7 The following sections discuss commands common to all the routing daemons.
14 .. index:: Configuration files for running the software
16 .. index:: Files for running configurations
18 .. index:: Modifying the herd's behavior
20 .. index:: Getting the herd running
22 In a config file, you can write the debugging options, a vty's password,
23 routing daemon configurations, a log file name, and so forth. This information
24 forms the initial command set for a routing beast as it is starting.
26 Config files are generally found in |INSTALL_PREFIX_ETC|.
28 Each of the daemons has its own config file. The daemon name plus ``.conf`` is
29 the default config file name. For example, zebra's default config file name is
30 :file:`zebra.conf`. You can specify a config file using the :option:`-f` or
31 :option:`--config_file` options when starting the daemon.
33 .. _basic-config-commands:
38 .. index:: hostname HOSTNAME
39 .. clicmd:: hostname HOSTNAME
41 Set hostname of the router.
44 single: no password PASSWORD
45 single: password PASSWORD
47 .. clicmd:: [no] password PASSWORD
49 Set password for vty interface. The ``no`` form of the command deletes the
50 password. If there is no password, a vty won't accept connections.
53 single: no enable password PASSWORD
54 single: enable password PASSWORD
56 .. clicmd:: [no] enable password PASSWORD
58 Set enable password. The ``no`` form of the command deletes the enable
62 single: no log trap [LEVEL]
63 single: log trap LEVEL
65 .. clicmd:: [no] log trap LEVEL
67 These commands are deprecated and are present only for historical
68 compatibility. The log trap command sets the current logging level for all
69 enabled logging destinations, and it sets the default for all future logging
70 commands that do not specify a level. The normal default logging level is
71 debugging. The ``no`` form of the command resets the default level for
72 future logging commands to debugging, but it does not change the logging
73 level of existing logging destinations.
76 single: no log stdout [LEVEL]
77 single: log stdout [LEVEL]
79 .. clicmd:: [no] log stdout LEVEL
81 Enable logging output to stdout. If the optional second argument specifying
82 the logging level is not present, the default logging level (typically
83 debugging) will be used. The ``no`` form of the command disables logging to
84 stdout. The ``LEVEL`` argument must have one of these values: emergencies,
85 alerts, critical, errors, warnings, notifications, informational, or
86 debugging. Note that the existing code logs its most important messages with
90 single: no log file [FILENAME [LEVEL]]
91 single: log file FILENAME [LEVEL]
93 .. clicmd:: [no] log file [FILENAME [LEVEL]]
95 If you want to log into a file, please specify ``filename`` as
100 log file /var/log/frr/bgpd.log informational
102 If the optional second argument specifying the logging level is not present,
103 the default logging level (typically debugging, but can be changed using the
104 deprecated ``log trap`` command) will be used. The ``no`` form of the command
105 disables logging to a file.
109 If you do not configure any file logging, and a daemon crashes due to a
110 signal or an assertion failure, it will attempt to save the crash
111 information in a file named :file:`/var/tmp/frr.<daemon name>.crashlog`.
112 For security reasons, this will not happen if the file exists already, so
113 it is important to delete the file after reporting the crash information.
116 single: no log syslog [LEVEL]
117 single: log syslog [LEVEL]
119 .. clicmd:: [no] log syslog [LEVEL]
121 Enable logging output to syslog. If the optional second argument specifying
122 the logging level is not present, the default logging level (typically
123 debugging, but can be changed using the deprecated ``log trap`` command) will
124 be used. The ``no`` form of the command disables logging to syslog.
127 single: no log monitor [LEVEL]
128 single: log monitor [LEVEL]
130 .. clicmd:: [no] log monitor [LEVEL]
132 Enable logging output to vty terminals that have enabled logging using the
133 ``terminal monitor`` command. By default, monitor logging is enabled at the
134 debugging level, but this command (or the deprecated ``log trap`` command)
135 can be used to change the monitor logging level. If the optional second
136 argument specifying the logging level is not present, the default logging
137 level (typically debugging) will be used. The ``no`` form of the command
138 disables logging to terminal monitors.
141 single: no log facility [FACILITY]
142 single: log facility [FACILITY]
144 .. clicmd:: [no] log facility [FACILITY]
146 This command changes the facility used in syslog messages. The default
147 facility is ``daemon``. The ``no`` form of the command resets the facility
148 to the default ``daemon`` facility.
151 single: no log record-priority
152 single: log record-priority
154 .. clicmd:: [no] log record-priority
156 To include the severity in all messages logged to a file, to stdout, or to
157 a terminal monitor (i.e. anything except syslog),
158 use the ``log record-priority`` global configuration command.
