds before switching to force-up LACP mode. | | [`lacp-enable`](#configure-authority-router-node-device-interface-bond-settings-lacp-enable) | Use 802.3ad LACP protocol for the Bond. | | `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | | `show` | Show configuration data for 'bond-settings' | +## `configure authority router node device-interface bond-settings force-up` + +Force up when not receiving partner LACP PDUs. + +#### Usage + +``` +configure authority router node device-interface bond-settings force-up [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| boolean | The value to set for this field | + +#### Description + +Default: false + +##### boolean + +A true or false value. + +Options: true or false + +## `configure authority router node device-interface bond-settings force-up-timeout` + +Number of seconds before switching to force-up LACP mode. + +#### Usage + +``` +configure authority router node device-interface bond-settings force-up-timeout [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| uint8 | The value to set for this field | + +#### Description + +Units: seconds + +Default: 90 + +##### uint8 + +An unsigned 8-bit integer. + +Range: 1-100 + ## `configure authority router node device-interface bond-settings lacp-enable` Use 802.3ad LACP protocol for the Bond. @@ -6450,7 +7104,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface bridge-name` @@ -6545,7 +7199,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface forwarding` @@ -6571,7 +7225,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface interface-name` @@ -6620,6 +7274,7 @@ Default: auto A value from a set of predefined names. Options: + - auto: Use auto-negotation for the Ethernet link - 10Mbps-half: Force the Ethernet link to 10 Mbps half duplex - 10Mbps-full: Force the Ethernet link to 10 Mbps full duplex @@ -6694,7 +7349,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface lldp hold-multiplier` @@ -6751,6 +7406,7 @@ Default: disabled A value from a set of predefined names. Options: + - disabled: Disable LLDP - receive-only: Receive and process incoming LLDP packets - enabled: Enable sending and receiving LLDP packets @@ -6900,6 +7556,7 @@ configure authority router node device-interface lte authentication authenticati A value from a set of predefined names. Options: + - chap: Challenge-Handshake Authentication Protocol. - pap: Password Authentication Protocol. @@ -6973,15 +7630,16 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) enumeration +##### (0) enumeration A value from a set of predefined names. Options: + - none: Leave the current image alone. - auto: Automatically set the image to match the carrier network. -###### (1) string +##### (1) string A text value. @@ -7048,6 +7706,7 @@ configure authority router node device-interface network-interface | [`dhcp-reconfig-auth-algorithm`](#configure-authority-router-node-device-interface-network-interface-dhcp-reconfig-auth-algorithm) | The algorithm used by the Reconfigure Key authentication protocol to authenticate prefix-delegation messages. | | [`dscp-map`](#configure-authority-router-node-device-interface-network-interface-dscp-map) | Mapping of DSCP values to priorities. | | [`dscp-steering`](#configure-authority-router-node-device-interface-network-interface-dscp-steering) | Configure Dscp Steering | +| [`dynamic-source-nat`](#configure-authority-router-node-device-interface-network-interface-dynamic-source-nat) | Defines the prefixes that need to be dynamically source natted for packets ingressing this interface. | | [`egress-source-nat-pool`](#configure-authority-router-node-device-interface-network-interface-egress-source-nat-pool) | Indicates whether source address and port translation (NAPT) is performed for flows egressing the interface to the final destination. | | [`enforced-mss`](#configure-authority-router-node-device-interface-network-interface-enforced-mss) | Maximum allowed value for maximum segment size (MSS) on this interface. | | [`ethernet-over-svr`](#configure-authority-router-node-device-interface-network-interface-ethernet-over-svr) | L2 Bridge this network interface is assigned to. | @@ -7085,9 +7744,11 @@ configure authority router node device-interface network-interface | [`source-nat`](#configure-authority-router-node-device-interface-network-interface-source-nat) | Indicates whether source address and port translation (NAPT) is performed for flows egressing the interface to the final destination. | | [`tenant`](#configure-authority-router-node-device-interface-network-interface-tenant) | Tenant to which this interface belongs. | | [`tenant-prefixes`](#configure-authority-router-node-device-interface-network-interface-tenant-prefixes) | Tenant to source prefix mapping. | +| [`traffic-engineering`](#configure-authority-router-node-device-interface-network-interface-traffic-engineering) | Configure Traffic Engineering | | [`tunnel`](#configure-authority-router-node-device-interface-network-interface-tunnel) | Configure Tunnel | | [`type`](#configure-authority-router-node-device-interface-network-interface-type) | Type of network that the interface is connected to. Type is fabric for inter-node traffic, external for regular traffic, and shared for both fabric and external. | | [`vlan`](#configure-authority-router-node-device-interface-network-interface-vlan) | The VLAN id for the interface (0 for no VLAN, otherwise 1-4094). | +| [`vrrp`](#configure-authority-router-node-device-interface-network-interface-vrrp) | Configure VRRP | ## `configure authority router node device-interface network-interface address` @@ -7145,13 +7806,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -7255,6 +7916,7 @@ Default: allow Enumeration defining whether access is allowed or denied. Options: + - allow: Allow access. - deny: Deny access. @@ -7282,7 +7944,7 @@ A source address prefix, QSN, service-group or combination of tenant-name and pr Must be one of the following types: -###### (0) ip-prefix (union) +##### (0) ip-prefix (union) The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version. @@ -7302,7 +7964,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string): +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -7327,7 +7989,7 @@ replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -###### (1) qsn (string) +##### (2) qsn (string) Qualified Service Name in the form: tenant[.authority][/[service-group/]service] @@ -7335,7 +7997,7 @@ Must contain only alphanumeric characters or any of the following: / . _ - Required format: 'Tenant[.Authority[/ServiceGroup[/Service]]]'. No forward slash-delimited segment can exceed 62 characters.(e.g., Engineering.Authority128/Video/private_conferencing). Length: 1-1024 -###### (2) service-spec (string) +##### (3) service-spec (string) Service group and service name portion of a Qualified Service Name. @@ -7343,7 +8005,7 @@ Must contain only alphanumeric characters or any of the following: - _ / . Required format: '/groupLabel1[/groupLabel2[/groupLabel3...]]'. No forward slash-delimited segment can exceed 62 characters. Length: 0-127 -###### (3) tenant-prefix (string) +##### (4) tenant-prefix (string) A string identifier for a tenant prefix. Consists of a valid tenant name, followed by @ and a valid IP Address. @@ -7492,38 +8154,15 @@ Default: string A value from a set of predefined names. Options: -- string -- uint8 -- uint16 -- uint32 -- boolean -- ipv4-address -- int32 -- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. -## `configure authority router node device-interface network-interface address host-service address-pool custom move value` - -The value(s) of custom option to be provided to clients. - -#### Usage - -``` -configure authority router node device-interface network-interface address host-service address-pool custom move value [force] [] -``` - -##### Keyword Arguments - -| name | description | -| ---- | ----------- | -| force | Skip confirmation prompt | - -##### Positional Arguments - -| name | description | -| ---- | ----------- | -| value | Value to move | -| position | first \| last \| before \| after | -| relative-to | Value before or after which to move | +- string: +- uint8: +- uint16: +- uint32: +- boolean: +- ipv4-address: +- int32: +- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. ## `configure authority router node device-interface network-interface address host-service address-pool custom quantity` @@ -7550,8 +8189,9 @@ Default: singular A value from a set of predefined names. Options: -- singular -- array + +- singular: +- array: ## `configure authority router node device-interface network-interface address host-service address-pool custom value` @@ -7571,6 +8211,8 @@ configure authority router node device-interface network-interface address host- #### Description +The order of elements matters. + ##### string (required) A text value. @@ -7615,19 +8257,21 @@ configure authority router node device-interface network-interface address host- #### Description +The order of elements matters. + ##### ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -7668,13 +8312,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -7706,6 +8350,7 @@ configure authority router node device-interface network-interface address host- | name | description | | ---- | ----------- | | uint16 | The value to set for this field | + #### Description ##### uint16 @@ -7740,13 +8385,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -7789,13 +8434,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -7838,13 +8483,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -7887,13 +8532,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -7934,13 +8579,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -8024,13 +8669,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -8192,14 +8837,15 @@ Default: string A value from a set of predefined names. Options: -- string -- uint8 -- uint16 -- uint32 -- boolean -- ipv4-address -- int32 -- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. + +- string: +- uint8: +- uint16: +- uint32: +- boolean: +- ipv4-address: +- int32: +- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. ## `configure authority router node device-interface network-interface address host-service address-pool static-assignment custom quantity` @@ -8226,8 +8872,9 @@ Default: singular A value from a set of predefined names. Options: -- singular -- array + +- singular: +- array: ## `configure authority router node device-interface network-interface address host-service address-pool static-assignment custom value` @@ -8247,6 +8894,8 @@ configure authority router node device-interface network-interface address host- #### Description +The order of elements matters. + ##### string (required) A text value. @@ -8321,13 +8970,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -8420,13 +9069,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -8469,13 +9118,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -8518,13 +9167,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -8567,13 +9216,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -8640,13 +9289,13 @@ A non-default IPv4 or IPv6 address Must be one of the following types: -###### (0) non-default-ipv4-address (string) +##### (0) non-default-ipv4-address (string) A non-default IPv4 address Must be a valid IPv4 address. -###### (1) non-default-ipv6-address (string) +##### (1) non-default-ipv6-address (string) A non-default IPv6 address @@ -8676,13 +9325,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) (required) +##### (0) ipv4-address (string) (required) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) (required) +##### (1) ipv6-address (string) (required) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -8824,14 +9473,15 @@ Default: string A value from a set of predefined names. Options: -- string -- uint8 -- uint16 -- uint32 -- boolean -- ipv4-address -- int32 -- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. + +- string: +- uint8: +- uint16: +- uint32: +- boolean: +- ipv4-address: +- int32: +- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. ## `configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information enterprise-number` @@ -8849,6 +9499,12 @@ configure authority router node device-interface network-interface address host- | ---- | ----------- | | uint32 | The value to set for this field | +#### Description + +##### uint32 (required) + +An unsigned 32-bit integer. + ## `configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information quantity` The allowed quantity of the custom option values. @@ -8874,8 +9530,9 @@ Default: singular A value from a set of predefined names. Options: -- singular -- array + +- singular: +- array: ## `configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information value` @@ -9002,14 +9659,15 @@ Default: string A value from a set of predefined names. Options: -- string -- uint8 -- uint16 -- uint32 -- boolean -- ipv4-address -- int32 -- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. + +- string: +- uint8: +- uint16: +- uint32: +- boolean: +- ipv4-address: +- int32: +- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and ' ## `configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information quantity` @@ -9113,13 +9771,13 @@ A non-default IPv4 or IPv6 address Must be one of the following types: -###### (0) non-default-ipv4-address (string) +##### (0) non-default-ipv4-address (string) A non-default IPv4 address Must be a valid IPv4 address. -###### (1) non-default-ipv6-address (string) +##### (1) non-default-ipv6-address (string) A non-default IPv6 address @@ -9149,13 +9807,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) (required) +##### (0) ipv4-address (string) (required) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) (required) +##### (1) ipv6-address (string) (required) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -9297,6 +9955,7 @@ Default: string A value from a set of predefined names. Options: + - string - uint8 - uint16 @@ -9306,6 +9965,7 @@ Options: - int32 - binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. + ## `configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information enterprise-number` The vendor's registered 32-bit Enterprise Number as registered with IANA. @@ -9353,8 +10013,9 @@ Default: singular A value from a set of predefined names. Options: -- singular -- array + +- singular: +- array: ## `configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information value` @@ -9373,6 +10034,7 @@ configure authority router node device-interface network-interface address host- | string | Value to add to this list | #### Description + The order of elements matters. ##### string (required) @@ -9480,14 +10142,15 @@ Default: string A value from a set of predefined names. Options: -- string -- uint8 -- uint16 -- uint32 -- boolean -- ipv4-address -- int32 -- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. + +- string: +- uint8: +- uint16: +- uint32: +- boolean: +- ipv4-address: +- int32: +- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. ## `configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information quantity` @@ -9514,8 +10177,9 @@ Default: singular A value from a set of predefined names. Options: -- singular -- array + +- singular: +- array: ## `configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information value` @@ -9565,7 +10229,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface address host-service description` @@ -9613,7 +10277,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface address host-service enabled` @@ -9639,7 +10303,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface address host-service max-lease-time` @@ -9712,12 +10376,13 @@ configure authority router node device-interface network-interface address host- A value from a set of predefined names. Options: + - ssh: SSH Hosted service. - netconf: Netconf service. - web: Web service. - dhcp-server: DHCP server service. - snmp-server: Access SNMP server through this interface -- custom: Custom service. +- custom: Custom service. ## `configure authority router node device-interface network-interface address host-service static-assignment` @@ -9786,13 +10451,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -9954,14 +10619,15 @@ Default: string A value from a set of predefined names. Options: -- string -- uint8 -- uint16 -- uint32 -- boolean -- ipv4-address -- int32 -- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. + +- string: +- uint8: +- uint16: +- uint32: +- boolean: +- ipv4-address: +- int32: +- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. ## `configure authority router node device-interface network-interface address host-service static-assignment custom quantity` @@ -9988,8 +10654,9 @@ Default: singular A value from a set of predefined names. Options: -- singular -- array + +- singular: +- array: ## `configure authority router node device-interface network-interface address host-service static-assignment custom value` @@ -10009,6 +10676,8 @@ configure authority router node device-interface network-interface address host- #### Description +The order of elements matters. + ##### string (required) A text value. @@ -10083,13 +10752,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -10182,13 +10851,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -10231,13 +10900,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -10280,13 +10949,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -10329,13 +10998,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -10402,13 +11071,13 @@ A non-default IPv4 or IPv6 address Must be one of the following types: -###### (0) non-default-ipv4-address (string) +##### (0) non-default-ipv4-address (string) A non-default IPv4 address Must be a valid IPv4 address. -###### (1) non-default-ipv6-address (string) +##### (1) non-default-ipv6-address (string) A non-default IPv6 address @@ -10438,13 +11107,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) (required) +##### (0) ipv4-address (string) (required) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) (required) +##### (1) ipv6-address (string) (required) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -10586,14 +11255,15 @@ Default: string A value from a set of predefined names. Options: -- string -- uint8 -- uint16 -- uint32 -- boolean -- ipv4-address -- int32 -- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. + +- string: +- uint8: +- uint16: +- uint32: +- boolean: +- ipv4-address: +- int32: +- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. ## `configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information enterprise-number` @@ -10611,6 +11281,12 @@ configure authority router node device-interface network-interface address host- | ---- | ----------- | | uint32 | The value to set for this field | +#### Description + +##### uint32 (required) + +An unsigned 32-bit integer. + ## `configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information quantity` The allowed quantity of the custom option values. @@ -10636,8 +11312,9 @@ Default: singular A value from a set of predefined names. Options: -- singular -- array + +- singular: +- array: ## `configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information value` @@ -10657,6 +11334,8 @@ configure authority router node device-interface network-interface address host- #### Description +The order of elements matters. + ##### string (required) A text value. @@ -10762,16 +11441,15 @@ Default: string A value from a set of predefined names. Options: -- string -- uint8 -- uint16 -- uint32 -- boolean -- ipv4-address -- int32 -- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. - +- string: +- uint8: +- uint16: +- uint32: +- boolean: +- ipv4-address: +- int32: +- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'. ## `configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information quantity` @@ -10798,8 +11476,9 @@ Default: singular A value from a set of predefined names. Options: -- singular -- array + +- singular: +- array: ## `configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information value` @@ -10819,6 +11498,8 @@ configure authority router node device-interface network-interface address host- #### Description +The order of elements matters. + ##### string (required) A text value. @@ -10947,6 +11628,7 @@ configure authority router node device-interface network-interface address host- Transport (Layer 4) protocol. Options: + - tcp: Transmission Control Protocol. - udp: User Datagram Protocol. - icmp: Internet Control Management Protocol. @@ -11000,13 +11682,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -11047,13 +11729,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -11118,13 +11800,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -11241,8 +11923,9 @@ Default: sha256 A value from a set of predefined names. Options: -- simple Simple Password -- sha256 SHA256 + +- simple: Simple Password. +- sha256: SHA256 ## `configure authority router node device-interface network-interface adjacency bfd desired-tx-interval` @@ -11323,6 +12006,7 @@ Default: disabled A value from a set of predefined names. Options: + - enabled: Extend hold-down time exponentially if link flaps occur during hold-down time. - disabled: Use simple hold-down timer for every link up event. @@ -11515,6 +12199,7 @@ Default: enabled A value from a set of predefined names. Options: + - enabled: BFD is enabled on all nodes of this router. - disabled: BFD is disabled on all nodes of this router. @@ -11566,7 +12251,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface adjacency external-nat-address` @@ -11584,6 +12269,83 @@ configure authority router node device-interface network-interface adjacency ext | ---- | ----------- | | host | The value to set for this field | +#### Description + +##### host (union) + +The host type represents either an IP address or a DNS domain name. + +Must be one of the following types: + +##### (0) ip-address (union) + +The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. + +Must be one of the following types: + +###### (0) ipv4-address (string): + +The ipv4-address type represents an IPv4 address in dotted-quad notation. + +Must be a valid IPv4 address. + +##### (1) ipv6-address (string) + +The ipv6-address type represents an IPv6 address in full, +mixed, shortened, and shortened-mixed notation. + +The canonical format of IPv6 addresses uses the compressed +format described in RFC 4291, Section 2.2, item 2 with the +following additional rules: the :: substitution must be +applied to the longest sequence of all-zero 16-bit chunks +in an IPv6 address. If there is a tie, the first sequence +of all-zero 16-bit chunks is replaced by ::. Single +all-zero 16-bit chunks are not compressed. The canonical +format uses lowercase characters and leading zeros are +not allowed. + +Must be a valid IPv6 address. + +##### (2) domain-name (string) + +The domain-name type represents a DNS domain name. The +name SHOULD be fully qualified whenever possible. + +Internet domain names are only loosely specified. Section +3.5 of RFC 1034 recommends a syntax (modified in Section +2.1 of RFC 1123). The pattern above is intended to allow +for current practice in domain name use, and some possible +future expansion. It is designed to hold various types of +domain names, including names used for A or AAAA records +(host names) and other records, such as SRV records. Note +that Internet host names have a stricter syntax (described +in RFC 952) than the DNS recommendations in RFCs 1034 and +1123, and that systems that want to store host names in +schema nodes using the domain-name type are recommended to +adhere to this stricter standard to ensure interoperability. + +The encoding of DNS names in the DNS protocol is limited +to 255 characters. Since the encoding consists of labels +prefixed by a length bytes and there is a trailing NULL +byte, only 253 characters can appear in the textual dotted +notation. + +The description clause of schema nodes using the domain-name +type MUST describe when and how these names are resolved to +IP addresses. Note that the resolution of a domain-name value +may require to query multiple DNS records (e.g., A for IPv4 +and AAAA for IPv6). The order of the resolution process and +which DNS record takes precedence can either be defined +explicitely or it may depend on the configuration of the +resolver. + +Domain-name values use the US-ASCII encoding. Their canonical +format uses lowercase US-ASCII characters. Internationalized +domain names MUST be encoded in punycode as described in RFC +3492 + +Length: 1-253 + ## `configure authority router node device-interface network-interface adjacency generated` Indicates whether or not the Adjacency was automatically generated as a result of STEP topology builder. @@ -11606,7 +12368,7 @@ configure authority router node device-interface network-interface adjacency gen A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface adjacency inter-router-security` @@ -11646,6 +12408,83 @@ configure authority router node device-interface network-interface adjacency ip- | ---- | ----------- | | host | The value to set for this field | +#### Description + +##### host (union) + +The host type represents either an IP address or a DNS domain name. + +Must be one of the following types: + +##### (0) ip-address (union) + +The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. + +Must be one of the following types: + +##### (0) ipv4-address (string) + +The ipv4-address type represents an IPv4 address in dotted-quad notation. + +Must be a valid IPv4 address. + +##### (1) ipv6-address (string) + +The ipv6-address type represents an IPv6 address in full, +mixed, shortened, and shortened-mixed notation. + +The canonical format of IPv6 addresses uses the compressed +format described in RFC 4291, Section 2.2, item 2 with the +following additional rules: the :: substitution must be +applied to the longest sequence of all-zero 16-bit chunks +in an IPv6 address. If there is a tie, the first sequence +of all-zero 16-bit chunks is replaced by ::. Single +all-zero 16-bit chunks are not compressed. The canonical +format uses lowercase characters and leading zeros are +not allowed. + +Must be a valid IPv6 address. + +##### (2) domain-name (string) + +The domain-name type represents a DNS domain name. The +name SHOULD be fully qualified whenever possible. + +Internet domain names are only loosely specified. Section +3.5 of RFC 1034 recommends a syntax (modified in Section +2.1 of RFC 1123). The pattern above is intended to allow +for current practice in domain name use, and some possible +future expansion. It is designed to hold various types of +domain names, including names used for A or AAAA records +(host names) and other records, such as SRV records. Note +that Internet host names have a stricter syntax (described +in RFC 952) than the DNS recommendations in RFCs 1034 and +1123, and that systems that want to store host names in +schema nodes using the domain-name type are recommended to +adhere to this stricter standard to ensure interoperability. + +The encoding of DNS names in the DNS protocol is limited +to 255 characters. Since the encoding consists of labels +prefixed by a length bytes and there is a trailing NULL +byte, only 253 characters can appear in the textual dotted +notation. + +The description clause of schema nodes using the domain-name +type MUST describe when and how these names are resolved to +IP addresses. Note that the resolution of a domain-name value +may require to query multiple DNS records (e.g., A for IPv4 +and AAAA for IPv6). The order of the resolution process and +which DNS record takes precedence can either be defined +explicitely or it may depend on the configuration of the +resolver. + +Domain-name values use the US-ASCII encoding. Their canonical +format uses lowercase US-ASCII characters. Internationalized +domain names MUST be encoded in punycode as described in RFC +3492 + +Length: 1-253 + ## `configure authority router node device-interface network-interface adjacency max-way-points` Maximum number of way points to be allocated on the peer path. @@ -11716,8 +12555,9 @@ Default: auto A value from a set of predefined names. Options: -- auto: Inject keep-alive packets in order to keep the pinhole open on external NAT device for sessions that match a session type with keep-alives enabled. -- disabled: Do not send keep-alive packets to keep pinhole open on an external NAT device. + +- auto: Inject keep-alive packets in order to keep the pinhole open on external NAT device for sessions that match a session type with keep-alives enabled. +- disabled: Do not send keep-alive packets to keep pinhole open on an external NAT device. ## `configure authority router node device-interface network-interface adjacency nat-keep-alive tcp-inactivity-timeout` @@ -11812,7 +12652,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface adjacency path-metrics-rolling-avg-interval` @@ -11878,7 +12718,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface adjacency path-mtu-discovery interval` @@ -11924,6 +12764,19 @@ configure authority router node device-interface network-interface adjacency pay | ---- | ----------- | | payload-encryption-override | The value to set for this field | +#### Description + +Default: disable-override + +##### payload-encryption-override (enumeration) + +Payload encryption override setting. + +Options: + +- enable-encryption: Enable encryption of payload even when the security-policy associated with the service has encrypt=false. If the payload is already encrypted by another SSR, send it out as is. +- disable-override: Disable override of the security policy and use the security policy settings associated with the service. + ## `configure authority router node device-interface network-interface adjacency peer` Peer router to which this waypoint address belongs. @@ -11962,6 +12815,19 @@ configure authority router node device-interface network-interface adjacency pee | ---- | ----------- | | peer-connectivity | The value to set for this field | +#### Description + +Default: bidirectional + +##### peer-connectivity (enumeration) + +The IP-layer connectivity behavior. + +Options: + +- bidirectional: Publicly reachable (i.e., not behind a firewall/NAT). +- outbound-only: Not publicly reachable (i.e., behind a firewall/NAT). + ## `configure authority router node device-interface network-interface adjacency performance-monitoring` Performance Monitoring settings for this adjacency. @@ -12000,7 +12866,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface adjacency performance-monitoring profile` @@ -12136,6 +13002,7 @@ Default: disabled A value from a set of predefined names. Options: + - disabled: Do not add additional padding. - enabled: Add one byte of padding to the end of the packet. @@ -12199,8 +13066,9 @@ configure authority router node device-interface network-interface adjacency ses When to apply session optimization. Auto is recommended. Options: + - never-on: Never optimize TCP traffic. -- auto:L Automatically determine if TCP optimization is required. +- auto: Automatically determine if TCP optimization is required. ## `configure authority router node device-interface network-interface adjacency source-nat-address` @@ -12230,7 +13098,7 @@ The ip-prefix type represents an IP prefix and is IP version neutral. The format Must be one of the following types: -###### (0) ipv4-prefix (string) +##### (0) ipv4-prefix (string) The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -12244,7 +13112,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string) +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -12612,7 +13480,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface adjacency traffic-engineering traffic-profile` @@ -12688,17 +13556,18 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) uint8 +##### (0) uint8 An unsigned 8-bit integer. Range: 0-255 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: + - auto: Automatically determine TTL padding. - disabled: Do not pad TTL. @@ -12771,8 +13640,9 @@ Default: auto-detect A value from a set of predefined names. Options: -- auto-detect: Detect if TCP to UDP transform is required. Special TCP packets are sent to the peer at the specified interval. If these packets are not returned, transformation is required. -- always-transform: Force UDP transform for all TCP traffic to the peer. TCP detection packets are never sent in this mode. + +- auto-detect: Detect if TCP to UDP transform is required. Special TCP packets are sent to the peer at the specified interval. If these packets are not returned, transformation is required. +- always-transform: Force UDP transform for all TCP traffic to the peer. TCP detection packets are never sent in this mode. ## `configure authority router node device-interface network-interface adjacency udp-transform nat-keep-alive-mode` @@ -12799,8 +13669,9 @@ Default: disabled A value from a set of predefined names. Options: -- disabled: Do not send keep-alive packets to keep UDP sessions active during UDP transform. -- enabled: Inject keep-alive packets to keep UDP sessions active during UDP transform. + +- disabled: Do not send keep-alive packets to keep UDP sessions active during UDP transform. +- enabled: Inject keep-alive packets to keep UDP sessions active during UDP transform. ## `configure authority router node device-interface network-interface adjacency udp-transform nat-keep-alive-timeout` @@ -12897,6 +13768,53 @@ configure authority router node device-interface network-interface bidirectional | ---- | ----------- | | ip-prefix | The value to set for this field | +#### Description + +##### ip-prefix (union) + +The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version. + +Must be one of the following types: + +##### (0) ipv4-prefix (string) + +The ipv4-prefix type represents an IPv4 address prefix. +The prefix length is given by the number following the +slash character and must be less than or equal to 32. + +A prefix length value of n corresponds to an IP address +mask that has n contiguous 1-bits from the most +significant bit (MSB) and all other bits set to 0. + +The canonical format of an IPv4 prefix has all bits of +the IPv4 address set to zero that are not part of the +IPv4 prefix. + +##### (1) ipv6-prefix (string) + +The ipv6-prefix type represents an IPv6 address prefix. +The prefix length is given by the number following the +slash character and must be less than or equal 128. + +A prefix length value of n corresponds to an IP address +mask that has n contiguous 1-bits from the most +significant bit (MSB) and all other bits set to 0. + +The IPv6 address should have all bits that do not belong +to the prefix set to zero. + +The canonical format of an IPv6 prefix has all bits of +the IPv6 address set to zero that are not part of the +IPv6 prefix. Furthermore, IPv6 address is represented +in the compressed format described in RFC 4291, Section +2.2, item 2 with the following additional rules: the :: +substitution must be applied to the longest sequence of +all-zero 16-bit chunks in an IPv6 address. If there is +a tie, the first sequence of all-zero 16-bit chunks is +replaced by ::. Single all-zero 16-bit chunks are not +compressed. The canonical format uses lowercase +characters and leading zeros are not allowed. + ## `configure authority router node device-interface network-interface bidirectional-nat remote-ip` For packets egressing this interface, the remote IP will be destination natted to local IP. @@ -12913,6 +13831,53 @@ configure authority router node device-interface network-interface bidirectional | ---- | ----------- | | ip-prefix | The value to set for this field | +#### Description + +##### ip-prefix (union) (required) + +The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version. + +Must be one of the following types: + +##### (0) ipv4-prefix (string) (required) + +The ipv4-prefix type represents an IPv4 address prefix. +The prefix length is given by the number following the +slash character and must be less than or equal to 32. + +A prefix length value of n corresponds to an IP address +mask that has n contiguous 1-bits from the most +significant bit (MSB) and all other bits set to 0. + +The canonical format of an IPv4 prefix has all bits of +the IPv4 address set to zero that are not part of the +IPv4 prefix. + +##### (1) ipv6-prefix (string) (required) + +The ipv6-prefix type represents an IPv6 address prefix. +The prefix length is given by the number following the +slash character and must be less than or equal 128. + +A prefix length value of n corresponds to an IP address +mask that has n contiguous 1-bits from the most +significant bit (MSB) and all other bits set to 0. + +The IPv6 address should have all bits that do not belong +to the prefix set to zero. + +The canonical format of an IPv6 prefix has all bits of +the IPv6 address set to zero that are not part of the +IPv6 prefix. Furthermore, IPv6 address is represented +in the compressed format described in RFC 4291, Section +2.2, item 2 with the following additional rules: the :: +substitution must be applied to the longest sequence of +all-zero 16-bit chunks in an IPv6 address. If there is +a tie, the first sequence of all-zero 16-bit chunks is +replaced by ::. Single all-zero 16-bit chunks are not +compressed. The canonical format uses lowercase +characters and leading zeros are not allowed. + ## `configure authority router node device-interface network-interface billing-rate` Numeric rate of currency associated with the interface. When the billing-rate is flat the field indicated rate per day. When the billing-rate is metered the field indicates rate per byte. @@ -12962,9 +13927,10 @@ Default: none A value from a set of predefined names. Options: -- none: No billing is associated with this interface. -- flat: Flat billing. Is charged flat amount of currency per period of time. -- metered: Metered billing. Is charged based on the data usage. + +- none: No billing is associated with this interface. +- flat: Flat billing. Is charged flat amount of currency per period of time. +- metered: Metered billing. Is charged based on the data usage. ## `configure authority router node device-interface network-interface carrier` @@ -13012,7 +13978,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface default-route` @@ -13038,7 +14004,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface description` @@ -13087,10 +14053,11 @@ Default: disabled A value from a set of predefined names. Options: -- disabled: DHCP is disabled. -- v4: Only DHCPv4 is enabled. -- v6: Only DHCPv6 is enabled. -- v6-pd: Only DHCPv6 Prefix Delegation is enabled and the address is derived from the subnet-id and the prefix associated with the prefix-delegation-group. + +- disabled: DHCP is disabled. +- v4: Only DHCPv4 is enabled. +- v6: Only DHCPv6 is enabled. +- v6-pd: Only DHCPv6 Prefix Delegation is enabled and the address is derived from the subnet-id and the prefix associated with the prefix-delegation-group. ## `configure authority router node device-interface network-interface dhcp-delayed-auth-key` @@ -13183,9 +14150,10 @@ Default: hmac-md5 A value from a set of predefined names. Options: -- hmac-md5: HMAC-MD5 is used to authenticate prefix-delegation messages. -- hmac-sha1: HMAC-SHA1 is used to authenticate prefix-delegation messages. -- hmac-sha256: HMAC-SHA256 is used to authenticate prefix-delegation messages. + +- hmac-md5: HMAC-MD5 is used to authenticate prefix-delegation messages. +- hmac-sha1: HMAC-SHA1 is used to authenticate prefix-delegation messages. +- hmac-sha256: HMAC-SHA256 is used to authenticate prefix-delegation messages. ## `configure authority router node device-interface network-interface dscp-map` @@ -13247,7 +14215,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface dscp-steering transport` @@ -13361,13 +14329,165 @@ configure authority router node device-interface network-interface dscp-steering Transport (Layer 4) protocol. Options: -- tcp: Transmission Control Protocol. -- udp: User Datagram Protocol. -- icmp: Internet Control Management Protocol. -- gre: Generic Routing Encapsulation Protocol. -- esp: IPSec Encapsulating Security Payload Protocol. -- pim: Protocol Independent Multicast. +tcp Transmission Control Protocol. +udp User Datagram Protocol. +icmp Internet Control Management Protocol. +gre Generic Routing Encapsulation Protocol. +esp IPSec Encapsulating Security Payload Protocol. +pim Protocol Independent Multicast. + +## `configure authority router node device-interface network-interface dynamic-source-nat` + +Defines the prefixes that need to be dynamically source natted for packets ingressing this interface. + +#### Usage + +``` +configure authority router node device-interface network-interface dynamic-source-nat +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| local-ip | For packets ingressing this interface, the IP which will be source natted to remote-ip IP. | + +##### Subcommands + +| command | description | +| ------- | ----------- | +| `delete` | Delete configuration data | +| [`local-ip`](#configure-authority-router-node-device-interface-network-interface-dynamic-source-nat-local-ip) | For packets ingressing this interface, the IP which will be source natted to remote-ip IP. | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| [`remote-ip`](#configure-authority-router-node-device-interface-network-interface-dynamic-source-nat-remote-ip) | For packets ingressing this interface, the IP to which the local-ip IP will be source natted. | +| `show` | Show configuration data for 'dynamic-source-nat' | + +## `configure authority router node device-interface network-interface dynamic-source-nat local-ip` + +For packets ingressing this interface, the IP which will be source natted to remote-ip IP. + +#### Usage + +``` +configure authority router node device-interface network-interface dynamic-source-nat local-ip [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| ip-prefix | The value to set for this field | + +#### Description + +##### ip-prefix (union) + +The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version. + +Must be one of the following types: + +###### (0) ipv4-prefix (string) + +The ipv4-prefix type represents an IPv4 address prefix. +The prefix length is given by the number following the +slash character and must be less than or equal to 32. + +A prefix length value of n corresponds to an IP address +mask that has n contiguous 1-bits from the most +significant bit (MSB) and all other bits set to 0. + +The canonical format of an IPv4 prefix has all bits of +the IPv4 address set to zero that are not part of the +IPv4 prefix. + +###### (1) ipv6-prefix (string) + +The ipv6-prefix type represents an IPv6 address prefix. +The prefix length is given by the number following the +slash character and must be less than or equal 128. + +A prefix length value of n corresponds to an IP address +mask that has n contiguous 1-bits from the most +significant bit (MSB) and all other bits set to 0. + +The IPv6 address should have all bits that do not belong +to the prefix set to zero. + +The canonical format of an IPv6 prefix has all bits of +the IPv6 address set to zero that are not part of the +IPv6 prefix. Furthermore, IPv6 address is represented +in the compressed format described in RFC 4291, Section +2.2, item 2 with the following additional rules: the :: +substitution must be applied to the longest sequence of +all-zero 16-bit chunks in an IPv6 address. If there is +a tie, the first sequence of all-zero 16-bit chunks is +replaced by ::. Single all-zero 16-bit chunks are not +compressed. The canonical format uses lowercase +characters and leading zeros are not allowed. + +## `configure authority router node device-interface network-interface dynamic-source-nat remote-ip` + +For packets ingressing this interface, the IP to which the local-ip IP will be source natted. + +#### Usage + +``` +configure authority router node device-interface network-interface dynamic-source-nat remote-ip [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| ip-prefix | The value to set for this field | + +#### Description + +##### ip-prefix (union) (required) + +The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version. + +Must be one of the following types: + +###### (0) ipv4-prefix (string) (required) + +The ipv4-prefix type represents an IPv4 address prefix. +The prefix length is given by the number following the +slash character and must be less than or equal to 32. + +A prefix length value of n corresponds to an IP address +mask that has n contiguous 1-bits from the most +significant bit (MSB) and all other bits set to 0. + +The canonical format of an IPv4 prefix has all bits of +the IPv4 address set to zero that are not part of the +IPv4 prefix. + +###### (1) ipv6-prefix (string) (required) + +The ipv6-prefix type represents an IPv6 address prefix. +The prefix length is given by the number following the +slash character and must be less than or equal 128. + +A prefix length value of n corresponds to an IP address +mask that has n contiguous 1-bits from the most +significant bit (MSB) and all other bits set to 0. + +The IPv6 address should have all bits that do not belong +to the prefix set to zero. + +The canonical format of an IPv6 prefix has all bits of +the IPv6 address set to zero that are not part of the +IPv6 prefix. Furthermore, IPv6 address is represented +in the compressed format described in RFC 4291, Section +2.2, item 2 with the following additional rules: the :: +substitution must be applied to the longest sequence of +all-zero 16-bit chunks in an IPv6 address. If there is +a tie, the first sequence of all-zero 16-bit chunks is +replaced by ::. Single all-zero 16-bit chunks are not +compressed. The canonical format uses lowercase +characters and leading zeros are not allowed. ## `configure authority router node device-interface network-interface egress-source-nat-pool` @@ -13419,19 +14539,20 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) uint16 +##### (0) uint16 An unsigned 16-bit integer. Range: 64-8960 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: -- automatic: Automatically adjust MSS according to egress path -- disabled: Do not force MSS + +- automatic: Automatically adjust MSS according to egress path +- disabled: Do not force MSS ## `configure authority router node device-interface network-interface ethernet-over-svr` @@ -13474,7 +14595,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface ethernet-over-svr encapsulate-all-traffic` @@ -13500,7 +14621,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface ethernet-over-svr name` @@ -13574,19 +14695,13 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) - -The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. - -Must be one of the following types: - -###### (0) ipv4-address (string): +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -13601,10 +14716,9 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -13722,8 +14836,9 @@ Default: deny A value from a set of predefined names. Options: -- deny: Deny packets matching the filter rule. -- permit: Permit packets matching the filter rule. No further rules will run. + +- deny: Deny packets matching the filter rule. +- permit: Permit packets matching the filter rule. No further rules will run. ## `configure authority router node device-interface network-interface filter-rule bpf` @@ -13877,8 +14992,9 @@ Default: allow Enumeration defining whether access is allowed or denied. Options: -- allow: Allow access. -- deny: Deny access. + +- allow: Allow access. +- deny: Deny access. ## `configure authority router node device-interface network-interface host-service access-policy source` @@ -13904,13 +15020,13 @@ A source address prefix, QSN, service-group or combination of tenant-name and pr Must be one of the following types: -###### (0) ip-prefix (union) +##### (0) ip-prefix (union) The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-prefix (string): +##### (0) ipv4-prefix (string) The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -13924,7 +15040,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string): +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -13949,7 +15065,7 @@ replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -###### (1) qsn (string) +##### (2) qsn (string) Qualified Service Name in the form: tenant[.authority][/[service-group/]service] @@ -13957,7 +15073,7 @@ Must contain only alphanumeric characters or any of the following: / . _ - Required format: 'Tenant[.Authority[/ServiceGroup[/Service]]]'. No forward slash-delimited segment can exceed 62 characters.(e.g., Engineering.Authority128/Video/private_conferencing). Length: 1-1024 -###### (2) service-spec (string) +##### (3) service-spec (string) Service group and service name portion of a Qualified Service Name. @@ -13965,7 +15081,7 @@ Must contain only alphanumeric characters or any of the following: - _ / . Required format: '/groupLabel1[/groupLabel2[/groupLabel3...]]'