|
|
This chapter describes how to monitor and manage your network connections. The topic "Monitoring Connections" includes showing the status of all sessions or active ports on the networking hardware. The topic "Managing Connections" includes switching between connections and changing a login name.
This section describes the show commands and procedures used to monitor network devices and activities for the supported transmission protocols listed below.
These show commands are grouped by protocol topics:
Enter all monitoring commands at the user EXEC prompt.
This section describes the following commands, which are generic to all connection protocols:
You can display information about open LAT, Telnet, or rlogin connections by issuing either of the following commands:
show sessions whereThe information that will be displayed includes the host name, address, number of characters waiting to be sent to the terminal, idle time, and connection name.
The following is sample output from the show sessions command:
sloth# show sessions
Conn Host Address Byte Idle Conn Name
1 MATHOM 192.31.7.21 0 0 MATHOM
* 2 CHAFF 131.108.12.19 0 0 CHAFF
The asterisk (*) indicates the current terminal session.
Table 4-1 describes significant fields shown in the display.
| Field | Description |
|---|---|
| Conn | Name or address of the remote host to which the connection is made |
| Host | Remote host to which the router is connected through a Telnet session |
| Address | IP address of the remote host |
| Byte | Number of unread bytes that are waiting for the user to see on the connection |
| Idle | Interval (in minutes) since data was last sent on the line |
| Conn Name | Assigned name of the connection |
Use the show hosts command to display the default domain name, the style of name lookup service, a list of name server hosts, and the cached list of host names and addresses on the network to which you can connect.
show hostsThe following is a sample display from the show hosts output:
sloth# show hosts
Default domain is CISCO.COM
Name/address lookup uses domain service
Name servers are 255.255.255.255
Host Flag Age Type Address(es)
SLAG.CISCO.COM (temp, OK) 1 IP 131.108.4.10
CHAR.CISCO.COM (temp, OK) 8 IP 192.31.7.50
CHAOS.CISCO.COM (temp, OK) 8 IP 131.108.1.115
DIRT.CISCO.COM (temp, EX) 8 IP 131.108.1.111
DUSTBIN.CISCO.COM (temp, EX) 0 IP 131.108.1.27
DREGS.CISCO.COM (temp, EX) 24 IP 131.108.1.30
Table 4-2 describes significant fields shown in the display.
| Field | Description |
|---|---|
| Flag | A temporary entry is entered by a name server; the remote access server removes the entry after 72 hours of inactivity.
A permanent entry is entered by a configuration command and is not timed out. Entries marked OK are believed to be valid. Entries marked ?? are considered suspect and subject to revalidation. Entries marked EX are expired. |
| Age | Indicates the number of hours since the router last referred to the cache entry. |
| Type | Identifies the type of address, for example, IP, CLNS, or X.121. If you have used the ip hp-host global configuration command, the show hosts command will display these host names as type HP-IP. |
| Address(es) | Shows the address of the host. One host can have up to eight addresses. |
You can display information about the active lines on the remote access server. Issue either of the following commands:
show users [all] systat [all]These commands display the same information, including the line number, connection name, idle time, and terminal location.
| all | (Optional) Specifies that all lines be displayed, whether or not anyone is using them. |
The following is sample output from the show users command:
sleepy# show users
Line User Host(s) Idle Location
0 con 0 idle
* 2 vty 0 rose idle 0 BASHFUL.CISCO.COM
The following is sample output from the show users all command:
sleepy# show users all
Line User Host(s) Idle Location
* 0 vty 0 rose idle 0 BASHFUL.CISCO.COM
1 vty 1
2 con 0
3 aux 0
4 vty 2
The asterisk (*) indicates the current terminal session.
Table 4-3 describes significant fields shown in the displays.
| Field | Description |
|---|---|
| Line | Contains three subfields, as the first entry indicates.
The first subfield (0 in the sample) is the absolute line number. The second subfield (vty) indicates the type of line. Possible values follow:
The third subfield (0 in the current line (*) sample) indicates the relative line number within type. |
| User | User using the line. If no user is listed in this field, no one is using the line. |
| Host(s) | Host to which the user is connected (outgoing connection). A value of idle indicates no outgoing connection to a host. |
| Idle | Interval (in minutes) since the user has typed something. |
| Location | Either the hard-wired location for the line or, if there is an incoming connection, the host the incoming connection is from. |
Use the show entry command to display the list of queued host-initiated connections to a remote access server. You can use this command to determine which LAT hosts have queue entries for printers on remote access servers.
show entryThe following is sample output from the show entry command:
sloth# show entry
1 waiting 0:02:22 for port 5 from LAT node BLUE
2 waiting 0:00:32 for port 5 from LAT node STELLA
The display shows that two LAT connections are waiting for access to port 5. The list is ordered so that the lower-numbered entry, which has waited longer, gets to use the line next. The display shows how long each connection attempt has been waiting, for which port, and the user's name.
Table 4-4 describes the fields in the first line of output shown in the display.
| Field | Description |
|---|---|
| 1 | Number assigned to the queued connection attempt |
| waiting 0:02:22 | Interval (hours:minutes:seconds) the connection attempt has been waiting |
| for port 5 | Port for which the connection attempt is waiting |
| from LAT node BLUE | Name of the user attempting to make the connection |
You can display information about the current terminal line such as the line number, line status, modem state, and special characters set. This can be useful for changing lines to match expected settings using the local terminal parameter-setting tasks described in the chapter "Changing Terminal Parameters" later in this publication. To display local terminal settings, issue the following command:
show terminalThe display includes a comprehensive report on the terminal settings in effect, including the preferred transport protocol.
