Professional Documents
Culture Documents
Appliance
User Guide
Release 4.2.4
AN10-001-10-4200-PRE1
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or
translated into any language or computer language, in any form, or by any means, electronic, mechanical,
optical, chemical, manual, or otherwise, without the prior written APPROVAL of Array Networks.
Disclaimer
Array Networks provides this document and the programs “as is” without warranty of any kind, either
expressed or implied, including, but not limited to, the implied warranties of merchantability or fitness for a
particular purpose.
This document could contain technical inaccuracies or typographical errors. Changes are periodically made to
the information herein; these changes will be incorporated in a future revision of this document. Array
Networks is under no obligation to notify any person of these changes.
Trademarks
Array Networks is a registered trademark of Array Networks Inc. aCelera, Secure Acceleration Technology,
Application Acceleration Blueprints, and Secure Application Networking are trademarks of Array Networks
Inc.
System
General Provides options to specify the hostname and a user-defined comment. Chapter 3
Settings
Network Configures the various network settings such as the appliance’s IP address, Chapter 3
Settings subnet mask of the local subnet, gateway address of the main interface, domain
name, and address of the primary domain name server.
Advanced Provides options to change the default Management VLAN address to match Chapter 3
Settings your management interface address and to configure Network Address
Translation (NAT) support.
Device Management
Settings Used to allow the aCelera™ to be managed independently or via the Centralized Chapter 3
Management System.
Device Settings
Deployment
Settings Provides options to configure in-line or out-of-line deployment as well Chapter 4
configure the WAN addressing mode.
Advanced Includes options for adjusting the MTU settings and enabling/disabling loop Chapter 4
detection.
WCCP Configures the necessary WCCP options when the aCelera is deployed out-of- Chapter 4
line via WCCP.
Network Configures network routes to eliminate additional hops when traffic is sent to Chapter 4
Routes other subnets.
CDP Enables/disables Cisco Discovery Protocol which allows peer devices to Chapter 4
discover the appliance.
Device Settings
Remote Administration
Services Contains options to allow or restrict remote access to the aCelera via Telnet, Chapter 4
SSH, HTTP, or HTTPS.
SNMP
Security Provides an option configure an SNMP community string. Chapter 4
Trap Allows you to specify trap destinations. Chapter 4
Destinations
Traps Provides options for configuring SNMP trap events. Chapter 4
Logging
Event Logging Configures the various logging options. Chapter 4
Settings
Network Allows log messages to be sent to the specified Syslog server Chapter 4
Syslog
Acceleration Settings
Traffic Rules Configures user-defined rules for identifying and accelerating specific traffic. Chapter 5
Traffic Shaper Creates named traffic classes that designate the minimum bandwidth (by Chapter 5
percentage) provided for a specific Type of Service (ToS).
Traffic Shaper Configures rules that associate Traffic Shapers with traffic that adheres to Chapter 5
Rules designated parameters.
Published Configure addresses other than that of the local subnet which the aCelera is Chapter 5
Addresses attached. These addresses will experience the benefits of acceleration.
Peers Permits or restricts the aCelera to communicate with other remote aCeleras Chapter 5
Administration Options
Passwords Change the default viewer and advanced passwords assigned to the aCelera. Chapter 6
Configuration Provides various options for managing configuration files. Configuration files Chapter 6
Files contain the various settings used by the device to communicate with aCeleras.
Software Provides options for managing software updates. Chapter 6
Updates
General Provides information on how to reboot the aCelera, resetting the configuration Chapter 6
Administrative to factory defaults, and clearing acceleration history.
Functions
Logs Provides options for viewing or administering log files. Chapter 6
Diagnostics Contains options for testing the aCelera and the network. Chapter 6
Type in the appropriate password to access the graphical user interface. When using the Viewer password, only
status information available from the Home menu bar item and configuration information available from the
Setup menu bar item are visible; the Admin page is not available. When using the Admin password, complete
access to all status, setup, and administrative information is granted.
If you have not yet applied the config apply command and want to clear any changes that you made,
type config clear.
To restore the configuration to the settings that were loaded during startup (when the appliance was
last booted), type config restore.
To reset a configuration to its default settings (except for passwords and network management interface
settings) even if you have permanently saved your changes, type config reset. The following network
management interface settings configured via the set command include: the appliance’s IP address
(Address), the subnet mask (SubnetMask), the gateway address (Gateway), the domain name
(DomainName), the addresses of each configured DNS server (DnsAddress), the hostname
(HostName), and configured static routes (NetworkRoutes). It then reboots the appliance after
prompting the user to allow the reboot.
To reset a configuration to its default settings (including passwords and network management interface
settings) even if you have permanently saved your changes, type config reset all. It then reboots the
appliance after prompting the user to allow the reboot.
To edit an existing setting via the CLI, type the command with the new value(s).
To clear a current setting, type the command without the (values) and then press Enter. Press Y when
prompted.
Notes:
In almost every instance, device settings are configured using the set command along with the
appropriate appliance parameter.
There are several device settings that do not immediately take effect until the appliance is
rebooted. Whenever these settings are changed, the CLI displays a message indicating that the
setting will not take effect until the appliance has been rebooted. These settings still require the
config apply and config save commands to be issued.
multiple optional
arguments can be
specified for which
you supply the values.
[optional Boldface text enclosed log rotate [delete] log rotate delete
element] within brackets [ ]
indicates an optional
element for which you
type in the text as
shown.
{option|option} Boldface text enclosed set NtpEnabled {yes|no} set NtpEnabled yes
within {} and
separated by vertical
bars indicate
alternative, mutually
exclusive elements,
one of which must be
entered.
Option Description
Hostname The text string that appears at the top of the GUI window or at the CLI command prompt. This
setting is typically reflects the location where the appliance is installed. Default is Array-
Networks>. Note: If CMS will be used to manage the aCelera, CMS uses the hostname configured
here to identify the aCelera.
Comments You can optionally include a user-defined comment.
Option Description
IP address assigned to the aCelera. Default is 192.168.117.1. Also specify the subnet
IP Address / Mask which the aCelera is part of. The subnet mask is specified in CDIR notation. Default is
/24.
Gateway address of the routing device that the aCelera uses to reach another network
Gateway
outside the local subnet. By default, the gateway address is not configured.
Primary DNS The primary DNS server address. Not configured by default.
Secondary DNS An optional secondary DNS server address. Not configured by default.
Domain Name Domain name of the appliance. Not configured by default.
4. Click Apply to update the configuration with the new settings.
5. At the bottom of the page, click on the Click here to go to save configuration link.
6. Under Save Configuration, click Save to Startup Configuration.
7. From the confirmation dialog box, click OK.
CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure the appliance's
network settings:
Syntax Description
set Address <ip_address> IP address assigned to the aCelera appliance. Default is 192.168.117.1.
set SubnetMask <subnet_mask> Subnet mask is specified in dot-decimal notation. Default is 255.255.255.0.
set Gateway <gateway_address> Gateway address of the routing device that the aCelera uses to reach another
network outside the local subnet. Not configured by default.
set DnsAddress <dns_address> DNS server address(es). Up to two can be configured. Include a space between
[dns_address] the two addresses. Not configured by default.
set DomainName Domain name where the appliance resides.
Example
Syntax Description
set MgtVLAN <vlan_id> The VLAN identification number. Valid ID range is 0-4095. The default value of 0
indicates an untagged VLAN.
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured setting for the above CLI command, type show MgtVLAN.
GUI
To configure NAT support:
1. Click the Setup menu bar item.
2. Under the Basic navigation tab, click System.
3. Under Advanced, type the public IP address of the NAT device through which traffic will be sent before
being forwarded to another aCelera.
Syntax Description
set PublicAddress <address> The public IP address of the NAT device through which traffic will be sent
before being forwarded to another aCelera.
Note: Add the IP address of the NAT device to the published address list. See Published Address on page 54.
Example 1
The following example assumes the aCelera sits behind a NAT device with a public IP address of 50.20.20.2.
1. Configure the public IP address of the NAT device that it sits behind:
set PublicAddress 50.20.20.2
2. Add the NAT device’s IP address the published address list. This allows packets destined to the network
set acceleration/addresses/permit/1 ip 50.20.20.2
Example 2
The following example provides a sample configuration when both a data center aCelera and a remote office
aCelera are behind NAT devices. The example assumes the data center aCelera is behind an NAT device with an
IP address of 50.20.20.2 and the remote office aCelera is behind a NAT device with an IP address of 40.17.10.2. In
this scenario, both sides of the peer connection must be configured as follows:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured setting for the above CLI command, type: show PublicAddress.
CLI
From the advanced level (Array-Networks-adv#), you can configure CMS options in one of the following ways:
Enter setup and either accept the default settings or enter the values you want.
Register the device manually with the following commands.
Syntax Description
set Cms/Enabled {yes|no} Enables or disables CMS. When enabled, the appliance will be managed by
CMS; when disabled, the aCelera will be managed via the CLI or GUI. Default is
no.
set Cms/Address <host_name or The IP address or the host name where CMS is located. Default is cms_server.
ip_address>
set Cms/Poll <minutes> The number of minutes the aCelera waits to poll the CMS. The aCelera polls
the CMS by sending its IP address, serial number, and current software
version. A 0 indicates that polling is disabled. Default is 5.
set Cms/Port <port_number> The port number used to access CMS. Default is 443.
set Cms/Register {true|false} Registers or unregisteres the appliance from CMS control. When registered
(true), the appliance will be managed by CMS. When unregistered (false), the
appliance is not managed by CMS. Default is false.
Example
After making changes, type config apply to update the configuration file with the new settings.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured setting for the above CLI commands, type the appropriate show
command: show Cms/Enabled, show Cms/Address, show Cms/Poll, show CMS/Port, show
CMS/Register
In-line Inline No No
Out-of-line via WCCP Out-of-Line Yes1 Yes2
Out-of-line via PBR Out-of-Line Optional3 Yes4
Out-of-line (VRRP) Out-of-Line Yes5 Yes6
1 When placed out-of-line via WCCP, WCCP options described under Configuring WCCP Options on page
28 must also be configured.
2 The aCelera’s default WCCP settings, once enabled, should be compared to those in use on your router.
Adjustments can be made accordingly on either the router or aCelera to achieve redirection. To change
the WCCP settings on the aCelera, see Configuring WCCP Options on page 28.
3 Cisco Discovery Protocol (CDP) can be enabled and configured to provide black hole detection when
the aCelera is deployed out-of-line via PBR. See Configuring Cisco Discovery Protocol on page 25.
4 Policy rules can be added to the route table to forward traffic based on a defined policy. For example,
traffic to a particular destination on a particular port can be redirected to the aCelera for acceleration.
Policies are applied on the router’s LAN and WAN interface to redirect traffic to the aCelera. Do not
apply a policy to the aCelera’s interface. Otherwise, a loop condition will occur.
5When placed out-of-line via VRRP, VRRP options described under Configuring VRRP Options on page
26 must also be configured.
6The aCelera’s default VRRP settings, once enabled, should be compared to those in use on your router.
Adjustments can be made accordingly on either the router or aCelera to achieve redirection. To change
the VRRP settings on the aCelera, see Configuring VRRP Options on page 26.
GUI
Option Description
Inline Select this option if the aCelera is deployed on the main data path (between two routers, a
router and two switches, or two switches). When inline, the aCelera uses two interfaces (WAN
and LAN).
Out-
Select this option if the aCelera is deployed off the main path. When out-of-line, the aCelera uses
of-
one interface (WAN). (Default)
Line
CLI
From the advanced level (Array-Networks-adv#), use the following command to configure the deployment
mode:
Syntax
When configured out-of-line the aCelera only uses the WAN interface; when in-line, it uses both
the WAN and LAN interfaces.
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured setting for the above CLI command, type show Deployment/Device.
Option Description
Transparent Configures the aCelera to utilize Transparent Addressing. With Transparent Addressing,
Addressing the source and destination IP addresses of the TCP connections are that of the original
client and server.
Correct Configures the aCelera to utilize Correcting Addressing. With Correct Addressing, the
Addressing source or destination IP address of the TCP connection is that of one of the two aCelera
appliances. (Default)
Correct
Configures the aCelera to utilize Correct Addressing to the WAN and Transparent
Addressing
Addressing on the LAN. When communicating with the WAN in this mode, the aCelera uses
with Server-
aCelera source and destination IP addresses; when communicating with the LAN, aCelera
side
uses the original client and the server IP addresses.
Transparency
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured setting for the above CLI command, type show deployment/addressing.
where <bytes> is the largest number of bytes the appliance can transmit as a single packet for the appliance’s
Ethernet interface. Valid range is 68-1500. Default is 1500.
CLI Example
Any time the WanTxMTU setting is changed, the appliance must be rebooted for the setting to
take effect.
Before issuing the reboot command, type config apply and then config save so that the new
settings will remain persistent after the reboot.
To view the configured MTU value, type show WanTxMTU.
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured setting for the above CLI command, type show LoopDetect.
Option Description
CDP When the Enabled box contains a check mark, all interfaces on the appliance are enabled. By
default, CDP is not enabled.
Interval The interval refers to the length of time, in seconds, between sending out CDP multicast messages.
The default is 90 seconds.
Hold Time The hold time period refers to the length, in seconds, the receiving device holds CDP information
before discarding it. Default is 180; the maximum value is 256.
Example
The following example enables CDP for the appliance. CDP packets are sent out every 120 seconds. The receiving
device will discard the CDP information in the CDP packet after 240 seconds.
set cdp/Enabled yes
set cdp/Interval 120
set cdp/Holdtime 240
config apply
config save
Notes:
Setting a lower hold time than the default 180 seconds results in the receiving devices to update
their CDP information more rapidly; setting a higher value causes them to update more slowly.
The hold time setting must be set to a higher number of seconds than the interval setting to
prevent CDP information from being discarded before receiving updated CDP information.
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save
To view the configured settings for the above CLI commands, type show cdp/Enabled, show
cdp/Interval, and show cdp/Holdtime.
Note: Although you can create a VRRP group with multiple peers, an aCelera deployment should only include
a single peer.
Option Description
IP Address A virtual IP address on the same subnet as the aCelera’s physical address, used to identify the
VRRP-enabled master router. Set this to the same value for all peers in the VRRP group.
Router ID A number used to identify all of the VRRP peers in the virtual router group. This should be set
to the same value for all peers in the VRRP group.
Advertise The number of seconds between each transmission of VRRP advertisement packets from the
Interval master router (the VRRP-enabled aCelera) to the backup router. Set this to the same value for
both the aCelera and the router.
Priority A number indicating if the VRRP router is a backup or master virtual router and the order of
ascendancy to becoming a master virtual router if the master virtual router fails. The default
priority for a VRRP-enabled aCelera is 254.
NOTE: To maintain master status, the VRRP-enabled aCelera should have the highest priority
in a VRRP group. Decrease the priority for each subsequent VRRP peer by 50.
Password Set the password to the same value on all VRRP peers.
Option Description
Priority Specify the priority of the aCelera appliances. The larger the value, the higher the
priority.
Note: WCCP requires the aCelera’s deployment mode be configured for out-of-line via the GUI or CLI. See
Configuring the Deployment Mode on page 20 if the aCelera is not already configured for out-of-line.
GUI
To configure WCCP options:
1. Click the Setup menu bar item.
1. Under the Device navigation tab, click Deployment.
2. Under WCCP, perform the appropriate action and then refer to the table.
Click New for each router you want traffic redirected from and fill in the appropriate
information for each field as described in the table.
To modify an existing entry, click on the entry you want to modify and then refer to the table.
To delete a router from the list, click on the appropriate row, and then click Delete.
Option Description
Service Group The number must match the service group used by the router. Default service group is 98.
Advanced Clicking on the Advanced icon displays the following options via the WCCP Advanced
Settings dialog box:
Option Description
Ports Redirects traffic on the specified ports through the router to the aCelera. All
other traffic bypasses the appliance and is not accelerated across the WAN. Up
to 8 separate ports can be configured. Each specified port is separated by a
space. By default, the field is blank, which indicates all ports are redirected.
Security Allows you to control which routers become part of the specified service group
using the password defined in the Password field. When enabled, traffic is
protected against being intercepted. By default, this setting is not enabled.
Password If the Security option is enabled, type in the router’s password. If the
password does not match, the WCCP service will not go to "Active Operation"
Option Description
Forwardin The method by which redirected packets are transported from the router to
g Method the appliance. Valid methods include: L2 Redirect and GRE. Default is GRE.
Assignmen The method by which redirected packets are distributed to the aCelera. Valid
t Method methods include Hash and Mask. Default is Hash. When using the hash
method, a hash table maintained by each router maps the hash index derived
from a packet to be redirected to the IP address of the appliance. When using
mask assignments, each router uses masks and a table of values to distribute
traffic for a service group across the member web-caches including the
appliance.
Return The method by which packets redirected to the aCelera are returned to the
Method router for normal forwarding. Valid methods include: GRE and L2 Redirect.
Default is GRE.
From the advanced level (Array-Networks-adv#), perform the following steps to configure a single router:
If the security option is set to yes, you must set the password to that configured for the router. If the
password does not match the router's password, all traffic that would be redirected through the router
will bypass the connection and not be accelerated across the WAN. Up to 8 characters may be specified.
6. Define the preferred methods of interacting with the router.
set WCCP/Capabilities <forwarding_method><assignment_method><return_method>
Interaction with the router refers to the preferred methods used to forward packets and return packets
to and from the router and the assignment method used to distribute packets in a service group. If the
router does not support the preferred (default) method of communicating with the appliance, the
router's supported method for each item will be used.
<forwarding_method> refers to the method by which redirected packets are transported from the
router to the appliance. Valid methods include: L (L2 redirect) and G (GRE). Default is G (GRE).
<assignment_method> refers to the method by which redirected packets are distributed to the
appliance. Valid methods include H (hash) and M (mask). Default is H (hash). When using the
hash method, a hash table maintained by each router maps the hash index derived from a packet
to be redirected to the IP address of the appliance. When using mask assignments each router
uses masks and a table of values to distribute traffic for a service group across the member web-
caches including the appliance.
<return_method> refers to the method by which packets redirected to the appliance are returned
to the router for normal forwarding. Valid methods include: R (GRE) and 2 (L2 redirect). Default is
R (GRE).
GRE is a method by which redirected packets are encapsulated into a new IP packet with a GRE header
followed by a four-octet Redirect header. L2 does not encapsulate redirected packets. Instead, the router
replaces the packet's destination MAC address with the MAC address of the appliance. By default, the
appliance will use GRE redirection and hash assignments if supported by the router. If the router does not
support GRE redirection, it will use L2; if it does not support hash assignments, then it will use mask
assignments. When specifying methods, no white space is allowed.
7. Apply the changes to the configuration file (Update the configuration file by applying the changes).
config apply
8. Permanently save the changes to the configuration file.
config save
9. Test to see that the WCCP configuration is properly configured.
Issue the WCCP command.
Example
The following example provides a sample configuration utilizing two configured routers.
set WCCP/RouterAddress 10.40.90.10
set WCCP/ServiceGroup 98
set WCCP/Ports 80 443 445 139
set WCCP/Security yes
set WCCP/Password xy2xsyt
set WCCP/Capabilities GHR (forwarding method is GRE, assignment method is hash, return method is GRE)
set WCCP/1/RouterAddress 11.20.90.99
set WCCP/1/ServiceGroup 99
set WCCP/1/Ports 80 443 445 139
set WCCP/1/Security yes
set WCCP/1/Password c6ts5gyn
set WCCP/1/Capabilities GHR (forwarding method is GRE, assignment method is hash, return method is GRE)
config apply
config save
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured WCCP setting or to see if it is enabled or disabled, type WCCP.
To view the configured settings for the above CLI commands, type the following: show
WCCP/[/#]/RouterAddress, show WCCP/[/#]/ServiceGroup, show WCCP/[/#]/Ports,
show WCCP/[/#]/Security, show WCCP/[/#]/Password, show WCCP/[/#]/Capabilities.
No router information is displayed for additional routers that have not been configured. Only
those settings that have been displayed for additional routers are displayed when issuing the
show command.
Option Description
CLI
From the advanced level (Array-Networks-adv#), issue the following command to configure network routes:
Syntax
set NetworkRoutes
<network_address/mask:nexthop_address[:configured_MTU]>[<;network_address/mask:nexthop_address[:configur
ed_MTU]> ...]
Notes:
The mask can be either CIDR or x.x.x.x notation when the MTU size is not specified. If an MTU
value is specified, use CIDR notation when specifying the mask.
Include the Maximum Transmission Unit (MTU) value of each network segment that is
lower than the MTU setting configured for the appliance. By default, the appliance is configured
with a value of 1500 bytes via the set WanTxMTU command. To view the MTU value
configured for the appliance type show WanTxMTU. If any network segment is lower than the
appliance’s MTU setting, make sure to include that segment’s configured MTU value. See
Example 2 below.