. No forward slash-delimited segment can exceed 62 characters. Length: 0-127 -###### (3) tenant-prefix (string) +##### (4) tenant-prefix (string) A string identifier for a tenant prefix. Consists of a valid tenant name, followed by @ and a valid IP Address. @@ -14018,7 +15134,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface host-service service-type` @@ -14043,12 +15159,13 @@ configure authority router node device-interface network-interface host-service A value from a set of predefined names. Options: -- ssh: SSH Hosted service. -- netconf: Netconf service. -- web: Web service. -- dhcp-server: DHCP server service. -- snmp-server: Access SNMP server through this interface -- custom: Custom service. + +- ssh: SSH Hosted service. +- netconf: Netconf service. +- web: Web service. +- dhcp-server: DHCP server service. +- snmp-server: Access SNMP server through this interface +- custom: Custom service. ## `configure authority router node device-interface network-interface host-service transport` @@ -14174,12 +15291,13 @@ configure authority router node device-interface network-interface host-service Transport (Layer 4) protocol. Options: -- tcp: Transmission Control Protocol. -- udp: User Datagram Protocol. -- icmp: Internet Control Management Protocol. -- gre: Generic Routing Encapsulation Protocol. -- esp: IPSec Encapsulating Security Payload Protocol. -- pim: Protocol Independent Multicast. + +- tcp: Transmission Control Protocol. +- udp: User Datagram Protocol. +- icmp: Internet Control Management Protocol. +- gre: Generic Routing Encapsulation Protocol. +- esp: IPSec Encapsulating Security Payload Protocol. +- pim: Protocol Independent Multicast. ## `configure authority router node device-interface network-interface hostname` @@ -14264,8 +15382,9 @@ Default: allow A value from a set of predefined names. Options: -- drop: Neither respond to ICMP requests nor generate ICMP errors to/from IPs on this interface -- allow: Respond to ICMP requests and generate ICMP errors to/from IPs on this interface + +- drop: Neither respond to ICMP requests nor generate ICMP errors to/from IPs on this interface +- allow: Respond to ICMP requests and generate ICMP errors to/from IPs on this interface ## `configure authority router node device-interface network-interface ifcfg-option` @@ -14407,7 +15526,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface management-vector` @@ -14472,7 +15591,6 @@ An unsigned 32-bit integer. Range: 1-999999 - ## `configure authority router node device-interface network-interface mtu` The maximum transmission unit (MTU) for packets sent on the interface. @@ -14524,9 +15642,10 @@ Default: automatic A value from a set of predefined names. Options: -- disabled: Multicast listeners are disabled. -- automatic: Multicast listeners are enabled or disabled based on the presence of multicast services with tenant based access policies which match this interface's tenant. -- enabled: Multicast listeners are enabled. + +- disabled: Multicast listeners are disabled. +- automatic: Multicast listeners are enabled or disabled based on the presence of multicast services with tenant based access policies which match this interface's tenant. +- enabled: Multicast listeners are enabled. ## `configure authority router node device-interface network-interface multicast-report-proxy` @@ -14552,7 +15671,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface name` @@ -14629,13 +15748,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -14650,7 +15769,6 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. ## `configure authority router node device-interface network-interface neighbor phys-address` @@ -14783,8 +15901,9 @@ Default: sha256 A value from a set of predefined names. Options: -- simple: Simple Password -- sha256: SHA256 + +- simple: Simple Password. +- sha256: SHA256 ## `configure authority router node device-interface network-interface neighborhood bfd desired-tx-interval` @@ -14865,8 +15984,9 @@ Default: disabled A value from a set of predefined names. Options: -- enabled: Extend hold-down time exponentially if link flaps occur during hold-down time. -- disabled: Use simple hold-down timer for every link up event. + +- enabled: Extend hold-down time exponentially if link flaps occur during hold-down time. +- disabled: Use simple hold-down timer for every link up event. ## `configure authority router node device-interface network-interface neighborhood bfd hold-down-time` @@ -15057,8 +16177,9 @@ Default: enabled A value from a set of predefined names. Options: -- enabled: BFD is enabled on all nodes of this router. -- disabled: BFD is disabled on all nodes of this router. + +- enabled: BFD is enabled on all nodes of this router. +- disabled: BFD is disabled on all nodes of this router. ## `configure authority router node device-interface network-interface neighborhood encapsulate-icmp-error-messages` @@ -15084,7 +16205,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface neighborhood external-nat-address` @@ -15102,6 +16223,83 @@ configure authority router node device-interface network-interface neighborhood | ---- | ----------- | | host | The value to set for this field | +#### Description + +##### host (union) + +The host type represents either an IP address or a DNS domain name. + +Must be one of the following types: + +##### (0) ip-address (union) + +The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. + +Must be one of the following types: + +##### (0) ipv4-address (string) + +The ipv4-address type represents an IPv4 address in dotted-quad notation. + +Must be a valid IPv4 address. + +##### (1) ipv6-address (string) + +The ipv6-address type represents an IPv6 address in full, +mixed, shortened, and shortened-mixed notation. + +The canonical format of IPv6 addresses uses the compressed +format described in RFC 4291, Section 2.2, item 2 with the +following additional rules: the :: substitution must be +applied to the longest sequence of all-zero 16-bit chunks +in an IPv6 address. If there is a tie, the first sequence +of all-zero 16-bit chunks is replaced by ::. Single +all-zero 16-bit chunks are not compressed. The canonical +format uses lowercase characters and leading zeros are +not allowed. + +Must be a valid IPv6 address. + +##### (2) domain-name (string) + +The domain-name type represents a DNS domain name. The +name SHOULD be fully qualified whenever possible. + +Internet domain names are only loosely specified. Section +3.5 of RFC 1034 recommends a syntax (modified in Section +2.1 of RFC 1123). The pattern above is intended to allow +for current practice in domain name use, and some possible +future expansion. It is designed to hold various types of +domain names, including names used for A or AAAA records +(host names) and other records, such as SRV records. Note +that Internet host names have a stricter syntax (described +in RFC 952) than the DNS recommendations in RFCs 1034 and +1123, and that systems that want to store host names in +schema nodes using the domain-name type are recommended to +adhere to this stricter standard to ensure interoperability. + +The encoding of DNS names in the DNS protocol is limited +to 255 characters. Since the encoding consists of labels +prefixed by a length bytes and there is a trailing NULL +byte, only 253 characters can appear in the textual dotted +notation. + +The description clause of schema nodes using the domain-name +type MUST describe when and how these names are resolved to +IP addresses. Note that the resolution of a domain-name value +may require to query multiple DNS records (e.g., A for IPv4 +and AAAA for IPv6). The order of the resolution process and +which DNS record takes precedence can either be defined +explicitely or it may depend on the configuration of the +resolver. + +Domain-name values use the US-ASCII encoding. Their canonical +format uses lowercase US-ASCII characters. Internationalized +domain names MUST be encoded in punycode as described in RFC +3492 + +Length: 1-253 + ## `configure authority router node device-interface network-interface neighborhood max-way-points` Maximum number of way points to be allocated on each peer paths within the neighborhood. @@ -15197,8 +16395,9 @@ Default: auto A value from a set of predefined names. Options: -- auto: Inject keep-alive packets in order to keep the pinhole open on external NAT device for sessions that match a session type with keep-alives enabled. -- disabled: Do not send keep-alive packets to keep pinhole open on an external NAT device. + +- auto: Inject keep-alive packets in order to keep the pinhole open on external NAT device for sessions that match a session type with keep-alives enabled. +- disabled: Do not send keep-alive packets to keep pinhole open on an external NAT device. ## `configure authority router node device-interface network-interface neighborhood nat-keep-alive tcp-inactivity-timeout` @@ -15293,7 +16492,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface neighborhood path-metrics-rolling-avg-interval` @@ -15359,7 +16558,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface neighborhood path-mtu-discovery interval` @@ -15414,8 +16613,9 @@ Default: disable-override Payload encryption override setting. Options: -- enable-encryption: Enable encryption of payload even when the security-policy associated with the service has encrypt=false. If the payload is already encrypted by another SSR, send it out as is. -- disable-override: Disable override of the security policy and use the security policy settings associated with the service. + +- enable-encryption: Enable encryption of payload even when the security-policy associated with the service has encrypt=false. If the payload is already encrypted by another SSR, send it out as is. +- disable-override: Disable override of the security policy and use the security policy settings associated with the service. ## `configure authority router node device-interface network-interface neighborhood peer-connectivity` @@ -15442,8 +16642,9 @@ Default: bidirectional The IP-layer connectivity behavior. Options: -- bidirectional: Publicly reachable (i.e., not behind a firewall/NAT). -- outbound-only: Not publicly reachable (i.e., behind a firewall/NAT). + +- bidirectional: Publicly reachable (i.e., not behind a firewall/NAT). +- outbound-only: Not publicly reachable (i.e., behind a firewall/NAT). ## `configure authority router node device-interface network-interface neighborhood peer-path-overlay` @@ -15470,8 +16671,9 @@ Default: svr The overlay mechanism used for the peer path. Options: -- svr: SVR (Secure Vector Routing) overlay. -- bfd-tunnel: Tunnel over BFD overlay. + +- svr: SVR (Secure Vector Routing) overlay. +- bfd-tunnel: Tunnel over BFD overlay. ## `configure authority router node device-interface network-interface neighborhood performance-monitoring` @@ -15511,7 +16713,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface neighborhood performance-monitoring profile` @@ -15647,8 +16849,9 @@ Default: disabled A value from a set of predefined names. Options: -- disabled: Do not add additional padding. -- enabled: Add one byte of padding to the end of the packet. + +- disabled: Do not add additional padding. +- enabled: Add one byte of padding to the end of the packet. ## `configure authority router node device-interface network-interface neighborhood qp-value` @@ -15714,8 +16917,9 @@ configure authority router node device-interface network-interface neighborhood When to apply session optimization. Auto is recommended. Options: -- never-on: Never optimize TCP traffic. -- auto: Automatically determine if TCP optimization is required. + +- never-on: Never optimize TCP traffic. +- auto: Automatically determine if TCP optimization is required. ## `configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement` @@ -16046,9 +17250,10 @@ Default: spoke A value from a set of predefined names. Options: -- mesh: Full mesh. This router will have adjacencies to all other routers in the neighborhood. -- hub: The router is a hub in a hub-and-spoke topology. The router will have adjacencies with other routers in the neighborhood that are labeled 'spoke' or 'mesh'. -- spoke: The router is a spoke in a hub-and-spoke topology. The router will have adjacencies with other routers in the neighborhood that are labeled 'hub' or 'mesh'. + +- mesh: Full mesh. This router will have adjacencies to all other routers in the neighborhood. +- hub: The router is a hub in a hub-and-spoke topology. The router will have adjacencies with other routers in the neighborhood that are labeled 'spoke' or 'mesh'. +- spoke: The router is a spoke in a hub-and-spoke topology. The router will have adjacencies with other routers in the neighborhood that are labeled 'hub' or 'mesh'. ## `configure authority router node device-interface network-interface neighborhood traffic-engineering` @@ -16103,7 +17308,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface neighborhood traffic-engineering download receive-cap` @@ -16192,7 +17397,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface neighborhood traffic-engineering upload traffic-profile` @@ -16268,19 +17473,20 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) uint8 +##### (0) uint8 An unsigned 8-bit integer. Range: 0-255 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: -- auto: Automatically determine TTL padding. -- disabled: Do not pad TTL. + +- auto: Automatically determine TTL padding. +- disabled: Do not pad TTL. ## `configure authority router node device-interface network-interface neighborhood udp-transform` @@ -16351,8 +17557,9 @@ Default: auto-detect A value from a set of predefined names. Options: -- auto-detect: Detect if TCP to UDP transform is required. Special TCP packets are sent to the peer at the specified interval. If these packets are not returned, transformation is required. -- always-transform: Force UDP transform for all TCP traffic to the peer. TCP detection packets are never sent in this mode. + +- auto-detect: Detect if TCP to UDP transform is required. Special TCP packets are sent to the peer at the specified interval. If these packets are not returned, transformation is required. +- always-transform: Force UDP transform for all TCP traffic to the peer. TCP detection packets are never sent in this mode. ## `configure authority router node device-interface network-interface neighborhood udp-transform nat-keep-alive-mode` @@ -16379,8 +17586,9 @@ Default: disabled A value from a set of predefined names. Options: -- disabled: Do not send keep-alive packets to keep UDP sessions active during UDP transform. -- enabled: Inject keep-alive packets to keep UDP sessions active during UDP transform. + +- disabled: Do not send keep-alive packets to keep UDP sessions active during UDP transform. +- enabled: Inject keep-alive packets to keep UDP sessions active during UDP transform. ## `configure authority router node device-interface network-interface neighborhood udp-transform nat-keep-alive-timeout` @@ -16481,7 +17689,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface prefix-delegation` @@ -16507,7 +17715,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface prefix-delegation-authentication` @@ -16534,9 +17742,10 @@ Default: disabled A value from a set of predefined names. Options: -- disabled: Authentication of prefix-delegation messages is disabled. -- delayed: Delayed authentication protocol is used to authenticate prefix-delegation messages. -- reconfig-key: Reconfigure-key authentication protocol is used to authenticate prefix-delegation messages. + +- disabled: Authentication of prefix-delegation messages is disabled. +- delayed: Delayed authentication protocol is used to authenticate prefix-delegation messages. +- reconfig-key: Reconfigure-key authentication protocol is used to authenticate prefix-delegation messages. ## `configure authority router node device-interface network-interface prefix-delegation-group` @@ -16608,7 +17817,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface prioritization-mode` @@ -16635,8 +17844,9 @@ Default: local A value from a set of predefined names. Options: -- local: Trust the internal classification for prioritization. -- dscp: Trust incoming DSCP values for prioritization. + +- local: Trust the internal classification for prioritization. +- dscp: Trust incoming DSCP values for prioritization. ## `configure authority router node device-interface network-interface qp-value` @@ -16690,7 +17900,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface rewrite-dscp` @@ -16714,7 +17924,7 @@ configure authority router node device-interface network-interface rewrite-dscp A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface router-advertisement` @@ -16740,7 +17950,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface source-nat` @@ -16766,7 +17976,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface network-interface tenant` @@ -16840,7 +18050,7 @@ The ip-prefix type represents an IP prefix and is IP version neutral. The format Must be one of the following types: -###### (0) ipv4-prefix (string) (required) +##### (0) ipv4-prefix (string) (required) The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -16854,7 +18064,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string) (required) +##### (1) ipv6-prefix (string) (required) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -16902,6 +18112,95 @@ configure authority router node device-interface network-interface tenant-prefix This type is used by other entities that need to reference configured tenants. +## `configure authority router node device-interface network-interface traffic-engineering` + +Configure Traffic Engineering + +##### Subcommands + +| command | description | +| ------- | ----------- | +| `delete` | Delete configuration data | +| [`enabled`](#configure-authority-router-node-device-interface-network-interface-traffic-engineering-enabled) | Whether traffic engineering is enabled on the network interface. | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| `show` | Show configuration data for 'traffic-engineering' | +| [`traffic-profile`](#configure-authority-router-node-device-interface-network-interface-traffic-engineering-traffic-profile) | The name of the traffic profile used for traffic engineering on this network interface | +| [`transmit-cap`](#configure-authority-router-node-device-interface-network-interface-traffic-engineering-transmit-cap) | The transmit capacity of the this network interface. | + +## `configure authority router node device-interface network-interface traffic-engineering enabled` + +Whether traffic engineering is enabled on the network interface. + +#### Usage + +``` +configure authority router node device-interface network-interface traffic-engineering enabled [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| boolean | The value to set for this field | + +#### Description + +Default: false + +##### boolean + +A true or false value. + +Options: true or false + +## `configure authority router node device-interface network-interface traffic-engineering traffic-profile` + +The name of the traffic profile used for traffic engineering on this network interface + +#### Usage + +``` +configure authority router node device-interface network-interface traffic-engineering traffic-profile [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| traffic-profile-ref | The value to set for this field | + +#### Description + +##### traffic-profile-ref (leafref) + +This type is used by other entities that need to reference configured traffic profiles. + +## `configure authority router node device-interface network-interface traffic-engineering transmit-cap` + +The transmit capacity of the this network interface. + +#### Usage + +``` +configure authority router node device-interface network-interface traffic-engineering transmit-cap [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| uint64 | The value to set for this field | + +#### Description + +Units: bits/second + +##### uint64 + +An unsigned 64-bit integer. + +Range: 0-999999999999 + ## `configure authority router node device-interface network-interface tunnel` Configure Tunnel @@ -16941,19 +18240,19 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) (required) +##### (0) ip-address (union) (required) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string) (required): +##### (0) ipv4-address (string) (required) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) (required): +##### (1) ipv6-address (string) (required) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -16968,10 +18267,9 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. -###### (1) domain-name (string) (required) +##### (2) domain-name (string) (required) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -17035,13 +18333,74 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) + +The ipv4-address type represents an IPv4 address in dotted-quad notation. + +Must be a valid IPv4 address. + +##### (1) ipv6-address (string) + +The ipv6-address type represents an IPv6 address in full, +mixed, shortened, and shortened-mixed notation. + +The canonical format of IPv6 addresses uses the compressed +format described in RFC 4291, Section 2.2, item 2 with the +following additional rules: the :: substitution must be +applied to the longest sequence of all-zero 16-bit chunks +in an IPv6 address. If there is a tie, the first sequence +of all-zero 16-bit chunks is replaced by ::. Single +all-zero 16-bit chunks are not compressed. The canonical +format uses lowercase characters and leading zeros are +not allowed. + +Must be a valid IPv6 address. + +## `configure authority router node device-interface network-interface tunnel source` + +How the tunnel source address will be obtained. + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [`address`](#configure-authority-router-node-device-interface-network-interface-tunnel-source-address) | The source address of this tunnel. | +| `delete` | Delete configuration data | +| [`network-interface`](#configure-authority-router-node-device-interface-network-interface-tunnel-source-network-interface) | Use the address of the interface with the same vlan. | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| `show` | Show configuration data for 'source' | + +## `configure authority router node device-interface network-interface tunnel source address` + +The source address of this tunnel. + +#### Usage + +``` +configure authority router node device-interface network-interface tunnel source address [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| ip-address | The value to set for this field | + +#### Description + +##### ip-address (union) + +The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. + +Must be one of the following types: + +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -17058,139 +18417,225 @@ not allowed. Must be a valid IPv6 address. -## `configure authority router node device-interface network-interface tunnel source` +## `configure authority router node device-interface network-interface tunnel source network-interface` -How the tunnel source address will be obtained. +Use the address of the interface with the same vlan. + +#### Usage + +``` +configure authority router node device-interface network-interface tunnel source network-interface +``` + +#### Description + +##### empty + +Has no value. + +## `configure authority router node device-interface network-interface type` + +Type of network that the interface is connected to. Type is fabric for inter-node traffic, external for regular traffic, and shared for both fabric and external. + +#### Usage + +``` +configure authority router node device-interface network-interface type [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| enumeration | The value to set for this field | + +#### Description + +Default: external + +##### enumeration + +A value from a set of predefined names. + +Options: + +- fabric: Fabric network for inter-node traffic. +- external: External network for regular traffic. +- shared: Network is both 'fabric' and 'external'. +- gre-tunnel: A GRE tunnel. + +## `configure authority router node device-interface network-interface vlan` + +The VLAN id for the interface (0 for no VLAN, otherwise 1-4094). + +#### Usage + +``` +configure authority router node device-interface network-interface vlan [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| vlan | The value to set for this field | + +#### Description + +Default: 0 + +##### vlan (uint16) + +A VLAN identifier (0 for no VLAN, otherwise 1-4094). + +Range: 0-4094 + +## `configure authority router node device-interface network-interface vrrp` + +Configure VRRP ##### Subcommands | command | description | | ------- | ----------- | -| [`address`](#configure-authority-router-node-device-interface-network-interface-tunnel-source-address) | The source address of this tunnel. | +| [`advertisement-interval`](#configure-authority-router-node-device-interface-network-interface-vrrp-advertisement-interval) | How frequently (in milliseconds) advertisements should be sent. | | `delete` | Delete configuration data | -| [`network-interface`](#configure-authority-router-node-device-interface-network-interface-tunnel-source-network-interface) | Use the address of the interface with the same vlan. | +| [`enabled`](#configure-authority-router-node-device-interface-network-interface-vrrp-enabled) | Whether or not this interface should participate in VRRP. | | `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | -| `show` | Show configuration data for 'source' | +| [`priority`](#configure-authority-router-node-device-interface-network-interface-vrrp-priority) | The priority of this interface within the virtual router pair. | +| `show` | Show configuration data for 'vrrp' | +| [`use-physical-address`](#configure-authority-router-node-device-interface-network-interface-vrrp-use-physical-address) | Use the physical mac address of the device instead of the VRRP virtual mac. | +| [`vrid`](#configure-authority-router-node-device-interface-network-interface-vrrp-vrid) | The Virtual Router ID. This value must be mirrored by the redundant interface. | -## `configure authority router node device-interface network-interface tunnel source address` +## `configure authority router node device-interface network-interface vrrp advertisement-interval` -The source address of this tunnel. +How frequently (in milliseconds) advertisements should be sent. #### Usage ``` -configure authority router node device-interface network-interface tunnel source address [] +configure authority router node device-interface network-interface vrrp advertisement-interval [] ``` ##### Positional Arguments | name | description | | ---- | ----------- | -| ip-address | The value to set for this field | +| uint16 | The value to set for this field | #### Description -##### ip-address (union) +Units: milliseconds -The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. +Default: 1000 -Must be one of the following types: +##### uint16 -###### (0) ipv4-address (string) +An unsigned 16-bit integer. -The ipv4-address type represents an IPv4 address in dotted-quad notation. +Range: 100-40950 -Must be a valid IPv4 address. +## `configure authority router node device-interface network-interface vrrp enabled` -###### (1) ipv6-address (string) +Whether or not this interface should participate in VRRP. -The ipv6-address type represents an IPv6 address in full, -mixed, shortened, and shortened-mixed notation. +#### Usage -The canonical format of IPv6 addresses uses the compressed -format described in RFC 4291, Section 2.2, item 2 with the -following additional rules: the :: substitution must be -applied to the longest sequence of all-zero 16-bit chunks -in an IPv6 address. If there is a tie, the first sequence -of all-zero 16-bit chunks is replaced by ::. Single -all-zero 16-bit chunks are not compressed. The canonical -format uses lowercase characters and leading zeros are -not allowed. +``` +configure authority router node device-interface network-interface vrrp enabled [] +``` -Must be a valid IPv6 address. +##### Positional Arguments -## `configure authority router node device-interface network-interface tunnel source network-interface` +| name | description | +| ---- | ----------- | +| boolean | The value to set for this field | -Use the address of the interface with the same vlan. +#### Description + +Default: false + +##### boolean + +A true or false value. + +Options: true or false + +## `configure authority router node device-interface network-interface vrrp priority` + +The priority of this interface within the virtual router pair. #### Usage ``` -configure authority router node device-interface network-interface tunnel source network-interface +configure authority router node device-interface network-interface vrrp priority [] ``` +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| uint8 | The value to set for this field | + #### Description -##### empty +Default: 100 -Has no value. +##### uint8 -## `configure authority router node device-interface network-interface type` +An unsigned 8-bit integer. -Type of network that the interface is connected to. Type is fabric for inter-node traffic, external for regular traffic, and shared for both fabric and external. +Range: 1-255 + +## `configure authority router node device-interface network-interface vrrp use-physical-address` + +Use the physical mac address of the device instead of the VRRP virtual mac. #### Usage ``` -configure authority router node device-interface network-interface type [] +configure authority router node device-interface network-interface vrrp use-physical-address [] ``` ##### Positional Arguments | name | description | | ---- | ----------- | -| enumeration | The value to set for this field | +| boolean | The value to set for this field | #### Description -Default: external +Default: false -##### enumeration +##### boolean -A value from a set of predefined names. +A true or false value. -Options: -- fabric: Fabric network for inter-node traffic. -- external: External network for regular traffic. -- shared: Network is both 'fabric' and 'external'. -- gre-tunnel: A GRE tunnel. +Options: true or false -## `configure authority router node device-interface network-interface vlan` +## `configure authority router node device-interface network-interface vrrp vrid` -The VLAN id for the interface (0 for no VLAN, otherwise 1-4094). +The Virtual Router ID. This value must be mirrored by the redundant interface. #### Usage ``` -configure authority router node device-interface network-interface vlan [] +configure authority router node device-interface network-interface vrrp vrid [] ``` ##### Positional Arguments | name | description | | ---- | ----------- | -| vlan | The value to set for this field | +| uint8 | The value to set for this field | #### Description -Default: 0 - -##### vlan (uint16) - -A VLAN identifier (0 for no VLAN, otherwise 1-4094). +##### uint8 -Range: 0-4094 +An unsigned 8-bit integer. +Range: 1-255 ## `configure authority router node device-interface network-namespace` @@ -17303,6 +18748,7 @@ configure authority router node device-interface pppoe authentication-protocol [ A value from a set of predefined names. Options: + - chap: Challenge-Handshake Authentication Protocol. - pap: Password Authentication Protocol. @@ -17374,7 +18820,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface q-in-q` @@ -17462,7 +18908,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface session-optimization` @@ -17501,7 +18947,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface shared-phys-address` @@ -17552,7 +18998,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface strip-vlan` @@ -17578,7 +19024,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface target-interface` @@ -17644,7 +19090,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface traffic-engineering traffic-profile` @@ -17694,18 +19140,19 @@ A type for defining values such as rates and capacities for which the default va Must be one of the following types: -###### (0) uint64 +##### (0) uint64 An unsigned 64-bit integer. Range: 0-999999999999 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: -- unlimited: No limit on this value. + +- unlimited: No limit on this value. ## `configure authority router node device-interface type` @@ -17732,13 +19179,14 @@ Default: ethernet A value from a set of predefined names. Options: -- ethernet: A physical ethernet interface. -- pppoe: An interface using the Point-to-Point Protocol over Ethernet (PPPoE). -- host: A logical interface to the host system. -- bridged: A logical interface bridged to a target interface. -- lte: An interface using LTE. -- t1: An interface using a T1 card. -- bond: An aggregated group of ethernet interfaces. + +- ethernet: A physical ethernet interface. +- pppoe: An interface using the Point-to-Point Protocol over Ethernet (PPPoE). +- host: A logical interface to the host system. +- bridged: A logical interface bridged to a target interface. +- lte: An interface using LTE. +- t1: An interface using a T1 card. +- bond: An aggregated group of ethernet interfaces. ## `configure authority router node device-interface vmbus-uuid` @@ -17835,7 +19283,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface vrrp priority` @@ -17887,7 +19335,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node device-interface vrrp vlan` @@ -17963,7 +19411,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node forwarding-core-count` @@ -18022,8 +19470,9 @@ A restart is required if forwarding-core-mode is created, modified, or deleted A value from a set of predefined names. Options: -- automatic: The number of cores dedicated to traffic forwarding will be automatically determined based on system properties. -- manual: The number of cores dedicated to traffic forwarding will be set to the value of forwarding-core-count. + +- automatic: The number of cores dedicated to traffic forwarding will be automatically determined based on system properties. +- manual: The number of cores dedicated to traffic forwarding will be set to the value of forwarding-core-count. ## `configure authority router node ipfix` @@ -18062,7 +19511,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node location` @@ -18110,13 +19559,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -18131,7 +19580,6 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. ## `configure authority router node name` @@ -18222,13 +19670,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -18243,7 +19691,6 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. ## `configure authority router node port-forwarding local-interface` @@ -18319,19 +19766,19 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) +##### (0) ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string): +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -18346,10 +19793,9 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -18462,19 +19908,19 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) +##### (0) ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string): +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -18489,10 +19935,9 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -18555,7 +20000,8 @@ configure authority router node port-forwarding server-destination [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| client-certificate-ref | The value to set for this field | + +#### Description + +##### client-certificate-ref (leafref) + +This type is used by other entities that need to reference configured client certificate. + ## `configure authority router node radius nas-identifier` The NAS Identifier to be used in outgoing Radius authentication requests. @@ -18673,13 +20143,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -18696,6 +20166,28 @@ not allowed. Must be a valid IPv6 address. +## `configure authority router node radius router-client-certificate-name` + +A client certificate to be used to communicate with Radius server. + +#### Usage + +``` +configure authority router node radius router-client-certificate-name [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| router-client-certificate-ref | The value to set for this field | + +#### Description + +##### router-client-certificate-ref (leafref) + +This type is used by other entities that need to reference configured client certificate for a specific router. + ## `configure authority router node reachability-detection` Layer 2 reachability detection @@ -18880,10 +20372,11 @@ A restart is required if role is created, modified, or deleted The node's role in the SSR system. Options: -- control: A Control and Operations Resource node. -- slice: A Software Line-Card Engine node. -- combo: A combined Control and Slice. -- conductor: A remote management system. + +- control: A Control and Operations Resource node. +- slice: A Software Line-Card Engine node. +- combo: A combined Control and Slice. +- conductor: A remote management system. ## `configure authority router node session-processor-count` @@ -18942,8 +20435,9 @@ A restart is required if session-processor-mode is created, modified, or deleted A value from a set of predefined names. Options: -- automatic: The number of threads dedicated to session processing will be automatically determined based on system properties. -- manual: The number of threads dedicated to session processing will be set to the value of session-processor-count. + +- automatic: The number of threads dedicated to session processing will be automatically determined based on system properties. +- manual: The number of threads dedicated to session processing will be set to the value of session-processor-count. ## `configure authority router node session-setup-scaling` @@ -18963,7 +20457,7 @@ configure authority router node session-setup-scaling [] #### Description -Default: false +Default: true :::warning A restart is required if session-setup-scaling is created, modified, or deleted @@ -18973,11 +20467,11 @@ A restart is required if session-setup-scaling is created, modified, or deleted A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router node ssh-keepalive` -Configure Ssh Keepalive +Configure SSH Keepalive ##### Subcommands @@ -19399,10 +20893,23 @@ configure authority router node ssh-settings inter-node host-key-checking [] A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router peer name` @@ -20523,8 +22046,9 @@ Default: per-service A value from a set of predefined names. Options: -- per-service: Apply this rate limit policy at a per-service granularity. -- shared: This rate limit policy may be shared across different services. + +- per-service: Apply this rate limit policy at a per-service granularity. +- shared: This rate limit policy may be shared across different services. ## `configure authority router rate-limit-policy name` @@ -20716,9 +22240,10 @@ configure authority router reachability-profile protocol protocol-type [] Units: seconds +Default: 120 + +##### uint16 + +An unsigned 16-bit integer. + +Range: 1-1800 + ## `configure authority router routing ospf instance` Number of OSPF instance @@ -23836,8 +25392,9 @@ Default: type-2 OSPF external metric type Options: -- type-1: External metric type 1, comparable to link state metric -- type-2: External metric type 2, larger than link state metric + +- type-1: External metric type 1, comparable to link state metric +- type-2: External metric type 2, larger than link state metric ## `configure authority router routing ospf redistribute policy` @@ -23884,10 +25441,11 @@ configure authority router routing ospf redistribute protocol [] | ---- | ----------- | | rib-family | The value to set for this field | +#### Description + +##### rib-family (enumeration) + +A value from a set of predefined names. + +Options: + +- ipv4: IPv4 Address Family +- ipv6: IPv6 Address Famimly + ## `configure authority router routing rib-policy policy` A policy to apply to the protocol route @@ -24325,6 +25895,12 @@ configure authority router routing rib-policy policy [] | ---- | ----------- | | policy-ref | The value to set for this field | +#### Description + +##### policy-ref (leafref) + +A reference to an existing value in the instance data. + ## `configure authority router routing rib-policy protocol` The routing protocol RIB policy @@ -24341,6 +25917,21 @@ configure authority router routing rib-policy protocol [] | ---- | ----------- | | rib-protocol | The value to set for this field | +#### Description + +##### rib-protocol (enumeration) + +A value from a set of predefined names. + +Options: + +- any: Any RIB protocol +- bgp: BGP routes +- connected: Interface routes +- ospf: OSPF routes +- service: Service routes +- static: Static routes + ## `configure authority router routing routing-protocol` Each entry contains configuration of a routing protocol instance. @@ -24437,10 +26028,11 @@ configure authority router routing routing-protocol address-family afi-safi [] A value from a set of predefined names. Options: -- bgp: BGP routing protocol + +- bgp: BGP routing protocol ## `configure authority router routing service-admin-distance` @@ -27326,11 +28939,11 @@ A unicast IPv4 or IPv6 prefix Must be one of the following types: -###### (0) unicast-ipv4-prefix (string) +##### (0) unicast-ipv4-prefix (string) A unicast IPv4 prefix -###### (1) unicast-ipv6-prefix (string) +##### (1) unicast-ipv6-prefix (string) A unicast IPv6 prefix @@ -27382,13 +28995,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -27403,7 +29016,6 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. ## `configure authority router routing static-route next-hop-interface` @@ -27499,7 +29111,8 @@ configure authority router routing type [] A value from a set of predefined names. Options: -- default-instance: This identity represents a default routing instance. + +- default-instance: This identity represents a default routing instance. ## `configure authority router routing vrf` @@ -27799,7 +29412,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf interface ip-address` @@ -27825,13 +29438,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) (required) +##### (0) ipv4-address (string) (required) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) (required) +##### (1) ipv6-address (string) (required) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -28209,7 +29822,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf ospf advertise-default metric` @@ -28260,8 +29873,9 @@ Default: type-2 OSPF external metric type Options: -- type-1: External metric type 1, comparable to link state metric -- type-2: External metric type 2, larger than link state metric + +- type-1: External metric type 1, comparable to link state metric +- type-2: External metric type 2, larger than link state metric ## `configure authority router routing vrf ospf advertise-default policy` @@ -28343,9 +29957,10 @@ Default: none OSPF area authentication. Can be overriden by interface authentication. Options: -- none: No authentication -- simple: Simple (plain text) password authentication -- md5: MD5 HMAC authentication + +- none: No authentication +- simple: Simple (plain text) password authentication +- md5: MD5 HMAC authentication ## `configure authority router routing vrf ospf area default-cost` @@ -28458,10 +30073,11 @@ Default: area OSPF interface authentication type Options: -- area: Use area authentication type -- none:No interface authentication -- simple:Simple (plain text) password authentication -- md5: MD5 HMAC authentication + +- area: Use area authentication type +- none: No interface authentication +- simple: Simple (plain text) password authentication +- md5: MD5 HMAC authentication ## `configure authority router routing vrf ospf area interface bfd` @@ -28531,7 +30147,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf ospf area interface bfd multiplier` @@ -28790,9 +30406,10 @@ Default: unspecified OSPF interface network type Options: -- unspecified: Unspecified network type -- broadcast: Broadcast network -- point-to-point: Point-to-point network + +- unspecified: Unspecified network type +- broadcast: Broadcast network +- point-to-point: Point-to-point network ## `configure authority router routing vrf ospf area interface node` @@ -28840,7 +30457,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf ospf area interface password` @@ -28990,7 +30607,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf ospf area summary-range` @@ -29043,7 +30660,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf ospf area summary-range cost` @@ -29093,7 +30710,7 @@ The ip-prefix type represents an IP prefix and is IP version neutral. The format Must be one of the following types: -###### (0) ipv4-prefix (string) +##### (0) ipv4-prefix (string) The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -29107,7 +30724,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string) +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -29157,9 +30774,10 @@ Default: normal A value from a set of predefined names. Options: -- normal: OSPF normal area -- stub: OSPF stub area -- nssa: OSPF Not-So-Stubby Area (NSSA) + +- normal: OSPF normal area +- stub: OSPF stub area +- nssa: OSPF Not-So-Stubby Area (NSSA) ## `configure authority router routing vrf ospf distance` @@ -29302,6 +30920,14 @@ configure authority router routing vrf ospf graceful-restart helper helper-resta Units: seconds +Default: 120 + +##### uint16 + +An unsigned 16-bit integer. + +Range: 10-1800 + ## `configure authority router routing vrf ospf graceful-restart helper strict-lsa-checking` When enabled, helper will abort graceful restart if a LSA change occurs that affects the restarting router @@ -29318,6 +30944,16 @@ configure authority router routing vrf ospf graceful-restart helper strict-lsa-c | ---- | ----------- | | boolean | The value to set for this field | +#### Description + +Default: true + +##### boolean + +A true or false value. + +Options: true or false + ## `configure authority router routing vrf ospf graceful-restart restart-time` OSPF graceful restart duration @@ -29338,6 +30974,14 @@ configure authority router routing vrf ospf graceful-restart restart-time [] | ---- | ----------- | | rib-family | The value to set for this field | +#### Description + +##### rib-family (enumeration) + +A value from a set of predefined names. + +Options: + +- ipv4: IPv4 Address Family +- ipv6: IPv6 Address Famimly + ## `configure authority router routing vrf rib-policy policy` A policy to apply to the protocol route @@ -29928,6 +31586,12 @@ configure authority router routing vrf rib-policy policy [] | ---- | ----------- | | policy-ref | The value to set for this field | +#### Description + +##### policy-ref (leafref) + +A reference to an existing value in the instance data. + ## `configure authority router routing vrf rib-policy protocol` The routing protocol RIB policy @@ -29944,6 +31608,21 @@ configure authority router routing vrf rib-policy protocol [] | ---- | ----------- | | rib-protocol | The value to set for this field | +#### Description + +##### rib-protocol (enumeration) + +A value from a set of predefined names. + +Options: + +- any: Any RIB protocol +- bgp: BGP routes +- connected: Interface routes +- ospf: OSPF routes +- service: Service routes +- static: Static routes + ## `configure authority router routing vrf routing-protocol` Each entry contains configuration of a routing protocol instance. @@ -30040,10 +31719,11 @@ configure authority router routing vrf routing-protocol address-family afi-safi A value from a set of predefined names. Options: -- ipv4-unicast: IPv4 unicast (AFI,SAFI = 1,1) -- ipv6-unicast: IPv6 unicast (AFI,SAFI = 2,1) -- ipv4-vpn: IPv4 vpn (AFI,SAFI = 1,128) -- ipv6-vpn: IPv6 vpn (AFI,SAFI = 2,128) + +- ipv4-unicast: IPv4 unicast (AFI,SAFI = 1,1) +- ipv6-unicast: IPv6 unicast (AFI,SAFI = 2,1) +- ipv4-vpn: IPv4 vpn (AFI,SAFI = 1,128) +- ipv6-vpn: IPv6 vpn (AFI,SAFI = 2,128) ## `configure authority router routing vrf routing-protocol address-family aggregate-address` @@ -30068,7 +31748,7 @@ configure authority router routing vrf routing-protocol address-family aggregate | [`as-set`](#configure-authority-router-routing-vrf-routing-protocol-address-family-aggregate-address-as-set) | Generate as-set information for the resultant aggregate | | `delete` | Delete configuration data | | `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | -| [`policy`](#configure-authority-router-routing-vrf-routing-protocol-address-family-aggregate-address-policy) | a policy to apply to the aggregate route | +| [`policy`](#configure-authority-router-routing-vrf-routing-protocol-address-family-aggregate-address-policy) |Policy to apply to the aggregate route | | [`prefix`](#configure-authority-router-routing-vrf-routing-protocol-address-family-aggregate-address-prefix) | The prefix to aggregate from | | `show` | Show configuration data for 'aggregate-address' | | [`summary-only`](#configure-authority-router-routing-vrf-routing-protocol-address-family-aggregate-address-summary-only) | Specifies that the prefixes aggregated by this aggregation are not to be advertised: only the aggregate itself will be advertised | @@ -30097,11 +31777,11 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol address-family aggregate-address policy` -a policy to apply to the aggregate route +Policy to apply to the aggregate route #### Usage @@ -30115,6 +31795,12 @@ configure authority router routing vrf routing-protocol address-family aggregate | ---- | ----------- | | policy-ref | The value to set for this field | +#### Description + +##### policy-ref (leafref) + +A reference to an existing value in the instance data. + ## `configure authority router routing vrf routing-protocol address-family aggregate-address prefix` The prefix to aggregate from @@ -30139,11 +31825,11 @@ A not host IPv4 or IPv6 prefix Must be one of the following types: -###### (0) not-host-ipv4-prefix (string) +##### (0) not-host-ipv4-prefix (string) A not host IPv4 prefix -###### (1) not-host-ipv6-prefix (string) +##### (1) not-host-ipv6-prefix (string) A not host IPv6 prefix @@ -30171,7 +31857,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol address-family default-route-distance` @@ -30396,7 +32082,7 @@ The ip-prefix type represents an IP prefix and is IP version neutral. The format Must be one of the following types: -###### (0) ipv4-prefix (string) +##### (0) ipv4-prefix (string) The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -30410,7 +32096,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string) +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -30528,10 +32214,11 @@ configure authority router routing vrf routing-protocol address-family redistrib A value from a set of predefined names. Options: -- connected: Interface routes -- service: Service routes -- static: Static routes -- ospf: OSPF routes + +- connected: Interface routes +- service: Service routes +- static: Static routes +- ospf: OSPF routes ## `configure authority router routing vrf routing-protocol address-family use-multiple-paths` @@ -30691,29 +32378,29 @@ A BGP extended community (RFC-4360), an 8 octet value, is part of the set extended community action. The following formats are accepted: -a) A.B.C.D:EF -b) EF:GHJK -c) GHJK:EF + a) A.B.C.D:EF + b) EF:GHJK + c) GHJK:EF -A.B.C.D: Four Byte IP -EF: Two byte ASN (in decimal) -GHJK: Four-byte ASN (in decimal) + A.B.C.D: Four Byte IP + EF: Two byte ASN (in decimal) + GHJK: Four-byte ASN (in decimal) Must be one of the following types: -###### (0) string (required) +##### (0) string (required) A text value. Must be <ipv4-address>:<uint16> -###### (1) string (required) +##### (1) string (required) A text value. Must be <uint16>:<uint32> -###### (2) string (required) +##### (2) string (required) A text value. @@ -30744,29 +32431,29 @@ A BGP extended community (RFC-4360), an 8 octet value, is part of the set extended community action. The following formats are accepted: -a) A.B.C.D:EF -b) EF:GHJK -c) GHJK:EF + a) A.B.C.D:EF + b) EF:GHJK + c) GHJK:EF -A.B.C.D: Four Byte IP -EF: Two byte ASN (in decimal) -GHJK: Four-byte ASN (in decimal) + A.B.C.D: Four Byte IP + EF: Two byte ASN (in decimal) + GHJK: Four-byte ASN (in decimal) Must be one of the following types: -###### (0) string (required) +##### (0) string (required) A text value. Must be <ipv4-address>:<uint16> -###### (1) string (required) +##### (1) string (required) A text value. Must be <uint16>:<uint32> -###### (2) string (required) +##### (2) string (required) A text value. @@ -30833,29 +32520,29 @@ A BGP extended community (RFC-4360), an 8 octet value, is part of the set extended community action. The following formats are accepted: -a) A.B.C.D:EF -b) EF:GHJK -c) GHJK:EF + a) A.B.C.D:EF + b) EF:GHJK + c) GHJK:EF -A.B.C.D: Four Byte IP -EF: Two byte ASN (in decimal) -GHJK: Four-byte ASN (in decimal) + A.B.C.D: Four Byte IP + EF: Two byte ASN (in decimal) + GHJK: Four-byte ASN (in decimal) Must be one of the following types: -###### (0) string (required) +##### (0) string (required) A text value. Must be <ipv4-address>:<uint16> -###### (1) string (required) +##### (1) string (required) A text value. Must be <uint16>:<uint32> -###### (2) string (required) +##### (2) string (required) A text value. @@ -31081,9 +32768,10 @@ Default: helper configure BGP graceful restart mode [rfc4724] Options: -- enable: enable graceful restart and helper mode -- helper: enable graceful restart helper mode only -- disable: disable graceful restart + +- enable: enable graceful restart and helper mode +- helper: enable graceful restart helper mode only +- disable: disable graceful restart ## `configure authority router routing vrf routing-protocol graceful-restart restart-time` @@ -31133,6 +32821,14 @@ configure authority router routing vrf routing-protocol graceful-restart select- Units: seconds +Default: 0 + +##### uint16 + +An unsigned 16-bit integer. + +Range: 0-360 + ## `configure authority router routing vrf routing-protocol graceful-restart stale-routes-time` An upper-bound on the time that the stale routes will be retained by a router after a session is restarted or 0 to disable. If an End-of-RIB (EOR) marker is received prior to this timer expiring stale-routes will be flushed upon its receipt - if no EOR is received, then when this timer expires stale paths will be purged. This timer is referred to as the Selection_Deferral_Timer in RFC4724 @@ -31297,7 +32993,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol neighbor address-family afi-safi` @@ -31321,11 +33017,12 @@ configure authority router routing vrf routing-protocol neighbor address-family A value from a set of predefined names. -Options: -- ipv4-unicast: IPv4 unicast (AFI,SAFI = 1,1) -- ipv6-unicast: IPv6 unicast (AFI,SAFI = 2,1) -- ipv4-vpn: IPv4 vpn (AFI,SAFI = 1,128) -- ipv6-vpn: IPv6 vpn (AFI,SAFI = 2,128) +Options: + +- ipv4-unicast: IPv4 unicast (AFI,SAFI = 1,1) +- ipv6-unicast: IPv6 unicast (AFI,SAFI = 2,1) +- ipv4-vpn: IPv4 vpn (AFI,SAFI = 1,128) +- ipv6-vpn: IPv6 vpn (AFI,SAFI = 2,128) ## `configure authority router routing vrf routing-protocol neighbor address-family as-path-options` @@ -31527,7 +33224,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol neighbor address-family prefix-limit` @@ -31643,11 +33340,12 @@ configure authority router routing vrf routing-protocol neighbor address-family Set of options for configuring how private AS numbers are modified in advertised AS paths. Options: -- all: Remove all private ASes in the AS path. -- replace-all: Replace all private ASes with the local AS. -- only: Remove private ASes only if the AS path contains just private ASes. -- replace-only: Replace private ASes with the local AS only if the AS path contains just private ASes. -- disable: Do not remove private ASes. + +- all: Remove all private ASes in the AS path. +- replace-all: Replace all private ASes with the local AS. +- only: Remove private ASes only if the AS path contains just private ASes. +- replace-only: Replace private ASes with the local AS only if the AS path contains just private ASes. +- disable: Do not remove private ASes. ## `configure authority router routing vrf routing-protocol neighbor address-family route-reflector` @@ -31686,7 +33384,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol neighbor address-family send-default-route` @@ -31712,7 +33410,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol neighbor auth-password` @@ -31804,7 +33502,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol neighbor bfd multiplier` @@ -31918,9 +33616,10 @@ configure authority router routing vrf routing-protocol neighbor graceful-restar configure BGP graceful restart mode [rfc4724] Options: -- enable: enable graceful restart and helper mode -- helper: enable graceful restart helper mode only -- disable: disable graceful restart + +- enable: enable graceful restart and helper mode +- helper: enable graceful restart helper mode only +- disable: disable graceful restart ## `configure authority router routing vrf routing-protocol neighbor local-as` @@ -32022,7 +33721,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol neighbor neighbor-address` @@ -32048,13 +33747,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -32069,7 +33768,6 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. ## `configure authority router routing vrf routing-protocol neighbor neighbor-as` @@ -32193,7 +33891,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol neighbor timers` @@ -32511,7 +34209,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol redistribute` @@ -32584,10 +34282,11 @@ configure authority router routing vrf routing-protocol redistribute protocol [< A value from a set of predefined names. Options: -- connected: Interface routes -- service: Service routes -- static: Static routes -- ospf: OSPF routes + +- connected: Interface routes +- service: Service routes +- static: Static routes +- ospf: OSPF routes ## `configure authority router routing vrf routing-protocol route-reflector-allow-outbound-policy` @@ -32613,7 +34312,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol route-selection-options` @@ -32654,7 +34353,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol route-selection-options external-compare-router-id` @@ -32680,7 +34379,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol route-selection-options ignore-as-path-length` @@ -32706,7 +34405,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router routing vrf routing-protocol router-id` @@ -32825,7 +34524,8 @@ configure authority router routing vrf routing-protocol type [] A value from a set of predefined names. Options: -- bgp: BGP routing protocol + +- bgp: BGP routing protocol ## `configure authority router routing vrf service-admin-distance` @@ -32930,11 +34630,11 @@ A unicast IPv4 or IPv6 prefix Must be one of the following types: -###### (0) unicast-ipv4-prefix (string) +##### (0) unicast-ipv4-prefix (string) A unicast IPv4 prefix -###### (1) unicast-ipv6-prefix (string) +##### (1) unicast-ipv6-prefix (string) A unicast IPv6 prefix @@ -32986,13 +34686,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -33007,7 +34707,6 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. ## `configure authority router routing vrf static-route next-hop-interface` @@ -33191,7 +34890,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router service-route generated` @@ -33215,7 +34914,7 @@ configure authority router service-route generated [] A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router service-route host` @@ -33292,13 +34991,13 @@ The host type represents either an IPv4 address or a DNS domain name. Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) domain-name (string) +##### (1) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -33387,19 +35086,19 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) +##### (0) ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string): +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -33416,7 +35115,7 @@ not allowed. Must be a valid IPv6 address. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -33512,13 +35211,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -33557,8 +35256,6 @@ configure authority router service-route next-hop interface [] A reference to an existing value in the instance data. - - ## `configure authority router service-route next-hop node-name` The name of the node on which the interface resides. @@ -33629,19 +35326,19 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) +##### (0) ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string): +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -33656,10 +35353,9 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -33864,7 +35560,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router service-route reachability-detection enforcement` @@ -33890,7 +35586,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router service-route reachability-detection hold-down` @@ -33971,7 +35667,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router service-route reachability-detection probe icmp-probe-profile` @@ -34042,8 +35738,9 @@ Default: disabled A value from a set of predefined names. Options: -- disabled: Ignore probe state and use organic traffic to determine path health -- always: Factor probe state into path health + +- disabled: Ignore probe state and use organic traffic to determine path health +- always: Factor probe state into path health ## `configure authority router service-route reachability-detection reachability-profile` @@ -34284,7 +35981,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router service-route-policy max-sessions` @@ -34310,18 +36007,19 @@ A type for defining values such as rates and capacities for which the default va Must be one of the following types: -###### (0) uint64 +##### (0) uint64 An unsigned 64-bit integer. Range: 0-999999999999 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: -- unlimited: No limit on this value. + +- unlimited: No limit on this value. ## `configure authority router service-route-policy name` @@ -34372,7 +36070,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router service-route-policy session-high-water-mark` @@ -34454,18 +36152,19 @@ A type for defining values such as rates and capacities for which the default va Must be one of the following types: -###### (0) uint64 +##### (0) uint64 An unsigned 64-bit integer. Range: 0-999999999999 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: -- unlimited: No limit on this value. + +- unlimited: No limit on this value. ## `configure authority router static-hostname-mapping` @@ -34558,13 +36257,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) (required) +##### (0) ipv4-address (string) (required) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) (required) +##### (1) ipv6-address (string) (required) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -34591,6 +36290,7 @@ System group configuration. Lets administrators configure system-wide properties | ------- | ----------- | | [`asset-connection-resiliency`](#configure-authority-router-system-asset-connection-resiliency) | Configure Asset Connection Resiliency | | [`audit`](#configure-authority-router-system-audit) | Configuration for audit events | +| [`client-certificate`](#configure-authority-router-system-client-certificate) | Contains the content of client certificates for this router. | | `clone` | Clone a list item | | [`contact`](#configure-authority-router-system-contact) | The administrator contact information for the system. | | `delete` | Delete configuration data | @@ -34604,6 +36304,7 @@ System group configuration. Lets administrators configure system-wide properties | [`remote-login`](#configure-authority-router-system-remote-login) | Configure Remote Login | | [`services`](#configure-authority-router-system-services) | Address information for internal services | | `show` | Show configuration data for 'system' | +| [`software-access`](#configure-authority-router-system-software-access) | Configuration for SSR software access for this router. Supported on managed assets only. Any settings configured here will override the authority software access settings. | | [`software-update`](#configure-authority-router-system-software-update) | Configuration for SSR software updates. Supported on managed assets only. | | [`syslog`](#configure-authority-router-system-syslog) | Syslog configuration lets administrators configure the SSR's interaction with external syslog services. | @@ -34646,18 +36347,19 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) boolean +##### (0) boolean A true or false value. -Options: `true` or `false` +Options: true or false -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: -- use-authority-setting: Use the authority wide asset connection resiliency state. + +- use-authority-setting: Use the authority wide asset connection resiliency state. ## `configure authority router system audit` @@ -34717,7 +36419,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system audit administration persist` @@ -34743,7 +36445,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system audit disk-full-action` @@ -34770,8 +36472,9 @@ Default: ignore A value from a set of predefined names. Options: -- halt: On failure halt the system. -- ignore: Ignore the failure. + +- halt: On failure halt the system. +- ignore: Ignore the failure. ## `configure authority router system audit remote-logging-server` @@ -34823,19 +36526,19 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) +##### (0) ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string): +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -34852,7 +36555,7 @@ not allowed. Must be a valid IPv6 address. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -34980,7 +36683,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system audit security persist` @@ -35006,7 +36709,7 @@ Default: true A true or false value. -Options: `true` or false +Options: true or false ## `configure authority router system audit system` @@ -35046,7 +36749,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system audit system persist` @@ -35072,7 +36775,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system audit traffic` @@ -35112,7 +36815,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system audit traffic persist` @@ -35138,7 +36841,107 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false + +## `configure authority router system client-certificate` + +Contains the content of client certificates for this router. + +#### Usage + +``` +configure authority router system client-certificate +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| name | An identifier for the client certificate. | + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [`content`](#configure-authority-router-system-client-certificate-content) | Client certificate content. | +| `delete` | Delete configuration data | +| [`name`](#configure-authority-router-system-client-certificate-name) | An identifier for the client certificate. | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| `show` | Show configuration data for 'client-certificate' | +| [`validation-mode`](#configure-authority-router-system-client-certificate-validation-mode) | Router level Client certificate validation mode. | + +## `configure authority router system client-certificate content` + +Client certificate content. + +#### Usage + +``` +configure authority router system client-certificate content [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| string | The value to set for this field | + +#### Description + +##### string (required) + +A text value. + +## `configure authority router system client-certificate name` + +An identifier for the client certificate. + +#### Usage + +``` +configure authority router system client-certificate name [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| name-id | The value to set for this field | + +#### Description + +##### name-id (string) + +A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters. + +Must contain only alphanumeric characters or any of the following: _ - +Length: 0-63 + +## `configure authority router system client-certificate validation-mode` + +Router level Client certificate validation mode. + +#### Usage + +``` +configure authority router system client-certificate validation-mode [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| certificate-validation-mode | The value to set for this field | + +#### Description + +##### certificate-validation-mode (enumeration) + +Sets the mode of certificate validation + +Options: +strict Reject insecure certificates during import. +warn Warn when importing insecure certificates ## `configure authority router system contact` @@ -35268,8 +37071,9 @@ Default: issue-warning A value from a set of predefined names. Options: -- no-action: Take no action. -- issue-warning: Log and issue warning to all current shell sessions that the session limit has been exceeded. + +- no-action: Take no action. +- issue-warning: Log and issue warning to all current shell sessions that the session limit has been exceeded. ## `configure authority router system log-category` @@ -35320,12 +37124,13 @@ configure authority router system log-category log-level [] Log levels Options: -- fatal: Only record log messages with level "fatal" or higher. -- error: Only record log messages with level "error" or higher. -- warning: Only record log messages with level "warning" or higher. -- info: Only record log messages with level "info" or higher. -- debug: Only record log messages with level "debug" or higher. -- trace: Only record log messages with level "trace" or higher. + +- fatal: Only record log messages with level "fatal" or higher. +- error: Only record log messages with level "error" or higher. +- warning: Only record log messages with level "warning" or higher. +- info: Only record log messages with level "info" or higher. +- debug: Only record log messages with level "debug" or higher. +- trace: Only record log messages with level "trace" or higher. ## `configure authority router system log-category name` @@ -35350,34 +37155,35 @@ configure authority router system log-category name [] Log categories Options: -- ATCS: Components related to the SSR Analytics Engine. -- CFGD: Components related to the SSR Configuration Engine. -- DATA: Components related to the configuration and state databases. -- DISC: Discovery-based components (except BFD). Today this is DHCP and ARP. -- USER: User-created log messages, generated via the 'write' command. -- FLC: Control system for packet forwarding. -- FLPP: System for processing the initial packet of each new session. -- HWMC: Control system for packet processing. -- IPC: The subsystem responsible for messaging between components within the SSR product. -- LINK: The subsystem for inter-node communication (today, BFD). -- PLAT: Components related to the underlying platform management. -- PLUG: Components related to plugin management. -- RDB: The subsystem responsible for synchronizing data between nodes. -- RTG: Components related to the routing engine. -- SNMP: Components related to the SNMP engine. -- SATF: Failures related to multi-threaded session setup. -- SESS: Components related to session setup. -- STEP: Components related to STEP. -- TEST: Components related to testing. -- UTIL: Components related to utility libraries. -- DPDK: Components related to DPDK. -- DNS: Components related to DNS. -- HTTP: Components related to HTTP request/response processing. -- PCLI: All the PCLI's log messages. -- BONS: Components related to the configuration database. -- LDAP: All the System Security Services Daemon logs. -- RIB: Components related to routing changes. -- IDP: Components related to IDP. + +- ATCS: Components related to the SSR Analytics Engine. +- CFGD: Components related to the SSR Configuration Engine. +- DATA: Components related to the configuration and state databases. +- DISC: Discovery-based components (except BFD). Today this is DHCP and ARP. +- USER: User-created log messages, generated via the 'write' command. +- FLC: Control system for packet forwarding. +- FLPP: System for processing the initial packet of each new session. +- HWMC: Control system for packet processing. +- IPC: The subsystem responsible for messaging between components within the SSR product. +- LINK: The subsystem for inter-node communication (today, BFD). +- PLAT: Components related to the underlying platform management. +- PLUG: Components related to plugin management. +- RDB: The subsystem responsible for synchronizing data between nodes. +- RTG: Components related to the routing engine. +- SNMP: Components related to the SNMP engine. +- SATF: Failures related to multi-threaded session setup. +- SESS: Components related to session setup. +- STEP: Components related to STEP. +- TEST: Components related to testing. +- UTIL: Components related to utility libraries. +- DPDK: Components related to DPDK. +- DNS: Components related to DNS. +- HTTP: Components related to HTTP request/response processing. +- PCLI: All the PCLI's log messages. +- BONS: Components related to the configuration database. +- LDAP: All the System Security Services Daemon logs. +- RIB: Components related to routing changes. +- IDP: Components related to IDP. ## `configure authority router system log-level` @@ -35404,12 +37210,13 @@ Default: info Log levels Options: -- fatal: Only record log messages with level "fatal" or higher. -- error: Only record log messages with level "error" or higher. -- warning: Only record log messages with level "warning" or higher. -- info: Only record log messages with level "info" or higher. -- debug: Only record log messages with level "debug" or higher. -- trace: Only record log messages with level "trace" or higher. + +- fatal: Only record log messages with level "fatal" or higher. +- error: Only record log messages with level "error" or higher. +- warning: Only record log messages with level "warning" or higher. +- info: Only record log messages with level "info" or higher. +- debug: Only record log messages with level "debug" or higher. +- trace: Only record log messages with level "trace" or higher. ## `configure authority router system metrics` @@ -35527,10 +37334,11 @@ Default: in-memory A value from a set of predefined names. Options: -- in-memory: Don not store any historical data -- short: Metrics will be stored for the short duration as defined in the router's config -- intermediate: Metrics will be stored for the short and intermediate durations as defined in the router's config -- long: Metrics will be stored for the short, intermediate, and long durations as defined in the router's config + +- in-memory: Don't store any historical data +- short: Metrics will be stored for the short duration as defined in the router's config +- intermediate: Metrics will be stored for the short and intermediate durations as defined in the router's config +- long: Metrics will be stored for the short, intermediate, and long durations as defined in the router's config ## `configure authority router system metrics retention` @@ -35612,7 +37420,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system metrics retention intermediate interval` @@ -35705,7 +37513,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system metrics retention long interval` @@ -35798,7 +37606,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system metrics retention short interval` @@ -35987,8 +37795,9 @@ configure authority router system ntp server authentication-key type [] A text value. -Length: 20,40 +Length: 1-40 ## `configure authority router system ntp server ip-address` @@ -36038,19 +37847,19 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) +##### (0) ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string): +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -36067,7 +37876,7 @@ not allowed. Must be a valid IPv6 address. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -36146,18 +37955,19 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) boolean +##### (0) boolean A true or false value. -Options: `true` or `false` +Options: true or false -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: -- use-authority-setting: Use the authority wide remote-login state. + +- use-authority-setting: Use the authority wide remote-login state. ## `configure authority router system services` @@ -36296,19 +38106,19 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) +##### (0) ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string): +##### (0) ipv4-address (string): The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -36325,7 +38135,7 @@ not allowed. Must be a valid IPv6 address. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -36407,9 +38217,10 @@ Default: none A value from a set of predefined names. Options: -- none -- md5 -- sha + +- none: +- md5: +- sha: ## `configure authority router system services snmp-server access-control usm authentication-key` @@ -36460,9 +38271,10 @@ Default: none A value from a set of predefined names. Options: -- none -- des -- aes + +- none: +- des: +- aes: ## `configure authority router system services snmp-server access-control usm privacy-key` @@ -36559,7 +38371,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system services snmp-server engine-id` @@ -36735,9 +38547,10 @@ configure authority router system services snmp-server notification-receiver typ A value from a set of predefined names. -Options: -- trap -- inform +Options: + +- trap: +- inform: ## `configure authority router system services snmp-server port` @@ -36904,7 +38717,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system services snmp-server version` @@ -36931,8 +38744,9 @@ Default: v2c A value from a set of predefined names. Options: -- v2c -- v3 + +- v2c: +- v3: ## `configure authority router system services webserver` @@ -36949,6 +38763,7 @@ Web server & REST API. | [`port`](#configure-authority-router-system-services-webserver-port) | The port on which the Web servers listen. | | [`server`](#configure-authority-router-system-services-webserver-server) | List of control node server addresses. When present, they override the defaults from global configuration. | | `show` | Show configuration data for 'webserver' | +| [`ssl`](#configure-authority-router-system-services-webserver-ssl) | Configure SSL encryption for HTTPS. | ## `configure authority router system services webserver enabled` @@ -36974,7 +38789,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system services webserver port` @@ -37052,13 +38867,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) (required) +##### (0) ipv4-address (string) (required) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) (required) +##### (1) ipv6-address (string) (required) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -37097,6 +38912,269 @@ configure authority router system services webserver server node-name [ A reference to an existing value in the instance data. +## `configure authority router system services webserver ssl` + +Configure SSL encryption for HTTPS. + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [`ciphers`](#configure-authority-router-system-services-webserver-ssl-ciphers) | Configure the allowed ciphers. The full list of available ciphers can be viewed by running the 'openssl ciphers' shell command. See 'CIPHER LIST FORMAT' and 'CIPHER STRINGS' in the OpenSSL documentation https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for the permitted values and their meanings. | +| `delete` | Delete configuration data | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| [`protocol`](#configure-authority-router-system-services-webserver-ssl-protocol) | Configure the allowed protocols. By default both 'TLSv1.2' and 'TLSv1.3' are used. | +| `show` | Show configuration data for 'ssl' | + +## `configure authority router system services webserver ssl ciphers` + +Configure the allowed ciphers. The full list of available ciphers can be viewed by running the 'openssl ciphers' shell command. See 'CIPHER LIST FORMAT' and 'CIPHER STRINGS' in the OpenSSL documentation https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for the permitted values and their meanings. + +#### Usage + +``` +configure authority router system services webserver ssl ciphers [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| string | The value to set for this field | + +#### Description + +Default: HIGH:!aNULL:!MD5 + +##### string + +A text value. + +## `configure authority router system services webserver ssl protocol` + +Configure the allowed protocols. By default both 'TLSv1.2' and 'TLSv1.3' are used. + +#### Usage + +``` +configure authority router system services webserver ssl protocol [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| string | Value to add to this list | + +#### Description + +##### string + +A text value. + +Must contain only alphanumeric characters or any of the following: . - _ +Length: 1-63 + +## `configure authority router system software-access` + +Configuration for SSR software access for this router. Supported on managed assets only. Any settings configured here will override the authority software access settings. + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [`channel`](#configure-authority-router-system-software-access-channel) | The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token. | +| `delete` | Delete configuration data | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| [`router-credentials`](#configure-authority-router-system-software-access-router-credentials) | Configure Router Credentials | +| [`rpm-channel`](#configure-authority-router-system-software-access-rpm-channel) | The software access RPM channel to use. The RPM channel will override the router channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token. | +| `show` | Show configuration data for 'software-access' | +| [`ssr-image-channel`](#configure-authority-router-system-software-access-ssr-image-channel) | The software access SSR image channel to use. The SSR image channel will override the router channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token. | +| [`use-authority-credentials`](#configure-authority-router-system-software-access-use-authority-credentials) | Configure Use Authority Credentials | + +## `configure authority router system software-access channel` + +The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token. + +#### Usage + +``` +configure authority router system software-access channel [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| router-software-access-channel | The value to set for this field | + +#### Description + +Default: use-authority-channel + +##### router-software-access-channel (enumeration) + +The router software access channel. + +Options: +use-authority-channel Use the configured authority channel. +prealpha Override the authority channel with the prealpha channel. +alpha Override the authority channel with the alpha channel. +beta Override the authority channel with the beta channel. +release Override the authority channel with the release channel. + +## `configure authority router system software-access router-credentials` + +Configure Router Credentials + +##### Subcommands + +| command | description | +| ------- | ----------- | +| `delete` | Delete configuration data | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| `show` | Show configuration data for 'router-credentials' | +| [`token`](#configure-authority-router-system-software-access-router-credentials-token) | The router software access token. | +| [`username`](#configure-authority-router-system-software-access-router-credentials-username) | The router software access username. | + +## `configure authority router system software-access router-credentials token` + +The router software access token. + +#### Usage + +``` +configure authority router system software-access router-credentials token [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-token | The value to set for this field | + +#### Description + +##### software-access-token (string) + +The software access token. + +Must not contain whitespace in the software access token. + +## `configure authority router system software-access router-credentials username` + +The router software access username. + +#### Usage + +``` +configure authority router system software-access router-credentials username [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-username | The value to set for this field | + +#### Description + +##### software-access-username (string) + +The software access username. + +Must not contain a colon or whitespace in the software access username. + +## `configure authority router system software-access rpm-channel` + +The software access RPM channel to use. The RPM channel will override the router channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token. + +#### Usage + +``` +configure authority router system software-access rpm-channel [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| router-software-access-channel-override | The value to set for this field | + +#### Description + +Default: use-software-access-channel + +##### router-software-access-channel-override (enumeration) + +The router software access channel overrides. + +Options: +use-authority-channel Use the configured authority channel. +use-software-access-channel Use the configured router channel. +prealpha Override the configured channel with the prealpha channel. +alpha Override the configured channel with the alpha channel. +beta Override the configured channel with the beta channel. +release Override the configured channel with the release channel. + +## `configure authority router system software-access ssr-image-channel` + +The software access SSR image channel to use. The SSR image channel will override the router channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token. + +#### Usage + +``` +configure authority router system software-access ssr-image-channel [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| router-software-access-channel-override | The value to set for this field | + +#### Description + +Default: use-software-access-channel + +##### router-software-access-channel-override (enumeration) + +The router software access channel overrides. + +Options: +use-authority-channel Use the configured authority channel. +use-software-access-channel Use the configured router channel. +prealpha Override the configured channel with the prealpha channel. +alpha Override the configured channel with the alpha channel. +beta Override the configured channel with the beta channel. +release Override the configured channel with the release channel. + +## `configure authority router system software-access use-authority-credentials` + +Configure Use Authority Credentials + +#### Usage + +``` +configure authority router system software-access use-authority-credentials [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| boolean | The value to set for this field | + +#### Description + +Default: true + +##### boolean + +A true or false value. + +Options: true or false + ## `configure authority router system software-update` Configuration for SSR software updates. Supported on managed assets only. @@ -37139,18 +39217,19 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) uint64 +##### (0) uint64 An unsigned 64-bit integer. Range: 1-999999999999 -###### (1) enumeration +##### (1) enumeration A value from a set of predefined names. Options: -- unlimited: No limit on this value + +- unlimited: No limit on this value ## `configure authority router system software-update repository` @@ -37191,19 +39270,19 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) +##### (0) ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. -Must be one of the following types: - -###### (0) ipv4-address (string): +Must be one of the following types +: +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -37220,7 +39299,7 @@ not allowed. Must be a valid IPv6 address. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -37284,7 +39363,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority router system software-update repository source-type` @@ -37311,9 +39390,10 @@ Default: internet-only A value from a set of predefined names. Options: -- conductor-only: Download software from the Conductor, using it as a proxy to the Internet if it has not already downloaded the requested software. -- prefer-conductor: Download software from the Conductor, using the Internet if the Conductor has not already downloaded the requested software. -- internet-only: Download software from publicly available sources via the Internet. + +- conductor-only: Download software from the Conductor, using it as a proxy to the Internet if it has not already downloaded the requested software. +- prefer-conductor: Download software from the Conductor, using the Internet if the Conductor has not already downloaded the requested software. +- internet-only: Download software from publicly available sources via the Internet. ## `configure authority router system syslog` @@ -37327,8 +39407,10 @@ Syslog configuration lets administrators configure the SSR's interaction wi | `clone` | Clone a list item | | `delete` | Delete configuration data | | [`facility`](#configure-authority-router-system-syslog-facility) | The facility under which syslog messages will be recorded. | +| [`ocsp`](#configure-authority-router-system-syslog-ocsp) | Whether to check the revocation status of the Syslog server's certificate. | | `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | | [`protocol`](#configure-authority-router-system-syslog-protocol) | Use TCP or UDP protocol to communicate with syslog server. | +| [`router-client-certificate-name`](#configure-authority-router-system-syslog-router-client-certificate-name) | A client certificate to be used to communicate with syslog server. | | [`server`](#configure-authority-router-system-syslog-server) | The list of syslog servers configured for this device. | | [`severity`](#configure-authority-router-system-syslog-severity) | Sets the level at which messages will be sent to the syslog server. | | `show` | Show configuration data for 'syslog' | @@ -37380,26 +39462,53 @@ Default: local0 A value from a set of predefined names. Options: -- auth: security and authorization messages -- authpriv: security and authorization messages (private) -- cron: cron daemon messages -- daemon: system daemons without separate facility -- kern: kernel messages -- lpr: line printer subsystem messages -- mail: mail subsystem messages -- news: USENET news subsystem messages -- syslog: messages generated internally by syslog -- user: generic user-level messages -- uucp: UUCP messages -- local0: syslog local use 0 facility reserved for local use -- local1: syslog local use 1 facility reserved for local use -- local2: syslog local use 2 facility reserved for local use -- local3: syslog local use 3 facility reserved for local use -- local4: syslog local use 4 facility reserved for local use -- local5: syslog local use 5 facility reserved for local use -- local6: syslog local use 6 facility reserved for local use -- local7: syslog local use 7 facility reserved for local use -- any: match any syslog facility + +- auth: security and authorization messages +- authpriv: security and authorization messages (private) +- cron: cron daemon messages +- daemon: system daemons without separate facility +- kern: kernel messages +- lpr: line printer subsystem messages +- mail: mail subsystem messages +- news: USENET news subsystem messages +- syslog: messages generated internally by syslog +- user: generic user-level messages +- uucp: UUCP messages +- local0: syslog local use 0 facility reserved for local use +- local1: syslog local use 1 facility reserved for local use +- local2: syslog local use 2 facility reserved for local use +- local3: syslog local use 3 facility reserved for local use +- local4: syslog local use 4 facility reserved for local use +- local5: syslog local use 5 facility reserved for local use +- local6: syslog local use 6 facility reserved for local use +- local7: syslog local use 7 facility reserved for local use +- any: match any syslog facility + +## `configure authority router system syslog ocsp` + +Whether to check the revocation status of the Syslog server's certificate. + +#### Usage + +``` +configure authority router system syslog ocsp [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| ocsp | The value to set for this field | + +#### Description + +##### ocsp (enumeration) + +Whether to check the revocation status of a server's certificate. + +Options: +strict Require a successful OCSP check in order to establish a connection. +off Do not check revocation status of the server certificate. ## `configure authority router system syslog protocol` @@ -37426,9 +39535,32 @@ Default: udp A value from a set of predefined names. Options: -- udp: Use UDP protocol to communicate with syslog server. -- tcp: Use TCP protocol to communicate with syslog server. -- tls: Use TLS over TCP protocol to communicate with syslog server. + +- udp: Use UDP protocol to communicate with syslog server. +- tcp: Use TCP protocol to communicate with syslog server. +- tls: Use TLS over TCP protocol to communicate with syslog server. + +## `configure authority router system syslog router-client-certificate-name` + +A client certificate to be used to communicate with syslog server. + +#### Usage + +``` +configure authority router system syslog router-client-certificate-name [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| router-client-certificate-ref | The value to set for this field | + +#### Description + +##### router-client-certificate-ref (leafref) + +This type is used by other entities that need to reference configured client certificate for a specific router. ## `configure authority router system syslog server` @@ -37480,19 +39612,19 @@ The host type represents either an IP address or a DNS domain name. Must be one of the following types: -###### (0) ip-address (union) +##### (0) ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string): +##### (0) ipv4-address (string): The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -37509,7 +39641,7 @@ not allowed. Must be a valid IPv6 address. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -37598,14 +39730,15 @@ Default: error A value from a set of predefined names. Options: -- emergency: Only record log messages with level "emergency" or higher -- alert: Only record log messages with level "alert" or higher -- critical: Only record log messages with level "critical" or higher -- error: Only record log messages with level "error" or higher -- warning: Only record log messages with level "warning" or higher -- notice: Only record log messages with level "notice" or higher -- info: Only record log messages with level "info" or higher -- debug: Only record log messages with level "debug" or higher + +- emergency: Only record log messages with level "emergency" or higher +- alert: Only record log messages with level "alert" or higher +- critical: Only record log messages with level "critical" or higher +- error: Only record log messages with level "error" or higher +- warning: Only record log messages with level "warning" or higher +- notice: Only record log messages with level "notice" or higher +- info: Only record log messages with level "info" or higher +- debug: Only record log messages with level "debug" or higher ## `configure authority router udp-transform` @@ -37676,8 +39809,9 @@ Default: auto-detect A value from a set of predefined names. Options: -- auto-detect: Detect if TCP to UDP transform is required. Special TCP packets are sent to the peer at the specified interval. If these packets are not returned, transformation is required. -- always-transform: Force UDP transform for all TCP traffic to the peer. TCP detection packets are never sent in this mode. + +- auto-detect: Detect if TCP to UDP transform is required. Special TCP packets are sent to the peer at the specified interval. If these packets are not returned, transformation is required. +- always-transform: Force UDP transform for all TCP traffic to the peer. TCP detection packets are never sent in this mode. ## `configure authority router udp-transform nat-keep-alive-mode` @@ -37704,8 +39838,9 @@ Default: disabled A value from a set of predefined names. Options: -- disabled: Do not send keep-alive packets to keep UDP sessions active during UDP transform. -- enabled: Inject keep-alive packets to keep UDP sessions active during UDP transform. + +- disabled: Do not send keep-alive packets to keep UDP sessions active during UDP transform. +- enabled: Inject keep-alive packets to keep UDP sessions active during UDP transform. ## `configure authority router udp-transform nat-keep-alive-timeout` @@ -37932,8 +40067,9 @@ Default: accept A value from a set of predefined names. Options: -- accept: Indicates elements matching the rule should not be filtered by the calling construct -- reject: Indicates elements matching the rule should be filtered by the calling construct + +- accept: Indicates elements matching the rule should not be filtered by the calling construct +- reject: Indicates elements matching the rule should be filtered by the calling construct ## `configure authority routing filter rule ge` @@ -38032,7 +40168,7 @@ The ip-prefix type represents an IP prefix and is IP version neutral. The format Must be one of the following types: -###### (0) ipv4-prefix (string) +##### (0) ipv4-prefix (string) The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -38046,7 +40182,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string) +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -38094,11 +40230,12 @@ configure authority routing filter type [] A value from a set of predefined names. Options: -- prefix-filter: Filter based on IPv4 prefixes within a given range -- prefix-filter-ipv6: Filter based on IPv6 prefixes within a given range -- as-path-filter: Filter based on the BGP AS path -- community-filter: Filter based on the BGP community value -- extended-community-filter: Filter based on the BGP extended community value + +- prefix-filter: Filter based on IPv4 prefixes within a given range +- prefix-filter-ipv6: Filter based on IPv6 prefixes within a given range +- as-path-filter: Filter based on the BGP AS path +- community-filter: Filter based on the BGP community value +- extended-community-filter: Filter based on the BGP extended community value ## `configure authority routing policy` @@ -38383,17 +40520,18 @@ A BGP community. Accepts the well-known communities internet, local-AS, no-adver Must be one of the following types: -###### (0) enumeration +##### (0) enumeration A value from a set of predefined names. Options: -- internet -- local-AS -- no-advertise -- no-export -###### (1) string +- internet: +- local-AS: +- no-advertise: +- no-export: + +##### (1) string A text value. @@ -38570,9 +40708,10 @@ configure authority routing policy statement action origin [] BGP ORIGIN attribute. Options: -- igp: Network Layer Reachability Information is interior to the originating AS. -- egp: Network Layer Reachability Information learned via the EGP protocol [RFC904]. -- incomplete: Network Layer Reachability Information learned by some other means. + +- igp: Network Layer Reachability Information is interior to the originating AS. +- egp: Network Layer Reachability Information learned via the EGP protocol [RFC904]. +- incomplete: Network Layer Reachability Information learned by some other means. ## `configure authority routing policy statement action originator-id` @@ -38685,29 +40824,29 @@ A BGP extended community (RFC-4360), an 8 octet value, is part of the set extended community action. The following formats are accepted: -a) A.B.C.D:EF -b) EF:GHJK -c) GHJK:EF + a) A.B.C.D:EF + b) EF:GHJK + c) GHJK:EF -A.B.C.D: Four Byte IP -EF: Two byte ASN (in decimal) -GHJK: Four-byte ASN (in decimal) + A.B.C.D: Four Byte IP + EF: Two byte ASN (in decimal) + GHJK: Four-byte ASN (in decimal) Must be one of the following types: -###### (0) string +##### (0) string A text value. Must be <ipv4-address>:<uint16> -###### (1) string +##### (1) string A text value. Must be <uint16>:<uint32> -###### (2) string +##### (2) string A text value. @@ -38782,29 +40921,29 @@ A BGP extended community (RFC-4360), an 8 octet value, is part of the set extended community action. The following formats are accepted: -a) A.B.C.D:EF -b) EF:GHJK -c) GHJK:EF + a) A.B.C.D:EF + b) EF:GHJK + c) GHJK:EF -A.B.C.D: Four Byte IP -EF: Two byte ASN (in decimal) -GHJK: Four-byte ASN (in decimal) + A.B.C.D: Four Byte IP + EF: Two byte ASN (in decimal) + GHJK: Four-byte ASN (in decimal) Must be one of the following types: -###### (0) string +##### (0) string A text value. Must be <ipv4-address>:<uint16> -###### (1) string +##### (1) string A text value. Must be <uint16>:<uint32> -###### (2) string +##### (2) string A text value. @@ -38899,23 +41038,24 @@ configure authority routing policy statement action type [] A value from a set of predefined names. Options: -- set-aggregator An action which sets the BGP aggregator -- modify-as-path An action which changes the BGP as-path -- set-path-based-as-path An action which changes the BGP as-path depending on the best path to a peer -- set-atomic-aggregate An action which sets the BGP atomic aggregate attribute -- set-community An action which sets the BGP community attribute -- remove-community An action which removes the BGP community attribute -- set-extended-community An action which sets the BGP extended community attribute -- set-next-hop An action which sets the next hop -- set-local-preference An action which sets the BGP local preference -- modify-metric An action which sets the metric -- set-originator-id An action which sets the originator id -- set-origin An action which sets the origin -- set-tag An action which sets the tag -- set-bgp-weight An action which sets the BGP weight -- set-distance An action which sets the administrative distance -- continue A flow action that advances to the next (or specified) entry in the policy -- call A flow action calls the given policy + +- set-aggregator: An action which sets the BGP aggregator +- modify-as-path: An action which changes the BGP as-path +- set-path-based-as-path: An action which changes the BGP as-path depending on the best path to a peer +- set-atomic-aggregate: An action which sets the BGP atomic aggregate attribute +- set-community: An action which sets the BGP community attribute +- remove-community: An action which removes the BGP community attribute +- set-extended-community: An action which sets the BGP extended community attribute +- set-next-hop: An action which sets the next hop +- set-local-preference: An action which sets the BGP local preference +- modify-metric: An action which sets the metric +- set-originator-id: An action which sets the originator id +- set-origin: An action which sets the origin +- set-tag: An action which sets the tag +- set-bgp-weight: An action which sets the BGP weight +- set-distance: An action which sets the administrative distance +- continue: A flow action that advances to the next (or specified) entry in the policy +- call: A flow action calls the given policy ## `configure authority routing policy statement condition` @@ -39109,9 +41249,10 @@ configure authority routing policy statement condition origin [] BGP ORIGIN attribute. Options: -- igp: Network Layer Reachability Information is interior to the originating AS. -- egp: Network Layer Reachability Information learned via the EGP protocol [RFC904]. -- incomplete: Network Layer Reachability Information learned by some other means. + +- igp: Network Layer Reachability Information is interior to the originating AS. +- egp: Network Layer Reachability Information learned via the EGP protocol [RFC904]. +- incomplete: Network Layer Reachability Information learned by some other means. ## `configure authority routing policy statement condition peer-address` @@ -39137,13 +41278,13 @@ The ip-address type represents an IP address and is IP version neutral. The form Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string) +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -39158,7 +41299,6 @@ all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -Must be a valid IPv6 address. Must be a valid IPv6 address. ## `configure authority routing policy statement condition peer-local` @@ -39270,20 +41410,21 @@ configure authority routing policy statement condition type [] A value from a set of predefined names. Options: -- address-prefix-filter-condition: An IPv4 prefix filter condition on address -- next-hop-prefix-filter-condition: An IPv4 prefix filter condition on next hop -- source-prefix-filter-condition: An IPv4 prefix filter condition on route source -- address-prefix-filter-ipv6-condition: An IPv6 prefix filter condition on address -- next-hop-prefix-filter-ipv6-condition: An IPv6 prefix filter condition on next hop -- as-path-filter-condition: An autonomous path filter condition -- community-filter-condition: A community filter condition -- extended-community-filter-condition: An extended community filter condition -- next-hop-interface-condition: A next hop interface condition -- metric-condition: A metric condition -- origin-condition: An origin condition -- peer-condition: A peer condition -- probability-condition: A probablity condition -- tag-condition: A tag condition + +- address-prefix-filter-condition: An IPv4 prefix filter condition on address +- next-hop-prefix-filter-condition: An IPv4 prefix filter condition on next hop +- source-prefix-filter-condition: An IPv4 prefix filter condition on route source +- address-prefix-filter-ipv6-condition: An IPv6 prefix filter condition on address +- next-hop-prefix-filter-ipv6-condition: An IPv6 prefix filter condition on next hop +- as-path-filter-condition: An autonomous path filter condition +- community-filter-condition: A community filter condition +- extended-community-filter-condition: An extended community filter condition +- next-hop-interface-condition: A next hop interface condition +- metric-condition: A metric condition +- origin-condition: An origin condition +- peer-condition: A peer condition +- probability-condition: A probablity condition +- tag-condition: A tag condition ## `configure authority routing policy statement name` @@ -39335,8 +41476,9 @@ Default: accept A value from a set of predefined names. Options: -- accept: On the conditions evaluating true execute the actions specified in the statement and terminate the policy returning accept -- reject: On the conditions evaluating true do not execute the actions specified in the statement and terminate the policy returning reject + +- accept: On the conditions evaluating true execute the actions specified in the statement and terminate the policy returning accept +- reject: On the conditions evaluating true do not execute the actions specified in the statement and terminate the policy returning reject ## `configure authority routing resource-group` @@ -39420,7 +41562,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority security description` @@ -39468,7 +41610,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority security encryption-cipher` @@ -39495,8 +41637,9 @@ Default: aes-cbc-128 Encryption cipher and mode. Options: -- aes-cbc-128: AES Cipher Block Chaining 128-bit Encryption Mode. -- aes-cbc-256: AES Cipher Block Chaining 256-bit Encryption Mode. + +- aes-cbc-128: AES Cipher Block Chaining 128-bit Encryption Mode. +- aes-cbc-256: AES Cipher Block Chaining 256-bit Encryption Mode. ## `configure authority security encryption-iv` @@ -39522,13 +41665,13 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) hex-string (string) +##### (0) hex-string (string) A hexadecimal string with octets represented as hex digits. Length: 32 -###### (1) hex-string (string) +##### (1) hex-string (string) A hexadecimal string with octets represented as hex digits separated by colons. The canonical representation uses lowercase characters. @@ -39559,13 +41702,13 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) hex-string (string) +##### (0) hex-string (string) A hexadecimal string with octets represented as hex digits. Length: 32,64 -###### (1) hex-string (string) +##### (1) hex-string (string) A hexadecimal string with octets represented as hex digits separated by colons. The canonical representation uses lowercase characters. @@ -39600,7 +41743,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority security hmac-cipher` @@ -39627,9 +41770,10 @@ Default: sha256-128 HMAC cipher and mode. Options: -- sha1: SHA1 160-bit Key Hashed Message Authentication Code Mode. -- sha256: SHA256 256-bit Key Hashed Message Authentication Code Mode. -- sha256-128: SHA256 128-bit Key Hashed Message Authentication Code Mode. + +- sha1: SHA1 160-bit Key Hashed Message Authentication Code Mode. +- sha256: SHA256 256-bit Key Hashed Message Authentication Code Mode. +- sha256-128: SHA256 128-bit Key Hashed Message Authentication Code Mode. ## `configure authority security hmac-key` @@ -39655,13 +41799,13 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) hex-string (string) +##### (0) hex-string (string) A hexadecimal string with octets represented as hex digits. Length: 8,16,32,40,64 -###### (1) hex-string (string) +##### (1) hex-string (string) A hexadecimal string with octets represented as hex digits separated by colons. The canonical representation uses lowercase characters. @@ -39693,9 +41837,10 @@ Default: time-based A value from a set of predefined names. Options: -- disabled: Do not add HMAC to packets. -- regular: Add HMAC to packets. -- time-based: Add time-based HMAC to packets. + +- disabled: Do not add HMAC to packets. +- regular: Add HMAC to packets. +- time-based: Add time-based HMAC to packets. ## `configure authority security name` @@ -39850,10 +41995,11 @@ configure authority service access-policy idp-policy [] Predefined policies for intrusion detection actions Options: -- none: No IDP policy. -- alert: A policy that only alerts. -- standard: The standard blocking and alerting policy. -- strict: A strict blocking and alerting policy. + +- none: No IDP policy. +- alert: A policy that only alerts. +- standard: The standard blocking and alerting policy. +- strict: A strict blocking and alerting policy. ## `configure authority service access-policy idp-profile` @@ -39902,8 +42048,9 @@ Default: allow Enumeration defining whether access is allowed or denied. Options: -- allow: Allow access. -- deny: Deny access. + +- allow: Allow access. +- deny: Deny access. ## `configure authority service access-policy source` @@ -39929,13 +42076,13 @@ A source address prefix, QSN, service-group or combination of tenant-name and pr Must be one of the following types: -###### (0) ip-prefix (union) +##### (0) ip-prefix (union) The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-prefix (string): +##### (0) ipv4-prefix (string): The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -39949,7 +42096,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string): +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -39974,7 +42121,7 @@ replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -###### (1) qsn (string) +##### (2) qsn (string) Qualified Service Name in the form: tenant[.authority][/[service-group/]service] @@ -39982,7 +42129,7 @@ Must contain only alphanumeric characters or any of the following: / . _ - Required format: 'Tenant[.Authority[/ServiceGroup[/Service]]]'. No forward slash-delimited segment can exceed 62 characters.(e.g., Engineering.Authority128/Video/private_conferencing). Length: 1-1024 -###### (2) service-spec (string) +##### (3) service-spec (string) Service group and service name portion of a Qualified Service Name. @@ -39990,7 +42137,7 @@ Must contain only alphanumeric characters or any of the following: - _ / . Required format: '/groupLabel1[/groupLabel2[/groupLabel3...]]'