7 The following sections discuss commands common to all the routing daemons.
14 .. index:: Configuration files for running the software
16 .. index:: Files for running configurations
18 .. index:: Modifying the herd's behavior
20 .. index:: Getting the herd running
22 In a config file, you can write the debugging options, a vty's password,
23 routing daemon configurations, a log file name, and so forth. This information
24 forms the initial command set for a routing beast as it is starting.
26 Config files are generally found in |INSTALL_PREFIX_ETC|.
28 Each of the daemons has its own config file. The daemon name plus ``.conf`` is
29 the default config file name. For example, zebra's default config file name is
30 :file:`zebra.conf`. You can specify a config file using the :option:`-f` or
31 :option:`--config_file` options when starting the daemon.
33 .. _basic-config-commands:
38 .. index:: hostname HOSTNAME
39 .. clicmd:: hostname HOSTNAME
41 Set hostname of the router.
44 single: no password PASSWORD
45 single: password PASSWORD
47 .. clicmd:: [no] password PASSWORD
49 Set password for vty interface. The ``no`` form of the command deletes the
50 password. If there is no password, a vty won't accept connections.
53 single: no enable password PASSWORD
54 single: enable password PASSWORD
56 .. clicmd:: [no] enable password PASSWORD
58 Set enable password. The ``no`` form of the command deletes the enable
62 single: no log trap [LEVEL]
63 single: log trap LEVEL
65 .. clicmd:: [no] log trap LEVEL
67 These commands are deprecated and are present only for historical
68 compatibility. The log trap command sets the current logging level for all
69 enabled logging destinations, and it sets the default for all future logging
70 commands that do not specify a level. The normal default logging level is
71 debugging. The ``no`` form of the command resets the default level for
72 future logging commands to debugging, but it does not change the logging
73 level of existing logging destinations.
76 single: no log stdout [LEVEL]
77 single: log stdout [LEVEL]
79 .. clicmd:: [no] log stdout LEVEL
81 Enable logging output to stdout. If the optional second argument specifying
82 the logging level is not present, the default logging level (typically
83 debugging) will be used. The ``no`` form of the command disables logging to
84 stdout. The ``LEVEL`` argument must have one of these values: emergencies,
85 alerts, critical, errors, warnings, notifications, informational, or
86 debugging. Note that the existing code logs its most important messages with
90 single: no log file [FILENAME [LEVEL]]
91 single: log file FILENAME [LEVEL]
93 .. clicmd:: [no] log file [FILENAME [LEVEL]]
95 If you want to log into a file, please specify ``filename`` as
100 log file /var/log/frr/bgpd.log informational
102 If the optional second argument specifying the logging level is not present,
103 the default logging level (typically debugging, but can be changed using the
104 deprecated ``log trap`` command) will be used. The ``no`` form of the command
105 disables logging to a file.
109 If you do not configure any file logging, and a daemon crashes due to a
110 signal or an assertion failure, it will attempt to save the crash
111 information in a file named :file:`/var/tmp/frr.<daemon name>.crashlog`.
112 For security reasons, this will not happen if the file exists already, so
113 it is important to delete the file after reporting the crash information.
116 single: no log syslog [LEVEL]
117 single: log syslog [LEVEL]
119 .. clicmd:: [no] log syslog [LEVEL]
121 Enable logging output to syslog. If the optional second argument specifying
122 the logging level is not present, the default logging level (typically
123 debugging, but can be changed using the deprecated ``log trap`` command) will
124 be used. The ``no`` form of the command disables logging to syslog.
127 single: no log monitor [LEVEL]
128 single: log monitor [LEVEL]
130 .. clicmd:: [no] log monitor [LEVEL]
132 Enable logging output to vty terminals that have enabled logging using the
133 ``terminal monitor`` command. By default, monitor logging is enabled at the
134 debugging level, but this command (or the deprecated ``log trap`` command)
135 can be used to change the monitor logging level. If the optional second
136 argument specifying the logging level is not present, the default logging
137 level (typically debugging) will be used. The ``no`` form of the command
138 disables logging to terminal monitors.