Use a slash (/) to separate the network address from the mask.
Use a colon (:) to separate the network address/mask from the gateway address.
Use a colon (:) to separate the next hop address from the optional configured MTU value.
Multiple static routes can be specified using a semi-colon (;) with no space between each route.
The above setting requires the appliance to be rebooted for the setting to take effect. Before
issuing the reboot command, type config apply and then config save so that the new setting
will remain persistent after the reboot.
To view configured static routes, type show NetworkRoutes.
Example 1
The following example configures two static routes (one using CIDR notation; the other using x.x.x.x notation).
set NetworkRoutes 192.168.10.0/24:10.10.10.99;192.168.11.0/255.255.255.0:10.10.10.99
Example 2
The following example configures two static routes. The first route is configured with an MTU value of 800 bytes
to accommodate a router’s configured MTU value for that specific route. The mask is specified using CIDR
notation. The second route does not have a configured MTU value. The mask is configured using x.x.x.x notation.
set NetworkRoutes 192.168.10.0/24:10.10.10.99:800;192.168.11.0/255.255.255.0:10.10.10.99
Option Description
Telnet Enables or disables Telnet sessions to access the appliance. By default, Telnet access is
enabled.
SSH SSH access to the appliance is enabled by default and cannot be disabled.
HTTP When the Enabled box is checked, the appliance can be accessed via HTTP. By default,
HTTP access is enabled via port 80. To change the port, type the desired port in the Port
field.
HTTPS Allows secure access to the appliance via the specified port. HTTPS access cannot be
disabled, a port must be specified. By default, this option is configured with port 443 but
can be replaced with another port. If you configure a port that is already in use by the
appliance, a message is displayed indicating that the port you are trying to specify is
already in use.
Respond to Hides or displays Internet Control Message Protocol (ICMP) Echo messages. When on,
ICMP Requests responses to the Ping command are displayed. If you want the appliance to remain hidden,
disable this option. Default is on.
Reboot on Enables or disables the automatic reboot of the appliance if any internal errors are
Failure detected by the software. When Enabled is checked, the appliance reboots if an error is
detected (Default).
CLI
From the advanced level (Array-Networks-adv#), refer to the following commands for enabling and disabling
remote administration services:
Syntax Description
set TelnetEnabled {yes|no} Enables or disables Telnet access to the appliance. Enabled by default.
set HttpEnabled {yes|no} Enables or disables HTTP access to the GU. When enabled, your browser can be
used to access the GUI via HTTP; when disabled, HTTP access to the GUI via the
browser is denied.
set IcmpEchoReply {on|off} The ICMP command turns Internet Control Message Protocol (ICMP) Echo
messages on and off. When on, responses to the Ping command are displayed;
when off, no messages are displayed. If you want the appliance to remain hidden,
turn of ICMP. Default is on.
set RebootOnFailure {yes|no} Enables or disables the automatic reboot of the appliance if any internal errors are
detected by the software. When Enabled, the appliance reboots if an error is
detected. (Default)
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured settings for the above CLI commands, type show TelnetEnabled, show
HttpEnabled, show IcnpEchoReply, and show RebootOnFailure.
From the advanced level (Array-Networks-adv#), use the following command to configure a read-only
community string.
Syntax
The default value for SnmpReadCommunity is public, which is a commonly used SNMP read
community string.
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
Option Description
Syntax Description
Value Description
[<community>@] The community string is used to validate incoming SNMP Gets for objects in the Management
Information Base (MIB). If no string is specified, the default string public is assumed.
<ip_address> The IP address of the host that is receiving notifications.
[:<port>] Optional UDP port number for the host. Default port number is 162. If specified, include a colon
(:) before the port number.
Example
The following example configures hosts at 10.40.90.10 and 10.10.40.20 to receive trap notifications.
set Snmp/Trap/Destinations public@10.40.90.10:162,zxafy@10.10.40.20
The following example indicates that trap expressions will be evaluated at intervals of not less than 104 seconds.
set Snmp/Trap/Interval 104
Note: Any parameter viewable from the CLI show and show status commands can potentially be used to
configure a trap.
GUI
To configure SNMP traps:
1. Click the Setup menu bar item.
2. Under the Device navigation tab, click SNMP.
3. Under Traps, perform the appropriate action and then refer to the table.
Click New to create a row for each trap you want to configure and fill in the appropriate
information for each field.
To edit an existing setting, click on the item and modify the value.
To delete a trap event, click anywhere on the row you want to delete, and then click Delete.
Option Description
The set and clear trap conditions must be enclosed within parentheses. Leave a space after the left
parenthesis and a space before the right parenthesis. The trap parameter value has a symbolic
representation of "$" (dollar sign). Make sure to leave a space after the "$" sign.
Parameter Description
CLI
From the advanced level (Array-Networks-adv#), refer to the following sections to configure individual traps.
Configuring Individual Traps
The following parameters are associated with configuring a single SNMP trap.
Syntax
Value Description
<trap_number> The number identifying the trap. Valid entries include 0-10.
Any valid show and show status parameter available from the CLI to which the "set" and "clear"
<parameter>
expressions are applied.
<string> Any user-defined string to describe the trap event.
<set_expression> An expression that when "true" (encountered), initiates the trap.
<clear_expression> An expression that when "true" (encountered), clears the trap.
The set and clear trap expressions must be enclosed within parentheses. Leave a space after the left parenthesis
and a space before and after the right parenthesis. The trap parameter value has a symbolic representation of "$"
(dollar sign). Make sure to leave a space after the "$" sign.
Value Description
Example 1
The following example generates an SNMP Trap if the appliance's CPU utilization threshold exceeds 75%. The
condition is cleared if the CPU utilization threshold falls below 60%.
set Snmp/Trap/0/Value status/CpuUtilization
set Snmp/Trap/0/Comment CPU Utilization Threshold
set Snmp/Trap/0/Set ( $ -ge 75 )
set Snmp/Trap/0/Clear ( $ -le 60 )
Example 2
The following example generates a trap while the appliance is attempting to connect to the network. Once the
appliance connects, the trap is cleared. This example assumes that there are two configured peer-to-peer
connections.
set Snmp/Trap/1/Value status/AcceleratingConnections
set Snmp/Trap/1/Comment Empty SNMP Trap slot
set Snmp/Trap/1/Set ( $ -lt 2 )
set Snmp/Trap/1/Clear ( $ -eq 2 )
Notes:
GUI
To configure event logging:
1. Click the Setup menu bar item.
2. Under the Device navigation tab, click Logging.
3. Under Settings, select the appropriate option from the Log Level pull-down menu.
Option Description
0 - Trace Detailed debugging events. All events are logged. Array Networks use only for detailed
debugging purposes.
1 - Debug Debugging events. Array Networks use only for debugging purposes.
2 - Test Test events. Array Networks use only for testing purposes.
3- Informational events.
Informational
4 - Notifications Normal but significant conditions. (Default)
5 - Warning Warning conditions.
6 - Error Error conditions.
7 - Critical Critical events.
8 - Fatal A fatal event.
0 Trace Detailed debugging events. All events are logged. Array Networks use only for detailed
debugging purposes.
1 Debug Debugging events. Array Networks use only for debugging purposes.
2 Test Test events. Array Networks use only for testing purposes.
3 Informational Informational events
4 Notifications Normal but significant conditions. (Default)
5 Warning Warning conditions
6 Error Error conditions
7 Critical Critical events.
8 Fatal A fatal event.
Example 1
The following example is configured so that events identified as notifications, warning conditions, error
conditions, critical events, and fatal events are logged.
set LogLevel 4
Notes:
To add servers, click New to create a row for each server you want to receive messages and
specify the IP address of the server. Up to three servers can be configured.
To edit an existing entry, click on the entry and type in the new IP address.
To remove a server from the list of those receiving log messages, click on the appropriate row,
and then click Delete.
By default, all Array Networks-defined messages are logged.
5. To change the facility under which the messages are logged, click the drop-down list in the Network
Syslog Filter area, and select the Syslog Facility setting requested by your Syslog Server Administrator.
6. Click Apply to update the settings.
7. At the bottom of the page, click on the Click here to go to save configuration link.
8. Under Save Configuration, click Save to Startup Configuration.
9. From the confirmation dialog box, click OK.
CLI
To configure the appliance for network system logging, perform the following procedure from the advanced level
(Array-Networks-adv#):
1. Enable syslog.
set NetSyslog/Enabled yes
2. Configure the syslog servers by their IP addresses:.
set NetSyslog/Servers <ip_address>[<;ip_address><;ip_address>]
Up to three network servers can be configured to receive log messages. Use a semi-colon (;) with no
spaces between each specified IP address.
3. Set the log level (if not already configured).
set LogLevel {0|1|2|3|4|5|6|7|8}
4. Optionally, configure the facility type to filter the type of messages that are being logged.
set NetSyslog/Facility <facility#>
By default, <facility#> is configured with a value of 1 which indicates that all Array Networks-defined
messages are logged. Additional supported facility numbers include the following user-customized
values: 16, 17, 18, 19, 20, 21, 22, and 23.
Notes:
To view the settings configured for each of the above CLI commands, type the following: show
NetSyslog/Enabled, show NetSyslog/Servers, show NetSyslog/Facility, and show LogLevel.
Since the message is sent in a UDP packet, if it gets lost (for example, due to network
congestion), the message is not resent; it is lost.
Logs messages sent to network servers conform to the standard syslog message format
consisting of the PRI, Header, and MSG.
The following example configures “Boston Office Data Center 1” to be displayed when logging into the CLI.
set motd Boston Office Data Center 1
Sample Output
Array-Networks password:
aCelera SN 000000001101
Array-Networks>
Notes:
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured setting for the above CLI command, type show Acceleration/Enabled.
cached web document meets freshness and size requirements, the aCelera serves that copy when it receives
subsequent requests for the document, instead requesting it from the source site. This increases throughput and
reduces bandwidth usage and server load. By default, acceleration optimization and static caching are enabled.
GUI
To enable or disable acceleration optimization for one or all of these traffic types:
1. Click the Setup menu bar item.
2. Under the Acceleration navigation tab, click Settings.
3. Under Advanced, disable acceleration optimization by removing the checkmark from the appropriate
check box. To re-enable acceleration optimization, add the checkmark to the appropriate check box.
If HTTP is enabled, disable or re-enable the Static Cache, as appropriate.
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured settings for the above CLI commands, type:
show Acceleration/Http/Enabled
show Acceleration/Ssl/Enabled
show Acceleration/Cifs/Enabled
show Acceleration/Mapi/Enabled
show Acceleration/Ica/Enabled
GUI
To configure Peer Auto Discovery:
1. Click the Setup menu bar item.
2. Under the Acceleration navigation tab, click Peers.
3. Under Auto Discovery, enable Peer Auto Discovery by checking the Peer Auto Discovery Enabled
checkbox. To disable auto discovery, remove the checkmark.
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the configured setting for the above CLI command, type show
Acceleration/Peer/AutoDiscoveryEnabled.
Note: If peer connections are deployed in-line and have Auto Discovery enabled, peers do not have to be
defined. If Peer Auto Discovery is disabled on any peer or if a peer is deployed out-of-line, a peer must be
defined.
Note:
To find the remote peer serial number, log in to the CLI in advanced mode and
enter:
cdb show status/SN
To find the remote peer license number, log in to the GUI, click the Administration
menu bar item and click System. In the Activation area, the license number is actually
labeled Serial Number.
To edit a setting, click on the appropriate row and then make the change.
To delete a peer from the list, click on the row containing the peer you want to delete, and then
click Delete.
CLI
From the advanced level (Array-Networks-adv#), use the following commands to add peers to or remove peers
from the defined peers list.
Syntax
set Acceleration/Peer/Permit/<#> {ip <address>] | sn <serial>} Adds peers to the defined peers list
no set Acceleration/Peer/Permit/<#> Removes peers from the defined peers list
Syntax Description
Argument/Value Description
Example 1
The following example adds two peers to the defined peers list.
set Acceleration/Peer/Permit/1 ip 10.40.120.10
set Acceleration/Peer/Permit/2 ip 10.40.90.10
Example 2
The following example removes the peer from the defined peers list.
no set Acceleration/Peer/Permit/1
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view the list of defined peers, type show Acceleration/Peer/Permit. To view only a specific
peer, type show Acceleration/Peer/Permit/<#>. Replace the <#> with the appropriate
number.
Syntax
set Acceleration/Peer/Deny/<#> sn <serial_number> (Adds peers to the restricted peers list)
no set Acceleration/Peer/Deny/<#> (Removes peers from the restricted peers list)
Syntax Description
Argument/Value Description
<#> The number used to identify the peer connection.
sn <serial_number> The serial number of the restricted peer. Only used to add peers to the restricted peers list.
Example 1
The following example adds a peer whose serial number is 000000000010 to the restricted peers list.
set Acceleration/Peer/Deny/1 sn 000000000010
Example 2
The following example removes the peer from the restricted peers list.
no set Acceleration/Peer/Deny/1
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To display all restricted peers type, show Acceleration/Peer/Deny. To display a specific
restricted peer, type show Acceleration/Peer/Deny/<#>. Replace the <#> with the
appropriate number.
Option Description
CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure heartbeat interval
settings.
Syntax Description
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
Example
set conjure/heartbeatinterval 10
CLI
From the advanced level (Array-Networks-adv#), use the following command to allow or restrict the appliance
from managing traffic on the local subnet.
Syntax
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To display the configured setting for the above CLI command type
show Acceleration/Addresses/LocalSubnetEnabled.
CLI
From the advanced level (Array-Networks-adv#), refer to the appropriate command below to add locations to or
remove them from the published address list..
Syntax
Argument/Value Description
The following example adds 10.40.90.10 to the published address list allowing this location to send and receive
accelerated data.
set Acceleration/Addresses/Permit/1 ip 10.40.90.10/24
Example 2
The following example removes the location configured for peer connection 2 from the published address lost.
This location will not be able to send or receive accelerated data.
no set Acceleration/Addresses/Permit/2
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view a list of all published address type, show acceleration/addresses/permit. To view
only a specific address, type show acceleration/addresses/permit<#>. Replace the <#> with
the appropriate number.
To modify an existing entry, click on the item you want to change and type in the new value.
To remove an address from the list, click anywhere within the row, and then click Delete.
Syntax
Argument/Value Description
Example 1
set Acceleration/Addresses/Deny/1 ip 10.40.90.10/32
Example 2
no set Acceleration/Addresses/Deny/1
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To view all excluded addresses, type show Acceleration/Addresses/Deny. To display only a
specific address, type show/Acceleration/Addresses/Deny/<#>. Replace the <#> with the
appropriate number.
CLI
From the advanced level (Array-Networks-adv#), use one of the following commands view certificate
information:
Syntax
cert info
Sample Output
cert list
Sample Output
Note: Log on to your ftp site to upload the SSL certificate file. For further information, contact
Array Networks Customer Support.
GUI
To load SSL certificates onto the appliance
1. Click the Setup menu bar item.
2. Under the Acceleration navigation tab, click SSL.
3. Under SSL Certificates, click Load.
4. From the Load Certificate dialog box, supply the following information in the following order.
a. Type the Name you assign to the imported certificate.
b. Type the certificate's password in the Password field.
c. Type in the File Location where the certificate resides. If you do not specify the file location,
click the Browse button to find the certificate.
d. Click OK to close the dialog box. The certificate is added to the list.
CLI
From the advanced level (Array-Networks-adv#), use the following commands to load certificates onto the
appliance.
Use either cert get or cert import to download a new certificate from the specified location.
Syntax
Value Description
The following example imports (via FTP) the certificate " array-networks-cert" located in "certificates" on
10.10.20.10 using username "array-networks" and password "xyz" and assigns it the name "array-networks-sps".
cert get array-networks-sps ftp://array-networks:xyz@10.10.20.10/certificates/array-networks-cert
Example 2
The following example imports (via HTTP) the certificate "array-networks-cert" located in "certificates" on
10.10.20.10 and assigns it the name "array-networks-sps".
Note: During the import process, a prompt appears asking for the password associated with the certificate file.
After entering the password, the certificate is successfully imported. If an invalid password is entered, a
message is displayed indicating that the password is invalid and the password must be entered again.
Up to three attempts are permitted. After three invalid passwords are entered, the import process is
halted. You must re-issue the cert get or cert import command again. The following example details the
process of importing a certificate with one invalid password attempt.
DataCenter#1-adv# cert get localname.pfx ftp://10.10.20.66/pleperfnt101
######################################################################## 100.0%
Download complete
File retrieved successfully.
Package is valid PKCS#12 formatted file.
Please enter the package password:
Error: Could not decrypt package, bad password.
Please enter the package password:
MAC verified OK
writing RSA key
MAC verified OK
MAC verified OK
Client Certificate and Key imported successfully.
1 CA Certificate imported.
The Certificate Viewer window contains a General tab and a Details tab, which include information such as:
The version number of the certificate format. (Version)
The serial number of the certificate assigned by the issuer. This is a unique number within the
issuer’s list of issued certificates. (Serial Number)
The name of the certification authority that issued the certificate. (Issuer)
The signature algorithm and any parameters used by the issuer. (Signature Algorithm)
The validity of the certificate. This includes the date before which the certificate is not valid (Not
Before) and the date after which the certificate is no longer valid. (Not After)
The name of the entity to which the certificate is being issued. (Subject)
CLI
From the advanced level (Array-Networks-adv#), use the following commands view certificate information:
Syntax Description
cert display Displays information about the specified certificate including the common name, the
<cert_name> organization’s name, as well as the originating location of the certificate.
cert display Displays the following information:
<cert_name> detailed Version number of the certificate format (Version)
Serial number of the certificate assigned by the issuer. This is a unique number
within the issuer’s list of issued certificates. (Serial Number)
The name of the certification authority, which issued the certificate. (Issuer)
Signature algorithm and any parameters used by the issuer. (Signature Algorithm)
The validity of the certificate. This includes the date before which the certificate is
not valid (Not Before) and the date after which the certificate is no longer valid.
(Not After)
The name of the entity to whom the certificate is being issued (Subject)
The subject’s Public Key Info including the algorithm used for the subject’s public
key (Public Key Algorithm) and the actual public key displayed as a bit string (RSA
Public Key)
Syntax
The following example provides a sample output that displays basic certificate information.
Sample Output
Example 2
The following example provides a sample output that displays detailed certificate information.
Sample Output
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100 (0x64)
Signature Algorithm: md5WithRSAEncryption
Issuer: CN=default
Validity
Not Before: Jul 28 14:56:51 2007 GMT
Not After : Jul 27 14:56:51 2008 GMT
Subject: CN=default
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:a8:75:6f:08:fc:65:19:fc:6a:a1:0f:fa:9b:11:
c3:a7:7c:5c:c7:40:8e:1f:b9:b3:5f:20:72:1e:c2:
74:ad:4e:ca:64:0f:c4:08:b7:01:7a:18:ed:2a:1a:
bc:e0:21:d6:d2:96:b1:c1:60:ef:c6:58:51:a2:79:
3c:41:d2:4d:33:e8:92:e1:f3:f9:b3:58:7b:22:b5:
f9:88:d0:cb:e3:dd:3b:ff:b5:1c:ce:75:c2:35:11:
34:87:6f:2b:ba:59:54:4f:00:0a:41:44:0e:f3:45:
c2:04:78:a4:ac:81:54:a9:71:2f:dd:f9:d1:e9:8b:
6e:5c:e2:e2:57:a2:c7:35:cf
Exponent: 65537 (0x10001)
CLI
From the advanced level (Array-Networks-adv#), use the following command to delete certificates:
Syntax
4. From the Update Certificate dialog box, supply the following information.
a. Type the certificate's password in the Password field.
b. Type in the File Location where the certificate resides. If you do not specify the file location,
click the Browse button to find the certificate.
c. When finished, click Update Certificate to import the certificate onto the appliance.
d. Click OK. The list is updated to reflect the updated certificate.
CLI
From the advanced level (Array-Networks-adv#), use the following command to update certificates:
Syntax
Value Description
The following example imports (via FTP) the certificate "array-networks-cert" located in "certificates" on
10.10.20.10 using username "array-networks" and password "xyz" and then updates the existing certificate with
the new one.
cert update array-networks-sps ftp://array-networks:xyz@10.10.20.10/certificates/array-networks-cert
CLI
From the advanced level (Array-Networks-adv#), use either cert put or cert export to export a certificate to the
specified location.
Syntax
Name Description
<cert_name> The name of the certificate to export.