The following is sample output from the show terminal command:
sloth# show terminal
Line 2, Location: "", Type: ""
Length: 24 lines, Width: 80 columns
Baud rate (TX/RX) is 9600/9600
Status: Ready, Active, No Exit Banner
Capabilities: Enabled
Modem state: Ready
Special Chars: Escape Hold Stop Start Disconnect Activation
^^x none - - none
Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch
never never 0:00:15 not imp not set
Session limit is not set.
Allowed transports are telnet rlogin. Preferred is telnet
No output characters are padded
The first three lines of output shown in the display follow:
Line 2, Location: "", Type: ""
Length: 24 lines, Width: 80 columns
Baud rate (TX/RX) is 9600/9600
Table 4-5 describes the fields in the first three lines of show terminal output.
| Field | Description |
|---|---|
| Line | Current terminal line. |
| Location | Location of the current terminal line, as specified using the location configuration command. |
| Type | Type of the current terminal line, as specified using the line global configuration command. |
| Length | Length of the terminal display. |
| Width | Width of the terminal display. |
| Baud rate (TX/RX) | Transmit rate/receive rate of the line. |
The following line of output indicates the status of the line:
Status: Ready, Active, No Exit Banner
In this example, Ready, Active, and No Exit Banner are possible values for the Status field.
Table 4-6 shows field descriptions for the Status field.
| Field | Description |
|---|---|
| Active | A process is actively using the line. |
| Autobauding | The line is running the autobaud process. |
| Carrier Dropped | Some sense of "carrier" has been dropped, so the line process should be killed. |
| Connected | The line has at least one active connection. |
| Dialing Out | A DDR asynchronous interface is dialing a remote site on the line. |
| Echo Off | The line is not echoing what the user types in (because a password must be entered, for example). |
| Escape Started | The first character of the escape sequence has been typed. |
| Escape Typed | Both characters of the escape sequence have been typed. |
| Hanging Up | The line state is "hanging up." |
| Hardware XON/XOFF | The line uses a UART that supports XON/XOFF flow control in hardware. This does not mean that the line is currently using software flow control. |
| Hold Typed | The user typed the "hold character" (and the line is paused). |
| Idle | The line modem state is "idle." |
| Idle Timeout | An idle timeout has occurred. |
| Input Stopped | The input has been turned off due to hardware flow control or overflow. |
| No Exit Banner | The normal exit banner will not be displayed on this line. |
| PSI Enabled | The line is paying attention to typed escape characters. |
| Rcvd BREAK | A BREAK sequence has been received on the line. |
| Rcvd Command | The line has received a special command sequence (^^B for SEND BREAK, for example). |
| Rcvd CR | The last character received was a carriage return. |
| Ready | The line state is "ready." |
| Ring Transition | There has been a transition on the RING signal of the line. |
| Send Break Soon | A BREAK must be sent on the line soon. |
| Send XOFF Soon | The buffers are full and an XOFF must be sent soon. |
| Sending Break | A BREAK sequence is in the process of being sent on the line. |
| Sent XOFF | The buffers were full, so an XOFF was sent. |
| Async Mode | The line is running SLIP or PPP. |
The following line of output indicates the status of the capabilities of the line; these capabilities correspond closely to configurable parameters that can be set using configuration commands.
Capabilities: Enabled
Table 4-7 describes possible values for the Capabilities field.
| Field | Descriptions |
|---|---|
| Autobaud Full Range | Corresponds to the autobaud line configuration command. |
| Character Padding | At least one pad configuration command has been used. |
| Enabled | The user has "enabled" successfully. |
| EXEC Suppressed | Corresponds to the no exec configuration command. |
| Hangup on Last Close | Corresponds to the autohangup line configuration command. |
| Hardware Flowcontrol In | Corresponds to the flowcontrol hardware in line configuration command. |
| Hardware Flowcontrol Out | Corresponds to the flowcontrol hardware out line configuration command. |
| Insecure | Corresponds to the insecure line configuration command. |
| Lockable | Corresponds to the lockable line configuration command. |
| Modem Callin | Corresponds to the modem callin line configuration command. |
| Modem Callout | Corresponds to the modem callout line configuration command. |
| Modem CTS-Required | Corresponds to the modem cts-required line configuration command. |
| Modem DTR-Active | Corresponds to the modem dtr-active line configuration command. |
| Modem RI is CD | Corresponds to the modem ri-is-cd line configuration command. |
| No Login Banner | Corresponds to the no exec-banner line configuration command. |
| Notification Set | Corresponds to the notify line configuration command. |
| Output Non-Idle | Corresponds to the session-timeout N output line configuration command. |
| Permanent Async | Corresponds to the dedicated-async line configuration command. |
| Private Line | Corresponds to the private line configuration command. |
| Refuse Suppress-GA | Corresponds to the telnet refuse line configuration command. |
| Receives Logging Output | Corresponds to the monitor configuration line configuration command. |
| Refuse Telnet Echo | Corresponds to the telnet refuse line configuration command. |
| Send BREAK on IP | Corresponds to the telnet break-on-ip line configuration command. |
| SLIP allowed | Corresponds to the slip address xxxx line configuration command. |
| Software Flowcontrol In | Corresponds to the flowcontrol software in line configuration command. |
| Software Flowcontrol Out | Corresponds to the flowcontrol software out line configuration command. |
| Telnet Transparent Mode | Corresponds to the telnet transparent line configuration command. |
The following line of output indicates the modem state. Possible values include Autobauding, Carrier Dropped, Hanging Up, Idle, and Ready.
Modem state: Ready
The following lines of output indicate the special characters that can be entered to activate various terminal operations. Where two caret (^^) symbols are shown together, the first caret represents the Control key and the second caret represents the keystroke sequence Shift-6. The double caret combination (^^) means hold down the Control key while you press the Shift and the 6 key. The none or hyphen (-) values imply that no special characters are set.
