- tacacs+ enable
- tacacs-server deadtime
- tacacs-server directed-request
- tacacs-server host
- tacacs-server key
- tacacs-server timeout
- tail
- telnet
- template data timeout
- terminal event-manager bypass
- terminal length
- terminal monitor
- terminal session-timeout
- terminal terminal-type
- terminal tree-update
- terminal width
- test aaa
- track network-state
- track network-state interval
- track network-state threshold miss-count
- track network-state split action
- traceroute
- traceroute6
- transport ip address external
- transport udp (NetFlow)
- type
T Commands
This chapter describes the Cisco Nexus 1000V commands that begin with the letter T.
tacacs+ enable
To enable Terminal Access Controller Access Control System Plus (TACACS+), use the tacacs+ enable command. To disable TACACS+, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enable TACACS+:
n1000v#
configure terminal
This example shows how to disable TACACS+:
n1000v#
configure terminal
Related Commands
tacacs-server deadtime
To set a periodic time interval where a nonreachable (nonresponsive) Terminal Access Controller Access Control System Plus (TACACS+) server is monitored for responsiveness, use the tacacs-server deadtime command. To disable the monitoring of the nonresponsive TACACS+ server, use the no form of this command.
tacacs -server deadtime minutes
no tacacs -server deadtime minutes
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Setting the time interval to zero disables the timer. If the dead-time interval for an individual TACACS+ server is greater than zero (0), that value takes precedence over the value set for the server group.
When the dead-time interval is 0 minutes, TACACS+ server monitoring is not performed unless the TACACS+ server is part of a server group and the dead-time interval for the group is greater than 0 minutes.
In global configuration mode, you must first enable the TACACS+ feature, by using the tacacs+ enable command, before you can use any of the other TACACS+ commands to configure the feature.
Examples
This example shows how to configure the dead-time interval and enable periodic monitoring:
This example shows how to revert to the default dead-time interval and disable periodic monitoring:
Related Commands
|
|
---|---|
Sets a dead-time interval for monitoring a nonresponsive TACACS+ server. |
|
tacacs-server directed-request
To allow users to send authentication requests to a specific Terminal Access Controller Access Control System Plus (TACACS+) server when logging in, use the radius-server directed request command. To revert to the default, use the no form of this command.
tacacs -server directed-request
no tacacs -server directed-request
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
In global configuration mode, you must first enable the TACACS+ feature, by using the tacacs+ enable command, before you can use any of the other TACACS+ commands to configure the feature.
The user can specify the username@vrfname : hostname during login, where vrfname is the virtual routing and forwarding (VRF) name to use and hostname is the name of a configured TACACS+ server. The username is sent to the server name for authentication.
Note If you enable the directed-request option, the Cisco Nexus 1000V device uses only the RADIUS method for authentication and not the default local method.
Examples
This example shows how to allow users to send authentication requests to a specific TACACS+ server when logging in:
This example shows how to disallow users to send authentication requests to a specific TACACS+ server when logging in:
Related Commands
|
|
---|---|
tacacs-server host
To configure Terminal Access Controller Access Control System Plus (TACACS+) server host parameters, use the tacacs-server host command. To revert to the defaults, use the no form of this command.
tacacs-server host { hostname | ipv4-address | ipv6-address }
[ key [ 0 | 7 ] shared-secret ] [ port port-number ]
[ test { idle-time time | password password | username name }]
[ timeout seconds ]
no tacacs-server host { hostname | ipv4-address | ipv6-address }
[ key [ 0 | 7 ] shared-secret ] [ port port-number ]
[ test { idle-time time | password password | username name }]
[ timeout seconds ]
Syntax Description
Defaults
|
|
Command Modes
Command History
|
|
Usage Guidelines
You must use the tacacs+ enable command before you configure TACACS+.
When the idle time interval is 0 minutes, periodic TACACS+ server monitoring is not performed.
Examples
This example shows how to configure TACACS+ server host parameters:
Related Commands
|
|
---|---|
tacacs-server key
To configure a global Terminal Access Controller Access Control System Plus (TACACS+) shared secret key, use the tacacs-server key command. To remove a configured shared secret, use the no form of this command.
tacacs-server key [ 0 | 7 ] shared-secret
no tacacs-server key [ 0 | 7 ] shared-secret
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
You must configure the TACACS+ preshared key to authenticate the device on the TACACS+ server. The length of the key is restricted to 63 characters and can include any printable ASCII characters (white spaces are not allowed). You can configure a global key to be used for all TACACS+ server configurations on the device. You can override this global key assignment by using the key keyword in the tacacs-server host command.
You must use the tacacs+ enable command before you configure TACACS+.
Examples
This example shows how to configure TACACS+ server shared keys:
Related Commands
|
|
---|---|
tacacs-server timeout
To specify the time between retransmissions to the Terminal Access Controller Access Control System Plus (TACACS+) servers, use the tacacs-server timeout command. To revert to the default, use the no form of this command.
no tacacs-server timeout seconds
Syntax Description
Seconds between retransmissions to the TACACS+ server. The range is from 1 to 60 seconds. |
Defaults
Command Modes
Command History
|
|
Usage Guidelines
You must use the tacacs+ enable command before you configure TACACS+.