<protocol> The protocol used to export the certificate. Valid protocols include FTP, HTTP, or SCP. Notes: If
SCP is used, the user must have SSH set up on the server and have a user account password. SCP
does not support specifying the password on the command line. Supported URL formats include
the following:
ftp://<server>/<path>[/<new_cert_name>]
ftp://<username>:<password>@<server>/<path>[/<new_cert_name>]
ftp://<username>@<server>/<path>[/<new_cert_name>]*
http://<server>/<path>[/<new_cert_name>]
http://<username>@<server>/<path>[/<new_cert_name>]*
http://<username>:<password>@<server>/<path>[/<new_cert_name>]
scp://[<username>@<server>]/<path>[/<new_cert_name>]*
* Will prompt user for password.
[<username>] Optional user name that when configured, must be used to access to the location. May be used in
conjunction with a password. If no password is specified, include an ampersand (@) after the
password.
[<password>] The password that restricts access to the server. Only needed if required by the server. If required,
the password must be proceeded by the user name and a colon (:) and followed by an ampersand
(@). If a password is not specified, a prompt appears requesting a password. Note: If using SCP, the
password cannot be specified on the command line; it can only be specified after being prompted to
enter one.
<server> The IP address of the server or host name on which the certificate resides.
<path> The path where the certificate resides. Note: If FTP or HTTP is used, only relative pathnames are
supported; for SCP, the specified pathname must be an absolute pathname.
[<new_cert_name>] Optional. Renames the certificate being exported to the user-specified name.
Example
The following example exports (via FTP) the certificate labeled "array-networks-ca" to "certs" on 10.10.20.10
using username "array-networks" and password "xyz."
cert put array-networks-ca ftp://array-networks:xyz@10.10.20.10/certs
Notes:
1) Even though SSL is enabled by default, SSL traffic will not be accelerated until an SSL server entry is
configured using the imported certificate.
2) To accelerate traffic from Microsoft Exchange servers using Outlook Web Access or Outlook
Anywhere,
upload and apply Exchange certificates and the Client Access Server certificate just like an SSL
certificate.
GUI
To manage the SSL server list.
1. Click the Setup menu bar item.
2. From the navigation panel, click SSL Servers under the Acceleration tab.
3. Under SSL Servers, perform the appropriate action and then refer to the table.
Click New to add a new row for each SSL server you want to add and configure the appropriate
options as described in the table.
To edit existing entries, click on the appropriate entry and then change the setting.
To delete an SSL server from the list, click on the server you want removed, and then click
Delete.
Option Description
Option Description
4. Under SSL Options, select the appropriate certificate from the drop-down list.
CLI
From the advanced level (Array-Networks-adv#), use the following command to choose a certificate for the SSL
connection:
Syntax
Argument/Value Description
<#> The table entry for the SSL sever.
ip [<address/mask>] The address and subnet mask of the SSL server. The subnet mask is specified in CIDR notation.
By default, no servers are configured.
port [<port>] Optional port designation. If not specified, port 443 is assumed.
cert [<cert_name] Optional certificate name. If not specified, the default certificate is used.
Example
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
Altough SSL "is enabled by default" no sslserver are configured to be accelerated until an entry
is created.
The pre-configured rule is originally labeled as rule number 1 in the Rule List via the GUI’s Traffic
Rules page and rule #1 via the CLI (set acceleration/rule/1) but can be re-ordered as additional rules
are created.
The order of the rules on the Rule List determines how traffic is matched and processed. Rules are
processed from top to bottom. Use the “Move Up” and “Move Down” arrows to reorder the rules.
All conditions specified in a rule must be met for traffic to be matched to it.
Once traffic is matched to a rule, no further processing takes place.
If traffic does not match any of the traffic rules, it is simply forwarded.
Traffic rules need be configured only on the aCelera located closest to the source of the specified traffic.
GUI
To manage traffic rules:
1. Click the Setup menu bar item.
2. Under the Acceleration navigation tab, click Traffic Rules.
The Traffic Rules page displays all user-defined rules:
Option Description
Matching Criteria
No The table entry number used to identify the rule. The number is automatically generated when
a new row is created.
Source IP The IP address where traffic originated from. Select one of the following from the drop-down
menu:
If Any is selected, the rule will be matched to any source IP address. (Default)
If Specified is selected, type in the appropriate IP address and subnet mask in the IP
Option Description
Address/Subnet Mask fields. By default, the subnet mask is /24. Make sure to
include the slash (/).
Destination IP The IP address where the traffic is destined to. Select one of the following from the drop-down
menu:
If Any is selected, the rule will be matched to any destination IP address. (Default)
If Specified is selected, type in the appropriate IP address and subnet mask in the IP
Address/Subnet Mask fields. By default, the subnet mask is /24. Make sure to
include the slash (/).
Protocol The IP protocol to match to the rule. Select one of the following from the drop-down list: Any,
TCP, UDP, or Other.
If Any is selected, the rule will be matched to any protocol. (Default)
If TCP is selected, the Protocol Number field is automatically set to 6 and not user-
modifiable. All TCP traffic will be matched to the rule.
If UDP is selected, the Protocol Number field is automatically set to 17 and not user-
modifiable. All UDP traffic will be matched to the rule.
If Other is selected, the Protocol Number field becomes editable. Type in the
appropriate protocol number. Use a space between each protocol entry.
Port Matches the destination port or port range to the traffic rule. When specifying a range, include
a dash between the ports (for example 23-25). Select the desired protocol from the drop-down
list. The protocol entry affects the port entry. Select one of the following from the drop-down
menu.
If Any is selected, the Port field is not user-modifiable and any destination port will
be matched to the rule. (Default)
If Specified is selected, the Port field becomes modifiable. Type in the appropriate
port number or port range.
Note: If Protocol is set to Other, the Port field is disabled and contains a value of Any, which
indicates any port will be matched to the rule.
TOS Matches the Differentiated Services Code Point (DSCP) ToS marking of the traffic. Select the
appropriate marking from the pull-down menu. Valid markings include 0-63.
Actions
Action The type of action configured for the rule. Options include the following:
Options Description
CLI
From the advanced level (Array-Networks-adv#), use the following command to configure traffic classes.
Syntax
set Acceleration/Rule/<#> [src <source IP/mask>] [dst <destination IP/mask>] [proto {tcp|udp|<protocol #>}]
[port <port>] [dscp <dscp>] [action {A|F|D}] [class <class-name>]
Syntax Description
Except for the <#> argument, all other arguments are optional. The action argument defaults to “A” if not
specified. A value of “any” is assumed if any other argument is not specified.
Argument/Value Description
Options Description
This example accelerates traffic originating from 10.40.90.10 destined to 10.40.10.20 on port 80 with a DSCP
TOS marking of 20.
set Acceleration/Rule/1 src 10.40.90.10/32 dst 10.40.10.20/32 proto tcp port 80 dscp 20 action A
Example 2
This example accelerates traffic originating from 10.40.90.10 destined to 10.40.10.20 on any port with a DSCP
TOS marking of 20.
set Acceleration/Rule/1 src 10.40.90.10/32 dst 10.40.10.20/32 proto tcp dscp 20 action A
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To display all configured traffic rules, type show Acceleration/Rule. To display a specific rule
type, show Acceleration/Rule/<#>. Replace the <#> with the appropriate number.
Notes:
A maximum of ten traffic classes are allowed.
Each traffic class is allocated the guaranteed minimum bandwidth configured. For example, high
priority traffic cannot have 100 percent of the bandwidth if low priority traffic is present and
guaranteed 10 percent. In that case, high priority traffic can only use 90 percent of the
bandwidth.
If a traffic class is used in two or more traffic shaping rules, the guaranteed bandwidth is shared
among all of the traffic shaping rules that use that traffic class.
If there is unused bandwidth on channel, the bandwidth is made available to other traffic
channels on a pro-rata basis. The sum of the bandwidth settings do not have to equal 100%,
although it cannot exceed 100%.
Refer to the following information for creating, editing, deleting, and changing the order of traffic rules.
GUI
To manage traffic rules:
1. Click the Setup menu bar item.
2. Under the Acceleration navigation tab, click Traffic Shaper.
Option Description
Bandwidth Settings
Traffic Classes
Class Type the name you want to use to identify this traffic class.
Guaranteed To ensure that adequate bandwidth is available for mission-critical applications and to limit
Bandwidth bandwidth for less important traffic that could cause WAN congestion, configure each traffic
class can to receive a guaranteed a minimum percentage of bandwidth. The default is 1%.
CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure traffic classes to use
with the traffic shaper rules.
Syntax
Syntax
Syntax Description
Argument/Value Description
xxxx An argument in bps. For example, the value of 1.54 Mbps should be provided as 1540000
Syntax
Syntax Description
Argument/Value Description
x The traffic class number, starting at 1. For each new traffic shaping class created, increment
this number by 1.
percentage The percent of guaranteed minimum bandwidth for this class of traffic (from 1% to 100%.).
The default is 1%.
abc The name assigned to the traffic class.
Example 1
This example show how to set a class abc with 75% min bandwidth.
set shaping/class/1 minbw 75 name abc
Notes:
A maximum of 32 traffic shaper rules are allowed.
Traffic shaper rules always include a traffic class. Before creating a traffic shaper rule, verify
that at least one traffic class is defined.
To create a traffic class, see Traffic Shaper on page 76.
Refer to the following information for creating, editing, deleting, and changing the order of traffic shaper rules.
GUI
To manage traffic shaper rules:
1. Click the Setup menu bar item.
2. Under the Acceleration navigation tab, click Traffic Shaper Rules.
3. The Traffic Shaper Rules page displays:
All user-defined rules
The Final Rule to which traffic not matching any user-defined rule is matched to and processed
by.
4. Under General, check the Enabled check box to allows the aCelera to treat packets differently based on
certain criteria.
To add a new rule, click a button on the Rule List: Insert Before or Insert After.
The Traffic Rule Editor is displayed.
Option Description
Matching Criteria
No The table entry number used to identify the rule. The number is automatically generated when
a new row is created.
Source IP The IP address/netmask from which the request is initiated. Select one of the following from
the drop-down menu:
If Any is selected, the rule will be matched to any source IP address. (Default)
If Specified is selected, type in the appropriate IP address and subnet mask in the IP
Address/Subnet Mask fields. By default, the subnet mask is /24. Make sure to
include the slash (/).
Destination IP The IP address/netmask designated to receive the request initiated by the source. Select one of
the following from the drop-down menu:
If Any is selected, the rule will be matched to any destination IP address. (Default)
If Specified is selected, type in the appropriate IP address and subnet mask in the IP
Address/Subnet Mask fields. By default, the subnet mask is /24. Make sure to
include the slash (/).
Protocol The IP protocol to match to the rule. Select one of the following from the drop-down list: Any,
TCP, UDP, or Other.
If Any is selected, the rule will be matched to any protocol. (Default)
If TCP is selected, the Protocol Number field is automatically set to 6 and not user-
modifiable. All TCP traffic will be matched to the rule.
If UDP is selected, the Protocol Number field is automatically set to 17 and not user-
modifiable. All UDP traffic will be matched to the rule.
If Other is selected, the Protocol Number field becomes editable. Type in the
appropriate protocol number. Use a space between each protocol entry.
Destination Port Matches the destination port or port range to the traffic rule. When specifying a range, include
a dash between the ports (for example 23-25). Select the desired protocol from the drop-down
list. The protocol entry affects the port entry. Select one of the following from the drop-down
menu.
If Any is selected, the Port field is not user-modifiable and any destination port will
be matched to the rule. (Default)
If Specified is selected, the Port field becomes modifiable. Type in the appropriate
port number or port range.
Note: If Protocol is set to Other, the Port field is disabled and contains a value of Any, which
indicates any port will be matched to the rule.
TOS Matches the Differentiated Services Code Point (DSCP) ToS marking of the traffic. Select the
appropriate marking from the pull-down menu. Valid markings include 0-63.
Option Description
Traffic Class Displays the name of the traffic class associated with the rule. Note: Currently, there is only one
traffic class (labeled Default) and all traffic is associated with it.
10. Click Apply to update the settings.
11. Click Save Configuration Changes at the bottom of the page.
12. Click Apply to update the settings.
13. To permanently save changes so that they remain persistent after a reboot:
a. At the bottom of the window, click the hot link Click here to go to save configuration to automatically
navigate to the Configuration page.
b. Under Save Configuration, click the Save to Startup Configuration button.
CLI
set shaping/rule/<x> src <source ip address> dst <destination ip address> proto <a> port <b> dscp <c> class
<def>
Argument/Value Description
<#> The traffic class number created earlier with the command:
set shaping/class/<#>
src <source ip address> The IP address from which the request is initiated. Provide the appropriate IP address and
subnet mask in the IP Address/Subnet Mask fields in the format:
x.x.x.x/y
y indicates the subnet mask (/24 by default)
Note: Make sure to include the slash (/).
dst <destination ip The IP address designated to receive the request initiated by the source. Provide the
address> appropriate IP address and subnet mask in the IP Address/Subnet Mask fields in the format:
x.x.x.x/y
where y indicates the subnet mask (/24 by default)
Note: Make sure to include the slash (/).
proto <a> The IP protocol to match to the rule.
If TCP, proto tcp
If UDP, proto udp
port <b> The destination port or port range. When specifying a range, include a dash between the ports
(for example 23-25).
dscp <c> The Differentiated Services Code Point (DSCP) ToS marking of the traffic. Valid markings are
from 0 throug 63.
class <def> The name of the traffic class associated with the rule.
Example 1
This example sets shaping rule for traffic originating from 10.40.90.10 destined to 10.40.10.20 on port 80 with a
DSCP ToS marking of 20 for class abc.
set shaping/rule/1 src 10.40.90.10/24 dst 10.40.10.20/32 proto 6 port 80 dscp 20 class abc
Example 2
This example sets the shaping rule for traffic originating from the 10.40.90.xx subnet with a destination of any
port on 10.40.10.xx with class abc.
set shaping/rule/1 src 10.40.90.00/32 dst 10.40.10.00/32 class abc
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To display all configured traffic rules, type show Acceleration/Rule. To display a specific rule
type, show Acceleration/Rule/<#>. Replace the <#> with the appropriate number.
CLI
From the advanced level (Array-Networks-adv#), use the following command to reboot the appliance:
Syntax
reboot
Notes:
If you have made any configuration changes, make sure to issue both the config apply and
config save commands before shutting down the appliance. If not, any configuration changes
you made will be lost.
After typing the reboot command and pressing enter, the following message is displayed:
The reboot command shuts down the system and will cause all in-flight traffic to be interrupted.
While waiting for the appliance to reboot, the CLI command line prompt is displayed and is
accessible to the user. Do not attempt to issue CLI commands while the system is rebooting.
Also, do not attempt to close a Telnet session while the appliance is rebooting.
Note: If you have made any configuration changes, make sure you have first applied and then permanently
saved them, otherwise they will be lost.
GUI
To shut down the appliance:
1. Click the Administration menu bar item.
2. Under the Administration navigation tab, click System.
3. Under System, click Shutdown aCelera.
CLI
From the advanced level (Array-Networks-adv#), use the following command shut down the appliance.
Syntax
shutdown
Notes:
If you have made any configuration changes, make sure to issue both the config apply and
config save commands before shutting down the appliance. If not, any configuration changes
you made will be lost.
After typing the shutdown command and pressing enter, the following message is displayed:
Clearing the history store clears the disk of all the traffic patterns that have been accumulated. Once the history
clear operation has completed, the appliance will start building a new history store automatically.
GUI
To clear acceleration history:
1. Click the Administration menu bar item.
2. Under the Administration navigation tab, click System.
3. Under System, click Clear Acceleration History.
CLI
From the advanced level (Array-Networks-adv#), use the following command to clear the appliance’s
acceleration history and optionally increases the size of the disk.
Syntax
historyclear [resize]
[resize] is an optional argument that also permits the history disk to be resized after the history store has been
cleared.
Argument Description
resize An optional argument that also permits the history disk to be resized after the history
store has been cleared.
Note: The procedure for resizing the history disk is covered in the installation guide.
To resize the disk you shutdown the virtual machine, update the size of the disk, and
then restart.
Notes:
Clearing the history requires acceleration to be enabled and at least one peer connected to the
appliance in an acceleration state.
Although clearing acceleration history is issued between active peer-to-peer connections, it is
advisable not to clear the history when there is a high demand of accelerated traffic flowing
between connected peers. Array Networks recommends clearing the history when this is little
or no traffic accelerating between connected peers.
CLI
The CLI has two modes for resetting the configuration to the factory default. The default mode retains the
appliance’s network and password settings whereas the “all” mode clears all settings to factory default.
From the advanced level (Array-Networks-adv#), use the following command to reset the configuration to
factory default.
Syntax
The following example resets the configuration settings to factory defaults but maintains the current passwords
and the following network and device settings that are configured via the set command: appliance’s IP address
(Address), the subnet mask (SubnetMask), the gateway address (Gateway), the domain name (DomainName),
the addresses of each configured DNS server (DnsAddress), the hostname (HostName), configured static routes
(NetworkRoutes), and the deployment mode (Deployment/Device).
config reset
Example 2
GUI
To change passwords:
1. Click the Administration menu bar item.
2. Under the Administration navigation tab, click Password.
3. Refer to the following table for the available password options.
Option Description
Viewer Configures a new password for the Viewer level. The Viewer level allows the user to use all status and
Password diagnostic functions accessible from the Home menu bar item. Through the Viewer level, the user can
also view all items accessible from the Setup menu bar item but cannot make any changes. When in
Viewer level, the Administration menu bar item and the items associated with it are not displayed.
Click Set Viewer Password to open the dialog box. Type the new password. Re-type the new
password in the field provided. Click OK when finished.
Admin Configures a new password for the Admin level. All items are available from the Admin level.
Password Click Set Admin Password to open the dialog box. Type the new password. Re-type the new password
in the field provided. Click OK when finished.
CLI
From the advanced level (Array-Networks-adv#), use the following commands to change passwords:
Syntax Description
set pass view Assigns password to the view level. Default is 1234
set pass adv[anced] Assigns a password to the advanced level. Default is 123456
1. After issuing either of these commands and pressing enter, you are prompted to type in the new password.
2. After entering a password, you are prompted to confirm the password by retyping it.
Example
To assign a password, follow the steps below. The following provides an example for assigning the password
q07o8d302 to the advanced level. The actual password is not displayed on the screen.
Default The original configuration file shipped with the aCelera. This file contains the factory
default settings and is not visible. This file can be restored if necessary.
Startup Contains the permanently saved settings that are in place each time the aCelera
boots.
Backup The aCelera may also contain any number of backup configuration files.
In addition to stored configuration files, a temporary configuration file may also exist. This temporary file
contains settings that have been modified during the current CLI or GUI session and have been applied but not
permanently saved. These settings will not remain after the aCelera is rebooted. If not permanently saved, the
settings in the startup configuration file will be in effect after the aCelera reboots. This temporary file is referred
to as the “running” or “applied” configuration file. If permanently saved, these settings will become part of the
startup configuration file.
Use the information found in this section to:
Permanently save changes to the startup configuration
Restore the startup configuration
View the settings of the running configuration
View the settings of the startup configuration
Compare configuration files
Note: The startup configuration file is displayed as “startup-config” via the CLI and “config.save” via the GUI..
From the advanced level (Array-Networks-adv#), use the following command to permanently save configuration
settings:
Syntax
config save
config restore
3. Under View Configuration, click View Running Configuration. The contents of the file containing both
unmodified and modified changes are displayed. When this option is selected, a window is displayed
containing the contents of the running configuration.
4. To search for an item or items, can either scroll through the window or type the desired text string in the
area provided, and then click Go. All items matching the search string are highlighted.
5. To clear the search string, click Reset.
CLI
From the advanced level (Array-Networks-adv#), use one of the following options with the show command to
view applied configuration settings. Only those settings that have been applied but not permanently saved are
displayed.
Syntax
show {running-config|run}
Sample Output
3. Under View Configuration, click View Startup Configuration. When this option is selected, a window
is displayed containing the contents of the startup configuration.
4. To search for an item or items, can either scroll through the window or type the desired text string in the
area provided, and then click Go. All items matching the search string are highlighted.
5. To clear the search string, click Reset.
CLI
From the advanced level (Array-Networks-adv#), use one of the following options with the show command to
view applied configuration settings.
The config display command displays the saved settings for the specified configuration file. The settings that are
displayed are those that were configured via the CLI (via the “set” command) as well as those settings that have
been configured in the internal configuration database (via the “cdb set” command).
Syntax
set IcmpEchoReply 1
set IcmpRedirect 1
set LogLevel 4
set NetSyslog/Enabled 0
set NetSyslog/Facility 1
cdb set config/MaxFpProxyFlowOvr 25000
cdb set config/MaxProxyFlowPadPct 0
cdb set config/MaxProxyFlowsOvr 0
4. The Compare Configuration window displays a side-by-side comparison of the Applied Configuration
(settings that have been applied but not permanently saved) and the Saved Configuration. Differences
between settings will be indicated by a highlighted line. To search for additional information, type in a
text string, and then click Go. Any text matching the setting will be highlighted in yellow. To clear the
text search, click Reset.