Special Chars: Escape Hold Stop Start Disconnect Activation
^^x none - - none
The following lines of output indicate the timeout values that have been configured for the line:
Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch
never never 0:00:15 not imp not set
Table 4-8 describes the fields in the preceding lines of output.
| Field | Descriptions |
|---|---|
| Idle EXEC | Interval the EXEC command interpreter waits for user input before resuming the current connection, or if no connections exist, returning the terminal to the idle state and disconnecting the incoming session. This interval is set using the exec-timeout line configuration command. |
| Idle Session | Interval that the remote access server waits for traffic before closing the connection to a remote computer and returning the terminal to an idle state. This interval is set using the session-timeout line configuration command. |
| Modem Answer | Interval during which the remote access server raises DTR in response to RING and the modem response to CTS. This interval is set using the modem answer-timeout line configuration command. |
| Session | Not implemented in this release. |
| Dispatch | Number of milliseconds the remote access server waits after putting the first character into a packet buffer before sending the packet. This interval is set using the dispatch-timeout configuration command. |
The following lines of output indicate how various options have been configured:
Session limit is not set.
Allowed transports are telnet rlogin. Preferred is telnet
No output characters are padded
This section describes the following commands, which monitor LAT connections:
Use the show service command to display specific LAT learned services:
show service [service-name]| service-name | (Optional) Name of a specific LAT service. |
The show service command without a service name displays a list of known LAT learned services. When entered with the service-name argument, it displays a more detailed status of the named service. If no LAT learned service by the specified name is known, a lookup is done for an IP host of that name.
The following is sample output from the show service command:
cs> show service
Service Name Status Identification
BLUE Available Welcome to VAX/VMS V5.4
CHAOS Available
MRL12 Available
MUDDY-RIVER Available
STELLA-BLUE Available Welcome to VAX/VMS V5.4
The following is sample output from the show service command for a specified service:
cs> show service blue
Service BLUE - Available
Node Name Status Rating Identification
BLUE reachable 84 Welcome to VAX/VMS V5.4
Table 4-9 describes significant fields shown in the two previous displays.
| Field | Description |
|---|---|
| Service Name | Name of the service. |
| Status | Status of the service: Available or Unknown when the command is entered without a service name. Available, Unknown, Initializing, or Unreachable when the command is entered with a service name. |
| Identification | Identification string. |
| Node Name | Name of the nodes advertising the service. |
| Rating | Rating of the service: An integer from 0 to 255, with the highest number being the preferred service. Used for load balancing. |
Use the show lat services command on a server to display information on learned LAT services.
show lat servicesThe following is sample output from the show lat services command:
sloth# show lat services
Service Name Rating Interface Node (Address)
ABCDEFGHIJ 5 Ethernet0 CONFUSED (0000.0c00.391f)
GLAD 84 Ethernet0 BLUE (aa00.0400.9205)
Ident: Welcome to Big Blue Gateway
WHEEL 83 Ethernet0 WHEEL (aa00.0400.9005)
ZXYW 5 Ethernet0 CONFUSED (0000.0c00.391f)
Table 4-10 describes significant fields shown in this display.
| Field | Description |
|---|---|
| Service Name | LAT service name. |
| Rating | Rating of the service. If a single service is provided by more than one host, the remote access server will connect to the one with the highest rating. |
| Interface | Interface type. |
| Node | Connection address. |
| (Address) | Advertised identification for the service. |
The EXEC command show lat sessions displays active LAT sessions. The command has the following syntax:
show lat sessions [line-number]| line-number | (Optional) Shows an active LAT session on a specific line. |
The following is sample output from the show lat sessions command. In this example, information about all active LAT sessions is displayed. The output is divided into three sections for each session (in this case two): TTY data, sessions data, and remote node data.
cs> show lat sessions
tty0, connection 1 to service TERM1
TTY data:
Name "0", Local usage 1/0, Remote usage disabled
Flags: Local Connects, Enabled
Type flags: none
Config flags: -FlowOut, -FlowIn, Parameter Info
Flow control ^S/^Q in ^S/^Q out, Mode Normal, Parity None, databits 8
Groups: 0
Session data:
Name TERM1, Remote Id 1, Local Id 1
Remote credits 2, Local credits 0, Advertised Credits 2
Flags: none
Max Data Slot 255, Max Attn Slot 255, Stop Reason 0
Remote Node data:
Node "TERM1", Address 0000.0C00.291F, usage 1
Timer 59, sequence 5, changes 159, flags 0x0, protocol 5.1
Recv 56/22/83, Xmit 41/23/14, 0 Dups, 0 ReXmit
Groups: 0
tty10, connection 1 to service ENG2
TTY data:
Name "10", Local usage 1/0, Remote usage disabled
Flags: Local Connects, Enabled
Type flags: none
Config flags: -FlowOut, +FlowIn, Set Parameters, 0x40000000
Flow control ^S/^Q in ^S/^Q out, Mode Normal, Parity None, databits 8
Groups: 0
Session data:
Name ENG2, Remote Id 1, Local Id 1
Remote credits 1, Local credits 0, Advertised Credits 2
Flags: none
Max Data Slot 255, Max Attn Slot 255, Stop Reason 0
Remote Node data:
Node "ENG2", Address AA00.0400.34DC, usage 1
Timer 179, sequence 60, changes 255, flags 0x0, protocol 5.1
Recv 58/29/186, Xmit 50/36/21, 0 Dups, 0 ReXmit
Groups: 0
The following sample output displays information about active LAT sessions on one line, line 10. The output is divided into three sections: TTY data, sessions data, and remote node data.