141 single: no log facility [FACILITY]
142 single: log facility [FACILITY]
144 .. clicmd:: [no] log facility [FACILITY]
146 This command changes the facility used in syslog messages. The default
147 facility is ``daemon``. The ``no`` form of the command resets the facility
148 to the default ``daemon`` facility.
151 single: no log record-priority
152 single: log record-priority
154 .. clicmd:: [no] log record-priority
156 To include the severity in all messages logged to a file, to stdout, or to
157 a terminal monitor (i.e. anything except syslog),
158 use the ``log record-priority`` global configuration command.
159 To disable this option, use the ``no`` form of the command. By default,
160 the severity level is not included in logged messages. Note: some
161 versions of syslogd (including Solaris) can be configured to include
162 the facility and level in the messages emitted.
165 single: log timestamp precision (0-6)
166 single: [no] log timestamp precision (0-6)
168 .. clicmd:: [no] log timestamp precision [(0-6)]
170 This command sets the precision of log message timestamps to the given
171 number of digits after the decimal point. Currently, the value must be in
172 the range 0 to 6 (i.e. the maximum precision is microseconds). To restore
173 the default behavior (1-second accuracy), use the ``no`` form of the
174 command, or set the precision explicitly to 0.
178 log timestamp precision 3
180 In this example, the precision is set to provide timestamps with
181 millisecond accuracy.
183 .. index:: log commands
184 .. clicmd:: log commands
186 This command enables the logging of all commands typed by a user to all
187 enabled log destinations. The note that logging includes full command lines,
188 including passwords. Once set, command logging can only be turned off by
189 restarting the daemon.
191 .. index:: service password-encryption
192 .. clicmd:: service password-encryption
196 .. index:: service advanced-vty
197 .. clicmd:: service advanced-vty
199 Enable advanced mode VTY.
201 .. index:: service terminal-length (0-512)
202 .. clicmd:: service terminal-length (0-512)
204 Set system wide line configuration. This configuration command applies to
210 Enter vty configuration mode.
212 .. index:: banner motd default
213 .. clicmd:: banner motd default
215 Set default motd string.
217 .. index:: no banner motd
218 .. clicmd:: no banner motd
220 No motd banner string will be printed.
222 .. index:: exec-timeout MINUTE [SECOND]
223 .. clicmd:: exec-timeout MINUTE [SECOND]
225 Set VTY connection timeout value. When only one argument is specified
226 it is used for timeout value in minutes. Optional second argument is
227 used for timeout value in seconds. Default timeout value is 10 minutes.
228 When timeout value is zero, it means no timeout.
230 .. index:: no exec-timeout
231 .. clicmd:: no exec-timeout
233 Do not perform timeout at all. This command is as same as
234 ``exec-timeout 0 0``.
236 .. index:: access-class ACCESS-LIST
237 .. clicmd:: access-class ACCESS-LIST
239 Restrict vty connections with an access list.
242 .. _sample-config-file:
247 Below is a sample configuration file for the zebra daemon.
252 ! Zebra configuration file
256 enable password zebra
263 ``!`` and ``#`` are comment characters. If the first character of the word is
264 one of the comment characters then from the rest of the line forward will be
265 ignored as a comment.
269 password zebra!password
271 If a comment character is not the first character of the word, it's a normal
272 character. So in the above example ``!`` will not be regarded as a comment and
273 the password is set to ``zebra!password``.
275 .. _terminal-mode-commands:
277 Terminal Mode Commands
278 ======================
280 .. index:: write terminal
281 .. clicmd:: write terminal
283 Displays the current configuration to the vty interface.
285 .. index:: write file
286 .. clicmd:: write file
288 Write current configuration to configuration file.
290 .. index:: configure terminal
291 .. clicmd:: configure terminal
293 Change to configuration mode. This command is the first step to
296 .. index:: terminal length (0-512)
297 .. clicmd:: terminal length (0-512)
299 Set terminal display length to ``(0-512)``. If length is 0, no display
300 control is performed.