3. Under Backup and Restore Configuration to Disk, type the name of the configuration file in the
Filename field, and then click Backup. The backup copy will be displayed in the Configuration Files
section.
CLI
From the advanced level (Array-Networks-adv#), use the following command to backup configuration files:
Syntax
Syntax Description
Argument/Value Description
ftp://<server>/<path>[/<new_filename>]
ftp:// <username>:<password>@<server>/<path>[/<new_filename>]
ftp://<username>@<server>/<path>[/<new_filename>]*
http://<server>/<path>[/<new_filename>]
http://<username>@<server>/<path>[/<new_filename>]*
http://<username>:<password>@<server>/<path>[/<new_filename>]
scp://<username>@<server>/<path>/<filename>*
* Will prompt user for password.
<username> Optional user name that when configured, must be used to access to the location. May be used in
conjunction with a password. If no password is specified, include an ampersand (@) after the
password.
<password> The password that restricts access to the server. Only needed if required by the server. If required, the
password must be proceeded by the user name and a colon (:) and followed by an ampersand (@). If a
password is not specified, a prompt appears requesting a password. Note: If using SCP, the password
cannot be specified on the command line; it can only be specified after being prompted to enter one.
<server> The IP address of the server or host name on which the configuration resides.
<path> The path where the configuration resides. Note: If FTP or HTTP is used, only relative pathnames are
supported; for SCP, the specified pathname must be an absolute pathname.
[<new_filename>] Optional. Renames the configuration being uploaded to the user-specified name.
Example 1
The following example uploads the file "myconfig" (via FTP) to location "configs" on 10.10.20.10 using username
"array-networks" and password "xyz" and assigns the file the name "config1."
config put myconfig ftp://array-networks:xyz@10.10.20.10/configs/config1
Example 2
The following example uploads the "myconfig" (via HTTP) to location "files" on 10.10.20.10.
config put myconfig http://10.10.20.10/files
Example 3
The following example copies the most recently saved configuration file to “myconfigfile”. This provides a useful
recovery mechanism in cases where you have made significant changes to the configuration file but may want to
revert back to the earlier file.
config save myconfigfile
CLI
From the advanced level (Array-Networks-adv#), use the following commands to upload configuration files onto
the appliance.
Syntax
Argument/Value Description
<protocol> The protocol used to download the configuration file. Valid protocols include FTP, HTTP, or SCP
(Secure Copy). Notes: If SCP is used, the user must have SSH set up on the server and have a user
account password. SCP does not support specifying the password on the command line.
Supported URL formats include the following:
ftp://<server>/<path>/<filename>
ftp://<username>:<password>@<server>/<path>/<filename>
ftp://<username>@<server>/<path>/<filename>*
http://<server>/<path>/<filename>
http://<username>@<server>/<path>/<filename>*
http://<username>:<password>@<server>/<path>/<filename>
scp://<username>@<server>/<path>/<filename>*
* Will prompt user for password.
<username> Optional user name that when configured, must be used to access to the location. May be used in
conjunction with a password. If no password is specified, include an ampersand (@) after the
password.
Argument/Value Description
<password> The password that restricts access to the server. Only needed if required by the server. If
required, the password must be proceeded by the user name and a colon (:) and followed by an
ampersand (@). If a password is not specified, a prompt appears requesting a password. Note: If
using SCP, the password cannot be specified on the command line; it can only be specified after
being prompted to enter one.
<server> The IP address of the server or DNS name (if configured on the network) on which the
configuration resides.
<path> The path where the configuration resides. Note: If FTP or HTTP is used, only relative pathnames
are supported; for SCP, the specified pathname must be an absolute pathname.
<filename> The name of the configuration file to be downloaded.
Example 1
The following example downloads the configuration file "updated_config" (via FTP) from location "configs" on
10.10.20.10 using username "array-networks" and password "xyz".
Example 2
The following example downloads the configuration file "updated_config" (via HTTP) from location "config_files"
on 10.10.20.10.
5. Once the configuration file has been applied, it replaces the existing configuration and its settings will
remain in effect until the appliance is rebooted. To permanently save these settings so they remain in
effect even after a reboot, click Save to Startup Configuration.
CLI
From the advanced level (Array-Networks-adv#), use the following command to apply changes to the running
configuration file:
Syntax
config apply
Example
The following example deletes the configuration file named “old-config-file” from the appliance.
Syntax
config unapplied
show changes
Sample Output
CLI
From the advanced level (Array-Networks-adv#), use the following command to display a list of configuration
files:
Syntax
config list
Sample Output
The following example displays the contents of the file named “startup-config”.
config display startup-config
Sample Output
config/Address "10.10.20.6”
config/CACertificate "array-networks-ca"
config/Certificate "system"
config/DnsAddress "10.10.20.2 10.10.10.4"
config/DomainName "0"
config/Gateway "10.10.20.1"
CLI
From the advanced level (Array-Networks-adv#), use the following commands to upload software files onto the
appliance:
Syntax
Parameters
Argument/Value Description
<protocol> Valid protocols include FTP, HTTP, or SCP (Secure Copy). Notes: If SCP is used, the user must have SSH
set up on the server and have a user account password. SCP does not support specifying the password
on the command line. Supported URL formats include the following:
ftp://<server>/<path>
ftp://<username>:<password>@<server>/<path>
ftp://<username>@<server>/<path>*
http://<server>/<path>
http://<username>@<server>/<path>*
http://<username>:<password>@<server>/<path>
scp://<username>@<server>/<path>/<filename>*
* Will prompt user for password.
<username> Optional user name that when configured, must be used to access to the location. May be used in
conjunction with a password. If no password is specified, include an ampersand (@) after the
password.
<password> The password that restricts access to the server. Only needed if required by the server. If required, the
password must be proceeded by the user name and a colon (:) and followed by an ampersand (@). If a
password is not specified, a prompt appears requesting a password. Note: If using SCP, the password
cannot be specified on the command line; it can only be specified after being prompted to enter one.
<server> The IP address of the server or the host name on which the file resides.
<path> Note: If FTP or HTTP is used, only relative pathnames are supported; for SCP, the specified pathname
must be an absolute pathname.
<file> The name of the file to download.
Example
The following example uploads the software update "aCelera-4.2.3-Release.upg" (via FTP) located in "software"
on 10.10.20.10 using username "array-networks" and password "xyz" onto the appliance.
update get ftp://array-networks:xyz@10.10.20.10/software/aCelera-4.2.3-Release.upg
3. All files on the appliance are listed in the Software Files table. For each file, the name, version,
date/time, and size are displayed.
CLI
From the advanced level (Array-Networks-adv#), use the following command to view a list of software files:
Syntax
update list
Sample Output
4. The information is displayed in the Software Details window. After viewing the software details, click
OK to close the window.
CLI
From the advanced level (Array-Networks-adv#), use either command to view software details:
Syntax
8. From the confirmation dialog box, click OK to apply the update and automatically reboot the aCelera.
During the update process, the aCelera is not accessible.
9. After updating all peer aCelera appliances, re-enable acceleration, by performing the following:
10. Click the Setup menu bar item.
11. Under the Acceleration navigation tab, click Settings.
12. Under General, enable acceleration by checking the Acceleration Enabled checkbox. To disable
acceleration between this appliance and all remote peers, remove the checkmark. By default,
acceleration is enabled.
CLI
From the advanced level (Array-Networks-adv#), refer to the following instructions to install and apply a
software update: This process will overwrite the existing software on the appliance with the new software. It
does not, however, overwrite the configuration file that contains your configuration settings.
Notes:
If you do not know the name of the update file, use the update list command on the next page.
A software install can only be performed through the advanced access mode (Array-Networks-
adv#)
Do not attempt to exit a Telnet session after starting the upgrade process.
CLI
From the advanced level (Array-Networks-adv#), use the following command to rotate logs:
Syntax
log rotate
Example 1
The following example rotates previously stored logs while generating a new log. The following example
illustrates a before and after scenario when issuing log rotate. Use log list to display the log file on the appliance.
log rotate
The following example generates a new log while deleting all previously stored logs.
CLI
From the advanced level (Array-Networks-adv#), use the following command to display a list of log files on the
appliance:
Syntax
log list
Sample Output
Size Date Time Name
34K 2009-04-10 18:13 log
364 2009-04-09 21:17 log.1
58 2009-04-08 00:00 log.2
160 2009-04-07 18:49 log.3
160 2009-04-06 15:59 log.4
58 2009-04-05 00:00 log.5
58 2009-04-04 00:00 log.6
Note: The message also includes two additional fields that are currently reserved for future use.
GUI
To view the contents of logs:
1. Click the Administration menu bar item.
2. Under the Administration navigation tab, click Logs.
3. Under Logs, click on the log you want to view (in this example, logs.4)
4. From the Log Details window displays the date the log event occurred,
CLI
From the advanced level (Array-Networks-adv#), use the following command to view the contents of a log file:
Syntax
Name Description
Option Description
Example
log display 1
5. To update the filtered list, click Refresh. To clear the filtered list, click Reset to display all messages.
Notes:
CLI
From the advanced level (Array-Networks-adv#), use the following command to search for text within a log file:
Syntax
Name Description
"<text_string>" Indicates the specified text string to search on. Quotes are required if whitespace is used.
[<log#>] Indicates the log file to search. Valid values include:
Option Description
0 The current log file. If not specified, the current log file is assumed. (Default)
1-6 Previously generated log files.
Example
The following example searches for the text string “lease obtained” in the log.1 file.
log grep "lease obtained" 1
6.4.5 Displaying the Specified Number of Lines at the Tail End of a Log File
The CLI provides the log tail command that allows you to display a specified number of lines at the tail end of a
log file. Issue the following command from either the view level (Array-Networks>) or the advanced level (Array-
Networks-adv#):
Syntax
Argument/Value Description
[<n_lines>] Optional parameter. Indicates the number of lines that are displayed. Default is 10.
[<log#>] Optional parameter. Indicates the particular log file. Valid values include:
Option Description
0 The current log file. If not specified, the current log file is assumed. (Default)
1-6 Previously generated log files.
Example
Example
aCelera-RO-adv# log write Start download of test file
<Run test>
aCelera-RO-adv# log write Stop download of test file
aCelera-RO-adv# log tail
Thu 21-May-2009 17:36:16 [NOTIFY|AGENT_CLI:000] Start download of test file
<Results of test>
Thu 21-May-2009 17:44:29 [NOTIFY|AGENT_CLI:000] Stop download of test file
aCelera-RO-adv#
Syntax
where <loglevel_name> is trace, debug, test, info, notify, warning, error, critical, or fatal. These correspond to the log
level numbers specified via the set LogLevel command. See Error! Reference source not found. on page 错误!未定义书
签。 for additional information.
Example
The following example tests the ability to generate a log message for an error condition in both the appliance’s
log file and network syslog file.
adv# test syslog error
adv# log tail
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-XCSOCK:000] Created CCC LISTEN TCP connection to neighbor 192.168.1.100,
hS2WAN 0x14ed9e0,RcvPortNo 2631.
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-OSAL:000] [failed/2] MsgReader:: connection failed fd 32
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-OSAL:000] [on_socket_failed/2] connection failed or closed fd 32
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-OSAL:000] [failed/2] MsgReader:: close fd 32port 2631 ip 192.168.1.100
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-OSAL:000] [close/2] connection closed 32 ip 192.168.1.100 port 2631
Thu 03-Nov-2011 22:20:26 [WARN|S2-CONJURE:001] Bypassing traffic for con 1 ([name: BostonDC ip:
192.168.1.100 sn: 000000100108]): Detected Peers in overlapping subnets
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-CONJURE:001] Connection [1] [name: BostonDC ip: 192.168.1.100 sn:
000000100108] has transitioned to Accelerating.
Thu 03-Nov-2011 22:44:54 [NOTIFY|AGENT_CLI:000] User logged in successfully via Telnet (192.168.1.1)
Thu 03-Nov-2011 22:45:13 [ERROR|AGENT_CLI:000] Network syslog testing with level=error
Thu 03-Nov-2011 22:46:14 [ERROR|AGENT_CLI:000] Network syslog testing with level=error
This example assumes that the log level for the appliance is configured at the default level of 4 (notification level)
and the netsyslog facility is configured using the default of 1 (user). The sample output displays the message that
appears in the log on the appliance; the second message displays the message that is generated for each
configured server. To test if the appliance can generate an error condition if one is encountered, perform the
following steps:
Note: No messages are displayed if you specify a level lower than the current configured log
level.
Syntax Description
Argument/Value Description
Option Description
<protocol> The protocol used to download the file. It can be FTP, HTTP, or SCP (Secure Copy). Notes: If SCP is used,
the user must have SSH set up on the server and have a user account password. Supported URL formats
include the following:
ftp://<server>/<path>[/<new_filename>]
ftp://<username>:<password>@<server>/<path>[/<new_filename>]
ftp://<username>@<server>/<path>[/<new_filename>]*
http://<server>/<path>[/<new_filename>]
http://<username>@<server>/<path>[/<new_filename>]*
http://<username>:<password>@<server>/<path>[/<new_filename>]
scp://<username>@<server>/<path>[/<new_filename>]*
* Will prompt user for password.
[<username>] Optional user name that when configured, must be used to access to the location. May be used in
conjunction with a password. If no password is specified, include an ampersand (@) after the password.
[<password>] The password that restricts access to the server. Only needed if required by the server. If required, the
password must be proceeded by the user name and a colon (:) and followed by an ampersand (@). If a
password is not specified, a prompt appears requesting a password. Note: If using SCP, the password
cannot be specified on the command line; it can only be specified after being prompted to enter one.
<server> The IP address of the server or host name on which the file resides.
<path> The path where the file resides. Note: If FTP or HTTP is used, only relative pathnames are supported; for
SCP, the specified pathname must be an absolute pathname.
[<new_filename>] Optional. Renames the log file being uploaded to the user-specified name.
Example 1
The following example uploads the current log file (via FTP) to "logs" on 10.10.20.10 using username "array-
networks" and password "xyz" and assigns the log file the name "DC_100505.log."
log put 0 ftp://array-networks:xyz@10.10.20.10/logs/DC_100505.log
Example 2
The following example uploads the second most-recent log file (via HTTP) to "logs" at arraynetworks.com.
log put 1 http://arraynetworks.com/logs/
Example 3
The following example uploads the oldest log file (via FTP) to "logs" on 10.10.20.10 using username "array-
networks" and password "xyz."
log put 6 ftp://array-networks:xyz@10.10.20.10/logs/
GUI
To create a report of configuration information and crash data:
1. Click the Administration menu bar item.
2. Under the Administration navigation tab, click Diagnostics.
3. Under Tech Reports, type a name in the Name file, and then click Create Tech Report. The report is
displayed in the Tech Reports list.
CLI
Use the following commands from the advanced level (Array-Networks-adv#).
Note: tech-trace remains active until it is either turned off or the system is
rebooted.
Sample Output:
Welcome to S2 Management Console
s2>turn on traces (xc, cert, s2d)
cmd>> xc set loglevel 4
XC: loglevel set to [4]
cmd>> trace on
cmd>> gtrace init
started "/galaxy/var/gtrace"
cmd>> show cert traceon
set ssl trace on
Goodbye!
Collecting Enhanced Trace Information
Sample Output:
Welcome to S2 Management Console
s2>turn on traces (xc, cert, s2d, cap)
cmd>> xc set loglevel 4
XC: loglevel set to [4]
cmd>> cap add
Following capture filter was added:
Capture Filter 1
host 0.0.0.0
mask 0.0.0.0
port 0
subport 0
cap size unlimited
cmd>> trace on
cmd>> gtrace init
started "/galaxy/var/gtrace"
cmd>> show cert traceon
set ssl trace on
Goodbye!
Writing Trace Information to an Internal File
NodeId 265
HistoryDir "/dev/sdd2"
MetaDir "/var/xcmeta"
BlockSize 1048576
ChunkSize 1024
CacheSize 3073
MainMemoryMB 5976
MaxFlows 3736
MaxBlocks 14107
SyncInterval 300
LogLevel 1
MaxOverlap 0
MaxOverlapFactor 2
CHET Mgr 1
CHET Mgr Timeout 50
Block Size 1049600
Block Actual 1050112
Compression Mode HC
==========:: batch :run s conn
Goodbye!
ixia3-DC-adv#
ixia3-DC-adv#
ixia3-DC-adv# debug s2 xc config
Welcome to S2 Management Console
LogLevel
Example 1
Example 2
tech-report delete
GUI
To view a listing of all technical reports on the aCelera:
1. Click the Administration menu bar item.
2. Under the Administration navigation tab, click Diagnostics.
3. All reports are listed under Tech Reports.
CLI
From the advanced level (Array-Networks-adv#), use the following command to view a list of all tech reports
that are on the aCelera.
Syntax
tech-report list
Sample Output
Syntax Description
Name Description
file The tech report file to be uploaded.
<protocol> The protocol used to upload technical reports. It can be FTP, HTTP, or SCP (Secure Copy). Notes: If
SCP is used, the user must have SSH set up on the server and have a user account password. SCP does
not support specifying the password on the command line. Supported URL formats include the
following:
ftp://<server>/<path>[/<new_filename>]
ftp://<username>:<password>@<server>/<path>[/<new_filename>]
ftp://<username>@<server>/<path>[/<new_filename>]*
http://<server>/<path>[/<new_filename>]
http://<username>@<server>/<path>[/<new_filename>]*
http://<username>:<password>@<server>/<path>[/<new_filename>]
scp://<username>@<server>/<path>[/<new_filename>]*
* Will prompt user for password.
[<username>] Optional user name that when configured, must be used to access to the location. May be used in
conjunction with a password. If no password is specified, include an ampersand (@) after the
password.
[<password>] The password that restricts access to the server. Only needed if required by the server. If required, the
password must be proceeded by the user name and a colon (:) and followed by an ampersand (@). If a
password is not specified, a prompt appears requesting a password. Note: If using SCP, the password
cannot be specified on the command line; it can only be specified after being prompted to enter one.
<server> The IP address of the server or host name on which to upload the reports.
<path> The path where the reports reside. Note: If FTP or HTTP is used, only relative pathnames are
supported; for SCP, the specified pathname must be an absolute pathname.
[<new_filename>] Optional. Renames the technical report being uploaded to the user-specified name.
Example1
The following example uploads the tech report file "report" (via FTP) to location "reports" on 10.10.20.10 using
username "array-networks" and password "xyz."
Example 2
The following example uploads the tech report file "report2" (via HTTP) to location "files" on 10.10.20.10 and
assigning it the new filename "latest_report".
6.7 Diagnostics
This section contains the commands used to perform network tests and generate technical reports which can be
used by Array Networks Customer Support to help diagnose problems that may occur.
Option Description
Ping Tests and monitors an appliance in the network. Use Ping whenever you need to test a
connection to an appliance. To issue a ping, type the address or host name to ping, and then
click Go. The results will be displayed in the Results section.
Trace Route Traces the route packets take to the specified host by displaying the sequence of hops the
packet has traversed. To issue a traceroute, type the address or host name to trace, and then
click Go. The results will be displayed in the Results section.
DNS Performs a DNS lookup of the specified host. To perform a DNS lookup, type the address or host
name, and then click Go. The results will be displayed in the Results section.
CLI
From the advanced level (Array-Networks-adv#), use the following commands to execute network connectivity
tests:
Generating Pings to Test Network Connectivity
Use ping to test and monitor an appliance in the network. Use ping whenever you need to test a connection to an
appliance.
Syntax
Argument/Value Description
<host> Required parameter. The host name to ping. If only host name is specified, ping will send five
ICMP echo requests of size 56 bytes.
count <number-to-send> Optional parameter. Sends the specified number of echo requests. The user can specify the
'count' keyword and a value to send any number of ICMP requests.
size <packet-size> Sends the specified packet size (default = 56).
Nslookup performs a DNS lookup of the specified host to determine the IP address of a domain name. An
optional DNS server can be specified to perform the lookup against. Otherwise, the appliance's configured DNS
server entry will be used.
Syntax
nslookup www.arraynetworks.com
Sample Output
Server: lab.arraynetworks.com
Address: 10.10.10.2
Name: www.arraynetworks.com
Address: 216.251.32.98
Sending Traceroutes
The traceroute command is a useful tool for tracing the route an IP packet follows to its destination by
displaying the sequence of hops the packet has traversed. From either the view or advanced level, type the
following command:
Syntax
aCelera™ Virtual Appliance User Guide – Release 4.2 125
C H A P T E R 6: ADMINISTRATION FUNCTIONS
Options
Argument/Value Description
The following example traces packets to the host located at 10.10.20.226. Up to 24 hops will be displayed.