cs# show lat sessions 10
tty10, connection 1 to service ENG2
TTY data:
Name "10", Local usage 1/0, Remote usage disabled
Flags: Local Connects, Enabled
Type flags: none
Config flags: -FlowOut, +FlowIn, Set Parameters, 0x40000000
Flow control ^S/^Q in ^S/^Q out, Mode Normal, Parity None, databits 8
Groups: 0
Session data:
Name ENG2, Remote Id 1, Local Id 1
Remote credits 1, Local credits 0, Advertised Credits 2
Flags: none
Max Data Slot 255, Max Attn Slot 255, Stop Reason 0
Remote Node data:
Node "ENG2", Address AA00.0400.34DC, usage 1
Timer 189, sequence 61, changes 247, flags 0x0, protocol 5.1
Recv 60/29/186, Xmit 52/36/21, 0 Dups, 0 ReXmit
Groups: 0
Table 4-11 describes the screen output for the preceding two examples.
| Field | Description |
|---|---|
| TTY data | Summary of the LAT-oriented terminal-line specific data. |
| Name | Name used for this port as a port identification string. This is reported to remote systems, which may display it in some operating-system dependent manner. This is also the value used for targets of host-initiated connections. Currently, this value is hard-wired to be the line number of the associated terminal line. |
| Remote/Local usage | Current status of the terminal. The number is reported as current/maximum, where current is the current number of sessions of a given type, and maximum is the maximum number of sessions allowed, or zero if there is no maximum. If a terminal is being used for outgoing sessions, the local usage is equal to the number of current LAT sessions. If the terminal is being used for incoming sessions, local usage will be disabled, and the remote count and maximum will be one. |
| Flags | Current state of the line, and whether there are any queued host-initiated connections. |
| Type flags | Report flags not used in the current software release. |
| Config flags | Current port state as reflected by the most recent configuration message exchange. |
| Flow control | Lists set flow control characters. |
| Groups | Group code list currently in use for the line. |
| Session data | Reports various parameters about the connection. |
| Name | For the outbound connection, the name of the remote service to which it is connected. For inbound connections, this field is currently unused. |
| Remote/Local ID | Slot IDs being used to uniquely identify the session multiplexed over the underlying LAT virtual circuit. |
| Remote/Local advertised credits | Number of flow control credits that the remote access server will be sending to the host as soon as possible. The advertised credits are the number of credits that have already been extended. |
| Flags | Transient conditions in the LAT state machine dealing with the current connection status. |
| Max Data Slot | Maximum number of characters that can be sent in a single data slot. |
| Max Attn Slot | Maximum amount of data that can be sent in an attention message because current LAT implementations only send one-byte attention messages (attention messages are used to flush buffered output); a nonzero value means that remote data flushing can be used; a zero means that it cannot. |
| Stop Reason | Reason the session was stopped, if it has been stopped but not deleted. This value is usually zero, indicating that the session has not been stopped yet. If a session persists for a long time with a nonzero stop reason, this generally indicates a problem in the local LAT software. |
| Remote Node data | Reports information about the remote node. The data includes the same fields as those from the show lat nodes output. |
| Node | Node name as reported by the host computer. |
| Address | MAC address of the node's Ethernet interface. |
| usage | Number of virtual circuits currently active to the node. |
| Timer | Number of seconds remaining until the node's service advertisement message will time out; this value is set to three times the nodes multicast timer value whenever a new service advertisement message is received. |
| sequence | Sequence number received in the last service advertisement message received. Nodes increment their sequence number when the contents of the service advertisement change. |
| changes | Internal representation of what changed in the multicast message the last time the sequence number changed. |
| flags | Internal representation of various state information about the node. |
| protocol | LAT protocol version used by the node. |
| Recv and Xmit | Number of messages, slots, and bytes received or transmitted to the node. The number of messages is the number of LAT virtual circuit messages. Each virtual circuit message contains some number of slots, which contain actual terminal data or control information. |
| Dups | Number of duplicate virtual circuit messages received. |
| ReXmit | Number of virtual circuit messages retransmitted. |
| Groups | Group codes advertised by the node's service advertisement message. |
This section describes the show tcp command.
Use the show tcp command to display the status of a TCP connection.