159 To disable this option, use the ``no`` form of the command. By default,
160 the severity level is not included in logged messages. Note: some
161 versions of syslogd (including Solaris) can be configured to include
162 the facility and level in the messages emitted.
165 single: log timestamp precision (0-6)
166 single: [no] log timestamp precision (0-6)
168 .. clicmd:: [no] log timestamp precision [(0-6)]
170 This command sets the precision of log message timestamps to the given
171 number of digits after the decimal point. Currently, the value must be in
172 the range 0 to 6 (i.e. the maximum precision is microseconds). To restore
173 the default behavior (1-second accuracy), use the ``no`` form of the
174 command, or set the precision explicitly to 0.
178 log timestamp precision 3
180 In this example, the precision is set to provide timestamps with
181 millisecond accuracy.
183 .. index:: log commands
184 .. clicmd:: log commands
186 This command enables the logging of all commands typed by a user to all
187 enabled log destinations. The note that logging includes full command lines,
188 including passwords. Once set, command logging can only be turned off by
189 restarting the daemon.
191 .. index:: service password-encryption
192 .. clicmd:: service password-encryption
196 .. index:: service advanced-vty
197 .. clicmd:: service advanced-vty
199 Enable advanced mode VTY.
201 .. index:: service terminal-length (0-512)
202 .. clicmd:: service terminal-length (0-512)
204 Set system wide line configuration. This configuration command applies to
210 Enter vty configuration mode.
212 .. index:: banner motd default
213 .. clicmd:: banner motd default
215 Set default motd string.
217 .. index:: no banner motd
218 .. clicmd:: no banner motd
220 No motd banner string will be printed.
222 .. index:: exec-timeout MINUTE [SECOND]
223 .. clicmd:: exec-timeout MINUTE [SECOND]
225 Set VTY connection timeout value. When only one argument is specified
226 it is used for timeout value in minutes. Optional second argument is
227 used for timeout value in seconds. Default timeout value is 10 minutes.
228 When timeout value is zero, it means no timeout.
230 .. index:: no exec-timeout
231 .. clicmd:: no exec-timeout
233 Do not perform timeout at all. This command is as same as
234 ``exec-timeout 0 0``.
236 .. index:: access-class ACCESS-LIST
237 .. clicmd:: access-class ACCESS-LIST
239 Restrict vty connections with an access list.
242 .. _sample-config-file:
247 Below is a sample configuration file for the zebra daemon.
252 ! Zebra configuration file
256 enable password zebra
263 ``!`` and ``#`` are comment characters. If the first character of the word is
264 one of the comment characters then from the rest of the line forward will be
265 ignored as a comment.
269 password zebra!password
271 If a comment character is not the first character of the word, it's a normal
272 character. So in the above example ``!`` will not be regarded as a comment and
273 the password is set to ``zebra!password``.
275 .. _terminal-mode-commands:
277 Terminal Mode Commands
278 ======================
280 .. index:: write terminal
281 .. clicmd:: write terminal
283 Displays the current configuration to the vty interface.
285 .. index:: write file
286 .. clicmd:: write file
288 Write current configuration to configuration file.
290 .. index:: configure [terminal]
291 .. clicmd:: configure [terminal]
293 Change to configuration mode. This command is the first step to
296 .. index:: terminal length (0-512)
297 .. clicmd:: terminal length (0-512)
299 Set terminal display length to ``(0-512)``. If length is 0, no display
300 control is performed.
305 Show a list of currently connected vty sessions.
310 List all available commands.
312 .. index:: show version
313 .. clicmd:: show version
315 Show the current version of |PACKAGE_NAME| and its build host information.
317 .. index:: show logging
318 .. clicmd:: show logging
320 Shows the current configuration of the logging system. This includes the
321 status of all logging destinations.
323 .. index:: show memory
324 .. clicmd:: show memory
326 Show information on how much memory is used for which specific things in
327 |PACKAGE_NAME|. Output may vary depending on system capabilities but will
328 generally look something like this:
333 System allocator statistics:
334 Total heap allocated: 1584 KiB
335 Holding block headers: 0 bytes
336 Used small blocks: 0 bytes
337 Used ordinary blocks: 1484 KiB
338 Free small blocks: 2096 bytes
339 Free ordinary blocks: 100 KiB
343 (see system documentation for 'mallinfo' for meaning)
346 Buffer data : 1 4120 4120
347 Host config : 3 (variably sized) 72
348 Command Tokens : 3427 72 247160
349 Command Token Text : 2555 (variably sized) 83720
350 Command Token Help : 2555 (variably sized) 61720
351 Command Argument : 2 (variably sized) 48
352 Command Argument Name : 641 (variably sized) 15672
354 --- qmem Label Manager ---
356 ZEBRA VRF : 1 912 920
357 Route Entry : 11 80 968
358 Static route : 1 192 200
359 RIB destination : 8 48 448
360 RIB table info : 4 16 96
361 Nexthop tracking object : 1 200 200
362 Zebra Name Space : 1 312 312
363 --- qmem Table Manager ---
365 To understand system allocator statistics, refer to your system's
366 :manpage:`mallinfo(3)` man page.
