Acelera User Guide

Array Networks™ aCeleraTM WAN Optimization
Appliance
User Guide
Release 4.2.4
AN10-001-10-4200-PRE1
2013 ARRAY NETWORKS, INC. ALL RIGHTS RESERVED.
Array Networks, Inc.

1371 McCarthy Blvd.
Milpitas, CA 95035
Phone +1-866-MY-ARRAY • Fax + 1-408-240-8752
Array Networks Customer Support +1-877-992-7729
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or
translated into any language or computer language, in any form, or by any means, electronic, mechanical,
optical, chemical, manual, or otherwise, without the prior written APPROVAL of Array Networks.
Disclaimer
Array Networks provides this document and the programs “as is” without warranty of any kind, either
expressed or implied, including, but not limited to, the implied warranties of merchantability or fitness for a
particular purpose.
This document could contain technical inaccuracies or typographical errors. Changes are periodically made to
the information herein; these changes will be incorporated in a future revision of this document. Array
Networks is under no obligation to notify any person of these changes.
Trademarks
Array Networks is a registered trademark of Array Networks Inc. aCelera, Secure Acceleration Technology,
Application Acceleration Blueprints, and Secure Application Networking are trademarks of Array Networks
Inc.
aCeleraTM WAN Optimization Appliance User Guide

Release 4.2.4
ii aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

Table of Contents
Table of Contents....................................................................................................................................... iii
Section I Setup Functions .........................................................................................................................1
Chapter 1 Configuration Settings Checklist ..................................................................................3
Chapter 2 Getting Around the GUI and CLI ....................................................................................6
2.1 Accessing the Graphical User Interface ............................................................................................................................................ 6
2.1.1 Supported Browsers ................................................................................................................................................................6
2.1.2 Login Screen ................................................................................................................................................................................6
2.1.3 Graphical User Interface ........................................................................................................................................................ 6
2.2 Accessing the Command Line Interface ........................................................................................................................................... 7
2.2.1 Running the Virtualization Hypervisor Program ....................................................................................................... 7
2.2.2 Initiating a Telnet Session ..................................................................................................................................................... 7
2.2.3 Initiating an SSH Session ....................................................................................................................................................... 8
2.3 Command Line Interface Basics........................................................................................................................................................... 8
2.3.1 Accessing the Advanced Level in the CLI ....................................................................................................................... 8
2.3.2 Command Line Conventions ................................................................................................................................................ 9
2.3.3 Keys and Key Combinations Available During a CLI Session ................................................................................ 9
2.3.4 Controlling Terminal Output Pagination........................................................................................................................ 9
2.3.5 Exiting the CLI ............................................................................................................................................................................9
2.3.6 Configuration Basics ................................................................................................................................................................9
2.4 CLI Document Conventions ................................................................................................................................................................ 10
Chapter 3 Configuring Basic Settings ........................................................................................... 13
3.1 System Settings ........................................................................................................................................................................................ 13
3.1.1 Configuring General Settings ............................................................................................................................................ 13
3.1.2 Configuring Network Settings .......................................................................................................................................... 14
3.2 Advanced Settings ................................................................................................................................................................................... 15
3.2.1 Configuring the Management VLAN ID ........................................................................................................................ 15
3.2.2 Configuring NAT Support ................................................................................................................................................... 16
3.3 Device Management ............................................................................................................................................................................... 18
3.4 Enabling Centralized Management System (CMS) ................................................................................................................... 18
3.5 Disabling Centralized Management System (CMS) .................................................................................................................. 18
Chapter 4 Configuring Device Settings ........................................................................................ 20
iii aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

T A B L E O F C O N T E N T S
4.1 Deployment Options .............................................................................................................................................................................. 20

4.1.1 Configuring the Deployment Mode ................................................................................................................................ 20
4.1.2 Configuring the WAN Addressing Mode ...................................................................................................................... 22
4.1.3 Adjusting the WAN MTU ..................................................................................................................................................... 23
4.1.4 Enabling or Disabling Loop Detection .......................................................................................................................... 24
4.1.5 Configuring Cisco Discovery Protocol .......................................................................................................................... 25
4.1.6 Disabling CDP .......................................................................................................................................................................... 26
4.2 Configuring VRRP Options .................................................................................................................................................................. 26
4.3 Configuring Inline HA (High Availability) Options ................................................................................................................... 27
4.4 Configuring WCCP Options ................................................................................................................................................................. 28
4.4.1 Configuring Network Routes ............................................................................................................................................ 31
4.5 Remote Administration ........................................................................................................................................................................ 33
4.5.1 Managing Service Options.................................................................................................................................................. 34
4.6 SNMP Options ........................................................................................................................................................................................... 35
4.6.1 Configuring an SNMP Community String .................................................................................................................... 35
4.6.2 Configuring SNMP Trap Destinations ........................................................................................................................... 36
4.6.3 Specifying the Trap Sampling Interval ......................................................................................................................... 37
4.6.4 Configuring SNMP Traps .................................................................................................................................................... 38
4.7 Event Logging............................................................................................................................................................................................ 41
4.7.1 Setting the Log Level ............................................................................................................................................................ 41
4.7.2 Recommended Event Logging Settings ........................................................................................................................ 42
4.7.3 Configuring Network System Logging (Network Syslog) .................................................................................... 43
4.8 CLI Customization Settings ................................................................................................................................................................. 45
4.8.1 Adding a CLI Display Message.......................................................................................................................................... 45
4.8.2 Setting the CLI Session Inactivity Timeout Period .................................................................................................. 46
Chapter 5 Configuring Acceleration Settings ............................................................................ 48
iv aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

TABLE OF CONTENTS
5.1 General Acceleration Settings ............................................................................................................................................................ 48

5.1.1 Enabling or Disabling Acceleration................................................................................................................................ 48
5.1.2 Enabling or Disabling Acceleration Optimization ................................................................................................... 48
5.2 Peer Options .............................................................................................................................................................................................. 50
5.2.1 Configuring Peer Auto Discovery.................................................................................................................................... 50
5.2.2 Managing Defined Peers ..................................................................................................................................................... 51
5.2.3 Managing Restricted Peers ................................................................................................................................................ 52
5.2.4 Setting Heartbeat Interval ................................................................................................................................................. 53
5.3 Published Addresses .............................................................................................................................................................................. 54
5.3.1 Managing the Local Subnet................................................................................................................................................ 54
5.3.2 Managing Other Accelerated Addresses ...................................................................................................................... 55
5.3.3 Managing Excluded Addresses ........................................................................................................................................ 57
5.4 Managing SSL Certificates ................................................................................................................................................................... 58
5.4.1 Listing All Certificates on the Appliance ...................................................................................................................... 59
5.4.2 Loading Certificates .............................................................................................................................................................. 59
5.4.3 Viewing Certificate Information ...................................................................................................................................... 63
5.4.4 Deleting Certificates ............................................................................................................................................................. 65
5.4.5 Updating Certificates ............................................................................................................................................................ 66
5.4.6 Exporting a Certificate ......................................................................................................................................................... 67
5.5 Managing SSL Servers ........................................................................................................................................................................... 69
5.6 Traffic Rules ............................................................................................................................................................................................... 71
5.7 Traffic Shaper ............................................................................................................................................................................................ 76
5.8 Traffic Shaper Rules ............................................................................................................................................................................... 80
Section II Administration and Status Functions ............................................................................ 85
Chapter 6 Administration Functions ............................................................................................ 87
aCelera™ Virtual Appliance User Guide – Release 4.2 v

6.1 General Administration Commands................................................................................................................................................ 87

6.1.1 Rebooting the aCelera .......................................................................................................................................................... 87
6.1.2 Shutting Down the Appliance ........................................................................................................................................... 87
6.1.3 Clearing Acceleration History .......................................................................................................................................... 88
6.1.4 Resetting the Configuration to Factory Defaults...................................................................................................... 89
6.1.5 Changing Passwords............................................................................................................................................................. 91
6.2 Managing Configuration Files ............................................................................................................................................................ 92
6.2.1 Permanently Save Settings to the Startup Configuration .................................................................................... 92
6.2.2 Restoring the Startup Configuration ............................................................................................................................. 93
6.2.3 Viewing the Running Configuration .............................................................................................................................. 93
6.2.4 Viewing the Startup Configuration ................................................................................................................................ 94
6.2.5 Comparing Configurations ................................................................................................................................................. 95
6.2.6 Backing Up Configuration Files to Disk ........................................................................................................................ 95
6.2.7 Uploading Configuration Files onto the Appliance ................................................................................................. 98
6.2.8 Applying Configuration Updates ..................................................................................................................................... 99
6.2.9 Deleting Configuration Files ...........................................................................................................................................100
6.2.10 Displaying Unapplied Configuration Changes ........................................................................................................101
6.2.11 Listing All Configuration Files on the Appliance ....................................................................................................101
6.2.12 Displaying the Contents of a Configuration File .....................................................................................................102
6.3 Managing Software ...............................................................................................................................................................................102
6.3.1 Uploading Software Updates onto the Appliance ..................................................................................................102
6.3.2 Viewing Software Update Files Stored on the Appliance ...................................................................................104
6.3.3 Viewing Software File Information ..............................................................................................................................105
6.3.4 Applying a Software Update............................................................................................................................................106
6.3.5 Deleting Software Files......................................................................................................................................................108
6.4 Managing Log Files ...............................................................................................................................................................................109
6.4.1 Rotating Log Files ................................................................................................................................................................109
6.4.2 Displaying a List of all Log Files ....................................................................................................................................110
6.4.3 Displaying the Contents of a Log File ..........................................................................................................................111
6.4.4 Searching for Text within Log File ...............................................................................................................................113
6.4.5 Displaying the Specified Number of Lines at the Tail End of a Log File ......................................................114
6.4.6 Writing Text to Logs ...........................................................................................................................................................114
6.4.7 Testing Event Logging .......................................................................................................................................................115
6.5 Uploading Log Files ..............................................................................................................................................................................116
6.6 Managing Technical Reports ............................................................................................................................................................117
6.6.1 Creating Technical Reports .............................................................................................................................................117
6.6.2 Using a Script to Collect Trace Information .............................................................................................................119
6.6.3 Deleting Technical Reports .............................................................................................................................................121
vi aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4
TABLE OF CONTENTS
6.6.4 Listing Technical Reports.................................................................................................................................................121

6.6.5 Uploading Technical Reports .........................................................................................................................................122
6.7 Diagnostics ...............................................................................................................................................................................................124
6.7.1 Network Test .........................................................................................................................................................................124
6.8 Monitoring Network Traffic .............................................................................................................................................................126
6.9 Managing Packet Capture Information ........................................................................................................................................127
6.9.1 Displaying a List of Packet Capture Files...................................................................................................................127
6.9.2 Deleting Packet Capture Files.........................................................................................................................................127
6.9.3 Uploading Packet Capture Information .....................................................................................................................128
6.10 Regenerating Authentication Keys for Secure Access to the Appliance .......................................................................128
6.11 Updating the License ...........................................................................................................................................................................129
Chapter 7 Status Functions ........................................................................................................... 133
aCelera™ Virtual Appliance User Guide – Release 4.2 vii

7.1 Status ..........................................................................................................................................................................................................133

7.2 System Status ..........................................................................................................................................................................................133
7.3 Network Settings ...................................................................................................................................................................................133
7.4 Device Settings .......................................................................................................................................................................................134
7.5 Dashboard ................................................................................................................................................................................................136
7.5.1 Dashboard Interface ...........................................................................................................................................................138
7.6 Historical Throughput Report .........................................................................................................................................................140
7.6.1 Data Reduction Reports ....................................................................................................................................................141
7.7 Top Applications ....................................................................................................................................................................................141
7.8 Manage Applications ............................................................................................................................................................................144
7.9 Interfaces ..................................................................................................................................................................................................145
7.9.1 Interface Status .....................................................................................................................................................................145
7.9.2 Interface Statistics ...............................................................................................................................................................146
7.10 Peer Status ................................................................................................................................................................................................148
7.11 WCCP Statistics.......................................................................................................................................................................................150
7.12 Diagnostics ...............................................................................................................................................................................................153
7.12.1 Viewing Routing Tables ....................................................................................................................................................153
7.12.2 Viewing and Clearing ARP Table Entries ..................................................................................................................154
7.12.3 Displaying Network Interface Information ..............................................................................................................156
7.12.4 Displaying IP-Related Statistics.....................................................................................................................................156
7.12.5 Displaying Process Information ....................................................................................................................................157
7.12.6 Displaying Memory Usage ...............................................................................................................................................159
7.12.7 Displaying Compression-Related Statistics..............................................................................................................161
7.12.8 Testing the Download Functionality ...........................................................................................................................162
7.13 Performing Bandwidth Testing.......................................................................................................................................................162
7.13.1 Performing Bandwidth Testing between Two Appliances ...............................................................................162
7.13.2 Performing Bandwidth Testing between an Appliance and a Server...........................................................163
7.13.3 Terminating Bandwidth Testing between Appliances ........................................................................................163
7.13.4 Display the Current Status of Bandwidth Testing .................................................................................................163
7.14 Displaying Multiple Statistics via Show Status .........................................................................................................................163
7.15 Displaying Version Information......................................................................................................................................................165
7.16 Netflow Data Export .............................................................................................................................................................................165
Chapter 8 Management Port ........................................................................................................ 167
8.1 Basic Settings ..........................................................................................................................................................................................167
8.2 Security Settings ....................................................................................................................................................................................168
Section III Appendices ......................................................................................................................... 170
Appendix A .................................................................................................................................................. 171
viii aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

TABLE OF CONTENTS
CLI Command Reference ................................................................................................................................................................................171

Generic TCP Proxying ......................................................................................................................................................................................171
SSL Acceleration ................................................................................................................................................................................................171
CIFS Acceleration Optimization ..................................................................................................................................................................176
HTTP Acceleration Optimization ...............................................................................................................................................................177
MAPI Acceleration Optimization ................................................................................................................................................................177
SSL Acceleration Optimization ....................................................................................................................................................................178
WCCP Commands ..............................................................................................................................................................................................178
CDP Commands ..................................................................................................................................................................................................182
Network Routes .................................................................................................................................................................................................183
Deployment..........................................................................................................................................................................................................184
Addressing............................................................................................................................................................................................................185
Peers........................................................................................................................................................................................................................185
Peer Status............................................................................................................................................................................................................187
Traffic Rules .........................................................................................................................................................................................................188
Traffic Shaper......................................................................................................................................................................................................189
Traffic Shaper Rules .........................................................................................................................................................................................190
Published Addresses ........................................................................................................................................................................................191
Acceleration Content Removal ....................................................................................................................................................................193
VLAN .......................................................................................................................................................................................................................193
Public Addresses ...............................................................................................................................................................................................194
Software Update ................................................................................................................................................................................................194
Logging...................................................................................................................................................................................................................196
Syslog ......................................................................................................................................................................................................................200
Configuration ......................................................................................................................................................................................................201
Network Settings ...............................................................................................................................................................................................206
User Accounts .....................................................................................................................................................................................................208
Date and Time .....................................................................................................................................................................................................209
Diagnostics ...........................................................................................................................................................................................................210
Status Information ............................................................................................................................................................................................215
SNMP.......................................................................................................................................................................................................................220
Tech Reports .......................................................................................................................................................................................................223
CMS ..........................................................................................................................................................................................................................226
Services ..................................................................................................................................................................................................................228
Other Device Commands................................................................................................................................................................................230
Appendix B Log Messages................................................................................................................... 234
Appendix C Array Networks MIB ..................................................................................................... 236
aCelera™ Virtual Appliance User Guide – Release 4.2 ix

MIB Support .........................................................................................................................................................................................................236

Appendix D Glossary of Terms ......................................................................................................... 238
Terms ......................................................................................................................................................................................................................238
Appendix E ............................................................................................................................................... 240
Index .......................................................................................................................................................................................................................240
x aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

Section I Setup Functions
In this section
 Chapter 1: Configuration Settings Checklist

 Chapter 2: Getting Around the GUI and CLI
 Chapter 3: Configuring Basic Settings
 Chapter 4: Configuring Device Settings
 Chapter 5: Configuring Acceleration Settings
1 aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

SECTION I: SETUP FUNCTIONS

Chapter 1 Configuration Settings Checklist
The following table provides a listing of the types of settings that can be configured and where to locate the
appropriate information in the document.
Basic Settings
Configuration Description Refer to

Item
System
General Provides options to specify the hostname and a user-defined comment. Chapter 3
Settings
Network Configures the various network settings such as the appliance’s IP address, Chapter 3
Settings subnet mask of the local subnet, gateway address of the main interface, domain
name, and address of the primary domain name server.
Advanced Provides options to change the default Management VLAN address to match Chapter 3
Settings your management interface address and to configure Network Address
Translation (NAT) support.
Device Management
Settings Used to allow the aCelera™ to be managed independently or via the Centralized Chapter 3
Management System.
Device Settings

Item
Deployment
Settings Provides options to configure in-line or out-of-line deployment as well Chapter 4
configure the WAN addressing mode.
Advanced Includes options for adjusting the MTU settings and enabling/disabling loop Chapter 4
detection.
WCCP Configures the necessary WCCP options when the aCelera is deployed out-of- Chapter 4
line via WCCP.
Network Configures network routes to eliminate additional hops when traffic is sent to Chapter 4
Routes other subnets.
CDP Enables/disables Cisco Discovery Protocol which allows peer devices to Chapter 4
discover the appliance.

CHAPTER 1: CONFIGURATION SETTINGS CHECKLIST
Device Settings

Item
Remote Administration
Services Contains options to allow or restrict remote access to the aCelera via Telnet, Chapter 4
SSH, HTTP, or HTTPS.
SNMP
Security Provides an option configure an SNMP community string. Chapter 4
Trap Allows you to specify trap destinations. Chapter 4
Destinations
Traps Provides options for configuring SNMP trap events. Chapter 4
Logging
Event Logging Configures the various logging options. Chapter 4
Settings
Network Allows log messages to be sent to the specified Syslog server Chapter 4
Syslog
Acceleration Settings

Item
Traffic Rules Configures user-defined rules for identifying and accelerating specific traffic. Chapter 5
Traffic Shaper Creates named traffic classes that designate the minimum bandwidth (by Chapter 5
percentage) provided for a specific Type of Service (ToS).
Traffic Shaper Configures rules that associate Traffic Shapers with traffic that adheres to Chapter 5
Rules designated parameters.
Published Configure addresses other than that of the local subnet which the aCelera is Chapter 5
Addresses attached. These addresses will experience the benefits of acceleration.
Peers Permits or restricts the aCelera to communicate with other remote aCeleras Chapter 5

CHAPTER 1: CONFIGURATION SETTINGS CHECKLIST
Administration Options

Item
Passwords Change the default viewer and advanced passwords assigned to the aCelera. Chapter 6
Configuration Provides various options for managing configuration files. Configuration files Chapter 6
Files contain the various settings used by the device to communicate with aCeleras.
Software Provides options for managing software updates. Chapter 6
Updates
General Provides information on how to reboot the aCelera, resetting the configuration Chapter 6
Administrative to factory defaults, and clearing acceleration history.
Functions
Logs Provides options for viewing or administering log files. Chapter 6
Diagnostics Contains options for testing the aCelera and the network. Chapter 6
aCelera™ Virtual Appliance User Guide – Release 4.2 5

Chapter 2 Getting Around the GUI and CLI
Both the GUI and CLI provide mechanisms for configuring the various settings that are available for customizing
the aCelera.
2.1 Accessing the Graphical User Interface

The GUI can be accessed by entering the IP address of the aCelera in the browser’s address bar prefixed with
HTTP or HTTPS as follows:
http://<ip_address> or https://<ip_address>
2.1.1 Supported Browsers

The graphical user interface can be accessed using the following browsers:
 Internet Explorer 7.0 or newer
 Firefox 9 or newer
2.1.2 Login Screen

The first screen that is displayed after typing in the IP address is the login screen.
Type in the appropriate password to access the graphical user interface. When using the Viewer password, only
status information available from the Home menu bar item and configuration information available from the
Setup menu bar item are visible; the Admin page is not available. When using the Admin password, complete
access to all status, setup, and administrative information is granted.
2.1.3 Graphical User Interface

After typing in the password, the graphical user interface is displayed:

CHAPTER 2: GETTING AROUND THE GUI AND CLI
The screen is divided as follows:

 The menu bar contains the navigation items for the main functional areas (Home, Setup, and
Administration).
 The work area is where the settings are configured and status information is displayed.
 The navigation panel contains the various items for accessing the items available for each of the
functional areas.
2.2 Accessing the Command Line Interface

The CLI can be accessed in the following ways:
 Via the appropriate virtualization hypervisor program
 Via a Telnet connection
 Via a secure socket shell (SSH) connection
2.2.1 Running the Virtualization Hypervisor Program

 Run the appropriate virtualization hypervisor program.
 Select the appropriate Array Networks appliance from the inventory panel or resource pane.
 Depending on the hypervisor used, open a console window or connection window.
 When the login prompt is displayed, type the viewer-level password and then press enter. The Array-
Networks> command line prompt is displayed.
2.2.2 Initiating a Telnet Session

1. Access the CLI by typing telnet <hostname> or telnet <ip_address>, and then press enter. The
<hostname> refers to the name configured for the appliance; <ip_address> is the IP address configured
for the appliance.
2. When the login prompt is displayed, type the viewer-level password and then press enter. The Array-

C H A P T E R 2: GETTING AROUND THE GUI AND CLI
2.2.3 Initiating an SSH Session

1. Using an SSH client installed on your local machine, access the CLI using the syntax required for the
client program you are using.
2. When the login prompt is displayed, type the viewer-level password and then press enter. The Array-
 Notes:
 Please reference the documentation that comes with your SSH client program for the syntax
required to connect to the appliance via SSH.
 While attempting to access the Command Line Interface (CLI) via SSH, some SSH clients may
prompt the user to supply a user name. Type “cli” to allow the login process to continue.
 When using SSH, the appliance uses the public/private key pair that was generated during the
manufacturing process for authentication. If you need an additional level of security, you can
regenerate a new key pair. See Regenerating Authentication Keys for Secure Access to the
Appliance on page 128 for initiating a secure connection.
2.3 Command Line Interface Basics

The Command Line Interface (CLI) contains commands for configuring and viewing the various configuration
settings and status information. The CLI contains two privilege levels. Both levels require a password to access
and execute the commands located at the specified level. The following table provides information about the
privilege levels:
Privilege Description Command Line Prompt

Level Default is “Array-
Networks>”
View Contains commands for viewing settings and status information. Array-Networks>
This level does not allow users to set or modify the appliance's
current operation. This category also contains standard diagnostic
commands.
Advanced Contains commands for manipulating the various setup and Array-Networks-adv#
administrative settings.
2.3.1 Accessing the Advanced Level in the CLI

Upon entering the CLI, you are placed into the view level. Once in the view level, you can navigate to the
advanced level by using the enable command. After issuing the command, you are prompted to supply the
advanced password. The advanced level command line prompt is displayed after successfully entering the
password. To return to the view level, use the disable command. The following table provides a matrix for
navigating through the privilege levels.
Navigate from Navigate to Command

Array-Networks> Array-Networks- Array-Networks> en[able] adv[anced]
adv#
Array-Networks- Array-Networks> Array-Networks-adv# dis[able] adv[anced]
adv#
 Notes:
 Moving from the view level to the advanced level requires a password; however, no password is
required when moving back to the View level.
 All commands are viewable and executable from the advanced level, however, commands that
are specific to the advanced level cannot be displayed or viewed while in the View level.

2.3.2 Command Line Conventions

Keep the following points in mind when using the CLI commands and the parameters associated with them:
 Commands and parameters are case-insensitive; both uppercase and lowercase characters may be used.
For example, exit, Exit, and EXIT are all acceptable formats when using the exit command. Likewise, set
Address, Set address, and set address are also acceptable formats.
 Values associated with parameters are case-sensitive.
 To display a command's usage and syntax, type <command> ?
 The format for using a CLI command and a parameter is:
command [parameter] [value] - for example, set address 10.10.10.1
2.3.3 Keys and Key Combinations Available During a CLI Session

The following keys and key combinations are available while in the CLI:
Key/Key Combination Description
Backspace or Delete Deletes the character to the left of the cursor.

Up/Down arrow keys The Up arrow key scrolls through the list of commands executed during the active
session beginning with the most recent. The Down arrow key reverses the order of
displayed commands that the Up arrow displays.
Left/Right arrow keys The Left arrow key moves the cursor to the left; the right arrow key moves the cursor to
the right.
Ctrl + l Clears the screen of any information that has been displayed during the active session.
Home Places the cursor at the beginning of the line.
End Places the cursor at the end of the line.
2.3.4 Controlling Terminal Output Pagination

By default, the CLI displays a fixed amount of text on the screen at a time, which is dependent on the size of the
screen or terminal window. To scroll down to display additional lines of text, use the spacebar. To disable
pagination so that all lines of text are displayed without scrolling, use the terminal length 0 command. This
command takes effect as soon as the command is entered and is good for the current CLI session. To disable this
command after it has been enabled, use the terminal length auto command to restore pagination.
2.3.5 Exiting the CLI

To exit the CLI and close the session, type exit from either privilege level.
2.3.6 Configuration Basics

For an Array Networks' appliance to properly function and communicate with other Array Networks appliances,
various configuration settings must be configured.
The CLI provides various commands to configure each appliance on your network. To configure settings, you
must be in the advanced (Array-Networks-adv#) level. While configuring settings, keep the following points in
mind:
 To update the configuration file with any change you make, type config apply after making the change.
If you have multiple changes, you can wait and issue config apply after completing all changes. Applied
changes are only for the current CLI session. If you exit the CLI or reboot the appliance without
permanently saving the changes, all changes are lost and the appliance loads with the last permanently
saved configuration.
 To permanently save changes so they remain persistent after a reboot, type config save after first
typing config apply.

 If you have not yet applied the config apply command and want to clear any changes that you made,
type config clear.
 To restore the configuration to the settings that were loaded during startup (when the appliance was
last booted), type config restore.
 To reset a configuration to its default settings (except for passwords and network management interface
settings) even if you have permanently saved your changes, type config reset. The following network
management interface settings configured via the set command include: the appliance’s IP address
(Address), the subnet mask (SubnetMask), the gateway address (Gateway), the domain name
(DomainName), the addresses of each configured DNS server (DnsAddress), the hostname
(HostName), and configured static routes (NetworkRoutes). It then reboots the appliance after
prompting the user to allow the reboot.
 To reset a configuration to its default settings (including passwords and network management interface
settings) even if you have permanently saved your changes, type config reset all. It then reboots the
appliance after prompting the user to allow the reboot.
 To edit an existing setting via the CLI, type the command with the new value(s).
 To clear a current setting, type the command without the (values) and then press Enter. Press Y when
prompted.
 Notes:
 In almost every instance, device settings are configured using the set command along with the
appropriate appliance parameter.
 There are several device settings that do not immediately take effect until the appliance is
rebooted. Whenever these settings are changed, the CLI displays a message indicating that the
setting will not take effect until the appliance has been rebooted. These settings still require the
config apply and config save commands to be issued.
2.4 CLI Document Conventions

The following CLI conventions are used within this documentation.
Convention Description Sample Syntax Type as Shown
boldface Text appearing in tech-report create tech-report create

boldface type
indicates that the text
should be entered as
displayed.
<argument> Italicized text set Address <ip_address> set Address 10.40.90.10
enclosed within <>
represents an
argument for which
you supply the value.
[<optional Italicized text tech-report delete [<file>] tech-report delete newreport
argument>] enclosed within
square brackets [ ]
indicates a single
optional argument for
which you supply the
value.
[<multiple Italicized text set DnsAddress <dns_address> set DnsAddress 10.10.20.2
optional enclosed within [<dns_address> …] 10.10.10.4 10.10.10.20
arguments> …] square brackets [< >]
followed by 3 dots
indicates that

multiple optional
arguments can be
specified for which
you supply the values.
[optional Boldface text enclosed log rotate [delete] log rotate delete
element] within brackets [ ]
indicates an optional
element for which you
type in the text as
shown.
{option|option} Boldface text enclosed set NtpEnabled {yes|no} set NtpEnabled yes
within {} and
separated by vertical
bars indicate
alternative, mutually
exclusive elements,
one of which must be
entered.


Chapter 3 Configuring Basic Settings
This chapter contains information to configure the appliance’s basic settings. Basic settings are categorized into
system settings and device management settings.
3.1 System Settings

The aCelera’s system settings consist of general settings, network settings, and advanced settings.
3.1.1 Configuring General Settings

Use the information in this section to configure the hostname and a comment for the appliance.
 GUI
To configure general settings:
1. Click the Setup menu bar item.
2. Under the Basic navigation tab, click System.
3. Under General, configure the appropriate options as described in the table.
Option Description
Hostname The text string that appears at the top of the GUI window or at the CLI command prompt. This
setting is typically reflects the location where the appliance is installed. Default is Array-
Networks>. Note: If CMS will be used to manage the aCelera, CMS uses the hostname configured
here to identify the aCelera.
Comments You can optionally include a user-defined comment.
4. Click Apply to update the configuration with the new settings.