Sample Output
tcpdump [-n] [-c count] [-C file_size] [-i interface] [-s snaplen] [ -w file ] [-W filecount][expression]
Options
Option Description
-n Don't convert host addresses to names. This can be used to avoid DNS lookups.
-c count Exit after receiving count packets.
-C file_size Maximum size of file, in MB. Maximum is 5MB.
-i interface Listen on the specified interface.
-s snaplen The number of bytes of actual data (the snaplen or snapshot length) captured from each packet passing
through the network that is indicated by -i interface. Use this to override the default snaplen (68 bytes).
-w file Write the raw packets to file rather than parsing and printing them out.
-W filecount Used in conjunction with the -C option, this will limit the number of files created to the specified number,
and begin overwriting files from the beginning, thus creating a ’rotating’ buffer. In addition, it
will name the files with enough leading 0s to support the maximum number of files, allowing them to sort
correctly.
expression Selects which packets are dumped. If no expression is specified, all packets will be dumped. Main
expressions include type, dir, and proto. Type options include host, net, and port. Dir qualifiers specify a
particular transfer direction to and/or from id. Possible directions are src, dst, src or dst and src and dst.
Proto qualifiers restrict the match to a particular protocol. Possible protocols include: ether, fddi, tr, wlan,
ip, ip6, arp, rarp, decnet, tcp and udp.
capture list
Example 1
The following example deletes the file named "report1.tcp” from the aCelera.
Example 2
The following example deletes all packet capture files from the aCelera.
capture delete
Argument/Value Description
<protocol> The protocol used to upload the captured data. Valid protocols include FTP, HTTP, or SCP (Secure
Copy). Notes: If SCP is used, the user must have SSH set up on the server and have a user account
password. SCP does not support specifying the password on the command line. Supported URL
formats include the following:
ftp://<server>/<path>/
ftp://<username>:<password>@<server>/<path>
ftp://<username>@<server>/<path>*
http://<server>/<path>
http://<username>@<server>/<path>*
http://<username>:<password>@<server>/<path>
scp://<username>@<server>/<path>*
* Will prompt user for password.
<username> Optional user name that when configured, must be used to access to the location. May be used in
conjunction with a password. If no password is specified, include an ampersand (@) after the
password.
<password> The password that restricts access to the server. Only needed if required by the server. If
required, the password must be proceeded by the user name and a colon (:) and followed by an
ampersand (@). If a password is not specified, a prompt appears requesting a password. Note: If
using SCP, the password cannot be specified on the command line; it can only be specified after
being prompted to enter one.
<server> The IP address of the server or DNS name (if configured on the network) on which the
configuration resides.
<path> The path where the packet capture file resides. Note: If FTP or HTTP is used, only relative
pathnames are supported; for SCP, the specified pathname must be an absolute pathname.
SSH. Usually, this key pair provides adequate security. If additional security is required, the ssh regenerate-
server-keys command can be used to regenerate a public/private key pair for the appliance.
Syntax
ssh regenerate-server-keys
This will delete the current Private/Public Key for this device
and generate a new pair. All SSH clients that have previously connected
may complain or refuse to connect because the key has changed. Each
affected client's cache will have to be cleared manually. Refer to the
client software documentation for information on clearing the cache.
Notes:
This command deletes the public/private key pair originally created for the appliance. Once
deleted, it can only be restored by resetting the appliance to factory defaults.
Once the system's keys have been regenerated, any SSH clients that have previously connected
to the appliance will issue a warning message that the key has changed.
Some SSH clients may refuse to connect until the client's cache is cleared manually. Refer to
your client's documentation for information on manually clearing cache.
Syntax Description
Value Description
<cert_name> The name of the certificate located on the appliance. In the case of the system certificate, it is the 12-digit
serial number of the aCelera.
<protocol> The protocol used to import the certificate. Valid protocols include FTP, HTTP, or SCP (Secure Copy).
Value Description
Notes: If SCP is used, the user must have SSH set up on the server and have a user account password. SCP
does not support specifying the password on the command line. Supported URL formats include the
following:
ftp://<server>/<path>/<server_cert_name>
ftp://<username>:<password>@<server>/<path>/<server_cert_name>
ftp://<username>@<server>/<path>/<server_cert_name>*
http://<server>/<path>/<server_cert_name>
http://<username>@<server>/<path>/<server_cert_name>*
http://<username>:<password>@<server>/<path>/<server_cert_name>
scp://<username>@<server>/<path>/<server_cert_name>*
* Will prompt user for password.
[<username>] The user name that restricts access to the server. Only needed if required by the server. May be used in
conjunction with a password. If no password is specified, include an ampersand (@) after the password.
[<password>] The password that restricts access to the server. Only needed if required by the server. If required, the
password must be proceeded by the user name and a colon (:) and followed by an ampersand (@). If a
password is not specified, a prompt appears requesting a password. Note: If using SCP, the password
cannot be specified on the command line; it can only be specified after being prompted to enter one.
<server> The IP address of the server or host name on which the certificate resides. Note: If FTP or HTTP is used,
only relative pathnames are supported; for SCP, the specified pathname must be an absolute pathname.
<path> The path where the certificate resides. Note: If FTP or HTTP is used, only relative pathnames are
supported; for SCP, the specified pathname must be an absolute pathname.
Example
The following example imports (via FTP) the certificate "000000005080082700000000" located in "certificates"
on 10.10.20.10 using username "array-networks" and password "xyz" and then updates the existing system
certificate with the new one.
1. Type cert update system ftp://array-
networks:xyz@10.10.20.10/certificates/000000005080082700000000 and then press Enter. The
following information is displayed:
######################################################################
## 100.0%
Download complete
File retrieved successfully.
Package is valid PKCS#12 formatted file.
Please enter the package password:
2. Type the password supplied by Array Networks and then press Enter. The following information is
displayed:
MAC verified OK
writing RSA key
MAC verified OK
MAC verified OK
Certificate was not signed by included CA certificate
The license file is unique to this device.
It is critical to box operation.
You should only delete it if you are going to replace it.
Are you sure you want to delete it? (yes/no) [n]:
3. Press Y to continue. The following information is displayed:
Continuing to use existing system ca (not removed)(not updated)
License file imported successfully.
Note: The aCelera must be rebooted for the updated certificate to take effect.
GUI
To update the system certificate via the GUI:
1. Click the Administration menu bar item.
2. Under the Administration navigation tab, click System.
3. Under Activation, type in the filename or click the Browse button to locate the appropriate license file.
4. Type in the license password that you obtained from Array Networks Customer Support, and then click
Load.
5. Once loaded, the expiration date is displayed in the License Expiry field.
Notes:
The serial number of the aCelera is displayed but is not modifiable.
The aCelera must be rebooted for the updated certificate to take effect.
7.1 Status
The System Status page contains various system, network, and device statistical information as described in the
table below.
CLI
From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#), use the following
commands to view system status information.
Syntax Description
show HostName The text string that appears at the CLI command prompt and at the top of the
graphical user interface window. This setting is typically changed to reflect the
location where the appliance is installed. Default is "Array-Networks>". The text string
cannot contain spaces.
show status SN The 12-digit serial number of the appliance.
show status The version of software and corresponding build number installed on the appliance.
SoftwareVersion
show status BootTime The length of time the appliance has been running. The duration is displayed in years,
days, hours, and minutes.
Option Description
IP Address The IP address and subnet mask configured for the appliance.
Gateway The IP address of the default gateway.
DNS Server The IP address of the DNS server.
Domain Name The domain name of which the appliance is part of.
CLI
From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#), use the following
commands to view the configured network settings.
Syntax Description
show Address The IP address and subnet mask configured for the appliance.
show Gateway The IP address of the default gateway.
show DnsAddress The IP address of the DNS server.
show DomainName The domain name of which the appliance is part of.
Sample Output
Issuing each of the above commands will display the following. Each value is displayed in quotes.
aCelera-adv# show Address
config/Address “192.168.1.100”
aCelera-adv# show Gateway
config/Gateway “192.168.1.1”
aCelera-adv# show DnsAddress
config/DnsAddress “192.168.1.5
Option Description
History Disk The percentage of disk space currently being utilized for history information.
Utilization
User Disk Utilization The percentage of disk space currently being utilized for user data such as configuration
files.
Memory Utilization The percentage of memory currently being utilized.
CPU Utilization The percentage of CPU resources currently being utilized.
CLI
From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#), use the following
commands to view device status information. To refresh the statistics, re-issue each command.
Syntax Description
show status The percentage of disk space currently being utilized for history information.
HistorySpaceUtilization
show status The percentage of disk space currently being utilized for user data such as
DiskSpaceUtilization configuration files.
show status The percentage of memory currently being utilized.
MemoryUtilization
show status CpuUtilization The percentage of CPU resources currently being utilized.
Sample Output
Issuing each of the above commands will display the following. Each value is displayed in quotes.
status/HistorySpaceUtilization “4”
status/DiskSpaceUtilization “12”
status/MemoryUtilization “15.9”
status/CpuUtilization “15”
7.5 Dashboard
The Dashboard is the aCelera subsystem responsible for collecting performance statistics and displaying
them in the Array Networks local client GUI (browser). Data flows into the aCelera and at the Internet
Layer (IP) the data is redirected to the Forwarding Plane. The Forwarding Plane is a term of art in router
technology. It's function here in the aCelera is to determine which data to compress in a first pass, and
which data to accelerate in subsequent passes. Data that is not accelerated is redirected back over the
WAN connection to the remote aCelera.
Data that can be compressed and accelerated is forwarded to the Performance Enhancing Proxy (PEP)
where it is then redirected to the Compressor module if compression is required. The PEP recognizes data
that has been reduced to objects and either looks that data up in the cache by its reference ID and sends
the object back to the LAN side; or else it sends a pointer across the WAN link requesting the object from
the remote aCelera. The figure shown below represents a high level overview of these concepts.
Figure. The Confirm Delete alert box removes all displayed data. This operation cannot be undone.
The Chart takes its title from the selected tab. In the case of the Throughput chart shown above the last hour of
data is displayed.
7.5.1.1 Duration
Updates all statistics on the Dashboard to reflect the specified time period. Whenever the duration is changed,
the statistics in the display panels are updated to reflect the specified duration. Data points are collected at a
certain granularity within the time range as specified below. Available durations include:
Table. Collected data point intervals.
Duration Description
Last Hour Provides statistics for the last hour at 1 minute granularity (Default).
Last Day Provides statistics for the last day at 30 minutes granularity.
Last Week Provides statistics for the last week at 3 hours granularity.
Last Month Provides statistics for the last month at 12 hours granularity.
Last Year Provides statistics for the last year at 24 hours (1 day) granularity.
Condition Behavior
Range of data is 0 > y <= 1024 Y axis number has no suffix.
Range of data is 0 > y <= 1048576 Y axis number is suffixed with “K”. Y axis number is scaled down by
1024. (For example, rather than “2048”, it is now “2K”)
Range of data is 0 > y <= Y axis number is suffixed with “M”. Y axis number is scaled down by
1073741824 1048576.
Range of data is 0 > y <= Y axis number is suffixed with “G”. Y axis number is scaled down by
1099511627776 1073741824.
Range of data is 0 > y and maximum Y axis number is suffixed with “T”. Y axis number is scaled down by
y is > 1099511627776 1099511627776.
Figure. The Data Reduction page contains a strip chart of both throughput and the amount of bandwidth savings
you have achieved with aCelera.
The following filters are visible in the Data Reduction report:
Period
Application
The Data Reduction chart page is comprised of two charts in the form of a strip chart recorder. Time flows from
left to right, and the top chart or Throughput chart displays the amount of data in bytes per second flowing
through the aCelera. The Throughput Chart is composed of two area chart data series stacked vertically and a
line chart data series. The bottom area chart data series is the Pass Through data. The top area chart data series
is the Accelerated data. A line chart data series representing the WAN data is superimposed over the stacked
area chart
The bottom data grid is the Data Reduction chart and it displays the amount of data reduction in percentages
over time. It also displays fields for average reduction percentage, average compression ratio, total LAN
accelerated data, total WAN accelerated data, and bytes saved.
If you move your cursor over a data point a tooltip will appear that displays the value and time of that data point.
Also, note that the same behavior for the Impact of different units of measure by the range that appeared in the
table in the previous section applies to this set of charts.
The application name and its associated port number are listed. Only the application name is displayed. The Top
Applications chart page is comprised of two pie charts, a chart legend and a table. The left pie chart contains the
top 10 applications for LAN traffic (top nine applications and one grouping of the rest of the applications called
“other”). The right pie chart contains the top 10 applications for WAN traffic. The table contains the top 50
applications (top 49 applications and one grouping the rest of the applications called “other”).
Table. Application and protocol type by port.
Application Port
FTP-Data 20
FTP-Control 21
SMTP 25
HTTP 80
MAPI 135
CIFS 139
HTTPS 443
CIFS 445
SQL Server 1433
Oracle 1521
NFS 2049
iSCSI 3260
HTTP Proxy 8080
ClearCase 12080
Figure. The Manage Applications screen is where you go to add additional ports (applications) to be monitored by
the aCelera.
You can add additional ports to monitor, and based on the port assignment monitor your own custom
applications.
NOTE: The user cannot modify aCelera's pre-assigned application names and ports.
To add a port, do the following:
1. Click on the Add button to open the Add Application dialog box shown below.
Figure. An application is inferred from the port value you enter, but you can use whatever name you wish that is
meaningful to you.
2. Enter the Port number into the Port text box.
3. Enter the name you want to track the port with into the Name text box.
That name does not have to be the official name of the application that is assigned to the port.
4. Press the OK button.
Your new port is added to the list in the left hand pane.
Keep in mind the following provisos, ports and names:
Cannot be blank.
Cannot be negative.
Cannot be zero (0). (Reserved for “All Applications”)
Cannot be greater than 65535 maximum.
Cannot be a duplicate of an existing port number other than the currently selected application port.
Cannot contain non-numerical characters.
7.9 Interfaces
Information can be displayed for status and statistical information for each of the appliance’s interfaces.
Status Description
Link The link status of each interface. Yes indicates the link is up; no indicate it is down.
MAC The MAC address of each interface.
Address
Statistic Description
CLI
The CLI interfaces command displays the information that appears in both the GUI interface status and interface
statistics section described above. Information displayed for each physical interface in the appliance includes the:
Transmission speed
Data transmission mode (half or full duplex)
Link status (Whether the appliance is linked to another interface)
Number of packets received and sent through the interface
Number of corrupted packets received through the interface
The MAC address of the interface
The command also displays the IP address, mask, gateway, and DNS addresses of the virtual bridge.
From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#), use the following
command:
Syntax
interfaces
Sample Output
CLI
The following CLI commands provide the same information as the GUI interface statistics described on the
preceding page. From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#),
use the following commands to view interface status information since the appliance was last booted. To refresh
the statistics, re-issue each command.
Syntax Description
show status WanRxPackets Displays the total packets received by the WAN-side interface
show status WanRxBytes Displays the total bytes received by the WAN-side interface.
show status WanRxErrors Displays the number of errors received by the WAN-side interface since last boot.
show status WanTxPackets Displays the total packets sent by the WAN-side interface.
show status WanTxBytes Displays the total bytes sent by the WAN-side interface.
show status WanTxErrors Displays the number of errors sent by the WAN-side interface since last boot.
show status LanRxPackets Displays the total packets received by the LAN-side interface.
show status LanRxBytes Displays the total bytes received by the LAN-side interface.
show status LanRxErrors Displays the number of errors received by the LAN-side interface since last boot.
show status LanTxPackets Displays the total packets sent by the LAN-side interface.
show status LanTxBytes Displays the total bytes sent by the LAN-side interface.
show status LanTxErrors Displays the number of errors sent by the LAN-side interface since last boot.
Item Description
# The ID number that can be used to identify the remote peer in the logs.
Peer Name The name of the remote peer.
State The current state of peer connections.
Item Description
Item Description
Def The remote peer has been configured via the Defined Peers list.
Dis The remote peer is automatically discovered via the Auto Discovery option.
Addressing The type of addressing used to communicate with the remote peer.
Item Description
C Correct Addressing
T Transparent Addressing
Elapsed The amount of time the peer connection has been in the accelerating state.
Time
CLI
From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#), use the following
commands to view peer status information.
Command Description
state Displays the current state of each peer connection including the peer name, current state,
peer’s IP address, peer’s serial number, the type of peer connection, and the date the peer
connection was established. Refer to the following table for the abbreviations found when this
command is issued.
Item Description
State
Type
Def The remote peer has been configured via the Defined Peers list.
Dis The remote peer is automatically discovered via the Auto Discovery option.
Addressing
C Correct Addressing
T Transparent Addressing
show status Displays the number of accelerating connections. A “0” indicates that none of the connections
AcceleratingConnection are currently in the accelerating state.
s
Sample Output 1
aCelera-adv# state
State: A-Accelerating; C-Connecting; D-Disabled
Type: Def-Defined, Dis-Discovered
Addressing: T-Transparent C-Correct
--------------------------------------------------------------------------------
# State Peer Name Peer IP Peer SN Type Addr Elapsed Time
--------------------------------------------------------------------------------
Sample Output 2
Hostname: YorkRO
Comment: York aCelera
Serial Number: 000000100107
Software Version: 4.2.0
System Uptime: 1 day, 1 hour, 30 minutes
IP address: 192.168.1.110/24
Gateway: 192.168.1.1
Primary DNS:
Domain Name:
WCCP # operation state is: The current WCCP operating state (for example, "initiating connection").
WCCP # Forwarding Method is: The packet forwarding method used to redirect traffic from the router to the
appliance (GRE or L2).
WCCP # Assignment method is: The method by which redirected packets are distributed to the appliance.
WCCP # Packet Return method is: The method by which packets redirected to the appliance are returned to the
router for normal forwarding.
WCCP # Designated Web Cache The IP address of the designated web cache used to receive redirected traffic.
Address is:
WCCP # Router Communication The address of the router to which the I_See_You packets are being sent
Address is:
WCCP # Router Reply Address is: The address of the router from which the Here_I_Am messages are being
received from
WCCP # Router Self-Identification The address used as an internal router ID for I_See_You messages.
Address is:
WCCP # Here_I_Am_Packets sent: The number of Here_I_Am packets sent.
WCCP # Request_Assignment packets The number of Request_Assignment packets sent.
sent:
WCCP # I_See_You_Packets received: The number of I_See_You packets received.
WCCP # Removal_Query Packets The number of Removal_Query packets received.
received:
WCCP # Invalid Packets received: The number of invalid packets received.
WCCP # Here_I_Am replies missed: The number of Here_I_Am replies missed.
Notes:
If the forwarding and packet return methods are both configured using L2, the number of
frames and bytes sent and received are displayed. If both the forwarding and packet return
methods are configured using GRE, corresponding GRE statistics are displayed. If one of the
redirection methods is configuring using L2 and the other method using GRE, statistics for both
L2 and GRE are displayed.
If WCCP is enabled, a set of statistics is displayed for each configured router with 0 being the
primary router. Up to eight sets of statistics may be displayed (0-7).
GUI
To view WCCP statistics:
1. Click the Home menu bar item.
2. Under the Status navigation tab, click WCCP tab.
3. Refer to the table on the previous page for WCCP status information. To update status information, click
Refresh.
CLI
From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#), use the following
commands to view WCCP statistics. Refer to the table on page 150 for WCCP status information
Syntax
WCCP
WCCP is disabled.
Sample Output 2 (WCCP is enabled using L2 redirection methods. Only one router is confgured.)
136.220-adv# wccp
WCCP 0 Operation state is: "info: active operation"
WCCP 0 Forwarding method is: "L2"
WCCP 0 Assignment method is: "Mask"
WCCP 0 Packet Return method is: "L2"
L2 Statistics
Frames:6265 Bytes:1111415
7.12 Diagnostics
This section provides information on the various diagnostics status functions.
Option Description
Destination The destination network or destination host.
Gateway The gateway address the router uses to forward the packet through in order to reach the destination
network.
Genmask The subnet mask of the destination network. A value of '255.255.255.0' indicates a host destination
and '0.0.0.0' indicates the default route.
Flags Flags. Possible flags include:
U (route is up)
H (target is a host)
G (use gateway)
R (reinstate route for dynamic routing)
D (dynamically installed by daemon or redirect)
M (modified from routing daemon or redirect)
A (installed by addrconf)
C (cache entry)
! (reject route)
Metric The distance (typically in hops) to the destination network. Not applicable to recent kernels, but may
be needed by routing daemons.
Ref The number of references to this route.