368 Below these statistics, statistics on individual memory allocation types
369 in |PACKAGE_NAME| (so-called `MTYPEs`) is printed:
371 * the first column of numbers is the current count of allocations made for
372 the type (the number decreases when items are freed.)
373 * the second column is the size of each item. This is only available if
374 allocations on a type are always made with the same size.
375 * the third column is the total amount of memory allocated for the
376 particular type, including padding applied by malloc. This means that
377 the number may be larger than the first column multiplied by the second.
378 Overhead incurred by malloc's bookkeeping is not included in this, and
379 the column may be missing if system support is not available.
381 When executing this command from ``vtysh``, each of the daemons' memory
382 usage is printed sequentially.
384 .. index:: logmsg LEVEL MESSAGE
385 .. clicmd:: logmsg LEVEL MESSAGE
387 Send a message to all logging destinations that are enabled for messages of
390 .. index:: find COMMAND...
391 .. clicmd:: find COMMAND...
393 This command performs a simple substring search across all defined commands
394 in all modes. As an example, suppose you're in enable mode and can't
395 remember where the command to turn OSPF segment routing on is:
399 frr# find segment-routing on
400 (ospf) segment-routing on
402 The CLI mode is displayed next to each command. In this example,
403 :clicmd:`segment-routing on` is under the `router ospf` mode.
405 Similarly, suppose you want a listing of all commands that contain "l2vpn":
410 (view) show [ip] bgp l2vpn evpn [json]
411 (view) show [ip] bgp l2vpn evpn all <A.B.C.D|A.B.C.D/M> [json]
412 (view) show [ip] bgp l2vpn evpn all neighbors A.B.C.D advertised-routes [json]
413 (view) show [ip] bgp l2vpn evpn all neighbors A.B.C.D routes [json]
414 (view) show [ip] bgp l2vpn evpn all overlay
418 .. _common-invocation-options:
420 Common Invocation Options
421 =========================
423 These options apply to all |PACKAGE_NAME| daemons.
426 .. option:: -d, --daemon
430 .. option:: -f, --config_file <file>
432 Set configuration file name.
434 .. option:: -h, --help
436 Display this help and exit.
438 .. option:: -i, --pid_file <file>
440 Upon startup the process identifier of the daemon is written to a file,
441 typically in :file:`/var/run`. This file can be used by the init system
442 to implement commands such as ``.../init.d/zebra status``,
443 ``.../init.d/zebra restart`` or ``.../init.d/zebra stop``.
445 The file name is an run-time option rather than a configure-time option so
446 that multiple routing daemons can be run simultaneously. This is useful when
447 using |PACKAGE_NAME| to implement a routing looking glass. One machine can
448 be used to collect differing routing views from differing points in the
451 .. option:: -A, --vty_addr <address>
453 Set the VTY local address to bind to. If set, the VTY socket will only be
454 bound to this address.
456 .. option:: -P, --vty_port <port>
458 Set the VTY TCP port number. If set to 0 then the TCP VTY sockets will not
461 .. option:: -u <user>
463 Set the user and group to run as.
465 .. option:: -v, --version
467 Print program version.
469 .. option:: --log <stdout|syslog|file:/path/to/log/file>
471 When initializing the daemon, setup the log to go to either stdout,
472 syslog or to a file. These values will be displayed as part of
473 a show run. Additionally they can be overridden at runtime if
474 desired via the normal log commands.
476 .. option:: --log-level <emergencies|alerts|critical|errors|warnings|notifications|informational|debugging>
478 When initializing the daemon, allow the specification of a default
479 log level at startup from one of the specified levels.
483 Enable the transactional CLI mode.
485 .. _loadable-module-support:
487 Loadable Module Support
488 =======================
490 FRR supports loading extension modules at startup. Loading, reloading or
491 unloading modules at runtime is not supported (yet). To load a module, use
492 the following command line option at daemon startup:
495 .. option:: -M, --module <module:options>
497 Load the specified module, optionally passing options to it. If the module
498 name contains a slash (/), it is assumed to be a full pathname to a file to
499 be loaded. If it does not contain a slash, the |INSTALL_PREFIX_MODULES|
500 directory is searched for a module of the given name; first with the daemon
501 name prepended (e.g. ``zebra_mod`` for ``mod``), then without the daemon
504 This option is available on all daemons, though some daemons may not have
505 any modules available to be loaded.