5. At the bottom of the page, click on the Click here to go to save configuration link.
6. Under Save Configuration, click Save to Startup Configuration.
7. From the confirmation dialog box, click OK.
 CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure the general settings:
Syntax Description
set HostName The text string that appears at the top of the GUI window or at the CLI command
<hostname> prompt. This setting is typically used to reflect the location where the appliance is
installed. Default is Array-Networks>. Note: If CMS will be used to manage the
aCelera, CMS uses the hostname configured here to identify the aCelera.
set comment Use this command to include an optional user-defined comment.
Example
set HostName BostonDC
set comment Boston Data Center aCelera
 Notes:
 After making changes, type config apply to update the configuration file.
 To permanently save changes so they remain persistent after a reboot, also type config save.

C H A P T E R 3: CONFIGURING BASIC SETTINGS
3.1.2 Configuring Network Settings

The aCelera must be configured with an IP address, the subnet mask of the local subnet and the network gateway
address. The aCelera can also be configured with the domain name and addresses of the primary and a
secondary domain name server (DNS). By default, the IP address and the subnet mask are configured with the
values listed in table below. The gateway address, domain name, primary DNS, and secondary DNS fields are not
configured.
 GUI
To configure the network settings:
3. Under Network Settings, configure the appropriate settings. Refer to the following table for the options to
configure the appliance's network settings.
Option Description
IP address assigned to the aCelera. Default is 192.168.117.1. Also specify the subnet
IP Address / Mask which the aCelera is part of. The subnet mask is specified in CDIR notation. Default is
/24.
Gateway address of the routing device that the aCelera uses to reach another network
Gateway
outside the local subnet. By default, the gateway address is not configured.
Primary DNS The primary DNS server address. Not configured by default.
Secondary DNS An optional secondary DNS server address. Not configured by default.
Domain Name Domain name of the appliance. Not configured by default.
 CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure the appliance's
network settings:
Syntax Description
set Address <ip_address> IP address assigned to the aCelera appliance. Default is 192.168.117.1.
set SubnetMask <subnet_mask> Subnet mask is specified in dot-decimal notation. Default is 255.255.255.0.
set Gateway <gateway_address> Gateway address of the routing device that the aCelera uses to reach another
network outside the local subnet. Not configured by default.
set DnsAddress <dns_address> DNS server address(es). Up to two can be configured. Include a space between
[dns_address] the two addresses. Not configured by default.
set DomainName Domain name where the appliance resides.
Example

CHAPTER 3: CONFIGURING BASIC SETTINGS
set Address 10.10.10.71

set SubnetMask 255.255.255.0
set Gateway 10.10.10.1
set DnsAddress 10.10.20 10.10.20314
set DomainName arraynetworks.com
 Notes:
 To view the configured setting for the above CLI commands, type the appropriate show
command: set Address, set SubnetMask, set Gateway, set DNS Address, and set
DomainName.
3.2 Advanced Settings

Advanced settings consist of options to configure the management VLAN ID if necessary and to configure NAT
support if needed.
3.2.1 Configuring the Management VLAN ID

By default, the aCelera's Ethernet ports are not 802.1Q tagged. If your hypervisor has 802.1Q tagging configured
you must configure the Management VLAN ID to match the VLAN setting in use by the hypervisor.
 GUI
To only accelerate traffic sourced from a specific VLAN:
3. Under Advanced, configure the VLAN identification number. Valid ID range is 0-4095. The default value
of 0 indicates an untagged VLAN.
4. Click Apply to update the settings.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to only accelerate traffic sourced
from a specific VLAN.
Syntax Description
set MgtVLAN <vlan_id> The VLAN identification number. Valid ID range is 0-4095. The default value of 0
indicates an untagged VLAN.
 Notes:
 To view the configured setting for the above CLI command, type show MgtVLAN.

3.2.2 Configuring NAT Support

If the aCelera is placed behind a device that is configured for Network Address Translation (NAT) such as a
router or firewall, it cannot directly establish a connection with other aCelera appliances. Since the aCelera
cannot automatically distinguish that packets destined to a remote NAT device are to be accelerated, additional
configuration is required.
If the aCelera is behind a NAT device, configure the following settings via the GUI or CLI.
‫־‬ Configure the public address on the aCelera to that of the NAT device’s public IP address
‫־‬ Add the NAT device’s public IP address to the Published Address list
 GUI
To configure NAT support:
3. Under Advanced, type the public IP address of the NAT device through which traffic will be sent before
being forwarded to another aCelera.

5. Add the public IP address of the NAT device to the publish address list. See Published Address on page 54.
6. When finished, click on the Click here to go to save configuration link.
 CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure NAT support:
Syntax Description
set PublicAddress <address> The public IP address of the NAT device through which traffic will be sent
before being forwarded to another aCelera.
 Note: Add the IP address of the NAT device to the published address list. See Published Address on page 54.
Example 1
The following example assumes the aCelera sits behind a NAT device with a public IP address of 50.20.20.2.
1. Configure the public IP address of the NAT device that it sits behind:
set PublicAddress 50.20.20.2
2. Add the NAT device’s IP address the published address list. This allows packets destined to the network
set acceleration/addresses/permit/1 ip 50.20.20.2
Example 2

The following example provides a sample configuration when both a data center aCelera and a remote office
aCelera are behind NAT devices. The example assumes the data center aCelera is behind an NAT device with an
IP address of 50.20.20.2 and the remote office aCelera is behind a NAT device with an IP address of 40.17.10.2. In
this scenario, both sides of the peer connection must be configured as follows:
On the data center aCelera:

 Configure the public IP address of the NAT device that it sits behind
 Add this IP address to the Published Address list.
On the remote office aCelera:
 Configure the public IP address of the NAT device it sits behind
 Add this IP address to the Published Address list
 Add the public IP address of the of the data center’s NAT device to the Defined Peers list
set acceleration/peer/1/permit ip 50.20.20.2
 Notes:
 To view the configured setting for the above CLI command, type: show PublicAddress.

3.3 Device Management

Use the options in this section to determine how the aCelera will be managed. By default, the aCelera is managed
independently via the CLI or GUI. The aCelera can also be centrally managed via Array Networks' Centralized
Management System (CMS). When configured using CMS, the aCelera receives its configuration settings from
CMS. Settings configured via the local GUI or CLI will be overwritten with the settings configured via the CMS.
 GUI
To change how the aCelera is managed:
2. Under the Basic navigation tab, click Device Management.
3. Refer to the appropriate section below.
3.4 Enabling Centralized Management System (CMS)

Refer to the following instructions to allow the device to be managed by CMS.
1. Under Settings, click Centrally using Centralized Management Device.
2. Under Centralized Management System (CMS), specify the IP address of the server where CMS resides. If
necessary, also change the following settings:
 The number of minutes the aCelera waits to poll CMS for configuration and software updates.
Default setting is 5. Valid range is 1-1500.
 The TCP port number used to access CMS. Default port is 443.
 The name of the default CMS template to apply.
3. Click Apply.
. The Status field changes from Unmanaged to Registered.
4. At the bottom of the page, click on the Click here to go to save configuration link. The Configuration
page is displayed.
6. From the dialog box, click OK. The Configuration Status at the bottom of the screen changes to Saved.
3.5 Disabling Centralized Management System (CMS)

Refer to the following instructions to remove the device from CMS control. Once removed, it is managed based on
the settings configured via the GUI or the CLI.
1. Under Settings, click Independently using GUI/CLI and then click Apply.
4. From the dialog box, click OK.

 CLI
From the advanced level (Array-Networks-adv#), you can configure CMS options in one of the following ways:
 Enter setup and either accept the default settings or enter the values you want.
 Register the device manually with the following commands.
Syntax Description
set Cms/Enabled {yes|no} Enables or disables CMS. When enabled, the appliance will be managed by
CMS; when disabled, the aCelera will be managed via the CLI or GUI. Default is
no.
set Cms/Address <host_name or The IP address or the host name where CMS is located. Default is cms_server.
ip_address>
set Cms/Poll <minutes> The number of minutes the aCelera waits to poll the CMS. The aCelera polls
the CMS by sending its IP address, serial number, and current software
version. A 0 indicates that polling is disabled. Default is 5.
set Cms/Port <port_number> The port number used to access CMS. Default is 443.
set Cms/Register {true|false} Registers or unregisteres the appliance from CMS control. When registered
(true), the appliance will be managed by CMS. When unregistered (false), the
appliance is not managed by CMS. Default is false.
Example
When registering the device manually:

set Cms/Enabled yes
set Cms/Address 10.40.90.10
set Cms/Poll 16
set Cms/Port 443
set Cms/Register true
 Notes:
 After making changes, type config apply to update the configuration file with the new settings.
 To view the configured setting for the above CLI commands, type the appropriate show
command: show Cms/Enabled, show Cms/Address, show Cms/Poll, show CMS/Port, show
CMS/Register

Chapter 4 Configuring Device Settings
This chapter provides information for configuring the various deployment, remote administration, SNMP, and
logging options.
4.1 Deployment Options

Refer to the information in this section for information on the available deployment options. Use the information
found here to specify how the device is physically deployed, configure the WAN Addressing mode, adjust the
WAN MTU setting if necessary, enable or disable loop detection, configure WCCP options if required, and
configure Cisco Discovery Protocol options if necessary.
4.1.1 Configuring the Deployment Mode

An aCelera appliance is symmetrically deployed at each location that requires traffic to be accelerated. The
appliance can be deployed in one of the following ways:
 In-line: In-line deployment places the appliance directly on the network typically between a network
switch and the edge router. Using two network interfaces, traffic destined for the WAN enters one
network interface and is processed before being sent out of the second network interface. Any traffic
that is not being accelerated is just forwarded out of the second network interface. In-line deployment
requires no reconfiguration of router settings.
Select this option if the aCelera is deployed on the main data path (between two routers, a router and
two switches, or two switches). When inline, the aCelera uses two interfaces (WAN and LAN).
 Out-of-line: Out-of-line deployment places the appliance off the main data path, usually off a switch or
router. Traffic that has been configured to be managed by the aCelera is intercepted by the router and
forwarded to the aCelera. After the aCelera has processed the traffic, it is sent back to the router and
forwarded across the WAN.
Out-of-line deployment requires Correct Addressing to send traffic to the aCelera. By default, the WAN
Addressing mode is configured with Correct Addressing. If the aCelera has been reconfigured to use
Transparent Addressing, see Configuring the WAN Addressing Mode on page 22 to change the setting
back to Correct Addressing.
When out-of-line, the aCelera uses one interface (WAN). Out-of-line deployment options include:
 PBR: Select this option to redirect traffic through aCelera using Policy-Based Routing (PBR).
 WCCP: Select this option to redirect traffic through the aCelera using the Web Cache
Communication Protocol (WCCP). This enables local fulfillment of content requests, which lowers
response times and optimizes resource usage.
 VRRP: Select this option to redirect traffic through the aCelera using the Virtual Router Redundancy
Protocol (VRRP). This automates default gateway selections, which increases the availability and
reliability of routing paths.
By default, the aCelera is preconfigured for out-of-line deployment. Out-of-line deployment options
include out-of-path, policy-based routing, and WCCP.
 Refer to the following table for a listing of the changes required (if necessary) on the aCelera and/or the
router.
Mode CLI/GUI Additional CLI/GUI Settings Reconfiguration of

Option Required Existing Router Settings
In-line Inline No No
Out-of-line via WCCP Out-of-Line Yes1 Yes2
Out-of-line via PBR Out-of-Line Optional3 Yes4
Out-of-line (VRRP) Out-of-Line Yes5 Yes6

CHAPTER 4: CONFIGURING DEVICE SETTINGS
1 When placed out-of-line via WCCP, WCCP options described under Configuring WCCP Options on page
28 must also be configured.
2 The aCelera’s default WCCP settings, once enabled, should be compared to those in use on your router.
Adjustments can be made accordingly on either the router or aCelera to achieve redirection. To change
the WCCP settings on the aCelera, see Configuring WCCP Options on page 28.
3 Cisco Discovery Protocol (CDP) can be enabled and configured to provide black hole detection when
the aCelera is deployed out-of-line via PBR. See Configuring Cisco Discovery Protocol on page 25.
4 Policy rules can be added to the route table to forward traffic based on a defined policy. For example,
traffic to a particular destination on a particular port can be redirected to the aCelera for acceleration.
Policies are applied on the router’s LAN and WAN interface to redirect traffic to the aCelera. Do not
apply a policy to the aCelera’s interface. Otherwise, a loop condition will occur.
5When placed out-of-line via VRRP, VRRP options described under Configuring VRRP Options on page
26 must also be configured.
6The aCelera’s default VRRP settings, once enabled, should be compared to those in use on your router.
Adjustments can be made accordingly on either the router or aCelera to achieve redirection. To change
the VRRP settings on the aCelera, see Configuring VRRP Options on page 26.
 GUI
To configure the deployment mode:

2. Under the Device navigation tab, click Deployment.
3. Under Settings, select the appropriate Device Deployment option as described in the table.
Option Description
Inline Select this option if the aCelera is deployed on the main data path (between two routers, a
router and two switches, or two switches). When inline, the aCelera uses two interfaces (WAN
and LAN).
Out-
Select this option if the aCelera is deployed off the main path. When out-of-line, the aCelera uses
of-
one interface (WAN). (Default)
Line

 CLI
From the advanced level (Array-Networks-adv#), use the following command to configure the deployment
mode:
Syntax

C H A P T E R 4: CONFIGURING DEVICE SETTINGS
set Deployment/Device {inline|outofline}

 Notes:
 When configured out-of-line the aCelera only uses the WAN interface; when in-line, it uses both
the WAN and LAN interfaces.
 To view the configured setting for the above CLI command, type show Deployment/Device.
4.1.2 Configuring the WAN Addressing Mode

Traffic between aCelera peers is a number of TCP connections. There are two different modes for how the source
and destination IP addresses are specified for these connections. Connections can be configured to utilize Correct
Addressing, Transparent Addressing, or Correct Addressing with Server-Side Transparency.
With Correct Addressing, the source or destination IP address of TCP connections is that of one of the two
aCelera appliances; with Transparent Addressing the source and destination IP address of TCP connections is
that of the original client and server. Correct Addressing with Server-Side Transparency configures the aCelera
to utilize Correct Addressing to the WAN and Transparent Addressing on the LAN. When communicating with
the WAN in this mode, the aCelera uses aCelera source and destination IP addresses; when communicating with
the LAN, aCelera uses the original client and the server IP addresses.
Correct Addressing provides better overall performance and can be used for all supported aCelera deployments
for applications that do not need to be visible on the network. If an application (such as a network monitoring
application) require its native IP address or port be visible, the aCelera can be configured to utilize Transparent
Addressing.
 GUI
To configure the WAN addressing mode:
3. Under Settings, select the appropriate WAN Addressing option as described in the table.
Option Description
Transparent Configures the aCelera to utilize Transparent Addressing. With Transparent Addressing,
Addressing the source and destination IP addresses of the TCP connections are that of the original
client and server.
Correct Configures the aCelera to utilize Correcting Addressing. With Correct Addressing, the
Addressing source or destination IP address of the TCP connection is that of one of the two aCelera
appliances. (Default)
Correct
Configures the aCelera to utilize Correct Addressing to the WAN and Transparent
Addressing
Addressing on the LAN. When communicating with the WAN in this mode, the aCelera uses
with Server-
aCelera source and destination IP addresses; when communicating with the LAN, aCelera
side
uses the original client and the server IP addresses.
Transparency


 CLI
From the advanced level (Array-Networks-adv#), use the following command to configure the appropriate WAN
addressing mode:
Syntax
set Deployment/Addressing {transparent|correct}

 Notes:
 To view the configured setting for the above CLI command, type show deployment/addressing.
4.1.3 Adjusting the WAN MTU

The Maximum Transfer Unit (MTU) refers to the maximum transmission unit for a given interface. Typically, the
MTU for an Ethernet interface is 1500 bytes which is the default configured setting for the aCelera. Any packets
larger than the MTU are broken into smaller chunks in order to be transmitted. Normally, the default value of
1500 works fine, however, if a device attached to the appliance is configured to a lower setting, change the
appliance's setting to match the device's setting. It is recommended that you use the largest MTU value that the
link can handle since the larger the MTU, the fewer packets the appliance needs to send.
 GUI
To adjust the WAN MTU setting:
3. Under Advanced, enter a valid number specified in bytes. Valid range is 68 – 1500. Default is 1500
bytes.

5. A dialog box is displayed indicating that the device should be rebooted after making the change. Click
OK to apply the change.
9. When finished configuring settings, reboot the appliance for the new WAN MTU setting to take effect.
 CLI
From the advanced level (Array-Networks-adv#), use the following command to adjust the MTU setting:
Syntax

set WanTxMTU <bytes>
where <bytes> is the largest number of bytes the appliance can transmit as a single packet for the appliance’s
Ethernet interface. Valid range is 68-1500. Default is 1500.
CLI Example
The following example reduces the MTU to 1400 bytes.

set WanTxMTU 1400
 Notes:
 Any time the WanTxMTU setting is changed, the appliance must be rebooted for the setting to
take effect.
 Before issuing the reboot command, type config apply and then config save so that the new
settings will remain persistent after the reboot.
 To view the configured MTU value, type show WanTxMTU.
4.1.4 Enabling or Disabling Loop Detection

When enabled, the aCelera can detect when two bridge interfaces are connected to the same virtual switch. If
this occurs, the bridge automatically shuts down to eliminate an ARP storm. When a loop condition is detected, a
message appears indicating that a network loop was detected. The message also states that you need to fix the
condition and then reboot the aCelera. By default, loop detection is enabled.
 GUI
To enable or disable loop detection:
3. Under Advanced, add a checkmark to the Loop Detection check box to enable loop detection. To
disable loop detection, remove the checkmark.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to enable or disable loop detection:
Syntax
set LoopDetect {yes|no}
 Notes:

 To view the configured setting for the above CLI command, type show LoopDetect.
4.1.5 Configuring Cisco Discovery Protocol

Cisco Discovery Protocol (CDP) is a Layer 2 protocol (data link layer) that is primarily used to obtain protocol
addresses of neighboring devices. Enabling CDP allows other CDP-aware devices to discover the appliance. CDP
when used with policy-based routing provides black hole protection.
 GUI
To configure CDP options:
3. Under Cisco Discovery Protocol, configure the appropriate options as described in the table
Option Description
CDP When the Enabled box contains a check mark, all interfaces on the appliance are enabled. By
default, CDP is not enabled.
Interval The interval refers to the length of time, in seconds, between sending out CDP multicast messages.
The default is 90 seconds.
Hold Time The hold time period refers to the length, in seconds, the receiving device holds CDP information
before discarding it. Default is 180; the maximum value is 256.

 CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure CDP options:
1. Enable CDP.
set cdp/Enabled yes
This command enables CDP globally, that is, all interfaces on the appliance are enabled. By default, CDP
is disabled.
2. Specify how often to send out CDP multicast messages.
set cdp/Interval <seconds>
The interval refers to the length of time, in seconds, between sending out CDP multicast messages. The
default is 90 seconds.
3. Specify the hold time period .
set cdp/Holdtime <seconds>
The hold time period refers to the length, in seconds, the receiving device holds CDP information before
discarding it. Default is 180; the maximum value is 256.

Example
The following example enables CDP for the appliance. CDP packets are sent out every 120 seconds. The receiving
device will discard the CDP information in the CDP packet after 240 seconds.
set cdp/Enabled yes
set cdp/Interval 120
set cdp/Holdtime 240
config apply
config save
 Notes:
 Setting a lower hold time than the default 180 seconds results in the receiving devices to update
their CDP information more rapidly; setting a higher value causes them to update more slowly.
 The hold time setting must be set to a higher number of seconds than the interval setting to
prevent CDP information from being discarded before receiving updated CDP information.
 To permanently save changes so they remain persistent after a reboot, also type config save
 To view the configured settings for the above CLI commands, type show cdp/Enabled, show
cdp/Interval, and show cdp/Holdtime.
4.1.6 Disabling CDP

To disable CDP so that the appliance does not send out CDP multicast messages, perform the following steps
from the advanced level (Array-Networks-adv#):
set cdp/Enabled no
config apply
config save
4.2 Configuring VRRP Options

The aCelera and the gateway router can be configured to be part of the Virtual Router Redundancy Protocol
group (VRRP group) as a method for traffic interception in the event of failover conditions. If you specify the
VRRP group IP address as the client’s default gateway, the aCelera will accelerate the traffic as configured. If the
aCelera fails, the router forwards the traffic without acceleration. This is useful in virtual environments where
there is no place to use a fail-to-wire bypass card, or in a non-Cisco environment where WCCP is not an option.
 Note: Although you can create a VRRP group with multiple peers, an aCelera deployment should only include
a single peer.
To configure VRRP options:

3. Under VRRP, click the field you want to modify. Refer to the table for additional information.

Option Description
IP Address A virtual IP address on the same subnet as the aCelera’s physical address, used to identify the
VRRP-enabled master router. Set this to the same value for all peers in the VRRP group.
Router ID A number used to identify all of the VRRP peers in the virtual router group. This should be set
to the same value for all peers in the VRRP group.
Advertise The number of seconds between each transmission of VRRP advertisement packets from the
Interval master router (the VRRP-enabled aCelera) to the backup router. Set this to the same value for
both the aCelera and the router.
Priority A number indicating if the VRRP router is a backup or master virtual router and the order of
ascendancy to becoming a master virtual router if the master virtual router fails. The default
priority for a VRRP-enabled aCelera is 254.
NOTE: To maintain master status, the VRRP-enabled aCelera should have the highest priority
in a VRRP group. Decrease the priority for each subsequent VRRP peer by 50.
Password Set the password to the same value on all VRRP peers.

4.3 Configuring Inline HA (High Availability) Options

The HA function can improve the reliability of the network. Two aCelera appliances can be in series by
configuring Inline HA, then all the traffic from the client will be captured by either of the two aCelera
appliances. If the first aCelera appliance has accelerated the traffic, then the second aCelera appliance will
forward the traffic directly, otherwise the second aCelera appliance will accelerate the traffic.
To configure Inline HA options:
3. Under Inline HA, click the field you want to modify. Refer to the table for additional information.
Option Description
Priority Specify the priority of the aCelera appliances. The larger the value, the higher the
priority.



4.4 Configuring WCCP Options

The Web Cache Communication Protocol (WCCP) developed by Cisco Systems standardizes communications
between routers or switches and web cache devices. WCCP transparently redirects selected traffic flowing
through a router or groups or routers. This traffic is redirected to web-caches (such as the aCelera) which lowers
response times and optimizes resource usage. The aCelera supports version 2 (WCCPv2) for out-of-line
deployments. When using WCCPv2, redirected traffic is delivered to the appliance either via Generic Routing
Encapsulation (GRE) or Layer 2 rewrite (L2Redirect). The appliance applies its traffic rules to the redirected
traffic. Any non-accelerated traffic is returned back to the switch or router; accelerated traffic is forwarded based
on IP destination.
 Note: WCCP requires the aCelera’s deployment mode be configured for out-of-line via the GUI or CLI. See
Configuring the Deployment Mode on page 20 if the aCelera is not already configured for out-of-line.
 GUI
To configure WCCP options:
2. Under WCCP, perform the appropriate action and then refer to the table.
 Click New for each router you want traffic redirected from and fill in the appropriate
information for each field as described in the table.
 To modify an existing entry, click on the entry you want to modify and then refer to the table.
 To delete a router from the list, click on the appropriate row, and then click Delete.
Option Description
Router The IP address of the router.

Address
Service Group The number must match the service group used by the router. Default service group is 98.
Advanced Clicking on the Advanced icon displays the following options via the WCCP Advanced
Settings dialog box:
Option Description
Ports Redirects traffic on the specified ports through the router to the aCelera. All
other traffic bypasses the appliance and is not accelerated across the WAN. Up
to 8 separate ports can be configured. Each specified port is separated by a
space. By default, the field is blank, which indicates all ports are redirected.
Security Allows you to control which routers become part of the specified service group
using the password defined in the Password field. When enabled, traffic is
protected against being intercepted. By default, this setting is not enabled.
Password If the Security option is enabled, type in the router’s password. If the
password does not match, the WCCP service will not go to "Active Operation"

Option Description
Forwardin The method by which redirected packets are transported from the router to
g Method the appliance. Valid methods include: L2 Redirect and GRE. Default is GRE.
Assignmen The method by which redirected packets are distributed to the aCelera. Valid
t Method methods include Hash and Mask. Default is Hash. When using the hash
method, a hash table maintained by each router maps the hash index derived
from a packet to be redirected to the IP address of the appliance. When using
mask assignments, each router uses masks and a table of values to distribute
traffic for a service group across the member web-caches including the
appliance.
Return The method by which packets redirected to the aCelera are returned to the
Method router for normal forwarding. Valid methods include: GRE and L2 Redirect.
Default is GRE.

 CLI
Configuring WCCP for a Single Router
From the advanced level (Array-Networks-adv#), perform the following steps to configure a single router:
1. Specify the router's address

set WCCP/RouterAddress <address>
The IP address of the router. The address must be specified.
2. Configure a service group
set WCCP/ServiceGroup <group_number>
This number must match the service group used by the router. The default service group is 98. Only
change this number if the router has been assigned to a different service group. The supported range is
0 - 99.
3. Specify ports
set WCCP/Ports [<port#> ...]
By default, no specific ports are configured, which indicates that all ports are redirected to the aCelera
when it is deployed out-of-line. To only redirect selected ports, add the appropriate ports using the
above-mentioned command. All other traffic will simply be forwarded to the WAN with no acceleration.
Up to 8 separate ports can be configured. Each specified port is separated by a space.
set WCCP/Ports
4. Set the security option
set WCCP/Security {yes|no}
Enabling the WCCPv2 HMAC MD5 authentication option allows you to control which routers become
part of the specified service group using the password defined in the next step. When enabled, traffic is
protected against being intercepted. The default setting is no.
5. Assign a password.
set WCCP/Password <password>

If the security option is set to yes, you must set the password to that configured for the router. If the
password does not match the router's password, all traffic that would be redirected through the router
will bypass the connection and not be accelerated across the WAN. Up to 8 characters may be specified.
6. Define the preferred methods of interacting with the router.
set WCCP/Capabilities <forwarding_method><assignment_method><return_method>
Interaction with the router refers to the preferred methods used to forward packets and return packets
to and from the router and the assignment method used to distribute packets in a service group. If the
router does not support the preferred (default) method of communicating with the appliance, the
router's supported method for each item will be used.
 <forwarding_method> refers to the method by which redirected packets are transported from the
router to the appliance. Valid methods include: L (L2 redirect) and G (GRE). Default is G (GRE).
 <assignment_method> refers to the method by which redirected packets are distributed to the
appliance. Valid methods include H (hash) and M (mask). Default is H (hash). When using the
hash method, a hash table maintained by each router maps the hash index derived from a packet
to be redirected to the IP address of the appliance. When using mask assignments each router
uses masks and a table of values to distribute traffic for a service group across the member web-
caches including the appliance.
 <return_method> refers to the method by which packets redirected to the appliance are returned
to the router for normal forwarding. Valid methods include: R (GRE) and 2 (L2 redirect). Default is
R (GRE).
GRE is a method by which redirected packets are encapsulated into a new IP packet with a GRE header
followed by a four-octet Redirect header. L2 does not encapsulate redirected packets. Instead, the router
replaces the packet's destination MAC address with the MAC address of the appliance. By default, the
appliance will use GRE redirection and hash assignments if supported by the router. If the router does not
support GRE redirection, it will use L2; if it does not support hash assignments, then it will use mask
assignments. When specifying methods, no white space is allowed.
7. Apply the changes to the configuration file (Update the configuration file by applying the changes).
config apply
8. Permanently save the changes to the configuration file.
config save
9. Test to see that the WCCP configuration is properly configured.
Issue the WCCP command.
Example
The following example provides a sample configuration utilizing one router.

set WCCP/RouterAddress 10.40.90.10
set WCCP/ServiceGroup 98
set WCCP/Ports 80 443 445 139
set WCCP/Security yes
set WCCP/Password xy2xsyt
set WCCP/Capabilities GHR (forwarding method is GRE, assignment method is hash, return method is GRE)

Configuring WCCP for Additional Routers

From the advanced level (Array-Networks-adv#), perform the following steps to configure additional routers. Up
to seven additional routers can be configured:
1. To configure additional routers, repeat all preceding steps using the following format:
set WCCP/#/<parameter>
Replace # with the appropriate number. Valid entries are 1-7.