. No forward slash-delimited segment can exceed 62 characters. Length: 0-127 -###### (3) tenant-prefix (string) +##### (4) tenant-prefix (string) A string identifier for a tenant prefix. Consists of a valid tenant name, followed by @ and a valid IP Address. @@ -40019,7 +42166,7 @@ configure authority service access-policy-generated [] A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority service address` @@ -40045,13 +42192,13 @@ The host type represents either an IP prefix or a DNS domain name. Must be one of the following types: -###### (0) ip-prefix (union) +##### (0) ip-prefix (union) The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-prefix (string): +##### (0) ipv4-prefix (string): The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -40065,7 +42212,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string): +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -40090,7 +42237,7 @@ replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -###### (1) domain-name (string) +##### (2) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -40155,8 +42302,9 @@ Default: inherited A value from a set of predefined names. Options: -- inherited: Inherit from router level config for application identification. -- disabled: Disable application identification. + +- inherited: Inherit from router level config for application identification. +- disabled: Disable application identification. ## `configure authority service application-name` @@ -40178,24 +42326,20 @@ configure authority service application-name [] ##### glob-pattern (string) -A glob style pattern (following POSIX.2 fnmatch() without -special treatment of file paths): - -* matches a sequence of characters +A glob style pattern (following POSIX.2 fnmatch() without special treatment of file paths): -? matches a single character -[seq] matches any character in seq -[!seq] matches any character not in seq +- * matches a sequence of characters +- ? matches a single character +- [seq] matches any character in seq +- [!seq] matches any character not in seq -A backslash followed by a character matches the following -character. In particular: +A backslash followed by a character matches the following character. In particular: -\*matches* -\? matches ? -\\ matches \ +- \* matches * +- \? matches ? +- \\ matches \ -A sequence seq may be a sequence of characters (e.g., [abc] -or a range of characters (e.g., [a-c]). +A sequence seq may be a sequence of characters (e.g., [abc] or a range of characters (e.g., [a-c]). Length: 1-18446744073709551615 @@ -40224,12 +42368,13 @@ Default: generic A value from a set of predefined names. Options: -- generic: Default service handling. -- dhcp-relay: Act as a DHCP relay. -- dns-proxy: Act as a DNS Proxy. -- ftp-control: Handle FTP control traffic on this service. Pinholes for data flows will be established based on passive mode exchanges detected on the control flows. -- ftp-data: Pinhole service for FTP data flows. Must be paired with an FTP control service to be effective. -- template: Template service for hierarchical services. + +- generic: Default service handling. +- dhcp-relay: Act as a DHCP relay. +- dns-proxy: Act as a DNS Proxy. +- ftp-control: Handle FTP control traffic on this service. Pinholes for data flows will be established based on passive mode exchanges detected on the control flows. +- ftp-data: Pinhole service for FTP data flows. Must be paired with an FTP control service to be effective. +- template: Template service for hierarchical services. ## `configure authority service applies-to` @@ -40348,10 +42493,11 @@ configure authority service applies-to type [] A value from a set of predefined names. Options: -- authority: Applies to all routers in the authority. -- router: Router(s) to which the configuration applies. -- router-group: Logical group of router(s) to which the configuration applies. -- resource-group: An RBAC management group to which the configuration applies + +- authority: Applies to all routers in the authority. +- router: Router(s) to which the configuration applies. +- router-group: Logical group of router(s) to which the configuration applies. +- resource-group: An RBAC management group to which the configuration applies ## `configure authority service description` @@ -40396,23 +42542,22 @@ configure authority service domain-name [] ##### glob-pattern (string) A glob style pattern (following POSIX.2 fnmatch() without -special treatment of file paths): + special treatment of file paths): -* matches a sequence of characters + * matches a sequence of characters + ? matches a single character + [seq] matches any character in seq + [!seq] matches any character not in seq -? matches a single character -[seq] matches any character in seq -[!seq] matches any character not in seq + A backslash followed by a character matches the following + character. In particular: -A backslash followed by a character matches the following -character. In particular: + \* matches * + \? matches ? + \\ matches \ -\*matches* -\? matches ? -\\ matches \ - -A sequence seq may be a sequence of characters (e.g., [abc] -or a range of characters (e.g., [a-c]). + A sequence seq may be a sequence of characters (e.g., [abc] + or a range of characters (e.g., [a-c]). Length: 1-18446744073709551615 @@ -40539,7 +42684,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority service fqdn-resolution-type` @@ -40566,8 +42711,9 @@ Default: v4 A value from a set of predefined names. Options: -- v4: Resolve FQDNs as IPv4 addresses only. -- v6: Resolve FQDNs as IPv6 addresses only. + +- v4: Resolve FQDNs as IPv4 addresses only. +- v6: Resolve FQDNs as IPv6 addresses only. ## `configure authority service generate-categories` @@ -40593,7 +42739,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority service generated` @@ -40617,7 +42763,7 @@ configure authority service generated [] A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority service multicast-sender-policy` @@ -40670,8 +42816,9 @@ Default: allow Enumeration defining whether access is allowed or denied. Options: -- allow: Allow access. -- deny: Deny access. + +- allow: Allow access. +- deny: Deny access. ## `configure authority service multicast-sender-policy source` @@ -40697,13 +42844,13 @@ A source address prefix, QSN, service-group or combination of tenant-name and pr Must be one of the following types: -###### (0) ip-prefix (union) +##### (0) ip-prefix (union) The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-prefix (string): +##### (0) ipv4-prefix (string): The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -40717,7 +42864,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string): +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -40742,7 +42889,7 @@ replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed. -###### (1) qsn (string) +##### (2) qsn (string) Qualified Service Name in the form: tenant[.authority][/[service-group/]service] @@ -40750,7 +42897,7 @@ Must contain only alphanumeric characters or any of the following: / . _ - Required format: 'Tenant[.Authority[/ServiceGroup[/Service]]]'. No forward slash-delimited segment can exceed 62 characters.(e.g., Engineering.Authority128/Video/private_conferencing). Length: 1-1024 -###### (2) service-spec (string) +##### (3) service-spec (string) Service group and service name portion of a Qualified Service Name. @@ -40758,7 +42905,7 @@ Must contain only alphanumeric characters or any of the following: - _ / . Required format: '/groupLabel1[/groupLabel2[/groupLabel3...]]'. No forward slash-delimited segment can exceed 62 characters. Length: 0-127 -###### (3) tenant-prefix (string) +##### (4) tenant-prefix (string) A string identifier for a tenant prefix. Consists of a valid tenant name, followed by @ and a valid IP Address. @@ -40815,8 +42962,9 @@ Default: private Enumeration defining whether a service scope is public or private Options: -- public: Everyone allowed in the absence of access policy that restricts it. Shared on public interfaces. -- private: Restricted to the access policy of the service. Shared with other routers in the authority. + +- public: Everyone allowed in the absence of access policy that restricts it. Shared on public interfaces. +- private: Restricted to the access policy of the service. Shared with other routers in the authority. ## `configure authority service security` @@ -40926,7 +43074,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority service session-record profile` @@ -40948,7 +43096,7 @@ configure authority service session-record profile [] Transport (Layer 4) protocol. Options: -- tcp: Transmission Control Protocol. -- udp: User Datagram Protocol. -- icmp: Internet Control Management Protocol. -- gre: Generic Routing Encapsulation Protocol. -- esp: IPSec Encapsulating Security Payload Protocol. -- pim: Protocol Independent Multicast. + +- tcp: Transmission Control Protocol. +- udp: User Datagram Protocol. +- icmp: Internet Control Management Protocol. +- gre: Generic Routing Encapsulation Protocol. +- esp: IPSec Encapsulating Security Payload Protocol. +- pim: Protocol Independent Multicast. ## `configure authority service ttl-padding` @@ -41237,8 +43387,9 @@ Default: neighborhood A value from a set of predefined names. Options: -- neighborhood: Use ttl-padding settings of the neighborhood -- disabled: Disable ttl-padding for this service + +- neighborhood: Use ttl-padding settings of the neighborhood +- disabled: Disable ttl-padding for this service ## `configure authority service url` @@ -41261,23 +43412,22 @@ configure authority service url [] ##### glob-pattern (string) A glob style pattern (following POSIX.2 fnmatch() without -special treatment of file paths): - -* matches a sequence of characters + special treatment of file paths): -? matches a single character -[seq] matches any character in seq -[!seq] matches any character not in seq + * matches a sequence of characters + ? matches a single character + [seq] matches any character in seq + [!seq] matches any character not in seq -A backslash followed by a character matches the following -character. In particular: + A backslash followed by a character matches the following + character. In particular: -\*matches* -\? matches ? -\\ matches \ + \* matches * + \? matches ? + \\ matches \ -A sequence seq may be a sequence of characters (e.g., [abc] -or a range of characters (e.g., [a-c]). + A sequence seq may be a sequence of characters (e.g., [abc] + or a range of characters (e.g., [a-c]). Length: 1-18446744073709551615 @@ -41492,7 +43642,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority service-class resource-group` @@ -41539,10 +43689,11 @@ configure authority service-class traffic-class [] Relative priority of traffic. Options: -- high: High priority traffic class. -- medium: Medium priority traffic class. -- low: Low priority traffic class. -- best-effort: Best-effort priority traffic class. + +- high: High priority traffic class. +- medium: Medium priority traffic class. +- low: Low priority traffic class. +- best-effort: Best-effort priority traffic class. ## `configure authority service-policy` @@ -41709,10 +43860,11 @@ configure authority service-policy applies-to type [] A value from a set of predefined names. Options: -- authority: Applies to all routers in the authority. -- router: Router(s) to which the configuration applies. -- router-group: Logical group of router(s) to which the configuration applies. -- resource-group: An RBAC management group to which the configuration applies + +- authority: Applies to all routers in the authority. +- router: Router(s) to which the configuration applies. +- router-group: Logical group of router(s) to which the configuration applies. +- resource-group: An RBAC management group to which the configuration applies ## `configure authority service-policy best-effort` @@ -41738,7 +43890,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority service-policy best-path-criteria` @@ -41765,9 +43917,10 @@ Default: vector A value from a set of predefined names. Options: -- vector: Path with best vector cost is selected. -- average-latency: Path with the lowest rolling average latency is selected. -- mos: Path with the best Mean Opinion Score (MOS) score is selected. + +- vector: Path with best vector cost is selected. +- average-latency: Path with the lowest rolling average latency is selected. +- mos: Path with the best Mean Opinion Score (MOS) score is selected. ## `configure authority service-policy description` @@ -41835,7 +43988,7 @@ configure authority service-policy generated [] A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority service-policy ingress-source-nat` @@ -41862,8 +44015,9 @@ Default: network-interface A value from a set of predefined names. Options: -- network-interface: Use source-nat settings of ingress network-interface -- disabled: Disable ingress source nat for this service + +- network-interface: Use source-nat settings of ingress network-interface +- disabled: Disable ingress source nat for this service ## `configure authority service-policy lb-strategy` @@ -41890,8 +44044,9 @@ Default: hunt A value from a set of predefined names. Options: -- hunt: Servers are chosen in order with highest capacity first. -- proportional: Traffic is distributed evenly to all servers weighted by capacity. + +- hunt: Servers are chosen in order with highest capacity first. +- proportional: Traffic is distributed evenly to all servers weighted by capacity. ## `configure authority service-policy max-jitter` @@ -42000,22 +44155,21 @@ A value that corresponds to one of its member types. Must be one of the following types: -###### (0) enumeration +##### (0) enumeration A value from a set of predefined names. Options: -- disabled -###### (1) decimal64 +- disabled: + +##### (1) decimal64 A 64-bit decimal value. Range: 1.0-5.0 Fraction digits: 2 - - ## `configure authority service-policy name` An arbitrary, unique name for the service policy. @@ -42066,10 +44220,11 @@ Default: none A value from a set of predefined names. Options: -- none: No resiliency for packet loss. -- packet-retransmission: Enable packet loss detection. Lost packets within buffer are retransmitted. -- packet-retransmission-with-dpi: Enable packet loss detection. Lost packets within buffer are retransmitted. Additionally, if the service traffic is contained within a tunnel, apply packet retransmission to individual sessions within the tunnel. -- forward-error-correction: Enable Forward Error Correction, which will send parity packets to reconstruct lost packets. + +- none: No resiliency for packet loss. +- packet-retransmission: Enable packet loss detection. Lost packets within buffer are retransmitted. +- packet-retransmission-with-dpi: Enable packet loss detection. Lost packets within buffer are retransmitted. Additionally, if the service traffic is contained within a tunnel, apply packet retransmission to individual sessions within the tunnel. +- forward-error-correction: Enable Forward Error Correction, which will send parity packets to reconstruct lost packets. ## `configure authority service-policy path-quality-filter` @@ -42095,7 +44250,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority service-policy peer-path-resiliency` @@ -42121,7 +44276,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority service-policy qp-preference` @@ -42152,8 +44307,9 @@ Default: highest A value from a set of predefined names. Options: -- lowest: Order interfaces from lowest to highest qualifying QP value. -- highest: Order interfaces from highest to lowest qualifying QP value. + +- lowest: Order interfaces from lowest to highest qualifying QP value. +- highest: Order interfaces from highest to lowest qualifying QP value. ## `configure authority service-policy required-qp` @@ -42232,12 +44388,13 @@ Default: none A value from a set of predefined names. Options: -- none: No failover support when path goes down. -- failover: Fail over the session to use a secondary path when the best path goes down due to link failure or unacceptable path quality values. This session will stay on the secondary path and will not switch back unless the secondary path itself goes down. -- revertible-failover: Fail over the session to use a secondary path when the best path goes down due to link failure or unacceptable path quality values. This session will revert back to the best path if it comes back up or is within permissible path quality values. -- packet-duplication: Duplicate packets across all multihomed-paths to another router. Only one set of packets will be sent to the final destination. -- packet-retransmission: Enable packet loss detection. Lost packets within buffer are retransmitted. -- packet-retransmission-with-dpi: Enable packet loss detection. Lost packets within buffer are retransmitted. Additionally, if the service traffic is contained within a tunnel, apply packet retransmission to individual sessions within the tunnel. + +- none: No failover support when path goes down. +- failover: Fail over the session to use a secondary path when the best path goes down due to link failure or unacceptable path quality values. This session will stay on the secondary path and will not switch back unless the secondary path itself goes down. +- revertible-failover: Fail over the session to use a secondary path when the best path goes down due to link failure or unacceptable path quality values. This session will revert back to the best path if it comes back up or is within permissible path quality values. +- packet-duplication: Duplicate packets across all multihomed-paths to another router. Only one set of packets will be sent to the final destination. +- packet-retransmission: Enable packet loss detection. Lost packets within buffer are retransmitted. +- packet-retransmission-with-dpi: Enable packet loss detection. Lost packets within buffer are retransmitted. Additionally, if the service traffic is contained within a tunnel, apply packet retransmission to individual sessions within the tunnel. ## `configure authority service-policy transport-state-enforcement` @@ -42264,10 +44421,11 @@ Default: reset A value from a set of predefined names. Options: -- allow: TCP non-syn first packets are allowed, as well as packets that do not conform to the TCP state machine. -- block: TCP non-syn first packets are blocked, and packets that do not conform to the TCP state machine are dropped. -- reset: TCP non-syn first packets cause a reset on the session and packets that do not conform to the TCP state machine are dropped. -- strict: TCP non-syn first packets cause a reset on the session, packets that do not conform to the TCP state machine are dropped, and packets that do not conform to sequence checking are dropped. + +- allow: TCP non-syn first packets are allowed, as well as packets that do not conform to the TCP state machine. +- block: TCP non-syn first packets are blocked, and packets that do not conform to the TCP state machine are dropped. +- reset: TCP non-syn first packets cause a reset on the session and packets that do not conform to the TCP state machine are dropped. +- strict: TCP non-syn first packets cause a reset on the session, packets that do not conform to the TCP state machine are dropped, and packets that do not conform to sequence checking are dropped. ## `configure authority service-policy vector` @@ -42359,8 +44517,9 @@ Range: 1-999999 A value from a set of predefined names. Options: -- ordered: priority value determined by ordinal position -- never:paths with the vector are not used + +- ordered: priority value determined by ordinal position +- never: paths with the vector are not used ## `configure authority session-record-profile` @@ -42510,10 +44669,11 @@ configure authority session-record-profile applies-to type [] A value from a set of predefined names. Options: -- authority: Applies to all routers in the authority. -- router: Router(s) to which the configuration applies. -- router-group: Logical group of router(s) to which the configuration applies. -- resource-group: An RBAC management group to which the configuration applies + +- authority: Applies to all routers in the authority. +- router: Router(s) to which the configuration applies. +- router-group: Logical group of router(s) to which the configuration applies. +- resource-group: An RBAC management group to which the configuration applies ## `configure authority session-record-profile enabled` @@ -42539,7 +44699,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority session-record-profile include-modify-record` @@ -42565,7 +44725,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority session-record-profile include-start-record` @@ -42591,7 +44751,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority session-record-profile intermediate-records` @@ -42631,7 +44791,7 @@ Default: true A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority session-record-profile intermediate-records interval` @@ -42751,8 +44911,9 @@ Default: packet-based A value from a set of predefined names. Options: -- packet-based: Detect sessions needing recovery due to unsolicited packets. -- inactivity-based: Detect sessions needing recovery due to session inactivity. + +- packet-based: Detect sessions needing recovery due to unsolicited packets. +- inactivity-based: Detect sessions needing recovery due to session inactivity. ## `configure authority session-type` @@ -42884,7 +45045,7 @@ Default: false A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority session-type resource-group` @@ -43080,12 +45241,327 @@ configure authority session-type transport protocol [] Transport (Layer 4) protocol. Options: -- tcp: Transmission Control Protocol. -- udp: User Datagram Protocol. -- icmp: Internet Control Management Protocol. -- gre: Generic Routing Encapsulation Protocol. -- esp: IPSec Encapsulating Security Payload Protocol. -- pim: Protocol Independent Multicast. + +- tcp: Transmission Control Protocol. +- udp: User Datagram Protocol. +- icmp: Internet Control Management Protocol. +- gre: Generic Routing Encapsulation Protocol. +- esp: IPSec Encapsulating Security Payload Protocol. +- pim: Protocol Independent Multicast. + +## `configure authority software-access` + +Configuration for SSR software access for the authority. Supported on managed assets only. + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [`channel`](#configure-authority-software-access-channel) | The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token. | +| `delete` | Delete configuration data | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| [`rpm-channel`](#configure-authority-software-access-rpm-channel) | The software access RPM channel to use. The RPM channel will override the authority channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token. | +| `show` | Show configuration data for 'software-access' | +| [`ssr-image-channel`](#configure-authority-software-access-ssr-image-channel) | The software access SSR image channel to use. The SSR image channel will override the authority channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token. | +| [`token`](#configure-authority-software-access-token) | The authority software access token. | +| [`username`](#configure-authority-software-access-username) | The authority software access username. | + +## `configure authority software-access channel` + +The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token. + +#### Usage + +``` +configure authority software-access channel [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-channel | The value to set for this field | + +#### Description + +Default: release + +##### software-access-channel (enumeration) + +The software access channels. + +Options: +prealpha Enable access to software in the prealpha channel. +alpha Enable access to software in the alpha channel. +beta Enable access to software in the beta channel. +release Enable access to software in the release channel. + +## `configure authority software-access rpm-channel` + +The software access RPM channel to use. The RPM channel will override the authority channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token. + +#### Usage + +``` +configure authority software-access rpm-channel [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-channel-override | The value to set for this field | + +#### Description + +Default: use-software-access-channel + +##### software-access-channel-override (enumeration) + +The software access channel overrides. + +Options: +use-software-access-channel Use the configured channel. +prealpha Override the configured channel with the prealpha channel. +alpha Override the configured channel with the alpha channel. +beta Override the configured channel with the beta channel. +release Override the configured channel with the release channel. + +## `configure authority software-access ssr-image-channel` + +The software access SSR image channel to use. The SSR image channel will override the authority channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token. + +#### Usage + +``` +configure authority software-access ssr-image-channel [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-channel-override | The value to set for this field | + +#### Description + +Default: use-software-access-channel + +##### software-access-channel-override (enumeration) + +The software access channel overrides. + +Options: +use-software-access-channel Use the configured channel. +prealpha Override the configured channel with the prealpha channel. +alpha Override the configured channel with the alpha channel. +beta Override the configured channel with the beta channel. +release Override the configured channel with the release channel. + +## `configure authority software-access token` + +The authority software access token. + +#### Usage + +``` +configure authority software-access token [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-token | The value to set for this field | + +#### Description + +##### software-access-token (string) + +The software access token. + +Must not contain whitespace in the software access token. + +## `configure authority software-access username` + +The authority software access username. + +#### Usage + +``` +configure authority software-access username [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-username | The value to set for this field | + +#### Description + +##### software-access-username (string) + +The software access username. + +Must not contain a colon or whitespace in the software access username. + +## `configure authority software-access` + +Configuration for SSR software access for the authority. Supported on managed assets only. + +##### Subcommands + +| command | description | +| ------- | ----------- | +| [`channel`](#configure-authority-software-access-channel) | The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token. | +| `delete` | Delete configuration data | +| `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | +| [`rpm-channel`](#configure-authority-software-access-rpm-channel) | The software access RPM channel to use. The RPM channel will override the authority channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token. | +| `show` | Show configuration data for 'software-access' | +| [`ssr-image-channel`](#configure-authority-software-access-ssr-image-channel) | The software access SSR image channel to use. The SSR image channel will override the authority channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token. | +| [`token`](#configure-authority-software-access-token) | The authority software access token. | +| [`username`](#configure-authority-software-access-username) | The authority software access username. | + +## `configure authority software-access channel` + +The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token. + +#### Usage + +``` +configure authority software-access channel [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-channel | The value to set for this field | + +#### Description + +Default: release + +##### software-access-channel (enumeration) + +The software access channels. + +Options: +prealpha Enable access to software in the prealpha channel. +alpha Enable access to software in the alpha channel. +beta Enable access to software in the beta channel. +release Enable access to software in the release channel. + +## `configure authority software-access rpm-channel` + +The software access RPM channel to use. The RPM channel will override the authority channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token. + +#### Usage + +``` +configure authority software-access rpm-channel [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-channel-override | The value to set for this field | + +#### Description + +Default: use-software-access-channel + +##### software-access-channel-override (enumeration) + +The software access channel overrides. + +Options: +use-software-access-channel Use the configured channel. +prealpha Override the configured channel with the prealpha channel. +alpha Override the configured channel with the alpha channel. +beta Override the configured channel with the beta channel. +release Override the configured channel with the release channel. + +## `configure authority software-access ssr-image-channel` + +The software access SSR image channel to use. The SSR image channel will override the authority channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token. + +#### Usage + +``` +configure authority software-access ssr-image-channel [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-channel-override | The value to set for this field | + +#### Description + +Default: use-software-access-channel + +##### software-access-channel-override (enumeration) + +The software access channel overrides. + +Options: +use-software-access-channel Use the configured channel. +prealpha Override the configured channel with the prealpha channel. +alpha Override the configured channel with the alpha channel. +beta Override the configured channel with the beta channel. +release Override the configured channel with the release channel. + +## `configure authority software-access token` + +The authority software access token. + +#### Usage + +``` +configure authority software-access token [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-token | The value to set for this field | + +#### Description + +##### software-access-token (string) + +The software access token. + +Must not contain whitespace in the software access token. + +## `configure authority software-access username` + +The authority software access username. + +#### Usage + +``` +configure authority software-access username [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| software-access-username | The value to set for this field | + +#### Description + +##### software-access-username (string) + +The software access username. + +Must not contain a colon or whitespace in the software access username. ## `configure authority software-update` @@ -43149,19 +45625,19 @@ An IP address or prefix. Must be one of the following types: -###### (0) ip-address (union) +##### (0) ip-address (union) The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-address (string): +##### (0) ipv4-address (string): The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) ipv6-address (string): +##### (1) ipv6-address (string) The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. @@ -43178,13 +45654,13 @@ not allowed. Must be a valid IPv6 address. -###### (1) ip-prefix (union) +##### (1) ip-prefix (union) The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version. Must be one of the following types: -###### (0) ipv4-prefix (string): +##### (0) ipv4-prefix (string): The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -43198,7 +45674,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string): +##### (3) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -43316,13 +45792,13 @@ The host type represents either an IPv4 address or a DNS domain name. Must be one of the following types: -###### (0) ipv4-address (string) +##### (0) ipv4-address (string) The ipv4-address type represents an IPv4 address in dotted-quad notation. Must be a valid IPv4 address. -###### (1) domain-name (string) +##### (1) domain-name (string) The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. @@ -43507,7 +45983,7 @@ configure authority tenant generated [] A true or false value. -Options: `true` or `false` +Options: true or false ## `configure authority tenant member` @@ -43559,7 +46035,7 @@ The ip-prefix type represents an IP prefix and is IP version neutral. The format Must be one of the following types: -###### (0) ipv4-prefix (string) +##### (0) ipv4-prefix (string) The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the @@ -43573,7 +46049,7 @@ The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix. -###### (1) ipv6-prefix (string) +##### (1) ipv6-prefix (string) The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the @@ -43954,6 +46430,7 @@ configure authority trusted-ca-certificate | [`name`](#configure-authority-trusted-ca-certificate-name) | An identifier for the trusted CA certificate. | | `override-generated` | Force auto-generated configuration and any modifications to it to persist on commit | | `show` | Show configuration data for 'trusted-ca-certificate' | +| [`validation-mode`](#configure-authority-trusted-ca-certificate-validation-mode) | Trusted CA certificate validation mode. | ## `configure authority trusted-ca-certificate content` @@ -44002,6 +46479,32 @@ A string identifier which only uses alphanumerics, underscores, or dashes, and c Must contain only alphanumeric characters or any of the following: _ - Length: 0-63 +## `configure authority trusted-ca-certificate validation-mode` + +Trusted CA certificate validation mode. + +#### Usage + +``` +configure authority trusted-ca-certificate validation-mode [] +``` + +##### Positional Arguments + +| name | description | +| ---- | ----------- | +| certificate-validation-mode | The value to set for this field | + +#### Description + +##### certificate-validation-mode (enumeration) + +Sets the mode of certificate validation + +Options: +strict Reject insecure certificates during import. +warn Warn when importing insecure certificates + ## `configure authority web-messages` Configure Web Messages diff --git a/docs/config_dev_intf_traf_eng.md b/docs/config_dev_intf_traf_eng.md new file mode 100644 index 0000000000..1500011581 --- /dev/null +++ b/docs/config_dev_intf_traf_eng.md @@ -0,0 +1,114 @@ +--- +title: Device Interface Traffic Engineering +sidebar_label: Device Interface Traffic Engineering +--- + +Device interface traffic engineering allows you to impose a transmit cap on all traffic egressing a specific device-interface. + +## How It Works + +For device-interface traffic-engineering to make a scheduling decision, the packet is queried to determine whether that packet has scheduling enabled. If so, the packet is enqueued into a scheduler specific for that device-interface. If not, the packet continues with normal packet processing. + +Let's use the following scenario to understand how to configure device interface traffic engineering: + +During the initial SSR deployment, the customer was passing approximately 80Mbps of traffic, and did not have traffic engineering configured. Over time the traffic increased and now is exceeding the 150Mbps limit set by the ISP. This causes traffic to be dropped at the upstream ISP router. + +## Configuration + +To match bandwidth provided by the ISP, the customer enables Traffic Engineering on the Egress device-interface that is connected to ISP, and then configures a transmit-cap of 150Mbps. + +Device interface traffic engineering is configured under the [`device-interface`](config_command_guide.md#configure-authority-router-node-device-interface-traffic-engineering). + +``` +authority + router + node + device-interface 2 + traffic-engineering + enabled true + transmit-cap 1500000 + traffic-profile example-profile-1 + exit + exit + exit +``` + +- `enabled`: Creates the scheduler to be used on egress for the device interface +- `transmit-cap`: The effective port rate of the device interfaces in bits per second. This value is matched internally to the link speed of the device. +- `traffic-profile`: Identifies the traffic-profile to be used when determining the traffic class distributions. + +![Traffic Engineering Settings](/img/config_dev_interface_te.png) + + +### Limitations + +Enabling traffic engineering will introduce a performance impact to the packet-per-second processing rate as the QoS engine works to ensure fairness of packet distribution under congestion scenarios. When used in conjunction with other traffic engineering settings (e.g., adjacency traffic engineering configured alongside device interface traffic engineering), performance may be further impacted. + +## Troubleshooting and Statistics + +Given the packet performance nature of the scheduler, no logs exist at the per-packet level to monitor traffic-engineering performance. The statistics described below are the best source of information about performance. The `success-bandwidth` and `failure-bandwidth` meters are good indicators of how well the scheduler is handling packets. For failure-bandwidth, additional statistics can be used to determine the reason for loss. Some examples are a queue full scenario resulting from an unhandled burst, or packets being dropped due to excessive time spent within the scheduler. + +Statistics for device-interface traffic engineering can be viewed from the `show stats traffic-eng device-interface` command. Use the following statistics to help analyze device-interface behavior when traffic-engineering is configured. + +The general statistics apply to the scheduler as a whole. Per-traffic-class statistics are maintained for all the available traffic-classes (high, medium, low, best-effort). + +### Gathering Statistics + +To gather information about device interface traffic engineering, query the following statistics using the `show stats traffic-eng device-interface` command. These statistics are specific to the device interface and provide insight into how the schedulers are operating. + +``` +admin@combo-east-a.combo-east# show stats traffic-eng device-interface +Tue 2024-03-19 13:39:20 UTC +Retrieving statistics... + +Device Interface Traffic Engineering Stats +------------------------------------------ + +============================================================== ============== ================== + Metric Node Value +============================================================== ============== ================== + common schedule-failure combo-east-a 269453 + common schedule-success combo-east-a 12836478 + common tracked-buffers combo-east-a 63 + peer-path dequeue-cycle-count combo-east-a 38454523 + peer-path enqueue-cycle-count combo-east-a 38454523 + peer-path packets-queued combo-east-a 0 + peer-path per-traffic-class buffer-capacity-exceeded-bytes combo-east-a 0 + peer-path per-traffic-class buffer-capacity-exceeded-packets combo-east-a 0 + peer-path per-traffic-class dequeue-aqm-drop-bytes combo-east-a 0 + peer-path per-traffic-class dequeue-aqm-drop-packets combo-east-a 0 + peer-path per-traffic-class dequeue-max-latency-drop-bytes combo-east-a 0 + peer-path per-traffic-class dequeue-max-latency-drop-packets combo-east-a 0 + peer-path per-traffic-class dequeue-success-bytes combo-east-a 48740202 + peer-path per-traffic-class dequeue-success-packets combo-east-a 126011 + peer-path per-traffic-class schedule-failure-bandwidth combo-east-a 0 + peer-path per-traffic-class schedule-failure-bytes combo-east-a 0 + peer-path per-traffic-class schedule-failure-packets combo-east-a 0 + peer-path per-traffic-class schedule-success-bandwidth combo-east-a 1231157 + peer-path per-traffic-class schedule-success-bytes combo-east-a 48740202 + peer-path per-traffic-class schedule-success-packets combo-east-a 126011 + peer-path scheduler-reset combo-east-a 0 +``` + +### Statistics Descriptions + +To gather information about device interface traffic engineering, query the following statistics using the `show stats traffic-eng device-interface` command. These statistics are specific to the device interface and provide insight into how the schedulers are operating. + +- `enqueue-cycle-count`: The current enqueue cycle count in traffic engineering for this interface. This statistic refers to the last time (in cycles) that a packet was enqueued into the scheduler. This value is helpful when debugging. +- `dequeue-cycle-count`: The current dequeue cycle count in traffic engineering for this interface. This statistic refers to the last time (in cycles) that the scheduler attempted to dequeue a packet. This value is helpful when debugging. +- `packets-queued`: The current number of packets queued in traffic engineering for this interface. +- `scheduler-reset`: The number of times the scheduler was reset due to encountering an processing error. +- `per-traffic-class schedule-success-bytes`: The number of bytes successfully scheduled for transmission for this interface. +- `per-traffic-class schedule-success-packets`: The number of packets successfully scheduled for transmission for this interface. +- `per-traffic-class schedule-failure-bytes`: The number of bytes failed to be scheduled for transmission due to bandwidth oversubscription for this interface. +- `per-traffic-class schedule-failure-packets`: The number of packets failed to be scheduled for transmission due to bandwidth oversubscription for this interface. +- `per-traffic-class dequeue-success-bytes`: The number of bytes successfully dequeued from the scheduler for transmission for this interface. +- `per-traffic-class dequeue-success-packets`: The number of packets successfully dequeued from the scheduler for transmission for this interface. +- `per-traffic-class dequeue-max-latency-drop-bytes`: The number of bytes scheduled for transmission that were dropped due to excessive latency for this interface. +- `per-traffic-class dequeue-max-latency-drop-packets`: The number of packets scheduled for transmission that were dropped due to excessive latency for this interface. +- `per-traffic-class dequeue-aqm-drop-bytes`: The number of bytes scheduled for transmission that were dropped due to Active Queue Management for this interface. +- `per-traffic-class dequeue-aqm-drop-packets`: The number of packets scheduled for transmission that were dropped due to Active Queue Management for this interface. +- `per-traffic-class buffer-capacity-exceeded-bytes`: The number of bytes failed to be scheduled for transmission due to exceeded buffer capacity for this interface. +- `per-traffic-class buffer-capacity-exceeded-packets`: The number of packets failed to be scheduled for transmission due to exceeded buffer capacity for this interface. +- `per-traffic-class schedule-success-bandwidth`: Traffic bandwidth in bytes per second successfully scheduled for transmission for this interface. +- `per-traffic-class schedule-failure-bandwidth`: Traffic bandwidth in bytes per second that failed to be scheduled or was dropped due to active queue managment for this interface. diff --git a/docs/config_dnat.md b/docs/config_dnat.md new file mode 100644 index 0000000000..2148a2ae30 --- /dev/null +++ b/docs/config_dnat.md @@ -0,0 +1,74 @@ +--- +title: Dynamic Ingress Source NAT +sidebar_label: Dynamic Ingress Source NAT +--- + +Dynamic Source NAT translates multiple source IP addresses into a smaller pool of translated addresses and dynamic ports, which conserves public IP address space and provides the flexibility to source NAT a specific IP range. This supports scaling up sessions for an internal service. For example, in a corporate office with a SIP phone service where all phones have different IPs on port 5060, these internal IP addresses are source NAT’ed to a single external IP address. + +Dynamic Source NAT may also provide solutions for IP address conflicts, but the IP mapping is not one-to-one and does NOT provide destination NAT in the reverse direction. To facilitate the destination NAT mapping for network connections from the external client to the internal client, use [`bidirectional-nat`](config_static_nat.md). + +Consider the following scenario, similar to the Static NAT example focusing on a company acquisition, where the `spk-lan2` network is overlapping and not routable in `Corp` and `Internet`. + +![Static Nat Diagram](/img/static_nat_example.png) + +The Dynamic Source NAT challenge is illustrated in scenarios #2 and #4 below, where multiple clients of IP subnet 192.168.1.0/24, from `spk-lan2` are running same application on port 1111, but given only one IP address, 172.16.128.10, to source NAT out. + +| Scenario | Source | Destination | Translation Required | +| --- | --- | --- | --- | +| 2 | 192.168.1.10:1111 @ spk-lan2
192.168.1.11:1111 @ spk-lan2 | 10.10.10.10:xxxx @ hub-lan1 | 172.16.128.10:1653 -> 10.10.10.10:xxxx
172.16.128.10:1654 -> 10.10.10.10:xxxx | +| 4 | 192.168.1.10:1111 @ spk-lan2
192.168.1.11:1111 @ spk-lan2 | 172.16.129.10:* @spk-lan1 | 172.16.128.10:1653 -> 172.16.129.10:xxxx
172.16.128.10:1654 -> 172.16.129.10:xxxx | + +By applying Dynamic Source NAT configuration to the `spk-lan2` interface, the `192.168.1.0/24` subnet can be mapped to the single IP address and subnet `172.16.128.10/32`, with dynamically allocated ports. This allows the SSR to dynamically build a many-to-one source NAT mapping. + +## Configuration + +In scenario #2, sessions from an application using port 1111 are initiated from multiple clients of the spk-lan2 interface, to a client of hub-lan1 on 10.10.10.10. The first client at host 192.168.1.10 and port 1111 is assigned a source NAT of 172.16.128.10:1653 where port 1653 is allocated dynamically. The second client at 192.168.1.11 with port 1111 is allocated a dynamic source NAT of 172.16.128.10:1654. + +Scenario #4 is similar, except the target connections are to the client at the `spk-lan1` interface using 172.16.129.10 which has been mapped by Static NAT. The same Dynamic Source NAT processes from Senario #2 are applied here. + +The following is the router configuration for both the above use cases. Packets going through `spk-lan2` within the 192.168.1.0/24 domain will be source-natted to 172.16.128.10/32. + +### Sample PCLI Configuration + +``` +config + authority + router spoke + node node1-spoke + device-interface spk-lan2 + network-interface spk-lan2 + dynamic-source-nat 192.168.1.0/24 + local-ip 192.168.1.0/24 + remote-ip 172.16.128.10/32 + exit + exit + exit + exit + exit + exit +exit +``` + +### Sample GUI Configuration: + +Network Interface Configuration + +![Network Interface configuration](/img/dnat_net-intf_gui_config.png) + +Dynamic Source NAT Configuration + +![Dynamic Source NAT Configuration](/img/dnat_gui_config.png) + +### Configuration Commands + +Dynamic Source NAT is configured from the network-interface using the following commands: + +[`dynamic-source-nat`](config_command_guide.md#configure-authority-router-node-device-interface-network-interface-dynamic-source-nat): Defines the prefixes that need to be dynamically source natted for packets ingressing this interface. + +- [`local-ip`](config_command_guide.md#configure-authority-router-node-device-interface-network-interface-dynamic-source-nat-local-ip): For packets ingressing this interface, the IP that is source NAT'ed to the `remote-ip`. +- [`remote-ip`](config_command_guide.md#configure-authority-router-node-device-interface-network-interface-dynamic-source-nat-remote-ip): For packets ingressing this interface, the IP where the `local-ip` will be source NAT'ed. `remote-ip` must use the /32 prefix. + +## Show Commands + +The [`show network-interface source-nat-rules`](cli_reference.md#show-network-interface-source-nat-rules) can be run from the router or the conductor to display brief or detailed information for NAT configurations. Please see the [NAT Troubleshooting](ts_nat_troubleshooting.md) pages for information about the `source-nat-rules` subcommand. + diff --git a/docs/config_domain-based_web_filter.md b/docs/config_domain-based_web_filter.md index 36a8d5c662..cc3a47efcc 100644 --- a/docs/config_domain-based_web_filter.md +++ b/docs/config_domain-based_web_filter.md @@ -198,6 +198,34 @@ Active categories and domains are displayed in the GUI on the Applications Seen ![Select Applications Seen](/img/dbwf_appl_seen.png) +### Invalid Applications + +In cases where an application is configured incorrectly, or a domain is mistakenly configured as an application, an alarm is generated. + +For example, in the configuration snippet below a service is configured using an invalid application name: `You-Tube`. (The correct name for the application would be YouTube.) + +``` + service You-Tube + name You-Tube + application-name You-Tube +``` + +The result is the following alarm in the `show alarms` output: + +``` +admin@conductor-east-1.RTR_EAST_CONDUCTOR# show alarms +Tue 2024-07-09 14:25:28 UTC +WARNING: Targeting router 'all' may take a long time. Continue anyway? [y/N]: y +✔ Retrieving alarms... + +================================ ===================== ========== ======== =========== =================================== + ID Time Severity Source Category Message +================================ ===================== ========== ======== =========== =================================== + combo-east-1.RTR_EAST_COMBO:30 2024-07-09 14:24:47 Major INTERFACE Invalid applications: *.bea-brak.de +``` + +If you encounter this alarm, review your application configurations. + ## Service Matching Order When matching a session to a service, the list below represents the priority order in which the service resolution is performed. diff --git a/docs/config_ha.md b/docs/config_ha.md index 1d0b2ddfb4..3e41ec78e3 100644 --- a/docs/config_ha.md +++ b/docs/config_ha.md @@ -5,16 +5,18 @@ sidebar_label: Dual Node High Availability The SSR provides significant flexibility for high availability configurations. The SSR can deploy multiple software instances (referred to as nodes) within the same single installation, providing high availability across router nodes. And like traditional routers, the SSR software can also be deployed as a single router instance on multiple platforms, with high availability configured in a dual router configuration. -This document contains the steps for configuring support for configuration of dual-node high availability. In addtion to the shared MAC interface method of dual node high availability, the release of the 5.4 software includes [VRRP as a configuration option](#high-availability-using-vrrp). +This document contains the steps for configuring support for configuration of dual-node high availability. In addition to the shared MAC interface method of dual node high availability, the release of the 5.4 software includes [VRRP as a configuration option](#high-availability-using-vrrp). A new service route parameter introduced in version 5.4, [`enable-failover`](#service-route-redundancy), provides stateful failover on the dual node HA configuration. ## Requirements + Configuring high availability in a shared-interface configuration requires that two SSR routing nodes have at least one device-interface that is shared between them. Shared interfaces are configured on both nodes, but are active on only one node at a time. These shared interfaces **must** be in the same L2 broadcast domain; this is because the SSR uses gratuitous ARP messages to announce an interface failover, so that it may receive packets in place of its counterpart. The two SSR router nodes that make up a high availability pair must be collocated due to latency sensitivities for the information that they synchronize between themselves. ## Before You Begin + There are several things to be mindful of before configuring HA; the two nodes must be informed that they are part of a high availability set, and they must have a dedicated interface between themselves for synchronizing state information about active sessions. These steps will be covered in this section. ### Configuration Change Operations @@ -89,7 +91,7 @@ Converting an existing router from standalone to HA will require downtime, and i Adding a second node requires configuring another *node* container within the router. This node will contain one or more *shared interfaces*, which will protect the router from failure modes when interfaces, links, or a node fails. Configuring shared interfaces is covered later in this document. -Follow the setps in [Non-forwarding HA Interfaces](config_non_forwarding_ha_interfaces.md) in order to provision an interface to connect between peer SSR nodes. +Follow the steps in [Non-forwarding HA Interfaces](config_non_forwarding_ha_interfaces.md) in order to provision an interface to connect between peer SSR nodes. ## Configuring the Shared Interface(s) For systems configured prior to release 5.4, Dual Node High Availability can be configured using a shared MAC interface, and is described below. For systems configured on release 5.4 and later, High Availability can be configured using VRRP. See [High Availability Using VRRP](#high-availability-using-vrrp) for information about using VRRP for dual-node failover. @@ -358,7 +360,7 @@ service-policy netcat-policy ``` -The vector and the associated priority can then be assigned to one or more next hops within the service route, providing a primary and secondary path for failover and high availablity. +The vector and the associated priority can then be assigned to one or more next hops within the service