CLI Cheat Sheet: Networking

Use the following table to quickly locate commands for common networking tasks:
If you want to . . .
Use . . .
General Routing Commands
  • Display the routing table
>
show routing route
  • Look at routes for a specific destination
>
show routing fib virtual-router
<name>
| match
<x.x.x.x/Y>
  • Change the ARP cache timeout setting from the default of 1800 seconds.
>
set system setting arp-cache-timeout
<60-65536>
  • View the ARP cache timeout setting.
>
show system setting arp-cache-timeout
NAT
  • Show the NAT policy table
>
show running nat-policy
  • Test the NAT policy
>
test nat-policy-match
  • Show NAT pool utilization
>
show running ippool
>
show running global-ippool
IPSec
  • Show IPSec counters
>
show vpn flow
  • Show a list of all IPSec gateways and their configurations
>
show vpn gateway
  • Show IKE phase 1 SAs
>
show vpn ike-sa
  • Show IKE phase 2 SAs
>
show vpn ipsec-sa
  • Show a list of auto-key IPSec tunnel configurations
>
show vpn tunnel
BFD
  • Show BFD profiles
>
show routing bfd active-profile [
<name>
]
  • Show BFD details
>
show routing bfd details [interface
<name>
] [local-ip
<ip>
] [multihop][peer-ip
<ip>
] [session-id] [virtual-router
<name>
]
  • Show BFD statistics on dropped sessions
>
show routing bfd drop-counters session-id
<session-id>
  • Show counters of transmitted, received, and dropped BFD packets
>
show counter global | match bfd
  • Clear counters of transmitted, received, and dropped BFD packets
>
clear routing bfd counters session-id all |
<1-1024>
  • Clear BFD sessions for debugging purposes
>
clear routing bfd session-state session-id all |
<1-1024>
PVST+
  • Set the native VLAN ID
>
set session pvst-native-vlan-id
<vid>
  • Drop all STP BPDU packets
>
set session drop-stp-packet
  • Verify PVST+ BPDU rewrite configuration, native VLAN ID, and STP BPDU packet drop
>
show vlan all
  • Show counter of times the 802.1Q tag and PVID fields in a PVST+ BPDU packet do not match
>
show counter global
Look at the
flow_pvid_inconsistent
counter.
Troubleshooting
  • Ping from the management (MGT) interface to a destination IP address
>
ping host
<destination-ip-address>
  • Ping from a dataplane interface to a destination IP address
>
ping source
<ip-address-on-dataplane>
host
<destination-ip-address>
  • Show network statistics
>
show netstat statistics yes

Recommended For You