# ネットワーク装置メモ(alaxala/Juniper/Cisco) ### L2 #### FIBを見る show mac-address-table port 0/1 ## cisco XE ### L3 #### RIBを見る show ip route vrf MGMT #### 特定のVRFのBGP RIBを見る show bgp vrf MGMT all summary #### bgp をclearしたい clear ip bgp all 65000 ## cisco XR ### L2 #### VPLSのFIBを見たい show l2vpn forwarding bridge-domain mac-address location 0/0/CPU0 show l2vpn forwarding bridge-domain VPLS: mac-address location 0/0/CPU0 ### L3 #### exactな経路表を見たい show route ipv6 2001:200::/32 #### BGPpeerを見る show bgp ipv4 unicast summary show bgp ipv6 unicast summary #### BGPのadv/recv経路を見たい show bgp ipv4 unicast neighbors 192.168.0.1 advertised-routes show bgp ipv6 unicast neighbors 2001:db8::1 received routes ## juniper ### L1 ## 光(一般ポート) show interfaces diagnostics optics | match "Physical|dBm" | except threshold Physical interface: ge-0/2/3 Laser output power : 0.3160 mW / -5.00 dBm Receiver signal average optical power : 0.2804 mW / -5.52 dBm Physical interface: ge-2/2/3 Laser output power : 0.3160 mW / -5.00 dBm Receiver signal average optical power : 0.3309 mW / -4.80 dBm #### 光(VCポート) request virtual-chassis vc-port diagnostics optics show virtual-chassis vc-port diagnostics optics | match "fpc|Virtual chassis port|Receiver signal average optical power" ### L2 #### FIB show ethernet-switching table show ethernet-switching table vlan-id 40 show ethernet-switching table interface ge-1/1/0.0 ### L3 #### BGPのadv/recvを見たい show bgp summary > neighbor情報 show route receive-protocol bgp 192.168.0.1 > 受信経路 show route advertising-protocol bgp 192.168.0.1 > 送信経路 #### BGP経路の確認 show route advertising-protocol bgp 192.168.0.1 terse show route receive-protocol bgp 192.168.0.1 terse show route receive-protocol bgp 192.168.0.1 hidden terse show route source-gateway 192.168.0.1 terse aspath-regex "65000" #### OSPF 基本 show ospf neighbor show ospf3 neighbor ### mgmt関係 #### configの過去との比較 show | compare rollback 0 show configuration | compare rollback 45 #### JSRP時の他のノードの操作(SRXとか) request routing-engine login node 1 #### logical-systems組んでる場合(MXとか) set cli logical-system [system-name] #### virtual-chassisしている場合(EXとか) show virtual-chassis status request session member 0 show chassis routing-engine #### core-dump見たい(ファイルの位置) show system core-dumps ### PoE ### 複数台関係 #### Virtual Chassis show virtual-chassis status Member ID Status Serial No Model prio Role Mode Mode ID Interface 0 (FPC 0) Prsnt XXXXXXXXXXXX ex3400-48p 255 Master* N VC 1 vcp-255/2/1 2 vcp-255/2/2 1 (FPC 1) Prsnt XXXXXXXXXXXX ex3400-48p 0 Linecard N VC 3 vcp-255/2/1 0 vcp-255/2/2 #### configセーブ show configuration |display set | save 20130515 configure load override load set factory-default Override existing configuration with factory default > 初期化 merge Merge contents with existing configuration > confrict検知 override Override existing configuration > 上書き patch Load patch file into configuration > 調べる replace Replace configuration data > 入れ替え set Execute set of commands on existing configuration > display setの結果を update Update existing configuration > ??? #### rootでshell start shell user root #### IFカウンタ系 show interfaces ge-0/0/0 extensive monitor interface ge-0/0/0 > エラーカウンタとか見れる #### ターミナルの幅を広げる set cli screen-width 1024 #### 一次的にcliのコマンド毎にタイムスタンプを表示 set cli timestamp ### replace rename protocols bgp group AS65000 to group AS65000 edit protocols bgp group AS65001 replace pattern AS65000 with AS65001 top > AS番号を 変える #### BGPポートのフィルタの書き方 apply-path set policy-options prefix-list bgp-peers apply-path "protocols bgp group <*> neighbor <*>"; set firewall family inet filter bgp-access term bgp-permit from prefix-list bgp-peers set firewall family inet filter bgp-access term bgp-permit from protocol bgp set firewall family inet filter bgp-access term bgp-permit from port 179 set firewall family inet filter bgp-access term bgp-permit then accept set firewall family inet filter bgp-access term bgp-deny from protocol bgp set firewall family inet filter bgp-access term bgp-deny from port 179 set firewall family inet filter bgp-access term bgp-deny then discard ### firewall #### 「今」処理しているフローが見たい show security flow session destination-prefix 192.168.0.0/24 #### ポリシーの中身を見る show security policies from-zone Untrust to-zone Trust policy-name drop-dos detail #### ポリシーがヒットしているか見たい show security policies hit-count from-zone Untrust to-zone Trust | match drop-dos