route, providing a primary and secondary path for failover and high availability. ``` service-route name wan1-route @@ -376,7 +378,11 @@ The vector and the associated priority can then be assigned to one or more next ## High Availability Using VRRP -To facilitate a seamless failover, you can now configure VRRP on a dual node HA configuration. This reduces failover time and when configured with service-route failover, the sessions are preserved. +In dual-node HA configurations, VRRP is configurable on either the [device-interface](#configuring-vrrp-on-the-device-interface) or the [network-interface](#configuring-vrrp-on-the-network-interface). + +### Configuring VRRP on the Device Interface + +When a failover event is encountered, device interface level VRRP will fail over an entire device interface, including all network interfaces under that device interface. VRRP reduces failover time, and when configured with service-route failover, will preserve sessions. Configure VRRP on the `wan` and `lan` interfaces of node 1. In this example node 1 is set as the active node (set with the higher priority), and node 2 is configured as the standby node. @@ -488,6 +494,64 @@ Node 2 lan and wan interfaces are configured similarly, however the priority is ``` +### Configuring VRRP on the Network Interface + +The `vrrp` field under `network-interface` has the following configuration parameters: + +``` +network-interface lan2 + vrrp + enabled + priority <1-255> + vrid <1-255> + advertisement-interval <100-40950> + exit +``` + +With this configuration option, network interfaces can have VRRP enabled independent of one another, allowing redundant interfaces to fail over when necessary, and unaffected interfaces to continue operation. For example, perhaps there is one interface that does not need to failover, but two that do. VRRP can be configured on two of the network-interfaces, and disabled on the third interface. Or, if it is desirable to have a VLAN to go over node0 as primary and another VLAN go over node1 as primary, this can be defined in the configuration by specifying the priority. + +In the configuration example below: +- lan1 takes node0 as primary and fails over to node1 +- lan2 takes node1 as primary and fails over to node0 +- lan3 only exists on node0 and does not failover + +``` + node0 Node1 + device-interface lan device-interface lan + name lan name lan + pci-address xxx pci-address xxx + network-interface lan1 network-interface lan1 + vrrp vrrp + enabled true enabled true + priority 20 priority 10 + vrid 1 vrid 1 + exit exit + name lan1 name lan1 + vlan 1 vlan 1 + address xxxx address xxxx + exit exit + + Network-interface lan2 network-interface lan2 + Vrrp vrrp + enabled true enabled true + priority 10 priority 20 + vrid 15 vrid 15 + exit exit + name lan2 name lan2 + Vlan 2 vlan 2 + address xxxxx address xxxx + network-interface lan3 + name lan3 + vlan 3 + address xxx + exit + +``` + +### Show Commands + +Use the `show network interface` command to display active standby at vlan level, and the `show network-interface redundancy` command to show redundancy status of network-interfaces. + ### Configuration Considerations - VRRP can be enabled only on one of the vlans, but the state of VRRP run on that vlan affects the whole device interface. The vrrp vlan will default to `vlan 0`, but is user configurable to a different vlan. diff --git a/docs/config_lacp.md b/docs/config_lacp.md index 6a29e461a8..a754b9f424 100644 --- a/docs/config_lacp.md +++ b/docs/config_lacp.md @@ -2,9 +2,6 @@ title: Link Aggregation and LACP sidebar_label: Link Aggregation and LACP --- -:::important -This feature is currently in Beta. Support for LAG has been added for a limited number of use cases. Please refer to the [Caveats](#caveats) section for details. -::: A Link Aggregation Group (LAG) enables the grouping Ethernet interfaces to form a single link layer interface. LAGs are formed by connecting multiple ports in parallel between two devices. As more links are added between the two devices, bandwidth expands. Traffic is automatically load-balanced, and in a network failure scenario, there is link-level redundancy. @@ -29,18 +26,7 @@ LAG/LACP has the following requirements: ### Supported Platforms -LAG is currently supported on the following platforms: -- SSR120 -- SSR130 - -### Caveats - -The following caveats have been identified: - -- Dynamic reconfiguration is not currently supported. Changes in LAG configuration require a 128T service restart and may result in service disruption. Any changes to LAG configuration should be performed during a maintenance window. -- High Availability has not been fully tested, and may not be fully functional. - - VRRP with LAG is not supported - - Shared physical addresses are not allowed. +All SSR hardware platforms (SSR100 Series and SSR1000 Series) are supported. ## Configuring LAG and LACP @@ -50,7 +36,7 @@ LACP is enabled by default on the `bond` device interface, and must be configure Please note that after any changes to the LAG configuration, you must restart the 128T service. ::: -### Configuration using the PCLI +### Configuration Using the PCLI 1. Create the LAG by configuring the `bond` device-interface. - Name the interface @@ -124,7 +110,68 @@ These same settings are accessed from the GUI at the Authority > Router > Node > ![Configure LAG devices](/img/config_lacp_dev-inf-parent-bond.png) -### Configuring LLDP +## Force-up + +When enabled, `force-up` allows one member of a bond interface to send and receive without the required LACP negotiation. + +### How It Works + +`force-up` mode can only be enabled when LACP is enabled, and is disabled by default. When enabled, a bond interface that does not receive any LACP PDU's on any member interfaces over a configured time-out period enters the `force-up` mode. In this mode, one member of the bond is used as an active interface, sending and receiving without the required LACP negotiation. + +Other interfaces continue to send and receive LACP PDUs, but will not accept or send any other frames. If at any time a member receives an LACP PDU, the bond’s `force-up` mode is cleared and it operates under normal LACP protocol. + +Force-up is re-entrant; a bond interface can go into `force-up` mode, back to normal, and then into `force-up` mode again. + +#### Example + +An example use-case is a peer system that uses a PXE boot - a preboot environment where a device reaches out over the network to fetch a firmware/OS image - but is unable to support the LACP protocol to form the bond. Configuring `force-up` and time-out allows the SSR to bring the LACP interface up as an active interface without the required LACP negotiation, similar to a static-LAG. The peer system can then get the image, boot, and configure LACP. The SSR LACP bond will return to operating in LACP mode once it starts seeing LACP frames from the device. + +### Configuration + +In this example, `force-up` is configured on the LACP enabled bond interface, with a timeout of 30 seconds. + +``` + +config + authority + router red-1 + node node_one + device-interface bond0 + name bond0 + description "Bonded Interface" + type bond + + bond-settings + lacp-enabled true + force-up true + force-up-timeout 30 + ... +``` + +The `force up` mode is shown as part of the `show device-interface` output of the bond member information. + +``` +bond_members: + aggregator_port_id: 1 + selection: SELECTED + actor_detail_info: + system_priority: 65535 + system_mac_address: 90:ec:77:32:e3:f6 + port_key: 17 + port_priority: 255 + port_number: 2 + port_state: ACTIVE, TIMEOUT, AGGREGATION, DEFAULTED + partner_detail_info: + system_priority: 65535 + system_mac_address: 00:00:00:00:00:00 + port_key: 1 + port_priority: 255 + port_number: 0 + port_state: ACTIVE + state_machine_flags: LACP_ENABLED, EXPIRED, FUP +``` + +## Configuring LLDP LLDP allows other devices in the network to discover the SSR. It is not required for LAG, but when enabled it provides information about the LAG interface in the network. It should be noted that when enabled as part of LAG, it is configured for the entirety of the `bond`, not on the individual interfaces within the group. For additional information about using the LLDP command, see [`lldp`](config_reference_guide.md#lldp) @@ -142,7 +189,7 @@ LLDP allows other devices in the network to discover the SSR. It is not required ![Configuring LLDP mode](/img/config_lldp_lacp.png) -### Show Commands +## Show Commands Use the `show device-interface name ` command to troubleshoot or view the status of the LAG/LACP interface. diff --git a/docs/config_nat.md b/docs/config_nat.md deleted file mode 100644 index 13c24f22b8..0000000000 --- a/docs/config_nat.md +++ /dev/null @@ -1,228 +0,0 @@ ---- -title: Network Address Translation (NAT) -sidebar_label: NAT ---- -## Source NAT -Source NAT can be enabled on `authority > router > node > network-interface`. When enabling `source-nat` on a network-interface, all traffic egressing the interface will be network address and port translated (NAPT) to that of the address on the interface. - -:::note -The port range is not configurable and ranges between 16384 to 65534, allowing for 49,150 concurrent sessions per interface. -::: - -``` -admin@gouda.novigrad# show config running authority router novigrad node gouda device-interface wan network-interface wan-interface - -config - - authority - - router novigrad - name novigrad - - node gouda - name gouda - - device-interface wan - name wan - - network-interface wan-interface - name wan-interface - global-id 1 - vlan 0 - type external - conductor false - - neighborhood internet - name internet - exit - inter-router-security interfabric - prioritization-mode local - source-nat true - mtu 1500 - enforced-mss disabled - icmp allow - hostname gouda.novigrad.net - multicast-listeners automatic - multicast-report-proxy false - dhcp v4 - exit - exit - exit - exit - exit -exit -``` - -If support for more than 49,150 concurrent sessions per interface is needed, you can configure a _NAT Pool_ or add additional `address`es to the network-interface, expanding the source NAT capacity. - -When multiple addresses are configured, utilizing `source-nat`, the second address configured will only be utilized once the first is fully exhausted; so on and so forth. Once the next configured address starts being utilized, it will remain in use until exhausted. - -## Destination NAT - -Static desination network address translation can be performed by configuring a `service-route > nat-target`. It is common to leverage the public address of the router for internal services, such as VPN. Traffic destined to the SSR, configured as a _service_ with an _address_ that matches that of the public-facing network-interface is then NATed to an internal private address on the LAN for the application. This setting only performs address translation and does not modify the port. - -## Static NAT - -SSR supports source NAT pool configurations at interface and service-route level as described in [Static NAT Bindings](#static-nat-bindings). However, this is not always sufficient to enable simple configuration for static bidirectional NAT between two same-sized subnets. - -Static NAT defines a one-to-one mapping from one IP subnet to another IP subnet. The mapping includes source IP address translation in one direction and destination IP address translation in the reverse direction. In cases where IP address overlapping is found, such as when merging networks (for example, a corporate acquisition and merger) this simple configuration change is significantly less work than changing all the local IP addresses. The diagram below illustrates this example. - -![Static Nat Diagram](/img/static_nat_example.png) - -The `spk-lan2` network-interface is not routable (cannot send or receive traffic) in the `Corp` and `Internet` networks. The client in `spk-lan2` has a local IP within the `192.168.1.0/24` subnet and overlaps with another client from `Corp` in `spk-lan1`. This will cause problems for any sessions between `hub-lan1` or `spk-lan1` to `spk-lan2`. By configuring `bidirectional-nat` on `spk-lan1` and `spk-lan2`, the two `192.168.1.0/24` subnets are mapped to `172.16.128.0/24` and `172.16.129.0/24` respectively and differentiate themselves on the hub router. - -`bidirectional-nat` provides value in two ways: -- NAT an unroutable private IP to a routable public IP -- NAT duplicate private IPs (on different routers/networks) to different public IPs to provide differentiation on the receiving end - -#### Example - -``` -config - authority - router spoke - node node1-spoke - device-interface spk-lan2 - network-interface spk-lan2 - bidirectional-nat 192.168.1.0/24 - local-ip 192.168.1.0/24 - remote-ip 172.16.128.0/24 - exit - exit - exit - - device-interface spk-lan1 - network-interface spk-lan1 - bidirectional-nat 192.168.1.0/24 - local-ip 192.168.1.0/24 - remote-ip 172.16.129.0/24 - exit - exit - exit - exit - exit - exit -exit - -``` - -### Non-SVR Traffic - -In order for non-SVR traffic (for example, LAN-to-LAN traffic traversing a single SSR) to take advantage of static-NAT addressing, you must disable egress source-nat at the service level by setting `service > source-nat` to `disabled` as shown below. - -``` -authority - service LAN-to-LAN - name LAN-to-LAN - description "LAN-to-LAN non-SVR traffic traversing a single SSR router" - source-nat disabled - scope private - security aes1 - address - access-policy - source - permission allow - exit - exit -exit -``` - -### Using the GUI - -Set the local and remote IP addresses under Authority > Router > Node > Device Interface > Network Interface. - -![Network Interface](/img/static_nat_gui_net-intf.png) - -![Bidirectional NAT Config](/img/static_nat_gui_nat-config.png) - -### Show Commands - -For details about command output, refer to the [`show sessions`](cli_reference.md#show-sessions) and [`show sessions by-id`](cli_reference.md#show-sessions-by-id) commands. - -#### Source NAT -- On the session ingress node, the `show sessions by-id` output has an Ingress Source NAT field where the source-nat type, NAT’d source address, NAT’d port, and protocol are displayed. - -![Session Ingress](/img/source-nat1.png) - -- On the session egress node the `show sessions by-id` output has an Ingress Source NAT field where the source-nat type, NAT’d source address, NAT’d port, and protocol are displayed. - -![Session Egress](/img/source-nat2.png) - -- The `show sessions` output has `NAT IP` and `NAT Port` columns where the NAT’d source address and NAT’d source port are displayed. - -![NAT IP and Port](/img/source-nat3.png) - -#### Destination NAT - -- On the session egress node the `show sessions by-id` output shows the NAT’d destination address in the Forward Flow `NextHop` and Reverse Flow `src ip` fields. - -![Destination forward flow](/img/dest-nat1.png) - -- The `show sessions` output reverse flow `src ip `column also shows the NAT’d destination address. - -![Destination Reverse Flow Source IP](/img/dest-nat2.png) - -#### Version History - -| Release | Modification | -| ------- | ------------ | -| 6.2.0 | Static NAT Feature Introduced | - -## NAT Pools - -NAT pools are a construct that allow for the use of IP and port ranges to be shared across one or more network-interfaces for either source or destination NATing capabilities. - -### Static NAT bindings -A static NAT binding can be configured by creating an `authority > router > nat-pool` object and assigning it to a network-interface. The following rules and constraints will apply to this configuration: - -* The _nat-pool_ prefix is used to create a N:M mapping. Where each source IP (from an ingress interface) is hashed to an IP address in the nat pool. -* The static _nat-pool_ can only be configured as: - * _ingress-nat-pool_ on a _network-interface_ when peering with another SSR - * *egress-nat-pool* on a _network-interface_ when not performing SVR - * _source-nat-pool_ on a _service-route / next-hop_ -* SSR software will not reply to ARP requests on the pool prefix on the associated interface. Therefore the SSR relies on the pool to be routed to the SSR gateway interface by another mechanism such as static-routes, BGP, etc., by the _next-hop_ in the network. -* Changes to the pool configuration will not affect the existing sessions as it has the potential of cascading effect on the network. These changes will resolve over time as the existing sessions naturally expire. - -The static NAT pool will simply hash the source IP address of incoming packets to the corresponding IP address in the pool. - -``` -nat-pool - name static-pool-1 - type static - address-pool - address 10.10.10.10/31 - -network-interface - name test-lan - address - ip-address 192.168.10.1 - prefix-length 24 - ingress-source-nat-pool static-pool-1 -``` - -In the configuration snippet above, the _192.168.10.0/24_ network for the `test-lan` will be source NAT’d to `10.10.10.10/31`. Traffic from an endpoint of source address 192.168.10.10 will be source NAT’d to 10.10.10.10; 192.168.10.11 will be source NAT’d to 10.10.10.11 and so on. Since the NAT in the model relies on a N:M mapping this can only be configured as an _ingress-source-nat-pool_ (on _network-interface_) or as a destination-nat-pool (on _service-route / next-hop_). - -### Shared NAT pools -In some scenarios, it is desirable to share the same NAT pool across services and interfaces. This feature accommodates the same NAT pool to be configured on different interfaces. There are some considerations that should be noted for failure and recovery. - -Flow Move Considerations - -Currently session migration is only supported for SVR sessions. This restriction exists because session migration of a non-SVR session is not guaranteed to terminate on the same server. As a result, the remote server might receive mid flow packets from a different source, resulting in undefined behavior. - -Session Recovery Considerations - -For shared NAT pools provisioned on an HA interface that encounters a failover, the SSR software will put the interface into recovery mode to recover all sessions. At the end of the recovery period all non-discovered ports designed as free are returned to the NAT pool. - -### Tenant filtering -The _nat-pool_ configuration can optionally be provisioned with a list of tenants. When the configuration has _multiple_ IP pools available, the _tenant_ can be used to determine which IP pool will be selected for the source NAT. Absence of a tenant implies that the IP pool is valid for all traffic. The following rules will be applied in order to determine the selection of the NAT pool: - -* The packet has a source tenant associated with it - * If more than one IP pool has a matching tenant, only the first IP pool is used and the hash is applied to create a session. The remainder of the matches are discarded - * If a pool with no tenant is configured - * Same as above - * All IP pools have tenant configured but none of them match the source tenant - * Log the failure, increment stat and drop the packet -* The packet has no source tenant associated with it - * At least one IP pool has no tenant configured to do the source NAT otherwise this will result in the session being dropped - -The tenant matching rules will apply to sub-tenants as well. For example, if an IP pool allows tenant engineering, then traffic with source tenant lab.engineering will also match the pool. diff --git a/docs/config_nat_pools.md b/docs/config_nat_pools.md new file mode 100644 index 0000000000..009c32beed --- /dev/null +++ b/docs/config_nat_pools.md @@ -0,0 +1,66 @@ +--- +title: NAT Pools +sidebar_label: NAT Pools +--- + +## NAT Pools + +NAT pools are a construct that allows for the use of IP and port ranges to be shared across one or more network-interfaces for either source or destination NATing capabilities. + +## Static NAT Bindings + +A static NAT binding is configured by creating an `authority > router > nat-pool` object and assigning it to a network-interface. The following rules and constraints apply to this configuration: + +* The _nat-pool_ prefix is used to create a N:M mapping, where each source IP (from an ingress interface) is hashed to an IP address in the nat pool. +* The static _nat-pool_ can only be configured as: + * _ingress-nat-pool_ on a _network-interface_ when peering with another SSR + * _egress-nat-pool_ on a _network-interface_ when not performing SVR + * _source-nat-pool_ on a _service-route / next-hop_ +* SSR software will not reply to ARP requests on the pool prefix on the associated interface. The SSR relies on the pool to be routed to the SSR gateway interface by another mechanism such as static-routes, BGP, etc., by the _next-hop_ in the network. +* Changes to the pool configuration will not affect the existing sessions as it has the potential of cascading effect on the network. These changes resolve over time as the existing sessions naturally expire. + +The static NAT pool hashes the source IP address of incoming packets to the corresponding IP address in the pool. + +``` +nat-pool + name static-pool-1 + type static + address-pool + address 10.10.10.10/31 + +network-interface + name test-lan + address + ip-address 192.168.10.1 + prefix-length 24 + ingress-source-nat-pool static-pool-1 +``` + +In the configuration snippet above, the _192.168.10.0/24_ network for the `test-lan` will be source NAT’d to `10.10.10.10/31`. Traffic from an endpoint of source address 192.168.10.10 will be source NAT’d to 10.10.10.10; 192.168.10.11 will be source NAT’d to 10.10.10.11 and so on. Since the NAT in the model relies on a N:M mapping this can only be configured as an _ingress-source-nat-pool_ (on _network-interface_) or as a destination-nat-pool (on _service-route / next-hop_). + +### Shared NAT Pools + +In some scenarios, it is desirable to share the same NAT pool across services and interfaces. This feature accommodates the same NAT pool to be configured on different interfaces. There are some considerations that should be noted for failure and recovery. + +#### Flow Move Considerations + +Currently session migration is only supported for SVR sessions. This restriction exists because session migration of a non-SVR session is not guaranteed to terminate on the same server. As a result, the remote server might receive mid flow packets from a different source, resulting in undefined behavior. + +#### Session Recovery Considerations + +For shared NAT pools provisioned on an HA interface that encounters a failover, the SSR software will put the interface into recovery mode to recover all sessions. At the end of the recovery period all non-discovered ports designed as free are returned to the NAT pool. + +### Tenant Filtering + +The _nat-pool_ configuration can optionally be provisioned with a list of tenants. When the configuration has _multiple_ IP pools available, the _tenant_ can be used to determine which IP pool will be selected for the source NAT. Absence of a tenant implies that the IP pool is valid for all traffic. The following rules will be applied in order to determine the selection of the NAT pool: + +* The packet has a source tenant associated with it: + * If more than one IP pool has a matching tenant, only the first IP pool is used and the hash is applied to create a session. The remainder of the matches are discarded. + * If a pool with no tenant is configured: + * Same as above. + * All IP pools have tenant configured but none of them match the source tenant: + * Log the failure, increment stat and drop the packet. +* The packet has no source tenant associated with it: + * At least one IP pool has no tenant configured to do the source NAT, otherwise this will result in the session being dropped. + +The tenant matching rules apply to sub-tenants as well. For example, if an IP pool allows tenant engineering, then traffic with source tenant `lab.engineering` will also match the pool. diff --git a/docs/config_radius.md b/docs/config_radius.md index 2eb5caef3b..caa2bdb49e 100644 --- a/docs/config_radius.md +++ b/docs/config_radius.md @@ -14,7 +14,7 @@ Either RADIUS or LDAP remote authentication can be configured on a system. If RA ## Configuring RADIUS -When authenticating from a RADIUS server, the user is authenticated against the configured credentials. When `account-creation` is set to `automatic`, users are added and identified on the server and each user account is created automatically when they authenticate successfully from a local device. This provides a simple method for managing user accounts connected to a single authentication server with devices deployed over a wide geography. +When authenticating from a RADIUS server, the user is authenticated against the configured credentials. When `account-creation` is set to `automatic`, users are added and identified on the server, with each user account created automatically upon successful authentication on a local device. This provides a simple method for managing user accounts connected to a single authentication server with devices deployed over a wide geography. If automatic account creation is enabled, users are configured on the RADIUS server using a RADIUS Vendor Specific Attribute (VSA) and user accounts are created on first login to the SSR based on the role specified in the VSA. diff --git a/docs/config_radsec.md b/docs/config_radsec.md new file mode 100644 index 0000000000..441b00f2d9 --- /dev/null +++ b/docs/config_radsec.md @@ -0,0 +1,82 @@ +--- +title: Configuring RADUIS over TLS +sidebar_label: Configuring RADIUS over TLS +--- + +RADIUS over TLS is designed to provide secure communication of RADIUS requests using the Transport Secure Layer (TLS) protocol. RADIUS over TLS, also known as RADSEC, redirects regular RADIUS traffic to remote RADIUS servers connected over TLS. RADSEC allows RADIUS authentication, authorization, and accounting data to be passed safely across untrusted networks. + +In this section: +- Configuring RADSEC +- Signing and Importing Webserver Certificates +- Syslog over TLS + +## Configuring RADSEC + +Use the following information to configure RADIUS over TLS (RADSEC). + +#### 1. Configure the RADSEC server. + +The following configuration example will add a radius server named `radsec` + +``` +admin@t327-dut1.cond# configure authority radius-server radsec +admin@t327-dut1.cond (radius-server[name=radsec])# address 172.18.5.224 +admin@t327-dut1.cond (radius-server[name=radsec])# port 2083 +admin@t327-dut1.cond (radius-server[name=radsec])# protocol tls +admin@t327-dut1.cond (radius-server[name=radsec])# account-creation manual +admin@t327-dut1.cond (radius-server[name=radsec])# ocsp strict +admin@t327-dut1.cond (radius-server[name=radsec])# server-name t327-dut1.openstacklocal +admin@t327-dut1.cond (radius-server[name=radsec])# top +``` + +#### 2. Configure the trusted CA certificate. + +The trusted CA certificate is necessary to validate the incoming client certificate. Certificates are pasted in as a multi-line config. + +Create a certificate root named `ca_root` and paste the certificate file content into the command: + +``` +admin@conductor-node-1.Conductor# config authority trusted-ca-certificate ca_root +admin@conductor-node-1.Conductor (trusted-ca-certificate[name=ca_root])# content +Enter plain for content (Press CTRL-D to finish): + +``` + +#### 3. Configure a client certificate to be used for the RADIUS client. + +Repeat the previous step to create a client certificate named `radsec`. + +``` +admin@conductor-node-1.Conductor# config authority client-certificate radsec +admin@conductor-node-1.Conductor (client-certificate[name=radsec])# content +Enter plain for content (Press CTRL-D to finish): + +``` + +#### 4. Configure the RADIUS server at the Authority level to use the configured client certificate. + +Associate the previously configured `radsec` client certificate to the radius server running on a specified node. + +`configure authority router cond node t327-dut1 radius client-certificate-name radsec` + +Note that the client certificate selected should match the appropriate IP/hostname of the node as seen from the RADIUS server. + +`validate` and `commit` the changes. + +#### 5. Create a RADIUS User + +Create a remotely authenticated RADIUS user. In this example we create user `test1`. + +``` +*admin@conductor-node-1.Conductor# create user test1 +Full Name: test1 +Authentication Type (remote or local): remote +Roles (space separated): admin +Enabled (true or false): true +Account 'test1' successfully created +``` + +When the user logs into the node `t327-dut1` via ssh, the authentication request is sent via RADSEC to the server `172.18.5.224` and the user is authenticated. + + + diff --git a/docs/config_reference_guide.md b/docs/config_reference_guide.md index 4c5f4febfe..47867f7f57 100644 --- a/docs/config_reference_guide.md +++ b/docs/config_reference_guide.md @@ -427,7 +427,7 @@ The *authority* configuration element is the top-most level in the SSR configura | conductor-address | address | The IP address or hostname of your conductors. There can be at most two conductor addresses configured in an authority; note that the addresses here should be reachable by most/all of your authority's routers. (Routers that use different addresses to reach the same conductor can override this in their configuration.) | | currency | string | Indicates local monetary currency used in the system. Default is `USD`. | | dscp-map | sub-element | Lets administrators map the inbound DSCP values received in packet headers into priority values, for traffic engineering purposes. | -| dynamic-hostname | string | This allows administrators to establish a templated pattern for how interfaces on routers will create "names" for their interfaces. These names, constructed using substitution variables in the dynamic-hostname syntax, can be used as (effectively) persistent labels for referring to the corresponding interface, rather than an IP address. This is particularly useful when an interface acquires its address using a dynamic protocol such as PPPoE or DHCP. Uses the following substitution variables: \{interface-id\} for Network Interface Global Identifier \{router-name\} for Router Name \{authority-name\} for Authority Name For example, \'interface-\{interface-id\}.\{router-name\}.\{authority-name\}\'. | +| dynamic-hostname | string | This allows administrators to establish a templated pattern for how interfaces on routers will create "names" for their interfaces. These names, constructed using substitution variables in the dynamic-hostname syntax, can be used as (effectively) persistent labels for referring to the corresponding interface, rather than an IP address. This is particularly useful when an interface acquires its address using a dynamic protocol such as PPPoE or DHCP. Uses the following substitution variables: `{interface-id}` for Network Interface Global Identifier `{router-name}` for Router Name `{authority-name}` for Authority Name For example, `interface-{interface-id}.{router-name}.{authority-name}`. | | ipfix-collector | sub-element | Allows administrators to configure authority-wide IPFIX (IP Flow Information Export) collectors, for flow-by-flow/session-by-session information. | | ldap-server | sub-element | Configuration in support of an external authentication service for administrative logins. | | name | string | A text string that names the authority. This should be unique to an administrative domain, as devices that are configured with the same authority:name are presumed to be associated with each other. It is recommended that an authority name be something associated with an enterprise deploying the SSR; e.g., "128technology". | diff --git a/docs/config_source-dest_nat.md b/docs/config_source-dest_nat.md new file mode 100644 index 0000000000..9c0e6df441 --- /dev/null +++ b/docs/config_source-dest_nat.md @@ -0,0 +1,129 @@ +--- +title: Source and Destination NAT +sidebar_label: Source and Destination NAT +--- +## Source NAT + +Source NAT can be enabled on `authority > router > node > network-interface`. When enabling `source-nat` on a network-interface, all traffic egressing the interface will be network address and port translated (NAPT) to the address on the interface. + +:::note +The port range is not configurable and ranges between 16384 to 65534, allowing for 49,151 concurrent sessions per interface. +::: + +``` +admin@gouda.novigrad# show config running authority router novigrad node gouda device-interface wan network-interface wan-interface + +config + + authority + + router novigrad + name novigrad + + node gouda + name gouda + + device-interface wan + name wan + + network-interface wan-interface + name wan-interface + global-id 1 + vlan 0 + type external + conductor false + + neighborhood internet + name internet + exit + inter-router-security interfabric + prioritization-mode local + source-nat true + mtu 1500 + enforced-mss disabled + icmp allow + hostname gouda.novigrad.net + multicast-listeners automatic + multicast-report-proxy false + dhcp disabled + address 192.168.1.101 + ip-address 192.168.1.101 + prefix-length 24 + gateway 192.168.1.1 + exit + address 192.168.1.102 + ip-address 192.168.1.102 + prefix-length 24 + gateway 192.168.1.1 + exit + exit + exit + exit + exit + exit +exit +``` + +If support for more than 49,150 concurrent sessions per interface is needed, you can configure a [NAT Pool](config_nat_pools.md) or add additional `addresses` to the `network-interface`, expanding the source NAT capacity. + +When multiple addresses are configured using `source-nat`, the next configured address is utilized **only after the first is fully exhausted**. Each configured address is used until it is exhausted. + +## Destination NAT + +Static desination network address translation can be performed by configuring a `service-route > nat-target`. It is common to leverage the public address of the router for internal services, such as VPN. Traffic destined to the SSR, configured as a _service_ with an _address_ that matches that of the public-facing network-interface is then NATed to an internal private address on the LAN for the application. This setting only performs address translation and does not modify the port. + +``` +config + authority + name ssr-128 + service vpn + name vpn + description "vpn access to internal application" + address 10.10.10.2 + transport tcp + protocol tcp + port-range 5000 + start-port 5000 + exit + exit + exit + router ssr-router + name ssr-router + node ssr-node + name ssr-node + device-interface wan + name wan + network-interface wan + name wan + address 10.10.10.2 + ip-address 10.10.10.2 + prefix-length 24 + gateway 10.10.10.1 + exit + exit + exit + device-interface lan + name lan + network-interface lan + name lan + address 192.168.1.2 + ip-address 192.168.1.2 + prefix-length 24 + gateway 192.168.1.1 + exit + exit + exit + exit + service-route dest-nat-route + name dest-nat-route + service-name vpn + nat-target 192.168.1.101 + next-hop ssr-node lan + node-name ssr-node + interface lan + exit + exit + exit + exit +exit +``` \ No newline at end of file diff --git a/docs/config_static_nat.md b/docs/config_static_nat.md new file mode 100644 index 0000000000..a17858c62a --- /dev/null +++ b/docs/config_static_nat.md @@ -0,0 +1,157 @@ +--- +title: Static Bi-directional NAT +sidebar_label: Static Bi-directional NAT +--- + +SSR supports source NAT pool configurations at interface and service-route level as described in [Static NAT Bindings](config_nat_pools.md#static-nat-bindings). However, this is not always sufficient to enable simple configuration for static bidirectional NAT between two same-sized subnets. + +Static NAT defines a one-to-one mapping from one IP subnet to another IP subnet. The mapping includes source IP address translation in one direction and destination IP address translation in the reverse direction. In cases where IP address overlapping is found, such as when merging networks (for example, a corporate acquisition and merger) this simple configuration change is significantly less work than changing all the local IP addresses. The diagram below illustrates this example. + +![Static Nat Diagram](/img/static_nat_example.png) + +The `spk-lan2` network-interface is not routable (cannot send or receive traffic) in the `Corp` and `Internet` networks. The client in `spk-lan2` has a local IP within the `192.168.1.0/24` subnet and overlaps with another client from `Corp` in `spk-lan1`. This will cause problems for any sessions between `hub-lan1` or `spk-lan1` to `spk-lan2`. By configuring `bidirectional-nat` on `spk-lan1` and `spk-lan2`, the two `192.168.1.0/24` subnets are mapped to `172.16.128.0/24` and `172.16.129.0/24` respectively and differentiate themselves on the hub router. + +`bidirectional-nat` provides value in two ways: +- NAT an unroutable private IP to a routable public IP +- NAT duplicate private IPs (on different routers/networks) to different public IPs to provide differentiation on the receiving end + +#### Example + +``` +config + authority + router spoke + node node1-spoke + device-interface spk-lan2 + network-interface spk-lan2 + bidirectional-nat 192.168.1.0/24 + local-ip 192.168.1.0/24 + remote-ip 172.16.128.0/24 + exit + exit + exit + + device-interface spk-lan1 + network-interface spk-lan1 + bidirectional-nat 192.168.1.0/24 + local-ip 192.168.1.0/24 + remote-ip 172.16.129.0/24 + exit + exit + exit + exit + exit + exit +exit + +``` + +## Non-SVR Traffic + +In order for non-SVR traffic (for example, LAN-to-LAN traffic traversing a single SSR) to take advantage of static-NAT addressing, you must disable egress source-nat. This is done in the following locations within the configuration + +### Service Level + +Disable `egress source-nat` at the service level by setting `service > source-nat` to `disabled` as shown below. + +``` +authority + service LAN-to-LAN + name LAN-to-LAN + description "LAN-to-LAN non-SVR traffic traversing a single SSR router" + source-nat disabled + scope private + security aes1 + address + access-policy + source + permission allow + exit + exit +exit +``` + +### Network Interface Level + +Disable `egress source-nat` at the network-interface level by setting `network-interface > source-nat` to `false` and not configuring `network-interface > egress-source-nat-pool`. + +``` +authority + router SSR-router + name SSR-router + node SSR-node + name SSR-node + device-interface egress-LAN + name egress-LAN + network-interface egress-LAN + name egress-LAN + source-nat false + egress-source-nat-pool + exit + exit + exit + exit +exit +``` + +### Service Route Level + +Disable `egress source-nat` at the service-route level by **not** configuring `service-route > next-hop > source-nat-pool`. + +``` +authority + router SSR + service-route LAN-to-LAN-route + name LAN-to-LAN-route + service-name LAN-to-LAN + next-hop node egress-LAN + node-name SSR-node + interface egress-LAN + source-nat-pool + exit + exit + exit +exit +``` + + +## Using the GUI + +Set the local and remote IP addresses under Authority > Router > Node > Device Interface > Network Interface. + +![Network Interface](/img/static_nat_gui_net-intf.png) + +![Bidirectional NAT Config](/img/static_nat_gui_nat-config.png) + +## Show Commands + +For details about command output, refer to the [`show sessions`](cli_reference.md#show-sessions) and [`show sessions by-id`](cli_reference.md#show-sessions-by-id) commands. + +### Source NAT +- On the session ingress node, the `show sessions by-id` output has an Ingress Source NAT field where the source-nat type, NAT’d source address, NAT’d port, and protocol are displayed. + +![Session Ingress](/img/source-nat1.png) + +- On the session egress node the `show sessions by-id` output has an Ingress Source NAT field where the source-nat type, NAT’d source address, NAT’d port, and protocol are displayed. + +![Session Egress](/img/source-nat2.png) + +- The `show sessions` output has `NAT IP` and `NAT Port` columns where the NAT’d source address and NAT’d source port are displayed. + +![NAT IP and Port](/img/source-nat3.png) + +### Destination NAT + +- On the session egress node the `show sessions by-id` output shows the NAT’d destination address in the Forward Flow `NextHop` and Reverse Flow `src ip` fields. + +![Destination forward flow](/img/dest-nat1.png) + +- The `show sessions` output reverse flow `src ip `column also shows the NAT’d destination address. + +![Destination Reverse Flow Source IP](/img/dest-nat2.png) + +#### Version History + +| Release | Modification | +| ------- | ------------ | +| 6.2.0 | Static NAT Feature Introduced | \ No newline at end of file diff --git a/docs/config_te_net_intf.md b/docs/config_te_net_intf.md new file mode 100644 index 0000000000..4a7757b255 --- /dev/null +++ b/docs/config_te_net_intf.md @@ -0,0 +1,101 @@ +--- +title: Network Interface Traffic Engineering +sidebar_label: Network Interface Traffic Engineering +--- + +Network interface traffic engineering allows you to impose traffic limitations on all traffic egressing a specific network-interface. This configuration also applies to all associated adjacencies of the network-interface, but does not impact other traffic that is egressing the same device-interface but belongs to different network-interfaces. + +## How It Works + +For network-interface traffic-engineering to make a scheduling decision, the egress VLAN ID of a packet is queried to determine whether that packet has scheduling enabled. If so, the packet is enqueued into a scheduler specific for that network-interface. If not, the packet continues with normal packet processing. + +## Configuration + +Network interface traffic engineering is configured as part of the [`network-interface`](config_command_guide.md#configure-authority-router-node-device-interface-network-interface-traffic-engineering), under the `device-interface`. It does not have any impact on other device interfaces, or to other network interfaces belonging to the same device interface, but it does impact associated adjacencies. + +``` +device-interface 2 + network-interface east-inet + vlan 30 + traffic-engineering + enabled true + transmit-cap 2000000 + traffic-profile example-profile-2 + exit + exit +exit +``` + +- `enabled`: Creates the scheduler to be used on egress for the interface +- `transmit-cap`: The effective port rate of the interface in bits per second. This value is matched internally to the link speed of the device. +- `traffic-profile`: Identifies the traffic-profile to be used when determining the traffic class distributions. + +In the GUI, configuration specific to network-interface traffic engineering is located in the network-interface section under **Traffic Engineering Settings**. + +![Traffic Engineering Settings](/img/config_interface_te.png) + +### Limitations + +Enabling traffic engineering will introduce a performance impact to the packet-per-second processing rate as the QoS engine works to ensure fairness of packet distribution under congestion scenarios. When used in conjunction with other traffic engineering settings (e.g., adjacency traffic engineering configured alongside device interface traffic engineering), performance may be further impacted. + +## Troubleshooting and Statistics + +Given the packet performance nature of the scheduler, no logs exist at the per-packet level to monitor traffic-engineering performance. The statistics described below are the best source of information about performance. The `success-bandwidth` and `failure-bandwidth` meters are good indicators of how well the scheduler is handling packets. For `failure-bandwidth`, additional statistics can be used to determine the reason for loss. Some examples are a queue full scenario resulting from an unhandled burst, or packets being dropped due to excessive time spent within the scheduler. + +Statistics for network-interface traffic engineering can be viewed from the `show stats traffic-eng network-interface` command. Use the following statistics to help analyze network-interface behavior when traffic-engineering is configured. + +The general statistics apply to the scheduler as a whole. Per-traffic-class statistics are maintained for all the available traffic-classes (high, medium, low, best-effort). + +#### Network-Interface Traffic Engineering Stats + +``` +show stats traffic-eng network-interface +==================================================== ============== =========== ================= +Metric Node Netintf Value +==================================================== ============== =========== ================= +dequeue-cycle-count combo-east-a intf10.10 91841637 +enqueue-cycle-count combo-east-a intf10.10 91841637 +packets-queued combo-east-a intf10.10 0 +per-traffic-class buffer-capacity-exceeded-bytes combo-east-a intf10.10 0 +per-traffic-class buffer-capacity-exceeded-packets combo-east-a intf10.10 0 +per-traffic-class dequeue-aqm-drop-bytes combo-east-a intf10.10 0 +per-traffic-class dequeue-aqm-drop-packets combo-east-a intf10.10 0 +``` + +#### Network-Interface Traffic Engineering Statistics per Traffic Class + +``` +show stats traffic-eng network-interface per-traffic-class +================================== ============== =========== =============== ============ +Metric Node Netintf Traffic-class Value +================================== ============== =========== =============== ============ +buffer-capacity-exceeded-bytes combo-east-a intf10.10 best-effort 0 + combo-east-a intf10.10 high 0 + combo-east-a intf10.10 low 0 + combo-east-a intf10.10 medium 0 +buffer-capacity-exceeded-packets combo-east-a intf10.10 best-effort 0 +``` +### Statistics Descriptions + +To gather information about network interface traffic engineering, query the following statistics using the `show stats traffic-eng network-interface` command. These statistics are specific to the network interface and provide insight into how the schedulers are operating. + +- `enqueue-cycle-count`: The current enqueue cycle count in traffic engineering for this interface. This statistic refers to the last time (in cycles) that a packet was enqueued into the scheduler. This value is helpful when debugging. +- `dequeue-cycle-count`: The current dequeue cycle count in traffic engineering for this interface. This statistic refers to the last time (in cycles) that the scheduler attempted to dequeue a packet. This value is helpful when debugging. +- `packets-queued`: The current number of packets queued in traffic engineering for this interface. +- `scheduler-reset`: The number of times the scheduler was reset due to encountering an processing error. +- `per-traffic-class schedule-success-bytes`: The number of bytes successfully scheduled for transmission for this interface. +- `per-traffic-class schedule-success-packets`: The number of packets successfully scheduled for transmission for this interface. +- `per-traffic-class schedule-failure-bytes`: The number of bytes failed to be scheduled for transmission due to bandwidth oversubscription for this interface. +- `per-traffic-class schedule-failure-packets`: The number of packets failed to be scheduled for transmission due to bandwidth oversubscription for this interface. +- `per-traffic-class dequeue-success-bytes`: The number of bytes successfully dequeued from the scheduler for transmission for this interface. +- `per-traffic-class dequeue-success-packets`: The number of packets successfully dequeued from the scheduler for transmission for this interface. +- `per-traffic-class dequeue-max-latency-drop-bytes`: The number of bytes scheduled for transmission that were dropped due to excessive latency for this interface. +- `per-traffic-class dequeue-max-latency-drop-packets`: The number of packets scheduled for transmission that were dropped due to excessive latency for this interface. +- `per-traffic-class dequeue-aqm-drop-bytes`: The number of bytes scheduled for transmission that were dropped due to Active Queue Management for this interface. +- `per-traffic-class dequeue-aqm-drop-packets`: The number of packets scheduled for transmission that were dropped due to Active Queue Management for this interface. +- `per-traffic-class buffer-capacity-exceeded-bytes`: The number of bytes failed to be scheduled for transmission due to exceeded buffer capacity for this interface. +- `per-traffic-class buffer-capacity-exceeded-packets`: The number of packets failed to be scheduled for transmission due to exceeded buffer capacity for this interface. +- `per-traffic-class schedule-success-bandwidth`: Traffic bandwidth in bytes per second successfully scheduled for transmission for this interface. +- `per-traffic-class schedule-failure-bandwidth`: Traffic bandwidth in bytes per second that failed to be scheduled or was dropped due to active queue managment for this interface. + + diff --git a/docs/events_alarms.md b/docs/events_alarms.md index f59732a2ef..4ef98f6e68 100644 --- a/docs/events_alarms.md +++ b/docs/events_alarms.md @@ -412,5 +412,4 @@ sidebar_label: Alarms | Cause | Troubleshooting Step | | --------------------------------------------------- | ------------------------------------------------------------ | -| Capacity of the cache exceeds 95% of the `max-capacity` configured value | The alarm is cleared once the capacity of the -cache goes below 85% of the configured value, and as sessions using those stats expire. The alarm can be addressed by adjusting the `max-capacity` value under `application-identification`. App-id stats are tracked per application, per client, and per next-hop. The granularity of per-application, per-client traffic stats will be reduced while the alarm is active on the system. | +| Capacity of the cache exceeds 95% of the `max-capacity` configured value | The alarm is cleared once the capacity of the cache goes below 85% of the configured value, and as sessions using those stats expire. The alarm can be addressed by adjusting the `max-capacity` value under `application-identification`. App-id stats are tracked per application, per client, and per next-hop. The granularity of per-application, per-client traffic stats will be reduced while the alarm is active on the system. | diff --git a/docs/events_overview.md b/docs/events_overview.md index 7d0bdadf54..764415addc 100644 --- a/docs/events_overview.md +++ b/docs/events_overview.md @@ -86,25 +86,27 @@ Within the web client, the Event History link will bring you to a page where all ![alarms_and_events_events_screenshot](/img/events_events_screenshot.png) -In large deployments, there may be a large number of events on a conductor. It may be difficult to wade through the pages of events if you know you are looking for a particular event within a window of time. The `show events` command supports filtering events by time when specifying starting and ending time ranges. The syntax for time follows the same format of the event timestamps. +In large deployments, there may be a large number of events on a conductor. It may be difficult to wade through the pages of events if you know you are looking for a particular event within a window of time. The `show events` command supports filtering events by time when specifying starting and ending time ranges. The syntax for time follows the same format of the event timestamps. ``` show events alarm from 2020-03-30T22:00:00Z to 2020-03-30T23:59:59Z router burlma-corp ``` :::note -Note the trailing `Z`. Most systems are configured to be in UTC time. If the trailing `Z` was absent, the time filter would be restricted to the local time zone +Note the trailing `Z`. Most systems are configured to be in UTC time. If the trailing `Z` was absent, the time filter would be restricted to the local time zone ::: +``` show events alarm from 2020-03-30T22:00:00Z to 2020-03-30T23:59:59Z router AAPDENCOPOD4 +``` ## Contents of Alarms and Events -| Field | Description | -| :------- | :----------------------------------------------------------- | -| dateTime | This is the date and time that the event occurred. The format of the value followsthe ISO 8601 standard | -| node | The system within the SSR which produced the event | -| process | The process within the node which produced the event | +| Field | Description | +| --- | --- | +| dateTime | This is the date and time that the event occurred. The format of the value follows the ISO 8601 standard. | +| node | The system within the SSR which produced the event. | +| process | The process within the node which produced the event. | | source | The name of the entity which was the originator of the alarm. When the topic is a network-interface, this would be the name of the network-interface. | | category | This is the alarm type. Each category has a specific message format:
• **system** Related to the system, e.g. CPU, memory, etc.
• **process** Related to an internal software process
• **interface/network-interface** Related to an interface on the SSR (up, down,etc.)
• **platform** Related to low-level events that aren't necessarily derived from the machine; e.g. security keys
• **peer** Related to connectivity between SSR routers
• **platform-state** Sourced from the stats infrastructure
• **redundancy** Related to high availability behavior; e.g. a failover or leadership change
• **giid** Related to an interface that is part of a redundant pair (giid is an interface's "global ID")
• **asset** An alarm sourced by an asset (a managed node) that is dervied from Automated Provisioner | | severity | Alarms can be categorized in one of four severities: critical, major, minor and info. These severity levels can be used to filter alerts based on one of these levels. The default severity level is info, which shows all alarms.