2. Issue the WCCP command to ensure that WCCP is configured properly.
Example
The following example provides a sample configuration utilizing two configured routers.
set WCCP/RouterAddress 10.40.90.10
set WCCP/ServiceGroup 98
set WCCP/Ports 80 443 445 139
set WCCP/Security yes
set WCCP/Password xy2xsyt
set WCCP/Capabilities GHR (forwarding method is GRE, assignment method is hash, return method is GRE)
set WCCP/1/RouterAddress 11.20.90.99
set WCCP/1/ServiceGroup 99
set WCCP/1/Ports 80 443 445 139
set WCCP/1/Security yes
set WCCP/1/Password c6ts5gyn
set WCCP/1/Capabilities GHR (forwarding method is GRE, assignment method is hash, return method is GRE)
config apply
config save
 Notes:
 To view the configured WCCP setting or to see if it is enabled or disabled, type WCCP.
 To view the configured settings for the above CLI commands, type the following: show
WCCP/[/#]/RouterAddress, show WCCP/[/#]/ServiceGroup, show WCCP/[/#]/Ports,
show WCCP/[/#]/Security, show WCCP/[/#]/Password, show WCCP/[/#]/Capabilities.
 No router information is displayed for additional routers that have not been configured. Only
those settings that have been displayed for additional routers are displayed when issuing the
show command.
4.4.1 Configuring Network Routes

Network routes provide a useful mechanism for reaching network subnets that are not local. If the default
gateway is not the best path for a particular network, you can use the following information to configure
network routes.
 GUI
To configure network routes:


3. Under Network Routes, perform the appropriate action and then refer to the table.
 Click New for each route you want to add and fill in the appropriate information for each field
as described under the options.
 To modify an existing entry, click on the field you want to modify and type in the new value.
 To delete a network route from the list, click on the appropriate row, and then click Delete.
Option Description
IP Address IP address of the route.

Subnet The route’s subnet mask specified in CIDR notation. Default is /24.
Mask
Gateway The gateway address.
MTU Include the Maximum Transmission Unit (MTU) of each network segment that is lower than
the MTU setting configured for the appliance. By default, the appliance is configured with a
value of 1500 bytes via the WAN MTU field of Network Settings page. If any network segment
is lower than the appliance’s MTU setting, make sure to include that segment’s configured
MTU value.


 CLI
From the advanced level (Array-Networks-adv#), issue the following command to configure network routes:
Syntax
set NetworkRoutes
<network_address/mask:nexthop_address[:configured_MTU]>[<;network_address/mask:nexthop_address[:configur
ed_MTU]> ...]
 Notes:
 The mask can be either CIDR or x.x.x.x notation when the MTU size is not specified. If an MTU
value is specified, use CIDR notation when specifying the mask.
 Include the Maximum Transmission Unit (MTU) value of each network segment that is
lower than the MTU setting configured for the appliance. By default, the appliance is configured
with a value of 1500 bytes via the set WanTxMTU command. To view the MTU value
configured for the appliance type show WanTxMTU. If any network segment is lower than the
appliance’s MTU setting, make sure to include that segment’s configured MTU value. See
Example 2 below.
 Use a slash (/) to separate the network address from the mask.
 Use a colon (:) to separate the network address/mask from the gateway address.
 Use a colon (:) to separate the next hop address from the optional configured MTU value.
 Multiple static routes can be specified using a semi-colon (;) with no space between each route.
 The above setting requires the appliance to be rebooted for the setting to take effect. Before
issuing the reboot command, type config apply and then config save so that the new setting
will remain persistent after the reboot.
 To view configured static routes, type show NetworkRoutes.
Example 1
The following example configures two static routes (one using CIDR notation; the other using x.x.x.x notation).
set NetworkRoutes 192.168.10.0/24:10.10.10.99;192.168.11.0/255.255.255.0:10.10.10.99
Example 2
The following example configures two static routes. The first route is configured with an MTU value of 800 bytes
to accommodate a router’s configured MTU value for that specific route. The mask is specified using CIDR
notation. The second route does not have a configured MTU value. The mask is configured using x.x.x.x notation.
set NetworkRoutes 192.168.10.0/24:10.10.10.99:800;192.168.11.0/255.255.255.0:10.10.10.99
4.5 Remote Administration

Use the information below to configure options for allowing or restricting access to the appliance's management
functions. Access can be controlled by managing services such as Telnet, SSH, HTTP, and HTTPS.

4.5.1 Managing Service Options

The Services section provides options for managing access to the aCelera via Telnet, SSH, HTTP, and HTTPS. This
section also contains options for displaying or hiding ICMP echo messages and allowing the aCelera to
automatically reboot when an internal error condition is encountered.
 GUI
To modify the services settings:
2. Under the Device navigation tab, click Remote Admin.
3. Under Services, select the appropriate services options as described in the table.
Option Description
Telnet Enables or disables Telnet sessions to access the appliance. By default, Telnet access is
enabled.
SSH SSH access to the appliance is enabled by default and cannot be disabled.
HTTP When the Enabled box is checked, the appliance can be accessed via HTTP. By default,
HTTP access is enabled via port 80. To change the port, type the desired port in the Port
field.
HTTPS Allows secure access to the appliance via the specified port. HTTPS access cannot be
disabled, a port must be specified. By default, this option is configured with port 443 but
can be replaced with another port. If you configure a port that is already in use by the
appliance, a message is displayed indicating that the port you are trying to specify is
already in use.
Respond to Hides or displays Internet Control Message Protocol (ICMP) Echo messages. When on,
ICMP Requests responses to the Ping command are displayed. If you want the appliance to remain hidden,
disable this option. Default is on.
Reboot on Enables or disables the automatic reboot of the appliance if any internal errors are
Failure detected by the software. When Enabled is checked, the appliance reboots if an error is
detected (Default).


 CLI
From the advanced level (Array-Networks-adv#), refer to the following commands for enabling and disabling
remote administration services:
Syntax Description
set TelnetEnabled {yes|no} Enables or disables Telnet access to the appliance. Enabled by default.
set HttpEnabled {yes|no} Enables or disables HTTP access to the GU. When enabled, your browser can be
used to access the GUI via HTTP; when disabled, HTTP access to the GUI via the
browser is denied.
set IcmpEchoReply {on|off} The ICMP command turns Internet Control Message Protocol (ICMP) Echo
messages on and off. When on, responses to the Ping command are displayed;
when off, no messages are displayed. If you want the appliance to remain hidden,
turn of ICMP. Default is on.
set RebootOnFailure {yes|no} Enables or disables the automatic reboot of the appliance if any internal errors are
detected by the software. When Enabled, the appliance reboots if an error is
detected. (Default)
 Notes:
 To view the configured settings for the above CLI commands, type show TelnetEnabled, show
HttpEnabled, show IcnpEchoReply, and show RebootOnFailure.
4.6 SNMP Options

The aCelera provides options for configuring an SNMP community string to validate incoming SNMP Gets in the
Management Information Base (MIB), for sending Simple Network Management Protocol (SNMP) traps or
messages for pre-defined events, and for monitoring peer-to-peer activity.
4.6.1 Configuring an SNMP Community String

You can configure a read-only community string to validate incoming SNMP Gets for objects in the MIB.
 GUI
To configure a read-only community string:
2. Under the Device navigation tab, click SNMP.
3. Type in an appropriate string in the Read-only Community field. By default, this field is configured with
the value of public.

 CLI

From the advanced level (Array-Networks-adv#), use the following command to configure a read-only
community string.
Syntax
set SnmpReadCommunity <string>

 Notes:
 The default value for SnmpReadCommunity is public, which is a commonly used SNMP read
community string.
4.6.2 Configuring SNMP Trap Destinations

A trap destination consists of the IP address of the host that you want to receive SNMP notifications, an optional
SNMP community name, and an optional port number for the destination address. Up to ten entries can be
specified, however, Array Networks recommends configuring no more than two trap destinations.
 GUI
To configure SNMP traps:
3. Under Trap Destinations, perform the appropriate action and then refer to the table.
 Click New to create a new row for each destination you want to configure and fill in the
appropriate information as described in the table.
 To modify an existing entry, click on the field you want to modify.
 To remove a host from receiving notifications, click anywhere on the row, and then click Delete.
Option Description
IP Address Type in the IP address of the host that is receiving notifications.

Community An optional SNMP community string. Default is public.
Port UDP port number for the host. Default is 162.

 CLI
From the advanced level (Array-Networks-adv#), refer to the following sections to configure SNMP traps.
Syntax
set Snmp/Trap/Destinations <destination>[<,destination>...]

Where <destination> is [<community>@]<ip_address>[:<port>]
Syntax Description
Value Description
[<community>@] The community string is used to validate incoming SNMP Gets for objects in the Management
Information Base (MIB). If no string is specified, the default string public is assumed.
<ip_address> The IP address of the host that is receiving notifications.
[:<port>] Optional UDP port number for the host. Default port number is 162. If specified, include a colon
(:) before the port number.
Example
The following example configures hosts at 10.40.90.10 and 10.10.40.20 to receive trap notifications.
set Snmp/Trap/Destinations public@10.40.90.10:162,zxafy@10.10.40.20
4.6.3 Specifying the Trap Sampling Interval

By default, trap expressions are evaluated every 30 seconds to determine if a trap notification needs to be sent. A
notification is only sent if the state of an expression changes. Refer to the following to change the time interval
that expressions are evaluated.
 GUI
To change the interval:
3. Under Traps, specify the interval between trap evaluations in the Trap Sampling Interval field, in
seconds.

 CLI
From the advanced level (Array-Networks-adv#), refer to the following sections to change the interval between
trap evaluations.
Syntax
set Snmp/Trap/Interval <time_period>

<time_period> refers to the interval between trap evaluations, in seconds.
Example
The following example indicates that trap expressions will be evaluated at intervals of not less than 104 seconds.
set Snmp/Trap/Interval 104

4.6.4 Configuring SNMP Traps

The aCelera provides a mechanism for configuring Simple Network Management Protocol (SNMP) traps or
messages for user-defined events such as thresholds or status changes. Once a threshold is crossed or status is
detected by the appliance, it sends a UDP notification to the specified IP address(es). Administrators can
configure these traps in ways that best suit their organizations. What constitutes a trap event is left to the user to
configure. Up to eleven user-defined SNMP traps can be configured. To configure traps, you must:
 Specify the address of the trap receiver as previously described.
 Configure the time interval between evaluating each trap as previously described.
 Configure the following settings for each trap event:
- The parameter that will be evaluated.
- A comment used to explain the purpose of the trap.
- The expression that is used to initiate (set) the trap.
- The expression used to clear the trap.
 Note: Any parameter viewable from the CLI show and show status commands can potentially be used to
configure a trap.
 GUI
To configure SNMP traps:
3. Under Traps, perform the appropriate action and then refer to the table.
 Click New to create a row for each trap you want to configure and fill in the appropriate
information for each field.
 To edit an existing setting, click on the item and modify the value.
 To delete a trap event, click anywhere on the row you want to delete, and then click Delete.
Option Description
Description The description of the trap event.

Parameter A valid parameter to which the "set" and "clear" conditions are applied.
Set Condition A constant expression that when encountered, initiates the trap.
Clear Condition A constant expression that when encountered, clears the trap.

The set and clear trap conditions must be enclosed within parentheses. Leave a space after the left
parenthesis and a space before the right parenthesis. The trap parameter value has a symbolic
representation of "$" (dollar sign). Make sure to leave a space after the "$" sign.
Parameter Description
Expression Expression is true.

! Expression Expression is false.
Expression1 -a Expression2 Both Expression1 and Expression2 are true.
Expression1 -o Expression2 Either Expression1 or Expression2 is true.
-n string The length of the string is non-zero.
-z string The length of the string is 0.
String1 = String2 The strings are equal.
String1 != String2 The strings are not equal.
Integer1 -eq Integer2 Integer1 is equal to Integer2.
Integer1 -ge Integer2 Integer1 is greater than or equal to Integer2.
Integer1 -gt Integer2 Integer1 is greater than Integer2.
Integer1 -le Integer2 Integer1 is less than or equal to Integer2.
Integer1 -lt Integer2 Integer1 is less than Integer2.
Integer1 -ne Integer2 Integer1 is not equal to Integer2.


 CLI
From the advanced level (Array-Networks-adv#), refer to the following sections to configure individual traps.
Configuring Individual Traps
The following parameters are associated with configuring a single SNMP trap.
Syntax
set Snmp/Trap/<trap_number>/Value <parameter>

set Snmp/Trap/<trap_number>/Comment <string>
set Snmp/Trap/<trap_number>/Set <set_expression>
set Snmp/Trap/<trap_number>/Clear <clear_expression>
Value Description
<trap_number> The number identifying the trap. Valid entries include 0-10.
Any valid show and show status parameter available from the CLI to which the "set" and "clear"
<parameter>
expressions are applied.
<string> Any user-defined string to describe the trap event.
<set_expression> An expression that when "true" (encountered), initiates the trap.
<clear_expression> An expression that when "true" (encountered), clears the trap.
SNMP Trap Expression Syntax (for set and clear expressions)
The set and clear trap expressions must be enclosed within parentheses. Leave a space after the left parenthesis
and a space before and after the right parenthesis. The trap parameter value has a symbolic representation of "$"
(dollar sign). Make sure to leave a space after the "$" sign.
Value Description
Expression Expression is true.

! Expression Expression is false.
Expression1 -a Expression2 Both Expression1 and Expression2 are true.
Expression1 -o Expression2 Either Expression1 or Expression2 is true.
-n string The length of the string is non-zero.
-z string The length of the string is 0.
String1 = String2 The strings are equal.
String1 != String2 The strings are not equal.
Integer1 -eq Integer2 Integer1 is equal to Integer2.
Integer1 -ge Integer2 Integer1 is greater than or equal to Integer2.
Integer1 -gt Integer2 Integer1 is greater than Integer2.
Integer1 -le Integer2 Integer1 is less than or equal to Integer2.
Integer1 -lt Integer2 Integer1 is less than Integer2.
Integer1 -ne Integer2 Integer1 is not equal to Integer2.

Example 1
The following example generates an SNMP Trap if the appliance's CPU utilization threshold exceeds 75%. The
condition is cleared if the CPU utilization threshold falls below 60%.
set Snmp/Trap/0/Value status/CpuUtilization
set Snmp/Trap/0/Comment CPU Utilization Threshold
set Snmp/Trap/0/Set ( $ -ge 75 )
set Snmp/Trap/0/Clear ( $ -le 60 )
Example 2
The following example generates a trap while the appliance is attempting to connect to the network. Once the
appliance connects, the trap is cleared. This example assumes that there are two configured peer-to-peer
connections.
set Snmp/Trap/1/Value status/AcceleratingConnections
set Snmp/Trap/1/Comment Empty SNMP Trap slot
set Snmp/Trap/1/Set ( $ -lt 2 )
set Snmp/Trap/1/Clear ( $ -eq 2 )
 Notes:
 Parameters used with the “value” argument such as “status/AcceleratingConnections” and

“status/CpuUtilization” in the examples above are case-sensitive.
 To view the configured settings for the above CLI commands, type the following: show
Snmp/Trap/Destinations, show Snmp/Trap/Interval, show Snmp/Trap/<#>/Value, show
Snmp/Trap/<#>/Comment, show Snmp/Trap/<#>/Set, and show Snmp/Trap/<#>/Clear
4.7 Event Logging

Log files provide a mechanism for capturing information which can be used to monitor events and help
troubleshoot problems that might occur. Depending on the level of information that has been configured to be
logged, a log entry is written to the log file for each request, notification, status event that is generated.
Information such as critical events, standard informational events, and configuration changes may be logged. The
appliance can contain up to seven log files and can be configured to direct the local logs to specified network
servers.
Use the options in this section to:
 Configure the event log level
 Allow log messages to be sent to the specified Syslog server
4.7.1 Setting the Log Level

You can configure the amount of detail that is saved to a log file. When you set the log level to a specific level, all
events at that level and higher are sent to the log file. For example, if you set event logging to 5, all events for
levels 5 through 8 will be sent to the log.
Keep in mind that the amount of logged detail increases when the Log Level is set to a lower number. Lowering
the Log Level number also increases the amount of disk space required for storing the logs, and potentially
increases the frequency of log file rotation.

4.7.2 Recommended Event Logging Settings

Refer to the following recommendations when configuring event logging for the appliance.
 Levels 0, 1, and 2 should only be configured if instructed by Array Networks Customer Support. These
levels are intended for testing and debugging and could impact the performance and behavior of
appliances in the field.
 Configuring a level higher than level 6 is not recommended. Doing so may cause errors requiring
attention to not be logged.
 Level 4 is recommended for production use, and provides the highest performance without loss of
useable operator information. Level 4 is the default setting. Configuring event logging to any level lower
than 4 results in greater amounts of information to be logged which can impact performance due to
additional resources and memory being utilized to capture this information.
 GUI
To configure event logging:
2. Under the Device navigation tab, click Logging.
3. Under Settings, select the appropriate option from the Log Level pull-down menu.
Option Description
0 - Trace Detailed debugging events. All events are logged. Array Networks use only for detailed
debugging purposes.
1 - Debug Debugging events. Array Networks use only for debugging purposes.
2 - Test Test events. Array Networks use only for testing purposes.
3- Informational events.
Informational
4 - Notifications Normal but significant conditions. (Default)
5 - Warning Warning conditions.
6 - Error Error conditions.
7 - Critical Critical events.
8 - Fatal A fatal event.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to configure event logging:
Syntax
set LogLevel {0|1|2|3|4|5|6|7|8}

Syntax Description
Value Type Description

0 Trace Detailed debugging events. All events are logged. Array Networks use only for detailed
debugging purposes.
1 Debug Debugging events. Array Networks use only for debugging purposes.
2 Test Test events. Array Networks use only for testing purposes.
3 Informational Informational events
4 Notifications Normal but significant conditions. (Default)
5 Warning Warning conditions
6 Error Error conditions
7 Critical Critical events.
8 Fatal A fatal event.
Example 1
The following example only logs fatal events.

set LogLevel 8
Example 2
The following example is configured so that events identified as notifications, warning conditions, error
conditions, critical events, and fatal events are logged.
set LogLevel 4
 Notes:
 After making changes, type config apply to update configuration file.

 To view the configured setting for the above CLI command, type show LogLevel.
4.7.3 Configuring Network System Logging (Network Syslog)

Network system logging is a commonly-used method for aggregating logs into a central location. It provides a
convenient mechanism for extending the time allowed for storing messages that might otherwise be lost due to
log rotation on the aCelera, or become unavailable if the aCelera is not accessible. The aCelera can be configured
to send log files to up to three network servers using the Network Syslog protocol (RFC 3164). This protocol is
not vendor-dependent. Syslog messages are UDP-based and use port 514.
Once configured and enabled, log messages that meet configured criteria are sent to the local log file on the
appliance as well as to each specified network server every time a log message is generated. You can specify
which messages are sent based on the configured severity level and type of facility. The filename to which the
logs are sent as well as the location of the file is determined according to the settings configured on the server;
these are not configured on the appliance.
 GUI
To configure Network Syslog:
2. Under the Device navigation tab, click Logging.
3. Under Network Syslog, enable network syslog by adding a checkmark to the Enabled checkbox; to
disable, remove the checkmark. By default, network syslog is disabled. When enabled, options to
configure the servers that will receive the messages and options to filter the types of messages are
displayed.
4. By default, no syslog servers are configured. To add servers or to manage existing servers, under Syslog
Servers perform the appropriate action:

 To add servers, click New to create a row for each server you want to receive messages and
specify the IP address of the server. Up to three servers can be configured.
 To edit an existing entry, click on the entry and type in the new IP address.
 To remove a server from the list of those receiving log messages, click on the appropriate row,
and then click Delete.
By default, all Array Networks-defined messages are logged.
5. To change the facility under which the messages are logged, click the drop-down list in the Network
Syslog Filter area, and select the Syslog Facility setting requested by your Syslog Server Administrator.

 CLI
To configure the appliance for network system logging, perform the following procedure from the advanced level
(Array-Networks-adv#):
1. Enable syslog.
set NetSyslog/Enabled yes
2. Configure the syslog servers by their IP addresses:.
set NetSyslog/Servers <ip_address>[<;ip_address><;ip_address>]
Up to three network servers can be configured to receive log messages. Use a semi-colon (;) with no
spaces between each specified IP address.
3. Set the log level (if not already configured).
set LogLevel {0|1|2|3|4|5|6|7|8}
4. Optionally, configure the facility type to filter the type of messages that are being logged.
set NetSyslog/Facility <facility#>
By default, <facility#> is configured with a value of 1 which indicates that all Array Networks-defined
messages are logged. Additional supported facility numbers include the following user-customized
values: 16, 17, 18, 19, 20, 21, 22, and 23.
To disable network system logging:

set NetSyslog/Enabled no
 Notes:
 To view the settings configured for each of the above CLI commands, type the following: show
NetSyslog/Enabled, show NetSyslog/Servers, show NetSyslog/Facility, and show LogLevel.
 Since the message is sent in a UDP packet, if it gets lost (for example, due to network
congestion), the message is not resent; it is lost.
 Logs messages sent to network servers conform to the standard syslog message format
consisting of the PRI, Header, and MSG.
4.8 CLI Customization Settings

The following options are available to for customizing the CLI.
 Adding a CLI Display Message
 Setting the CLI Session Inactivity Timeout Period
4.8.1 Adding a CLI Display Message

The set motd command allows a user-specified banner to be displayed when the CLI is first accessed. The
banner is only displayed once upon login.
Syntax
set motd <banner>

Example
The following example configures “Boston Office Data Center 1” to be displayed when logging into the CLI.
set motd Boston Office Data Center 1
Sample Output

Array-Networks password:
aCelera Command Line Interface (CLI) 3.5.0.0 Build 202
aCelera SN 000000001101
Boston Office Data Center 1
Array-Networks>
 Notes:
 By default, no display message is configured.

 To view the configured display message, type show Motd.
4.8.2 Setting the CLI Session Inactivity Timeout Period

The set ExecTimeout lets you specify the amount of time of user inactivity that must occur before a CLI session
times out. If no activity occurs before the specified period expires, the current CLI session closes and the
connection is lost. Any unsaved changes that were made before the session timed out are lost. To ensure that no
changes are lost, type config apply and then config save.
Syntax
set ExecTimeout <minutes>

<minutes> indicates the amount of minutes of system inactivity before timing out. A value of 0 disables the timer.
 Notes:
 By default, the inactivity timeout period is 30 minutes.

 Any time the inactivity timeout value is changed, you must log out and then log in again for the
new setting to take effect. Before logging out, type config apply to update configuration file
and then config save so that the new setting will remain persistent after a reboot.
 To view the configured timeout setting, type show ExecTimeout.


Chapter 5 Configuring Acceleration Settings
Use the items in this chapter to configure the various acceleration options including communicating with
published addresses, other remote appliances, traffic rules, and application acceleration.
5.1 General Acceleration Settings

Use the items in this section to configure the various options related to the acceleration of traffic.
5.1.1 Enabling or Disabling Acceleration

By default, the aCelera is configured to accelerate traffic between each configured peer using the various
configuration options found in this chapter. There may be times when you may need to temporarily disable
acceleration between the local peer and all remote peers such as when performing maintenance or upgrading
the appliance’s software. When acceleration is disabled, traffic is simply forwarded without any optimization.
 GUI
To enable or disable acceleration:
2. Under the Acceleration navigation tab, click Settings.
3. Under General, enable acceleration by checking the Acceleration Enabled checkbox. To disable
acceleration between this appliance and all remote peers, remove the checkmark. By default,
acceleration is enabled.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to enable or to disable
acceleration.
Syntax
set Acceleration/Enabled {yes|no)
 Notes:
 To view the configured setting for the above CLI command, type show Acceleration/Enabled.
5.1.2 Enabling or Disabling Acceleration Optimization

The aCelera uses Layer 7 application knowledge to optimally accelerate the following types of traffic: HTTP, SSL,
CIFS MAPI, and ICA. By default, acceleration optimization is enabled.
When HTTP is enabled, static caching becomes available. When the static cache is enabled, the aCelera allocates
temporary storage of web documents, such as HTML pages and images, as they are received from the server. If a

CHAPTER 5: CONFIGURING ACCELERATION SETTINGS
cached web document meets freshness and size requirements, the aCelera serves that copy when it receives
subsequent requests for the document, instead requesting it from the source site. This increases throughput and
reduces bandwidth usage and server load. By default, acceleration optimization and static caching are enabled.
 GUI
To enable or disable acceleration optimization for one or all of these traffic types:
3. Under Advanced, disable acceleration optimization by removing the checkmark from the appropriate
check box. To re-enable acceleration optimization, add the checkmark to the appropriate check box.
If HTTP is enabled, disable or re-enable the Static Cache, as appropriate.

 CLI
From the advanced level (Array-Networks-adv#), use the following commands to enable or disable acceleration
optimization:
Syntax
set Acceleration/Http/Enabled {yes|no}

set Acceleration/Ssl/Enabled {yes|no}
set Acceleration/Cifs/Enabled {yes|no}
set Acceleration/Mapi/Enabled {yes|no}
set Acceleration/Ica/Enabled {yes|no}
To enable or disable static caching when HTTP is enabled:

config/s2d/cache/enable={1|0}
By default, static caching is enabled when HTTP is enabled.
 Notes:
 To view the configured settings for the above CLI commands, type:
 show Acceleration/Http/Enabled
 show Acceleration/Ssl/Enabled
 show Acceleration/Cifs/Enabled
 show Acceleration/Mapi/Enabled
 show Acceleration/Ica/Enabled

5.2 Peer Options

The aCelera communicates with other appliances on a peer-to-peer basis. Peers can be automatically discovered
or manually defined. After the peers successfully communicate, acceleration begins. Peer options are described
below.
5.2.1 Configuring Peer Auto Discovery

Peer Auto Discovery, when enabled, allows the aCelera to discover other aCelera appliances and be discovered
by other aCelera appliances that also have Peer Auto Discovery enabled. Peer Auto Discovery is enabled by
default. When a new peer is discovered the peers start negotiating settings and establish a connection. Keep the
following in mind if using Peer Auto Discovery:
 Peers are automatically removed from the discovered list if a connection cannot be made within 24
hours.
 The discovered peers list is not retained when the aCelera is rebooted.
 Auto Discovery is "required" if a peer is defined on only one side of the connection.
 Peer Auto Discovery is only applicable for appliances that are deployed in-line.
 When Peer Auto Discovery is not enabled, both sides of an accelerated connection MUST have a defined
peer to enable acceleration to occur.
 GUI
To configure Peer Auto Discovery:
2. Under the Acceleration navigation tab, click Peers.
3. Under Auto Discovery, enable Peer Auto Discovery by checking the Peer Auto Discovery Enabled
checkbox. To disable auto discovery, remove the checkmark.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to enable or disable Auto
Discovery:
Syntax
set Acceleration/Peer/AutoDiscoveryEnabled (yes|no)
 Notes:
 To view the configured setting for the above CLI command, type show
Acceleration/Peer/AutoDiscoveryEnabled.

5.2.2 Managing Defined Peers

Peers can be manually defined by including the IP address, serial number or license number of each remote peer.
When the appliance is powered on, it attempts to contact the peers that are part of its defined peers list..
 Note: If peer connections are deployed in-line and have Auto Discovery enabled, peers do not have to be
defined. If Peer Auto Discovery is disabled on any peer or if a peer is deployed out-of-line, a peer must be
defined.
Keep the following points in mind when defining peers:

 If any peer is out-of-line, one side of the peer connection must be configured with the IP address or the
serial number of the remote peer.
 For additional authentication, both sides of the peer connection can be configured.
 If the peer is behind a NAT device, add the IP address of the peer’s NAT device to the defined peers list
instead of the peer’s IP address.
 GUI
To manage the defined peers list:
3. Under Defined Peers, perform the appropriate action:
 Click New to create a new row for each remote peer you want to configure and type in the IP
address and either the serial number or license number of the remote peer.
 Note:
To find the remote peer serial number, log in to the CLI in advanced mode and
enter:
cdb show status/SN
To find the remote peer license number, log in to the GUI, click the Administration
menu bar item and click System. In the Activation area, the license number is actually
labeled Serial Number.
 To edit a setting, click on the appropriate row and then make the change.
 To delete a peer from the list, click on the row containing the peer you want to delete, and then
click Delete.