305 Show a list of currently connected vty sessions.
310 List all available commands.
312 .. index:: show version
313 .. clicmd:: show version
315 Show the current version of |PACKAGE_NAME| and its build host information.
317 .. index:: show logging
318 .. clicmd:: show logging
320 Shows the current configuration of the logging system. This includes the
321 status of all logging destinations.
323 .. index:: logmsg LEVEL MESSAGE
324 .. clicmd:: logmsg LEVEL MESSAGE
326 Send a message to all logging destinations that are enabled for messages of
330 .. _common-invocation-options:
332 Common Invocation Options
333 =========================
335 These options apply to all |PACKAGE_NAME| daemons.
338 .. option:: -d, --daemon
342 .. option:: -f, --config_file <file>
344 Set configuration file name.
346 .. option:: -h, --help
348 Display this help and exit.
350 .. option:: -i, --pid_file <file>
352 Upon startup the process identifier of the daemon is written to a file,
353 typically in :file:`/var/run`. This file can be used by the init system
354 to implement commands such as ``.../init.d/zebra status``,
355 ``.../init.d/zebra restart`` or ``.../init.d/zebra stop``.
357 The file name is an run-time option rather than a configure-time option so
358 that multiple routing daemons can be run simultaneously. This is useful when
359 using |PACKAGE_NAME| to implement a routing looking glass. One machine can
360 be used to collect differing routing views from differing points in the
363 .. option:: -A, --vty_addr <address>
365 Set the VTY local address to bind to. If set, the VTY socket will only be
366 bound to this address.
368 .. option:: -P, --vty_port <port>
370 Set the VTY TCP port number. If set to 0 then the TCP VTY sockets will not
373 .. option:: -u <user>
375 Set the user and group to run as.
377 .. option:: -v, --version
379 Print program version.
381 .. _loadable-module-support:
383 Loadable Module Support
384 =======================
386 FRR supports loading extension modules at startup. Loading, reloading or
387 unloading modules at runtime is not supported (yet). To load a module, use
388 the following command line option at daemon startup:
391 .. option:: -M, --module <module:options>
393 Load the specified module, optionally passing options to it. If the module
394 name contains a slash (/), it is assumed to be a full pathname to a file to
395 be loaded. If it does not contain a slash, the |INSTALL_PREFIX_MODULES|
396 directory is searched for a module of the given name; first with the daemon
397 name prepended (e.g. ``zebra_mod`` for ``mod``), then without the daemon
400 This option is available on all daemons, though some daemons may not have
401 any modules available to be loaded.
407 If SNMP is enabled during compile-time and installed as part of the package,
408 the ``snmp`` module can be loaded for the *Zebra*, *bgpd*, *ospfd*, *ospf6d*
411 The module ignores any options passed to it. Refer to :ref:`snmp-support` for
412 information on its usage.
418 If FPM is enabled during compile-time and installed as part of the package, the
419 ``fpm`` module can be loaded for the *zebra* daemon. This provides the
420 Forwarding Plane Manager ("FPM") API.
422 The module expects its argument to be either ``Netlink`` or ``protobuf``,
423 specifying the encapsulation to use. ``Netlink`` is the default, and
424 ``protobuf`` may not be available if the module was built without protobuf
425 support. Refer to :ref:`zebra-fib-push-interface` for more information.
428 .. _virtual-terminal-interfaces:
430 Virtual Terminal Interfaces
431 ===========================
433 VTY -- Virtual Terminal [aka TeletYpe] Interface is a command line
434 interface (CLI) for user interaction with the routing daemon.
442 VTY stands for Virtual TeletYpe interface. It means you can connect to
443 the daemon via the telnet protocol.
445 To enable a VTY interface, you have to setup a VTY password. If there
446 is no VTY password, one cannot connect to the VTY interface at all.