show tcp [line-number]| line-number | (Optional) Displays (in octal) the status of the TCP connections for a particular line. |
The following is sample output from the show tcp command:
sloth# show tcp
con0 (console terminal), connection 1 to host MATHOM
Connection state is ESTAB, I/O status: 1, unread input bytes: 1
Local host: 192.31.7.18, 33537 Foreign host: 192.31.7.17, 23
Enqueued packets for retransmit: 0, input: 0, saved: 0
Event Timers (current time is 2043535532):
Timer: Retrans TimeWait AckHold SendWnd KeepAlive
Starts: 69 0 69 0 0
Wakeups: 5 0 1 0 0
Next: 2043536089 0 0 0 0
iss: 2043207208 snduna: 2043211083 sndnxt: 2043211483 sndwnd: 1344
irs: 3447586816 rcvnxt: 3447586900 rcvwnd: 2144 delrcvwnd: 83
RTTO: 565 ms, RTV: 233 ms, KRTT: 0 ms, minRTT: 68 ms, maxRTT: 1900 ms
ACK hold: 282 ms
Datagrams (max data segment is 536 bytes):
Rcvd: 106 (out of order: 0), with data: 71, total data bytes: 83
Sent: 96 (retransmit: 5), with data: 92, total data bytes: 4678
Table 4-12 describes the following lines of output shown in the display:
con0 (console terminal), connection 1 to host MATHOM
Connection state is ESTAB, I/O status: 1, unread input bytes: 1
Local host: 192.31.7.18, 33537 Foreign host: 192.31.7.17, 23
Enqueued packets for retransmit: 0, input: 0, saved: 0
| Field | Description |
|---|---|
| con0 | Line number. |
| (console terminal) | Location string. |
| connection 1 | Number identifying the TCP connection. |
| to host MATHOM | Name of the remote host to which the connection is made. |
| Connection state is ESTAB | A connection progresses through a series of states during its lifetime. The states include the following:
|
|
|
For more information, see RFC 793, Transmission Control Protocol Functional Specification. |
| I/O status: 1 | Number describing the internal status of the connection. |
| unread input bytes: 1 | Number of bytes that the lower-level TCP processes have read, but the higher-level TCP processes have not yet processed. |
| Local host: 192.31.7.18 | IP address of the network server. |
| 33537 | Local port number, as derived from the following equation: line-number + (512 * random-number). The line number uses the lower nine bits; the other bits are random. |
| Foreign host: 192.31.7.17 | IP address of the remote host to which the TCP connection has been made |
| 23 | Destination port for the remote host. |
| Enqueued packets for retransmit: 0 | Number of packets waiting on the retransmit queue. These are packets on this TCP connection that have been sent but not yet acknowledged by the remote TCP host. |
| input: 0 | Number of packets waiting on the input queue to be read by the user. |
| saved: 0 | Number of received out-of-order packets waiting for all packets comprising the message to be received before they enter the input queue. For example, if packets 1, 2, 4, 5, and 6 have been received, packets 1 and 2 would enter the input queue, and packets 4, 5, and 6 would enter the saved queue. |
The following line of output shows the current time according to the system clock of the local host.
Event Timers (current time is 2043535532):
The following lines of output display the number of times that various local TCP timeout values were reached during this connection. In this example, the router retransmitted 69 times because it received no response from the remote host, and it transmitted an ACK many more times because there was no data on which to piggyback. Table 4-13 describes the fields in the following lines of output:
Timer: Retrans TimeWait AckHold SendWnd KeepAlive
Starts: 69 0 69 0 0
Wakeups: 5 0 1 0 0
Next: 2043536089 0 0 0 0
| Field | Description |
|---|---|
| Timer | Names of the timers in the display. |
| Retrans | Determines how long a transmitted frame can remain unacknowledged before the remote access server polls for an acknowledgment. |
| TimeWait | Determines how long the local TCP connection waits to be sure the remote TCP host has received the acknowledgment of its connection termination request. |
| AckHold | Number of times the system failed to piggyback data on required a TCP acknowledgment. Such piggybacking can significantly reduce network traffic. |
| SendWnd | Timers have to do with sending "zero window probes." Essentially, this reflects how often we send more data to the remote host than it can handle in the time it takes us to send it. For most normal remote access server applications, these will likely stay zero. |
| KeepAlive | Determines the frequency (in seconds) at which the remote access server sends messages to itself (Ethernet and Token Ring) or to the other end (serial) to ensure that a network interface is alive. The keepalive interface configuration command is used to set this timer. |
| Starts | Number of times the timer has been started during this connection. |
| Wakeups | Number of keepalives that have been transmitted without receiving any response. This field is reset to zero when a response is received. |
| Next: | System clock setting that triggers the next time this timer will go off. |
The following lines of output display the sequence numbers that TCP uses to ensure sequenced, reliable transport of data. The remote access server and remote host each use these sequence numbers for flow control and to acknowledge receipt of datagrams. Table 4-14 describes the fields in this output.
iss: 2043207208 snduna: 2043211083 sndnxt: 2043211483 sndwnd: 1344
irs: 3447586816 rcvnxt: 3447586900 rcvwnd: 2144 delrcvwnd: 83
| Field | Description |
|---|---|
| iss: 2043207208 | Initial send sequence number. |
| snduna: 2043211083 | Last send sequence number the remote access server has sent but for which it has not received an acknowledgment. |
| sndnxt: 2043211483 | Sequence number the router will send next. |
| sndwnd: 1344 | TCP window size of the remote host. |
| irs: 3447586816 | Initial receive sequence number. |
| rcvnxt: 3447586900 | Last receive sequence number the remote access server has ACKed. |
| rcvwnd: 2144 | The remote access server's TCP window size. |
| delrcvwnd: 83 | Delayed receive window--data the remote access server has read from the connection, but has not yet subtracted from the receive window the router has advertised to the remote host. The value in this field gradually increases until it is larger than a full-sized packet, at which point it is applied to the rcvwnd field. |
The following lines of output show the values that the router uses to keep track of transmission times so that TCP can adjust to the network it is using. Table 4-15 describes the fields in this output.
RTTO: 565 ms, RTV: 233 ms, KRTT: 0 ms, minRTT: 68 ms, maxRTT: 1900 ms
ACK hold: 282 ms
| Field | Descriptions |
|---|---|
| RTTO: 565 ms | Round-trip timeout. |
| RTV: 233 ms | Variance of the round-trip time. |
| KRTT: 0 ms | New round-trip timeout (using the Karn algorithm). This field separately tracks the round trip time of packets that have been retransmitted. |
| minRTT: 68 ms | Smallest recorded round-trip timeout (hard wire value used for calculation). |
| maxRTT: 1900 ms | Largest recorded round-trip timeout. |
| ACK hold: 282 ms | Time the remote access server will delay an ACK in order to piggyback data on it. |
For more information on these fields, refer to the article "Round Trip Time Estimation," P. Karn & C. Partridge, ACM SIGCOMM-87, August 1987.