Use The number of lookups for the route. This number refers to either route cache misses or hits.
iface The interface to which packets for the route will be sent.
CLI
From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#), use the following
command to view the kernel's routing tables and/or routing cache.
Syntax
Parameter Description
Example 1
route
Sample Output
route -n
Sample Output
Option Description
CLI
From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#), use the following
commands to view and clear ARP table entries. Refer back to the table on the previous page for a description of
each table entry.
Syntax Description
arp display
Sample Output
ifconfig
Sample Output
The CLI provides the show ip-traffic to display various IP-related statistics such as packet information including
total packets received, forwarded, and dropped, and peer connection information including the number of active
and passive connections, and failed and established peer connections. From either the view level (Array-
Networks>) or the advanced level (Array-Networks-adv#), use the following command to display IP-related
statistics.
Syntax
show IP-Traffic
show proc
Sample Output
Note: Depending on the number of configured cores, the CPU percentage can be greater than 100%. Each
process may have multiple threads and each can be running on a different core and theoretically
utilizing up to 100% of that core. The displayed output sums the CPU usage of all threads to determine
the process percentage.
show mem[ory]
The following table provides information for each memory field that is utilized on the appliance.
Sample Output
MemTotal: 2057388 kB
MemFree: 1758000 kB
Buffers: 3412 kB
Cached: 49900 kB
SwapCached: 0 kB
Active: 192476 kB
Inactive: 35612 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 64 kB
Writeback: 0 kB
AnonPages: 174776 kB
Mapped: 13584 kB
Slab: 20932 kB
SReclaimable: 7180 kB
SUnreclaim: 13752 kB
PageTables: 5304 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
WritebackTmp: 0 kB
CommitLimit: 1028692 kB
Committed_AS: 1485336 kB
VmallocTotal: 34359738367 kB
VmallocUsed: 290948 kB
VmallocChunk: 34359442607 kB
HugePages_Total: 0
HugePages_Free: 0
show history
Sample Output
Argument/Value Description
<protocol> The protocol used to download the file. Valid protocols include FTP or HTTP.
<server> The IP address of the server or DNS name (if configured on the network) on which the file resides.
<path> The path where the test file resides.
<file> Name of the file to test the download function.
[<attempts>] Optional parameter that indicates the number of times to attempt the download. If no number of
attempts is specified, the setting defaults to 1.
Examples
Note: Bandwidth testing involves using either the test bandwidth or test bw commands. The examples on
this page use the test bandwidth command.
This command allows bandwidth testing by launching a bandwidth performance test that runs in the
background.
Syntax
show status
Sample Output
Hostname: YorkRO
Comment: York aCelera
Serial Number: 000000100107
Software Version: 4.2.0
System Uptime: 1 day, 3 hours, 53 minutes
IP address: 192.168.1.110/24
Gateway: 192.168.1.1
Primary DNS:
Domain Name:
ver[sion]
Sample Output
Uptime: 1:52
Argument/Value Description
<#> The entry number used to identify the netflow collector.
ip <address> The IP address of the Netflow collector.
port <port_number> The port number the Netflow collector is listening on.
Example 1
This example configures collector entry 1 to send Netflow records to a collector with the IP address 10.40.90.10
on port 2055.
set collector/1 ip 10.40.90.10 port 2055
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
To display all configured Netlfow collectors, type show collector. To display a specific Netflow
collector entry type, show collector /<#>. Replace the <#> with the appropriate number.
To configure the IP address of the management port, the subnet mask and the vlan ID:
1. Click the Setup menu bar item.
2. Under the Basic navigation tab, click System.
3. Under Management, configure the appropriate settings. Refer to the following table for the options to
configure the appliance's management port.
Option Description
IP Address / Mask Specify the IP address and the subnet for the management port. The default value of the IP
address is 192.168.1.200. The subnet mask is in CDIR format. The default value of the
subnet mask is /24.
VLAN ID Specify the VLAN identification number. The valid ID range is 0-4095. The default value is 0,
which indicates an untagged VLAN.
CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure management port ip
address, subnetmask, valn id.
Syntax Description
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
Example
set management/port/ip 192.168.1.200
set management/port/subnetmask 255.255.255.0
set management/prot/vlanid 1
Option Description
Controlled Only By Management Specify whether to control aCelera devices by management port. The
Port value can be “yes” or “no”.
Allowded Hosts Set a list of secure client hosts who can control aCelera devices.
4. Click Apply to update the settings.
5. At the bottom of the page, click on the Click here to go to save configuration link.
6. Under Save Configuration, click Save to Startup Configuration.
7. From the confirmation dialog box, click OK.
CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure management port
security settings.
Syntax Description
Notes:
After making changes, type config apply to update the configuration file.
To permanently save changes so they remain persistent after a reboot, also type config save.
Example
set management/security/OnlyManagementPort yes
set management/security/AllowedHosts 172.31.16.130/32
show Acceleration/Enabled
Description Displays the configured state of generic acceleration. A “yes” indicates acceleration is
enabled; a “no” indicates it is not.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax show Acceleration/Enabled
SSL Acceleration
set Acceleration/Ssl/Sslserver
Description When accelerating SSL traffic, the aCelera maintains the security trust model. This means that the
SSL certificate only gets loaded and stored on the appliance at the location where the SSL server
resides. aCelera appliances only share transient data to enable acceleration without the SSL
certificates ever traversing across the WAN. Once the SSL certificate is loaded, a mapping must be
created to identify which traffic should use which certificate. The matching criteria for the traffic
can be based on IP address with subnet mask and TCP port number. This mapping information is
shared with all peers automatically.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set Acceleration/Ssl/Sslserver/<#> ip <address/mask> port [<port>] cert <cert_name>
Argument/Value Description
show Acceleration/Ssl/Sslserver
Description Displays the configured setting for all SSL severs of the specified SSL server. If no entry is specified,
all configured SSL servers are displayed.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax show Acceleration/Ssl/Sslserver [#]
[#] refers to the table entry. If not specified, all servers are displayed.
no set Acceleration/Ssl/Sslserver
Description Removes the specified SSL server entry from the list.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax no set Acceleration/Ssl/Sslserver/<#>.
<#> is the table entry.
set Acceleration/Ssl/Enabled
show Acceleration/Ssl/Enabled
Description Displays the configured setting for accelerating SSL traffic. A “yes” indicates that SSL traffic is
accelerated; a “no” indicates it is not.
Access Level Required View (Array-Networks>)
Command Line Syntax show Acceleration/Ssl/Enabled
cert delete
Description Deletes the specified certificate and private key if one exists. A user-named certificate that is
currently configured for HTTPS traffic cannot be deleted unless it is first removed from the
appropriate traffic rule.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax cert delete <cert>
cert display
Description Displays information about the specified certificate including the common name, the
organization’s name, as well as the location of the certificate.
Access Level Required Advanced (Array-Networks-adv#)t
Command Line Syntax cert display <cert_name> [detailed]
Argument/Value Description
cert info
Description Displays the name, the issue date and time, the private key type and length, and the number of
associated CA of each certificate on the appliance. The output also displays whether or not the
certificate is currently being used (configured) by a traffic rule traffic rule.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax cert info
cert list
Description Displays the size, the issue date and time, and the name of each certificate on the appliance.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax cert list
Description Imports a certificate and key file pair from the specified location.
Access Level Advanced (Array-Networks-adv#)
Required
cert {put|export}
Description Exports a certificate and key file pair to the specified location.
Access Level Advanced (Array-Networks-adv#)
Required
cert update
Description Overwrites an existing certificate with the updated certificate of the same name. Any traffic rules that are
configured with the specified certificate are automatically updated. The appliance must be rebooted in order to
utilize the updated certificate
Access Level Advanced (Array-Networks-adv#)
Required
show Acceleration/Cifs/Enabled
Description Displays the configured setting for CIFS traffic acceleration optimization. A “yes” indicates CIFS
traffic is optimally accelerated; a “no” indicates it is not optimally accelerated.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax show Acceleration/Cifs/Enabled
show Acceleration/Http/Enabled
Description Displays the configured setting for HTTP traffic acceleration optimization. A “yes” indicates HTTP
traffic is optimally accelerated; a “no” indicates it is not optimally accelerated.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax show Acceleration/Http/Enabled
show Acceleration/Mapi/Enabled
Description Displays the configured setting for MAPI traffic acceleration optimization. A “yes” indicates MAPI
traffic is optimally accelerated; a “no” indicates it is not optimally accelerated.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set Acceleration/Mapi/Enabled
show Acceleration/Ssl/Enabled
Description Displays the configured setting for SSL traffic acceleration optimization. A “yes” indicates SSL
traffic is optimally accelerated; a “no” indicates it is not optimally accelerated.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax show Acceleration/Ssl/Enabled
WCCP Commands
Set WCCP[/#]/Capabilities
Description Configures the preferred methods in which the appliance interacts with the router.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set WCCP[/#]/Capabilities <forwarding_method><assignment_method><return_method>
Argument/Value Description
# Not used for the primary WCCP router. Only specified if additional
routers are configured. Up to seven additional routers can be
configured. Additional router entries include: 1-7. If specified, Include
a slash “/” before the number.
<forwarding_method> The method by which redirected packets are transported from the
router to the appliance. Valid methods include: L (L2 redirect) and G
(GRE). Default is G (GRE).
<assignment_method> The method by which redirected packets are distributed to the
appliance. Valid methods include: H (hash) and M (mask). Default is H
(hash).
<return_method> The method by which packets redirected to the appliance are
returned to the router for normal forwarding. Valid methods include:
R (GRE) and 2 (L2 redirect). Default is R (GRE).
Show WCCP[/#]/Capabilities
Description Displays the settings configured for the way in which the appliance interacts with the specified
router.
Access Level Required View (Array-Networks>)
Command Line Syntax show WCCP[/#]/Capabilities (# only used to check secondary routers [replace with 1-7]. # not
used for primary router.)
Set WCCP[/#]/Password
# Not used for the primary WCCP router. Only specified if additional routers are
configured. Up to seven additional routers can be configured. Additional
router entries include: 1-7. If specified, Include a slash “/” before the number.
<password> The password must match that set for the router. By default no password is
configured.
Show WCCP/#/Password
Description Displays the password (MD5 value) assigned to the specified router.
Access Level Required View (Array-Networks>)
Command Line Syntax show WCCP[/#]/Password (# only used to check secondary routers [replace with 1-7]. # not
used for primary router.)
Set WCCP[/#]/Ports
Description Redirects traffic on the specified ports through the router if the appliance is deployed out-of-line.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set WCCP [/#]/Ports [<port#> ...]
Argument/Value Description
# Not used for the primary WCCP router. Only specified if additional routers are
configured. Up to seven additional routers can be configured. Additional
router entries include: 1-7. If specified, Include a slash “/” before the number.
<port#> By default, no specific ports are configured, which indicates that all ports are
redirected to the aCelera when it is deployed out-of-line. To only redirect
selected ports, add the appropriate ports using the above-mentioned
command. All other traffic will simply be forwarded the WAN with no
acceleration. Up to 8 separate ports can be configured. Each specified port is
separated by a space.
Show WCCP/#/Ports
Description Displays the port numbers for traffic that have been configured to be redirected through the
specified router if the appliance is deployed out-of-line.
Access Level Required View (Array-Networks>)
Command Line Syntax show WCCP[/#]/Ports (# only used to check secondary routers [replace with 1-7]. # not used for
primary router.)
Set WCCP[/#]/RouterAddress
Description Specifies the address of the router that traffic will be redirected to if the appliance is deployed out-
of-line.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set WCCP[/#]/RouterAddress <address>
Argument/Value Description
# Not used for the primary WCCP router. Only specified if additional routers are
configured. Up to seven additional routers can be configured. Additional
router entries include: 1-7. If specified, Include a slash “/” before the number.
<address> The router's IP address.
Show WCCP/#/RouterAddress
Set WCCP[/#]/Security
Description Enables or disables the security access to the router if the appliance is deployed out-of-line.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set WCCP[/#]/Security {yes|no}
Argument/Value Description
# Not used for the primary WCCP router. Only specified if additional routers are
configured. Up to seven additional routers can be configured. Additional
router entries include: 1-7. If specified, Include a slash “/” before the number.
yes Enables WCCP security.
no Disables WCCP security. (Default)
Show WCCP/#/Security
Description Displays whether or not WCCP security for sending traffic through the specified router is turned
on or off if the appliance is deployed out-of-line.
Access Level Required View (Array-Networks>)
Command Line Syntax show WCCP[/#]/Security (# only used to check secondary routers [replace with 1-7]. # not used
for primary router.)
Set WCCP[/#]/ServiceGroup
Description Specifies the service group number of the router if the appliance is deployed out-of-line.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set WCCP[/#]/ServiceGroup <group_number>
Argument/Value Description
# Not used for the primary WCCP router. Only specified if additional routers
are configured. Up to seven additional routers can be configured. Additional
router entries include: 1-7. If specified, Include a slash “/” before the
number.
<group_number> The service group number of the router. Default setting 98. The supported
range is 0 - 99.
Show WCCP/#/ServiceGroup
Description Displays the service group number configured for the router that traffic is redirected through if the
appliance is deployed out-of-line.
Access Level Required View (Array-Networks>)
Command Line Syntax show WCCP[/#]/ServiceGroup (# only used to check secondary routers [replace with 1-7]. # not
used for primary router.)
CDP Commands
Set cdp/Enabled
Description Enables or disables Cisco Discovery Protocol version 2 support for all interfaces on the appliance.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set cdp/Enabled {yes|no}
Argument/Value Description
yes Enables CDP functionality. When enabled, the appliance sends periodic
CDP messages to a multicast address.
no Disables CDP functionality. (Default)
Show cdp/Enabled
Description Displays the configured state for Cisco Discovery Protocol version 2 support for all interfaces on
the appliance (enabled or disabled).
Access Level Required View (Array-Networks>)
Command Line Syntax show cdp/Enabled
Set cdp/Interval
Description Configures the length of time, in seconds, between sending out CDP multicast messages.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set cdp/Interval <seconds>
<seconds> refers to the number of seconds to wait before the appliance sends out another CDP
message. Default is 90 seconds.
Show cdp/Interval
Description Displays the interval period configured on the appliance for sending out CDP multicast messages
to network devices.
Access Level Required View (Array-Networks>)
Command Line Syntax show cdp/Interval
Set cdp/Holdtime
Description Configures the length of time the device receiving CDP information from the appliance holds it
before discarding it.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set cdp/Holdtime <seconds>
<seconds> refers to the number of seconds to wait before discarding CDP information received
from the appliance. Default is 180 seconds; maximum is 256 seconds.
Show cdp/Holdtime
Description Displays the length of time, the device receiving CDP information from the appliance holds it
before discarding it.
Access Level Required View (Array-Networks>)
Command Line Syntax show cdp/Holdtime
Network Routes
Set NetworkRoutes
Description Configures static routes to avoid using the default gateway for specified traffic.
Access Level Advanced (Array-Networks-adv#)
Required
Show NetworkRoutes
Description Displays static routes configured for non-local subnets serviced by the appliance.
Access Level Required View (Array-Networks>)
Command Line Syntax show NetworkRoutes
Deployment
set Deployment/Device
inline Select this option if the aCelera is deployed on the main data path (between two
routers, a router and two switches, or two switches). When inline, the aCelera
uses two interfaces (WAN and LAN).
outofline Select this option if the aCelera is deployed off the main path. When out-of-line,
the aCelera uses one interface (WAN). (Default)
show Deployment/Device
Addressing
set Deployment/Addressing
Description Configures the type of WAN addressing used. Traffic between aCelera peers is a number of TCP
connections. There are two different modes for how the source and destination IP addresses are
specified for these connections.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set Deployment/Addressing {transparent|correct}
Option Description
Transparent TCP connections use the source and destination IP address of the
original client and server.
Correct TCP connections use the source and destination IP addresses of
the two aCeleras.
show Deployment/Addressing
Peers
set Acceleration/Peer/AutoDiscoveryEnabled
Description Enables or disables the auto discovery feature. When enabled, the appliance can automatically
discover and be discovered by other appliances that also have Auto Discovery enabled. Auto
Discovery is only applicable if each appliance is deployed in-line.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set Acceleration/Peer/AutoDiscoveryEnabled {yes|no}
Option Description
show Acceleration/Peer/AutoDiscoveryEnabled
Description Displays the configured state of the Auto Discovery feature. A “yes” indicates Auto Discovery is
enabled; a “no” indicates it is not.
Access Level Required View (Array-Networks>)
Command Line Syntax show Acceleration/Peer/AutoDiscoveryEnabled
set Acceleration/Peer/Permit
Description Adds the specified peer appliance to the defined peers list allowing the aCelera to find the defined
peer. Peers can be manually defined for both in-line and out-of-line deployments.
Access Level View (Array-Networks>)
Required
show Acceleration/Peer/Permit
Description Displays the IP address or serial number of all defined peers or just the specified peer.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax show Acceleration/Peer/Permit[/#]
[/#] refers to the number used to identify the peer connection. If not specified, all defined peers
are displayed.
no set Acceleration/Peer/Permit
Description Removes the specified peer from the defined peers list.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax no set Acceleration/Peer/Permit/<#>
<#> refers to the number used to identify the peer connection.
set Acceleration/Peer/Deny
Description Adds the specified peer to the appliance’s restricted peers list which prevents the aCelera from
connecting to the restricted appliance.
Access Level Advanced (Array-Networks-adv#)
Required
show Acceleration/Peer/Deny
Description Displays the serial number of all restricted peers or just the specified peer.
Access Level Required View (Array-Networks>)
Command Line Syntax show Acceleration/Peer/Deny[/#]
[/#] refers to number used to identify the peer connection. If not specified, all restricted peers are
displayed.
no set Acceleration/Peer/Deny
Description Removes the specified peer from the restricted peers list.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax no set Acceleration/Peer/Deny/<#>
<#> refers to the number used to identify the peer connection.
Peer Status
Show Status AcceleratingConnections
Description Displays the number of connections currently in the accelerating state, which means that traffic is
accelerating through the specified connections.
Access Level Required View (Array-Networks>)
Command Line Syntax show status AcceleratingConnections
State
State reset
Description Resets the specified connection. When issued, the peer connection is automatically brought down
and then brought back up.
Access Level Required View (Array-Networks>)
Command line Syntax state reset <#>
<#> refers to the number used to identify the peer connection.
set LoopDetect
Description Enables or disables loop detection. When enabled, the aCelera detects when two bridge interfaces
are connected to the same virtual switch. If this does occur the bridge automatically shuts down to
eliminate an ARP storm.
Access Level Required View (Array-Networks>)
Command Line Syntax set LoopDetect {yes|no}
Option Description
show LoopDetect
Description Displays the configured state of loop detection. A “yes” indicates loop detection is enabled; a “no”
indicates it is not.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax show LoopDetect
Traffic Rules
set Acceleration/Rule
Command Line set acceleration/rule <#> src [<source IP/mask>] [dst <destination IP/mask>] [proto
Syntax {tcp|udp|<protocol #>}] [port <port>] [dscp <dscp>] [action {A|F|D}] [class <class-name>]
Argument/Value Description
[<class-name>] The name of the traffic class to which this rule is matched.
With the exception of the <#> argument, all arguments are optional. A value of “any” is assumed for
unspecified arguments.
show Acceleration/Rule
no set Acceleration/Rule
Description Removes the specified match rule from the list. When removed, the match rule is no longer
available for the traffic class.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax no set Acceleration/Rule</#>
</#> refers to the number used to identify the peer connection.
Traffic Shaper
Set Acceleration/Trafficshaper/Enabled [Yes|No]
Set Wantxratelimit
Set Shaping/Class
Description Removes the specified match rule from the list. When removed, the match rule is no longer available
for the traffic class.
Access Level Advanced (Array-Networks-adv#)
Required
<x> Sets the traffic class number, starting at 1. For each new traffic shaping
class created, increment this number by 1.
<percentage> Indicates the percent of guaranteed minimum bandwidth for this class of
traffic (from 1% to 100%.). The default is 1%.
<abc> Assigns a name to the traffic class.
Command Line set shaping/rule/<x> src <source ip address> dst <destination ip address> proto <a> port <b>
Syntax dscp <c> class <def>
Argument/Value Description
<#> The traffic class number created earlier with the command:
set shaping/class/<#>
src <source ip The IP address from which the request is initiated. Provide the
address> appropriate IP address and subnet mask in the IP Address/Subnet Mask
fields in the format:
x.x.x.x/y
y indicates the subnet mask (/24 by default)
Note: Make sure to include the slash (/).
dst <destination ip The IP address designated to receive the request initiated by the source.
address> Provide the appropriate IP address and subnet mask in the IP
Address/Subnet Mask fields in the format:
x.x.x.x/y
where y indicates the subnet mask (/24 by default)
Note: Make sure to include the slash (/).
proto <a> The IP protocol to match to the rule.