450 % telnet localhost 2601
452 Connected to localhost.
453 Escape character is '^]'.
455 Hello, this is |PACKAGE_NAME| (version |PACKAGE_VERSION|)
458 User Access Verification
462 enable . . . Turn on privileged commands
463 exit . . . Exit current mode and down to previous mode
464 help . . . Description of the interactive help system
465 list . . . Print command list
466 show . . . Show system inform
468 wh. . . Display who is on a vty
471 Router# configure terminal
472 Router(config)# interface eth0
473 Router(config-if)# ip address 10.0.0.1/8
474 Router(config-if)# ^Z
483 There are three basic VTY modes:
485 There are commands that may be restricted to specific VTY modes.
492 This mode is for read-only access to the CLI. One may exit the mode by
493 leaving the system, or by entering `enable` mode.
500 This mode is for read-write access to the CLI. One may exit the mode by
501 leaving the system, or by escaping to view mode.
508 This page is for describing other modes.
510 .. _vty-cli-commands:
515 Commands that you may use at the command-line are described in the following
516 three subsubsections.
518 .. _cli-movement-commands:
520 CLI Movement Commands
521 ^^^^^^^^^^^^^^^^^^^^^
523 These commands are used for moving the CLI cursor. The :kbd:`C` character
524 means press the Control Key.
526 :kbd:`C-f` / :kbd:`LEFT`
527 Move forward one character.
529 :kbd:`C-b` / :kbd:`RIGHT`
530 Move backward one character.
533 Move forward one word.
536 Move backward one word.
539 Move to the beginning of the line.
542 Move to the end of the line.
545 .. _cli-editing-commands:
550 These commands are used for editing text on a line. The :kbd:`C`
551 character means press the Control Key.
554 :kbd:`C-h` / :kbd:`DEL`
555 Delete the character before point.
559 Delete the character after point.
571 Kill to the end of the line.
575 Kill line from the beginning, erasing input.
582 CLI Advanced Commands
583 ^^^^^^^^^^^^^^^^^^^^^
585 There are several additional CLI commands for command line completions,
586 insta-help, and VTY session management.
590 Interrupt current input and moves to the next line.
594 End current configuration session and move to top node.
597 :kbd:`C-n` / :kbd:`DOWN`
598 Move down to next line in the history buffer.
601 :kbd:`C-p` / :kbd:`UP`
602 Move up to previous line in the history buffer.
606 Use command line completion by typing :kbd:`TAB`.
610 You can use command line help by typing ``help`` at the beginning of the
611 line. Typing :kbd:`?` at any point in the line will show possible
614 .. index:: find COMMAND...
615 .. clicmd:: find COMMAND...
617 This commmand performs a simple substring search across all defined commands
618 in all modes. As an example, suppose you're in enable mode and can't
619 remember where the command to turn OSPF segment routing on is:
623 frr# find segment-routing on
624 (ospf) segment-routing on
626 The CLI mode is displayed next to each command. In this example,
627 :clicmd:`segment-routing on` is under the `router ospf` mode.
629 Similarly, suppose you want a listing of all commands that contain "l2vpn":
634 (view) show [ip] bgp l2vpn evpn [json]
635 (view) show [ip] bgp l2vpn evpn all <A.B.C.D|A.B.C.D/M> [json]
636 (view) show [ip] bgp l2vpn evpn all neighbors A.B.C.D advertised-routes [json]
637 (view) show [ip] bgp l2vpn evpn all neighbors A.B.C.D routes [json]
638 (view) show [ip] bgp l2vpn evpn all overlay
644 VTY supports optional modifiers at the end of commands that perform
645 postprocessing on command output or modify the action of commands. These do not
646 show up in the :kbd:`?` or :kbd:`TAB` suggestion lists.
648 ``... | include REGEX``
649 Filters the output of the preceding command, including only lines which
650 match the POSIX Extended Regular Expression ``REGEX``. Do not put the regex
657 frr# show ip bgp sum json | include remoteAs
664 frr# show run | include neigh.*[0-9]{2}\.0\.[2-4]\.[0-9]*
665 neighbor 10.0.2.106 remote-as 99
666 neighbor 10.0.2.107 remote-as 99
667 neighbor 10.0.2.108 remote-as 99
668 neighbor 10.0.2.109 remote-as 99
669 neighbor 10.0.2.110 remote-as 99
670 neighbor 10.0.3.111 remote-as 111