• **critical** The condition affects service
• **major** Immediate action is required
• **minor** Minor warning conditions
• **info** No action is required | @@ -112,8 +114,12 @@ show events alarm from 2020-03-30T22:00:00Z to 2020-03-30T23:59:59Z router AAPDE ## Shelving Alarms -When an SSR is put into “Maintenance Mode” all alarms for that SSR will be “shelved”. Shelved alarms will continue to be monitored by the system but will not be presented on the standard UI. The state of shelved alarms can be optionally viewed by issuing: +When an SSR is put into [Maintenance Mode](howto_maintenance_mode.md) all alarms for that SSR are “shelved”. Shelved alarms continue to be monitored by the system, but are not presented on the standard UI. The state of shelved alarms can be viewed by issuing the following command: ``` admin@conductor1.nycsite1# show alarms shelved -``` \ No newline at end of file +``` + +For information on how to shelve individual alarms, see [Alarm Suppression](config_alarm_suppression.md). + + diff --git a/docs/howto_maintenance_mode.md b/docs/howto_maintenance_mode.md index 65eafd75a9..b0267d651c 100644 --- a/docs/howto_maintenance_mode.md +++ b/docs/howto_maintenance_mode.md @@ -1,12 +1,13 @@ --- title: Maintenance Mode +sidebar_label: Maintenance Mode --- Maintenance mode is used when staging equipment in a production network prior to its go-live date, or to isolate a router/device from the network in order to perform debugging or an upgrade. The primary function of maintenance mode is to suppress alarms from systems that are incomplete, or undergoing maintenance activities that would cause alarms. When the device maintenance is complete, you can set the router out of maintenance mode. ## Alarms during Maintenance mode -When an SSR is put into **Maintenance Mode** all alarms for that SSR device will be **shelved**. Shelving refers to placing an alarm in state such that it is not considered critical and so as to not bother the user. Shelved alarms will continue to be monitored by the system but will not be presented on the standard UI. +When an SSR is put into **Maintenance Mode** all alarms for that SSR device will be **shelved**. All alarms generated on that router are shelved, and ALL of its peers will shelve the alarms that they generate saying that the peer router is down (i.e., path down). **Shelving** refers to placing a resource in a state that is not considered critical, so that the alarms do not bother the user. Shelved alarms will continue to be monitored by the system but will not be presented on the standard UI. The state of shelved alarms can be optionally viewed by issuing: ``` diff --git a/docs/howto_router_migration.md b/docs/howto_router_migration.md index a527ab1a98..45a9e5f2c5 100644 --- a/docs/howto_router_migration.md +++ b/docs/howto_router_migration.md @@ -53,4 +53,26 @@ When using the GUI, a **Migrate** button is visible for Routers that are possibl After the migration command is run, you will see a **Connected** state on the conductor showing the migration was successful. The router(s) will transition to running after a few minutes. If a router does not migrate successfully, an error message will be displayed and no action will be taken. - Verify that the TCP ports 930, 4505 and 4506 on the conductor are enabled. The routers use these ports to communicate with the conductor. -- If there is a firewall in front of the conductor, these same TCP ports must be enabled. \ No newline at end of file +- If there is a firewall in front of the conductor, these same TCP ports must be enabled. + +### Additional Considerations with Strict Host Key Checking + +If a router is configured for strict `inter-router host-key-checking` (set to `yes`), but **does not** have `accept-new` configured, it will be necessary to manually provision the new conductor key **prior** to migrating the router to the conductor. This will require the administrator to retrieve the host key of each node of the new conductor and configure this in the router. + +On the conductor, identify the `key` for each node using the command [`show system connectivity host-keys node all`](cli_reference.md#show-system-connectivity-host-keys). + +From the router PCLI, provision each conductor key using the following command: +`create system connectivity known-hosts node ssh-rsa ` + +- `` is the router node. The key should be added on each router node in an HA pair. +- `` is the conductor address. This should be added for each conductor address of an HA conductor pair. +- `` is the `Key` retrieved from the previous step. +- `` is an option that can be used to identify the key; for example `Conductor1`. + +The following example manually configures the key to the conductor node `192.168.1.13`: + +`create system connectivity known-hosts router RTR_EAST_COMBO node combo-east-1 [192.168.1.13]:930 ssh-rsa ` + +For additional information, see [`create system connectivity known-hosts`](cli_reference.md#create-system-connectivity-known-hosts). + +See [Enable Strict Host Key Checking](cc_fips_otp_router_install.md#enable-strict-host-key-checking) for configuration information. \ No newline at end of file diff --git a/docs/initialize_u-iso_adv_workflow.md b/docs/initialize_u-iso_adv_workflow.md new file mode 100644 index 0000000000..d65d6fa44a --- /dev/null +++ b/docs/initialize_u-iso_adv_workflow.md @@ -0,0 +1,208 @@ +--- +title: Initialize Your Device - Advanced Workflows +sidebar_label: Initialize Your Device - Advanced Workflows +--- + +While the Web Interface is the recommended method of initializing and onboarding your SSR device, there are alternative methods that can be used to complete the process. These methods are typically used when further customization of the conductor and router is required, and performed by advanced users. + +In this document, you will find: +- Information about the PCLI commands used to initialize a conductor and conductor-managed router. +- Information about the PCLI commands used to initialize a Mist-managed router. +- [File structure needed for performing automated onboarding](#automated-onboarding) of conductors and routers. +- Workflows for automating onboarding by supplying the necessary files using three different processes: + - USB Initialization + - File on Disk + - API Initialization + +Select the initialization workflow that suits the needs of your deployment. + +- [PCLI Workflow](#pcli-workflow) +- [USB Initialization](#usb-initialization) +- [File on Disk](#file-on-disk) +- [API Initialization](#api-initialization) + +## PCLI Workflow + +Use the following workflows to initialize and onboard your device. For a conductor-managed deployment use + +- [Initialize a Conductor](#initialize-a-conductor) +- [Initialize a Router](#initialize-a-conductor-managed-router) + +To onboard a Mist-managed router to your Mist Org, use +- [Initialize a Mist-managed Router](#initialize-a-mist-managed-router) + +### Initialize a Conductor + +The `initialize conductor` command allows the user to overwrite the defaults provided in the Web workflow and allows for further customization of conductors. + +``` +initialize conductor [artifactory-user ] [artifactory-password ] [dns-servers ] [node-ip ] [node-gateway ] [interface-name ] [clustered] [ha-ip ] [ha-interface-name ] [ha-peer-ip ] [ha-peer-name ] [learn-from-ha-peer] [ha-peer-username ] [unsafe-ha-peer-password ] router-name node-name +``` + +Allowed Options: + +| name | description | +| ---- | ----------- | +| `artifactory-password` | Password portion of the artifactory credentials. | +| `artifactory-user` | User portion of the artifactory credentials. | +| `dns-servers` | Comma separated list of DNS servers. | +| `interface-name` | Interface name (matching a port in the device-map) to bind the node-ip and node-gateway. | +| `learn-from-ha-peer` | If true, the Initializer will use the HA peer to obtain setup information. | +| `node-gateway` | The IP address of the gateway of the node being provisioned. | +| `node-ip` | (Required) The IPv4 address of the node being provisioned (x.x.x.x/y) | +| `node-name` | (Required) The name of the node being provisioned. For standalone, this is `node0`. | +| `router-name` | (Required) Assign a name to the router/conductor. | +| `clustered` | (Required for HA) Whether or not this conductor is to be configured as an HA pair; set to `true` .| +| `ha-interface-name` | Interface name (matching a port in the device-map) to bind the ha-ip. | +| `ha-ip` | The IPv4 address to assign to the HA interface on this node. | +| `ha-peer-ip` | The IPv4 address of the node to be used as an HA peer. | +| `ha-peer-name` | The name of the Node to be used as an HA peer. | +| `ha-peer-username` | The user on the peer node to authenticate as. This user must have sudo privileges. Required if `learn-from-ha-peer` is true. | +| `unsafe-ha-peer-password` | The password for the user on the peer node to authenticate as. WARNING: If this field is used, the preferences file should not be world-readable to avoid leaking the peer node password. Required if `learn-from-ha-peer` is true. | + +When configuring High Availability, if any one of the following options is configured, then they all must be: + +- ha-ip +- ha-interface-name +- ha-peer-ip +- ha-peer-name +- learn-from-ha-peer +- ha-peer-username +- unsafe-ha-peer-password + +For more information on the available options and parameters, refer to the [`initialize conductor`](cli_reference.md#initialize-conductor) command. + +### Initialize a Conductor-Managed Router + +The following PCLI command can be used to onboard a router to a conductor as conductor managed. + +`initialize conductor-managed router-name conductor-ip ` + +For additional information, refer to the [`initialize conductor-managed`](cli_reference.md#initialize-conductor-managed) command. + +### Initialize a Mist-Managed Router + +The following PCLI command will onboard a router to the Mist inventory. + +`adopt router-name registration-code ` + +## Automated Onboarding + +Automated onboarding can be used whenever the user wants to automatically set up a device during first boot, and does not require manual input. All the onboarding configurations must be known prior to starting the process. These methods should also be used If the user wants to provide a customized interface mapping scheme for whitebox platforms. + +### Onboarding Configuration File + +The brains behind the automated onboarding process is a json file named `onboarding-config.json`. This file contains all the configuration parameters and drives the entire onboarding process. The `onboarding-config.json` can be [provided from a USB](#usb-initialization), as a [file placed in `/etc/128T-hardware-bootstrapper/onboarding-config.json` on the SSR disk](#file-on-disk), or applied via [API initialization](#api-initialization). For virtual and cloud based deployments, the same mechanism is supported via cloud-init as well. + +The following are examples of the `onboarding-config.json` files. + +#### Conductor Onboarding Configuration Example File + +The following JSON is an example of a valid conductor `onboarding-config.json` that can be used to onboard a conductor using any of the following methods: + +- [USB Initialization](#usb-initialization) +- [File on Disk](#file-on-disk) +- [API Initialization](#api-initialization) + +``` +{ +"name": "MyConductor", +"mode": "conductor", +"artifactory-user": "username", +"artifactory-password": "password", +"node-name": "node0", +"node-ip": "10.73.1.10/24", +"node-gateway": "10.73.1.11", + "interface-name": "ge-0-0", + "dns-servers": [ + "8.8.8.8", + "1.1.1.1" + ] +} +``` + +#### Conductor-Managed Router Onboarding Configuration Example File + +The following is an example onboarding config that can be used to onboard a conductor-managed router using [API Initialization](#api-initialization) or a [file placed on disk](#file-on-disk). +``` +{ +“mode”: “conductor-managed”, +“conductor-hosts”: [“1.2.3.4”] +} +``` + +If no router name is supplied in the onboarding config, the default name is chosen in this order: + +1. Serial Number (via DMI table) +2. Hostname +3. UUID (via DMI table) + +#### Mist-Managed Router Onboarding Configuration Example File + +The following is an example onboarding config that can be used to onboard a Mist-managed router using [API Initialization](#api-initialization) or a [file placed on disk](#file-on-disk). +``` +{ +“mode”: “mist-managed”, +“name”: “mist-router”, +“registration-code”: "” +} +``` + +If no router name is supplied in the onboarding config, the default name is chosen in this order: + +1. Serial Number (via DMI table) +2. Hostname +3. UUID (via DMI table) + +:::note +If no onboarding configuration file is provided, it is assumed that the device is an unmanaged router, and an onboarding configuration will be provided later. +::: + +### USB Initialization + +When the device boots for the first time it looks for a connected USB device named **BOOTSTRAP**. + +1. Create a USB device named **BOOTSTRAP**. +2. On the USB, create the following files in the root directory: + - `onboarding-config.json` + - `devicemap.json` + - `pre-bootstrap` + - `post-bootstrap` + +3. Insert the USB into the SSR device and power it on. +4. The device will boot and automatically configure based on the provided files. + +Scriptlets are passed in the device identifier, which is typically the device serial number. The order of operations is: + +1. Pre-bootstrap +2. Normal bootstrapping operation +3. Post-bootstrap +4. Onboarding + +### File on Disk + +If no onboarding config was found on a USB device, the initialization process looks for a configuration file placed on the device; this is a common workflow for virtual devices. You can also provide a customized devicemap in the onboarding config at this time. + +1. Create the following files: + - `onboarding-config.json` + - `devicemap.json` + - `pre-bootstrap` + - `post-bootstrap` + +2. Copy the files onto the SSR device into the following locations: + - `/etc/128T-hardware-bootstrapper/onboarding-config.json` + - `/etc/128T-hardware-bootstrapper/devicemap.json` + - `/etc/128T-hardware-bootstrapper/pre-bootstrap` + - `/etc/128T-hardware-bootstrapper/post-bootstrap` + +3. Reboot the device. + +If you wish to not onboard the device and only supply a devicemap, the device is onboarded as an unmanaged router. + +### API Initialization + +If an `onboarding-config.json` was not provided during the initial bootstrapping of the device, the you can choose to initialize the device by supplying an onboarding config path directly from the API. The POST endpoint is `/api/bootstrap/onboarding` with a json body containing the contents of the onboarding-config file. To apply an onboarding configuration, place the contents of the desired onboarding config file in `onboarding-cfg.json` and run the following command. Alternatively, you can include the JSON contents directly in the curl request. + +``` +curl -X POST -H "Content-Type: application/json" -d @onboard-cfg.json http://localhost:31517/api/bootstrap/onboarding +``` diff --git a/docs/initialize_u-iso_device.md b/docs/initialize_u-iso_device.md new file mode 100644 index 0000000000..a353c2d153 --- /dev/null +++ b/docs/initialize_u-iso_device.md @@ -0,0 +1,152 @@ +--- +title: Initialize Your Device - Web Workflow +sidebar_label: Initialize Your Device - Web Workflow +--- + +This is the part where configuring your device gets really easy! Using your browser, choose the workflow below that best suits your needs: + +Installing a Conductor-managed network? Start with [Initialize a Conductor](#initialize-a-conductor), then [Initialize a Conductor-managed Router](#initialize-a-conductor-managed-router). + +Onboarding your device to Mist? Start with [Initialize a Mist-managed Router](#initialize-a-mist-managed-router). + +![U-ISO Device Selection GUI](/img/u-iso8_launch_gui.png) + +## Initialize a Conductor + +Use the following process to initialize your device as a Conductor. + +1. Select **SSR Conductor** under SSR Managed. + + ![SSR Conductor](/img/u-iso8a_initialize_conductor.png) + +2. To initialize a standalone conductor, select **STANDALONE**. To initialize the first conductor of an HA pair, select **HA NODE 0**. Select the address type (DHCP or STATIC). + +:::note +In an HA configuration, **HA NODE 0** must always be configured before HA NODE 1. Configuring Node 1 first prevents Node 0 from starting. +::: + +Enter the following information: + + - Conductor name + - Node IP Address (Static) + - Node Gateway (Static) + - Interface Name (Static) + - DNS Server address (Optional) + - Artifactory username and password (if available) + + ![Conductor Association](/img/u-iso9_define_conductor.png) + +3. Click **ASSOCIATE** + +4. The device reboots and comes online as a Conductor. + +5. To initialize the second conductor of an HA Pair, select **HA NODE 1**, and select the address type (DHCP or STATIC). Enter the following information: + + - Conductor name + - Node IP Address (Static) + - Node Gateway (Static) + - Interface Name (Static) + - DNS Server address (Optional) + - Artifactory username and password (if available) + + ![HA Conductor Association](/img/u-iso9a_ha_conductor.png) + +5. Click **ASSOCIATE** when you have completed the required information. The device reboots and comes online as the second Conductor. + +For information about deploying and configuring a conductor, see [Conductor Deployment](bcp_conductor_deployment.md) and [Import Configurations to the Conductor](single_conductor_config.md). Otherwise, continue with [Initialize a Conductor-Managed Router](#initialize-a-conductor-managed-router). + +## Initialize a Conductor-Managed Router + +Use the following process to initialize your device as a Conductor-managed router. +1. Select **SSR Router Managed via Conductor** under SSR Managed. + + ![SSR Conductor-managed router](/img/u-iso10_cond-mngd_router.png) + +2. Enter the router name and the associated Conductor IP address. + + ![Conductor Managed Association](/img/u-iso11_cond-mngd-assoc.png) + +3. Click **ASSOCIATE** when you have completed the required information. + +The Router will onboard itself to the Conductor. Router configuration is performed from the Conductor. See [Basic Router Configuration](intro_basic_router_config.md) for more information. + +## Initialize a Mist-Managed Router + +There are two ways to initialize a Mist-managed router; selecting the Mist organization and adopting the router through the Mist UI, or entering the Mist registration code. + +You can use either of the following processes to initialize your device as a Mist-managed router. + +### Mist Organization Selection + +1. Select Mist Organization Selection under **Mist Cloud Managed**. + + ![Mist Org Selection](/img/u-iso12_select_mist_managed.png) + +2. Enter your login credentials to log in to Mist. + + ![Login to Mist](/img/u-iso13_mist_login.png) + +3. Select the Organization, and enter the router name. + + ![Select Org](/img/u-iso14_assign-org-name.png) + +4. Click **ADOPT**. The router information is displayed on the SSR GUI. Your router is adopted into your Mist Organization, and is now available in your inventory ready to be [assigned to a site](#mist-site-assignment). + + ![Mist-Managed](/img/u-iso14a_assign-org-name.png) + +### Mist Registration Code + +1. Select Mist Registration Code under **Mist Cloud Managed**. + +![Select Mist Registration Code](/img/u-iso18_mist_reg_code1.png) + +2. Enter your Mist Registration Code for your organization. If you do not have your registration code, refer to the steps below. + +![Enter Mist Registration Code](/img/u-iso19_mist_reg_code1.png) + +3. Click **ADOPT**. Your router is adopted into your Mist Organization, and is now available in your inventory ready to be [assigned to a site](#mist-site-assignment). + +#### Retrieve the Mist Registration Code + +Use the following procedure to retrieve the Mist registration code from your Mist Organization. + +1. Using a separate browser, log in to your Mist Organization. + +2. From the Mist menu on the left, select **Organization > Inventory**. + + ![Inventory Menu](/img/wan_inventory.png) + +3. In the Inventory panel, click on the **WAN Edge** selection on the top of the screen. + + ![Inventory panel](/img/wan_inventory_panel.png) + +4. Click on the **Adopt WAN Edges** button in the top right corner. The WAN Edge Adoption dialog appears, displaying the registration code. + + ![WAN Edge Adoption](/img/wan_registration_code.png) + +5. Click on **Copy to Clipboard**. + +6. Return to the **Initialization page** and paste the registration code into the Registration Code field. + +### Mist Site Assignment + +1. Log into your Mist Organization. + +2. Once you are in your Mist Organization, select Organization from the left side menu, and then select Inventory. + + ![Mist Inventory](/img/u-iso15a_router-in-mist.png) + +3. On the Inventory list for the Organization, select the newly installed router. + +4. Use the **Site** dropdown and select **Assign To Site**. + + ![Mist Inventory](/img/u-iso15_router-in-mist.png) + +5. Place a check in the **Manage configuration with Mist** checkbox. + + ![Assign to site](/img/u-iso17_assign_wan_edges.png) + +6. Click **Assign to Site**. + +The router is now assigned to the selected site, and managed by Mist. + diff --git a/docs/initializer_cli_reference.md b/docs/initializer_cli_reference.md index db156204c9..51cbd94631 100644 --- a/docs/initializer_cli_reference.md +++ b/docs/initializer_cli_reference.md @@ -43,7 +43,7 @@ SSR is running; cannot launch Initializer ``` To stop SSR, follow the steps shown in the -[Installation Guide](intro_upgrading.md#stopping-the-ssr-software). +[Installation Guide](upgrade_legacy.md#using-the-pcli). ::: diff --git a/docs/install_conductor_overview.md b/docs/install_conductor_overview.md index 9c19389329..6ffc68f9da 100644 --- a/docs/install_conductor_overview.md +++ b/docs/install_conductor_overview.md @@ -2,6 +2,11 @@ title: Conductor Overview sidebar_label: Conductor Overview --- + +:::important +If you are installing SSR Version 6.3.x, use the [Universal ISO Installation process](intro_installation_univ-iso.md). +::: + The Conductor is an SSR instance that is used to manage the SSR Routers you configure within the same Authority. It offers centralized administration, provisioning, monitoring, analytics, and lifecycle management of the SSR routers. The Authority is where system-wide data is stored. Conceptually, the Authority represents the complete set of all SSR Routers managed under a single organizational entity. Service configuration, which represents the cornerstone of the SSR Router’s worldview, is part of the set of global data within an authority. Services represent specific applications that a network delivers; e.g., web services, database services, or voice/video services. Each Authority is uniquely named, in the same way a domain name is unique. diff --git a/docs/install_univ_iso.md b/docs/install_univ_iso.md new file mode 100644 index 0000000000..ecc5e3577c --- /dev/null +++ b/docs/install_univ_iso.md @@ -0,0 +1,48 @@ +--- +title: SSR Installation +sidebar_label: SSR Installation +--- + +Before installing the SSR software on a whitebox or re-imaging an SSR device with the 6.3.0 software, ensure that you have an appropriate rollover cable available to connect to your computer. The SSR has a console port (CONSOLE) with an RJ-45 connector. Use the console port to connect the SSR to a management console or to a console server. The baud rate of the console port is 115200 bps. + +:::note +For users with SSR devices shipped with 6.3.0 installed, simply power up your device, point your web browser at the device IP address, and begin with [Initialize Your Device - Web Workflow](initialize_u-iso_device.md)! +::: + +1. Connect an RJ45 rollover cable to the console port on the SSR device. +2. Connect the other end of the cable to your computer. +3. Insert your bootable USB with the new ISO image into the USB port of the SSR device. +4. Connect the power input to the SSR device. +5. Power on the SSR. +6. At the instruction in the terminal window: `Press ESC for boot menu`, do so. +7. From the boot menu, enter the boot device number corresponding to your USB, and press Enter. +8. From the boot menu select **TAB** or **DEL** to enter Setup. + + ![Boot menu](/img/u-iso1_install_presstab_setup.png) + +9. Select the Boot image on the USB device you wish to install. In the example below, there is only one image downloaded. + + ![Choose Image](/img/u-iso2_choose_image.png) + +10. At the Install menu, select Serial or VGA. + + ![Install Type](/img/u-iso3_choose_install_type.png) + +11. If you are installing a FIPS enabled system, select Install Option 1, and select **Enter**. + + If you are installting a virtual device, select option 2 (Cloud-init), and select **Enter**. + + ![Install Options](/img/u-iso4_install_options.png) + + If you are installing a physical device and do not require FIPS, skip the options and select **Enter**. The download and installation begins. + + ![Unpacker](/img/u-iso5_begin_install.png) + +12. When the installation completes, you will be prompted to reboot. A reboot is necessary to start the services and launch the GUI. Device intialization and management is performed from the GUI. + + ![Unpacker Successful](/img/u-iso6_unpacker_complete.png) + + + ![Final Install Screen](/img/u-iso7_serial_install.png) + +**Great job! Your software has installed, now let's go [initialize your device!](initialize_u-iso_device.md)** \ No newline at end of file diff --git a/docs/intro_creating_bootable_usb.md b/docs/intro_creating_bootable_usb.md index 0f4b34015b..b52f2ada54 100644 --- a/docs/intro_creating_bootable_usb.md +++ b/docs/intro_creating_bootable_usb.md @@ -1,5 +1,5 @@ --- -title: Creating a Bootable USB from ISO +title: Creating a Bootable USB sidebar_label: Creating Bootable USB --- diff --git a/docs/intro_downloading_iso.md b/docs/intro_downloading_iso.md index 61a099fb09..f5e0d8e68a 100644 --- a/docs/intro_downloading_iso.md +++ b/docs/intro_downloading_iso.md @@ -9,6 +9,10 @@ With your purchase of a SSR license, you are provided a set of credentials used Juniper Session Smart Networking provides the following workflows for the installation process: +- **Universal ISO:** Beginning with version 6.3.0, the SSR uses a single downloadable ISO with a significantly simplified installation process. After the SSR installation completes, the GUI provides clear choices and processes for each of the device configuration options: Conductor, a Conductor-managed router, or a Mist-managed router. + + Please see [SSR Universal ISO Installation Overview](intro_installation_univ-iso.md) for the download location and related installation instructions. + - **Image-based ISO:** Beginning with version 6.0, an image-based ISO installation process has been implemented for users who manage their network using the Mist Cloud. This installation and upgrade process is only available for SSR version 6.0 and higher, and is currently only available for Mist-managed deployments. For details about the Image-based install process, see [Image-based Installation.](intro_installation_image.md) @@ -17,7 +21,7 @@ Juniper Session Smart Networking provides the following workflows for the instal - **One Touch Provisioning (OTP)** is the default and preferred method of installation. OTP sets up DHCP on all interfaces and boots a Web Server GUI. After installing the Conductor and configuring routers through the Conductor, the OTP bootstrap process will install and configure the router. See the following procedures for OTP installation steps: - [Router Installation Using OTP](intro_otp_iso_install.mdx) - [Quickstart from the OTP ISO](intro_install_quickstart_otpiso.md) - - **Interactive:** For bespoke deployments where customized platform configuration is necessary, an interactive mode exists. Installation is done via a serial console or VGA. An interactive session is started to configure network interfaces, passwords, node name and type, and conductor IP (if applicable) before the SSR software is started. + - **Interactive:** Beginning with SSR version 6.3.0, the use of the interactive installer is not supported, nor necessary. Software installation and upgrade upgrade activities are supported from the GUI or PCLI. With software versions earlier than 6.3.0, upgrading the SSR software on a peer conductor or router that is managed by a conductor using the interactive installer may result in the system becoming unresponsive. For this reason it is highly recommended that installations and upgrades be performed through the conductor UI. :::note Beginning with release 5.4.7-7 and any 5.x ISO [**released after August 4, 2022**](about_releases.mdx#all-releases---limited-general-availability-and-out-of-support), the ISO name format has changed from using `OTP` to `ISO`: @@ -41,7 +45,6 @@ The package-based ISOs for Conductor-managed deployments are available to downlo You will be prompted for your username and token to access the web page listing the software versions, and will be able to download directly from the page. - Files available for download are: - `*.iso` - This file is used for installing/staging bare metal platforms. diff --git a/docs/intro_install_quickstart_otpiso.md b/docs/intro_install_quickstart_otpiso.md index 28a07c9caf..d7ffcfae36 100644 --- a/docs/intro_install_quickstart_otpiso.md +++ b/docs/intro_install_quickstart_otpiso.md @@ -3,6 +3,10 @@ title: QuickStart From the OTP ISO sidebar_label: QuickStart from the OTP ISO --- +:::important +If you are installing SSR Version 6.3.x, use the [Universal ISO Installation process](intro_installation_univ-iso.md). +::: + Use this procedure to set up a typical standalone branch router leveraging the QuickStart capabilities of the SSR Networking Platform. ### SSR Configuration diff --git a/docs/intro_installation.md b/docs/intro_installation.md index 2d5df3bc5f..1ecb503fe7 100644 --- a/docs/intro_installation.md +++ b/docs/intro_installation.md @@ -3,47 +3,37 @@ title: SSR Software Installation Guide sidebar_label: Installation Overview --- ## Introduction -Welcome to Session Smart Routing - the first software-based routing solution designed to be both session-oriented and service-centric through the application of Secure Vector Routing. The purpose of this guide is to provide an overview and installation walkthrough for the SSR Router and Conductor products into a Linux operating system environment. This product suite is collectively known as SSR Software. -:::info -The installation guides are version agnostic and are applicable for all current and future versions of software. -::: +Welcome to Session Smart Routing - the first software-based routing solution designed to be both session-oriented and service-centric through the application of Secure Vector Routing. The purpose of this guide is to provide an overview and installation walkthrough for the SSR Router and Conductor products into a Linux operating system environment. This product suite is collectively known as SSR Software. ## Before You Begin Before you begin the installation and configuration of an SSR Networking Plaform, you must: - Be familiar with Linux fundamentals, basic network addressing, and IP networking terminology. - Be a system administrator to perform the installation and configuration. -- Have an entry in /etc/sudoers allowing you to execute Linux shell commands as root (via sudo). Failure to do so may result in the loss of remote management connectivity to the router. +- Have an entry in `/etc/sudoers` allowing you to execute Linux shell commands as root (via sudo). Failure to do so may result in the loss of remote management connectivity to the router. :::note The examples listed in this guide generally prefer running commands as a non-root user, except as noted, and prepend commands that must be run as a superuser with sudo. **The SSH Root login is not permitted.** ::: ## Installation Process -Installation is done from the SSR ISOs, typically from a bootable image on a flash drive or disk. The install process is as follows: -- [Download the ISOs](intro_downloading_iso.md) -- [Create Bootable Media](intro_creating_bootable_usb.md) -- [Perform the Interactive ISO installation](intro_installation_bootable_media.mdx) -- [Install a Conductor](install_conductor_overview.md) -- [Create the Router configuration with the Conductor](intro_basic_router_config.md) or [Import a Configuration](single_conductor_config.md) -- [Install the Router using the OTP ISO](intro_otp_iso_install.mdx) or [Install the Router using the Interactive Installation](intro_installation_bootable_media.mdx) - -To install the SSR software on AWS or Azure, refer to: - - [Installation from Amazon Web Services (AWS) Marketplace](intro_installation_aws.md) - - [Amazon Web Services Quickstart](intro_installation_quickstart_aws.md) - - [Installation in Microsoft Azure](intro_installation_azure.md) - -A Mist-redirect ZTP process for Conductor-managed deployments is supported on Juniper branded hardware devices - the SSR1x0/1x00. See [Onboard an SSR Device to a Conductor](onboard_ssr_to_conductor.md) for details about this process. -## Image Based Installation +Beginning with SSR 6.3.0, the Universal ISO Installation simplifies and streamlines the SSR installation and initialization process, and supports Conductor-managed image-based installations as well as Mist-managed deployments. -Beginning with version 6.0, an image-based ISO installation process has been implemented for users who manage their network using the Mist Cloud. This installation and upgrade process is only available for SSR version 6.0 and higher, and is currently only available for Mist-managed deployments. See [Image-Based Installation](intro_installation_image.md) for information and the ISO installation process. - -:::important -The Image-Based Installation process supports Mist WAN Assurance; the Mist-managed WAN Assurance offering. Do not use the image-based installation for conductor-managed WAN Telemetry deployments. -::: +Installation is done from the SSR ISOs, typically from a bootable image on a flash drive or disk. The install process is as follows: +- Pre-Installation Process: + - [Download the ISOs](intro_downloading_iso.md) + - [Create Bootable Media](intro_creating_bootable_usb.md) +- [SSR Universal ISO Installation (SSR 6.3.0+)](intro_installation_univ-iso.md) + - [SSR Installation](install_univ_iso.md) + - [Device Initialization](initialize_u-iso_device.md) + +- Cloud Platform Installation: + - [Installation from Amazon Web Services (AWS) Marketplace](intro_installation_aws.md) + - [Installation in Microsoft Azure](intro_installation_azure.md) + - [Installing in VMWare](install_vmware_config.mdx) -For customers with conductor-managed deployments, the [package-based installation](intro_installation_bootable_media.mdx) continues to be used for upgrades and new installations. +A Mist-redirect ZTP process for Conductor-managed deployments is supported on Juniper branded hardware devices - the SSR1x0/1x00. See [Onboard an SSR Device to a Conductor](onboard_ssr_to_conductor.md) for details about this process. ## Upgrades @@ -54,9 +44,3 @@ For full details and instructions refer to [Upgrading the SSR Networking Platfor ## Version Dependencies The conductor `major.minor` version must be greater than or equal to the router version. The router version can not exceed the conductors `major.minor` version, but it can have a greater patch version. All [versions currently under support](about_support_policy.md) can be run on a router and managed by the conductor, provided that the conductor version is greater. Versions of software not under support *may* work, but are not guaranteed to do so. - -Examples: -- Conductor running version 6.0.5, managing Routers running version 6.0.1: Supported. -- Conductor running version 5.4.8, managing Routers running version 5.4.10: Supported. -- Conductor running version 6.0.5, managing Routers running version 5.5.7: Supported. -- Conductor running version 5.6.8, managing Routers running version 6.1.3; Not supported. diff --git a/docs/intro_installation_bootable_media.mdx b/docs/intro_installation_bootable_media.mdx index 5e22b60c58..43d330d99f 100644 --- a/docs/intro_installation_bootable_media.mdx +++ b/docs/intro_installation_bootable_media.mdx @@ -13,6 +13,10 @@ import VerifyInstall from './_install_verify_install.md'; +:::important +If you are installing SSR Version 6.3.x, use the [Universal ISO Installation process](intro_installation_univ-iso.md). +::: + ## Prerequisites diff --git a/docs/intro_installation_image.md b/docs/intro_installation_image.md index 8f90a95fbf..70647d05b9 100644 --- a/docs/intro_installation_image.md +++ b/docs/intro_installation_image.md @@ -1,16 +1,16 @@ --- title: Image-Based Installation -sidebar_label: Image-Based Installation +sidebar_label: Image-Based Installation --- -Beginning with version 6.0, an image-based ISO installation process has been implemented for users who manage their network using the Mist Cloud. This installation and upgrade process is only available for SSR version 6.0 and higher, and is currently only available for Mist-managed deployments. - -For conductor-managed deployments, the [package-based installation](intro_installation_bootable_media.mdx) is used. +Beginning with version 6.0, an image-based ISO installation process has been implemented. This installation and upgrade process is only available for SSR version 6.0 and higher. Conductors with version 6.3.0 installed are able to manage routers installed with image-based and package-based software versions. :::important -The Image-Based Installation process supports Mist WAN Assurance; the Mist-managed WAN Assurance offering. Do not use the image-based installation for conductor-managed WAN Telemetry deployments. +If you are installing SSR Version 6.3.x, use the [Universal ISO Installation process](intro_installation_univ-iso.md). ::: +The [package-based installation](intro_installation_bootable_media.mdx) is still available for older installations and upgrades. + The image-based installation creates two volumes on the disk, installs the full 6.0.x image into one of the volumes, and boots into that image. When an upgrade is intiated, the new ISO image is copied into the other volume. The upgrade process copies configurations and persistent information from the old image to the new image, then reboots into the new version. The Image-based install consists of the following steps: diff --git a/docs/intro_installation_legacy.md b/docs/intro_installation_legacy.md new file mode 100644 index 0000000000..b2a2629557 --- /dev/null +++ b/docs/intro_installation_legacy.md @@ -0,0 +1,60 @@ +--- +title: SSR Legacy Software Installation Overview +sidebar_label: SSR Legacy Software Installation Overview +--- +## Introduction + +This guide focuses on legacy software installations - those prior to version 6.3.0. The installation process changes significantly with version 6.3.0. + +Welcome to Session Smart Routing - the first software-based routing solution designed to be both session-oriented and service-centric through the application of Secure Vector Routing. The purpose of this guide is to provide an overview and installation walkthrough for the SSR Router and Conductor products into a Linux operating system environment. This product suite is collectively known as SSR Software. + +## Before You Begin +Before you begin the installation and configuration of an SSR Networking Plaform, you must: +- Be familiar with Linux fundamentals, basic network addressing, and IP networking terminology. +- Be a system administrator to perform the installation and configuration. +- Have an entry in `/etc/sudoers` allowing you to execute Linux shell commands as root (via sudo). Failure to do so may result in the loss of remote management connectivity to the router. + +:::note +The examples listed in this guide generally prefer running commands as a non-root user, except as noted, and prepend commands that must be run as a superuser with sudo. **The SSH Root login is not permitted.** +::: + +## Installation Process + +- Pre-Installation Process: + - [Download the ISOs](intro_downloading_iso.md) + - [Create Bootable Media](intro_creating_bootable_usb.md) +- Legacy Installation + - [Perform the Interactive ISO installation](intro_installation_bootable_media.mdx) + - [Install a Conductor](install_conductor_overview.md) + - [Create the Router configuration with the Conductor](intro_basic_router_config.md) or [Import a Configuration](single_conductor_config.md) + - [Install the Router using the OTP ISO](intro_otp_iso_install.mdx) or [Install the Router using the Interactive Installation](intro_installation_bootable_media.mdx) + +A Mist-redirect ZTP process for Conductor-managed deployments is supported on Juniper branded hardware devices - the SSR1x0/1x00. See [Onboard an SSR Device to a Conductor](onboard_ssr_to_conductor.md) for details about this process. + +### Image-based Installation + +SSR Version 6.3.0 provides support for image-based installs for both Conductor- and Mist-managed deployments. Earlier installations (6.0.x - 6.2.x) using the image-based install only support Mist-managed deployments. + +An image-based ISO installation process is available for users who manage their network using the Mist Cloud. This installation and upgrade process is available for SSR version 6.0.x - 6.2.x, and is only available for Mist-managed deployments. See [Image-Based Installation](intro_installation_image.md) for information and the ISO installation process. + +:::important +The Image-Based Installation process supports Mist WAN Assurance; the Mist-managed WAN Assurance offering. Do not use the image-based installation for versions 6.0.x - 6.2.x in a conductor-managed WAN Telemetry deployment. +::: + +For customers with legacy conductor-managed deployments, the [package-based installation](intro_installation_bootable_media.mdx) continues to be used for upgrades and new installations. + +## Upgrades + +Please refer to [Upgrade Considerations](intro_upgrade_considerations.md) before upgrading. Additional prerequisites include configuring a user with super user (sudo) privileges. **The SSH Root login is not permitted.** If the existing version allows SSH Root login, it will be disabled during the upgrade. When a system is installed using the OTP ISO, a "t128" user is configured with sudo privileges. + +For full details and instructions refer to [Upgrading the SSR Networking Platform.](intro_upgrading.md) + +## Version Dependencies + +The conductor `major.minor` version must be greater than or equal to the router version. The router version can not exceed the conductors `major.minor` version, but it can have a greater patch version. All [versions currently under support](about_support_policy.md) can be run on a router and managed by the conductor, provided that the conductor version is greater. Versions of software not under support *may* work, but are not guaranteed to do so. + +Examples: +- Conductor running version 6.0.5, managing Routers running version 6.0.1: Supported. +- Conductor running version 5.4.8, managing Routers running version 5.4.10: Supported. +- Conductor running version 6.0.5, managing Routers running version 5.5.7: Supported. +- Conductor running version 5.6.8, managing Routers running version 6.1.3; Not supported. diff --git a/docs/intro_installation_univ-iso.md b/docs/intro_installation_univ-iso.md new file mode 100644 index 0000000000..813302ad0a --- /dev/null +++ b/docs/intro_installation_univ-iso.md @@ -0,0 +1,40 @@ +--- +title: SSR Universal ISO Installation Overview +sidebar_label: SSR Universal ISO Installation Overview +--- + +Beginning with version 6.3.0, the SSR uses a single downloadable ISO with a significantly simplified installation process. After the SSR installation completes, the GUI provides clear choices and processes for each of the device configuration options: Conductor, a Conductor-managed router, or a Mist-managed router. + +#### Version History + +| Release | Modification | +| ------- | ------------ | +| 6.0.0 | Image-based ISO installation process implemented for Mist-managed networks. | +| 6.3.0 | Universal ISO released, migrating to a single ISO installation format for Conductor, Conductor-managed, and Mist-managed deployments. | + +The installation workflow consists of the following steps: + +- [Download](#download) +- [Create a bootable USB](intro_creating_bootable_usb.md) +- [Software Installation](install_univ_iso.md) +- [Device Initialization](initialize_u-iso_device.md) + +## Download + +The ISO is available for download at the following location: + + +https://software.128technology.com/artifactory/list/generic-128t-install-images-release-local/ + +Files available for download are: + +- `*.iso` - This file is used for installing/staging bare metal platforms. **Use this file to perform an image-based install.** +- `*.tar` - This file is used by Mist or the SSR conductor for image-based upgrades, and is accessed directly by the system during the upgrade. User download is not necessary or advised. + +You will be prompted for your username and token to access the web page listing the software versions. Download is done directly from the page. + +### Create a Bootable USB + +Use the instructions for [Creating a Bootable USB](intro_creating_bootable_usb.md) to create a bootable USB drive containing the universal ISO image. + +Once you have the USB, let's go [Install the SSR software!](install_univ_iso.md) \ No newline at end of file diff --git a/docs/intro_otp_iso_install.mdx b/docs/intro_otp_iso_install.mdx index c11e5b8720..4817c31e4b 100644 --- a/docs/intro_otp_iso_install.mdx +++ b/docs/intro_otp_iso_install.mdx @@ -5,7 +5,11 @@ sidebar_label: Router Installation Using OTP import Flowchart from '../src/components/Flowchart'; -The Session Smart Router has a software-driven framework for rapid and dynamic deployment of network nodes across the enterprise using One Touch Provisioning (OTP). The software has been architected to enable automated deployment across a large set of scenarios, including simple, repeatable branch deployments and dynamic, scalable data center/cloud deployments. The solution may be deployed with minimal configuration using the default SSR installation process, or customized and integrated with 3rd party tools. +:::important +If you are installing SSR Version 6.3.x, use the [Universal ISO Installation process](intro_installation_univ-iso.md). +::: + +The Session Smart Router has a software-driven framework for rapid and dynamic deployment of network nodes across the enterprise using One Touch Provisioning (OTP). The software has been developed to enable automated deployment across a large set of scenarios, including simple, repeatable branch deployments and dynamic, scalable data center/cloud deployments. The solution may be deployed with minimal configuration using the default SSR installation process, or customized and integrated with 3rd party tools. An important aspect of the OTP solution is its flexibility. When the product is deployed using the standard SSR images, many customers appreciate the simplicity of enabling an enterprise-wide SessionSmart™ routing fabric without investing additional time to customize the deployment. Rapid deployment of session-enabled routing, security and network visibility is the key objective. @@ -238,7 +242,7 @@ The password data within the JSON is required if the QuickStart file was encrypt ### Testing -The Bootstrap utility provides an entrypoint to test your QuickStart Server. By executing the command below, the client makes requests to URLs and attempts to download and decode the QuickStart file. It will NOT apply the QuickStart to the platform - only test the process. +The Bootstrap utility provides an entry point to test your QuickStart Server. By executing the command below, the client makes requests to URLs and attempts to download and decode the QuickStart file. It will NOT apply the QuickStart to the platform - only test the process. ``` $ bootstrap128t rest-test -i ``` @@ -246,3 +250,25 @@ Or, if you want to test a specific url: ``` $ bootstrap128t rest-test -i --url ``` + +### Additional Considerations with Strict Host Key Checking + +If a router is configured for strict `inter-router host-key-checking` (set to `yes`), but **does not** have `accept-new` configured, it will be necessary to manually provision the new conductor key **prior** to migrating the router to the conductor. This will require the administrator to retrieve the host key of each node of the new conductor and configure this in the router. + +On the conductor, identify the `key` for each node using the command [`show system connectivity host-keys node all`](cli_reference.md#show-system-connectivity-host-keys). + +From the router PCLI, provision each conductor key using the following command: +`create system connectivity known-hosts node ssh-rsa ` + +- `` is the router node. The key should be added on each router node in an HA pair. +- `` is the conductor address. This should be added for each conductor address of an HA conductor pair. +- `` is the `Key` retrieved from the previous step. +- `` is an option that can be used to identify the key; for example `Conductor1`. + +The following example manually configures the key to the conductor node `192.168.1.13`: + +`create system connectivity known-hosts router RTR_EAST_COMBO node combo-east-1 [192.168.1.13]:930 ssh-rsa ` + +For additional information, see [`create system connectivity known-hosts`](cli_reference.md#create-system-connectivity-known-hosts). + +See [Enable Strict Host Key Checking](cc_fips_otp_router_install.md#enable-strict-host-key-checking) for configuration information. \ No newline at end of file diff --git a/docs/intro_rollback.md b/docs/intro_rollback.md index 642bde2649..2588e32c34 100644 --- a/docs/intro_rollback.md +++ b/docs/intro_rollback.md @@ -3,18 +3,23 @@ title: Rolling Back Software sidebar_label: Rollback --- -Occasionally you may want or need to revert to a previously running version of SSR software. This is referred to as *rolling back*, and can be accomplished via either the standalone SSR installer application, or by using Automated Provisioner. (Note: as with upgrading, rolling back software using Automated Provisioner is only possible on routers managed by an SSR Conductor.) +Occasionally you may need to revert to a previously running version of SSR software. This is referred to as *rolling back*, and can be accomplished via either the standalone SSR installer application, or by using Automated Provisioner. + +:::note +As with upgrading, rolling back software using Automated Provisioner is only possible on routers managed by an SSR Conductor. +::: ## Rollback Considerations -Rollbacks are not supported if configuration changes are made after the conductor or router are updated to the target version. For example, if the conductor and/or router has been upgraded to version 5.4, and a new feature such as Traffic Engineering is configured on the target conductor or router, rolling back to an earlier version of software may result in loss of configuration or router functionality. +With an upgrade or installation of SSR v6.3.0, conductor rollbacks are performed using the `request system software revert` command from the conductor's PCLI. The `show system software revert` command to view the progress of a revert operation. On routers, it is recommended that upgrades are performed from the conductor's GUI. Router rollbacks must be performed from the PCLI. -If rolling back must be done with the interactive installer (below), the salt-minion must be shutdown. -This is done on the target node using the following command: +Beginning with SSR v6.3.0, the use of the interactive installer is not supported, or necessary. Software installation and upgrade upgrade activities are supported from the GUI or PCLI; rollback activities can only be performed from the the PCLI. -`sudo systemctl stop salt-minion` +## Legacy Rollback + +Use the information below when rolling back software versions prior to 6.3.0. -Conductors can only be rolled back with the interactive installer. Shutting down the salt-minion is required. +Rollbacks are not supported if configuration changes are made after the conductor or router are updated to the target version. For example, if the conductor and/or router has been upgraded to version 6.2, and a new feature is configured on the target conductor or router, rolling back to an earlier version of software may result in loss of configuration or router functionality. ### Rolling Back using Automated Provisioner @@ -27,6 +32,16 @@ Confirming the action will initiate the rollback process. ### Rolling Back using the Interactive Installer +For software versions prior to SSR v6.3.0, **conductors** can only be rolled back with the interactive installer. Shutting down the salt-minion is required. + +:::important +Rolling back an earlier version of the SSR software on a router that is managed by a conductor using the interactive installer `install128t` may result in the system becoming unresponsive. It is highly recommended that managed router rollbacks be performed through the conductor UI. Manual upgrades and rollbacks may not be resilient to failures. +::: + +For all software versions prior to SSR v6.3.0 in a situation where a rollback must be performed with the interactive installer, the salt-minion must be shut down. This is done on the target node using the following command: + +`sudo systemctl stop salt-minion` + 1. Launch a Linux command prompt window on the node you wish to rollback. :::note diff --git a/docs/intro_upgrade_considerations.md b/docs/intro_upgrade_considerations.md index e4ad743d76..433e5e78ca 100644 --- a/docs/intro_upgrade_considerations.md +++ b/docs/intro_upgrade_considerations.md @@ -2,13 +2,17 @@ title: Upgrade Considerations sidebar_label: Upgrade Considerations --- -Before upgrading to **version 5.3 or 5.4 and higher**, please review the following information. +Before upgrading please review the following information. ### Upgrade Installer -Before **upgrading to, or installing** version 5.4, update the Installer to the latest version. Failing to upgrade the installer may result in a rollback failure, should a rollback be necessary at any time. +For software versions prior to 6.3.0, before **upgrading or installing**, update the Installer to the latest version. Failing to upgrade the installer may result in a rollback failure, should a rollback be necessary at any time. ### Rollback Considerations -Upgrading or rolling back a system (conductor peer or router) with the interactive installer `install128t`, that is managed by a conductor may result in the system becoming unresponsive. It is highly recommended that upgrades be performed through the conductor UI. Manual upgrades and rollbacks may not be resilient to failures. See [Rolling Back Software](intro_rollback.md) for more information on these operations. +With an upgrade or installation of SSR v6.3.0, conductor rollbacks are performed using the `request system software revert` command from the conductor's PCLI. On routers, it is recommended that upgrades are performed from the conductor's GUI. Router rollbacks must be performed from the PCLI. + +Beginning with SSR v6.3.0, the use of the interactive installer is not supported, or necessary. Software installation and upgrade upgrade activities are supported from the GUI or PCLI; rollback activities can only be performed from the the PCLI. + +With software versions earlier than 6.3.0, upgrading or rolling back an earlier version of the SSR software on a peer condutor or router that is managed by a conductor using the interactive installer (`install128t`) may result in the system becoming unresponsive. For this reason it is highly recommended that managed router rollbacks be performed through the conductor UI. Manual upgrades and rollbacks may not be resilient to failures. See [Rolling Back Software](intro_rollback.md) for more information on these operations. ## Configuration Validation Changes Several modifications have been made to the verification process for configurations. As a result, configurations that were valid in earlier versions of the SSR software may now present configuration errors. The information below provides an awareness of what to look for and address. diff --git a/docs/intro_upgrading.md b/docs/intro_upgrading.md index 62a7f2342d..baf787f083 100644 --- a/docs/intro_upgrading.md +++ b/docs/intro_upgrading.md @@ -1,25 +1,23 @@ --- -title: Upgrading the SSR Networking Platform -sidebar_label: Upgrading +title: Upgrade Overview +sidebar_label: Upgrade Overview --- :::note -If you are upgrading to version 5.3 or higher of the SSR software, please refer to the [Upgrade Considerations](intro_upgrade_considerations.md) before proceeding. +Please refer to the [Upgrade Considerations](intro_upgrade_considerations.md) before proceeding. ::: -Your SSR router or conductor must have internet access to download the latest software packages; for deployments where the SSR does not have internet access, you can use the SSR conductor as a repository (or proxy) to retrieve software images. As with any upgrade activity, it is always prudent to create a backup of your current software configuration before initiating any upgrade activity. +Your SSR conductor or router must have internet access to download the latest software packages; however, we recognize that there are deployments where the SSR does not have internet access. In those cases you can use the SSR conductor as a repository (or proxy) to retrieve or store software images. For information about upgrading offline or air-gap network devices, refer to [Upgrades with Restricted Internet Access](upgrade_restricted_access.md). -There are three standard ways of upgrading routers: +As with any upgrade activity, it is always prudent to create a backup of your current software configuration before initiating any upgrade activity. -- Using the conductor's PCLI to initiate the upgrade -- Using the conductor's GUI to initiate the upgrade -- Manually upgrading a router by invoking the `install128t` application from the Linux shell +Conductor and router upgrades may be performed from the GUI of the Conductor, the PCLI of the conductor, or in the case of an unmanaged router, from the router itself. :::note -The router upgrade process using the PCLI and the GUI is done in two stages: First, the software is downloaded, then it is installed. Use the `install128t` application steps through both of these processes. +The router upgrade process using the PCLI and the GUI is done in two stages: First, the software is downloaded, then it is installed. ::: -Prerequisites for upgrades now include configuring a user with super user (sudo) privileges. **SSH Root login is not permitted.