Command Line Interface
The Cisco Nexus 3550-F Fusion (formerly ExaLINK Fusion) can be configured via a command line interface. This interface can be accessed via SSH, telnet, or an industry standard serial interface.
Configuration mode
The command line interface can be used to both inspect the current
configurations of the Nexus 3550-F, and modify the configuration. The command
line can be used in either a modal or non-modal way. For example, commands that
change the current configuration are prefixed with config
. When executing
multiple configuration commands, it is convenient to enter config mode.
For example, to set a port alias, one can enter:
admin@N3550-F> configure port A1 alias exchange
Alias set on port A1
Alternatively, you can enter config mode and then set the port alias:
admin@N3550-F> config
admin@N3550-F(config)> port A1 alias exchange
Alias set on port A1
Note: in the above example that the command line prompt indicates that
config mode is in use. To exit a mode, simply type exit
:
admin@N3550-F(config)> exit
admin@N3550-F>
Note: that the interface has dropped back to the default mode. Importantly,
typing exit
within the default mode will log you out of the device.
Modal states can be nested, and typing exit
will drop out of that level and up to the previous level. Typing end
will drop out of all levels and return you to the top modal level. For example:
admin@N3550-F> config
admin@N3550-F(config)> port A1
admin@N3550-F(config-port:A1)> end
admin@N3550-F>
Creating and removing objects
The Nexus 3550-F is configured by creating or removing objects. An object represents a specific configuration and usually has one or more ports as members, as well as a number of properties. There is no limit to the number of objects that can be created on the Nexus 3550-F apart from that imposed by the number of ports on the device.
All objects are created or removed using the same convention. Creation of an object is achieved by entering the desired object type followed by any required properties. For example, to create a tap:
admin@N3550-F> config tap A1 A4
Added input tap on port "A1", send to port "A4"
Removal of an object from the configuration is the same as creating the
object, however the command is prefixed with no
. To remove the tap created
above, one would enter:
admin@N3550-F> config no tap A1 A4
Removed input tap on port "A1", send to port "A4"
Some objects are more complicated than taps. For example, the mux object and switch object. These objects have a name property and are configured from within their own mode, however the convention for creation and removal is the same.
Help and autocompletion
The interface includes help and tab completion. Help can be requested at
any point during use by pressing the ?
character. If there are multiple
parameter options that are valid from that point on, pressing ?
will list
them, for example:
admin@N3550-F> config management ?
configure management access-list allow Allow connections from the supplied IPv4 address ranges
configure management access-list deny Deny connections from the supplied IPv4 address ranges
configure management address dhcp Configure management interface using DHCP
configure management address none Disable IPv4
configure management address static Configure a static IPv4 address on the management interface
configure management name-server Configure name servers for the management interface
If there are no further parameter options valid, and ?
is pressed, detailed
usage information will be displayed, for example:
admin@N3550-F> config management address static ?
Usage: configure management address static <address> <netmask> [<gateway>]
Configure a static IPv4 address on the management interface
Autocompletion and suggestions for any command can be obtained by pressing tab after having entered any partial command. For example, when creating a tap object, a list of available source or output ports can be obtained by pressing tab whilst the interface is expecting a port. In this example, the interface shows a list of available source ports after pressing tab:
admin@N3550-F> config tap
A1 A2 A3 A4 A5 A6 A7 A8
A9 A10 A11 A12 A13 A14 A15 A16
down exchange output
Command pipelines
Version
This feature requires version 1.11.0 or later
The command line interface supports redirecting command output to standard
Unix utilities such as grep
and less
, for example:
admin@N3550-F> show port A16 | grep 'Link status'
Link status : up
Because this feature allows the user to run arbitrary shell commands, it is only
available to users with the admin
role.
Login banner
A login banner can be installed by uploading a file to the device with the name banner.txt using sftp, for example:
$ sftp admin@192.168.220.10
admin@192.168.220.10's password:
sftp> put banner.txt
The contents of banner.txt will be displayed prior to the login prompt, for example:
$ ssh admin@192.168.220.10
You are attempting to log into an ExaLINK Fusion - unauthorized access prohibited!
admin@192.168.220.10's password:
admin@192.168.220.10>
MOTD banner
A message of the day banner can be installed by uploading a file to the device with the name motd.txt using sftp, for example:
$ sftp admin@192.168.220.10
admin@192.168.220.10's password:
sftp> put motd.txt
The contents of motd.txt will be displayed on a successful login to the command line interface, for example:
$ ssh admin@192.168.220.10
admin@192.168.220.10's password:
Welcome. This device is located in ROW AF, CAB 2, RU 36
admin@192.168.220.10>
Session timeouts
An idle timeout can be configured where command line sessions will be logged
out after a certain amount of inactivity. This can be set with the
session-timeout
command and passing in a timeout value in seconds, for example:
admin@N3550-F> config session-timeout 600
Session idle timeout set
A maximum value of 60 minutes applies to the session timeout (3600s).
SSH Keys
Users can authenticate their login into the Nexus 3550-F through the use of SSH keys, rather than entering a password. This is done by adding the user's public key into the Nexus 3550-F, for example:
admin@N3550-F> config user admin sshkey "ssh-rsa AAAAB3NzaC1yc2EAAAA
DAQABAAABAQC15sjG4cYSAbYU0VIwPkdQkIKb0A2xxhPCjOAnzt91CrRQZibirZNqqW71TX3QVt
Ruqp2ZQjo19Nd9bk2iwa3qDITQIOlRdSJgwEBdklfgjkrjkd8KLSDfklwjkrjksjkXyztI3sKRM
mcYOEFjt9Bv+5JPw3o3Pja5GQOO5VEjM//QhsbMZ+G/4Sfx5GiLTaktenqNWflPaMcDWqq1wuuf
6mG7lEM55UDp5xWRrh5vIfyOh9Llosdfsasjkejk89sv9+cjkfhjksjhcjkhskhkljashdfiuhs
dfv98734kjFDjhjhdjhbfjh489jkJKZDJKHFVjkhi6SBbTu5v9 bob@myserver.com"
Added ssh key for user "admin"
The user will then be able to login without being prompted for a password:
$ ssh admin@N3550-F
admin@N3550-F>
In order to remove a key for a user, use the no
form of the command, passing
in the public key to remove, for example:
admin@N3550-F> config user admin no sshkey "ssh-rsa AAAAB3NzaC1yc2EA
AAADAQABAAABAQC15sjG4cYSAbYU0VIwPkdQkIKb0A2xxhPCjOAnzt91CrRQZibirZNqqW71TX3
QVtRuqp2ZQjo19Nd9bk2iwa3qDITQIOlRdSJgwEBdklfgjkrjkd8KLSDfklwjkrjksjkXyztI3s
KRMmcYOEFjt9Bv+5JPw3o3Pja5GQOO5VEjM//QhsbMZ+G/4Sfx5GiLTaktenqNWflPaMcDWqq1w
uuf6mG7lEM55UDp5xWRrh5vIfyOh9Llosdfsasjkejk89sv9+cjkfhjksjhcjkhskhkljashdfi
uhsdfv98734kjFDjhjhdjhbfjh489jkJKZDJKHFVjkhi6SBbTu5v9 bob@myserver.com"
Removed ssh key for user "admin"
This page was last updated on Feb-19-2021.