If TCP, proto tcp
If UDP, proto udp
port <b> The destination port or port range. When specifying a range, include a
dash between the ports (for example 23-25).
dscp <c> The Differentiated Services Code Point (DSCP) ToS marking of the traffic.
Valid markings are from 0 throug 63.
class <def> The name of the traffic class associated with the rule.
Published Addresses
set Acceleration/Addresses/LocalSubnetEnabled
show Acceleration/Addresses/LocalSubnetEnabled
Description Displays whether or not the local subnet is managed by the aCelera. A “yes” indicates the local
subnet is managed by the aCelera; a “no” indicates it is not.
Access Level Required View (Array-Networks>)
Command Line Syntax set Acceleration/Addresses/LocalSubnetEnabled
set Acceleration/Addresses/Permit
Description Adds other addresses to the aCelera’s published list which allows these addresses to receive and send
accelerated data.
Access Level Advanced (Array-Networks-adv#)
Required
show Acceleration/Addresses/Permit
Description Displays the IP address or serial number of all defined peers or just the specified peer.
Access Level Required View (Array-Networks>)
Command Line Syntax show Acceleration/Addresses/Permit[/#]
[#] refers to the number used to identify the peer connection. If not specified, all peers are
displayed.
no set Acceleration/Addresses/Permit
Description Removes the specified addresses from the permit list. When removed, that location is no longer
managed by the aCelera.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax no set Acceleration/Addresses/Permit/<#>
<#> refers to the number used to identify the peer connection.
set Acceleration/Addresses/Deny
Description Adds addresses to the restricted list, which prevents traffic to and from those addresses to be accelerated by the
aCelera.
Access Advanced (Array-Networks-adv#)
Level
Required
show Acceleration/Addresses/Deny
Description Displays a list of all addresses or just the specified address in the restricted list.
Access Level View (Array-Networks>)
Required
no set Acceleration/Addresses/Deny
Description Clears the appliance’s acceleration history and optionally increases the size of the disk. See
Clearing Acceleration History on page 88.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax Historyclear [resize]
[resize] is an optional argument that also permits the history disk to be resized after the history
store has been cleared.
VLAN
set MgtVLAN
Description Allows traffic sourced from all VLANs or just the specified VLAN to be accelerated.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set MgtVLAN <vlan_id>
<vlan_id> the VLAN ID. Valid ID range is 0-4095. The default value of 0 indicates an untagged
VLAN.
show MgtVLAN
Public Addresses
set PublicAddress
show PublicAddress
Software Update
Update Get
<protocol> The protocol used to download the file. It can be FTP, HTTP, or SCP
(Secure Copy). Notes: If SCP is used, the user must have SSH set up on
the server and have a user account password. SCP does not support
specifying the password on the command line. Supported URL formats
include the following:
ftp://<server>/<path>
ftp://<username>:<password>@<server>/<path>
ftp://<username>@<server>/<path>*
http://<server>/<path>
http://<username>@<server>/<path>*
http://<username>:<password>@<server>/<path>
scp://<username>@<server>/<path>*
* Will prompt user for password.
[<username>] Optional user name that when configured, must be used to access to the
location. May be used in conjunction with a password. If no password is
specified, include an ampersand (@) after the password.
[<password>] The password that restricts access to the server. Only needed if required
by the server. If required, the password must be proceeded by the user
name and a colon (:) and followed by an ampersand (@). If a password is
not specified, a prompt appears requesting a password. Note: If using
SCP, the password cannot be specified on the command line; it can only
be specified after being prompted to enter one.
<server> IP address of the server or host name on which the software update
resides.
<path> The path where the file resides. Note: If FTP or HTTP is used, only
relative pathnames are supported; for SCP, the specified pathname must
be an absolute pathname.
<file> The name of the file to download.
Update Install
Description Installs a previously downloaded software update file and then reboots the appliance.
Access Level Required Advanced (Array-Networks-adv#)
Command line Syntax update install <file>
<file> - the filename
Update Info
Description Displays information about the new software package that was downloaded via the update get
command.
Access Level Required Advanced (Array-Networks-adv#)
Command line Syntax update info <file>
<file> - the filename supplied by Array Networks
Update Delete
Description Deletes all software files or just the specified file from the appliance.
Access Level Required Advanced (Array-Networks-adv#)
Command line Syntax update delete [<file>]
<file> - the filename supplied by Array Networks
Logging
Set LogLevel
Show LogLevel
Description Displays the detail level setting that was configured for saving information to a log file.
Access Level Required View (Array-Networks>)
Command Line Syntax show LogLevel
Log Display
Log Grep
Description Performs a case-insensitive search through the log file for the specified text string and displays the
results.
Access Level Required View (Array-Networks>)
Command Line Syntax log grep <"text_string"> [<log#>]
Argument/Value Description
"text_string" Indicates the specified text string to search on. Quotes are required if
whitespace is used.
log# Indicates the specified log number. Valid entries include:
0 Indicates the current log file. (Default)
Log List
Log Tail
Description Displays a specified number of lines at the tail end of a log file.
Access Level Required View (Array-Networks>)
Command Line Syntax log tail [<n_lines>] [<log#>]
Argument/Value Description
[<n_lines>] Optional parameter. Indicates the number of lines that are displayed.
Default is 10.
[<log#>] Optional parameter that can be used with n_lines. Indicates the specified log
number. Valid entries include:
0 Indicates the current log file. (Default)
Log Put
<protocol> The protocol used to download the file. It can be FTP, HTTP, or SCP (Secure Copy).
Notes: If SCP is used, the user must have SSH set up on the server and have a user
account password. Supported URL formats include the following:
ftp://<server>/<path>[/<new_filename>]
ftp://<username>:<password>@<server>/<path>[/<new_filename>]
ftp://<username>@<server>/<path>[/<new_filename>]*
http://<server>/<path>[/<new_filename>]
http://<username>@<server>/<path>[/new_filename>]*
http://<username>:<password>@<server>/<path>[/<new_filename]
scp://<username>@<server>/<path>[/<new_filename>]*
* Will prompt user for password.
[<username>] Optional user name that when configured, must be used to access to the location.
May be used in conjunction with a password. If no password is specified, include an
ampersand (@) after the password.
[<password>] The password that restricts access to the server. Only needed if required by the
server. If required, the password must be proceeded by the user name and a colon
(:) and followed by an ampersand (@). If a password is not specified, a prompt
appears requesting a password. Note: If using SCP, the password cannot be
specified on the command line; it can only be specified after being prompted to
enter one.
<server> The IP address of the server or host name on which the log file will reside.
<path> The path where the log file will reside. Note: If FTP or HTTP is used, only relative
pathnames are supported; for SCP, the specified pathname must be an absolute
pathname.
[<new_filename>] Optional. Renames the log file being uploaded to the user-specified name. If
specified, Include a slash “/” before the filename.
Log Rotate
Description Immediately rotates logs and optionally deletes all stored log files.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax log rotate [delete]
[delete] – Optional. If specified, deletes all stored log files.
Log Write
Description Writes the message to the log to aid in diagnosing issue that may occur. Use the command before and
after the event to quickly help to identify the area of the logs that are relevant to the issue
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax log write <message>
Syslog
Set NetSyslog/Enabled
Description Enables or disables network syslog messaging. When enabled, messages are sent to the local log
file on the appliance as well as to the specified network servers every time a log message is
generated.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set NetSyslog/Enabled {yes|no}
Option Description
Show NetSyslog/Enabled
Description Displays the configured state of network syslog messaging (enabled or disabled).
Access Level Required View (Array-Networks>)
Command Line Syntax show NetSyslog/Enabled
Set NetSyslog/Facility
Description Configures the facility type to filter the type of messages that are being logged.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set NetSyslog/Facility <facility#>
By default, <facility#> is configured with a value of 1, which indicates that all Array Networks-
defined messages are logged. Additional supported facility numbers include the following user-
customized values: 16, 17, 18, 19, 20, 21, 22, and 23.
Show NetSyslog/Facility
Set NetSyslog/Servers
Description Specifies the IP addresses of network servers to which syslog messages are sent to.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set NetSyslog/Servers <ip_address>[<;ip_address><;ip_address>]
The <ip_address> refers to the IP address of network servers that will receive log messages from
the appliance. Up to three servers can be specified. Use a semi-colon (;) with no spaces between
each specified IP address.
Show NetSyslog/Servers
Description Displays the configured IP addresses of network servers to which syslog messages are sent to.
Access Level Required View (Array-Networks>)
Command Line Syntax show NetSyslog/Servers
Configuration
Config Apply
Description Updates the configuration file with any setting settings that have been made and makes them
current.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax config apply
Config Clear
Description Clears all configuration changes that have not yet been updated using config apply.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax config clear
Config Delete
Config Display
Config List
Description Lists all configuration files stored on the appliance. Displayed information includes the software
version and build number each configuration file was created with, the size of the file, the date and
time it was created, and the name of each configuration file.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax config list
Config Unapplied
Config Get
Description Downloads a configuration file from the specified location on a remote server.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax config get <protocol>://[<username>:<password>@]<server>/<path>/<filename>
Argument/Value Description
<protocol> The protocol used to download the configuration file. It can be FTP, HTTP, or
SCP (Secure Copy). Notes: If SCP is used, the user must have SSH set up on the
server and have a user account password. SCP does not support specifying the
password on the command line. Supported URL formats include the
following:
ftp://<server>/<path>
ftp://<username>:<password>@<server>/<path>
ftp://<username>@<server>/<path>*
http://<server>/<path>
http://<username>@<server>/<path>*
http://<username>:<password>@<server>/<path>
scp://<username>@<server>/<path>*
* Will prompt user for password.
<username> Optional username that restricts access to the location.
[<username>] Optional user name that when configured, must be used to access to the
location. May be used in conjunction with a password. If no password is
specified, include an ampersand (@) after the password.
[<password>] The password that restricts access to the server. Only needed if required by
the server. If required, the password must be proceeded by the user name and
a colon (:) and followed by an ampersand (@). If a password is not specified, a
prompt appears requesting a password. Note: If using SCP, the password
cannot be specified on the command line; it can only be specified after being
prompted to enter one.
<path> The path where the configuration resides. Note: If FTP or HTTP is used, only
relative pathnames are supported; for SCP, the specified pathname must be an
absolute pathname.
<filename> The name of the configuration file to be downloaded.
Config Load
Config Put
Config Reset
Description Resets the configuration settings to factory default except for the current passwords and the
following network management interface settings which are configured via the set command:
appliance’s IP address (Address), the subnet mask (SubnetMask), the gateway address
(Gateway), the domain name (DomainName), the addresses of each configured DNS server
(DnsAddress), the hostname (HostName), and configured static routes (NetworkRoutes). It
then reboots the appliance after prompting the user to allow the reboot.
When the optional all argument is specified, all configuration settings are reset to factory default.
The appliance then reboots after prompting the user to allow the reboot.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax config reset [all]
Config Restore
Config Save
Description Permanently saves the currently running configuration file with changes that have been previously
updated using the config apply command. If a filename is specified, the running configuration file is
saved to that file instead of the startup configuration file.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax config save [<filename>]
[<filename>] is the optional user-specified name to save the current running configuration to.
Show
Show ConfigDate
Description Displays the date that the configuration was last modified.
Access Level Required View (Array-Networks>)
Command Line Syntax show ConfigDate
Show Changes
Description Displays appliance-specific changes that have not yet been applied using config apply.
Access Level Required View (Array-Networks>)
Command line Syntax show changes
Show {Running-Config|Run}
Description Displays changes that have been applied using config apply.
Access Level Required View (Array-Networks>)
Command line Syntax show Running-Config or show Run
Show {Startup-Config|Startup}
Description Displays the settings that were in effect when the aCelera booted.
Access Level Required View (Array-Networks>)
Command line Syntax show Startup-Config or show Startup
Network Settings
Set Address
Show Address
Set DnsAddress
Show DnsAddress
Set DomainName
Set Gateway
Show Gateway
Set HostName
Description The text string that appears at the CLI command prompt and at the top of the graphical user
interface window. This setting is typically changed to reflect the location where the appliance is
installed. Note: The text string cannot contain any spaces.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set HostName <hostname>
<hostname> is any valid name. Default is Array Networks.
Show HostName
Set Comment
Show Comment
Set SubnetMask
Show SubnetMask
Set WanTxMTU
Description Adjusts the MTU (Maximum Transmission Unit) setting configured for the appliance's Ethernet
interface.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set WanTxMTU <bytes>
<bytes> is the largest number of bytes the appliance can transmit as a single packet for the
appliance’s Ethernet interface. Default setting is 1500 bytes.
Show WanTxMTU
Description Displays the MTU (Maximum Transmission Unit) value configured for the appliance, in bytes.
Access Level Required View (Array-Networks>)
Command Line Syntax show WanTxMTU
User Accounts
Dis[able] Adv[anced]
Description Reduces the privilege level from advanced level to view level.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax disable adv or dis advanced or disable adv or disable advanced
Dis[able] View
Description Closes the current privilege level and exits the CLI.
Access Level Required View (Array-Networks>) or Advanced (Array-Networks-adv#)
Command Line Syntax dis view or disable view
En[able] Adv[anced]
Set Password
Description Configures a separate password for each of the appliance's CLI privilege levels.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set Password view
set Password adv[anced]
Option Description
view Configures a password that must be used to access to the view level. Default is
1234.
advanced Configures a password that must be used to access the advanced level. Default
is 123456.
MM 2-digit month
DD 2-digit day of month
hh 2-digit hour (0-23)
mm 2-digit minute (0-59)
CC 2-digit century
YY 2-digit year
.ss 2-digit seconds (0-59)
Date
Set NtpEnabled
Description Configures the appliance to utilize the Network Time Protocol (NTP) to synchronize its time and
date with that of the network. When enabled, the date set command is disabled.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set NtpEnabled {yes|no}
Option Description
Show NtpEnabled
Description Displays the configured state of Network Time Protocol function (enabled or disabled).
Access Level Required View (Array-Networks>)
Command Line Syntax show NtpEnabled
Set NtpServers
Description Configures the appliance to utilize the Network Time Protocol (NTP) to synchronize its time and
date with that of the network. When enabled, the date set command is disabled.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set NtpServers <server> [<server> ...]
<server> refers to the server the appliance uses to synchronize with. <server> can be either the IP
address or host name. If multiple servers are listed, the first specified server is the one the
appliance synchronizes with; other listed severs are used as backup servers. Separate each server
address or name with a space.
Show NtpServers
Description Displays the server(s) the appliance uses to synchronize the time and date on the network.
Access Level Required View (Array-Networks>)
Command Line Syntax show NtpServers
Diagnostics
Arp Display|Show
Arp Clear
Description Directly manipulates internal configuration settings. This command should only be used under the
direction of Array Networks Customer Support. Note: cdb set is case-sensitive.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax cdb set <path>/<parameter> <value>
Argument/Value Description
Cdb Show
Description Displays all configuration and status settings configured for the appliance or just the specified
setting. The displayed output also includes internal configuration settings. The output displayed
provides Array Networks Customer Support with additional data for troubleshooting the
appliance.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax cdb show [<path>/<parameter>]
Argument/Value Description
Ifconfig
Description Displays information for each network interface installed on the appliance. Information such as the
number of packets dropped and overruns is displayed.
Access Level Required View (Array-Networks>)
Command Line Syntax ifconfig
Interfaces
Description Displays the aCelera’s configured network settings and current statistical information for each of
its interfaces (WAN, LAN, and Heartbeat).
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax interfaces
Netstat
Description Displays network connection statistics for the appliance. Optionally displays network interface
statistics for the appliance's physical and virtual interfaces.
Access Level Required View (Array-Networks>)
Command Line Syntax netstat [interfaces]
Option Description
Nslookup
Ping
Description Tests and monitors an appliance in the network. Use Ping whenever you need to test a connection
to an appliance.
Access Level Required View (Array-Networks>)
Command Line Syntax ping <host> [count <number-to-send>] size <packet-size>
Argument/Value Description
<host> Required parameter. The host name to ping. If only host name is
specified, ping will send five ICMP echo requests of size 56 bytes.
[count <number-to- Optional parameter. Sends the specified number of echo requests. The
send> ] user can specify the 'count' keyword and a value to send any number of
ICMP requests.
size <packet-size> Sends the specified packet size (Default = 56).
Route
Show History
Description Displays compression-related related statistics such as the size of the history store, number of LAN
and WAN transactions, amount of compressed and uncompressed data (in megabits) entering and
exiting the compression engine, and the ratio of data coming in and going out of the compression
engine.
Access Level Required View (Array-Networks>)
Command Line Syntax show history
Show Mem[ory]
Show IP-Traffic
Description Displays various IP-related statistics such as packet information including total packets received,
forwarded, and dropped, and connection information including the number of active and passive
connections, and failed and established connections.
Access Level Required View (Array-Networks>)
Command Line Syntax show ip-traffic
Show Proc[cesses]
Description Displays the various processes running on the appliance. Process information can be sorted by
either the highest CPU or memory consumption. Note: Depending on the number of configured
cores, the CPU percentage can be greater than 100%. Each process may have multiple threads and
each can be running on a different core and theoretically utilizing up to 100% of that core. The
displayed output sums the CPU usage of all threads to determine the process percentage.
Access Level Required View (Array-Networks>)
Command Line Syntax show proc[cess] [cpu]
Option CPU - Information is sorted based on CPU consumption in descending order. If no option is
specified, it is sorted based on memory consumption in descending order.
Traceroute
Description Traces the route packets take to the specified host by displaying the sequence of hops the packet
has traversed.
Access Level Required View (Array-Networks>)
Command Line Syntax traceroute <host> [hops <max-number-of-hops>]
Argument/Value Description
Test {Bandwidth|BW}
Description Allows and restricts bandwidth testing as well as displays whether testing is currently allowed or
restricted.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax test{bandwidth|bw} {allow|reject|status}
Select either test bandwidth or test bw along with one of the following options:
Option Description
Description Performs bandwidth testing by initiating either a TCP or UDP test against the specified server.
Note: UDP tests will yield significantly lower throughput than TCP tests.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax test {bandwidth|bw} {tcp|udp} server <ip_address> [<time>] [<tcp-window-size>]
Argument/Value Description
Values Select either test bandwidth or test bw along with one of the following options:
test Syslog
Description Tests event logging by generating a test message in the log file and if network system logging is
enabled, also generates network syslog messages to each configured network syslog server. The
test messages to the log file and network syslog server(s) are only generated if the
specified log level name is equal-to or above the current configured log level configured
via the set LogLevel command. Use the log tail command to view the test message.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax test syslog <loglevel_name>
Values <loglevel_name> is trace, debug, test, info, notify, warning, error, critical, or fatal.
test {Dl|Download|Get}
Description Performs a simulated test to see if a document can be successfully downloaded and how long it
takes to do so. Can also use test Download and test Get to perform the same function.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax test download <protocol>://<server>/<path>/<file> [<attempts>]
Argument/Value Description
<protocol> The protocol used to download the file. Valid protocols include FTP
or HTTP.
<server> The IP address of the server or DNS name (if configured on the
network) on which the file resides.
<path> The path where the test file resides. Only relative path names are
supported.
<file> Name of the file to test the download function.
[<attempts>] Optional parameter that indicates the number of times to attempt
the download. If no number of attempts is specified, the setting
defaults to 1.
Status Information
Show Status
Description Displays the total bytes received by the LAN-side interface since the last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status LanRxBytes
Description Displays the total packets received by the LAN-side interface since last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status LanRxPackets
Description Displays the number of errors received by the LAN-side interface since last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status LanRxErrors
Description Displays the total bytes sent by the LAN-side interface since the last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status LanTxBytes
Description Displays the total packets sent by the LAN-side interface since last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status LanTxPackets
Description Displays the number of errors sent by the LAN-side interface since last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status LanTxErrors
Description Displays the total bytes received by the WAN-side interface since the last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status WanRxBytes
Description Displays the number of errors received by the WAN-side interface since last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status WanRxErrors
Description Displays the total packets received by the WAN-side interface since last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status WanRxPackets
Description Displays the total bytes sent by the WAN-side interface since the last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status WanTxBytes
Show Status WanTxPackets
Description Displays the total packets sent by the WAN-side interface since last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status WanTxPackets
Description Displays the number of errors sent by the WAN-side interface since last boot.
Access Level Required View (Array-Networks>)
Command Line Syntax show status WanTxErrors
Description Displays the date and time the appliance was booted, in UTC format.
Access Level Required View (Array-Networks>)
Command Line Syntax show status BootTime
Description Displays the percentage of disk space currently being utilized for user data such as configuration
files.