511 If SNMP is enabled during compile-time and installed as part of the package,
512 the ``snmp`` module can be loaded for the *Zebra*, *bgpd*, *ospfd*, *ospf6d*
515 The module ignores any options passed to it. Refer to :ref:`snmp-support` for
516 information on its usage.
522 If FPM is enabled during compile-time and installed as part of the package, the
523 ``fpm`` module can be loaded for the *zebra* daemon. This provides the
524 Forwarding Plane Manager ("FPM") API.
526 The module expects its argument to be either ``Netlink`` or ``protobuf``,
527 specifying the encapsulation to use. ``Netlink`` is the default, and
528 ``protobuf`` may not be available if the module was built without protobuf
529 support. Refer to :ref:`zebra-fib-push-interface` for more information.
532 .. _virtual-terminal-interfaces:
534 Virtual Terminal Interfaces
535 ===========================
537 VTY -- Virtual Terminal [aka TeletYpe] Interface is a command line
538 interface (CLI) for user interaction with the routing daemon.
546 VTY stands for Virtual TeletYpe interface. It means you can connect to
547 the daemon via the telnet protocol.
549 To enable a VTY interface, you have to setup a VTY password. If there
550 is no VTY password, one cannot connect to the VTY interface at all.
554 % telnet localhost 2601
556 Connected to localhost.
557 Escape character is '^]'.
559 Hello, this is |PACKAGE_NAME| (version |PACKAGE_VERSION|)
562 User Access Verification
566 enable . . . Turn on privileged commands
567 exit . . . Exit current mode and down to previous mode
568 help . . . Description of the interactive help system
569 list . . . Print command list
570 show . . . Show system inform
572 wh. . . Display who is on a vty
575 Router# configure terminal
576 Router(config)# interface eth0
577 Router(config-if)# ip address 10.0.0.1/8
578 Router(config-if)# ^Z
587 There are three basic VTY modes:
589 There are commands that may be restricted to specific VTY modes.
596 This mode is for read-only access to the CLI. One may exit the mode by
597 leaving the system, or by entering `enable` mode.
604 This mode is for read-write access to the CLI. One may exit the mode by
605 leaving the system, or by escaping to view mode.
612 This page is for describing other modes.
614 .. _vty-cli-commands:
619 Commands that you may use at the command-line are described in the following
620 three subsubsections.
622 .. _cli-movement-commands:
624 CLI Movement Commands
625 ^^^^^^^^^^^^^^^^^^^^^
627 These commands are used for moving the CLI cursor. The :kbd:`C` character
628 means press the Control Key.
630 :kbd:`C-f` / :kbd:`LEFT`
631 Move forward one character.
633 :kbd:`C-b` / :kbd:`RIGHT`
634 Move backward one character.
637 Move forward one word.
640 Move backward one word.
643 Move to the beginning of the line.
646 Move to the end of the line.
649 .. _cli-editing-commands:
654 These commands are used for editing text on a line. The :kbd:`C`
655 character means press the Control Key.
658 :kbd:`C-h` / :kbd:`DEL`
659 Delete the character before point.
663 Delete the character after point.
675 Kill to the end of the line.
679 Kill line from the beginning, erasing input.
686 CLI Advanced Commands
687 ^^^^^^^^^^^^^^^^^^^^^
689 There are several additional CLI commands for command line completions,
690 insta-help, and VTY session management.
694 Interrupt current input and moves to the next line.
698 End current configuration session and move to top node.
701 :kbd:`C-n` / :kbd:`DOWN`
702 Move down to next line in the history buffer.
705 :kbd:`C-p` / :kbd:`UP`
706 Move up to previous line in the history buffer.
710 Use command line completion by typing :kbd:`TAB`.
714 You can use command line help by typing ``help`` at the beginning of the
715 line. Typing :kbd:`?` at any point in the line will show possible
721 VTY supports optional modifiers at the end of commands that perform
722 postprocessing on command output or modify the action of commands. These do not
723 show up in the :kbd:`?` or :kbd:`TAB` suggestion lists.
725 ``... | include REGEX``
726 Filters the output of the preceding command, including only lines which
727 match the POSIX Extended Regular Expression ``REGEX``. Do not put the regex
734 frr# show ip bgp sum json | include remoteAs
741 frr# show run | include neigh.*[0-9]{2}\.0\.[2-4]\.[0-9]*
742 neighbor 10.0.2.106 remote-as 99
743 neighbor 10.0.2.107 remote-as 99
744 neighbor 10.0.2.108 remote-as 99
745 neighbor 10.0.2.109 remote-as 99
746 neighbor 10.0.2.110 remote-as 99
747 neighbor 10.0.3.111 remote-as 111