Examples
This example shows how to configure the TACACS+ server timeout:
This example shows how to revert to the default TACACS+ server timeout:
Related Commands
|
|
---|---|
tail
To display the last lines of a file, use the tail command.
tail [ filesystem : [ // module / ]] [ directory / ] filename lines ]
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to display the last 10 lines of a file:
This example shows how to display the last 20 lines of a file:
Related Commands
|
|
---|---|
telnet
To create a Telnet session, use the telnet command.
telnet { ipv4-address | hostname } [ port-number ] [ vrf vrf-name ]
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
To use this command, you must enable the Telnet server using the feature telnet command.
Examples
This example shows how to start a Telnet session using an IPv4 address:
Related Commands
|
|
---|---|
template data timeout
To designate a timeout period for resending NetFlow template data, use the template data timeout command. To remove the timeout period, use the no form of this command.
Syntax Description
Defaults
Command Modes
Netflow flow exporter version 9 configuration (config-flow-exporter-version-9)
Command History
|
|
Examples
This example shows how to configure a 3600-second timeout period for resending NetFlow flow exporter template data:
n1000v#
configure terminal
This example shows how to remove the timeout period for resending NetFlow flow exporter template data:
n1000v#
configure terminal
Related Commands
|
|
---|---|
Designates NetFlow export version 9 in the NetFlow exporter. |
terminal event-manager bypass
To bypass the CLI event manager, use the terminal event-manager bypass command.
terminal event-manager byp ass
Syntax Description
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Examples
This example shows how to disable the CLI event manager:
Related Commands
|
|
---|---|
terminal length
To set the number of lines that appear on the screen, use the terminal length command.
Syntax Description
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Usage Guidelines
Examples
This example shows how to set the number of lines that appear on the screen:
n1000v#
terminal length 60
n1000v#
Related Commands
|
|
---|---|
terminal monitor
To enable logging for Telnet or Secure Shell (SSH), use the terminal monitor command. To disable logging, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
This command does not disable all messages from being printed to the console. Messages such as “module add” and “remove events” will still be logged to the console.
Examples
This example shows how to enable logging for Telnet or SSH:
Related Commands
|
|
---|---|
terminal session-timeout
To set session timeout, use the terminal session-timeout command.
Syntax Description
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Usage Guidelines
Examples
This example shows how to set session timeout:
n1000v#
terminal session-timeout 100
n1000v#
Related Commands
|
|
---|---|
terminal terminal-type
To specify the terminal type, use the terminal terminal-type command.
Syntax Description
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Examples
This example shows how to specify the terminal type:
n1000v#
terminal terminal-type vt100
n1000v#
Related Commands
|
|
---|---|
terminal tree-update
To update the main parse tree, use the terminal tree-update command.
Syntax Description
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Examples
This example shows how to update the main parse tree:
n1000v#
terminal tree-update
n1000v#
Related Commands
|
|
---|---|
terminal width
To set terminal width, use the terminal width command.
Syntax Description
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Examples
This example shows how to set terminal width:
n1000v#
terminal width 60
n1000v#
Related Commands
|
|
---|---|
test aaa
To test for accounting, authorization and authentication (AAA) on a RADIUS server or server group, use the test aaa command.
test aaa { group group-name user-name password | server radius address { user-name password | vrf vrf-name user-name password ]}}
Syntax Description
Defaults
Command Modes
network-admin
network-operator
Command History
|
|
Examples
This example shows how to test for AAA on RADIUS server:
n1000v#
Related Commands
|
|
---|---|
track network-state
To enable Network State Tracking (NST) for all Virtual Ethernet Modules (VEMs), configured with a virtual port channel host machine (vPC-HM) port profile, use the track network-state command. To disable NST, use the no form of this command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to enable NST for all VEMs configured with a vPC-HM port-profile:
n1000v#
configure terminal
n1000v(
config)#
track network-state
n1000v(config)#
show network-state tracking
Port- Network Tracking SG SG Tracking SG
Channel Mode Vlan ID State Interface Members
------- ------- -------- -- -------- --------- -----------------
Po1 ok 289 5 Active Eth3/6 Eth3/6
6 Active Eth3/7 Eth3/7
This example shows how to disable NST:
n1000v(
config)#
no track network-state
Related Commands
|
|
---|---|
track network-state interval
To specify an interval of time, from 1 to 10 seconds, between which Network State Tracking (NST) broadcasts are sent to pinpoint link failure on a port channel configured for a virtual port channel host machine (vPC-HM), use the track network-state interval command. To remove the configured interval, use the no form of this command.