Table 4-16 describes the fields in the following lines of output:
Datagrams (max data segment is 536 bytes):
Rcvd: 106 (out of order: 0), with data: 71, total data bytes: 83
Sent: 96 (retransmit: 5), with data: 92, total data bytes: 4678
| Field | Description |
|---|---|
| Datagrams | Datagrams sent and received on the line |
| Rcvd | Number of datagrams the local host has received during this connection (and the number of these datagrams that were our of order) |
| with data | Number of datagrams that contained data |
| total data bytes | Total number of bytes of data in the transmitted datagrams |
| Sent (and retransmitted) | Number of datagrams the local host sent during this connection (and the number of these datagrams that had to be retransmitted) |
| with data | Number of transmitted datagrams that contained data |
| total data bytes | Total number of bytes of data in the transmitted datagrams |
This section lists the following commands, with which you monitor XRemote connections:
You can use the command show xremote to list XRemote connections and monitor XRemote traffic through the networking hardware. This command provides XRemote parameters applied to the entire system as well as statistics that are pulled for all active XRemote connections. The syntax for this command is as follows:
show xremoteThe following is sample output from the show xremote command:
CS> show xremote
XRemote server-wide parameters:
Font buffersize: 72000 Font retries: 3
Font memory errors: 0
TFTP font load statistics for host 131.108.1.111:
Bytes read: 2697239 Files read: 258
Network errors: 4 File errors: 0
LAT font load statistics for service WHEEL, incarnation 5:
Bytes read 182401 Files read: 14
Protocol errors: 0 Insufficient memory: 0
XRemote statistics for tty2:
Current clients: 9 Total clients: 17
Requesting client: 5 Current request size: 0
Replying client: 6 Current reply size: 0
XDM state: 10 Next timeout: 172460
Retransmit counter: 0 Local UDP port: 53616
Keepalive dormancy: 180 Session id: 94
Unread input: 0 Unwritten output: 0
Input buffer size: 1024 Output buffer size: 108
Protocol version: 2 Line state: Connected
Transmit packets: 50768 Receive packets: 49444
Transmit errors: 0 Receive errors: 37
Retransmissions: 403 Receive out of sequence: 76
Round trip time: 383 Retransmit interval: 766
Transmit window: 7 Receive window: 7
Transmit next: 6 Receive next: 3
Transmit unacked: 6 Receive unacked: 0
Connection 0 - TCP connection from 131.108.1.55 [Display Manager]
Client state: CS_ACTIVE Byte order: MSBfirst
Unread input: 0 Unwritten output: 0
Input buffer size: 1024 Output buffer size: 1024
Connection 1 - TCP connection from 131.108.1.55
Client state: CS_ACTIVE Byte order: MSBfirst
Unread input: 0 Unwritten output: 0
Input buffer size: 1024 Output buffer size: 1024
Connection 2 - TCP connection from 131.108.1.55
Client state: CS_ACTIVE Byte order: MSBfirst
Unread input: 0 Unwritten output: 0
Input buffer size: 1024 Output buffer size: 1024
Connection 3 - LAT connection from WHEEL
Client state: CS_ACTIVE Byte order: LSBfirst
Unread input: 0 Unwritten output: 0
Input buffer size: 1024 Output buffer size: 1024
Table 4-17 describes the fields shown in the sample output.
| Field | Description |
|---|---|
| XRemote server-wide parameters | XRemote parameters that apply to the remote access server. |
| Font buffersize | XRemote font buffer size, as specified using the xremote tftp buffersize global configuration command. |
| Font retries | Number of retries the font loader (host) will attempt before declaring an error condition. |
| Font memory errors | Number of font memory error conditions that have been declared for the remote access server. |
| TFTP font load statistics | XRemote statistics for fonts that have been loaded from a TFTP font server at the IP address shown. |
| Bytes read | Number of bytes the host read in order to load the fonts. |
| Files read | Number of files the host read in order to load the fonts. |
| Network errors | Errors that arise from TFTP network connection failures. |
| File errors | Bad-format font file errors. |
| Protocol errors | LAT font loading protocol errors when talking to the font server on VMS. |
| XRemote statistics for tty | XRemote statistics for the specified line. |
| Current clients | Number of clients using this line for active Xremote sessions. |
| Total clients | Number of clients using this line for active Xremote sessions. |
| Requesting client | Number of clients requesting Xremote service. |
| Retransmit counter | Number of times that an Xremote connection request was retransmitted. |
| Local UDP port | Number assigned to the local UDP port. |
| Keepalive dormancy | Amount of time between keepalive messages. |
| Client state | XRemote state. |
| Byte order | Byte ordering used between the X Server (the X Terminal) and the X Client (the UNIX host). |
| LSBfirst | Little Endian byte ordering. |
| MSBfirst | Big Endian byte ordering. |
You can use the command show xremote line with a line number to list XRemote connections and monitor XRemote traffic for specific lines on a remote access server. The syntax for this command is as follows:
show xremote line number| number | Decimal value representing virtual terminal lines on a remote access server. |
The following is sample output from a show xremote line command when XRemote is enabled on a communication server and XRemote sessions are active. Only information about an individual terminal line is provided. Table 4-17 describes the fields in the display:
CS# show xremote line 3
Xremote statistics for tty3:
Current clients: 11 Total clients: 19
Requesting client: 10 Current request size: 0
Replying client: 10 Current reply size: 0
XDM state: 10 Next timeout: 173304
Retransmit counter: 0 Local UDP port: 28384
Keepalive dormancy: 180 Session id: 29
Unread input: 0 Unwritten output: 0
Input buffer size: 1024 Output buffer size: 108
Protocol version: 2 Line state: Connected
Transmit packets: 28875 Receive packets: 18644
Transmit errors: 0 Receive errors: 13
Retransmissions: 53 Receive out of sequence: 41
Round trip time: 384 Retransmit interval: 768
Transmit window: 7 Receive window: 7
Transmit next: 2 Receive next: 7
Transmit unacked: 2 Receive unacked: 0
Connection 0 - TCP connection from 131.108.1.27 [Display Manager]
Client state: CS_ACTIVE Byte order: MSBfirst
Unread input: 0 Unwritten output: 0
Input buffer size: 1024 Output buffer size: 1024
Connection 1 - TCP connection from 131.108.1.27
Client state: CS_ACTIVE Byte order: MSBfirst
Unread input: 0 Unwritten output: 0
Input buffer size: 1024 Output buffer size: 1024
Connection 2 - TCP connection from 131.108.1.27
Client state: CS_ACTIVE Byte order: MSBfirst
Unread input: 0 Unwritten output: 0
Input buffer size: 1024 Output buffer size: 1024
This section describes the show x25 pad command.