Access Level Required View (Array-Networks>)
Description Displays the percentage of disk space currently being utilized for history information
Show Status SN
Description Displays the version of software and build number installed on the appliance.
Access Level Required View (Array-Networks>)
Command Line Syntax show status SoftwareVersion
SNMP
Set Snmp/Trap/ConnectionDropTraps
Description Enables or disables peer-to-peer connection monitoring. When enabled, a single SNMP trap is
generated whenever any peer-to-peer connection transitions. When configured, a trap will be
generated if the state of the remote end of an established peer connection changes from the
“Accelerating” state to “Connecting”. Another trap will be generated when the state is returned to
“Accelerating”.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set snmp/trap/ConnectionDropTraps {yes|no}
Option Description
Show SNMP/Trap/ConnectionDropTraps
Set Snmp/Trap/Destinations
[<community>] Optional SNMP community name. If not specified, the default string public is
assumed. If specified, follow name with an ampersand (@).
<ip_address> The IP address of the host that is receiving notifications.
[<port>] Optional UDP port number for the host. If specified, include a colon (:) before
the port number. Default port number is 162.
A single trap destination consists of the optional SNMP community name, IP address, and optional
port. Multiple destinations can be specified, however, Array Networks recommends configuring no
more than two trap destinations. Use a comma between each trap destination (no spaces).
Show SNMP/Trap/Destinations
Set Snmp/Trap/Interval
Show SNMP/Trap/Interval
Description Displays the interval at which trap notifications are sent to specified hosts.
Access Level Required View (Array-Networks>)
Command Line Syntax show SnmpTrap/Interval
Set Snmp/Trap/<#>/Clear
# Indicates the number assigned to the trap event (0-10 are supported).
<clear_expression> Refers to a constant expression that when "true", clears the trap.
Show Snmp/Trap/#/Clear
Set Snmp/Trap/<#>/Comment
Description Allows the user to provide a descriptive comment for the trap event.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set Snmp/Trap/<#>/Comment <comment>
Argument/Value Description
# Indicates the number assigned to the trap event (0-10 are supported).
<comment> Refers to the user-defined string to describe the trap event.
Show Snmp/Trap/<#>/Comment
Description Displays the user-defined comment that describes the trap event.
Access Level Required View (Array-Networks>)
Command Line Syntax show Snmp/Trap/<#>/Comment
# indicates the number assigned to the trap event (0-10 are supported)
Set Snmp/Trap/<#>/Set
# Indicates the number assigned to the trap event (0-10 are supported).
<set_expression> Refers to a constant expression that when "true" (encountered), initiates the
trap.
Show Snmp/Trap/<#>/Set
Set Snmp/Trap/<#>/Value
# Indicates the number assigned to the trap event (0-10 are supported).
<parameter> Any valid parameter associated with the set or show command to which the
"set" and "clear" expressions are applied.
Show Snmp/Trap/<#>/Value
Description Displays the trap event parameter used to configure the trap event.
Access Level Required View (Array-Networks>)
Command Line Syntax show Snmp/Trap/<#>/Value
# indicates the number assigned to the trap event (0-10 are supported)
Set SnmpReadCommunity
Description Sets the SNMP read community string to validate incoming SNMP Gets in the Management
Information Base (MIB). If no string is specified, the default string public is assumed. If specified,
follow name with an ampersand (@).The string can be up to 20 alpha-numeric characters in
length. Punctuation symbols are supported.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set SnmpReadCommunity <string>
<string> refers to any valid string. Default is public.
Show SnmpReadCommunity
Tech Reports
Tech-Report List
Tech-Report Delete
Tech-Report {Create|Generate}
Description Generates a technical report with the user-specified filename. Technical reports contain internal
data that can be used by Array Networks Customer Support to debug and troubleshoot problems if
they occur.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax tech-report {create|generate} <file>
Type either create or generate to create a report.
<file> is the name of report to create.
Tech-Report Put
Description Uploads all generated reports on the appliance to the specified location.
Access Level Advanced (Array-Networks-adv#)
Required
Tech-Trace {On|Off}
Tech-Trace Adv
Description When tech-trace is on, includes enhanced trace information in the logs.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax debug s2 tech-trace adv
Tech-Trace Dump
Description Writes accumulated trace information from logs to an internal file that is accessed by tech-report
when it generates a technical report.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax debug s2 tech-trace dump
Gets2scripts
Description Downloads a script for gathering trace information for Array Networks use when debugging an
issue.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax debug gets2scripts <url>
where <url> is an address provided by Array Networks Customer Support.
Tech-Trace Run
Description Runs a script (that you download with gets2scripts) that gathers trace information for Array
Networks use when debugging an issue.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax debug s2 tech-trace run <myCmds>
where <myCmds> is the name of the script.
CMS
set cms/Enabled
show cms/Enabled
Description Shows the configured state of CMS. A “yes” indicates the aCelera is managed by CMS; a “no”
indicates it is managed by the local GUI or CLI.
Access Level Required View (Array-Networks>)
Command Line Syntax show cms/Enabled
set cms/address
Description Configures the IP address or the host name where CMS is located.
Access Level Required View (Array-Networks>)
Command Line Syntax set cms/address <host_name or ip_address>
The IP address or the host name where CMS is located. Default is cms_server.
show cms/address
Description Displays the configured IP address or the host name where CMS is located.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax show cms/address
set cms/poll
Description Configures the polling interval of the aCelera with CMS, in minutes. A 0 indicates that polling is
disabled. Default is 5.
Access Level Required View (Array-Networks>)
Command Line Syntax set cms/poll <minutes>
The polling interval of the aCelera with CMS. A 0 indicates that polling is disabled. Default is 5.
show cms/poll
Description Displays the polling interval of the aCelera with CMS, in minutes. A 0 indicates that polling is
disabled.
Access Level Required View (Array-Networks>)
Command Line Syntax show cms/poll
set cms/port
show cms/port
set cms/timeout
Description Configures the number of minutes to re-connect to the CMS server if the connection is lost.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set cms/timeout <timeouts>
The number of minutes to re-connect to the CMS server if the connection is lost. Default is 15.
show cms/timeout
Description Displays the number of minutes to re-connect to the CMS server if the connection is lost.
Access Level Required View (Array-Networks>)
Command Line Syntax show cms/timeout
set cms/register
show cms/register
Description Shows the configured state of CMS control. A “true ” indicates the aCelera is managed by CMS; a
“no” indicates it is managed by the local GUI or CLI.
Access Level Required View (Array-Networks>)
Command Line Syntax show cms/register
Services
set TelnetEnabled
Show TelnetEnabled
Description Displays whether access to the CLI via Telnet is enabled or disabled.
Access Level Required View (Array-Networks>)
Command Line Syntax showTelnetEnabled
SSH
[username] A valid user name that is recognized by the host. Only needed if required by
the client.
{host} The host name configured for the appliance via the set HostName command.
{ip_address]} The IP address configured for the appliance via set Address command.
While attempting to access the CLI via SSH, some SSH clients may prompt the user to supply a user
name. Type “cli” to allow the login process to continue.
SSH Delete
SSH Regenerate-Server-Keys
Description Regenerates the public/private server keys on the appliance. The previous key pair is deleted.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax ssh regenerate-server-keys
set HttpEnabled
show HttpEnabled
Description Displays whether or not HTTP access to the GUI is enabled or disabled.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set HttpEnabled
No Set
Description Resets the specified appliance setting to its factory default setting.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax no set <parameter>
<parameter> - Any configuration parameter viewable from the show command.
Reboot
Description Immediately reboots the appliance if no changes have been made. Otherwise a yes/no prompt to
save any unapplied changes to the configuration needs to be answered before reboot continues.
The reboot command attempts to shut down all in-flight traffic. While waiting for the appliance to
reboot, the CLI command line prompt is displayed and is accessible to the user. Do not attempt to
issue CLI commands while the system is rebooting. Also, do not attempt to close a Telnet session
while the appliance is rebooting.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax reboot
Set IcmpEchoReply
Description Controls whether or not the appliance will reply to ICMP Echo Requests.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set IcmpEchoReply {on|off}
Option Description
Show IcmpEchoReply
Description Displays whether or not the appliance is configured to reply to ICMP Echo Requests.
Access Level Required View (Array-Networks>)
Command Line Syntax show IcmpEchoReply
Set Motd
Description Configures a banner to be displayed when the CLI is first accessed. The banner is only displayed
once upon login.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set motd <banner>
<banner> is the user-specified message.
Show Motd
Description Displays the message that is displayed whenever the CLI is accessed.
Access Level Required View (Array-Networks>)
Command Line Syntax show Motd
Set RebootOnFailure
Description Allows or prevents the appliance to automatically reboot if any internal errors are detected by the
software.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set RebootOnFailure {yes|no}
Option Description
Show RebootOnFailure
Description Displays the setting configured for allowing the appliance to automatically reboot in the event of
an appliance failure.
Access Level Required View (Array-Networks>)
Command Line Syntax show RebootOnFailure
Shutdown
Description Shuts down the appliance. To restart the appliance, you must flip the power switch to on.
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax shutdown
Terminal Length 0
Description Disables terminal CLI output pagination so that all lines of text are displayed without scrolling.
This command takes effect immediately and is good for the current CLI session.
Access Level Required View (Array-Networks>)
Command Line Syntax terminal length 0
Terminal Length Auto
Description Restores terminal CLI output pagination if the terminal length 0 command had issued for the
current CLI session.
Access Level Required View (Array-Networks>)
Command Line Syntax terminal length auto
Help
Description This command lists all commands, and their description, which are available in the current access
level.
Access Level Required View (Array-Networks>)
Command Line Syntax help
Show
Set ExecTimeout
Description Configures the amount of time of user inactivity that must occur before timing out a CLI session.
Any time the inactivity timeout value is changed, you must log out and then log in again for the
new setting to take effect
Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set ExecTimeout <minutes>
<minutes> indicates the number of minutes of user inactivity before closing the CLI session. A
value of 0 disables the timer (Default).
Show ExecTimeout
Version
Description Displays information about the current version of software running on the on the appliance.
Information displayed includes the version number, the date the software was last uploaded, the
hardware model number and serial number of the appliance, processor, disk, and memory
information.
Access Level Required View (Array-Networks>)
Command Line Syntax Ver[sion]
CDBWD:100 NOTIFY /galaxy/bin/cdb_watchdog The health monitor process has been started
started. hblim=30000 with the following parameters: heartbeat limit
abtlim=15000 killim=30000 30 secs; abort response limit 15 seconds; kill
limit 30 seconds.
CDBWD:101 NOTIFY [proc] is now being monitored The health monitor process has detected the
presence of the named process and is now
monitoring it. Known processes: s2d.
CDBWD:102 INFO [proc] has exited The named process has exited and is no longer
being monitored.
CDBWD:103 ERROR [proc] heartbeat overdue for [n] The named process has not sent a heartbeat
seconds, sending SIGABRT for the indicated number of seconds and is
therefore deemed to have become hung. An
ABORT signal has been sent to it.
CDBWD:104 ERROR [proc] SIGABRT pending for [n] The named process was previously sent an
seconds, sending SIGKILL ABORT signal but has not responded or exited
for the indicated number of seconds. A KILL
signal has been sent which should be
unblockable.
CDBWD:105 CRITICAL [proc] KILL signal pending for [n] The named process was previously sent a
seconds, rebooting. KILL signal but has not exited for the indicated
number of seconds. This indicates that the
system is probably hung. The health monitor
process will now exit which should force a
system reboot.
Configuration File
A collection of various configuration settings that reside in a file on the appliance.
In-Line Deployment
Places the appliance directly on the network path between the router and a switch.
Local Subnet
Refers to local traffic serviced by the appliance. All devices whose IP addresses have the same prefix are
part of a local network.
Traffic Rules
Traffic rules provide the mechanism for identifying and categorizing traffic. Once traffic is identified, it
processed by the rule and either is accelerated across the WAN, forwarded (bridged), or dropped.
NAT
NAT (Network Address Translation) is a process of translating the source header of IP packets so they
will be routable across wide area networks.
Out-of-line Deployment
Places the appliance off the main data path usually off a switch or router. Also referred to as a “one-arm
deployment.”
Peer Connections
Refers to two appliances pass traffic to each other.
Privilege Levels
The aCelera contains two privilege levels for viewing and or configuration settings: View and Advanced.
The view level allows users to view the configured settings. The advanced level permits users to view
and configure settings.
Published Addresses
The IP address of locations that the aCelera manages traffic for.
Read-Ahead
Reduces the number of round-trip times waiting for an acknowledgement by allowing the appliance to
generate read-ahead requests while a file is open. This pre-fetching of content of requests minimizes the
latency associated with read operations. The appliance automatically generates the expected read
requests itself to the server and does so without waiting for each read response.
Remote Subnets
Refers to non-local network traffic that can be accelerated by the appliance.
Running Configuration
The file that contains configuration and connection settings configured for the current session.
Write-behind
Reduces the number round-trip times required to perform write operations by providing early
acknowledgements to client content requests which speeds up the request for the next block of data.
Server acknowledgements are spoofed by the client side appliance so subsequent writes from the client
happen sooner without incurring a WAN round trip as would be the case if the acknowledgement came
from the server.
Appendix E
Index
A apply updates, 11, 12, 16, 17, 18, 21, 23, 27, 29,
30, 31, 34, 38, 39, 41, 43, 44, 50, 52, 55, 56, 58,
Acceleration
61, 62, 65, 67, 68, 70, 72, 84, 88, 97, 100, 117,
disable, 58, 60 118, 119, 127, 193, 224, 227, 260, 261
enable, 58, 60 backup to disk, 105, 113, 114, 226
enable, disable, 58, 60 compare, 113
optimization, 60 delete, 118, 119, 224
Address display contents, 112, 120, 224
configure, 15, 16, 17, 19, 22, 26, 28, 30, 31, 32, 36, display unapplied changes, 119, 224
37, 40, 42, 44, 45, 46, 47, 51, 52, 53, 58, 60, 62,
list files, 120, 224
64, 65, 66, 67, 68, 69, 70, 71, 73, 74, 76, 78, 79,
86, 88, 90, 92, 94, 96, 100, 102, 103, 105, 107, manage, 108
109, 110, 111, 112, 113, 114, 116, 117, 118,
restore startup config, 11, 109, 110, 227
119, 120, 121, 122, 123, 124, 125, 127, 128,
129, 130, 131, 132, 133, 137, 141, 142, 144, save settings, 11, 12, 16, 17, 18, 21, 23, 27, 29, 30,
145, 152, 154, 156, 158, 169, 170, 171, 173, 31, 34, 38, 39, 41, 43, 44, 50, 52, 55, 56, 59, 61,
175, 178, 179, 180, 181, 183, 184 62, 65, 67, 68, 70, 72, 84, 88, 97, 100, 109, 115,
193, 227, 261
display, 154
startup config, 112, 120, 224
Authentication
upload, 116, 117, 225
regenerate keys, 150
view running config, 111
B
view startup config, 112
Bandwidth Testing, 189, 237
Correct Addressing, 28, 173, 175
Bandwidth Testing, 189
D
C
Dashboard, 154, 160
Certificates, 73, 74, 76, 78, 79, 81
Data History
CLI
clearing, 103, 105
add display message, 55
Defined Peers
overview, 10
define, 173, 175, 260
session inactivity timeout period, 56
remove, 173, 175, 260
CMS, 23, 248, 249
restrict, 173, 175, 260
Collect Trace Information
Disk Space Utilization, 158, 242
script, 139
Display Configuration Parameters, 154
Collecting Trace Information, 138, 139
Display Message, 55
Configuration File
Display Update Information, 121
download, 116
DNS Address
list files on device, 120
configure, 15, 16, 17, 19, 22, 26, 28, 30, 31, 32, 36,
Configuration Files
37, 40, 42, 44, 45, 46, 47, 51, 52, 53, 58, 60, 62,
64, 65, 66, 67, 68, 69, 70, 71, 73, 74, 76, 78, 79,
86, 88, 90, 92, 94, 96, 100, 102, 103, 105, 107, display, 3, 7, 9, 11, 16, 17, 19, 20, 23, 28, 36, 38,
109, 110, 111, 112, 113, 114, 116, 117, 118, 40, 45, 46, 47, 54, 64, 65, 70, 71, 75, 80, 81, 82,
119, 120, 121, 122, 123, 124, 125, 127, 128, 86, 87, 88, 95, 96, 105, 114, 117, 122, 134, 136,
129, 130, 131, 132, 133, 137, 141, 142, 144, 143, 145, 146, 149, 151, 156, 171, 173, 175,
145, 152, 154, 156, 158, 169, 170, 171, 173, 177, 181, 188, 190, 197, 199, 200, 201, 206,
175, 178, 179, 180, 181, 183, 184 210, 211, 213, 215, 216, 217, 219, 222, 223,
226, 228, 232, 235, 237, 238, 239, 243, 246,
display, 154
248, 250, 260, 261
Domain Name
L
configure, 15, 16, 17, 19, 22, 26, 28, 30, 31, 32, 36,
License, 79, 151
37, 40, 42, 44, 45, 46, 47, 51, 52, 53, 58, 60, 62,
64, 65, 66, 67, 68, 69, 70, 71, 73, 74, 76, 78, 79, Log files
86, 88, 90, 92, 94, 96, 100, 102, 103, 105, 107,
delete, 128
109, 110, 111, 112, 113, 114, 116, 117, 118,
119, 120, 121, 122, 123, 124, 125, 127, 128, rotate, 128
129, 130, 131, 132, 133, 137, 141, 142, 144,
upload, 136
145, 152, 154, 156, 158, 169, 170, 171, 173,
175, 178, 179, 180, 181, 183, 184 Logging
display, 154 Network Syslog, 4, 53
G set log level, 51
Gateway Logs
configure, 15, 16, 17, 19, 22, 26, 28, 30, 31, 32, 36, add comment, 134, 223
37, 40, 42, 44, 45, 46, 47, 51, 52, 53, 58, 60, 62,
delete, 13, 129
64, 65, 66, 67, 68, 69, 70, 71, 73, 74, 76, 78, 79,
86, 88, 90, 92, 94, 96, 100, 102, 103, 105, 107, display contents, 131, 132, 221
109, 110, 111, 112, 113, 114, 116, 117, 118,
119, 120, 121, 122, 123, 124, 125, 127, 128, list, 129, 130, 221
129, 130, 131, 132, 133, 137, 141, 142, 144, manage, 128
145, 152, 154, 156, 158, 169, 170, 171, 173,
175, 178, 179, 180, 181, 183, 184 rotate, 13, 128, 129, 222
H Loop Detection, 31
download, 219
P install, 219
Packet Capture manage, 121
manage, 148, 149 upload, 121
view file information, 124, 220
Passwords
view files, 123
assigning, 107
Static Routes
Peer Auto Discovery, 62
configure, 40
Ping, 145
Subnet Mask
Published Addresses
configure, 15, 16, 17, 19, 22, 26, 28, 30, 31, 32, 36,
add other addresses, 4, 67, 69, 71, 215, 261 37, 40, 42, 44, 45, 46, 47, 51, 52, 53, 58, 60, 62,
exclude, 4, 67, 69, 71, 215, 261 64, 65, 66, 67, 68, 69, 70, 71, 73, 74, 76, 78, 79,
86, 88, 90, 92, 94, 96, 100, 102, 103, 105, 107,
local address, 4, 67, 69, 71, 215, 261 109, 110, 111, 112, 113, 114, 116, 117, 118,
remove, 4, 67, 69, 71, 215, 261 119, 120, 121, 122, 123, 124, 125, 127, 128,
129, 130, 131, 132, 133, 137, 141, 142, 144,
R 145, 152, 154, 156, 158, 169, 170, 171, 173,
Remote Administration 175, 178, 179, 180, 181, 183, 184
HTTPS, 42 subnets
ssh, 42 T
Reset the System to Factory Default, 121 monitoring network traffic, 147
trap destination, 4, 25, 44, 45, 46, 47, 49, 50, 243, Traffic Classes, 90
244, 245, 257 Traffic Rules
traps, 4, 25, 44, 45, 46, 47, 49, 50, 243, 244, 245, manage, 4, 85, 86, 94, 213, 214, 215, 261
257
Traffic Shaper
SNMP Traps, 45, 47
manage, 89
SnmpReadCommunity
Traffic Shaper Rules
configure password, 44
manage, 93
Software
Transparent Addressing, 28, 173, 175
delete, 127, 220
V
Version Information, 155, 192, 242
VLAN, 3, 17, 18, 217
W
WAN Addressing
correct addressing, 28, 173, 175
Correct Addressing, 28
transparent addressing, 28, 173, 175
Transparent Addressing, 28
WAN MTU, 30
WCCP, 26, 36, 37, 39, 204