track network-state interval intv
no track network-state interval
Syntax Description
Broadcast interval (from 1 to 10 seconds). The default is 5 seconds. |
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to specify an interval for sending NST broadcasts:
n1000v#
configure terminal
n1000v(
config)#
track network-state interval 8
n1000v(
config)#
This example shows how to remove the NST broadcast interval configuration:
n1000v#
configure terminal
n1000v(
config)#
no track network-state interval
n1000v(
config)#
Related Commands
|
|
---|---|
Enables NST for all VEMs, configured with a vPC-HM port profile. |
track network-state threshold miss-count
To specify the maximum number of Network State Tracking (NST) broadcasts that can be missed consecutively before a split network is declared, use the track network-state threshold miss-count command. To remove the configuration, use the no form of this command.
track network-state threshold miss-count count
no track network-state threshold miss-count
Syntax Description
Number of NST broadcasts that can be missed from 3 to 7. The default is 5. |
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to configure the maximum number of NST broadcasts that can be missed:
n1000v#
configure terminal
n1000v(
config)#
network-state tracking threshold miss-count 7
n1000v(
config)#
This example shows how to remove the configuration:
n1000v(
config)# no
network-state tracking threshold miss-count
n1000v(
config)#
Related Commands
|
|
---|---|
Enables NST for all VEMs, configured with a vPC-HM port profile. |
track network-state split action
To specify the action to take if a split network is detected by Network State Tracking (NST), use the track network-state split action command. To remove the configuration, use the no form of this command.
track network-state split action
no track network-state split action
Syntax Description
If a split network is detected by NST, the traffic is pinned to another uplink. (the default) |
|
If a split network is detected by NST, traffic is not repinned, and system messages are logged only. |
Defaults
Command Modes
Command History
|
|
Examples
This example shows how to specify the action to take if NST detects a split network:
n1000v#
configure terminal
This example shows how to remove the configuration:
n1000v(
config)# no
track network-state split action repin
n1000v(
config)#
Related Commands
|
|
---|---|
Enables NST for all VEMs, configured with a vPC-HM port profile. |
traceroute
To discover the routes that packets take when traveling to an IPv4 address, use the traceroute command.
traceroute { dest-ipv4-addr | hostname } [ vrf vrf-name ] [ show-mpls-hops ] [ source src-ipv4-addr ]
Syntax Description
Defaults
Uses the default VRF.
Does not show the MPLS hops.
Uses the management IPv4 address for the source address.
Command Modes
Command History
|
|
Usage Guidelines
To use IPv6 addressing for discovering the route to a device, use the traceroute6 command.
Examples
This example shows how to discover a route to a device:
Related Commands
|
|
---|---|
traceroute6
To discover the routes that packets take when traveling to an IPv6 address, use the traceroute6 command.
traceroute { dest-ipv6-addr | hostname } [ vrf vrf-name ] [ show-mpls-hops ] [ source src-ipv6-addr ]
Syntax Description
Defaults
Uses the default VRF.
Does not show the MPLS hops.
Uses the management IPv6 address for the source address.
Command Modes
Command History
|
|
Usage Guidelines
To use IPv4 addressing for discovering the route to a device, use the traceroute command.
Examples
This example shows how to discover a route to a device:
Related Commands
|
|
---|---|
transport ip address external
To avoid configuring the proxy ARP on the upstream router when the remote VTEP is on a different subnet, use the transport ip address external command and configure the transport IP address on the VTEP vEthernet interface or on the port profile that the VTEP port inherits. Use the no form of this command to remove the transport IP address configuration.
transport ip address external netmask netmask gateway gateway
Syntax Description
Command Modes
Port profile configuration (config-port-prof) or interface configuration
Command History
|
|
Examples
This example shows how to configure the transport IP address on the VTEP port profile:
This example shows how to remove the transport IP address configuration:
n1000v(
config)#
no transport ip address
Related Commands
|
|
---|---|
transport udp (NetFlow)
To add a destination User Datagram Protocol (UDP) port from the NetFlow exporter to the collector, use the transport udp command. To remove the port, use the no form of this command.
Syntax Description
Command Modes
Netflow flow exporter configuration ( config-flow-exporter)
Usage Guidelines
Command History
|
|
Examples
This example shows how to add UDP 200 to the flow exporter:
n1000v#
configure terminal
This example shows how to remove UDP 200 from the flow exporter:
n1000v#
configure terminal
Related Commands
|
|
---|---|
type
To define the network segmentation policy type, use the type command. To remove the network segmentation policy type, use the no form of this command.
Syntax Description
Defaults
Command Modes
Network Segment Policy configuration (config-network-segment-policy)
Command History
|
|
Usage Guidelines
The policy type can be Segmentation or VLAN. For segmentation policy, NVGRE is used. For more information, see the Cisco Nexus 1000V VXLAN Configuration Guide, Release 4.2(1)SV1(5.1).
The policy type corresponds to the network pools in the Opalis. The policy type Segmentation corresponds to the network isolation-backed network pool in the Opalis. The policy type VLAN corresponds to the VLAN-backed network pool in the Opalis.
Examples
This example shows how to define the network segmentation policy type:
Related Commands
|
|
---|---|