 CLI
From the advanced level (Array-Networks-adv#), use the following commands to add peers to or remove peers
from the defined peers list.
Syntax
set Acceleration/Peer/Permit/<#> {ip <address>] | sn <serial>} Adds peers to the defined peers list
no set Acceleration/Peer/Permit/<#> Removes peers from the defined peers list
Syntax Description
Argument/Value Description
<#> The number used to identify the peer connection.

ip <address> The IP address of the defined peer. Only used to add peers.
sn <serial> The serial number of the defined peer. Only used to add peers.
Note:
To find the remote peer serial number, enter the following from the CLI:
cdb show status/SN
Example 1
The following example adds two peers to the defined peers list.
set Acceleration/Peer/Permit/1 ip 10.40.120.10
set Acceleration/Peer/Permit/2 ip 10.40.90.10
Example 2
The following example removes the peer from the defined peers list.
no set Acceleration/Peer/Permit/1
 Notes:
 To view the list of defined peers, type show Acceleration/Peer/Permit. To view only a specific
peer, type show Acceleration/Peer/Permit/<#>. Replace the <#> with the appropriate
number.
5.2.3 Managing Restricted Peers

The aCelera can be configured to not connect to a device that is listed in its restricted peer list. Restricting peers
provides security in the event a device is being revoked and should never be connected to. If a peer is listed in
both the restricted peer list and defined peers list, the peer will be restricted since restricted lists take
precedence over defined lists.
 GUI
To manage the restricted peers list:

3. Under Restricted Peers, perform the appropriate action.

 Click New to create a new row for each remote peer you want to add to the restricted peer list
and type in the serial number assigned to the remote peer.
 To edit a setting, click on the appropriate row and then make the change.
 To delete a peer from the list, click on the appropriate row, and then click Delete.

 CLI
From the advanced level (Array-Networks-adv#), use the appropriate command below to add peers to or
remove them from the restricted peers list.
Syntax
set Acceleration/Peer/Deny/<#> sn <serial_number> (Adds peers to the restricted peers list)
no set Acceleration/Peer/Deny/<#> (Removes peers from the restricted peers list)
Syntax Description
sn <serial_number> The serial number of the restricted peer. Only used to add peers to the restricted peers list.
Example 1
The following example adds a peer whose serial number is 000000000010 to the restricted peers list.
set Acceleration/Peer/Deny/1 sn 000000000010
Example 2
The following example removes the peer from the restricted peers list.
no set Acceleration/Peer/Deny/1
 Notes:
 To display all restricted peers type, show Acceleration/Peer/Deny. To display a specific
restricted peer, type show Acceleration/Peer/Deny/<#>. Replace the <#> with the
appropriate number.
5.2.4 Setting Heartbeat Interval

The heartbeat interval between aCelera appliances is configurable. The default value is 10, in seconds.
 GUI
To manage the restricted peers list:

3. Under Peers Heartbeat Interval, perform the appropriate action. Refer to the following table for the
options to configure the appliance's management port.
Option Description
Peers Heartbeat Interval The heartbeat interval between aCelera appliances.

 CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure heartbeat interval
settings.
Syntax Description
set conjure/heartbeatinterval Set the heartbeat interval between aCelera appliances.

[heartbeat_interval]
 Notes:
Example
set conjure/heartbeatinterval 10
5.3 Published Addresses

Each aCelera has a list of published addresses. These are addresses that are able to send and receive accelerated
data. By default, the aCelera publishes all addresses on the local subnet, that is, the subnet on which it resides
and exchanges this with other peer appliances so they know which traffic can be accelerated. Only traffic sourced
from a published address and destined to another published address will be accelerated. Additional addresses
can be added to the “published list.” The aCelera can also exclude specific addresses so that traffic to or from
those locations is not accelerated by the aCelera.
5.3.1 Managing the Local Subnet

The appliance publishes its local subnet. To disable the local subnet from being managed by the appliance, refer
to the instructions below.
 GUI
To enable or disable the acceleration of local traffic:


2. Under the Acceleration navigation tab, click Published Addresses.
3. Under Accelerated Addresses, disable the local subnet from being managed by the appliance by
checking removing the checkmark from the Include Local Subnet of aCelera check box. To allow the
local subnet to be managed by the appliance, add checkmark to the check box.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to allow or restrict the appliance
from managing traffic on the local subnet.
Syntax
set Acceleration/Addresses/LocalSubnetEnabled {yes|no}
 Notes:
 To display the configured setting for the above CLI command type
show Acceleration/Addresses/LocalSubnetEnabled.
5.3.2 Managing Other Accelerated Addresses

Use the instructions below to publish other addresses you want to be able to send and receive accelerated data.
 GUI
To manage other accelerated addresses:
3. Under Accelerated Addresses, perform the appropriate action:
 Click New to create a new row for each address you want to add to the list and type in the
appropriate IP address and subnet mask. Type the subnet mask in CIDR notation (for example,
“/24”). To accelerate all addresses, create one row and type 0.0.0.0 in the IP Address field
and /0 in the Subnet Mask field.
 To modify an existing entry, click on the item you want to change and type in the new value.
 To remove an address from the list, click anywhere within the row, and then click Delete. Once
removed from the list, that address will not receive or send accelerated data.



 CLI
From the advanced level (Array-Networks-adv#), refer to the appropriate command below to add locations to or
remove them from the published address list..
Syntax
set Acceleration/Addresses/Permit/<#> ip <address/mask> (Adds peers to the published address list)

no set Acceleration/Addresses/Permit/<#> (Removes peers from the published address list)
Syntax Description

ip <address/mask> The IP address and subnet mask of the remote location. Specify the subnet mask in CIDR notation
(for example, “/24”). To accelerate all addresses type 0.0.0.0/0 for the <address/mask>. Make
sure to include the keyword, ip, followed by a single space before the <address/mask>.
Example 1
The following example adds 10.40.90.10 to the published address list allowing this location to send and receive
accelerated data.
set Acceleration/Addresses/Permit/1 ip 10.40.90.10/24
Example 2
The following example removes the location configured for peer connection 2 from the published address lost.
This location will not be able to send or receive accelerated data.
no set Acceleration/Addresses/Permit/2
 Notes:
 To view a list of all published address type, show acceleration/addresses/permit. To view
only a specific address, type show acceleration/addresses/permit<#>. Replace the <#> with
the appropriate number.
5.3.3 Managing Excluded Addresses

Use the instructions below to exclude specific addresses from being managed by the appliance. Once added to
the excluded address list, traffic to and from that address will not be managed by the aCelera will therefore not
be accelerated. If an address is included in both published and excluded address lists, the excluded rule takes
precedence.
 GUI
To manage excluded addresses:
3. Under Excluded Addresses, perform the appropriate action:
 Click New for each address you want to add to the list and type in the appropriate IP address
and subnet mask. Type the subnet mask in CIDR notation (for example, “/24”).

 To modify an existing entry, click on the item you want to change and type in the new value.
 To remove an address from the list, click anywhere within the row, and then click Delete.

 CLI
From the advanced level (Array-Networks-adv#), use the appropriate command below to add addresses to or
remove addresses from the excluded address list.
Syntax
set Acceleration/Addresses/Deny/<#> ip <address/mask> (Adds addresses to the excluded address list)

no set Acceleration/Addresses/Deny/<#> (Removes addresses from the excluded address list)
Syntax Description

ip The remote location’s IP address and subnet mask. Specify the subnet mask in CIDR notation (for
<address/mask> example, “/24”). Include the keyword, ip, followed by a single space before the <address/mask>.
Example 1
set Acceleration/Addresses/Deny/1 ip 10.40.90.10/32
Example 2
no set Acceleration/Addresses/Deny/1
 Notes:
 To view all excluded addresses, type show Acceleration/Addresses/Deny. To display only a
specific address, type show/Acceleration/Addresses/Deny/<#>. Replace the <#> with the
appropriate number.
5.4 Managing SSL Certificates

To enable SSL acceleration, the aCelera needs the SSL certificate of the server. This certificate must be loaded on
the aCelera at the same location as the server. The appliance supports PFX and PKCS#12 formats. Certificate
authority (CA) information is supported within the PKCS#12 package. Whenever a PKCS#12 certificate is
imported, CA information such as the organization’s name, common name and the location of the certificate is
also imported. In addition, the certificates that are imported into the aCelera must have the private keys included
in them. The appliance can support multiple installed certificates. Refer to the information in this section to:
 Load a certificate onto a device
 View certificate information
 Delete an existing certificate

 Update an existing certificate
 Export a certificate to the specified location
5.4.1 Listing All Certificates on the Appliance

Refer to this section to view a list of the certificates installed on the appliance. The information that is displayed
depends on the command issued and also where it was issued (via the GUI or CLI).
 Viewing the list via the GUI displays the name, issuer, issue date, and expiration date for each certificate.
 Issuing the cert info command via the CLI displays the name, the issue date and time, the private key
type and length, and the number of associated CAs for each certificate. The output also displays whether
or not the certificate is currently configured to a traffic rule (In Use).
 Issuing the cert list command via the CLI displays the size, the issue date and time, and the name of each
certificate.
 GUI
To view a listing of all certificates on the appliance:
2. Under the Acceleration navigation tab, click SSL. The name, issuer, issue date, and expiration date are
displayed for each installed certificate SSL Certificates.
 CLI
From the advanced level (Array-Networks-adv#), use one of the following commands view certificate
information:
Syntax
cert info
Sample Output
Name Date Time Private Key CAs In Use

------- ---- ------ ----------- ---- ------
Default AUG27 22:06 RSA 1024 bit 0 no
System AUG27 20:47 RSA 1024 bit 1 no
Syntax
cert list
Sample Output
Size Date Time Name

851 2009-08-27 12:37 default
2.2K 2009-08-27 20:47 system
5.4.2 Loading Certificates

Use the following instructions to load certificates onto the appliance.

 Note: Log on to your ftp site to upload the SSL certificate file. For further information, contact
Array Networks Customer Support.
 GUI
To load SSL certificates onto the appliance
2. Under the Acceleration navigation tab, click SSL.
3. Under SSL Certificates, click Load.
4. From the Load Certificate dialog box, supply the following information in the following order.
a. Type the Name you assign to the imported certificate.
b. Type the certificate's password in the Password field.
c. Type in the File Location where the certificate resides. If you do not specify the file location,
click the Browse button to find the certificate.
d. Click OK to close the dialog box. The certificate is added to the list.

 CLI
From the advanced level (Array-Networks-adv#), use the following commands to load certificates onto the
appliance.
Use either cert get or cert import to download a new certificate from the specified location.
Syntax
cert get <cert_name> <protocol>://[<username>:<password>@]<server>/<path>/<server_cert_name>

cert import <cert_name> <protocol>://[<username>:<password>@]<server>/<path>/<server_cert_name>
Syntax Description
Value Description
<cert_name> The name you assign to the imported certificate.

<protocol> The protocol used to import the certificate. It can be FTP, HTTP, or SCP (Secure Copy). Notes: If SCP
is used, the user must have SSH set up on the server and have a user account password. SCP does not
support specifying the password on the command line. Supported URL formats include the following:
ftp://<server>/<path>/<server_cert_name>
ftp://<username>:<password>@<server>/<path>/<server_cert_name>
ftp://<username>@<server>/<path>/<server_cert_name>*
http://<server>/<path>/<server_cert_name>
http://<username>@<server>/<path>/<server_cert_name>*
http://<username>:<password>@<server>/<path>/<server_cert_name>
scp://<username>@<server>/<path>/<server_cert_name>*
* Will prompt user for password.
[<username>] The user name that restricts access to the server. Only needed if required by the server. May be used
in conjunction with a password. If no password is specified, include an ampersand (@) after the
password.
[<password>] The password that restricts access to the server. Only needed if required by the server. If required,
the password must be proceeded by the user name and a colon (:) and followed by an ampersand
(@). If a password is not specified, a prompt appears requesting a password. Note: If using SCP, the
password cannot be specified on the command line; it can only be specified after being prompted to
enter one.
<server> The IP address of the server or host name on which the certificate resides.
<path> The path where the certificate resides. Note: If FTP or HTTP is used, only relative pathnames are
supported; for SCP, the specified pathname must be an absolute pathname.
<server_cert_name> The name of the certificate located on the server.
Example 1
The following example imports (via FTP) the certificate " array-networks-cert" located in "certificates" on
10.10.20.10 using username "array-networks" and password "xyz" and assigns it the name "array-networks-sps".
cert get array-networks-sps ftp://array-networks:xyz@10.10.20.10/certificates/array-networks-cert
Example 2
The following example imports (via HTTP) the certificate "array-networks-cert" located in "certificates" on
10.10.20.10 and assigns it the name "array-networks-sps".

cert get array-networks-sps http://10.10.20.10/certificates/array-networks-cert

 Note: During the import process, a prompt appears asking for the password associated with the certificate file.
After entering the password, the certificate is successfully imported. If an invalid password is entered, a
message is displayed indicating that the password is invalid and the password must be entered again.
Up to three attempts are permitted. After three invalid passwords are entered, the import process is
halted. You must re-issue the cert get or cert import command again. The following example details the
process of importing a certificate with one invalid password attempt.
DataCenter#1-adv# cert get localname.pfx ftp://10.10.20.66/pleperfnt101
######################################################################## 100.0%
Download complete
File retrieved successfully.
Package is valid PKCS#12 formatted file.
Please enter the package password:
Error: Could not decrypt package, bad password.
MAC verified OK
writing RSA key
MAC verified OK
MAC verified OK
Client Certificate and Key imported successfully.
1 CA Certificate imported.
5.4.3 Viewing Certificate Information

 GUI
To view certificate information:
2. Under the Acceleration tab, click SSL.
3. Under SSL Certificates, click on the appropriate certificate, and then click View.
The Certificate Viewer window contains a General tab and a Details tab, which include information such as:
 The version number of the certificate format. (Version)
 The serial number of the certificate assigned by the issuer. This is a unique number within the
issuer’s list of issued certificates. (Serial Number)
 The name of the certification authority that issued the certificate. (Issuer)
 The signature algorithm and any parameters used by the issuer. (Signature Algorithm)
 The validity of the certificate. This includes the date before which the certificate is not valid (Not
Before) and the date after which the certificate is no longer valid. (Not After)
 The name of the entity to which the certificate is being issued. (Subject)

 CLI
From the advanced level (Array-Networks-adv#), use the following commands view certificate information:
Syntax Description
cert display Displays information about the specified certificate including the common name, the
<cert_name> organization’s name, as well as the originating location of the certificate.
cert display Displays the following information:
<cert_name> detailed  Version number of the certificate format (Version)
 Serial number of the certificate assigned by the issuer. This is a unique number
within the issuer’s list of issued certificates. (Serial Number)
 The name of the certification authority, which issued the certificate. (Issuer)
 Signature algorithm and any parameters used by the issuer. (Signature Algorithm)
 The validity of the certificate. This includes the date before which the certificate is
not valid (Not Before) and the date after which the certificate is no longer valid.
(Not After)
 The name of the entity to whom the certificate is being issued (Subject)
 The subject’s Public Key Info including the algorithm used for the subject’s public
key (Public Key Algorithm) and the actual public key displayed as a bit string (RSA
Public Key)
Syntax
cert display <cert_name> [detailed]

Example 1
The following example provides a sample output that displays basic certificate information.
Sample Output
Common Name: test-engineering-server-001

Organization: array-networks
Org. Unit: engineering
Location: Burlington
State: ma
Country: US
Issuer
Common Name: test-engineering-ca
Organization: array-networks
Org. Unit: engineering
Location: burlington
State: ma
Country: US

Example 2
The following example provides a sample output that displays detailed certificate information.
Sample Output
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100 (0x64)
Signature Algorithm: md5WithRSAEncryption
Issuer: CN=default
Validity
Not Before: Jul 28 14:56:51 2007 GMT
Not After : Jul 27 14:56:51 2008 GMT
Subject: CN=default
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:a8:75:6f:08:fc:65:19:fc:6a:a1:0f:fa:9b:11:
c3:a7:7c:5c:c7:40:8e:1f:b9:b3:5f:20:72:1e:c2:
74:ad:4e:ca:64:0f:c4:08:b7:01:7a:18:ed:2a:1a:
bc:e0:21:d6:d2:96:b1:c1:60:ef:c6:58:51:a2:79:
3c:41:d2:4d:33:e8:92:e1:f3:f9:b3:58:7b:22:b5:
f9:88:d0:cb:e3:dd:3b:ff:b5:1c:ce:75:c2:35:11:
34:87:6f:2b:ba:59:54:4f:00:0a:41:44:0e:f3:45:
c2:04:78:a4:ac:81:54:a9:71:2f:dd:f9:d1:e9:8b:
6e:5c:e2:e2:57:a2:c7:35:cf
Exponent: 65537 (0x10001)
5.4.4 Deleting Certificates

Refer to the following instructions to delete the specified certificate and a private key if one exists. Any certificate
that is currently being used to accelerate SSL (HTTPS) traffic cannot be deleted unless it is first removed from
the appropriate traffic rule. For example, if the default certificate is configured for port 443, it cannot be deleted
until you remove the certificate or change the certificate used with that port.
 GUI
To delete certificates from the appliance
3. Under SSL Certificates, click on the appropriate certificate, and then click Delete.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to delete certificates:
Syntax
cert delete <cert>
5.4.5 Updating Certificates

Refer to the following instructions to overwrite an existing certificate with the updated certificate of the same
name. The appliance must be rebooted in order to utilize the updated certificate. For information on updating
the system certificate which is also referred to as the license file, see Updating the License on page 129.
 GUI
To update certificates on the appliance
3. Under SSL Certificates, click on the appropriate certificate, and then click Update Certificate.
4. From the Update Certificate dialog box, supply the following information.
a. Type the certificate's password in the Password field.
b. Type in the File Location where the certificate resides. If you do not specify the file location,
click the Browse button to find the certificate.
c. When finished, click Update Certificate to import the certificate onto the appliance.
d. Click OK. The list is updated to reflect the updated certificate.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to update certificates:
Syntax
cert update <local_cert_name> <protocol>://[<username>:<password>@]<server>/<path>/<server_cert_name>

Syntax Description
Value Description
<local_cert_name> The name of the certificate located on the appliance.

<protocol> The protocol used to import the certificate. Valid protocols include FTP, HTTP, or SCP (Secure
Copy). Notes: If SCP is used, the user must have SSH set up on the server and have a user account
password. SCP does not support specifying the password on the command line. Supported URL
formats include the following:
[<username>] The user name that restricts access to the server. Only needed if required by the server. May be
used in conjunction with a password. If no password is specified, include an ampersand (@) after
the password.
password cannot be specified on the command line; it can only be specified after being prompted
to enter one.
<server> The IP address of the server or host name on which the certificate resides. Note: If FTP or HTTP is
used, only relative pathnames are supported; for SCP, the specified pathname must be an absolute
pathname.
CLI Example
The following example imports (via FTP) the certificate "array-networks-cert" located in "certificates" on
10.10.20.10 using username "array-networks" and password "xyz" and then updates the existing certificate with
the new one.
cert update array-networks-sps ftp://array-networks:xyz@10.10.20.10/certificates/array-networks-cert
5.4.6 Exporting a Certificate

Refer to the instructions below for information to export a certificate from the appliance to the specified location.
 GUI
To export a certificate:


3. Under SSL Certificates, right-click on the appropriate certificate and from the Save as dialog box,
specify the location to copy the certificate to.
 CLI
From the advanced level (Array-Networks-adv#), use either cert put or cert export to export a certificate to the
specified location.
Syntax
cert put | cert export <cert_name> <protocol>://[<username>:<password>@]<server>/<path> [/<new_cert_name>]

Syntax Description
Name Description
<cert_name> The name of the certificate to export.
<protocol> The protocol used to export the certificate. Valid protocols include FTP, HTTP, or SCP. Notes: If
SCP is used, the user must have SSH set up on the server and have a user account password. SCP
does not support specifying the password on the command line. Supported URL formats include
the following:
ftp://<server>/<path>[/<new_cert_name>]
ftp://<username>:<password>@<server>/<path>[/<new_cert_name>]
ftp://<username>@<server>/<path>[/<new_cert_name>]*
http://<server>/<path>[/<new_cert_name>]
http://<username>@<server>/<path>[/<new_cert_name>]*
http://<username>:<password>@<server>/<path>[/<new_cert_name>]
scp://[<username>@<server>]/<path>[/<new_cert_name>]*
[<username>] Optional user name that when configured, must be used to access to the location. May be used in
conjunction with a password. If no password is specified, include an ampersand (@) after the
password.
password cannot be specified on the command line; it can only be specified after being prompted to
enter one.
[<new_cert_name>] Optional. Renames the certificate being exported to the user-specified name.
Example
The following example exports (via FTP) the certificate labeled "array-networks-ca" to "certs" on 10.10.20.10
using username "array-networks" and password "xyz."
cert put array-networks-ca ftp://array-networks:xyz@10.10.20.10/certs

5.5 Managing SSL Servers

When accelerating SSL traffic, the aCelera maintains the security trust model. This means that the SSL certificate
only gets loaded and stored on the appliance at the location where the SSL server resides. aCelera appliances
only share transient data to enable acceleration without the SSL certificates ever traversing across the WAN.
Once the SSL certificate is loaded, a mapping must be created to identify which traffic should use which
certificate. The matching criteria for the traffic can be based on IP address with subnet mask and TCP port
number. This mapping information is shared with all peers automatically.
 Notes:
1) Even though SSL is enabled by default, SSL traffic will not be accelerated until an SSL server entry is
configured using the imported certificate.
2) To accelerate traffic from Microsoft Exchange servers using Outlook Web Access or Outlook
Anywhere,
upload and apply Exchange certificates and the Client Access Server certificate just like an SSL
certificate.
 GUI
To manage the SSL server list.
2. From the navigation panel, click SSL Servers under the Acceleration tab.
3. Under SSL Servers, perform the appropriate action and then refer to the table.
 Click New to add a new row for each SSL server you want to add and configure the appropriate
options as described in the table.
 To edit existing entries, click on the appropriate entry and then change the setting.
 To delete an SSL server from the list, click on the server you want removed, and then click
Delete.
Option Description
SSL Servers Manages the SSL server list.
Option Description
IP Address The IP address of the server. By default, a value of 0.0.0.0 is displayed

in this field, which indicates that no servers are configured.
Subnet Mask The subnet mask of the server specified in (CIDR notation). Thus, a
mask of /24 is equivalent to 255.255.255.0. Default is /24. Make sure
to include the slash "/".
Port The SSL server port. Default is port 443.
Certificate Select the appropriate certificate from the pull-down box. If the SSL
connection does not have a certificate, you can chose to use the default
certificate. By default, any SSL connection that does not have a valid
certificate uses the default certificate.
4. Under SSL Options, select the appropriate certificate from the drop-down list.

5. Click Apply when finished.


 CLI
From the advanced level (Array-Networks-adv#), use the following command to choose a certificate for the SSL
connection:
Syntax
set Acceleration/Ssl/Sslserver/<#> [ip <address/mask>] [port <port>] [cert <cert_name>]
<#> The table entry for the SSL sever.
ip [<address/mask>] The address and subnet mask of the SSL server. The subnet mask is specified in CIDR notation.
By default, no servers are configured.
port [<port>] Optional port designation. If not specified, port 443 is assumed.
cert [<cert_name] Optional certificate name. If not specified, the default certificate is used.
Example
set Acceleration/Ssl/Sslserver/1 ip 10.20.20.10/24 port 443 cert default
 Notes:
 Altough SSL "is enabled by default" no sslserver are configured to be accelerated until an entry
is created.
5.6 Traffic Rules

Traffic rules provide the mechanism for identifying and determining how traffic is processed. The aCelera’s
default behavior is to forward (“bridge”) all traffic that is not matched to a traffic rule. The aCelera is pre-
configured with a single modifiable rule that accelerates all TCP traffic. Traffic not matching this rule (such as
UDP traffic) is simply forwarded.
Use the following information to create traffic rules that meet your organization’s needs. This allows the aCelera
to act on that traffic according to the settings configured for the rule. Keep the following points in mind while
creating traffic rules:
 A single traffic rule includes:
 One or more of the following matching criteria:
 Source IP address (that is, where the traffic originated from on the client-side)
 Destination IP address (that is, where the traffic is destined to on the server-side)
 TCP application (multiple TCP applications can be matched to a single rule)
 A single destination port or port range.
 The DSCP Type of Service marking for prioritizing traffic
 The type of action to perform on the matching traffic
 Accelerate: Traffic is accelerated, compressed, and differenced using history compression.
 Forward: Traffic is simply forwarded (bridged) across the WAN with no acceleration.
 Drop: Traffic is dropped and not sent across the WAN.
 Traffic Rules are numbered.

The pre-configured rule is originally labeled as rule number 1 in the Rule List via the GUI’s Traffic
Rules page and rule #1 via the CLI (set acceleration/rule/1) but can be re-ordered as additional rules
are created.
 The order of the rules on the Rule List determines how traffic is matched and processed. Rules are
processed from top to bottom. Use the “Move Up” and “Move Down” arrows to reorder the rules.
 All conditions specified in a rule must be met for traffic to be matched to it.
 Once traffic is matched to a rule, no further processing takes place.
 If traffic does not match any of the traffic rules, it is simply forwarded.
 Traffic rules need be configured only on the aCelera located closest to the source of the specified traffic.

 GUI
To manage traffic rules:
2. Under the Acceleration navigation tab, click Traffic Rules.
The Traffic Rules page displays all user-defined rules:
3. Under Rule List, perform the appropriate action:

 Click New to create a new row for each rule you want to create and then fill in the appropriate
information in the Traffic Rule Editor. Refer to the table on the next page for additional
information.
 To edit an existing rule, click on the desired rule, and then click Edit to make the appropriate
changes from the Traffic Rule Editor. Refer to the table on the next page for additional
information.
 To delete a rule, click anywhere on the row you want to delete, and then click Delete.
 To change the order of rules, use the Move Up and Move Down arrows.
When you create a new rule or edit an existing one, the screen for indicating Matching Criteria and
Actions is displayed.
Option Description
Matching Criteria
No The table entry number used to identify the rule. The number is automatically generated when
a new row is created.
Source IP The IP address where traffic originated from. Select one of the following from the drop-down
menu:
 If Any is selected, the rule will be matched to any source IP address. (Default)
 If Specified is selected, type in the appropriate IP address and subnet mask in the IP

Option Description
Address/Subnet Mask fields. By default, the subnet mask is /24. Make sure to
include the slash (/).
Destination IP The IP address where the traffic is destined to. Select one of the following from the drop-down
menu:
 If Any is selected, the rule will be matched to any destination IP address. (Default)
Protocol The IP protocol to match to the rule. Select one of the following from the drop-down list: Any,
TCP, UDP, or Other.
 If Any is selected, the rule will be matched to any protocol. (Default)
 If TCP is selected, the Protocol Number field is automatically set to 6 and not user-
modifiable. All TCP traffic will be matched to the rule.
 If UDP is selected, the Protocol Number field is automatically set to 17 and not user-
modifiable. All UDP traffic will be matched to the rule.
 If Other is selected, the Protocol Number field becomes editable. Type in the
appropriate protocol number. Use a space between each protocol entry.
Port Matches the destination port or port range to the traffic rule. When specifying a range, include
a dash between the ports (for example 23-25). Select the desired protocol from the drop-down
list. The protocol entry affects the port entry. Select one of the following from the drop-down
menu.
 If Any is selected, the Port field is not user-modifiable and any destination port will
be matched to the rule. (Default)
 If Specified is selected, the Port field becomes modifiable. Type in the appropriate
port number or port range.
Note: If Protocol is set to Other, the Port field is disabled and contains a value of Any, which
indicates any port will be matched to the rule.
TOS Matches the Differentiated Services Code Point (DSCP) ToS marking of the traffic. Select the
appropriate marking from the pull-down menu. Valid markings include 0-63.
Actions
Action The type of action configured for the rule. Options include the following:
Options Description
Accelerate Traffic is accelerated, compressed, and differenced using history

compression.
Forward Traffic is simply forwarded (bridged) across the WAN with no
acceleration.
Drop Traffic is dropped and not sent across the WAN.
4. Edit the Matching Criteria and Actions fields as appropriate.

5. Click Save to save your work and return to the Traffic Rules.
7. Click Save Configuration Changes at the bottom of the page.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to configure traffic classes.
Syntax
set Acceleration/Rule/<#> [src <source IP/mask>] [dst <destination IP/mask>] [proto {tcp|udp|<protocol #>}]
[port <port>] [dscp <dscp>] [action {A|F|D}] [class <class-name>]
Syntax Description
Except for the <#> argument, all other arguments are optional. The action argument defaults to “A” if not
specified. A value of “any” is assumed if any other argument is not specified.
<#> The entry number used to identify the rule.

[src <source IP/mask>] The source IP address and subnet mask (in CIDR). That is where the traffic originated from.
[dst <destination IP/mask>] The destination IP address and subnet mask (in CIDR). That is where the traffic is destined
to.
[proto {tcp|udp|<protocol The protocol to match. Specify TCP, UPD, the protocol number.
#>}]
[port <port>] The destination port or port range. If specifying a port range, include a dash between the
two ports.
[dscp <dscp>] The Differentiated Services Code Point (DSCP) ToS marking type for prioritizing traffic.
Valid values include 0-63.
[action {A|F|D}] The action taken for the rule.
Options Description
A Traffic is compressed and accelerated.

F Traffic is simply forwarded (bridged) across the WAN with no
acceleration.
D Traffic is dropped and not sent across the WAN.
[class <class-name>] The name of the traffic class.