Use the show x25 pad command to display information about current open connections. This information includes packet transmissions, X.3 parameter settings, and information about the current status of virtual circuits. The syntax for this command is as follows:
show x25 padThe following is sample output from the show x25 pad command:
sloth# show x25 pad
tty2, Incoming PAD connection
Total input: 61, control 6, bytes 129. Queued: 0 of 7 (0 bytes).
Total output: 65, control 6, bytes 696.
Flags: 1, State: 3, Last error: 1
ParamsIn: 1:1, 2:0, 3:2, 4:1, 5:1, 6:0, 7:21,
8:0, 9:0, 10:0, 11:14, 12:0, 13:0, 14:0, 15:1,
16:127, 17:21, 18:18, 19:0, 20:0, 21:0, 22:0,
ParamsOut: 1:1, 2:1, 3:2, 4:1, 5:0, 6:0, 7:4,
8:0, 9:0, 10:0, 11:14, 12:0, 13:0, 14:0, 15:0,
16:127, 17:21, 18:18, 19:0, 20:0, 21:0, 22:0,
LCI: 1, State: D1, Interface: Serial0
Started 0:11:10, last input 0:00:16, output 0:00:16
Connected to 313700540651
Window size input: 7, output: 7
Packet size input: 512, output: 512
PS: 1 PR: 5 ACK: 5 Remote PR: 1 RCNT: 0 RNR: FALSE
Retransmits: 0 Timer (secs): 0 Reassembly (bytes): 0
Held Fragments/Packets: 0/0
Bytes 696/129 Packets 65/61 Resets 0/0 RNRs 0/0 REJs 0/0 INTs 0/0
Table 4-18 describes significant fields shown in the output in the display.
| Field | Description |
|---|---|
| Total input/output | Number of packets received or sent for the connection. |
| Control | Number of packets with Qbit set (X.29 control packets). |
| Bytes | Number of bytes in each direction. |
| Queued | Number of unread packets waiting for the connection. |
| Waiting to send | Local data packet bit not sent (part of a line). |
| Flags, state, last error | Displays data for detecting errors and tracing initialization status. Only useful to your technical support personnel. |
| Params In | Parameters read from the PAD at the start of the connection. |
| ParamsOut | Active X.3 parameters. |
| The line beginning LCI: | Status of the X.25 virtual circuit associated with the PAD connection, and is the same display as for the show x25 vc command. |
This section describes the following connection management activities, which apply to all supported transmission protocols:
You can assign a logical name to a connection. This can be useful for keeping track of multiple connections. To name a connection, issue the following command:
name-connectionYou will be prompted for the connection number and name to assign. The where command displays a list of the assigned logical connection names.
Escape out of a connection when you want to switch to another connection. Enter the escape sequence (Ctrl-^ X by default), to return to the system command prompt.
To make a new connection or switch between connections, refer to the chapter "Connecting to a Host through a Remote Access Server," earlier in this publication.
Both the resume command and the x3 command let you set X.3 PAD parameters. These parameters are numbered from 1 through 18. Table 4-19 describes these parameters.
The resume command has the following syntax when setting X.3 parameters:
resume [connection] [/set parameter:value]| connection | (Optional) Name or number of the connection; the default is the most recent connection. |
| /set parameter:value | (Optional) Sets PAD parameters for the protocol translator. |
The x3 command has the following syntax:
x3 parameter:value| parameter:value | Sets the PAD parameters. |
| Parameter | Action | Value | Description |
|---|---|---|---|
| 1 | Escape from Data Transfer | Not supported. | |
| 2 | Local Echo Mode
| 0
1 | No local echo (incoming PAD connection default).
Local echo on (outgoing connection default). |
| 3 | Data Forward Character
| 0
1 2 4 8 16 32 64 | None--full packet.
Forward packet on receipt of an alphanumeric character. Forward packet on receipt of a RETURN (outgoing connection default). Forward packet on receipt of ESCAPE, BEL, ENQ, or ACK. Forward packet on receipt of DEL, CAN, or DC2. Forward packet on receipt of ETX or EOT. Forward packet on receipt of HT, LT, VT, or FF. All other characters in the ASCII chart. |
| 4 | Idle Timer | 0
1-255 | No timer.
Delay value in twentieths of a second (default for both connection types is 1). |
| 5 | Device Control | Not supported. | |
| 6 | PAD Service Signals | Not supported. | |
| 7 | Receipt of BREAK | 0
1 2 4 8 16 21 | Ignore the BREAK signal.
Transmit an INTERRUPT packet to notify the remote host or another PAD that the BREAK signal has been generated. Transmit a RESET packet to reset the virtual circuit. Transmit an X.29 break indication to the remote host, or to a PAD (outgoing connection default). Escape from data transfer mode. Discard output to the terminal by setting parameter 8 to a value of 1. Combination of values 1, 4 and 16 (incoming connection default). |
| 8 | Discard Output | 0 1 | Normal data delivery to the terminal (outgoing connection default).