** If the existing version allows SSH Root login, it will be disabled during the upgrade. When a system is installed using the OTP ISO, a "t128" user is configured with sudo privileges. +Prerequisites for upgrades include configuring a user with super user (sudo) privileges. **SSH Root login is not permitted.** If the existing version allows SSH Root login, it will be disabled during the upgrade. Systems that were installed using the OTP ISO have a **t128** user configured by default with `sudo` privileges. ### Version Dependencies @@ -31,200 +29,10 @@ Examples: - Conductor running version 6.0.5, managing Routers running version 5.5.7: Supported. - Conductor running version 5.6.8, managing Routers running version 6.1.3; Not supported. -### Stopping the SSR Software +For Upgrade procedures, refer to the appropriate section: -Before upgrading the SSR Software from the PCLI, use the following procedure to stop the the software. +- [Upgrading the Conductor](upgrade_ibu_conductor.md) +- [Upgrading the Router](upgrade_router.md) +- [Upgrades with Restricted Internet Access](upgrade_restricted_access.md) +- [Legacy Upgrades](upgrade_legacy.md) Software versions prior to SSR 6.3.0 -1. Launch a Linux shell window. -2. Execute the command: - - `sudo systemctl stop 128T` - -3. Verify that the software has stopped by executing the command: - - `sudo systemctl status 128T` - - Result: The software is listed as inactive (dead). - -4. Stop the salt-minion. - - `sudo systemctl stop salt-minion` - -5. Close the Linux shell. - -## Upgrading the Conductor -Use the following procedures to upgrade a Conductor from the GUI or using the Interactive Installer (linux shell). - -:::note -Before upgrading a conductor, it is recommended to [export the running configuration](config_basics.md#importexport). -::: - -### Upgrade using the GUI - -1. Select **Conductor** under Authority. -2. In the **Node: Conductor** panel, select the **Upgrade SSR** icon (the arrow within a circle). This icon displays green when upgrades are available. -3. In the **Upgrade SSR** window, use the drop down to select the SSR version for the upgrade. -4. Click **Proceed**. - -The Upgrade screen displays the Raw Log with the upgrade progress. Once the upgrade is complete, the Conductor is restarted and the GUI is refreshed. - -### Using the Interactive Installer - -:::important -For systems with both primary and secondary conductors, it is a best practice to upgrade only one conductor at a time. -::: - -Use the [Interactive Installer](#upgrading-using-the-interactive-installer) procedure to upgrade the conductor from a linux shell. - -## Upgrading a Router -Use the following procedures to upgrade a Router. - -:::note -The Router software version cannot be higher than the software version installed on the Conductor. -::: - -### Upgrade using the Conductor's PCLI - -For routers managed by an SSR Conductor, upgrades can be initiated via the SSR conductor's PCLI. This upgrade process is completed in two stages: *download* followed by *upgrade*. - -As an administrator-level user, log into the conductor's PCLI. - -1. Use the command `show assets` to list the devices managed by this conductor, and the software revision each asset is currently running. - -2. For a given asset, use the command `show asset [asset ID]` or `show asset software router [router name]` to view the available software upgrades for that asset. The list will be in the section labeled "Available for Download" at the end of the output. - :::note - If there are software releases absent from the list that you are confident should appear, use the command `send command yum-cache-refresh router [router name]` to refresh the software list. - ::: - -3. Type `send command download router [your router name] [software version]`. You can monitor the progress by using the `show asset` and/or `show asset [asset ID]` command, which will indicate Automated Provisioner status (e.g., *downloading*). - -4. Once the download is complete, use the command `send command upgrade router [your router name]` to initiate the upgrade process. - -The conductor's _automated provisioner_ will upgrade both nodes in a high availability router in series to minimize/avoid downtime. Despite this, it is still recommended to perform upgrade activity during periods of low traffic or maintenance windows. - -### Upgrade using the Conductor's GUI - -Beginning with the 5.6.0 release of the SSR software, router upgrades are performed from the Software Lifecycle panel. - -![Software Lifecycle Panel](/img/intro_upgrading_swlifecycle.png) - -1. Navigate to the Routers page. -2. At the top of the page, select Software Lifecycle. -3. To being the upgrade process, select Initiate Upgrade. -4. Select Download and a version from the dropdown. -5. Select the router or routers where the software will be downloaded from the router list. -6. Click start. -7. When the download process completes, return to the Software Lifecycle panel and select upgrade, the version, the router, and finally the Start button. -The upgrade will run to completion with no interaction necessary. - -#### Lifecycle History - -To view the install history for your routers, selecting Lifecycle History displays all versions downloaded and installed, and the operation status. - -#### Legacy Upgrades - -Use the steps below to download and upgrade SSR software if you are running versions earlier than 5.6.0. - -Similar to the process for upgrading using the PCLI, the upgrade process using the GUI is done in two stages: *download* and *upgrade*. - -1. Navigate to the Router page in the Conductor's GUI. Routers that have available upgrades are indicated with the green **Upgrade SSR** icon (the arrow within a circle) in the router list. -2. Click on the **Upgrade SSR** icon next to your router. A list of upgrade and download options appears. This list is filterable if the list grows large. -3. Click on the target release in the Available Downloads section of the list. -4. Confirm the operation to begin downloading the software. Clicking on the router in the router list shows download progress. -5. Once complete, click the **Upgrade SSR** icon again, and select the target software release from the Available Upgrades list. Confirm this operation to begin the upgrade process. - -The Automated Provisioner upgrades both nodes in a high availability router in series to minimize/avoid downtime. Despite this, it is still recommended to perform upgrade activity during periods of low traffic or maintenance windows. - -## Upgrading using the Interactive Installer -The Interactive Installer can be used to upgrade a conductor or a router. - -1. Launch a Linux command prompt window on the node you wish to upgrade. - - :::note - If you are running an older version of the Installer (prior to version 2.7.0), it is strongly recommended that you first upgrade to the latest version of the Installer. If the upgrade is not possible, and you are running an Installer version prior to 2.7.0, use the Screen utility when performing an upgrade in interactive mode to avoid SSH session timeout. Installer versions 2.7.0 and above do not need to use the Screen utility. - - To upgrade the installer, run `dnf update 128T-installer` from the linux prompt. - ::: - -2. Create a screen and attach to it. - ``` - screen -d -m -s - screen -x - ``` -3. Shut down the salt-minion on the target node using the following command: - - ``` - sudo systemctl stop salt-minion - ``` -4. Enter the command to launch the interactive installer wizard. - - ``` - sudo install128t - ``` - - **Result**: The SSR splash screen appears. - :::note - The `install128t` application checks for an available update. If a newer version is detected, it requests that you update. - ::: - -5. Press the **enter** key to select **Begin** and start the installation wizard. - - :::note - Use the spacebar to move between entries in the installer windows. - ::: - -6. When prompted, select **Upgrade**. - - ![Conductor Upgrade](/img/conductor_upgrade1.png) - - **Result**: The application queries the SSR software repository for the latest software. - -7. Select the desired software version from the list of available options. - - ![Version Selection dialog](/img/conductor_upgrade2_version.png) - -8. Confirm the upgrade to begin the upgrade process. - - ![Confirm Upgrade](/img/conductor_upgrade3_confirm.png) - -9. Once the upgrade is complete, press the **enter** key to select **Yes** to start your software. - :::note - Your output may vary based upon the nature of the upgrade, occasion, various packages, and dependencies that SSR requires as part of the SSR Routing Software upgrade. - ::: - -9. Detach from the Screen utility (if applicable). - ``` - ctrl+a - d - ``` - -## Routers with Restricted Internet Access - -The standard upgrade workflow is for individual instances of SSR software to download software upgrades directly from mirror servers hosted and managed by Juniper on the public internet. Occasionally, SSRs are deployed in locations with restricted or no access to the internet. In this case, you can configure the routers to retrieve software from a conductor. - -Within a given router's configuration, at `router > system > software-update > repository`, you can configure the `source-type` setting to one of three values: - -- `conductor-only`: The router retrieves software versions only from the conductor. - - :::note - The conductor(s) require internet access, and the routers must be able to resolve internet hosted repositories. - ::: -- `prefer-conductor`: The router will retrieve software versions from the conductor, and fall back to using the internet -- `internet-only` (default): The router will use Juniper's publicly hosted repositories for retrieving software images - -:::note -Because this is a router setting, your collection of routers can each use different preferences. For example, a router on the internet can use a Juniper repository, but another router managed by the same conductor sitting in an isolated environment can use the conductor. -::: - -For routers that have no access to the internet, set `router > system > software-update > repository > offline-mode` to `true`. This overrides the `source-type` leaf. - -The `import iso` command is used to import packages contained within an SSR ISO onto a local yum repository, allowing the SSR to be upgraded without connecting to Juniper servers. -:::note -In an HA setup, when using offline-mode for routers to access the software from the conductors, the ISO must be imported to both conductors before performing the upgrade. -::: - -The [import iso](cli_reference.md#import-iso) command allows a user to specify the exact `filepath` to the ISO, or to specify `hunt` which searches the disk for a file that matches the pattern `128T*.iso` (except in the following directories `/boot`, `/dev`, `/proc`, and `/sys`). - -This feature works on either the Conductor or the Routers. It can be combined with the Conductor Hosted Repos feature where the ISO is imported to the Conductor and then the Routers use the Conductor as the yum repository to download SSR packages. - -Once the local software repository has been updated with the software from the ISO, the upgrade can proceed using your preferred method. diff --git a/docs/plugin_intro.md b/docs/plugin_intro.md index 1295967e8b..58a41c802b 100644 --- a/docs/plugin_intro.md +++ b/docs/plugin_intro.md @@ -58,7 +58,7 @@ In the SSR platform architecture, `salt` is used as communication mechanism betw * Trigger additional services or functions on the router such as systemd services etc. :::note -Plugins rely on connectivity between the conductor and router to drive their logic. They also rely on the router to have access to the SSR RPM repository as either direct access over internet or by leveraging [conductor hosted repo](intro_upgrading.md#routers-with-restricted-internet-access). +Plugins rely on connectivity between the conductor and router to drive their logic. They also rely on the router to have access to the SSR RPM repository as either direct access over internet or by leveraging [conductor hosted repo](upgrade_restricted_access.md). ::: ## Plugin Concepts diff --git a/docs/plugin_ipsec_client.md b/docs/plugin_ipsec_client.md index 6bb28a5fca..6fde9cbd48 100644 --- a/docs/plugin_ipsec_client.md +++ b/docs/plugin_ipsec_client.md @@ -578,7 +578,8 @@ If a tunnel goes down, we set the corresponding ingress KNI to be operationally Example output when the tunnel for `rem1` goes down: -```admin@combo-west.RTR_WEST_COMBO# show alarms +``` +admin@combo-west.RTR_WEST_COMBO# show alarms Tue 2020-06-30 16:42:50 UTC ============== ===================== ========== ============= =========== ================================== diff --git a/docs/plugin_wireguard.md b/docs/plugin_wireguard.md index 9e95abbbaf..1af2c42687 100644 --- a/docs/plugin_wireguard.md +++ b/docs/plugin_wireguard.md @@ -2,7 +2,7 @@ title: Wireguard Plugin sidebar_label: Wireguard --- - + The wireguard plugin allows your SSR to peer with other endpoints using [wireguard](https://www.wireguard.com/). With this plugin you can securely connect endpoints to your SSR fabric, extending services and network tenancy. ![Wireguard overview](/img/plugin_wireguard_1.png) @@ -16,7 +16,7 @@ See instructions for [installing and managing](plugin_intro.md#installation-and- Wireguard operates using [cryptokey routing](https://www.wireguard.com/#cryptokey-routing), which provides device-to-edge security with an SSR service centric fabric. For any wireguard peer to securely communicate with another, a [Curve25519](https://tools.ietf.org/html/rfc7748) public/private keypair is generated. Each endpoint wishing to form a peering relationship must be configured minimally with the public key of the peer, and the prefixes that are allowed to be sent to the peer. When an SSR is configured for wireguard, it will generate a public key which can be configured in remote endpoints that are to peer with it. Additionally service prefixes that should be sent to the SSR by a wireguard peer, can be configured as allowed IPs. More information on wireguard configuration can be found [here](https://www.wireguard.com/quickstart/). - + ## Basic Configuration To configure your SSR for wireguard peering, you first create a wireguard profile on the router. For example, the following defines a profile called `wg-profile-1`. Each wireguard endpoint will use a unique address from the prefix `10.10.10.0/24` as defined in the profile and the router wireguard instance will use the first address of `10.10.10.1`.: @@ -251,9 +251,11 @@ Completed in 0.27 seconds ### Remote Endpoint Configuration Now the remote peer endpoints can be configured to peer with the `dc1` and `dc2` routers at their respective interface addresses, and route the corresponding service prefixes of `172.16.1.0/24` and `172.16.2.0/24` to each. For example, a wireguard config for peer `p1` might look like the following: + :::tip See [wireguard documentation](https://www.wireguard.com/quickstart/) for more on configuring wireguard on other endpoints. ::: + ``` [Interface] # p1 @@ -366,11 +368,11 @@ PersistentKeepalive = 30 :::note If wireguard is hosted on a DHCP enabled interface, the peer's `Endpoint` address needs to be configured with the latest IP address assigned. ::: - + :::note The `PersistentKeepalive` in this wireguard configuration causes the peer to keep the connection to the peer alive by sending periodic traffic. This has the effect of allowing the SSR to originate sessions to the peer at any time. See [wireguard documentation](https://www.wireguard.com/quickstart/) for more on configuring wireguard on other endpoints. ::: - + With the profile and peer configured on the SSR `r1`, and wireguard configured on the remote IoT device, you can verify the device is keeping the connection alive by reviewing the `latest handshake` output of `show device-interface router name `: ``` diff --git a/docs/release_notes_128t_4.5.md b/docs/release_notes_128t_4.5.md index de8edbc62f..b9f69c92dc 100644 --- a/docs/release_notes_128t_4.5.md +++ b/docs/release_notes_128t_4.5.md @@ -298,7 +298,7 @@ The following error is displayed: /usr/bin/nice: /usr/lib/128T-installer/install128t.par: No such file or directory Failed to upgrade 128T! ``` -The recommended course of action is to perform a manual interactive upgrade of the conductor. Please refer to [Upgrading Using the Interactive Installer](intro_upgrading.md#upgrading-using-the-interactive-installer) for that process. +The recommended course of action is to perform a manual interactive upgrade of the conductor. Please refer to [Upgrading Using the Interactive Installer](upgrade_legacy.md#upgrading-using-the-interactive-installer) for that process. ## Release 4.5.5 diff --git a/docs/release_notes_128t_5.0.md b/docs/release_notes_128t_5.0.md index 054e935317..565c729e93 100644 --- a/docs/release_notes_128t_5.0.md +++ b/docs/release_notes_128t_5.0.md @@ -71,7 +71,7 @@ Before upgrading, ensure that there is at least one user on each 128T system tha ------ - **I95-34823 About page includes link to online documentation:** The 128T GUI now includes a link to the online documentation set. ------ -- **I95-35150 [PCLI Clone Configuration](cli_reference.md#clone):** The clone command duplicates the configuration data from an existing router into a new router with a new name, and stages it to the candidate configuration. +- **I95-35150 PCLI Clone Configuration:** The clone command duplicates the configuration data from an existing router into a new router with a new name, and stages it to the candidate configuration. ------ - **I95-35190 [PCLI bulk paste configuration](concepts_pcli.md#paste-config):** The PCLI detects configuration entered in bulk and accepts input in either show config native format or flat format. ------ diff --git a/docs/release_notes_128t_5.6.md b/docs/release_notes_128t_5.6.md index b16bfd9bc7..f6688da263 100644 --- a/docs/release_notes_128t_5.6.md +++ b/docs/release_notes_128t_5.6.md @@ -1002,7 +1002,7 @@ PCLI: The PCLI command `save tech-support-info` can now collect logs from anothe ------ - **I95-41509 STEP Route Computation enhancements:** STEP uses additional service policy information when computing the best path scenario. See [STEP Route Computation](config_STEP.md#route-computation) for more information. ------ -- **I95-41557 Software Lifecycle Management:** The download, upgrade, and software lifecycle process is more easily managed from a single location in the GUI. See [Software Lifecycle](intro_upgrading.md#upgrade-using-the-conductors-gui) for additional information. +- **I95-41557 Software Lifecycle Management:** The download, upgrade, and software lifecycle process is more easily managed from a single location in the GUI. See [Software Lifecycle](upgrade_router.md#upgrade-using-the-conductors-gui) for additional information. ------ - **I95-42483 STEP Page in the GUI:** [The STEP page in the GUI](howto_STEP_GUI.md) provides graphical representations of STEP data. ------ diff --git a/docs/release_notes_128t_6.1.md b/docs/release_notes_128t_6.1.md index 99cf31facb..04ae7b4142 100644 --- a/docs/release_notes_128t_6.1.md +++ b/docs/release_notes_128t_6.1.md @@ -45,7 +45,7 @@ The change should be made on both nodes of an HA system. If a conductor is alrea This issue will be corrected in an upcoming release. -## Release 6.1.10-8 +## Release 6.1.10-8-lts **Release Date:** August 22, 2024 @@ -163,7 +163,7 @@ This issue will be corrected in an upcoming release. ------ - **I95-57607 Saving TSI as root from the conductor generates oversized file:** Added and enforcement that when calling `/usr/bin/save-tech-support-info` the `--output` argument always ends in .`zip`. -## Release 6.1.9-2 +## Release 6.1.9-2-lts **Release Date:** June 27, 2024 @@ -171,7 +171,7 @@ This issue will be corrected in an upcoming release. - **The following CVE's have been identified and addressed in this release:** CVE-2024-2973 -## Release 6.1.8-15 +## Release 6.1.8-15-lts **Release Date:** May 3, 2024 @@ -256,7 +256,7 @@ These counters are available per-bond-member. ------ - **WAN-3013 MistAnalytics HA onboarding timeout too short:** The timeout for HA analytics formation has been extended. -## Release 6.1.7-3 +## Release 6.1.7-3-lts **Release Date:** February 17, 2024 @@ -316,7 +316,7 @@ These counters are available per-bond-member. ------ - **I95-55389 Queries for private domains with Websense classified as Miscellaneous:** Domains categorized by Websense as Uncategorized are now classified as Uncategorized/Uncategorized, rather than Miscellaneous/Uncategorized. -## Release 6.1.6-7 +## Release 6.1.6-7-lts **Release Date:** January 2, 2024 @@ -456,7 +456,7 @@ These counters are available per-bond-member. ------ - **I95-54490 Permission denied when trying to open a user config file:** Resolved a permissions issue for the `connect router` command by adding ACLs for reverse SSH so that this is accessible for admin users. -## Release 6.1.5-14 +## Release 6.1.5-14-lts **Release Date:** September 22, 2023 @@ -681,7 +681,7 @@ This issue is actively being addressed, and will be resolved in an upcoming patc ------ - **I95-53777 Multicast traffic not passing after HA Failover:** High Availability with Multicast is not fully supported. Drop or complete loss of traffic may be seen when the primary node resumes traffic after a node failure and failover. -## Release 6.1.3-4 +## Release 6.1.3-4r1 **Release Date:** May 22, 2023 @@ -697,7 +697,7 @@ This issue is actively being addressed, and will be resolved in an upcoming patc ------ - **WAN-1958 Mist agent crashes:** Increased internal file system limits which were preventing some services from starting correctly at boot. Limits were raised based on expected system usage. -## Release 6.1.2-7 +## Release 6.1.2-7r1 **Release Date:** May 12, 2023 @@ -769,7 +769,7 @@ and there are established flows for any of these services, a link flap triggerin **_Workaround:_** Make a simple configuration change and commit the change. Any configuration change is sufficient to start the internal proxy service. Once this commit has been made this will no longer be an issue. -## Release 6.1.1-6 +## Release 6.1.1-6r1 **Release Date:** April 28, 2023 @@ -782,7 +782,7 @@ The impacted sessions will time out when all packets for the failed sessions sto ------ - **I95-51093 Race condition in `session-scaling` can cause crash/restart:** Resolved an issue when `session-scaling` is set to `enabled` together with `outbound-only`, a race condition can cause a crash and restart of the `highway` process in the SSR. -## Release 6.1.0-55 +## Release 6.1.0-55r1 **Release Date:** April 14, 2023 diff --git a/docs/release_notes_128t_6.2.md b/docs/release_notes_128t_6.2.md index 90875157cc..6f06d9600b 100644 --- a/docs/release_notes_128t_6.2.md +++ b/docs/release_notes_128t_6.2.md @@ -460,7 +460,7 @@ Valid values for `remove-as-path`: - `only`: Remove private AS only if the AS path contains just private AS. - `replace-only`: Replace private AS with the local AS only if the AS path contains just private AS. -## Release 6.2.0-39 +## Release 6.2.0-39r1 **Release Date:** November 16, 2023 @@ -470,7 +470,7 @@ Valid values for `remove-as-path`: ------ - **I95-17284 SNMPv3:** Support for SNMPv3 has been added. For configuration details, see [SNMPv3 Basic Configuration](config_snmp.md#snmp-v3-basic-configuration). ------ -- **I95-43657 Static NAT:** Static NAT address mapping is supported by the SSR. For supporting information about this feature, see [Static NAT](config_nat.md#static-nat). +- **I95-43657 Static NAT:** Static NAT address mapping is supported by the SSR. For supporting information about this feature, see [Static NAT](config_static_nat.md). ------ - **I95-46537 Azure Mini-R Platform Support:** The Azure Mini-R is now a supported platform for the SSR software. ------ diff --git a/docs/release_notes_128t_6.3.md b/docs/release_notes_128t_6.3.md new file mode 100644 index 0000000000..6940bef64f --- /dev/null +++ b/docs/release_notes_128t_6.3.md @@ -0,0 +1,179 @@ +--- +title: SSR 6.3 Release Notes +sidebar_label: '6.3' +--- +:::info +Issues resolved in a release are merged into subsequent releases chronologically AND lexicographically. + +If you do not see an issue listed below, it may have been resolved in another recently released version. A link to the Release Notes for the most recent chronological release of SSR Software is provided. + +Alternatively, refer to the **[List of Releases](about_releases.mdx)** page for release dates and links to all SSR Release Notes; or, if you know the Issue ID Number, enter that into the Search field at the top right of this page. +::: + +### Upgrade Considerations + +:::important +Before upgrading please review the [**Upgrade Considerations**](intro_upgrade_considerations.md) and the [**Rolling Back Software**](intro_rollback.md) pages. Several modifications have been made to the process for verifying configurations, which will impact existing configurations. +::: + +- **I95-43243/IN-460 Upgrade and Rollback:** Upgrading or rolling back a system (conductor or router) with the interactive installer `install128t`, that is managed by a conductor may result in the system becoming unresponsive. It is recommended that upgrades be performed through the conductor UI. Manual upgrades and rollbacks may not be resilient to failures. See [Rolling Back Software](intro_rollback.md) for more information on these operations. +------ +- **I95-42542 Conductor Upgrade Time:** Upgrades can take up to 40 minutes due to the number of rpms being upgraded. Please plan accordingly. +------ +- **I95-42624 Upgrade Installer:** Before **upgrading to, or installing** version 5.4 and above, update the Installer to at least version 3.1.0. Failing to upgrade the installer may result in a rollback failure, should a rollback be necessary at any time. The Installer typically prompts you update when a new version is available. Select **Update** when prompted. +------ +- **Plugin Upgrades:** If you are running with plugins, updates are required for some plugins **before** upgrading the conductor to SSR version 5.4.0 or higher. Please review the [Plugin Configuration Generation Changes](intro_upgrade_considerations.md#plugin-configuration-generation-changes) for additional information. + +## Release 6.3.0-107r1 + +**Release Date:** September 30, 2024 + +### New Features + +- **I95-23304 Dynamic Source NAT:** Dynamic Source NAT translates multiple source IP addresses into a smaller pool of translated addresses and dynamic ports, which conserves public IP address space and provides the flexibility to source NAT a specific IP range. This supports scaling up sessions for an internal service. For more information, see [Dynamic NAT](config_dnat.md). +------ +- **I95-23816 Network Interface Traffic Engineering:** Network interface traffic engineering allows you to impose limitations on all traffic egressing a specific network-interface. For more information about using and configuring network interface traffic engineering, see [Network Interface Traffic Engineering](config_te_net_intf.md). +------ +- **I95-41264 Metrics and Application ID Improvements:** Steps have been taken to reduce system resource consumption for HA metrics and application identification, specifically when HA nodes are disconnected. In this situation visibility into the peer's data will be limited to the time of disconnection, and the peer history will not be available. When HA nodes are connected there is no difference in behavior. +------ +- **I95-47041 Selection of Mist Cloud during Adoption:** The onboarding process queries all Mist Instances and provides a drop down selector to allow login to the appropriate Mist instance (Global01, Global03, EU, etc.). +------ +- **I95-47154 Conductor-management of image-based SSR devices:** Upgrading to or installing SSR 6.3.0 now supports conductor managed deployments. See [SSR Universal ISO Installation](intro_installation_univ-iso.md) for installation information, and refer to [Upgrading the Conductor](upgrade_ibu_conductor.md) for upgrade information. +------ +- **I95-48255 BYOL SSR images for AWS and Azure marketplaces:** New streamlined instances for AWS and Azure have been introduced. For installation and deployment information, refer to [Installing a BYOL Mist-managed Router in AWS](intro_installation_quickstart_byol_mist_aws.md) and [Installing a BYOL Mist-managed Router in Azure](intro_installation_byol_azure_mist.md). +------ +- **I95-50572 Unified ISO for Mist and Conductor Onboarding:** A single, image-based ISO is the preferred method of installation for all SSR deployments. This new ISO greatly simplifies the software installation process and onboarding of routers to both the Mist-managed and Conductor-managed environments. For information about the install and onboarding process, refer to [SSR Universal ISO Installation](intro_installation_univ-iso.md). +------ +- **I95-51303 Offline Documentation available upon installation:** The SSR documentation site is now installed as a snapshot at the time of release, and run as a web server on the SSR router and conductor installations. This makes the full documentation site available from within a network that does not have internet access. To access the documentation, click on the Offline Product Documentation selection on the About this System page in the GUI after installation. +------ +- **I95-51501 Use of the physical MAC address for VRRP:** The command [`use-physical-address`](config_command_guide.md#configure-authority-router-node-device-interface-vrrp-use-physical-address) has been added to the device-interface configuration. This allows VRRP to use the physical MAC rather than the virtual MAC and prevents platforms that reject the virtual MAC from dropping traffic. +------ +- **I95-51512 Simplify onboarding of SSR devices in an Air-gap network:** The image-based ISO is the preferred method of installation for **all** SSR deployments. This new ISO greatly simplifies the software installation process and onboarding of routers to both the Mist-managed and Conductor-managed environments, as well as environments without internet access (air-gap). For information about the install and onboarding process, refer to [SSR Universal ISO Installation](intro_installation_univ-iso.md). +------ +- **I95-53295 Support BGP and OSPF stat outputs:** Added the following stats to the GUI: + | BGP | OSPF | + | --- | --- | + | Summary | Summary | + | Neighbors | Neighbors | + | IPV6Routes | Database | + | IPv6VPN | Interface | + | IPv4VPN | Routes | + | - | BorderRouters | +------ +- **I95-53821 Radius Remote Authentication:** Users can now be added and identified on the server, with each user account created automatically upon successful authentication on a local device. This provides a simple method for managing user accounts connected to a single authentication server with devices deployed over a wide geography. See [Configuring RADIUS](config_radius.md#configuring-radius) for more information. +------ +- **I95-54300 Session performance capacity tracking and troubleshooting:** Added Session Performance Metric in Node Health. Session Processing CPU that displays average CPU, with an expandable selection that shows the individual CPU of each of the session processing threads that come from system resource scaling/config. +------ +- **I95-54699 VRRP Redundancy per VLAN:** VRRP can now be [configured at the network-interface level](config_ha.md#configuring-vrrp-on-the-network-interface) allowing you to configure VRRP redundancy per VLAN. For command information, see [`configure authority router node device-interface network-interface vrrp`.](config_command_guide.md#configure-authority-router-node-device-interface-network-interface-vrrp) +------ +- **I95-55855 Support the `force up` mode for LACP Bond interfaces:** When enabled, a bond interface that does not receive any LACP PDU's on any member interfaces over a configured time-out period enters the `force up` mode, where one member is used as an active interface sending and receiving without the required LACP negotiation. For more information, see [LACP Bond Interfaces - Force-up](config_lacp.md#force-up) +------ +- **I95-56337 / I95-56339 / I95-56341 REST API changes to better support BGP endpoints:** Updated BGP REST endpoints for better functionality, by adding pagination support to summary commands and altering json schema to use arrays where necessary to preserve ordering. Added `show bgp family-summary` to condense address-family information per peer into one entry. +------ +- **I95-56723 TLS Client Support:** RADIUS over TLS is designed to provide secure communication of RADIUS requests using the Transport Secure Layer (TLS) protocol. RADIUS authentication, authorization, and accounting data can now be passed safely across untrusted networks. For more information, see [Configuring RADUIS over TLS](config_radsec.md). + +### Resolved Issues + +- **The following CVE's have been identified and addressed in this release:** CVE-2024-22232, CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094, CVE-2019-13631, CVE-2019-15505, CVE-2019-25162, CVE-2020-25656, CVE-2020-36777, CVE-2021-3753, CVE-2021-4204, CVE-2021-46934, CVE-2021-47013, CVE-2021-47055, CVE-2021-47118, CVE-2021-47153, CVE-2021-47171, CVE-2021-47185, CVE-2022-0500, CVE-2022-23222, CVE-2022-3565, CVE-2022-45934, CVE-2022-48627, CVE-2022-48669, CVE-2023-1513, CVE-2023-24023, CVE-2023-25775, CVE-2023-28464, CVE-2023-31083, CVE-2023-3567, CVE-2023-37453, CVE-2023-38409, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-39198, CVE-2023-4133, CVE-2023-4244, CVE-2023-42754, CVE-2023-42755, CVE-2023-45863, CVE-2023-51779, CVE-2023-51780, CVE-2023-52340, CVE-2023-52434, CVE-2023-52439, CVE-2023-52445, CVE-2023-52448, CVE-2023-52477, CVE-2023-52489, CVE-2023-52513, CVE-2023-52520, CVE-2023-52528, CVE-2023-52565, CVE-2023-52574, CVE-2023-52578, CVE-2023-52580, CVE-2023-52581, CVE-2023-52594, CVE-2023-52595, CVE-2023-52598, CVE-2023-52606, CVE-2023-52607, CVE-2023-52610, CVE-2023-52620, CVE-2023-6121, CVE-2023-6176, CVE-2023-6240, CVE-2023-6622, CVE-2023-6915, CVE-2023-6932, CVE-2024-0340, CVE-2024-0841, CVE-2024-23307, CVE-2024-25742, CVE-2024-25743, CVE-2024-25744, CVE-2024-26593, CVE-2024-26602, CVE-2024-26603, CVE-2024-26609, CVE-2024-26610, CVE-2024-26615, CVE-2024-26642, CVE-2024-26643, CVE-2024-26659, CVE-2024-26664, CVE-2024-26671, CVE-2024-26693, CVE-2024-26694, CVE-2024-26743, CVE-2024-26744, CVE-2024-26779, CVE-2024-26872, CVE-2024-26892, CVE-2024-26897, CVE-2024-26901, CVE-2024-26919, CVE-2024-26933, CVE-2024-26934, CVE-2024-26964, CVE-2024-26973, CVE-2024-26993, CVE-2024-27014, CVE-2024-27048,CVE-2024-27052, CVE-2024-27056, CVE-2024-27059, CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-32487, CVE-2023-4408, CVE-2023-50387, CVE-2023-50868, CVE-2023-4408, CVE-2023-50387, CVE-2023-50868, CVE-2024-3596. +------ +- **I95-48453 Reverse SSH tunnels do not check Known Hosts file:** Functionality has been added to allow for the retrieval of the ssh known hosts and authorized keys file contents on the SSR. For details on the known host functionality, see [Strict Host Key Checking](cc_fips_otp_router_install.md#enable-strict-host-key-checking). +------ +- **I95-49218 Filter OSPF routes using RIB Policy routes:** Use the `configure authority router routing rib-policy` command from either the routing default-instance (`configure authority router routing`) or inside `configure authority router routing vrf` to provide additional filtering for OSPF routes. For more information see [`configure authority router routing rib-policy`](config_command_guide.md#configure-authority-router-routing-rib-policy) and [`configure authority router routing vrf rib-policy`](config_command_guide.md#configure-authority-router-routing-vrf-rib-policy). +------ +- **I95-49712 Configuration validation error uninformative:** Resolved an issue where invalid configuration parameters were returning errors that were not specific enough to allow the user to locate the invalid configuration. Invalid configuration elements now generate messages that include relevant information for the invalid element, such as an IP address, node name, router name, interface names, etc. +------ +- **I95-52337 Uninformative error when STEP is selected for the Conductor:** The error message now clearly states that STEP is not supported on the Conductor. +------ +- **I95-54844 Default to Multi-threading for session processing:** New session processing rates are now increased by default when the system has sufficient CPU resources, by using multiple CPU threads. +------ +- **I95-55725 Highway crashes when peer-path routers are removed:** Resolved a race condition that could cause a crash in the forwarding plane (highway) if peer routers are removed from the configuration. +------ +- **I95-55965 IDP engine not starting due to invalid environmental conditions:** In cases where the IDP engine does not shut down cleanly, the IDP engine will fail to restart. These conditions are now detected and handled correctly. +------ +- **I95-55982 X722 interface MAC being set to 00:00:00:00:00:00 on SSR1300/SSR1400:** Identified an issue where the MAC address would change during a power cycle. Another power cycle can restore the MAC to its previous value. An upgrade to the X722 firmware addresses this issue. NOTE: A power cycle is required as part of the firmware flashing sequence. All power feeds must be manually disconnected and reconnected to cycle it correctly. +------ +- **I95-56013 Automatically created Conductor user accounts show as "LDAP":** Resolved an issue with user authentication where accounts were listed as `LDAP` rather than `Remote`. +------ +- **I95-56233 / I95-56546 Relay routers in AWS unresponsive, showing device errors:** Resolved an issue where ENA devices in some environments have shown command queue failures and are no longer able to retrieve device stats, or pass traffic. The device is now reinitialized when the driver watchdog issues a reset event. +------ +- **I95-56236 Quick Start config validation failures not being reported:** Made changes to the initialization process to allow quick start errors to be reported. +------ +- **I95-56345 Multiple reboots of the same node of a dual node router causes the multicast stream to stop:** Resolved an issue where multiple reboots of an HA node did not allow traffic to pass. Now in this scenario an exception is thrown, which allows the session to rebuild once the internode link comes up. +------ +- **I95-56527 Failure to validate and commit config; system incorrectly expected escape sequence:** Resolved an issue where capture-filter expected an escape sequence for input when it was not necessary. +------ +- **I95-56702 O365/Sharepoint application missing from the Applications list:** Resolved an issue where certain applications and protocols were excluded from automatic updates. +------ +- **I95-56727 Domain names that begin with numbers are not allowed to be configured:** Warnings are no longer generated for domain-name elements of service configurations which have labels beginning with a number, for example `123.abc.com`. +------ +- **I95-56822 Router stuck in a continuous upgrade/failure state:** DNS name servers changes on the conductor are not honored. In cases where the DNS configuration changed post boot, the conductor software proxy would not reload the config. In this scenario the proxied router software requests would use an out of date DNS configuration for the proxied requests, resulting in failure. +------ +- **I95-56827 NTP Auth key only permits keys of 20 or 40 characters:** Loosened restrictions on NTP server key length to allow plaintext keys. +------ +- **I95-56843 Error logs filled with irrelevant KNI network script info:** The log output has been reduced to provide related information. +------ +- **I95-56847 lte / pppoe default-route check incorrectly reporting warnings:** Resolved an issue where warnings were incorrectly shown on the conductor for interfaces without `default-route` or `management-vector` configured. +------ +- **I95-56850 Overlap warning on router not present on conductor:** Resolved a case where a service on a router is configured with `applies-to`, and the same service is configured on the conductor (overlap) but does not have `applies-to` configured, the validation process will generate a warning on the router but not the conductor. +------ +- **I95-56879 PPPoE stopped working:** Resolved an issue where the system configuration for the PPPoE interface was missing `LCP_FAILURE` and `LCP_INTERVAL` fields. These fields are now set correctly. +------ +- **I95-56905 Conserve memory footprint on the router:** If the SSR configuration does not have `application-identification mode all`, then do not load the database. This will save memory on the router. +------ +- **I95-56939 Multicast stream temporarily stopping when changing vectors:** Resolved an issue when an S,G inherited an outgoing interface inherited from a `*,G` entry, sometimes this interface would not be correctly removed from the outgoing list after being removed from the `*,G` entry. This resulted in unnecessary forwarding out this interface. The "Inherited" interface is now correctly removed from the S,G mroute entries. +------ +- **I95-56973 Child services do not inherit the service-path configurations from the parent service:** Resolved an issue where child service routes for peers were not inheriting vectors and the `enable-failover` field. +------ +- **I95-57017 Application ID failed to block some domains:** Resolved an issue where DPI failed to identify the domain-name from SNI if the `client-hello` is split up into multiple TCP packet segments. +------ +- **I95-57028 IDP core files consume disk space:** In cases where large amounts of files are stored on disk, the files will be managed/deleted based upon the folder size. +------ +- **I95-57071 Changing router context in session debug does not update correctly:** Resolved an issue where a missing dependency was not initiating a re-render of the output using the correct router name. +------ +- **I95-57082 Unable to delete a capture-filter that contains a forward slash (/):** This issue has been resolved. +------ +- **I95-57099 Race condition causing crash in highway process when peer path timers expire:** Resolved an issue with handling BFD timers in multi-threaded environments. +------ +- **I95-57110 Crash seen during add and delete peers while sending traffic:** A race condition has been fixed that could cause a crash in the forwarding plane (highway) process if a peer-path is removed from configuration. +------ +- **I95-57114 Unable to upgrade AWS Conductor:** Resolved an issue where an incorrect package version was installed, triggering a downgrade and preventing the upgrade. +------ +- **I95-57205 Race condition on startup with DHCP configured on LTE or PPPoE interface, causing system to crash:** This issue has been resolved. +------ +- **I95-57272 Multicast stream unexpectedly stops when adjacent hub is restarted:** Resolved an issue when the sending SVR peer changes for multicast, the receiving router was not updating the stored sending peer correctly. As a result, the receiving SVR router discarded the traffic due to RPF mismatch. The sending SVR peer is now updated correctly from the metadata. +------ +- **I95-57283 Unable to perform SNMP discovery:** Resolved an issue where alarms in the `SERVICE`, `BGP_NEIGHBOR`, or `MSDP_NEIGHBOR` category would cause the SNMP server to crash and fail to send messages. +------ +- **I95-57337 Updates during Application ID reload/refresh:** Updated the processes involved in application reload. +------ +- **I95-57421 Viewing BGP Neighbors in GUI returns errors:** Resolved an issue with the display of BGP neighbor information in the GUI, where the options were too broad. BGP neighbors now have a selection field for ipv4 or ipv6, as well as a `neighbor` field. +------ +- **I95-57538 WayPoint exception - failing to allocate waypoint ports on mesh peer re-establishment:** Resolved an issue where a configuration change may cause existing waypoint ports to become invalidated, creating an exhaustion scenario. +------ +- **I95-57578 Candidate configuration values not showing in GUI:** Resolved an issue that caused configuration drop-downs in the GUI for tenants and services to only display values from the running configuration, not the candidate configuration. +------ +- **I95-57580 Provide drop down list in UI for Session Record Profile:** There is now a Session Records Profile drop down list in the GUI. +------ +- **I95-57592 Password expiration not enforced on the GUI:** Resolved an issue that caused password and account expiration to not work properly when logging into the GUI. +------ +- **I95-57593 No option to require password change on first login:** Added a **Require Password Change On First Login** checkbox to the **Create User** dialog. Previously this feature was only available in the `create-user` command. +------ +- **I95-57599 Duplicate password entries causing login issues:** After an upgrade, `/etc/passwd.radius` showed multiple duplicate entries. This has been resolved by forcing a restart of an internal program during the reboot as part of an upgrade. +------ +- **I95-57607 Saving TSI as root from the conductor generates oversized file:** Added and enforcement that when calling `/usr/bin/save-tech-support-info` the `--output` argument always ends in `.zip`. +------ +- **I95-57692 SSR120/SSR130 Upgrade issues when upgrading from version 6.2.5:** Resolved an issue where if the `128T` process is running and memory usage increases during upgrade, the upgrade will fail due to running out of memory. +------ +- **I95-57712 DSCP steering