Example 1
This example accelerates traffic originating from 10.40.90.10 destined to 10.40.10.20 on port 80 with a DSCP
TOS marking of 20.
set Acceleration/Rule/1 src 10.40.90.10/32 dst 10.40.10.20/32 proto tcp port 80 dscp 20 action A
Example 2
This example accelerates traffic originating from 10.40.90.10 destined to 10.40.10.20 on any port with a DSCP
TOS marking of 20.
set Acceleration/Rule/1 src 10.40.90.10/32 dst 10.40.10.20/32 proto tcp dscp 20 action A
 Notes:
 To display all configured traffic rules, type show Acceleration/Rule. To display a specific rule
type, show Acceleration/Rule/<#>. Replace the <#> with the appropriate number.

5.7 Traffic Shaper

Traffic shaping ensures that mission-critical information is prioritized and allocated the necessary bandwidth.
Use the traffic shaper to create traffic classes that are used by the traffic shaper rules. Each traffic class
configured includes the name of the class, and the assigned Type of Service (ToS). These traffic classes are then
used with the traffic shaper rules to guarantee a specified minimum bandwidth (by percent) to defined
applications or dataflows.
Keep the following in mind while creating traffic classes and traffic shaper rules:
A single traffic class consists of the following:
 The Bandwidth settings
Use the Bandwidth Settings details to indicate the maximum WAN outbound transmission rate. This
should be the actual size permitted by the WAN connection. If you specify a rate that is lower than the
maximum available bandwidth, all outbound traffic will be limited to that lower rate. If you specify a
rate that is higher than the maximum, then the guaranteed bandwidth may not be achieved when the
network is congested.
 Select Rate – For configuring the maximum WAN outbound transmission rate. From the pull-down
menu, select T1, T2, T3, T4 or Custom.
If you select custom, the WAN Transmit Rate and Units fields become active.
 WAN Transmit Rate - (For custom rate only) For indicating the transmission capacity you want to
apply.
 Unit - (For custom rate only) For indicating the unit of measure. From the pull-down menu, select:
kilobits, megabits, or gigabits per second.
 Traffic Classes:
 Class - The name for the class. Click the field and enter the name you want to use to designate this
class. This name must be unique within each Traffic Shaper table.
When you create a new traffic shaper rule, the Rule List includes the first Traffic Class defined in the
Traffic Class field here. You can simulate the behavior of a default traffic class, by providing the
default values you want in the first traffic class you create and naming it Default.
 Guaranteed Bandwidth - The minimum bandwidth allocated to the traffic class, indicated as a
percentage of the total available bandwidth (specified as Select Rate, above). The minimum is 1.
The default is 1.
 Notes:
 A maximum of ten traffic classes are allowed.
 Each traffic class is allocated the guaranteed minimum bandwidth configured. For example, high
priority traffic cannot have 100 percent of the bandwidth if low priority traffic is present and
guaranteed 10 percent. In that case, high priority traffic can only use 90 percent of the
bandwidth.
 If a traffic class is used in two or more traffic shaping rules, the guaranteed bandwidth is shared
among all of the traffic shaping rules that use that traffic class.
 If there is unused bandwidth on channel, the bandwidth is made available to other traffic
channels on a pro-rata basis. The sum of the bandwidth settings do not have to equal 100%,
although it cannot exceed 100%.
Refer to the following information for creating, editing, deleting, and changing the order of traffic rules.

 GUI
To manage traffic rules:
2. Under the Acceleration navigation tab, click Traffic Shaper.
3. Under Bandwidth Settings, provide the appropriate information:

Select Rate – The maximum WAN outbound transmission rate.. From the drop down box, select custom,
T1, T2, T3 or T4. If you select custom, the WAN Transmit Rate and Units fields become active
WAN Transmit Rate - (For Custom rate only) Enter the transmission capacity you want to apply.
Unit - (For Custom rate only) From the pull-down menu, select the unit of measure: kilobits, megabits,
or gigabits per second.
4. Under Traffic Classes, perform the appropriate action:
 To create a new rule, click New and fill in the appropriate information for the row that appears
at the bottom of the Traffic Classes list. Refer to the table on the next page for additional
information.
 To edit a rule, click the field you want to edit and make your changes.
Option Description
Bandwidth Settings
Select Rate Custom, T1, T2, T3 or T4

WAN Transmit Configures the WAN outbound rate specified in kilobits, megabits, and gigabits per second.
Rate
Unit Units. Selections include: kb/s, Mb/s, Gb/s, Tb/s.
Traffic Classes
Class Type the name you want to use to identify this traffic class.
Guaranteed To ensure that adequate bandwidth is available for mission-critical applications and to limit
Bandwidth bandwidth for less important traffic that could cause WAN congestion, configure each traffic
class can to receive a guaranteed a minimum percentage of bandwidth. The default is 1%.


9. To permanently save changes so that they remain persistent after a reboot:
a. At the bottom of the window, click the hot link Click here to go to save configuration to automatically
navigate to the Configuration page.
b. Under Save Configuration, click the Save to Startup Configuration button.

 CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure traffic classes to use
with the traffic shaper rules.
Syntax
To enable traffic shaping in the aCelera:
set acceleration/trafficshaper/enabled [yes|no]
Select yes to enable use of the traffic shaper rules.
Syntax
To configure the WAN transmission rate, in bytes per second:
set wantxratelimit <xxxx>
Syntax Description
xxxx An argument in bps. For example, the value of 1.54 Mbps should be provided as 1540000
To create traffic shaping classes as percentages of the total WAN bandwidth:
Syntax
set shaping/class/<x> minbw <percentage> name <abc>
Syntax Description
x The traffic class number, starting at 1. For each new traffic shaping class created, increment
this number by 1.
percentage The percent of guaranteed minimum bandwidth for this class of traffic (from 1% to 100%.).
The default is 1%.
abc The name assigned to the traffic class.
Example 1
This example show how to set a class abc with 75% min bandwidth.
set shaping/class/1 minbw 75 name abc

5.8 Traffic Shaper Rules

Traffic Shaper Rules guarantee a specified level of performance to defined applications or dataflows by allocating
bandwidth to that traffic according to requirements at the source, configured in the associated traffic class.
Use the information below to create rules that meet your organization’s needs. Keep the following in mind while
creating traffic shaper rules.
 The order of the rules on the Rule List determines how traffic is matched and processed. Rules are
processed in from top to bottom, in numerical order. When you are working with traffic shaper rules for
a template, you can reorder the rules with the “Move Up” and “Move Down” arrows.
 A single traffic rule consists of the following:
- A number used to indicate the order in which rule is applied.
- Matching criteria for the rule which consists of:
 Source IP: The IP address/netmask from which the request is initiated.
 Destination IP: The IP address/netmask designated to receive the request initiated by the
source.
 Protocol: Select one of the following from the drop-down menu: Any, TCP, UDP, or Other.
 Port: A single destination port or port range. When specifying a range, include a dash between
the ports (for example 23-25). Select the appropriate protocol from the drop-down list. The
protocol entry affects the port entry.
 TOS: The Differentiated Services Code Point (DSCP) Type of Service (ToS) marking for
prioritizing traffic. Select the appropriate marking from the pull-down menu.
 Traffic Class: Created by the Traffic Shaper (see Traffic Shaper).
 If a rule includes multiple conditions, all conditions must be met or the rule is not applied.
 Once traffic is matched to a rule, no further traffic shaper processing is done.
 If 100% of the bandwidth is not allocated, the unallocated amount is divided equally among the defined
Traffic Classes and undefined traffic (traffic that does not match any of the traffic shaper rules).
 If 100% of the bandwidth is allocated, undefined traffic is only sent when bandwidth is available.
 Notes:
 A maximum of 32 traffic shaper rules are allowed.
 Traffic shaper rules always include a traffic class. Before creating a traffic shaper rule, verify
that at least one traffic class is defined.
To create a traffic class, see Traffic Shaper on page 76.
Refer to the following information for creating, editing, deleting, and changing the order of traffic shaper rules.

 GUI
To manage traffic shaper rules:
2. Under the Acceleration navigation tab, click Traffic Shaper Rules.
3. The Traffic Shaper Rules page displays:
 All user-defined rules
 The Final Rule to which traffic not matching any user-defined rule is matched to and processed
by.
4. Under General, check the Enabled check box to allows the aCelera to treat packets differently based on
certain criteria.
5. Under Rule List, perform the appropriate action:

 To edit an existing rule, click on the desired rule, and then click Edit to make the appropriate
changes from the Traffic Rule Editor. Refer to the table on the next page for additional
information.
 To change the order of rules, use the arrows on the Rule List: Move Up and Move Down arrows.

 To add a new rule, click a button on the Rule List: Insert Before or Insert After.
The Traffic Rule Editor is displayed.
Option Description
Matching Criteria
No The table entry number used to identify the rule. The number is automatically generated when
a new row is created.
Source IP The IP address/netmask from which the request is initiated. Select one of the following from
the drop-down menu:
 If Any is selected, the rule will be matched to any source IP address. (Default)
Destination IP The IP address/netmask designated to receive the request initiated by the source. Select one of
the following from the drop-down menu:
 If Any is selected, the rule will be matched to any destination IP address. (Default)
Protocol The IP protocol to match to the rule. Select one of the following from the drop-down list: Any,
TCP, UDP, or Other.
 If Any is selected, the rule will be matched to any protocol. (Default)
 If TCP is selected, the Protocol Number field is automatically set to 6 and not user-
modifiable. All TCP traffic will be matched to the rule.
 If UDP is selected, the Protocol Number field is automatically set to 17 and not user-
modifiable. All UDP traffic will be matched to the rule.
 If Other is selected, the Protocol Number field becomes editable. Type in the
appropriate protocol number. Use a space between each protocol entry.
Destination Port Matches the destination port or port range to the traffic rule. When specifying a range, include
a dash between the ports (for example 23-25). Select the desired protocol from the drop-down
list. The protocol entry affects the port entry. Select one of the following from the drop-down
menu.
 If Any is selected, the Port field is not user-modifiable and any destination port will
be matched to the rule. (Default)
 If Specified is selected, the Port field becomes modifiable. Type in the appropriate
port number or port range.
Note: If Protocol is set to Other, the Port field is disabled and contains a value of Any, which
indicates any port will be matched to the rule.
TOS Matches the Differentiated Services Code Point (DSCP) ToS marking of the traffic. Select the
appropriate marking from the pull-down menu. Valid markings include 0-63.

Option Description
Traffic Class Displays the name of the traffic class associated with the rule. Note: Currently, there is only one
traffic class (labeled Default) and all traffic is associated with it.
11. Click Save Configuration Changes at the bottom of the page.
13. To permanently save changes so that they remain persistent after a reboot:
a. At the bottom of the window, click the hot link Click here to go to save configuration to automatically
navigate to the Configuration page.
b. Under Save Configuration, click the Save to Startup Configuration button.
 CLI
set shaping/rule/<x> src <source ip address> dst <destination ip address> proto <a> port <b> dscp <c> class
<def>
<#> The traffic class number created earlier with the command:
set shaping/class/<#>
src <source ip address> The IP address from which the request is initiated. Provide the appropriate IP address and
subnet mask in the IP Address/Subnet Mask fields in the format:
x.x.x.x/y
y indicates the subnet mask (/24 by default)
Note: Make sure to include the slash (/).
dst <destination ip The IP address designated to receive the request initiated by the source. Provide the
address> appropriate IP address and subnet mask in the IP Address/Subnet Mask fields in the format:
x.x.x.x/y
where y indicates the subnet mask (/24 by default)
proto <a> The IP protocol to match to the rule.
 If TCP, proto tcp
 If UDP, proto udp
port <b> The destination port or port range. When specifying a range, include a dash between the ports
(for example 23-25).
dscp <c> The Differentiated Services Code Point (DSCP) ToS marking of the traffic. Valid markings are
from 0 throug 63.
class <def> The name of the traffic class associated with the rule.
Example 1
This example sets shaping rule for traffic originating from 10.40.90.10 destined to 10.40.10.20 on port 80 with a
DSCP ToS marking of 20 for class abc.
set shaping/rule/1 src 10.40.90.10/24 dst 10.40.10.20/32 proto 6 port 80 dscp 20 class abc
Example 2

This example sets the shaping rule for traffic originating from the 10.40.90.xx subnet with a destination of any
port on 10.40.10.xx with class abc.
set shaping/rule/1 src 10.40.90.00/32 dst 10.40.10.00/32 class abc
 Notes:
 To display all configured traffic rules, type show Acceleration/Rule. To display a specific rule
type, show Acceleration/Rule/<#>. Replace the <#> with the appropriate number.

Section II Administration and Status Functions
In this section
 Chapter 6: Administration Functions

 Chapter 7: Status Functions

S E C T I O N II: ADMINISTRATION AND STATUS FUNCTIONS

Chapter 6 Administration Functions
This chapter describes the various general administration functions including rebooting and shutting down the
appliance, changing passwords, managing configuration files, software updates, log files, and running diagnostics.
6.1 General Administration Commands

Use the options in this section to reboot the appliance, shut down the appliance, clear acceleration history, and
clear the configuration file.
6.1.1 Rebooting the aCelera

Use this option whenever the appliance needs to be rebooted. If you have made any configuration changes, make
sure you have first applied and then permanently saved them, otherwise they will be lost.
 GUI
To reboot the appliance:
1. Click the Administration menu bar item.
2. Under the Administration navigation tab, click System.
3. Under System, click Reboot aCelera.
 CLI
From the advanced level (Array-Networks-adv#), use the following command to reboot the appliance:
Syntax
reboot
 Notes:
 If you have made any configuration changes, make sure to issue both the config apply and
config save commands before shutting down the appliance. If not, any configuration changes
you made will be lost.
 After typing the reboot command and pressing enter, the following message is displayed:
Are you sure you want to reboot the system? [yes/no] n
Press y to continue. The following message is then displayed:
It may take up to 5 minutes to bring the system down.
 The reboot command shuts down the system and will cause all in-flight traffic to be interrupted.
While waiting for the appliance to reboot, the CLI command line prompt is displayed and is
accessible to the user. Do not attempt to issue CLI commands while the system is rebooting.
Also, do not attempt to close a Telnet session while the appliance is rebooting.
6.1.2 Shutting Down the Appliance

Refer to the instructions below if it is necessary to shut down the appliance.

C H A P T E R 6: ADMINISTRATION FUNCTIONS
 Note: If you have made any configuration changes, make sure you have first applied and then permanently
saved them, otherwise they will be lost.
 GUI
To shut down the appliance:
3. Under System, click Shutdown aCelera.
 CLI
From the advanced level (Array-Networks-adv#), use the following command shut down the appliance.
Syntax
shutdown
 Notes:
 If you have made any configuration changes, make sure to issue both the config apply and
config save commands before shutting down the appliance. If not, any configuration changes
you made will be lost.
 After typing the shutdown command and pressing enter, the following message is displayed:
Are you sure you want to shutdown the system? [yes/no] n
Press y to continue. The following message is then displayed:
It may take up to 5 minutes to bring the system down.
6.1.3 Clearing Acceleration History

The appliance stores a history of traffic patterns on disk to provide acceleration without having to retransmit
previously transmitted data. Over time, the greater the store of traffic patterns on disk the lower the chance of
having to transmit data and therefore a lower WAN link usage and greater acceleration. The history store
persists across reboots and if a remote peer is no longer communicating with this appliance.
Clearing the history store clears the disk of all the traffic patterns that have been accumulated. Once the history
clear operation has completed, the appliance will start building a new history store automatically.
 GUI
To clear acceleration history:
3. Under System, click Clear Acceleration History.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to clear the appliance’s
acceleration history and optionally increases the size of the disk.
Syntax
historyclear [resize]
[resize] is an optional argument that also permits the history disk to be resized after the history store has been
cleared.
Argument Description
resize An optional argument that also permits the history disk to be resized after the history
store has been cleared.
Note: The procedure for resizing the history disk is covered in the installation guide.
To resize the disk you shutdown the virtual machine, update the size of the disk, and
then restart.
 Notes:
 Clearing the history requires acceleration to be enabled and at least one peer connected to the
appliance in an acceleration state.
 Although clearing acceleration history is issued between active peer-to-peer connections, it is
advisable not to clear the history when there is a high demand of accelerated traffic flowing
between connected peers. Array Networks recommends clearing the history when this is little
or no traffic accelerating between connected peers.
6.1.4 Resetting the Configuration to Factory Defaults

Use the information below to reset the configuration to the factory default settings Keep in mind that when you
reset the configuration to the factory default, you lose all or most of your saved configured settings depending on
how the command is issued. Resetting the configuration via the GUI resets all settings; resetting the
configuration via the CLI can rest all settings or all setting except those listed below. As a precautionary measure,
you should back up your current configuration by uploading the file to the location of your choice. See Backing
Up Configuration Files to Disk on page 95 for additional information.
 GUI
To reset the configuration to factory default:
3. Under System, click Reset Configuration.

4. From the confirmation dialog box, click OK to proceed.

 Note: Once the configuration is reset to factory default, the aCelera is not accessible via the GUI until the
appropriate network settings have been reconfigured via the CLI setup wizard.
 CLI
The CLI has two modes for resetting the configuration to the factory default. The default mode retains the
appliance’s network and password settings whereas the “all” mode clears all settings to factory default.
From the advanced level (Array-Networks-adv#), use the following command to reset the configuration to
factory default.
Syntax
config reset [all]

Example 1
The following example resets the configuration settings to factory defaults but maintains the current passwords
and the following network and device settings that are configured via the set command: appliance’s IP address
(Address), the subnet mask (SubnetMask), the gateway address (Gateway), the domain name (DomainName),
the addresses of each configured DNS server (DnsAddress), the hostname (HostName), configured static routes
(NetworkRoutes), and the deployment mode (Deployment/Device).
config reset
Example 2
The following example resets all configuration settings to factory defaults.

config reset all

6.1.5 Changing Passwords

Network administrators can configure passwords that allow and restrict access to the various configuration and
informational items available. There are two privilege levels. The view level (referred to as the Viewer level in
the GUI) allows users to view settings while the advanced level (referred to as the Admin level in the GUI) allows
users to edit configuration settings. Assigning passwords can only be set at the advanced privilege level. We
recommend you change the default passwords that were originally configured for the CLI's privilege levels and
assign a different password to each level.
 Note: Password changes take effect immediately. Applying and then permanently saving the settings are not
required for passwords to take effect and remain persistent after a reboot.
 GUI
To change passwords:
2. Under the Administration navigation tab, click Password.
3. Refer to the following table for the available password options.
Option Description
Viewer Configures a new password for the Viewer level. The Viewer level allows the user to use all status and
Password diagnostic functions accessible from the Home menu bar item. Through the Viewer level, the user can
also view all items accessible from the Setup menu bar item but cannot make any changes. When in
Viewer level, the Administration menu bar item and the items associated with it are not displayed.
Click Set Viewer Password to open the dialog box. Type the new password. Re-type the new
password in the field provided. Click OK when finished.
Admin Configures a new password for the Admin level. All items are available from the Admin level.
Password Click Set Admin Password to open the dialog box. Type the new password. Re-type the new password
in the field provided. Click OK when finished.
 CLI
From the advanced level (Array-Networks-adv#), use the following commands to change passwords:
Syntax Description
set pass view Assigns password to the view level. Default is 1234
set pass adv[anced] Assigns a password to the advanced level. Default is 123456
1. After issuing either of these commands and pressing enter, you are prompted to type in the new password.
2. After entering a password, you are prompted to confirm the password by retyping it.
Example
To assign a password, follow the steps below. The following provides an example for assigning the password
q07o8d302 to the advanced level. The actual password is not displayed on the screen.
Array-Networks-adv# set pass adv

Type in New password:q07o8d302
Confirm New password:q07o8d302
6.2 Managing Configuration Files

Configuration files are files that contain the various settings that are configured for the appliance. The appliance
may contain multiple configuration files as described below. The following types of configuration files are stored
on the aCelera:
Configuration File Type Description
Default The original configuration file shipped with the aCelera. This file contains the factory
default settings and is not visible. This file can be restored if necessary.
Startup Contains the permanently saved settings that are in place each time the aCelera
boots.
Backup The aCelera may also contain any number of backup configuration files.
In addition to stored configuration files, a temporary configuration file may also exist. This temporary file
contains settings that have been modified during the current CLI or GUI session and have been applied but not
permanently saved. These settings will not remain after the aCelera is rebooted. If not permanently saved, the
settings in the startup configuration file will be in effect after the aCelera reboots. This temporary file is referred
to as the “running” or “applied” configuration file. If permanently saved, these settings will become part of the
startup configuration file.
Use the information found in this section to:
 Permanently save changes to the startup configuration
 Restore the startup configuration
 View the settings of the running configuration
 View the settings of the startup configuration
 Compare configuration files
 Note: The startup configuration file is displayed as “startup-config” via the CLI and “config.save” via the GUI..
6.2.1 Permanently Save Settings to the Startup Configuration

The startup configuration file is the file that is loaded when the appliance is booted. This command permanently
saves any configuration updates that have been applied. Any changes you make become a permanent part of the
configuration even after rebooting the appliance.
 GUI
To permanently save configuration changes:
2. Under the Administration navigation tab, click Configuration.

 CLI

From the advanced level (Array-Networks-adv#), use the following command to permanently save configuration
settings:
Syntax
config save
6.2.2 Restoring the Startup Configuration

This option restores the configuration settings that were in effect when the appliance was booted. Refer to the
following information to quickly clear all changes that have been applied but not permanently saved.
 GUI
To restore the startup configuration:
3. Under Save Configuration, click Restore Startup Configuration.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to restore the settings that were in
effect at startup:
Syntax
config restore
6.2.3 Viewing the Running Configuration

The running configuration refers to the configuration that contains unmodified settings as well as modified
settings that have been applied but not yet permanently saved. The GUI and CLI allow you to view settings that
have been modified and applied for the running configuration.
 GUI
To view the running configuration:
3. Under View Configuration, click View Running Configuration. The contents of the file containing both
unmodified and modified changes are displayed. When this option is selected, a window is displayed
containing the contents of the running configuration.
4. To search for an item or items, can either scroll through the window or type the desired text string in the
area provided, and then click Go. All items matching the search string are highlighted.
5. To clear the search string, click Reset.

 CLI
From the advanced level (Array-Networks-adv#), use one of the following options with the show command to
view applied configuration settings. Only those settings that have been applied but not permanently saved are
displayed.
Syntax
show {running-config|run}
Sample Output
aCelera-adv# show run

set Address 10.10.20.10
cdb set config/CmsUpdateStage 0
set Gateway 10.10.20.1
set HostName aCelera
cdb set config/cms/CMSRegister 1
set cms/address 10.10.20.20
set cms/enabled yes
set deployment/device inline
6.2.4 Viewing the Startup Configuration

The GUI and CLI allow you to view settings of the configuration file that was in place when the appliance started
up.
 GUI
To view the startup configuration:
3. Under View Configuration, click View Startup Configuration. When this option is selected, a window
is displayed containing the contents of the startup configuration.
4. To search for an item or items, can either scroll through the window or type the desired text string in the
area provided, and then click Go. All items matching the search string are highlighted.
5. To clear the search string, click Reset.
 CLI
From the advanced level (Array-Networks-adv#), use one of the following options with the show command to
view applied configuration settings.
The config display command displays the saved settings for the specified configuration file. The settings that are
displayed are those that were configured via the CLI (via the “set” command) as well as those settings that have
been configured in the internal configuration database (via the “cdb set” command).
Syntax
config display <file>

Example

config display startup-config

Sampe Output (partial display)
set IcmpEchoReply 1
set IcmpRedirect 1
set LogLevel 4
set NetSyslog/Enabled 0
set NetSyslog/Facility 1
cdb set config/MaxFpProxyFlowOvr 25000
cdb set config/MaxProxyFlowPadPct 0
cdb set config/MaxProxyFlowsOvr 0
6.2.5 Comparing Configurations

Using this option, you can compare a side-by-side comparison of the settings that have been permanently saved
and those that have been applied but not yet saved. Differences between applied and saved changes are
highlighted. Comparing configuration files can only be done from the GUI.
 GUI
To compare configuration files:
3. Under View Configuration, click Compare Configurations.
4. The Compare Configuration window displays a side-by-side comparison of the Applied Configuration
(settings that have been applied but not permanently saved) and the Saved Configuration. Differences
between settings will be indicated by a highlighted line. To search for additional information, type in a
text string, and then click Go. Any text matching the setting will be highlighted in yellow. To clear the
text search, click Reset.
6.2.6 Backing Up Configuration Files to Disk

Use the information below to make backup copies of saved configuration files:
 GUI
To backup configuration files:
2. From the navigation panel, click Configuration under the Administration tab.

3. Under Backup and Restore Configuration to Disk, type the name of the configuration file in the
Filename field, and then click Backup. The backup copy will be displayed in the Configuration Files
section.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to backup configuration files:
Syntax
Array-Networks-adv# config put <file> <protocol>://[<username>:<password>@]<server>/<path>

[/<new_filename>]
Syntax Description
<file> The name of the configuration file to backup.

<protocol> Valid protocols include FTP, HTTP, or SCP (Secure Copy). Notes: If SCP is used, the user must have
SSH set up on the server and have a user account password. SCP does not support specifying the
password on the command line. Supported URL formats include the following:
ftp://<server>/<path>[/<new_filename>]
ftp:// <username>:<password>@<server>/<path>[/<new_filename>]
ftp://<username>@<server>/<path>[/<new_filename>]*
http://<server>/<path>[/<new_filename>]
http://<username>@<server>/<path>[/<new_filename>]*
http://<username>:<password>@<server>/<path>[/<new_filename>]
scp://<username>@<server>/<path>/<filename>*
<username> Optional user name that when configured, must be used to access to the location. May be used in
password.
<password> The password that restricts access to the server. Only needed if required by the server. If required, the
password must be proceeded by the user name and a colon (:) and followed by an ampersand (@). If a
password is not specified, a prompt appears requesting a password. Note: If using SCP, the password
cannot be specified on the command line; it can only be specified after being prompted to enter one.
<server> The IP address of the server or host name on which the configuration resides.
<path> The path where the configuration resides. Note: If FTP or HTTP is used, only relative pathnames are
[<new_filename>] Optional. Renames the configuration being uploaded to the user-specified name.
Example 1
The following example uploads the file "myconfig" (via FTP) to location "configs" on 10.10.20.10 using username
"array-networks" and password "xyz" and assigns the file the name "config1."
config put myconfig ftp://array-networks:xyz@10.10.20.10/configs/config1
Example 2
The following example uploads the "myconfig" (via HTTP) to location "files" on 10.10.20.10.
config put myconfig http://10.10.20.10/files
Example 3

The following example copies the most recently saved configuration file to “myconfigfile”. This provides a useful
recovery mechanism in cases where you have made significant changes to the configuration file but may want to
revert back to the earlier file.
config save myconfigfile
6.2.7 Uploading Configuration Files onto the Appliance

Use the information below to load configuration files from the local PC onto the appliance.
 GUI
To upload files onto the appliance:
3. Under Backup and Restore Configuration, locate Upload Configuration from Local PC and type the
name and path of the file in the File Location or click Browse to locate the file.
4. Click Upload. The backup copy will be displayed in the Configuration Files. Once uploaded, it can be
applied as described in the following section.
 CLI
From the advanced level (Array-Networks-adv#), use the following commands to upload configuration files onto
the appliance.
Syntax
config get <protocol>://[<username>:<password>@]<server>/<path>/<filename>
<protocol> The protocol used to download the configuration file. Valid protocols include FTP, HTTP, or SCP
(Secure Copy). Notes: If SCP is used, the user must have SSH set up on the server and have a user
account password. SCP does not support specifying the password on the command line.
Supported URL formats include the following:
ftp://<server>/<path>/<filename>
ftp://<username>:<password>@<server>/<path>/<filename>
ftp://<username>@<server>/<path>/<filename>*
http://<server>/<path>/<filename>
http://<username>@<server>/<path>/<filename>*
http://<username>:<password>@<server>/<path>/<filename>
password.

<password> The password that restricts access to the server. Only needed if required by the server. If
required, the password must be proceeded by the user name and a colon (:) and followed by an
ampersand (@). If a password is not specified, a prompt appears requesting a password. Note: If
using SCP, the password cannot be specified on the command line; it can only be specified after
being prompted to enter one.
<server> The IP address of the server or DNS name (if configured on the network) on which the
configuration resides.
<path> The path where the configuration resides. Note: If FTP or HTTP is used, only relative pathnames
are supported; for SCP, the specified pathname must be an absolute pathname.
<filename> The name of the configuration file to be downloaded.
Example 1
The following example downloads the configuration file "updated_config" (via FTP) from location "configs" on
10.10.20.10 using username "array-networks" and password "xyz".
config get ftp://array-networks:xyz@10.10.20.10/configs/updated_config
Example 2
The following example downloads the configuration file "updated_config" (via HTTP) from location "config_files"
on 10.10.20.10.
config get http://10.10.20.10/config_files/updated_config
6.2.8 Applying Configuration Updates

Applying an update immediately updates the configuration file with any changes you made. These changes are
only valid until the appliance is rebooted. If the system is rebooted, any changes you made will be lost unless you
also permanently save the changes.
 GUI
To apply an update:
3. Under Backup and Restore Configuration, select the file you want to apply (in the following example,
config.save), and then click Apply.