Discard all output to the terminal; set by parameter 7. |
| 9 | Return Padding | Not supported. | |
| 10 | Line Folding | Not supported. | |
| 11 | Baud Rate | 10
5 9 0 1 6 8 2 4 3 7 11 12 13 14 15 16 17 18 | 50 baud
75 baud 100 baud 110 baud 134.5 baud 150 baud 200 baud 300 baud 6001 baud 1200 baud 1800 baud 75/12002 baud 2400 baud 4800 baud 9600 baud 19200 baud 48000 baud 56000 baud 64000 baud |
| 12 | Input Flow Control | Not supported. | |
| 13 | Line Feed Insertion | 0
1 2 4 | Do not insert (outgoing connection default).
Insert after transmitting RETURN to the terminal. Insert after echoing RETURN to the terminal. Insert after echoing RETURN to the remote host. |
| 14 | Line Feed Padding | Not supported. | |
| 15 | Local Editing | 0
1 | Disables editing capabilities.
Enables editing capabilities. |
| 16 | Character Delete | 0-127 | Select one ASCII character. Default is ASCII 127 (DEL). |
| 17 | Line Delete | 0-127 | Select one ASCII character. Default is ASCII 21 (CTRL-U). |
| 18 | Line Display | 0-127 | Select one ASCII character. Default is ASCII 18 (CTRL-R). |
For outgoing connections, the X.3 parameters default to the following:
2:1, 3:2, 4:1, 7:4, 16:127, 17:21, 18:19
All other parameters default to zero, but can be changed using the /set switch with either the resume command or the x3 command.
For incoming PAD connections, the software sends an X.29 SET PARAMETER packet to set only the following parameters:
2:0, 4:1, 7:21, 15:0
For a complete description of the X.3 PAD parameters, refer to the configuration guide or command reference manual for your server product.
The following example illustrates how to reset the outgoing connection default for local echo mode on a router.
router> resume 3 /set 2:1
The /set switch sets the X.3 parameters defined by parameter number and value, separated by a colon.
You can change your login username if you must match outgoing access list requirements or other login prompt requirements. To change a login username, enter the login user EXEC command at the system prompt.
When you enter this command, the system prompts you for a username and password. Enter the new username and the original password. If the username does not match, but the password does, the session changes to the new username with which the login command attempt was made.
If no username and password prompt appears, your administrator did not specify that a username and password be required at login time. If both the username and password are entered correctly, the session becomes associated with the specified username.
When you access a system with TACACS security, you can enter your login name or specify a TACACS server by using the following command when the "Username:" prompt appears:
user @tacacs-serverThe server must be one of the servers defined in a remote access server configuration. For more information, refer to the section "Specify a TACACS Host" later in this chapter, or refer to the tacacs-server host command in the publications Communication Server Command Reference or Protocol Translator Configuration Guide and Command Reference.
If you do not specify a host, the remote access server will try each of the TACACS servers in the list until it receives a response.
If you do specify a host and that host does not respond, no other TACACS server will be queried. The remote access server will either deny access or behave according to the action specified by the tacacs-server last-resort command, if there is one configured.
If you specified a TACACS server host with the user @tacacs-server argument, the TACACS server specified will be used for all subsequent authentication or notification queries, with the possible exception of SLIP address queries.
The following example shows how login usernames and passwords can be changed. In this case, a user currently logged on under the username webster attempts to change the login name being used to sloan. After entering the login command, the user enters the new username, but enters an incorrect password. Because the password does not match the original password, the system rejects the attempt to change the username.
CS> login
Username: sloan
Password:
% Access denied
Still logged in as "webster"
Next, the user attempts the login change again, using the user name sloan, but enters the correct (original) password. This time the password matches the current login information, the login username is changed to sloan, and the user is allowed access to the EXEC at the user-level.
CS> login
Username: sloan
Password:
cs>
You can prevent access to your session while keeping your connection open by setting up a temporary password. To lock access to the terminal, follow this procedure:
Step 1 Issue the lock command.
When you issue this command, the system prompts you for a password.
Step 2 Enter a password, which can be any arbitrary string.
The screen clears and displays the message "Locked."
Step 3 To regain access to your sessions, re-enter the password.
The remote access server honors session timeouts on a locked line. You must clear the line to remove this feature. The system administrator must set the line up to allow use of the temporary locking feature.
You can specify a TACACS host when you dial in or use the login command. Only the specified host will be searched for user authentication information.
To specify the name of a TACACS host at login, issue the following command:
user @hostname| @hostname | Address or logical name of the TACACS host. |
In the following example, user Imran specifies the TACACS host host1 to authenticate the password.
george> login
Username: imran@host1
Translating "HOST1"...domain server (131.108.1.111) [OK]
You can send messages to one or all terminal lines. A common reason for doing this is to inform users of an impending shutdown. To send a message to other terminals, issue the following command:
send {line-number | *}| line-number | Line number to which the message will be sent. |
| * | Message will be sent to all lines. |
The system prompts for the message, which can be up to 500 characters long. Enter Ctrl-Z to end the message. Enter Ctrl-C to abort the command.
You can issue any of the following commands to terminate an active terminal session:
exit quit logoutTo log out of either a remote access server, enter the following command at the server prompt:
Ctrl-]When the telnet> prompt appears, type quit.
To disconnect a line, issue the following command:
disconnect [connection]| connection | (Optional) Line to be disconnected. |
Do not disconnect a line to end a session. Instead, log off the host, thus allowing the remote access server to clear the connection. Then end the session. If you cannot log out of an active session, disconnect the line.
|
|