issue with outbound traffic:** Resolved an issue with processing reverse pinhole packets when DSCP steering is enabled. +------ +- **I95-57853 OTP ISO does not have DHCP server enabled:** Identified and resolved a breaking change with how `logging` is configured. This prevented the DHCP server instance from starting successfully. The default configuration for the DHCP server running in the OTP ISO has been corrected, allowing the server to be started correctly. +------ +- **I95-58152 Correctly reflect 128T service start time:** The previous logic for node start time used the internal database cluster connection time, which caused unexpected behaviors, such as restarting the system up time if an HA link bounces. The new logic reports the start time of the 128T service of each node. +------ +- **I95-58273 Web UI login banner not visible in "Dark Mode":** This issue has been resolved and the login banner is now visible in dark mode. + +### Caveats + +- **I95-56628 Unable to upgrade second HA Conductor to 6.3.0:** After successfully upgrading the primary HA conductor, attempting to upgrade the second node using the GUI prompt fails. This is a known issue and is currently under investigation. Please see the Knowledgebase Article [Unable to upgrade second HA Conductor to 6.3.0](../kb/2024/08/30/I95-56628) for workaround information. +------ +- **I95-57844 Software versions not listed for download from the GUI:** In rare failure scenarios when initiating a software download via the GUI, known software versions are missing from the upgrade list but no errors are reported to the user. If such a scenario is observed, it is recommended that you initiate a second download from the PCLI. In this case any errors are better reported and can be resolved. diff --git a/docs/release_notes_128t_installer_2.7.md b/docs/release_notes_128t_installer_2.7.md index 1401d6cc3f..bac3a5b634 100644 --- a/docs/release_notes_128t_installer_2.7.md +++ b/docs/release_notes_128t_installer_2.7.md @@ -41,4 +41,4 @@ The following error is displayed: /usr/bin/nice: /usr/lib/128T-installer/install128t.par: No such file or directory Failed to upgrade 128T! ``` -The recommended course of action is to perform a manual interactive upgrade of the conductor. Please refer to [Upgrading Using the Interactive Installer](intro_upgrading.md#upgrading-using-the-interactive-installer) for that process. \ No newline at end of file +The recommended course of action is to perform a manual interactive upgrade of the conductor. Please refer to [Upgrading Using the Interactive Installer](upgrade_legacy.md#upgrading-using-the-interactive-installer) for that process. \ No newline at end of file diff --git a/docs/release_notes_128t_installer_3.0.md b/docs/release_notes_128t_installer_3.0.md index 599acfea90..93b358de92 100644 --- a/docs/release_notes_128t_installer_3.0.md +++ b/docs/release_notes_128t_installer_3.0.md @@ -23,4 +23,4 @@ The following error is displayed: /usr/bin/nice: /usr/lib/128T-installer/install128t.par: No such file or directory Failed to upgrade 128T! ``` -The recommended course of action is to perform a manual interactive upgrade of the conductor. Please refer to [Upgrading Using the Interactive Installer](intro_upgrading.md#upgrading-using-the-interactive-installer) for that process. \ No newline at end of file +The recommended course of action is to perform a manual interactive upgrade of the conductor. Please refer to [Upgrading Using the Interactive Installer](upgrade_legacy.md#upgrading-using-the-interactive-installer) for that process. \ No newline at end of file diff --git a/docs/releases.table.js b/docs/releases.table.js index 43f1a6da44..6aed0a9620 100644 --- a/docs/releases.table.js +++ b/docs/releases.table.js @@ -5,6 +5,11 @@ import React from "react"; // New entries should be placed at the top. // ---------------------------------------------------------------------------- export const releases = [ + { + version: '6.3.0', + url: 'release_notes_128t_6.3#release-630-107r1', + releaseDate: 'September 30, 2024', + }, { version: '6.2.6', url: 'release_notes_128t_6.2#release-626-15-sts', @@ -12,7 +17,7 @@ export const releases = [ }, { version: '6.1.10', - url: 'release_notes_128t_6.1#release-6110-8', + url: 'release_notes_128t_6.1#release-6110-8-lts', releaseDate: 'August 22, 2024', }, { @@ -22,7 +27,7 @@ export const releases = [ }, { version: '6.1.9', - url: 'release_notes_128t_6.1#release-619-2', + url: 'release_notes_128t_6.1#release-619-2-lts', releaseDate: 'June 27, 2024', }, { @@ -37,7 +42,7 @@ export const releases = [ }, { version: '6.1.8', - url: 'release_notes_128t_6.1#release-618-15', + url: 'release_notes_128t_6.1#release-618-15-lts', releaseDate: 'May 3, 2024', }, { @@ -52,7 +57,7 @@ export const releases = [ }, { version: '6.1.7', - url: 'release_notes_128t_6.1#release-617-3', + url: 'release_notes_128t_6.1#release-617-3-lts', releaseDate: 'February 17, 2024', }, { @@ -62,7 +67,7 @@ export const releases = [ }, { version: '6.1.6', - url: 'release_notes_128t_6.1#release-616-7', + url: 'release_notes_128t_6.1#release-616-7-lts', releaseDate: 'January 2, 2024', }, { @@ -72,7 +77,7 @@ export const releases = [ }, { version: '6.2.0', - url: 'release_notes_128t_6.2#release-620-39', + url: 'release_notes_128t_6.2#release-620-39r1', releaseDate: 'November 16, 2023', }, { @@ -87,7 +92,7 @@ export const releases = [ }, { version: '6.1.5', - url: 'release_notes_128t_6.1#release-615-14', + url: 'release_notes_128t_6.1#release-615-14-lts', releaseDate: 'September 22, 2023', }, { @@ -127,12 +132,12 @@ export const releases = [ }, { version: '6.1.3', - url: 'release_notes_128t_6.1#release-613-4', + url: 'release_notes_128t_6.1#release-613-4r1', releaseDate: 'May 22, 2023', }, { version: '6.1.2', - url: 'release_notes_128t_6.1#release-612-7', + url: 'release_notes_128t_6.1#release-612-7r1', releaseDate: 'May 12, 2023', }, { @@ -142,12 +147,12 @@ export const releases = [ }, { version: '6.1.1', - url: 'release_notes_128t_6.1#release-611-6', + url: 'release_notes_128t_6.1#release-611-6r1', releaseDate: 'April 28, 2023', }, { version: '6.1.0', - url: 'release_notes_128t_6.1#release-610-55', + url: 'release_notes_128t_6.1#release-610-55r1', releaseDate: 'April 14, 2023', }, { diff --git a/docs/ts_nat_troubleshooting.md b/docs/ts_nat_troubleshooting.md new file mode 100644 index 0000000000..5ddfd8a693 --- /dev/null +++ b/docs/ts_nat_troubleshooting.md @@ -0,0 +1,142 @@ +--- +title: NAT Troubleshooting +sidebar_label: NAT Troubleshooting +--- + +Use [`show network-interface source-nat-rules`](cli_reference.md#show-network-interface-source-nat-rules) to display source NAT rules under a given network interface. A network-interface name is required and can be issued from a conductor with targeted router and node. The rules are organized in the following columns. + +#### Direction +- Ingress + - network-interface -> dynamic-source-nat + - network-interface -> bidirectional-nat + - network-interface -> ingress-source-nat-pool + +- Egress + - network-interface -> source-nat + - network-interface -> egress-source-nat-pool + +#### Type: + +- Dynamic + - network-interface -> dynamic-source-nat + - network-interface -> source-nat + +- Bidirectional + - network-interface -> bidirectional-nat + +- Shared + - network-interface -> ingress-source-nat-pool + - network-interface -> egress-source-nat-pool + +- From: The original source ip prefix. +- To: The NAT’d source ip prefix. +- Protocol: TCP, UDP, or ICMP. + +#### Dynamic Rules + +For dynamic rules, the following columns are populated using information from the underlying port allocator: + +- Key: Port allocator key in the form of `2/1//`. +- State: Port allocator state, ready, standby, or recovery. +- Total Ports: Total ports configured. +- Ports In Db: Ports left in redis. +- Ports In Mem: Ports available in memory. +- Ports Released: Ports released in memory but not put back in redis. +- Ports In Use: Ports used by active sessions. + + + +#### Summary View - Conductor + +``` +admin@conductor.RTR_EAST_CONDUCTOR# show network-interface source-nat-rules router RTR_EAST_COMBO node combo-east-1 name ingress-intf summary +Thu 2024-02-08 18:53:13 UTC +✔ Retrieving source NAT rules... + +=========== =============== ================= ================== + Direction Type From To +=========== =============== ================= ================== + ingress dynamic 172.16.1.0/24 192.168.5.120/32 + ingress dynamic 172.16.1.202/31 192.168.6.202/32 + ingress dynamic 172.16.1.204/31 192.168.7.204/32 + ingress dynamic 172.16.1.206/31 192.168.8.206/32 + ingress bidirectional 172.16.1.204/30 192.168.9.200/30 + +Completed in 0.04 seconds + +``` + +#### Detail View - Conductor + +``` +admin@conductor.RTR_EAST_CONDUCTOR# show network-interface source-nat-rules router RTR_EAST_COMBO node combo-east-1 name ingress-intf detail +Thu 2024-02-08 18:54:43 UTC +✔ Retrieving source NAT rules... + +=========== =============== ================= ================== ========== ======================== ========= ============= ============= ============== ================ ============== + Direction Type From To Protocol Key State Total Ports Ports In Db Ports In Mem Ports Released Ports In Use +=========== =============== ================= ================== ========== ======================== ========= ============= ============= ============== ================ ============== + ingress dynamic 172.16.1.0/24 192.168.5.120/32 tcp 2/1/1/192.168.5.120/6 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.0/24 192.168.5.120/32 udp 2/1/1/192.168.5.120/17 Standby 49151 48151 999 0 1 + ingress dynamic 172.16.1.0/24 192.168.5.120/32 icmp 2/1/1/192.168.5.120/1 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.202/31 192.168.6.202/32 tcp 2/1/1/192.168.6.202/6 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.202/31 192.168.6.202/32 udp 2/1/1/192.168.6.202/17 Standby 49151 48151 998 0 2 + ingress dynamic 172.16.1.202/31 192.168.6.202/32 icmp 2/1/1/192.168.6.202/1 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.204/31 192.168.7.204/32 tcp 2/1/1/192.168.7.204/6 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.204/31 192.168.7.204/32 udp 2/1/1/192.168.7.204/17 Standby 49151 48151 998 0 2 + ingress dynamic 172.16.1.204/31 192.168.7.204/32 icmp 2/1/1/192.168.7.204/1 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.206/31 192.168.8.206/32 tcp 2/1/1/192.168.8.206/6 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.206/31 192.168.8.206/32 udp 2/1/1/192.168.8.206/17 Standby 49151 48151 999 0 1 + ingress dynamic 172.16.1.206/31 192.168.8.206/32 icmp 2/1/1/192.168.8.206/1 Standby 49151 48151 1000 0 0 + ingress bidirectional 172.16.1.204/30 192.168.9.200/30 n/a n/a n/a n/a n/a n/a n/a n/a + +Completed in 0.04 seconds + +``` + +#### Summary View - Router + +``` +admin@combo-east-1.RTR_EAST_COMBO# show network-interface source-nat-rules name ingress-intf +Thu 2024-02-08 18:53:24 UTC +✔ Retrieving source NAT rules... + +=========== =============== ================= ================== + Direction Type From To +=========== =============== ================= ================== + ingress dynamic 172.16.1.0/24 192.168.5.120/32 + ingress dynamic 172.16.1.202/31 192.168.6.202/32 + ingress dynamic 172.16.1.204/31 192.168.7.204/32 + ingress dynamic 172.16.1.206/31 192.168.8.206/32 + ingress bidirectional 172.16.1.204/30 192.168.9.200/30 + +Completed in 0.06 seconds + +``` + +#### Detail View - Router + +``` +admin@combo-east-1.RTR_EAST_COMBO# show network-interface source-nat-rules name ingress-intf detail +Thu 2024-02-08 18:54:48 UTC +✔ Retrieving source NAT rules... + +=========== =============== ================= ================== ========== ======================== ========= ============= ============= ============== ================ ============== + Direction Type From To Protocol Key State Total Ports Ports In Db Ports In Mem Ports Released Ports In Use +=========== =============== ================= ================== ========== ======================== ========= ============= ============= ============== ================ ============== + ingress dynamic 172.16.1.0/24 192.168.5.120/32 tcp 2/1/1/192.168.5.120/6 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.0/24 192.168.5.120/32 udp 2/1/1/192.168.5.120/17 Standby 49151 48151 999 0 1 + ingress dynamic 172.16.1.0/24 192.168.5.120/32 icmp 2/1/1/192.168.5.120/1 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.202/31 192.168.6.202/32 tcp 2/1/1/192.168.6.202/6 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.202/31 192.168.6.202/32 udp 2/1/1/192.168.6.202/17 Standby 49151 48151 998 0 2 + ingress dynamic 172.16.1.202/31 192.168.6.202/32 icmp 2/1/1/192.168.6.202/1 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.204/31 192.168.7.204/32 tcp 2/1/1/192.168.7.204/6 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.204/31 192.168.7.204/32 udp 2/1/1/192.168.7.204/17 Standby 49151 48151 998 0 2 + ingress dynamic 172.16.1.204/31 192.168.7.204/32 icmp 2/1/1/192.168.7.204/1 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.206/31 192.168.8.206/32 tcp 2/1/1/192.168.8.206/6 Standby 49151 48151 1000 0 0 + ingress dynamic 172.16.1.206/31 192.168.8.206/32 udp 2/1/1/192.168.8.206/17 Standby 49151 48151 999 0 1 + ingress dynamic 172.16.1.206/31 192.168.8.206/32 icmp 2/1/1/192.168.8.206/1 Standby 49151 48151 1000 0 0 + ingress bidirectional 172.16.1.204/30 192.168.9.200/30 n/a n/a n/a n/a n/a n/a n/a n/a + +Completed in 0.05 seconds +``` \ No newline at end of file diff --git a/docs/upgrade_ibu_conductor.md b/docs/upgrade_ibu_conductor.md new file mode 100644 index 0000000000..2f1153d022 --- /dev/null +++ b/docs/upgrade_ibu_conductor.md @@ -0,0 +1,105 @@ +--- +title: Upgrading the Conductor +sidebar_label: Upgrading the Conductor +--- + +SSR software version 6.3.0 and newer allows a Conductor to manage routers running image-based software, manage routers running older, package-based software, and initiate image-based upgrades to those routers. + +Image-based installations provide many benefits over the earlier RPM package-based installation/upgrade process, including upgrade speed, stability, efficiency, and ease of use. This section describes the process for upgrading a Conductor, allowing it to manage both package-based and image-based routers. + +:::note +Before upgrading a conductor, it is recommended to [export the running configuration](config_basics.md#importexport). + +For systems with both primary and secondary conductors, it is a best practice to upgrade only one conductor at a time. +::: + +## Upgrade using the GUI + +Use the following procedures to upgrade a Conductor from the GUI. + +1. Select **Conductor** under Authority. +2. In the **Node: Conductor** panel, select the **Manage SSR Software** icon (the arrow within a circle). This icon displays green when upgrades are available. +3. In the **Upgrade SSR** window, use the drop down to select the SSR version for the upgrade. +4. Click **Proceed**. + +The Upgrade screen displays the Raw Log with the upgrade progress. Once the upgrade is complete, the Conductor is restarted and the GUI is refreshed. + +## Upgrading Using the CLI + +Use the `request system software upgrade` command and the associated arguments to perform upgrades. All of the upgrade features are available from the command line as well as the GUI. + +``` +admin@conductor-node-1.Conductor# request system software upgrade +usage: upgrade [{router | resource-group }] [simultaneous] [skip-package-transfer] [skip-pre-check] + [skip-health-check] [cohort-id ] [force] [node ] version +keyword arguments: +cohort-id Assign a cohort ID to the operation. +force Skip confirmation prompt. +node The name of the node +resource-group The name of the resource group +router The router on which to upgrade SSR software (default: Conductor) +simultaneous Upgrade both nodes in an HA router at the same time to maximize speed but interrupt service. Only valid when targeting a router. +skip-health-check Skip the post upgrade health check, which reverts to the previous version upon failure. +skip-package-transfer Don't transfer any packages installed on top of the current SSR ISO to the new SSR ISO. Only valid for + image based systems. +skip-pre-check Skip the pre upgrade health check, which prevents the upgrade from starting upon failure. +version The targeted upgrade version. + +see also: +request system software downgrade Downgrade to a new version of the SSR. +request system software download Download a new version of the SSR. +request system software health-check Perform a health check of an SSR. +request system software revert Revert to a previous version of the SSR. +*admin@conductor-node-1.Conductor# request system software upgrade +``` + +#### Image-based and Package-based Installation Status + +The image-based and package-based status is visible under **Install Type** in the PCLI using `show assets`. + +**Image Based** + +``` +admin@t106-dut1.Conductor# show assets +Mon 2024-09-09 18:14:18 UTC +Retrieving assets... + +=========== =========== ===================== ================== ============== ================ ================ ======== + Router Node Asset Id SSR Version Install Type Status Time in Status Errors +=========== =========== ===================== ================== ============== ================ ================ ======== + Conductor t106-dut1 t106-dut1.novalocal 6.3.0-107.r1.el7 Image Synchronized 34m 44s 0 + t106-dut2 t106-dut2.novalocal 6.3.0-107.r1.el7 Image Synchronized 21m 19s 0 +``` + +**Package Based** + +``` +admin@conductor-east-1.RTR_EAST_CONDUCTOR# show assets +Mon 2024-09-09 18:15:20 UTC +✔ Retrieving assets... + +==================== ================== ===================== ====================== ============== ============== ================ ======== + Router Node Asset Id SSR Version Install Type Status Time in Status Errors +==================== ================== ===================== ====================== ============== ============== ================ ======== + RTR_EAST_COMBO combo-east-1 t212-dut3.novalocal 6.3.0-107.r1.el7 Package Synchronized 3d 23h 18m 58s 0 + combo-east-2 t212-dut4.novalocal 6.3.0-107.r1.el7 Package Synchronized 4d 2h 40m 27s 0 + RTR_EAST_CONDUCTOR conductor-east-1 t212-dut1.novalocal 6.3.0-107.r1.el7 Package Synchronized 4d 2h 42m 57s 0 + conductor-east-2 t212-dut2.novalocal 6.3.0-107.r1.el7 Package Synchronized 4d 2h 43m 14s 0 + +Completed in 0.04 seconds +``` + +## High Availability Upgrades + +In a high availability configuration, the default behavior is to perform a sequenced self-upgrade from the CLI. Executing the `request system software upgrade router ` from an HA conductor launches a sequenced self upgrade, one node at a time. In a situation where you prefer to upgrade each node manually, you can target each node directly using `request system software upgrade router node `. When the upgrade is complete on the first node, you may run the command on the second node. + +#### Other HA Considerations + +* If an HA pair is discovered to have a mismatched software state (image-based and package-based) an Alarm is reported. The software state must be the same for both nodes. +* Failure of a router to complete the conversion generates a user visible event and records the reasons for the failure on the conductor. +* Router conversion success generates an event recording the transition on the router. +* The image-based and package-based status is visible in the PCLI using `show assets`. + +#### Plugin Support + +The conversion/upgrade process preserves the currently installed plugin packages. In cases where the plugin has version dependencies, the plugin is upgraded. diff --git a/docs/upgrade_legacy.md b/docs/upgrade_legacy.md new file mode 100644 index 0000000000..3eb33b4bbc --- /dev/null +++ b/docs/upgrade_legacy.md @@ -0,0 +1,154 @@ +--- +title: Legacy Upgrades +sidebar_label: Legacy Upgrades +--- + +This guide focuses on legacy software upgrades - those prior to version 6.3.0. + +:::note +Please refer to the [Upgrade Considerations](intro_upgrade_considerations.md) before proceeding. +::: + +The SSR conductor or router must have internet access to download the latest software packages; however, we recognize that there are deployments where the SSR does not have internet access. In those cases you can use the SSR conductor as a repository (or proxy) to retrieve or store software images. For information about upgrading offline or air-gap network devices, refer to [Upgrades with Restricted Internet Access](upgrade_restricted_access.md). + +As with any upgrade activity, it is always prudent to create a backup of your current software configuration before initiating any upgrade activity. + +With software versions prior to 6.3.0, there are three standard ways of upgrading routers: + +- Using the conductor's [Web Interface](#using-the-web-interface) to initiate the upgrade +- Using the conductor's [PCLI](#using-the-pcli) to initiate the upgrade +- Using the [Interactive Installer](#upgrading-using-the-interactive-installer) from the Linux shell + +:::note +The router upgrade process using the PCLI and the GUI is done in two stages: First, the software is downloaded, then it is installed. Use the `install128t` application steps through both of these processes. +::: + +Prerequisites for upgrades now include configuring a user with super user (sudo) privileges. **SSH Root login is not permitted.** If the existing version allows SSH Root login, it will be disabled during the upgrade. When a system is installed using the OTP ISO, a **t128** user is configured with `sudo` privileges. + +### Version Dependencies + +The conductor `major.minor` version must be greater than or equal to the router version. The router version can not exceed the conductors `major.minor` version, but it can have a greater patch version. All [versions currently under support](about_support_policy.md) can be run on a router and managed by the conductor, provided that the conductor version is greater. Versions of software not under support *may* work, but are not guaranteed to do so. + +Examples: +- Conductor running version 6.0.5, managing Routers running version 6.0.1: Supported. +- Conductor running version 5.4.8, managing Routers running version 5.4.10: Supported. +- Conductor running version 6.0.5, managing Routers running version 5.5.7: Supported. +- Conductor running version 5.6.8, managing Routers running version 6.1.3; Not supported. + +## Upgrading Software Versions Prior to 6.3.0 + +Use the following procedure to upgrade your software versions earlier than 6.3.0. + +### Using the Web Interface + +1. Navigate to the Router page in the Conductor's GUI. Routers that have available upgrades are indicated with the green **Upgrade SSR** icon (the arrow within a circle) in the router list. +2. Click on the **Upgrade SSR** icon next to your router. A list of upgrade and download options appears. This list is filterable if the list grows large. +3. Click on the target release in the Available Downloads section of the list. +4. Confirm the operation to begin downloading the software. Clicking on the router in the router list shows download progress. +5. Once complete, click the **Upgrade SSR** icon again, and select the target software release from the Available Upgrades list. Confirm this operation to begin the upgrade process. + +The Automated Provisioner upgrades both nodes in a high availability router in series to minimize/avoid downtime. Despite this, it is still recommended to perform upgrade activity during periods of low traffic or maintenance windows. + +### Using the PCLI + +Before upgrading the SSR Software from the PCLI, use the following procedure to stop the the software. + +1. Launch a Linux shell window. +2. Execute the command: + + `sudo systemctl stop 128T` + +3. Verify that the software has stopped by executing the command: + + `sudo systemctl status 128T` + + Result: The software is listed as inactive (dead). + +4. Stop the salt-minion. + + `sudo systemctl stop salt-minion` + +5. Close the Linux shell. + +Use the steps below to download and upgrade SSR software if you are running earlier software versions. + +#### Log into the PCLI + +As an administrator-level user, log into the conductor's PCLI. + +1. Use the command `show assets` to list the devices managed by this conductor, and the software revision each asset is currently running. + +2. For a given asset, use the command `show asset [asset ID]` or `show asset software router [router name]` to view the available software upgrades for that asset. The list will be in the section labeled "Available for Download" at the end of the output. + :::note + If there are software releases absent from the list that you are confident should appear, use the command `send command yum-cache-refresh router [router name]` to refresh the software list. + ::: + +3. Type `send command download router [your router name] [software version]`. You can monitor the progress by using the `show asset` and/or `show asset [asset ID]` command, which will indicate Automated Provisioner status (e.g., *downloading*). + +4. Once the download is complete, use the command `send command upgrade router [your router name]` to initiate the upgrade process. + +The conductor's _automated provisioner_ will upgrade both nodes in a high availability router in series to minimize/avoid downtime. Despite this, it is still recommended to perform upgrade activity during periods of low traffic or maintenance windows. + +### Upgrading Using the Interactive Installer + +The Interactive Installer can be used to upgrade a conductor or a router for versions of SSR software prior to 6.3.0, and are performed from a linux shell. + +1. Launch a Linux command prompt window on the node you wish to upgrade. + + :::note + If you are running an older version of the Installer (prior to version 2.7.0), it is strongly recommended that you first upgrade to the latest version of the Installer. If the upgrade is not possible, and you are running an Installer version prior to 2.7.0, use the Screen utility when performing an upgrade in interactive mode to avoid SSH session timeout. Installer versions 2.7.0 and above do not need to use the Screen utility. + + To upgrade the installer, run `dnf update 128T-installer` from the linux prompt. + ::: + +2. Create a screen and attach to it. + ``` + screen -d -m -s + screen -x + ``` +3. Shut down the salt-minion on the target node using the following command: + + ``` + sudo systemctl stop salt-minion + ``` +4. Enter the command to launch the interactive installer wizard. + + ``` + sudo install128t + ``` + + **Result**: The SSR splash screen appears. + :::note + The `install128t` application checks for an available update. If a newer version is detected, it requests that you update. + ::: + +5. Press the **enter** key to select **Begin** and start the installation wizard. + + :::note + Use the spacebar to move between entries in the installer windows. + ::: + +6. When prompted, select **Upgrade**. + + ![Conductor Upgrade](/img/conductor_upgrade1.png) + + **Result**: The application queries the SSR software repository for the latest software. + +7. Select the desired software version from the list of available options. + + ![Version Selection dialog](/img/conductor_upgrade2_version.png) + +8. Confirm the upgrade to begin the upgrade process. + + ![Confirm Upgrade](/img/conductor_upgrade3_confirm.png) + +9. Once the upgrade is complete, press the **enter** key to select **Yes** to start your software. + :::note + Your output may vary based upon the nature of the upgrade, occasion, various packages, and dependencies that SSR requires as part of the SSR Routing Software upgrade. + ::: + +9. Detach from the Screen utility (if applicable). + ``` + ctrl+a + d + ``` diff --git a/docs/upgrade_restricted_access.md b/docs/upgrade_restricted_access.md new file mode 100644 index 0000000000..465def75b3 --- /dev/null +++ b/docs/upgrade_restricted_access.md @@ -0,0 +1,113 @@ +--- +title: Upgrades with Restricted Internet Access +sidebar_label: Upgrades with Restricted Internet Access +--- + +The standard upgrade workflow is for individual instances of SSR software to download upgrades directly from mirror servers hosted and managed by Juniper on the public internet. However, we recognize that there are deployments where the SSR does not have internet access. In this case, you can configure the routers to retrieve software from a conductor. + +There are four configurable software access modes on a router: + +- `conductor-only`: The router retrieves software versions only from the conductor. +- `prefer-conductor`: The router will retrieve software versions from the conductor, and fall back to using the internet. +- `internet-only` (default): The router will use Juniper's publicly hosted repositories for retrieving software images. +- `offline-mode`: This mode is used for conductors and routers that do not have internet access - "air-gap" networks. + +In the `router > system > software-update > repository` configuration, use the `source-type` setting to define the software update repository to one of the first three values; `conductor-only`, `prefer-conductor`, or `internet-only`. + +With each of these settings, the conductor(s) require internet access, and the routers must be able to resolve internet hosted repositories. Because the access mode is configured on the router, your collection of routers can each use different preferences. For example, a router on the internet can use a Juniper repository, but another router managed by the same conductor sitting in an isolated environment can use the conductor. + +## Offline Mode + +In networks that do not have internet access, routers can be configured to override the `source-type` setting and retrieve software directly from the conductor. In the GUI, set `router > system > software-update > repository > offline-mode` to `true`. + +**From the PCLI:** +``` +config + authority + router + system + software-update + repository + offline-mode true + exit + exit + exit + exit + exit +exit +``` +## Air-Gap Network Upgrade Process + +The following process is used to upgrade a Conductor and Conductor-managed Routers to version 6.3.0 of the SSR software. + +1. On a system that has internet access, use the [ISO Download procedure](intro_downloading_iso.md#downloading-an-iso) to download the `128T-6.3.0-xx.r1.el7` and the `SSR-6.3.0-xx.r1.el7.x86_64.ibu-v1.iso` software packages. +2. [Create a bootable USB](intro_creating_bootable_usb.md) drive from the SSR ISO. +2. Import the `128T-6.3.0-xx.r1.el7` package onto the conductor using the [`import iso`](cli_reference.md#import-iso) command. +3. Upgrade the conductor using the [Conductor Upgrade procedure](upgrade_ibu_conductor.md). +4. Import the `SSR-6.3.0-xx.r1.el7.x86_64.ibu-v1.iso` package onto the conductor. The conductor will act as the software repository for the subsequent router upgrades. You do **not** install this package onto the conductor, only import it. +5. Upgrade individual routers using the [Router Upgrade](upgrade_router.md) procedure. + +### Import ISO + +The [`import iso`](cli_reference.md#import-iso) command is used to import the SSR ISO onto a local repository, allowing the SSR to be upgraded without connecting to Juniper servers. When upgrading a conductor or when `offline-mode` is defined for a router, the ISO must be imported to the target conductor to perform the upgrade. + +Use the `filepath` argument to specify the exact location of the ISO. `hunt` will search for files that match the patterns `128T*.iso`, `SSR*.iso`, or `SSR*.tar`, and the corresponding checksum and signature files. These checksum and signature files are essential for security verification and are included as part of the `import iso` operation. To install the 6.3.0 software, the following file must be downloaded to the USB and imported onto the conductor: + +- `SSR-6.3.0-xx.r1.el7.x86_64.ibu-v1.iso` + +After the local software repository has been updated with the ISO, the upgrade can proceed. + +If you are installing older images on the routers (versions 6.2.5 or older) you may need to include the checksum and signature files with the ISO when you download and import the software to the conductor. + +- `SSR-6.2.5-xx.r1.el7.x86_64.ibu-v1.iso` +- `SSR-6.2.5-xx.r1.el7.x86_64.ibu-v1.tar.sha256sum` +- `SSR-6.2.5-xx.r1.el7.x86_64.ibu-v1.tar.sha256sum.asc` + +:::note +In an HA setup, when using offline-mode for routers to access the software from the conductors, the ISO must be imported to both conductors before performing the upgrade. +::: + +### Selecting the Boot Volume + +In instances where you are downloading and storing an SSR version for *router* upgrades, you can identify the boot volume (the disk volume where the image-based software is stored) from which the router will boot. + +To view the current boot volume, use the `show system version` command: + +``` +admin@conductor-node-1.Conductor# show system version router RTR_WEST_COMBO node combo-west-1 detail +Thu 2024-05-02 14:03:28 UTC +Retrieving system version... + +================================================================= + Node: combo-west-1.RTR_WEST_COMBO +================================================================= + Version: 6.3.0 + Status: r1 + Build Date: 2024-05-01T21:25:38Z + Build Machine: releaseslave3.openstacklocal + Build User: jenkins + Build Directory: /i95code + Hash: 1d892d709c45409369048d129840b02e435b4e21 + Package: 128T-6.3.0-107.r1.el7 + SSR-IMG-release: SSR-6.3.0-107.r1.el7.x86_64.ibu-v1 + ---> Volume ID: b <--- + ---> Selected Boot Volume: b <--- + Idle Volume: + Version: 5.4.11 + Status: unavailable + Build Date: 2022-12-21T03:10:13Z + Build Machine: releaseslave4.openstacklocal + Build User: + Build Directory: + Hash: + Package: 128T-5.4.11-4.el7 + Volume ID: a + +Completed in 5.53 seconds +admin@conductor-node-1.Conductor# + +``` + +Change the `Selected Boot Volume` using the command `set system software router node boot-volume {a|b}`. + +Use the reboot command to boot into the specifed volume: `send command reboot router node `. diff --git a/docs/upgrade_router.md b/docs/upgrade_router.md new file mode 100644 index 0000000000..ae67eb6cb7 --- /dev/null +++ b/docs/upgrade_router.md @@ -0,0 +1,46 @@ +--- +title: Upgrading a Router +sidebar_label: Upgrading a Router +--- +Use the following procedures to upgrade a Router. + +:::note +The Router software version cannot be higher than the software version installed on the Conductor. +::: + +### Upgrade using the Conductor's GUI + +1. Navigate to the Routers page. +2. At the top of the page, select Software Lifecycle. +3. To being the upgrade process, select Initiate Upgrade. +4. Select Download and a version from the dropdown. +5. Select the router or routers where the software will be downloaded from the router list. +6. Click start. +7. When the download process completes, return to the Software Lifecycle panel and select upgrade, the version, the router, and finally the Start button. +The upgrade will run to completion with no interaction necessary. + +#### Lifecycle History + +To view the install history for your routers, selecting Lifecycle History displays all versions downloaded and installed, and the operation status. + +### Upgrade using the Conductor PCLI + +For routers managed by an SSR Conductor, a self-upgrade, or manual upgrade, can be initiated from the SSR conductor's PCLI. This upgrade process is completed in two stages: *download* followed by *upgrade*. There are command changes asociated with software version 6.3.0 and those chages are indicated below. For earlier versions of SSR software, please refer to the [Legacy Upgrades](upgrade_legacy.md) section. + +As an administrator-level user, log into the conductor's PCLI. + +1. Use the command `show assets` to list the devices managed by this conductor, and the software revision each asset is currently running. + +2. For a given asset, use the command `show system software available router node ` to show the versions available for download, or `show system software available router ` to see versions available for both nodes simultaneously. + +3. Type `request system software download router node version `. You can monitor the progress by using `show system software download router node ` which indicates status (e.g., in progress download, completed download, and failed download). + To download software to both nodes in an HA router at the same time, type `request system software download router version `, and use `show system software download router ` to monitor progress on both nodes. + +4. Once the download is complete, use the command `request system software upgrade router node version ` to initiate the upgrade process. View upgrade progress using `show system software upgrade router node ` + +In a high availability deployment, the conductor upgrades each router node sequentially to minimize/avoid downtime. For manual upgrades, intiating an upgrade on one HA node or router will automatically upgrade the second node/router. + +If you perform an upgrade from the CLI using the `request system software upgrade router ` from an HA conductor, it launches a sequenced self upgrade, one node at a time. In a situation where you prefer to upgrade each node manually, you can target each node directly using `request system software upgrade router node `. Use `show system software upgrade` to view the status of an in progress upgrade. When the upgrade is complete on the first node, you may run the command on the second node. + +However, it is still recommended to perform upgrade activity during periods of low traffic or maintenance windows. + diff --git a/kb/2024-04-24-I95-55904.md b/kb/2024-04-24-I95-55904.md index c62c66abf5..40a7b25fcd 100644 --- a/kb/2024-04-24-I95-55904.md +++ b/kb/2024-04-24-I95-55904.md @@ -33,7 +33,7 @@ Critical Closed ### Resolved In -[6.1.8](/docs/release_notes_128t_6.1#release-618-15) +[6.1.8](/docs/release_notes_128t_6.1#release-618-15-lts) ### Product SSR diff --git a/kb/2024-04-25-I95-54541.md b/kb/2024-04-25-I95-54541.md index 8d47f23f63..4976aaab28 100644 --- a/kb/2024-04-25-I95-54541.md +++ b/kb/2024-04-25-I95-54541.md @@ -35,7 +35,7 @@ Major Closed ### Resolved In -[6.1.8](/docs/release_notes_128t_6.1#release-618-15), +[6.1.8](/docs/release_notes_128t_6.1#release-618-15-lts), [6.2.4](/docs/release_notes_128t_6.2#release-624-14r2) ### Product diff --git a/kb/2024-08-30-I95-56628.md b/kb/2024-08-30-I95-56628.md new file mode 100644 index 0000000000..be3514ccef --- /dev/null +++ b/kb/2024-08-30-I95-56628.md @@ -0,0 +1,49 @@ +--- +title: Unable to upgrade second HA Conductor to 6.3.0 +date: 2024-8-30 +tags: ['6.3'] +hide_table_of_contents: false +--- + +Upgrading an HA Conductor to 6.3.0 fails on the second node. + + + +**Issue ID:** I95-56628 +**Last Updated:** 2024-05-02 +**Introduced in SSR Version:** 6.3.0 + +### Problem + +During an HA Conductor upgrade, the primary node upgrade completes successfully. The GUI then presents an option to continue with the secondary node upgrade. Initiating the secondary node from the GUI displays an error explaining that the resource could not be found. + +This issue has not been resolved and is currently under investigation. Please use the suggested workaround below. + +### Release Notes + + +### Severity +
+The potential impact of a software defect if encountered. Severity levels are: +* Critical: Could severely affect service, capacity/traffic, and maintenance capabilities. May have a prolonged impact to the entire system. +* Major: Could seriously affect system operation, maintenance, administration and related tasks. +* Minor: Would not significantly impair the functioning or affect service. +
+Major + +### Status +Open + +### Resolved In + +### Product +SSR + +### Functional Area +Installation + +### Workaround +
+Juniper may provide a method to temporarily circumvent a problem; workarounds do not exist for all issues. +
+Log in to the secondary node independently and initiate the upgrade to 6.3.0. The upgrade will complete successfully. Once both nodes have been upgraded, subsequent upgrades can use the normal workflow, where either node can be upgraded from the other. \ No newline at end of file diff --git a/sidebars.js b/sidebars.js index 7343893dd1..abe310af22 100644 --- a/sidebars.js +++ b/sidebars.js @@ -38,31 +38,25 @@ module.exports = { "cc_fips_software_upgrades", "cc_fips_appendix", ], - "Installation Process": [ + "Upgrading the SSR": [ + "intro_upgrade_considerations", + "intro_upgrading", + "upgrade_ibu_conductor", + "upgrade_router", + "upgrade_restricted_access", + "upgrade_legacy", + "intro_rollback", + ], + "Pre-Installation Process": [ "intro_installation", "intro_downloading_iso", "intro_creating_bootable_usb", ], - "Conductor Installation": [ - "install_conductor_overview", - "bcp_conductor_deployment", - "single_conductor_install", - "ha_conductor_install", - "single_conductor_config", - "conductor_upgrade", - "howto_conductor_migration", - ], - "Router Installation": [ - "intro_installation_bootable_media", - "intro_basic_router_config", - "intro_otp_iso_install", - "intro_install_quickstart_otpiso", - "onboard_ssr_to_conductor", - "onboard_ssr_device_otp", - "howto_router_migration", - ], - "Image-Based Installation": [ - "intro_installation_image", + "SSR Universal ISO Installation": [ + "intro_installation_univ-iso", + "install_univ_iso", + "initialize_u-iso_device", + "initialize_u-iso_adv_workflow", ], "Cloud Installations": [ "supported_cloud_platforms", @@ -87,16 +81,51 @@ module.exports = { ], }, ], - "Upgrades and Rollback": [ - "intro_upgrade_considerations", - "intro_upgrading", - "intro_rollback", - ], - "Supporting Install Information - Appendix": [ - "intro_installation_installer", - "install_qcow2_deployment", - "legacy_OTP_install", - ], + "Legacy Install Information": [ + "intro_installation_legacy", + { + "type": "category", + "label": "Conductor Installation", + "items": [ + "install_conductor_overview", + "bcp_conductor_deployment", + "single_conductor_install", + "ha_conductor_install", + "single_conductor_config", + "conductor_upgrade", + "howto_conductor_migration", + ], + }, + { + "type": "category", + "label": "Router Installation", + "items": [ + "intro_installation_bootable_media", + "intro_basic_router_config", + "intro_otp_iso_install", + "intro_install_quickstart_otpiso", + "onboard_ssr_to_conductor", + "onboard_ssr_device_otp", + "howto_router_migration", + ], + }, + { + "type": "category", + "label": "Image-Based Installation", + "items": [ + "intro_installation_image", + ], + }, + { + "type": "category", + "label": "Appendix", + "items": [ + "intro_installation_installer", + "install_qcow2_deployment", + "legacy_OTP_install", + ], + }, + ], "Concepts": [ "concepts_application_discovery", "concepts_EthOverSVR", @@ -182,7 +211,6 @@ module.exports = { "config_flow_perf_mon", "config_gre_tunnel", "config_in-memory_metrics", - "config_nat", "config_rate_limiting", "config_RBAC", "config_service_health", @@ -218,6 +246,17 @@ module.exports = { "config_dhcp", ], }, + { + "type": "category", + "label": "Network Address Translation (NAT)", + "items": [ + "config_source-dest_nat", + "config_static_nat", + "config_dnat", + "config_nat_pools", + "ts_nat_troubleshooting", + ], + }, { "type": "category", "label": "High Availability", @@ -230,6 +269,16 @@ module.exports = { "config_transition_standalone_to_ha", ], }, + { + "type": "category", + "label": "Traffic Engineering", + "items": [ + "concepts_traf_eng", + "bcp_per-adjacency_traffic_engineering", + "config_te_net_intf", + "config_dev_intf_traf_eng", + ] + }, { "type": "category", "label": "Access Management and Authentication", @@ -237,6 +286,7 @@ module.exports = { "config_access_mgmt", "config_ldap", "config_radius", + "config_radsec", "config_password_policies", "howto_reset_user_password", ], @@ -277,7 +327,6 @@ module.exports = { "config_bfd_tunnel", "howto_config_PPPoE", "howto_pppoe_vlan", - "howto_maintenance_mode", "howto_ms365", "howto_trusted_ca_certificate", ], @@ -307,6 +356,8 @@ module.exports = { "events_overview", "events_alarms", "events_events", + "config_alarm_suppression", + "howto_maintenance_mode", ], "Best Practices": [ "bcp_sdwan_design_guide", @@ -360,6 +411,7 @@ module.exports = { "type": "category", "label": "SSR", "items": [ + "release_notes_128t_6.3", "release_notes_128t_6.2", "release_notes_128t_6.1", "release_notes_128t_6.0", diff --git a/static/img/alarm_suppression_gui1.png b/static/img/alarm_suppression_gui1.png new file mode 100644 index 0000000000..683e3673d4 Binary files /dev/null and b/static/img/alarm_suppression_gui1.png differ diff --git a/static/img/alarm_suppression_gui2.png b/static/img/alarm_suppression_gui2.png new file mode 100644 index 0000000000..3b95312f88 Binary files /dev/null and b/static/img/alarm_suppression_gui2.png differ diff --git a/static/img/alarm_suppression_gui3.png b/static/img/alarm_suppression_gui3.png new file mode 100644 index 0000000000..b477819d6e Binary files /dev/null and b/static/img/alarm_suppression_gui3.png differ diff --git a/static/img/alarm_suppression_gui3a.png b/static/img/alarm_suppression_gui3a.png new file mode 100644 index 0000000000..8c1bb7f578 Binary files /dev/null and b/static/img/alarm_suppression_gui3a.png differ diff --git a/static/img/alarm_suppression_gui4.png b/static/img/alarm_suppression_gui4.png new file mode 100644 index 0000000000..20183cd88e Binary files /dev/null and b/static/img/alarm_suppression_gui4.png differ diff --git a/static/img/alarm_suppression_gui5.png b/static/img/alarm_suppression_gui5.png new file mode 100644 index 0000000000..2172f3e264 Binary files /dev/null and b/static/img/alarm_suppression_gui5.png differ diff --git a/static/img/alarm_suppression_gui6.png b/static/img/alarm_suppression_gui6.png new file mode 100644 index 0000000000..d40b8864d0 Binary files /dev/null and b/static/img/alarm_suppression_gui6.png differ diff --git a/static/img/config_dev_interface_te.png b/static/img/config_dev_interface_te.png new file mode 100644 index 0000000000..63e15b51c1 Binary files /dev/null and b/static/img/config_dev_interface_te.png differ diff --git a/static/img/config_interface_te.png b/static/img/config_interface_te.png new file mode 100644 index 0000000000..49f41ddbc6 Binary files /dev/null and b/static/img/config_interface_te.png differ diff --git a/static/img/dnat_gui_config.png b/static/img/dnat_gui_config.png new file mode 100644 index 0000000000..69085dad48 Binary files /dev/null and b/static/img/dnat_gui_config.png differ diff --git a/static/img/dnat_net-intf_gui_config.png b/static/img/dnat_net-intf_gui_config.png new file mode 100644 index 0000000000..cb234a6016 Binary files /dev/null and b/static/img/dnat_net-intf_gui_config.png differ diff --git a/static/img/dnat_netmap.png b/static/img/dnat_netmap.png new file mode 100644 index 0000000000..3cf58dd982 Binary files /dev/null and b/static/img/dnat_netmap.png differ diff --git a/static/img/dnat_scenario_table.png b/static/img/dnat_scenario_table.png new file mode 100644 index 0000000000..59cd4ca4cd Binary files /dev/null and b/static/img/dnat_scenario_table.png differ diff --git a/static/img/u-iso10_cond-mngd_router.png b/static/img/u-iso10_cond-mngd_router.png new file mode 100644 index 0000000000..88d5477a62 Binary files /dev/null and b/static/img/u-iso10_cond-mngd_router.png differ diff --git a/static/img/u-iso11_cond-mngd-assoc.png b/static/img/u-iso11_cond-mngd-assoc.png new file mode 100644 index 0000000000..1bd593266a Binary files /dev/null and b/static/img/u-iso11_cond-mngd-assoc.png differ diff --git a/static/img/u-iso12_select_mist_managed.png b/static/img/u-iso12_select_mist_managed.png new file mode 100644 index 0000000000..b16a8aaeae Binary files /dev/null and b/static/img/u-iso12_select_mist_managed.png differ diff --git a/static/img/u-iso13_mist_login.png b/static/img/u-iso13_mist_login.png new file mode 100644 index 0000000000..f29b529310 Binary files /dev/null and b/static/img/u-iso13_mist_login.png differ diff --git a/static/img/u-iso14_assign-org-name.png b/static/img/u-iso14_assign-org-name.png new file mode 100644 index 0000000000..25ffe6119d Binary files /dev/null and b/static/img/u-iso14_assign-org-name.png differ diff --git a/static/img/u-iso14a_adopted_router.png b/static/img/u-iso14a_adopted_router.png new file mode 100644 index 0000000000..45b65c7dfd Binary files /dev/null and b/static/img/u-iso14a_adopted_router.png differ diff --git a/static/img/u-iso14a_assign-org-name.png b/static/img/u-iso14a_assign-org-name.png new file mode 100644 index 0000000000..0f289f8f2b Binary files /dev/null and b/static/img/u-iso14a_assign-org-name.png differ diff --git a/static/img/u-iso15_router-in-mist.png b/static/img/u-iso15_router-in-mist.png new file mode 100644 index 0000000000..ad4a55eb3d Binary files /dev/null and b/static/img/u-iso15_router-in-mist.png differ diff --git a/static/img/u-iso15a_router-in-mist.png b/static/img/u-iso15a_router-in-mist.png new file mode 100644 index 0000000000..256b1acae5 Binary files /dev/null and b/static/img/u-iso15a_router-in-mist.png differ diff --git a/static/img/u-iso16_inventory_more_dropdown.png b/static/img/u-iso16_inventory_more_dropdown.png new file mode 100644 index 0000000000..540e08102c Binary files /dev/null and b/static/img/u-iso16_inventory_more_dropdown.png differ diff --git a/static/img/u-iso17_assign_wan_edges.png b/static/img/u-iso17_assign_wan_edges.png new file mode 100644 index 0000000000..cb1817e336 Binary files /dev/null and b/static/img/u-iso17_assign_wan_edges.png differ diff --git a/static/img/u-iso18_mist_reg_code1.png b/static/img/u-iso18_mist_reg_code1.png new file mode 100644 index 0000000000..471dfc8f22 Binary files /dev/null and b/static/img/u-iso18_mist_reg_code1.png differ diff --git a/static/img/u-iso19_mist_reg_code1.png b/static/img/u-iso19_mist_reg_code1.png new file mode 100644 index 0000000000..7bb2ec9b10 Binary files /dev/null and b/static/img/u-iso19_mist_reg_code1.png differ diff --git a/static/img/u-iso1_install_presstab_setup.png b/static/img/u-iso1_install_presstab_setup.png new file mode 100644 index 0000000000..380e48ccaf Binary files /dev/null and b/static/img/u-iso1_install_presstab_setup.png differ diff --git a/static/img/u-iso2_choose_image.png b/static/img/u-iso2_choose_image.png new file mode 100644 index 0000000000..c584495e03 Binary files /dev/null and b/static/img/u-iso2_choose_image.png differ diff --git a/static/img/u-iso3_choose_install_type.png b/static/img/u-iso3_choose_install_type.png new file mode 100644 index 0000000000..ff772605d3 Binary files /dev/null and b/static/img/u-iso3_choose_install_type.png differ diff --git a/static/img/u-iso4_install_options.png b/static/img/u-iso4_install_options.png new file mode 100644 index 0000000000..37e606f3d7 Binary files /dev/null and b/static/img/u-iso4_install_options.png differ diff --git a/static/img/u-iso5_begin_install.png b/static/img/u-iso5_begin_install.png new file mode 100644 index 0000000000..2d3aee765a Binary files /dev/null and b/static/img/u-iso5_begin_install.png differ diff --git a/static/img/u-iso6_unpacker_complete.png b/static/img/u-iso6_unpacker_complete.png new file mode 100644 index 0000000000..4a3d6edf50 Binary files /dev/null and b/static/img/u-iso6_unpacker_complete.png differ diff --git a/static/img/u-iso7_serial_install.png b/static/img/u-iso7_serial_install.png new file mode 100644 index 0000000000..04b0b73677 Binary files /dev/null and b/static/img/u-iso7_serial_install.png differ diff --git a/static/img/u-iso8_launch_gui.png b/static/img/u-iso8_launch_gui.png new file mode 100644 index 0000000000..a334eb7271 Binary files /dev/null and b/static/img/u-iso8_launch_gui.png differ diff --git a/static/img/u-iso8a_initialize_conductor.png b/static/img/u-iso8a_initialize_conductor.png new file mode 100644 index 0000000000..1f73829071 Binary files /dev/null and b/static/img/u-iso8a_initialize_conductor.png differ diff --git a/static/img/u-iso9_define_conductor.png b/static/img/u-iso9_define_conductor.png new file mode 100644 index 0000000000..faeddcf8a1 Binary files /dev/null and b/static/img/u-iso9_define_conductor.png differ diff --git a/static/img/u-iso9a_ha_conductor.png b/static/img/u-iso9a_ha_conductor.png new file mode 100644 index 0000000000..11890c8fde Binary files /dev/null and b/static/img/u-iso9a_ha_conductor.png differ