5. Once the configuration file has been applied, it replaces the existing configuration and its settings will
remain in effect until the appliance is rebooted. To permanently save these settings so they remain in
effect even after a reboot, click Save to Startup Configuration.
 CLI
From the advanced level (Array-Networks-adv#), use the following command to apply changes to the running
configuration file:
Syntax
config load sample_config
config apply
6.2.9 Deleting Configuration Files

Use these options to delete all configuration files or the specified file. Once a file is deleted, there is no way to
recover the file. This command does not delete the startup configuration file.
 GUI
To delete a configuration file:
3. Under Backup and Restore Configuration, select the desired file (in the following example,
config.full), and then click Delete.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to delete configuration files. When
the command is issued, a prompt appears asking if you want to delete the specified file or all files if no filename
is specified.
Syntax
config delete <file>
Example
The following example deletes the configuration file named “old-config-file” from the appliance.
config delete old-config-file

6.2.10 Displaying Unapplied Configuration Changes

The CLI provides two commands for displaying all changes that have been made but not yet applied via the
config apply command. Use either config unapplied or show changes to display unapplied changes. If all
changes have been applied via config apply, a message stating that all configuration changes have been applied is
displayed.
 Note: The show changes command can be run from either privilege level while the config unapplied
command can only be run from the advanced level.
Syntax
config unapplied
show changes
Sample Output
set config NtpEnabled yes

set config WanTxMTU 1400
6.2.11 Listing All Configuration Files on the Appliance

Both the GUI and CLI contain a mechanism to list all configuration files stored on the appliance. This information
includes the software version, build number (CLI only) each configuration file was created with, the size of the
file, the date and time it was created, and the name of each configuration file.
 GUI
To list all configuration files:
3. All files on the appliance are listed in the Configuration Files table under Backup and Restore
Configuration. For each file, the name, date, and size are displayed.
 CLI
From the advanced level (Array-Networks-adv#), use the following command to display a list of configuration
files:
Syntax
config list
Sample Output
RO-adv# config list

Software-Version Size Date Time Name

3.3.1.0 Build41 16.1k 2009-09-30 15:04 config-3.3.1

3.5.0.0 Build202 16.1k 2010-01-05 12:03 startup-up config
6.2.12 Displaying the Contents of a Configuration File

The CLI provides the config display command to display the saved settings for the specified configuration file.
The settings that are displayed are those that were configured via the CLI as well as those settings that have been
configured in the internal configuration database.
Syntax
config display <file>

Example
The following example displays the contents of the file named “startup-config”.
config display startup-config
Sample Output
The following is a portion of a sample configuration file.
config/Address "10.10.20.6”
config/CACertificate "array-networks-ca"
config/Certificate "system"
config/DnsAddress "10.10.20.2 10.10.10.4"
config/DomainName "0"
config/Gateway "10.10.20.1"
6.3 Managing Software

Whenever software updates are available from Array Networks, the following commands are available for
updating the software on the appliance. These commands are only accessible from the advanced level.
6.3.1 Uploading Software Updates onto the Appliance

Use the information below to upload software updates onto the appliance. Once the image is loaded onto the
appliance, it can then be installed.
 GUI
To upload files onto the appliance:
2. Under the Administration navigation tab, click Software.
3. Under Upload Software from Local PC, type the name and path of the file or click Browse to locate the
file, and then click Upload. The software update will be displayed in the Software Files table.


 CLI
From the advanced level (Array-Networks-adv#), use the following commands to upload software files onto the
appliance:
Syntax
update get <protocol>://[<username>:<password>@]<server>/<path>/<file>
Parameters
<protocol> Valid protocols include FTP, HTTP, or SCP (Secure Copy). Notes: If SCP is used, the user must have SSH
set up on the server and have a user account password. SCP does not support specifying the password
on the command line. Supported URL formats include the following:
ftp://<server>/<path>
ftp://<username>:<password>@<server>/<path>
ftp://<username>@<server>/<path>*
http://<server>/<path>
http://<username>@<server>/<path>*
http://<username>:<password>@<server>/<path>
password.
<password> The password that restricts access to the server. Only needed if required by the server. If required, the
<server> The IP address of the server or the host name on which the file resides.
<path> Note: If FTP or HTTP is used, only relative pathnames are supported; for SCP, the specified pathname
must be an absolute pathname.
<file> The name of the file to download.
Example
The following example uploads the software update "aCelera-4.2.3-Release.upg" (via FTP) located in "software"
on 10.10.20.10 using username "array-networks" and password "xyz" onto the appliance.
update get ftp://array-networks:xyz@10.10.20.10/software/aCelera-4.2.3-Release.upg
6.3.2 Viewing Software Update Files Stored on the Appliance

Use the instructions below to list all software updates that are stored on the appliance. Information includes the
size and name of each file as well as the date and time each file was downloaded. If there are no update files on
the appliance, the Size, Date, Time, and Name fields display no information.
 GUI
To view software update files:

3. All files on the appliance are listed in the Software Files table. For each file, the name, version,
date/time, and size are displayed.
 CLI
From the advanced level (Array-Networks-adv#), use the following command to view a list of software files:
Syntax
update list
Sample Output
Size Date Time Name

28M 2009-04-03 12:51 aCelera-3.3.2.0-Release.upg
28M 2009-04-01 17:37 aCelera-3.5.0.0-Release.upg
6.3.3 Viewing Software File Information

Use the following commands to display information about the software files that are on the appliance. Displays
the following information for the selected software update file: software version (Software Version), build
number (Build Number), any comments associated with the build (Build Comment), type of encryption used
(Encryption Type), type of signature used (Signature Type), type of release (Type), if a reboot is required
(Reboot Required), MD Checksum info (Md5sum), and the file size (Payload Size).
 GUI
To view software file information:
3. Click on the file you want to view in the Software Files table and then click View.
4. The information is displayed in the Software Details window. After viewing the software details, click
OK to close the window.

 CLI
From the advanced level (Array-Networks-adv#), use either command to view software details:
Syntax
update info <file> or update verify <file>

The filename is case-sensitive.
Sample Output
Array-Networks-adv# update info latest-upgrade

Software Version: 4.2.0
Build Number: 222
Build Comment: Official
Encryption Type: des3
Signature Type: none
Type: Release
Reboot Required: yes
Md5sum: 0x4895ceffba6b247c52fcf527fefb48d
Payload Size: 37806104 bytes
6.3.4 Applying a Software Update

Use the instructions below to update your appliance with the latest software file. Before installing the updated
software, you should disable acceleration. After installing the update, you will need to re-enable acceleration.
Instructions to disable acceleration and then re-enable acceleration are also included below.
 GUI
To apply a software update:

7. From the Software Files table, click on the file you want to apply, and then click Apply.

8. From the confirmation dialog box, click OK to apply the update and automatically reboot the aCelera.
During the update process, the aCelera is not accessible.
9. After updating all peer aCelera appliances, re-enable acceleration, by performing the following:


 CLI
From the advanced level (Array-Networks-adv#), refer to the following instructions to install and apply a
software update: This process will overwrite the existing software on the appliance with the new software. It
does not, however, overwrite the configuration file that contains your configuration settings.
 Notes:
 If you do not know the name of the update file, use the update list command on the next page.
 A software install can only be performed through the advanced access mode (Array-Networks-
adv#)
 Do not attempt to exit a Telnet session after starting the upgrade process.
To install a software update, perform the following steps:

1. Disable acceleration by typing set Acceleration/Enabled No.
2. Type config apply.
3. Type config save.
4. Type update install <file>.
5. Follow the instructions on the screen.
6. After updating all peer aCelera appliances, re-enable acceleration by typing:
 set Acceleration/Enabled yes
 config apply
 config save
6.3.5 Deleting Software Files

Use the information below to delete any software files that are no longer needed.
 GUI
To delete a software file, repeat the following steps for each file you want to delete.
3. From the Software Files table, click on the file you want to delete, and then click Delete.

 CLI
From the advanced level (Array-Networks-adv#), use the command to delete software files:
Syntax
update delete [<file>]

Deletes the specified file. If no filename is specified, all software update files are deleted.
6.4 Managing Log Files

Log files provide a mechanism for capturing information which can be used to monitor events and help
troubleshoot problems that might occur. Typically, log files are used by Array Networks Customer Support to
help identify and correct problems. Depending on the level of information that has been configured to be logged,
a log entry is written to the log file for each request, notification, status event that is generated. Information such
as critical events, standard informational events, and configuration changes made via the CLI or GUI may be
logged. The appliance can contain up to seven log files and can be configured to direct the local logs to specified
network servers.
6.4.1 Rotating Log Files

The appliance can store up to seven log files - the current file named "log" and previous versions labeled "log.1"
to "log.6", with the oldest being "log.6." Logs are normally rotated daily (at midnight). If the appliance currently
contains seven log files and logs are automatically rotated, the oldest log file (log.6) is removed from the
appliance and a new one is generated and named "log." The remaining log files are renamed. For example, the file
previously named "log" is now labeled "log.1" and the previous "log.1" becomes "log.2."
If the appliance does not currently contain seven log files when the logs are automatically rotated, no logs are
deleted. Whenever the current log file exceeds 2MB in size, logs are automatically rotated and a new log is
created. As previously explained, each remaining log is renamed. If the appliance is configured for network
system logging, log rotation will also occur on the specified network servers.
 GUI
To rotate log files:
2. Under the Administration navigation tab, click Logs.
3. Under Logs, click Rotate Logs.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to rotate logs:
Syntax
log rotate
Example 1
The following example rotates previously stored logs while generating a new log. The following example
illustrates a before and after scenario when issuing log rotate. Use log list to display the log file on the appliance.
log rotate
Before log rotate After log rotate
Size Date Time Name Size Date Time Name
200 Mar 21 16:44 log 245 Mar 22 17:34 Log

29.6k Mar 20 19:14 log.1 200 Mar 21 16:44 log.1
59 Mar 19 00:00 log.2 29.6k Mar 20 19.14 log.2
59 Mar 18 00:00 log.3 59 Mar 19 00.00 log.3
549 Mar 17 12:34 log.4 59 Mar 18 00.00 log.4
59.0k Mar 16 18:22 log.5 549 Mar 17 12:34 log.5
59 Mar 15 00:00 log.6 59.0k Mar 16 18:22 log.6
Example 2
The following example generates a new log while deleting all previously stored logs.
log rotate delete
6.4.2 Displaying a List of all Log Files

Use the information below to list all log files on the appliance. For each listed file, the size, date, time, and name
of the log file are displayed.
 GUI
To view a list of log files on the appliance:
Click the Administration menu bar item.
Under the Administration navigation tab, click Logs. All log files are listed in the table.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to display a list of log files on the
appliance:
Syntax
log list
Sample Output
Size Date Time Name
34K 2009-04-10 18:13 log
364 2009-04-09 21:17 log.1
58 2009-04-08 00:00 log.2
160 2009-04-07 18:49 log.3
160 2009-04-06 15:59 log.4
58 2009-04-05 00:00 log.5
58 2009-04-04 00:00 log.6
6.4.3 Displaying the Contents of a Log File

Use the information below to display the contents of log files. The information contained within the file provides
information that Array Networks Customer Support can use to troubleshoot problems that may occur. Log files
consist of a collection of messages that are generated when:
 Errors are encountered.
 Configuration changes have been made.
 The status of the appliance or its various connections change. Examples of status changes include when
the appliance or any of its connections enter an accelerating state or when log files are rotated.
Each message includes the:
 Date and time an event occurred.
 Severity of the message. Message severity types include notification messages, warning messages, and
critical messages.
 Internal component generating the message (for example, SYSTEM).
 Actual message describing the event.
 Note: The message also includes two additional fields that are currently reserved for future use.
 GUI
To view the contents of logs:
3. Under Logs, click on the log you want to view (in this example, logs.4)

4. From the Log Details window displays the date the log event occurred,

 CLI
From the advanced level (Array-Networks-adv#), use the following command to view the contents of a log file:
Syntax
log display [<log#>]

Syntax Description
Name Description
[<log#>] Indicates the log file to search. Valid values include:
Option Description
0 The current log file. (Default)

1-6 Previously generated log files.
Example
log display 1
6.4.4 Searching for Text within Log File

Use the information below to perform a case-insensitive search through a log file for specified text and display
the results on the screen. For example, you can display only log messages that contain the text string “reboot” or
only display warning messages by searching for “warn”. If the specified text string is not found, nothing is
displayed.
 GUI
To search for a text sting in a log:
3. Under Logs, select the log you want to view and then click View. The Log Details window appears.
4. In the Filter field, type in the text string you want to search for, and then click Go.
5. To update the filtered list, click Refresh. To clear the filtered list, click Reset to display all messages.
 Notes:
 To update the filtered list, click Refresh.

 To clear the filtered list, click Reset to display all messages.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to search for text within a log file:
Syntax
log grep "<text_string>" [<log#>]
Name Description
"<text_string>" Indicates the specified text string to search on. Quotes are required if whitespace is used.
[<log#>] Indicates the log file to search. Valid values include:
Option Description
0 The current log file. If not specified, the current log file is assumed. (Default)
Example
The following example searches for the text string “lease obtained” in the log.1 file.
log grep "lease obtained" 1
6.4.5 Displaying the Specified Number of Lines at the Tail End of a Log File
The CLI provides the log tail command that allows you to display a specified number of lines at the tail end of a
log file. Issue the following command from either the view level (Array-Networks>) or the advanced level (Array-
Networks-adv#):
Syntax
log tail [<n_lines> <log#>]

Syntax Description
[<n_lines>] Optional parameter. Indicates the number of lines that are displayed. Default is 10.
[<log#>] Optional parameter. Indicates the particular log file. Valid values include:
Option Description
0 The current log file. If not specified, the current log file is assumed. (Default)
Example
The following example displays 9 lines from log.2.

log tail 9 2
6.4.6 Writing Text to Logs

To aid in diagnosing issues that may occur, use the following command to add comments to the logs. If you are
reproducing an issue, use this command before and after the event to quickly help to identify the area of the logs
that are relevant to the issue.
Syntax

log write <message>>
Example
aCelera-RO-adv# log write Start download of test file
<Run test>
aCelera-RO-adv# log write Stop download of test file
aCelera-RO-adv# log tail
Thu 21-May-2009 17:36:16 [NOTIFY|AGENT_CLI:000] Start download of test file
<Results of test>
Thu 21-May-2009 17:44:29 [NOTIFY|AGENT_CLI:000] Stop download of test file
aCelera-RO-adv#
6.4.7 Testing Event Logging

The CLI provides a mechanism for testing event logging by generating a test message in the log file and if
network syslog is enabled, also generates network syslog messages to each configured network syslog server.
The test messages to the log file and network syslog server(s) are only generated if the specified log level name is
equal to or above the current configured log level via the set LogLevel command. After issuing the test syslog
command, use the log tail command to view the generated test on the appliance. If network syslog is enabled,
the network syslog message of each configured server will contain the same header information as the system-
generated network syslog message (for example, the facility, severity, and host name or, if no host name is
known, the IP address). Testing event logging can only be executed in the advanced level (Array-Networks-adv#).
Syntax
test syslog <loglevel_name>
where <loglevel_name> is trace, debug, test, info, notify, warning, error, critical, or fatal. These correspond to the log
level numbers specified via the set LogLevel command. See Error! Reference source not found. on page 错误！未定义书
签。 for additional information.
Example
The following example tests the ability to generate a log message for an error condition in both the appliance’s
log file and network syslog file.
adv# test syslog error
adv# log tail
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-XCSOCK:000] Created CCC LISTEN TCP connection to neighbor 192.168.1.100,
hS2WAN 0x14ed9e0,RcvPortNo 2631.
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-OSAL:000] [failed/2] MsgReader:: connection failed fd 32
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-OSAL:000] [on_socket_failed/2] connection failed or closed fd 32
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-OSAL:000] [failed/2] MsgReader:: close fd 32port 2631 ip 192.168.1.100
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-OSAL:000] [close/2] connection closed 32 ip 192.168.1.100 port 2631
Thu 03-Nov-2011 22:20:26 [WARN|S2-CONJURE:001] Bypassing traffic for con 1 ([name: BostonDC ip:
192.168.1.100 sn: 000000100108]): Detected Peers in overlapping subnets
Thu 03-Nov-2011 22:20:26 [NOTIFY|S2-CONJURE:001] Connection [1] [name: BostonDC ip: 192.168.1.100 sn:
000000100108] has transitioned to Accelerating.

Thu 03-Nov-2011 22:44:54 [NOTIFY|AGENT_CLI:000] User logged in successfully via Telnet (192.168.1.1)
Thu 03-Nov-2011 22:45:13 [ERROR|AGENT_CLI:000] Network syslog testing with level=error
Thu 03-Nov-2011 22:46:14 [ERROR|AGENT_CLI:000] Network syslog testing with level=error
This example assumes that the log level for the appliance is configured at the default level of 4 (notification level)
and the netsyslog facility is configured using the default of 1 (user). The sample output displays the message that
appears in the log on the appliance; the second message displays the message that is generated for each
configured server. To test if the appliance can generate an error condition if one is encountered, perform the
following steps:
 test syslog error

 log tail
 Note: No messages are displayed if you specify a level lower than the current configured log
level.
6.5 Uploading Log Files

Use the instructions below to upload logs to the specified location. If a problem occurs which requires help from
Array Networks Customer Support, the log file can be placed at the location specified by Array Networks
Customer Support. Uploading log files can only be done via the CLI.
Syntax
log put <log#> <protocol>://[<username>:<password>@]<server>/<path>/[<new_filename>]
Syntax Description
<log#> Indicates the log file to upload. Valid values include:
Option Description
0 The current log file. (Default)

<protocol> The protocol used to download the file. It can be FTP, HTTP, or SCP (Secure Copy). Notes: If SCP is used,
the user must have SSH set up on the server and have a user account password. Supported URL formats
include the following:
ftp://<username>:<password>@<server>/<path>[/<new_filename>]
scp://<username>@<server>/<path>[/<new_filename>]*

conjunction with a password. If no password is specified, include an ampersand (@) after the password.
[<password>] The password that restricts access to the server. Only needed if required by the server. If required, the
<server> The IP address of the server or host name on which the file resides.
<path> The path where the file resides. Note: If FTP or HTTP is used, only relative pathnames are supported; for
SCP, the specified pathname must be an absolute pathname.
[<new_filename>] Optional. Renames the log file being uploaded to the user-specified name.
Example 1
The following example uploads the current log file (via FTP) to "logs" on 10.10.20.10 using username "array-
networks" and password "xyz" and assigns the log file the name "DC_100505.log."
log put 0 ftp://array-networks:xyz@10.10.20.10/logs/DC_100505.log
Example 2
The following example uploads the second most-recent log file (via HTTP) to "logs" at arraynetworks.com.
log put 1 http://arraynetworks.com/logs/
Example 3
The following example uploads the oldest log file (via FTP) to "logs" on 10.10.20.10 using username "array-
networks" and password "xyz."
log put 6 ftp://array-networks:xyz@10.10.20.10/logs/
6.6 Managing Technical Reports

Technical reports contain internal data that can be used by Array Networks Customer Support to debug and
troubleshoot problems if they occur.
6.6.1 Creating Technical Reports

You can run tech-report to create a technical report at any time. Before you create the report, you can use tech-
trace to enable logging of aCelera software module data. You can then use tech-trace to write the information
that is subsequently collected in those logs to a file for inclusion in the report.
Once a report has been created, it remains on the appliance until you delete it. If you attempt to create a file using
a filename that already exists, a message is displayed stating that the file already exists and will not be
overwritten.
You can run tech-report from either the GUI or the CLI. tech-trace is accessible from the CLI, only.
 GUI
To create a report of configuration information and crash data:
2. Under the Administration navigation tab, click Diagnostics.
3. Under Tech Reports, type a name in the Name file, and then click Create Tech Report. The report is
displayed in the Tech Reports list.

 CLI
Use the following commands from the advanced level (Array-Networks-adv#).
6.6.1.1 Working with tech-report

To use tech-report to create a technical report of configuration information and crash data:
tech-report {create|generate} <file>
Where <file> is the name of the target file.
Example:
The following example creates a technical report named report1.tgz:
tech-report create report1.tgz
6.6.1.2 Working with tech-trace

Use tech-trace to start gathering trace information into logs. You can include enhanced information, if
appropriate. You can then use tech-trace to write the content of those logs to a file for inclusion in a technical
report generated by tech-report, and use tech-trace again to turn off trace logging.
Collecting Trace Information
To start gathering trace information generated from aCelera software modules:

debug s2 tech-trace on
 Note: tech-trace remains active until it is either turned off or the system is
rebooted.
Sample Output:
Welcome to S2 Management Console
s2>turn on traces (xc, cert, s2d)
cmd>> xc set loglevel 4
XC: loglevel set to [4]
cmd>> trace on
cmd>> gtrace init
started "/galaxy/var/gtrace"
cmd>> show cert traceon
set ssl trace on
Goodbye!
Collecting Enhanced Trace Information
To collect enhanced trace information:

debug s2 tech-trace adv

Sample Output:
s2>turn on traces (xc, cert, s2d, cap)
cmd>> cap add
Following capture filter was added:
Capture Filter 1
host 0.0.0.0
mask 0.0.0.0
port 0
subport 0
cap size unlimited
cmd>> trace on
cmd>> gtrace init
started "/galaxy/var/gtrace"
cmd>> show cert traceon
set ssl trace on
Goodbye!
Writing Trace Information to an Internal File
To write the accumulated trace information to an internal file:

debug s2 tech-trace dump
Sample Output:
s2>turn dump traces (trace, gtrace)
cmd>> gtrace dump
ok
cmd>> trace dump
Goodbye!
6.6.2 Using a Script to Collect Trace Information

Array Networks Customer Support may ask you to download and run a script to gather trace information for
Array Networks Customer Support use in debugging an issue. To download the script:
debug gets2scripts <url>
where <url> is an address provided by Array Networks Customer Support.
To run the script:
debug s2 tech-trace run <myCmds>
where <myCmds> is the name of the script.
Example:
You might download and run a script contains the following commands:

[root@localhost tmp]# more myCmds

xc config
s conn
The script returns the following configuration information (with data applicable to your configuration):
s2>==========:: batch :run xc config
NodeId 265
HistoryDir "/dev/sdd2"
MetaDir "/var/xcmeta"
BlockSize 1048576
ChunkSize 1024
CacheSize 3073
MainMemoryMB 5976
MaxFlows 3736
MaxBlocks 14107
SyncInterval 300
LogLevel 1
MaxOverlap 0
MaxOverlapFactor 2
CHET Mgr 1
CHET Mgr Timeout 50
Block Size 1049600
Block Actual 1050112
Compression Mode HC
==========:: batch :run s conn
S2FlowRec size: 1248, S2PSTEventRec size: 40

Total flows 0 (0 UFC flows)
Goodbye!
Syntax
To stop gathering aCelera trace information:

debug s2 tech-trace off
Sample Output:
s2>turn off traces (xc, cert, s2d, cap)
cmd>> cap clear
cmd>> trace off
cmd>> show cert traceoff
set ssl trace off

Goodbye!
ixia3-DC-adv#
ixia3-DC-adv#
ixia3-DC-adv# debug s2 xc config
LogLevel
6.6.3 Deleting Technical Reports

As previously mentioned, technical reports remain on the aCelera until manually deleted.
 GUI
To delete a technical report:
3. Under Diagnostics, select the appropriate tech report (in this example, aCelera_tech_report_9_24),
and then click Delete.

 CLI
From the advanced level (Array-Networks-adv#), use the following command to delete a single report or all
reports.
Syntax
tech-report delete [<file>]
Example 1
The following example deletes the file named "report1."
tech-report delete report1
Example 2
The following example deletes all technical report files.
tech-report delete
6.6.4 Listing Technical Reports

You can display a list of all technical reports that are currently on the appliance. The list includes the size, name,
and the creation date and time of each report file.

 GUI
To view a listing of all technical reports on the aCelera:
3. All reports are listed under Tech Reports.
 CLI
From the advanced level (Array-Networks-adv#), use the following command to view a list of all tech reports
that are on the aCelera.
Syntax
tech-report list
Sample Output
Size Date Time Name
16.4k Aug 5 13:32 report
16.4k Aug 5 14:20 report2
6.6.5 Uploading Technical Reports

You can upload all generated reports on the appliance to a location specified by your Array Networks Customer
Support representative.
Syntax
Array-Networks-adv# tech-report put <file>

<protocol>://[<username>:<password>@]<server>/<path>/[<new_filename>]
Syntax Description
Name Description
file The tech report file to be uploaded.
<protocol> The protocol used to upload technical reports. It can be FTP, HTTP, or SCP (Secure Copy). Notes: If
SCP is used, the user must have SSH set up on the server and have a user account password. SCP does
not support specifying the password on the command line. Supported URL formats include the
following:

password.
<server> The IP address of the server or host name on which to upload the reports.
<path> The path where the reports reside. Note: If FTP or HTTP is used, only relative pathnames are
[<new_filename>] Optional. Renames the technical report being uploaded to the user-specified name.

Example1
The following example uploads the tech report file "report" (via FTP) to location "reports" on 10.10.20.10 using
username "array-networks" and password "xyz."
tech-report put report ftp:// array-networks:xyz@10.10.20.10/reports/
Example 2
The following example uploads the tech report file "report2" (via HTTP) to location "files" on 10.10.20.10 and
assigning it the new filename "latest_report".
tech-report put report2 http://10.10.20.10/files/latest_report
6.7 Diagnostics
This section contains the commands used to perform network tests and generate technical reports which can be
used by Array Networks Customer Support to help diagnose problems that may occur.
6.7.1 Network Test

Use the commands in this section to test for network connectivity. The aCelera provides commands generating
pings, sending trace routes, and performing DNS lookups.
 GUI
To search for a text string in a log:
3. Under Network Test, select the appropriate test. Refer to the table below for additional information on
each available network connectivity test.
Option Description
Ping Tests and monitors an appliance in the network. Use Ping whenever you need to test a
connection to an appliance. To issue a ping, type the address or host name to ping, and then
click Go. The results will be displayed in the Results section.
Trace Route Traces the route packets take to the specified host by displaying the sequence of hops the
packet has traversed. To issue a traceroute, type the address or host name to trace, and then
click Go. The results will be displayed in the Results section.
DNS Performs a DNS lookup of the specified host. To perform a DNS lookup, type the address or host
name, and then click Go. The results will be displayed in the Results section.

 CLI
From the advanced level (Array-Networks-adv#), use the following commands to execute network connectivity
tests:
Generating Pings to Test Network Connectivity
Use ping to test and monitor an appliance in the network. Use ping whenever you need to test a connection to an
appliance.
Syntax
ping <host> [count <number-to-send>] size <packet-size>

Syntax Description
<host> Required parameter. The host name to ping. If only host name is specified, ping will send five
ICMP echo requests of size 56 bytes.
count <number-to-send> Optional parameter. Sends the specified number of echo requests. The user can specify the
'count' keyword and a value to send any number of ICMP requests.
size <packet-size> Sends the specified packet size (default = 56).
Performing DNS Lookups
Nslookup performs a DNS lookup of the specified host to determine the IP address of a domain name. An
optional DNS server can be specified to perform the lookup against. Otherwise, the appliance's configured DNS
server entry will be used.
Syntax
nslookup <host> [<server>]

<host> is the host name.
[<server>] is the optional IP address of the DNS server.
Examples
nslookup www.arraynetworks.com
Sample Output
Server: lab.arraynetworks.com
Address: 10.10.10.2
Name: www.arraynetworks.com
Address: 216.251.32.98
Sending Traceroutes
The traceroute command is a useful tool for tracing the route an IP packet follows to its destination by
displaying the sequence of hops the packet has traversed. From either the view or advanced level, type the
following command:
Syntax
traceroute <host> [hops <max-number-of-hops>]
Options
<host> Required parameter. The IP address or name of the host to trace.

[hops <max-number-of- Optional parameter. Displays no more than the configured number of hops encountered en-
hops>] route to the specified host. Any hops required beyond the configured number are not
displayed. The default is 30; the maximum is 99.
When the traceroute command is issued, the following information is displayed:

 The destination system (the IP address and hostname if the name was specified)
 The maximum number of hops that are allowed
 The size of the packet being sent
 A separate line for each device between the appliance and the destination containing the following
information:
- The IP address of the device
- The three round trip time in milliseconds
The round trip times provide information on how long it took a packet to get from the appliance
to the device and back again. By default, three packets are sent to each device along the route.
If a line contains one or two asterisks in place of the times, this is an indication that the host did not
respond to those packets. If the trace ends in all asterisks, this is an indication that the destination
system could not be reached.
Example
The following example traces packets to the host located at 10.10.20.226. Up to 24 hops will be displayed.
traceroute 10.10.20.4 hops 24
Sample Output
traceroute to 10.10.20.226 (10.10.20.226), 10 hops max, 40 byte packets
1 10.40.10.24 0.504 ms 0.415 ms 0.341 ms
2 10.40.90.1 0.309 ms 0.339 ms 0.347 ms
3 10.10.10.1 1.322 ms 1.343 ms 1.343 ms
4 10.10.20.226 1.216 ms 1.207 ms 1.096 ms
6.8 Monitoring Network Traffic

Tcpdump is a packet sniffer utility that monitors network activity. Tcpdump prints out the headers of packets
on a network interface that match the expression.
Supported Syntax

tcpdump [-n] [-c count] [-C file_size] [-i interface] [-s snaplen] [ -w file ] [-W filecount][expression]
Options
Option Description
-n Don't convert host addresses to names. This can be used to avoid DNS lookups.
-c count Exit after receiving count packets.
-C file_size Maximum size of file, in MB. Maximum is 5MB.
-i interface Listen on the specified interface.
-s snaplen The number of bytes of actual data (the snaplen or snapshot length) captured from each packet passing
through the network that is indicated by -i interface. Use this to override the default snaplen (68 bytes).
-w file Write the raw packets to file rather than parsing and printing them out.
-W filecount Used in conjunction with the -C option, this will limit the number of files created to the specified number,
and begin overwriting files from the beginning, thus creating a ’rotating’ buffer. In addition, it
will name the files with enough leading 0s to support the maximum number of files, allowing them to sort
correctly.
expression Selects which packets are dumped. If no expression is specified, all packets will be dumped. Main
expressions include type, dir, and proto. Type options include host, net, and port. Dir qualifiers specify a
particular transfer direction to and/or from id. Possible directions are src, dst, src or dst and src and dst.
Proto qualifiers restrict the match to a particular protocol. Possible protocols include: ether, fddi, tr, wlan,
ip, ip6, arp, rarp, decnet, tcp and udp.
6.9 Managing Packet Capture Information

This section contains commands associated with managing packet information that was captured via the
tcpdump command. This information provides Array Networks Customer Support with valuable information
that can be used to diagnose issues in the event of an issue with the aCelera.
6.9.1 Displaying a List of Packet Capture Files

From the advanced level (Array-Networks-adv#), use the following command to list all packet capture files that
reside on the appliance.
Syntax
capture list
6.9.2 Deleting Packet Capture Files

From the advanced level (Array-Networks-adv#), use the following command to delete all packet capture files or
just the specified file from the aCelera.
Syntax
capture delete [<file>]
Example 1
The following example deletes the file named "report1.tcp” from the aCelera.
capture delete report1

Example 2
The following example deletes all packet capture files from the aCelera.
capture delete
6.9.3 Uploading Packet Capture Information

From the advanced level (Array-Networks-adv#), use the following commands to upload a packet capture to the
specified location.
Syntax
capture put <protocol>://[<username>:<password>@]<server>/<path>
<protocol> The protocol used to upload the captured data. Valid protocols include FTP, HTTP, or SCP (Secure
Copy). Notes: If SCP is used, the user must have SSH set up on the server and have a user account
password. SCP does not support specifying the password on the command line. Supported URL
formats include the following:
ftp://<server>/<path>/
scp://<username>@<server>/<path>*
password.
<password> The password that restricts access to the server. Only needed if required by the server. If
required, the password must be proceeded by the user name and a colon (:) and followed by an
ampersand (@). If a password is not specified, a prompt appears requesting a password. Note: If
using SCP, the password cannot be specified on the command line; it can only be specified after
being prompted to enter one.
<server> The IP address of the server or DNS name (if configured on the network) on which the
configuration resides.
<path> The path where the packet capture file resides. Note: If FTP or HTTP is used, only relative
pathnames are supported; for SCP, the specified pathname must be an absolute pathname.
6.10 Regenerating Authentication Keys for Secure Access to

the Appliance
Array Networks provides a unique private/public key pair for the appliance that was created during the
manufacturing process. This key pair provides authentication when attempting to access a remote appliance via

SSH. Usually, this key pair provides adequate security. If additional security is required, the ssh regenerate-
server-keys command can be used to regenerate a public/private key pair for the appliance.
Syntax
ssh regenerate-server-keys
When the command is issued, the following warning message is displayed:
WARNING: SSH Server Key Regeneration
This will delete the current Private/Public Key for this device
and generate a new pair. All SSH clients that have previously connected
may complain or refuse to connect because the key has changed. Each
affected client's cache will have to be cleared manually. Refer to the
client software documentation for information on clearing the cache.
Are you sure you want to continue (yes/no) [n]:
 Notes:
 This command deletes the public/private key pair originally created for the appliance. Once
deleted, it can only be restored by resetting the appliance to factory defaults.
 Once the system's keys have been regenerated, any SSH clients that have previously connected
to the appliance will issue a warning message that the key has changed.
 Some SSH clients may refuse to connect until the client's cache is cleared manually. Refer to
your client's documentation for information on manually clearing cache.
6.11 Updating the License

Refer to the following instructions if you need to update the license file also referred to as the system certificate.
You can update the certificate from either the CLI or the GUI. The appliance must be rebooted in order to utilize
the updated certificate.
 CLI
From the advanced level (Array-Networks-adv#), use the cert update command to update the system certificate.
Syntax
cert update <cert_name> <protocol>://[<username>:<password>@]<server>/<path>/<server_cert_name>
Syntax Description
Value Description
<cert_name> The name of the certificate located on the appliance. In the case of the system certificate, it is the 12-digit
serial number of the aCelera.
<protocol> The protocol used to import the certificate. Valid protocols include FTP, HTTP, or SCP (Secure Copy).

Value Description
Notes: If SCP is used, the user must have SSH set up on the server and have a user account password. SCP
does not support specifying the password on the command line. Supported URL formats include the
following:
[<username>] The user name that restricts access to the server. Only needed if required by the server. May be used in
conjunction with a password. If no password is specified, include an ampersand (@) after the password.
<server> The IP address of the server or host name on which the certificate resides. Note: If FTP or HTTP is used,
only relative pathnames are supported; for SCP, the specified pathname must be an absolute pathname.

Example
The following example imports (via FTP) the certificate "000000005080082700000000" located in "certificates"
on 10.10.20.10 using username "array-networks" and password "xyz" and then updates the existing system
certificate with the new one.
1. Type cert update system ftp://array-
networks:xyz@10.10.20.10/certificates/000000005080082700000000 and then press Enter. The
following information is displayed:
######################################################################
## 100.0%
Download complete
File retrieved successfully.
Package is valid PKCS#12 formatted file.
2. Type the password supplied by Array Networks and then press Enter. The following information is
displayed:
MAC verified OK
writing RSA key
MAC verified OK
MAC verified OK
Certificate was not signed by included CA certificate
The license file is unique to this device.
It is critical to box operation.
You should only delete it if you are going to replace it.
Are you sure you want to delete it? (yes/no) [n]:
3. Press Y to continue. The following information is displayed:
Continuing to use existing system ca (not removed)(not updated)
License file imported successfully.
 Note: The aCelera must be rebooted for the updated certificate to take effect.
 GUI
To update the system certificate via the GUI:
3. Under Activation, type in the filename or click the Browse button to locate the appropriate license file.
4. Type in the license password that you obtained from Array Networks Customer Support, and then click
Load.
5. Once loaded, the expiration date is displayed in the License Expiry field.

6. Reboot the appliance to activate the license.
 Notes:
 The serial number of the aCelera is displayed but is not modifiable.
 The aCelera must be rebooted for the updated certificate to take effect.

Chapter 7 Status Functions
This chapter contains the various device status, peer status, and Dashboard statistics available via the GU and CLI.
7.1 Status
The System Status page contains various system, network, and device statistical information as described in the
table below.
7.2 System Status

Refer to the following for system status functions:
 GUI
To search for a text sting in a log:
1. Click the Home menu bar item.
2. Under the Status navigation tab, click System.
3. Refer to the table for system settings.
Status Field Description
Hostname The configured hostname.

Serial Number The 12-digit serial number of the appliance.
Software The version of software and corresponding build number installed on the appliance.
Version
System The length of time the appliance has been running. The duration is displayed in years, days,
Uptime hours, and minutes.
 CLI
From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#), use the following
commands to view system status information.
Syntax Description
show HostName The text string that appears at the CLI command prompt and at the top of the
graphical user interface window. This setting is typically changed to reflect the
location where the appliance is installed. Default is "Array-Networks>". The text string
cannot contain spaces.
show status SN The 12-digit serial number of the appliance.
show status The version of software and corresponding build number installed on the appliance.
SoftwareVersion
show status BootTime The length of time the appliance has been running. The duration is displayed in years,
days, hours, and minutes.
7.3 Network Settings

Refer to the following for network settings that have been configured for the appliance.
 GUI
To view configured network settings:

C H A P T E R 7: STATUS FUNCTIONS

3. Refer to the table for network settings. To refresh status information, click Refresh.
Option Description
IP Address The IP address and subnet mask configured for the appliance.
Gateway The IP address of the default gateway.
DNS Server The IP address of the DNS server.
Domain Name The domain name of which the appliance is part of.
 CLI
commands to view the configured network settings.
Syntax Description
show Address The IP address and subnet mask configured for the appliance.
show Gateway The IP address of the default gateway.
show DnsAddress The IP address of the DNS server.
show DomainName The domain name of which the appliance is part of.
Sample Output
Issuing each of the above commands will display the following. Each value is displayed in quotes.
aCelera-adv# show Address
config/Address “192.168.1.100”
aCelera-adv# show Gateway
config/Gateway “192.168.1.1”
aCelera-adv# show DnsAddress
config/DnsAddress “192.168.1.5
7.4 Device Settings

Refer to the following information to gain information on how much of the appliance’s disk, user, memory, and
CPU resources are currently being utilized. The displayed value for each component is expressed as a percentage.
 GUI
To view device status information:
3. Refer to the table for device settings. To refresh status information, click Refresh.

Option Description
History Disk The percentage of disk space currently being utilized for history information.
Utilization
User Disk Utilization The percentage of disk space currently being utilized for user data such as configuration
files.
Memory Utilization The percentage of memory currently being utilized.
CPU Utilization The percentage of CPU resources currently being utilized.
 CLI
commands to view device status information. To refresh the statistics, re-issue each command.
Syntax Description
show status The percentage of disk space currently being utilized for history information.
HistorySpaceUtilization
show status The percentage of disk space currently being utilized for user data such as
DiskSpaceUtilization configuration files.
show status The percentage of memory currently being utilized.
MemoryUtilization
show status CpuUtilization The percentage of CPU resources currently being utilized.
Sample Output
Issuing each of the above commands will display the following. Each value is displayed in quotes.
status/HistorySpaceUtilization “4”
status/DiskSpaceUtilization “12”
status/MemoryUtilization “15.9”
status/CpuUtilization “15”

7.5 Dashboard
The Dashboard is the aCelera subsystem responsible for collecting performance statistics and displaying
them in the Array Networks local client GUI (browser). Data flows into the aCelera and at the Internet
Layer (IP) the data is redirected to the Forwarding Plane. The Forwarding Plane is a term of art in router
technology. It's function here in the aCelera is to determine which data to compress in a first pass, and
which data to accelerate in subsequent passes. Data that is not accelerated is redirected back over the
WAN connection to the remote aCelera.
Data that can be compressed and accelerated is forwarded to the Performance Enhancing Proxy (PEP)
where it is then redirected to the Compressor module if compression is required. The PEP recognizes data
that has been reduced to objects and either looks that data up in the cache by its reference ID and sends
the object back to the LAN side; or else it sends a pointer across the WAN link requesting the object from
the remote aCelera. The figure shown below represents a high level overview of these concepts.
Figure. A topology diagram of the Dashboard subsystem of the aCelera.

The Dashboard presents aCelera statistics in a graphical format. Statistics are gathered using a special Collector
module that passes data along to the Array Networks local client GUI.
Statistics are measured entering and exiting an aCelera so that for any accelerated connection between two
aCeleras there are four points where statistics may be gathered.

The Dashboard gives you information on:

 The rate (throughput) or volume of both accelerated and unaccelerated traffic per unit time.
 The applications that are associated with both types of traffic per unit time based on their port
assignments.
 The amount of compression (data reduction) for traffic on the LAN or WAN.
To provide this information the collector measures two specific counters:
 The numbers of bytes per unit of time
 The port number per unit of time
You can use the Dashboard to display information such as:
 LAN Accelerated Data. Amount of data that is accelerated that passes over the LAN.
 WAN Accelerated Data. Amount of data that passes over the WAN
 Bytes saved. Displays the number of saved bytes, that is, the number of bytes that did not have to be
sent due to the aCelera’s compression and acceleration techniques.
 Pass Through Data. Data that is not accelerated that passes in and out.
 Data Reduction %. Displays the percentage of bandwidth savings. Bandwidth savings is determined by
taking the difference between the number of bytes actually sent (Actual) and the number of bytes that
would have been sent (Effective) and dividing that number by the number of bytes that would have
been sent (Effective)
Figure. The four measurement points for an accelerated connection.

There are three reports available in the Dashboard:
 Historical Throughput.
 Top Applications.
 Data Reduction.
The figure below illustrates the various data flows through an accelerated connection.

Figure. Measurement of the different flows through the aCelera.

The Dashboard can display this data for different time intervals. The Dashboard allows you to monitor all or
specific protocols.
To access the Dashboard via the GUI:
2. Under the Status navigation tab, click Dashboard.
3. Refer to the appropriate section below.
7.5.1 Dashboard Interface

The Dashboard is comprised of the following interface elements:
 The Tool bar which allows you to select filters and perform actions
 The Tab bar which allows you to select report types and manage applications
 The Chart panel which shows the compression history over time
 The Acceleration Statistics panel displays a summary of data transfer statistics by type.
 The Top Applications panel displays a breakdown of statistics by application in pie chart, list, and table
formats for the Top Applications chart.
There are differences between the four different tabs that are described in sections later in this topic. The figure
below shows a Throughput report with labeled elements.

Figure. The interface elements on the Throughput chart is labeled here.

The Tab bar switches you between the report and chart types. Each of these tabs are described in their individual
sections below.
The key to viewing all of the different report types is to set the filters for:
 Period. Selections include: Last Hour (default), Last Day, Last Week, Last Month, and Last Year.
 Application. The applications are filtered by port number, as shown in table below.
 Traffic Type. Selections include: Optimized (default), Pass Through, and Both.
 Direction. Selections include: To WAN, From WAN, and Both (default).
 Units. Selections include: Rate (default) and Volume.
 Number of Rows. Selections include: 10, 25, and 50.
Depending upon the particular chart type the Filter drop down list boxes are populated with different choices.
These differences are also noted in the sections that follow.
Note: In order to view your changes you must always apply them using the Update button.
There are four buttons located in the Tool bar of the Dashboard (from left to right):
 Update button. The Update button triggers the retrieval via Web Services of data for all three
charts. The currently selected filters are applied. When the retrieval completes, the data is displayed in
the three charts.
 Print button. The Print button opens up a standard Print dialog box to print the currently selected chart
to a local or network printer.
 Export button. The Export button generates a comma delimited CSV file and opens a standard Save
dialog box to save the CSV file to the local file system.
 Clear data button. This button eliminates the data that is displayed in the Dashboard. Once applied all of
your statistics begin anew. When you push the Clear data button you see the Confirm Delete alert box
shown in the figure below.

Figure. The Confirm Delete alert box removes all displayed data. This operation cannot be undone.
The Chart takes its title from the selected tab. In the case of the Throughput chart shown above the last hour of
data is displayed.
7.5.1.1 Duration
Updates all statistics on the Dashboard to reflect the specified time period. Whenever the duration is changed,
the statistics in the display panels are updated to reflect the specified duration. Data points are collected at a
certain granularity within the time range as specified below. Available durations include:
Table. Collected data point intervals.
Duration Description
Last Hour Provides statistics for the last hour at 1 minute granularity (Default).
Last Day Provides statistics for the last day at 30 minutes granularity.
Last Week Provides statistics for the last week at 3 hours granularity.
Last Month Provides statistics for the last month at 12 hours granularity.
Last Year Provides statistics for the last year at 24 hours (1 day) granularity.
7.6 Historical Throughput Report

The Historical Throughput report is the default display. It is used to determine the rate or the volume of traffic
that has passed over the connection that is both accelerated and non-accelerated in a specified unit of time. Both
sides of the aCelera's traffic, LAN and WAN are shown individually. You can also specify traffic by application
type, and whether the traffic has been optimized (accelerated) or not. The Historical Throughput chart page is
comprised of an Area chart with two data series; LAN data and WAN data and a chart legend. In most cases this
will be the report that you will use the most in the Dashboard.
The following filters are visible in the Historical Throughput Report:
 Period
 Application
 Traffic Type
 Direction
 Units
When you select a rate the ordinate (Y-axis) displays bits per second (bps) or throughput; when you select
volume the ordinate displays units in bytes. The table below describes the behavior of the units of measure as
you change the range of data.
Table. Impact of different units of measure by the range.
Condition Behavior
Range of data is 0 > y <= 1024 Y axis number has no suffix.

Range of data is 0 > y <= 1048576 Y axis number is suffixed with “K”. Y axis number is scaled down by
1024. (For example, rather than “2048”, it is now “2K”)
Range of data is 0 > y <= Y axis number is suffixed with “M”. Y axis number is scaled down by
1073741824 1048576.
Range of data is 0 > y <= Y axis number is suffixed with “G”. Y axis number is scaled down by
1099511627776 1073741824.
Range of data is 0 > y and maximum Y axis number is suffixed with “T”. Y axis number is scaled down by
y is > 1099511627776 1099511627776.
7.6.1 Data Reduction Reports

The Data Reduction report is displayed when the Data Reduction tab is selected, and a sample is shown in the
Figure below.
Figure. The Data Reduction page contains a strip chart of both throughput and the amount of bandwidth savings
you have achieved with aCelera.
The following filters are visible in the Data Reduction report:
 Period
 Application
The Data Reduction chart page is comprised of two charts in the form of a strip chart recorder. Time flows from
left to right, and the top chart or Throughput chart displays the amount of data in bytes per second flowing
through the aCelera. The Throughput Chart is composed of two area chart data series stacked vertically and a
line chart data series. The bottom area chart data series is the Pass Through data. The top area chart data series
is the Accelerated data. A line chart data series representing the WAN data is superimposed over the stacked
area chart
The bottom data grid is the Data Reduction chart and it displays the amount of data reduction in percentages
over time. It also displays fields for average reduction percentage, average compression ratio, total LAN
accelerated data, total WAN accelerated data, and bytes saved.
If you move your cursor over a data point a tooltip will appear that displays the value and time of that data point.
Also, note that the same behavior for the Impact of different units of measure by the range that appeared in the
table in the previous section applies to this set of charts.
7.7 Top Applications

The Top Applications report is displayed when the Top Applications tab is selected. Information in the Top
Applications panel is displayed in a pie chart format, list format, and table format for the following applications.

The application name and its associated port number are listed. Only the application name is displayed. The Top
Applications chart page is comprised of two pie charts, a chart legend and a table. The left pie chart contains the
top 10 applications for LAN traffic (top nine applications and one grouping of the rest of the applications called
“other”). The right pie chart contains the top 10 applications for WAN traffic. The table contains the top 50
applications (top 49 applications and one grouping the rest of the applications called “other”).
Table. Application and protocol type by port.
Application Port
FTP-Data 20
FTP-Control 21
SMTP 25
HTTP 80
MAPI 135
CIFS 139
HTTPS 443
CIFS 445
SQL Server 1433
Oracle 1521
NFS 2049
iSCSI 3260
HTTP Proxy 8080
ClearCase 12080
The following filters are visible in the Top Applications chart:

 Period
 Traffic Type
 Direction
 Number of Rows

Figure. The Top Applications pie chart.

The Toggle Legend button changes the legend into a bar, and vice versa. If you move your cursor over a slice the
Dashboard displays the application type and traffic by port, and it's percentage of overall traffic based on its part
of the total byte count. Notice that the slice that is selected pulls out of the pie.
The LAN and WAN pie chart slices displays different color for each application. This color will remain consistent
for each application between the LAN and WAN pie charts. (For example, if the HTTP application is represented
by a green pie slice in the LAN chart, it is also represented by a green pie slice in the WAN chart.)
Figure. A pie slice with a tooltip displayed.

You can choose to toggle tooltips on and off for all slices, or toggle between the 2D chart shown above and the 3D
chart shown below:
Right click on any part of the pie chart and select either the Show LAN (WAN) labels and/or 3D chart.
To return to the 2D display or hide the tooltips:
Right click on any part of the pie chart and select either the Hide LAN (WAN) labels and/or 2D chart.
Figure. A 3D chart with tooltips.

The pie chart displays applications currently being utilized. Each application is represented by a different color.
Positioning the cursor on any color in the pie chart displays:
 The amount of the application's data (in percentage) traversing the WAN as it relates to the entire
payload for the specified duration.
 The number of bytes actually sent (Actual)
 The number of bytes that would have been sent (Effective)
 The number of bytes that did not have to be sent (Saved)
 The percentage of bandwidth savings (BW Savings)
The list format displays the percentage of each application traversing the WAN as it relates to the entire payload.

The table includes columns displaying:

 The number of bytes actually sent (Actual)
 The number of bytes that would have been sent (Effective)
 The number of bytes that did not have to be sent (Saved)
 The percentage of bandwidth savings (BW Savings)
The pie chart, list form, and table can be sorted by clicking on one of the available View options (Actual or
Effective) or the Name, Actual Bytes, Effective Bytes, Average Compression, or BW Savings columns.
The Top Applications Table has the following columns:
1. Application – with port number in brackets.
2. LAN Traffic Rate – suffixed with kbps, Mbps, Gbps, Tbps. Total volume in brackets.
3. LAN Traffic % - percent of total LAN traffic.
4. WAN Traffic Rate suffixed with kbps, Mbps, Gbps, Tbps. Total volume in brackets.
5. WAN Traffic % - percent of total WAN traffic.
6. Reduction – single bar chart and numerical percentage.
Click on the Top Application Table header column to rows sort by the clicked column. If the current sort order is
ascending, the sort will be descending. If the current sort is descending, the sort will be ascending.
The table contains a summary row at the bottom of the scrolling table containing the total of the LAN Traffic Rate
and WAN Traffic Rate.
7.8 Manage Applications

The Manage Application screen shown below is accessed by clicking the fourth tab in the tab control. It allows
users to modify, add and delete applications and its corresponding port numbers. When an Application is
selected in the Manage Application Listbox, the Port number and Application Name is listed in the Port textbox
and Name textbox. The user is able to modify these values.
Figure. The Manage Applications screen is where you go to add additional ports (applications) to be monitored by
the aCelera.
You can add additional ports to monitor, and based on the port assignment monitor your own custom
applications.

NOTE: The user cannot modify aCelera's pre-assigned application names and ports.
To add a port, do the following:
1. Click on the Add button to open the Add Application dialog box shown below.
Figure. An application is inferred from the port value you enter, but you can use whatever name you wish that is
meaningful to you.
2. Enter the Port number into the Port text box.
3. Enter the name you want to track the port with into the Name text box.
That name does not have to be the official name of the application that is assigned to the port.
4. Press the OK button.
Your new port is added to the list in the left hand pane.
Keep in mind the following provisos, ports and names:
 Cannot be blank.
 Cannot be negative.
 Cannot be zero (0). (Reserved for “All Applications”)
 Cannot be greater than 65535 maximum.
 Cannot be a duplicate of an existing port number other than the currently selected application port.
 Cannot contain non-numerical characters.
7.9 Interfaces
Information can be displayed for status and statistical information for each of the appliance’s interfaces.
7.9.1 Interface Status

Use the information below to view the configured link speed and MAC address of each of the appliance’s
interfaces.
 GUI
To view the status of each interface:
2. Under the Status navigation tab, click Interfaces.
3. Refer to the table for interface status information. To update status information, click Refresh.
Status Description

Link The link status of each interface. Yes indicates the link is up; no indicate it is down.
MAC The MAC address of each interface.
Address
7.9.2 Interface Statistics

Use the information below to view statistical information for each of the appliance’s interfaces.
 GUI
To view interface statistics:
2. Under the Status navigation tab, click Interfaces.
3. Refer to the table for interface status information since the appliance was last booted. To refresh interface
information, click Refresh.
Statistic Description
RX Pkts Displays the number of packets received through the interface.

TX Pkts Displays the number of packets sent from the interface.
Rx Err Displays the number of errors received by the interface.
Tx Err Displays the number of errors transmitted by the interface.
RX Bytes Displays the number of bytes received through the interface.
TX Bytes Displays the number of bytes sent from the interface.

 CLI
The CLI interfaces command displays the information that appears in both the GUI interface status and interface
statistics section described above. Information displayed for each physical interface in the appliance includes the:
 Transmission speed
 Data transmission mode (half or full duplex)
 Link status (Whether the appliance is linked to another interface)
 Number of packets received and sent through the interface
 Number of corrupted packets received through the interface
 The MAC address of the interface
The command also displays the IP address, mask, gateway, and DNS addresses of the virtual bridge.
command:
Syntax
interfaces
Sample Output
Virtual Bridge Interface:

IP: 10.10.20.199 (Static)
Mask: 255.255.255.0
Gateway: 10.10.20.200
DNS: 216.41.101.15
Interface Speed Duplex Link RX Pkts TX Pkts RX Err TX Err MAC Address
-------------------------------------------------------------------------------
WAN 1000Mb/s full yes 1126167 1355496 0 0 00:50:56:83:56:bb
LAN 1000Mb/s full yes 557172 482739 0 0 00:50:56:83:50:57
MGT 1000Mb/s full yes 14447 11513 0 0 00:25:90:a8:9c:4a
Heartbeat 1000Mb/s full yes 0 3636 0 0 00:50:56:83:54:ac
 CLI
The following CLI commands provide the same information as the GUI interface statistics described on the
preceding page. From either the view level (Array-Networks>) or the advanced level (Array-Networks-adv#),
use the following commands to view interface status information since the appliance was last booted. To refresh
the statistics, re-issue each command.
Syntax Description
show status WanRxPackets Displays the total packets received by the WAN-side interface
show status WanRxBytes Displays the total bytes received by the WAN-side interface.
show status WanRxErrors Displays the number of errors received by the WAN-side interface since last boot.
show status WanTxPackets Displays the total packets sent by the WAN-side interface.
show status WanTxBytes Displays the total bytes sent by the WAN-side interface.
show status WanTxErrors Displays the number of errors sent by the WAN-side interface since last boot.
show status LanRxPackets Displays the total packets received by the LAN-side interface.
show status LanRxBytes Displays the total bytes received by the LAN-side interface.
show status LanRxErrors Displays the number of errors received by the LAN-side interface since last boot.
show status LanTxPackets Displays the total packets sent by the LAN-side interface.
show status LanTxBytes Displays the total bytes sent by the LAN-side interface.
show status LanTxErrors Displays the number of errors sent by the LAN-side interface since last boot.

7.10 Peer Status

Use the information below to view various status information for each remote peer that the local peer is
communicating with. Status information includes the name of the remote peer, the state of the peer connection,
the IP addresses and serial number of the peer, the type of addressing mode used to communicate with the peer,
and the date the peer connection entered into the acceleration state.
 GUI
To view peer status information:
2. Under the Status navigation tab, click Peers.
3. Refer to the following table for peer status information. To update status information, click Refresh
Item Description
# The ID number that can be used to identify the remote peer in the logs.
Peer Name The name of the remote peer.
State The current state of peer connections.
Item Description
Accelerating The peer connection is acceleration traffic.

Connecting Peer appliances are configured but have not yet entered the accelerating
state.
Disabled The peer connection is currently disabled.
Peer IP The IP address of the remote peer.

Peer SN The serial number of the remote peer.
Type The detection method configured to detect the remote peer.
Item Description
Def The remote peer has been configured via the Defined Peers list.
Dis The remote peer is automatically discovered via the Auto Discovery option.
Addressing The type of addressing used to communicate with the remote peer.
Item Description
C Correct Addressing
T Transparent Addressing
Elapsed The amount of time the peer connection has been in the accelerating state.
Time

 CLI
commands to view peer status information.
Command Description
state Displays the current state of each peer connection including the peer name, current state,
peer’s IP address, peer’s serial number, the type of peer connection, and the date the peer
connection was established. Refer to the following table for the abbreviations found when this
command is issued.
Item Description
State

Connecting Peer appliances are configured but have not yet entered the accelerating
state.
Disabled The peer connection is currently disabled.
Type
Def The remote peer has been configured via the Defined Peers list.
Dis The remote peer is automatically discovered via the Auto Discovery option.
Addressing
C Correct Addressing
T Transparent Addressing
show status Displays the number of accelerating connections. A “0” indicates that none of the connections
AcceleratingConnection are currently in the accelerating state.
s
Sample Output 1
aCelera-adv# state
State: A-Accelerating; C-Connecting; D-Disabled
Type: Def-Defined, Dis-Discovered
Addressing: T-Transparent C-Correct
--------------------------------------------------------------------------------
# State Peer Name Peer IP Peer SN Type Addr Elapsed Time
--------------------------------------------------------------------------------
1 Local BostonDC 192.168.1.100 000000100108 Def C 0d/19h:40m:12s
Sample Output 2
aCelera-adv# show status

Hostname: YorkRO
Comment: York aCelera
Serial Number: 000000100107
System Uptime: 1 day, 1 hour, 30 minutes
IP address: 192.168.1.110/24
Gateway: 192.168.1.1
Primary DNS:
Domain Name:
Managed by CMS: Yes

CMS Hostname/IP: 192.168.1.101
CMS Poll Interval (mins): 4
CMS Server TCP port: 80
Accelerated Peers: 1
User Disk Utilization: 6%
History Disk Utilization: %
Memory Utilization: 22.1%
CPU Utilization: 100%
TX Pkts RX Pkts TX Err RX Err TX Bytes RX Bytes

WAN 262625 311308 0 0 112600985 78931835
LAN 0 0 0 0 0 0
7.11 WCCP Statistics

Various WCCP statistics are available for viewing when appliance is configured out-of-line via WCCP. The
following table provides a description of each WCCP statistic. It can be used for both the GUI and the CLI.
Statistics are only displayed if deployed out-of-line.
WCCP Status Parameters
Displayed Message Meaning
WCCP # operation state is: The current WCCP operating state (for example, "initiating connection").
WCCP # Forwarding Method is: The packet forwarding method used to redirect traffic from the router to the
appliance (GRE or L2).
WCCP # Assignment method is: The method by which redirected packets are distributed to the appliance.
WCCP # Packet Return method is: The method by which packets redirected to the appliance are returned to the
router for normal forwarding.
WCCP # Designated Web Cache The IP address of the designated web cache used to receive redirected traffic.
Address is:
WCCP # Router Communication The address of the router to which the I_See_You packets are being sent
Address is:
WCCP # Router Reply Address is: The address of the router from which the Here_I_Am messages are being
received from

WCCP # Router Self-Identification The address used as an internal router ID for I_See_You messages.
Address is:
WCCP # Here_I_Am_Packets sent: The number of Here_I_Am packets sent.
WCCP # Request_Assignment packets The number of Request_Assignment packets sent.
sent:
WCCP # I_See_You_Packets received: The number of I_See_You packets received.
WCCP # Removal_Query Packets The number of Removal_Query packets received.
received:
WCCP # Invalid Packets received: The number of invalid packets received.
WCCP # Here_I_Am replies missed: The number of Here_I_Am replies missed.
 Notes:
 If the forwarding and packet return methods are both configured using L2, the number of
frames and bytes sent and received are displayed. If both the forwarding and packet return
methods are configured using GRE, corresponding GRE statistics are displayed. If one of the
redirection methods is configuring using L2 and the other method using GRE, statistics for both
L2 and GRE are displayed.
 If WCCP is enabled, a set of statistics is displayed for each configured router with 0 being the
primary router. Up to eight sets of statistics may be displayed (0-7).

 GUI
To view WCCP statistics:
2. Under the Status navigation tab, click WCCP tab.
3. Refer to the table on the previous page for WCCP status information. To update status information, click
Refresh.
 CLI
commands to view WCCP statistics. Refer to the table on page 150 for WCCP status information
Syntax
WCCP
Sample Output 1 (WCCP is disabled.)
WCCP is disabled.
Sample Output 2 (WCCP is enabled using L2 redirection methods. Only one router is confgured.)
136.220-adv# wccp
WCCP 0 Operation state is: "info: active operation"
WCCP 0 Forwarding method is: "L2"
WCCP 0 Assignment method is: "Mask"
WCCP 0 Packet Return method is: "L2"
WCCP 0 Designated Web Cache Address is: "10.40.136.220"

WCCP 0 Router Communication Address is: "10.40.136.1"
WCCP 0 Router Reply Address is: "10.40.136.1"
WCCP 0 Router Self-Identification Address is: "77.7.7.7"
WCCP 0 Here_I_Am packets sent: "64031"

WCCP 0 Request_Assignment packets sent: "32014"

WCCP 0 I_See_You packets received: "64026"

WCCP 0 Removal_Query packets received: "2"
WCCP 0 invalid packets received: "0"
WCCP 0 Here_I_Am replies missed: "0" L2 Statistics
L2 Statistics
Frames:6265 Bytes:1111415
7.12 Diagnostics
This section provides information on the various diagnostics status functions.
7.12.1 Viewing Routing Tables

Routing tables store routes to particular network destinations. This information contains the topology of the
network immediately around it. Use the information found here to view the kernel's routing tables.
 GUI
To view route table entries:
2. Under the Diagnostics navigation tab, click Route Table.
3. Refer to the following table for route table information. To update the information, click Refresh.
Option Description
Destination The destination network or destination host.
Gateway The gateway address the router uses to forward the packet through in order to reach the destination
network.
Genmask The subnet mask of the destination network. A value of '255.255.255.0' indicates a host destination
and '0.0.0.0' indicates the default route.
Flags Flags. Possible flags include:
U (route is up)
H (target is a host)
G (use gateway)
R (reinstate route for dynamic routing)
D (dynamically installed by daemon or redirect)
M (modified from routing daemon or redirect)
A (installed by addrconf)
C (cache entry)
! (reject route)
Metric The distance (typically in hops) to the destination network. Not applicable to recent kernels, but may
be needed by routing daemons.
Ref The number of references to this route.
Use The number of lookups for the route. This number refers to either route cache misses or hits.
iface The interface to which packets for the route will be sent.

 CLI
command to view the kernel's routing tables and/or routing cache.
Syntax
route [-a –c –n]
Parameter Description
- When no option is specified, the routing table is displayed.

-a Displays the routing table and routing cache.
-c Displays routing cache.
-n Displays numerical addresses instead of trying to determine symbolic host names, which may be useful if
trying to determine why the route to server cannot be displayed.
Example 1
route
Sample Output
Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface
10.40.65.0 * 255.255.255.0 U 0 0 0 fp0
default 10.40.65.1 0.0.0.0 UG 0 0 0 fp0
Example 2
route -n
Sample Output
Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface
10.40.65.0 0.0.0.0 255.255.255.0 U 0 0 0 fp0
0.0.0.0 10.40.65.1 0.0.0.0 UG 0 0 0 fp0
7.12.2 Viewing and Clearing ARP Table Entries

Address Resolution Protocol (ARP) is a protocol for mapping an IP address to a physical machine address that is
recognized in the local network. It displays the Internet-to-Ethernet address translation tables used by the
address resolution protocol. The GUI allows you to view ARP table entries, while the CLI allows you view and
clear entries.
 GUI
To view route table entries:
2. Under the Diagnostics navigation tab, click ARP Table.
3. Refer to the following table for ARP table information. To update the information, click Refresh.

Option Description
Address The hostname address.

HWType The hardware type.
HWAddress The hardware address or the Ethernet address (MAC address) which can be used to track problems
in the network.
Flags Flags. Possible flags include:
U (route is up) H (target is a host)
G (use gateway) R (reinstate route for dynamic routing)
D (dynamically installed by daemon or M (modified from routing daemon or redirect)
redirect)
A (installed by addrconf) C (cache entry)
! (reject route)
Mask The subnet mask.
Iface The interface.
 CLI
commands to view and clear ARP table entries. Refer back to the table on the previous page for a description of
each table entry.
Syntax Description
arp (display|show} Displays the current ARP table entries.

arp clear Clears the entire ARP table. This command can only be executed at the advanced level
(Array-Networks-adv#),
Example
arp display
Sample Output
Address HWtype HWaddress Flags Mask Iface

10.40.65.1 ether 00:0c:29:3e:17:f5 C fp0
10.40.65.100 ether 00:0c:29:52:9c:4f C fp0

7.12.3 Displaying Network Interface Information

 CLI
ifconfig displays information for each of the appliance’s interfaces: WAN (WAN) LAN (LAN), Ethernet (Bridge),
and Heartbeat (Heartbeat). Information such as the number of packets received and transmitted, the number of
packets dropped, and the number of overruns is displayed. From the advanced level (Array-Networks-adv#),
issue ifconfig.
Syntax
ifconfig
Sample Output
WAN Link encap:Ethernet HWaddr 00:11:43:CE:EA:95

UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:149256 errors:0 dropped:0 overruns:0 frame:0
TX packets:185584 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:134312057 (128.0 MiB) TX bytes:17979004 (17.1 MiB)
Base address:0xdcc0 Memory:fdee0000-fdf00000
LAN1 Link encap:Ethernet HWaddr 00:11:43:CE:EA:94

UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX bytes:23356810 (22.2 MiB) TX bytes:127251007 (121.3 MiB)
Base address:0xece0 Memory:fe1e0000-fe200000
MGT Link encap:Ethernet HWaddr 00:25:90:a4:98:6a

UP BROADCAST MULTICAST MTU:1500 Metric:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:16 Memory:dfc00000-dfc20000
Bridge Link encap:Ethernet HWaddr 00:11:43:CE:EA:94

inet addr:10.40.90.10 Bcast:10.40.90.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX bytes:152336237 (145.2 MiB) TX bytes:139476349 (133.0 MiB))
Heartbeat Link encap:Ethernet HWaddr 00:11:43:CE:EA:94

inet addr:10.40.90.10 Bcast:10.40.90.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX bytes:152336237 (145.2 MiB) TX bytes:139476349 (133.0 MiB))
7.12.4 Displaying IP-Related Statistics

 CLI
The CLI provides the show ip-traffic to display various IP-related statistics such as packet information including
total packets received, forwarded, and dropped, and peer connection information including the number of active
and passive connections, and failed and established peer connections. From either the view level (Array-
Networks>) or the advanced level (Array-Networks-adv#), use the following command to display IP-related
statistics.
Syntax
show IP-Traffic
7.12.5 Displaying Process Information

 CLI
The CLI provides the show proc[esses] command to display a summary of active processes and their use of
resources running on the appliance. From either the view level (Array-Networks>) or the advanced level (Array-
Networks-adv#), use the following command to display process information.
Syntax
show proc[esses] [cpu]

When CPU option is included, process information is sorted based on CPU consumption; without this option,
process information on memory consumption. Process information includes:
 The time the system has been up.
 Number of users.
 Three load averages for the system. Load averages are the average number processes ready to run during
the last 1, 5, and 15 minutes.
 The total number of processes running at the time of the last update. This is also broken down into the
number of tasks which are running, sleeping, stopped, or zombie (undead).
 CPU usage. These are percentages of the total CPU time. The following are displayed:
- Us (User CPU Time): The amount of time the CPU spent running user processes (applications).
- Sy (System CPU Time): The amount of time the CPU spent running kernel code. (system time)
- nice (Nice CPU Time): The amount of time the CPU spent running user processes that have been
niced.
- Id (Idle): The amount of time the CPU was idle and the system did not have an outstanding disk I/O
request.
- Wa (IO Wait): The amount of time the CPU was idle while waiting for an outstanding I/O request.
- hi (Hardware IRQ): The amount of time the CPU has been servicing hardware interrupts.
- si (Software Interrupts): The amount of time the CPU has been servicing software interrupts.
- s (Steal Time): The amount of CPU stolen from this virtual machine by the hypervisor for other tasks
(such as running another virtual machine).
 Memory usage:
- Total memory
- Amount of memory in use
- Amount of free memory
- Amount of memory used for buffers
 Swap space usage:
- Total swap space

- Available swap space

- Used swap space.
 PID – Process ID
 USER- Username of the process’s owner
 PR- The priority of the task.
 NI- The nice level of the process

 VIRT- Virtual size of the process, in kilobytes

 SHR- Amount of shared memory used by a task.
 S- Process status
O = Currently running S = Sleeping (waiting for event)
R = Eligible to run T = Stopped or being traced
Z = Zombie D = Uninterruptible sleep (usually the disk)
 %CPU- Percentage of the CPU this process is using
 %MEM- Percentage of real memory this process is using
 TIME+ - CPU time the process has consumed
 COMMAND- Command name and arguments
Example
show proc
Sample Output
Array-Networks> show proc

top - 20:01:53 up 2:32, 2 users, load average: 0.00, 0.00, 0.00
Tasks: 92 total, 1 running, 91 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.1%us, 0.8%sy, 0.0%ni, 99.0%id, 0.1%wa, 0.0%hi, 0.0%si, 0.0%s
Mem: 2057388k total, 264292k used, 1793096k free, 17440k buffers
Swap: 112412k total, 0k used, 112412k free, 53840k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND

4158 root 20 0 18244 1432 1220 S 2.0 0.1 0:00.97 respawn
4168 root 20 0 18244 1428 1220 S 2.0 0.1 0:00.96 runcrit
1 root 20 0 4292 1104 620 S 0.0 0.1 0:00.92 init
2 root 15 -5 0 0 0 S 0.0 0.0 0:00.00 kthreadd
3 root RT -5 0 0 0 S 0.0 0.0 0:00.00 migration/0
4 root 15 -5 0 0 0 S 0.0 0.0 0:00.01 ksoftirqd/0
5 root RT -5 0 0 0 S 0.0 0.0 0:00.00 watchdog/0
 Note: Depending on the number of configured cores, the CPU percentage can be greater than 100%. Each
process may have multiple threads and each can be running on a different core and theoretically
utilizing up to 100% of that core. The displayed output sums the CPU usage of all threads to determine
the process percentage.
7.12.6 Displaying Memory Usage

The CLI provides the show mem[ory] command to display the aCelera’s current memory usage. From either the
view level (Array-Networks>) or the advanced level (Array-Networks-adv#), use the following command to
display memory usage information.
Syntax
show mem[ory]
The following table provides information for each memory field that is utilized on the appliance.

Memory Field Description

MemTotal Total usable RAM
MemFree The sum of LowFree+HighFree
Buffers Relatively temporary storage for raw disk blocks
Cached In-memory cache for files read from the disk
SwapCached Memory that once was swapped out is swapped back in but is still in the swapfile. If memory is
needed it does not need to be swapped out again since it is already in the swapfile. This saves I/O.
Active Memory that has been used more recently and usually not reclaimed unless absolutely necessary
Inactive Memory which has been less recently used. It is more eligible to be reclaimed for other purposes
SwapTotal Total amount of physical swap memory
SwapFree Total amount of swap memory free
Dirty Memory that is waiting to get written back to the disk
Writeback Memory that is actively being written back to the disk
AnonPages Non-file backed pages mapped into userspace page tables
Mapped Files that have been mapped, such as libraries
Slab Iin-kernel data structures cache
SReclaimable Part of Slab that might be reclaimed, such as caches
Sunreclaim Part of Slab that cannot be reclaimed on memory pressure
PageTables The amount of memory dedicated to the lowest level of page tables
NSF_Unstable NFS pages sent to the server, but not yet committed to stable storage
Bounce Memory used for block device “bounce buffers”.
WritebackTmp Memory used by FUSE for temporary Writeback buffers
CommitLimit The total amount of memory currently available to be allocated on the appliance
Committed_As The amount of memory presently allocated on the appliance. The committed memory is a sum of all of
the memory which has been allocated by processes, even if it has not been "used" by them as of yet.
VmallocTotal The total size of vmalloc memory area
VmallocUsed The amount of vmalloc area that is used
VmallocChunk The largest contiguous block of vmalloc area that is free
Huge_Pages_Total The size of the pool of hugepages.
Huge_Pages_Free The number of hugepages in the pool that are not yet allocated
Huge_Pages_Rsvd Short for “reserved”. The number of hugepages for which a commitment to allocate from the pool has
been made, but no allocation has yet been made.

Sample Output
MemTotal: 2057388 kB
MemFree: 1758000 kB
Buffers: 3412 kB
Cached: 49900 kB
SwapCached: 0 kB
Active: 192476 kB
Inactive: 35612 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 64 kB
Writeback: 0 kB
AnonPages: 174776 kB
Mapped: 13584 kB
Slab: 20932 kB
SReclaimable: 7180 kB
SUnreclaim: 13752 kB
PageTables: 5304 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
WritebackTmp: 0 kB
CommitLimit: 1028692 kB
Committed_AS: 1485336 kB
VmallocTotal: 34359738367 kB
VmallocUsed: 290948 kB
VmallocChunk: 34359442607 kB
HugePages_Total: 0
HugePages_Free: 0
7.12.7 Displaying Compression-Related Statistics

The CLI provides the show history command to display the following compression-related statistics including
the:
 The maximum number of blocks (Max Blocks) in MB
 Size of the history store in MB (Used Blocks)
 Number of LAN transactions
 Number of WAN transactions
 Amount of compressed data (in megabits) entering the compression engine that originated on the LAN
 Amount of compressed data (in megabits) exiting the compression engine and destined for the WAN
 Amount of decompressed data (in megabits) entering the compression engine that originated from the
WAN
 Amount of decompressed data (in megabits) exiting the compression engine and destined for the LAN
command to history-related statistics.
Syntax
show history

Sample Output
Max Blocks= 8192

Used Blocks= 236
LAN Transactions = 588885 In = 284.715 mb Out = 185.072 mb Ratio = 1.54 : 1
WAN Transactions = 590865 In = 231.229 mb Out = 791.416 mb Ratio = 3.42 : 1
7.12.8 Testing the Download Functionality

The CLI provides the ability to perform a simulated download test to see if a document can be successfully
downloaded and how long it takes to do so. The document is not saved to disk during the simulated download.
Syntax
Use one of the following commands to perform the test download:

test download <protocol>://<server>/<path>/<file> [<attempts>]
test dl <protocol>://<server>/<path>/<file> [<attempts>]
test get <protocol>://<server>/<path>/<file> [<attempts>]
<protocol> The protocol used to download the file. Valid protocols include FTP or HTTP.
<server> The IP address of the server or DNS name (if configured on the network) on which the file resides.
<path> The path where the test file resides.
<file> Name of the file to test the download function.
[<attempts>] Optional parameter that indicates the number of times to attempt the download. If no number of
attempts is specified, the setting defaults to 1.
Examples
test download ftp://array-networks:xyz@10.10.20.4/configs/test.cap
test get http://10.10.20.10/config_files
7.13 Performing Bandwidth Testing

This section deals with performing bandwidth tests. Depending on the bandwidth test, you need either:
 Two appliances, or
 An appliance and a server.
 Note: Bandwidth testing involves using either the test bandwidth or test bw commands. The examples on
this page use the test bandwidth command.
7.13.1 Performing Bandwidth Testing between Two Appliances

To perform bandwidth testing either above-mentioned case, you must first allow bandwidth testing against your
target appliance.
On the connected appliance (the remote appliance), execute the following command:
test bandwidth allow

This command allows bandwidth testing by launching a bandwidth performance test that runs in the
background.
7.13.2 Performing Bandwidth Testing between an Appliance and a

Server
An alternative to performing a bandwidth test against another appliance is to perform it against a server running
bandwidth performance testing in the background.
test bw|test bandwidth {tcp|udp} server <ip_address> [<time>] [<tcp-window-size>]
The above command initiates a TCP or UDP test against a server running a background performance bandwidth
test. As a result, running UDP tests will yield significantly lower throughput than TCP tests.
Optional parameters are <time> which specifies the length of time, in seconds, to perform the test (default is 10
seconds), and <tcp-window-size>. The TCP window size parameter is a request for a specific size and may be
overridden by the Operating System. The parameter is specified in the format <number><K|M>, where
K=Kilobytes and M=Megabytes.
Syntax
test bandwidth tcp server 10.40.10.75 20 512M
7.13.3 Terminating Bandwidth Testing between Appliances

After completing testing, you can execute the following command to turn off bandwidth testing.
test bandwidth reject
7.13.4 Display the Current Status of Bandwidth Testing

To display whether bandwidth testing is permitted against the appliance, execute the following command.
test bandwidth status
7.14 Displaying Multiple Statistics via Show Status

Using the CLI show status command, you can obtain several important statistics to be displayed simultaneously.
When issuing the following show status from either the view level (Array-Networks>) or advanced level (Array-
Networks-adv#), the following information is displayed:
Displays the following information:
 The hostname where the aCelera resides (Hostname)
 A user-defined comment if one exists (Comment)
 The serial number of the aCelera (Serial Number)
 The version of software installed on the aCelera (Software Version)
 The length of time the aCelera has been running (System Uptime)
 The IP address assigned to the aCelera (IP Address)
 The configured gateway address (Gateway)
 The primary DNS server address and if configured, the secondary DNS server address (Primary DNS)
 The domain name that the aCelera is part of (Domain Name)
 Whether or not the aCelera is being managed by CMS (Managed by CMS), the following are displayed:
- The hostname or IP address where CSM resides (CMS Hostname/IP)
- The number of minutes the aCelera waits to poll the CMS.(CMS Poll Interval)
- The port number of the server that CMS is listening on (CMS Server TCP Port)

 The number of accelerated peer connections (Accelerated Peers)

 The percentage of disk space currently used within the user disk for items such as logs and configuration
files (User Disk Utilization)
 The percentage of space being utilized by the disk that stores history information (History Disk
Utilization)
 The amount of system memory being utilized as a percentage (Memory Utilization)
 The current percentage of CPU in use (CPU Utilization)
 The following information for the WAN and LAN interfaces since the aCelera was last booted:
- The number of packets sent from the interface (Tx Pkts)
- The number of packets received by the interface (Rx Pkts)
- The number of errors transmitted by the interface (Tx Er)
- The number errors received by the interface (RxErr)
- The number of bytes sent from the interface (Tx Bytes)
- The number of bytes received by the interface (Rx Bytes)
Syntax
show status
Sample Output
Hostname: YorkRO
Comment: York aCelera
System Uptime: 1 day, 3 hours, 53 minutes
IP address: 192.168.1.110/24
Gateway: 192.168.1.1
Primary DNS:
Domain Name:
Managed by CMS: Yes

CMS Hostname/IP: 192.168.1.101
CMS Poll Interval (mins): 4
CMS Server TCP port: 80
Accelerated Peers: 1
User Disk Utilization: 6%
History Disk Utilization: %
Memory Utilization: 22.3%
CPU Utilization: 100%
TX Pkts RX Pkts TX Err RX Err TX Bytes RX Bytes

WAN 293832 348527 0 0 122086270 87572510
LAN 0 0 0 0 0 0

7.15 Displaying Version Information

The ver[sion] command displays information about the current version of software running on the on the
appliance. Displayed information includes the version number, the date the software was last uploaded, the
hardware model number and serial number of the appliance, processor, disk, and memory information The
ver[sion] command can be issued from either the view level (Array-Networks>) or advanced level (Array-
Networks-adv#).
Syntax
ver[sion]
Sample Output
Software Version: 3.5.0.0

Build Number: 202
Uptime: 1:52
Hardware Model: aCelera

Manufacture Date: Thu Apr 2 15:16:04 UTC 2009
CPU Model: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz
CPU Cache Size: 4096 KB
Other Hardware:
Total Memory: 2009 MB
Disk Utilization:
--Disk-- -Size MB- -Free MB-
System 850 655
User 1920 1842
Debug 5731 5590
History Meta 3072 3068
History Store 12266 12262
7.16 Netflow Data Export

aCelera is able to export flow information using the Netflow v5 data format. When enabled the aCelera exports
flow information from two interfaces, pre and post optimization. The flow information retains the true IP
addresses and TCP ports of the clients and servers, even if the aCelera is configured in correct addressing mode.
The aCelera can be configured to export the Netflow information to up to 5 collectors.
Syntax
set collector/<#> ip <address> port <port_number>

no set collector/<#>
Syntax Description
<#> The entry number used to identify the netflow collector.
ip <address> The IP address of the Netflow collector.
port <port_number> The port number the Netflow collector is listening on.
Example 1

This example configures collector entry 1 to send Netflow records to a collector with the IP address 10.40.90.10
on port 2055.
set collector/1 ip 10.40.90.10 port 2055
 Notes:
 To display all configured Netlfow collectors, type show collector. To display a specific Netflow
collector entry type, show collector /<#>. Replace the <#> with the appropriate number.

Chapter 8 Management Port
This Chapter contains information about the managemnt port.
8.1 Basic Settings

. GUI
To configure the IP address of the management port, the subnet mask and the vlan ID:
3. Under Management, configure the appropriate settings. Refer to the following table for the options to
configure the appliance's management port.
Option Description
IP Address / Mask Specify the IP address and the subnet for the management port. The default value of the IP
address is 192.168.1.200. The subnet mask is in CDIR format. The default value of the
subnet mask is /24.
VLAN ID Specify the VLAN identification number. The valid ID range is 0-4095. The default value is 0,
which indicates an untagged VLAN.

 CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure management port ip
address, subnetmask, valn id.
Syntax Description
set management/port/ip Set ip address for the management port.

<address>
set The subnet mask is specified in dot-decimal format. The default value is
management/port/subnetmask 255.255.255.0,
<subnet_mask>
set management/port/vlanid Specify the VLAN identification number. The valid ID range is 0-4095. The
<vlan_id> default value is 0, which indicates an untagged VLAN.

S E C T I O N I I I : APPENDICES
Notes:
Example
set management/port/ip 192.168.1.200
set management/port/subnetmask 255.255.255.0
set management/prot/vlanid 1
8.2 Security Settings

. GUI

2. Under the Basic navigation tab, click Device Management.
3. Under Management Settings, configure the appropriate settings. Refer to the following table for the
options to configure the appliance's management port.
Option Description
Controlled Only By Management Specify whether to control aCelera devices by management port. The
Port value can be “yes” or “no”.
Allowded Hosts Set a list of secure client hosts who can control aCelera devices.
 CLI
From the advanced level (Array-Networks-adv#), use the following commands to configure management port
security settings.
Syntax Description
set management/security/OnlyManagementPort Specify whether to control aCelera devices by

[<yes/no>] management port. The value can be “yes” or “no”.
set management/security/AllowedHosts Set a list of secure client hosts who can control
[<address/mask>] aCelera devices.

 Notes:
Example
set management/security/OnlyManagementPort yes
set management/security/AllowedHosts 172.31.16.130/32

Section III Appendices
In this section:
 Appendix A: CLI Command Reference

 Appendix B: Log Messages
 Appendix C: Array Networks MIB
 Appendix D: Glossary of Terms
 Appendix E: Index

Appendix A
CLI Command Reference
This appendix contains a listing of all commands available via the CLI and are grouped according to functionality.
Generic TCP Proxying

set Acceleration/Enabled
Description Enables or disables acceleration of traffic through the appliance.

Access Level Required Advanced (Array-Networks-adv#)
Command Line Syntax set Acceleration/Enabled {yes|no}
Option Description
yes Enables acceleration. Default

no Disables acceleration.
show Acceleration/Enabled
Description Displays the configured state of generic acceleration. A “yes” indicates acceleration is
enabled; a “no” indicates it is not.
Command Line Syntax show Acceleration/Enabled
SSL Acceleration
set Acceleration/Ssl/Sslserver
Description When accelerating SSL traffic, the aCelera maintains the security trust model. This means that the
SSL certificate only gets loaded and stored on the appliance at the location where the SSL server
resides. aCelera appliances only share transient data to enable acceleration without the SSL
certificates ever traversing across the WAN. Once the SSL certificate is loaded, a mapping must be
created to identify which traffic should use which certificate. The matching criteria for the traffic
can be based on IP address with subnet mask and TCP port number. This mapping information is
shared with all peers automatically.
Command Line Syntax set Acceleration/Ssl/Sslserver/<#> ip <address/mask> port [<port>] cert <cert_name>
<#> The table entry for the SSL sever.

ip <address/mask> The address and subnet mask of the SSL server. The subnet mask is
specified in CIDR notation. By default, no servers are configured.
port [<port>] Optional port designation. If not specified, port 443 is assumed.
cert [<cert_name>] Optional certificate name. If not specified, the default certificate is used.
show Acceleration/Ssl/Sslserver

A P P E N D I X A : CLI COMMAND REFERENCE
Description Displays the configured setting for all SSL severs of the specified SSL server. If no entry is specified,
all configured SSL servers are displayed.
Command Line Syntax show Acceleration/Ssl/Sslserver [#]
[#] refers to the table entry. If not specified, all servers are displayed.
no set Acceleration/Ssl/Sslserver
Description Removes the specified SSL server entry from the list.
Command Line Syntax no set Acceleration/Ssl/Sslserver/<#>.
<#> is the table entry.

set Acceleration/Ssl/Enabled
Description Enables/disables SSL traffic acceleration.

Command Line Syntax set Acceleration/Ssl/Enabled {yes|no}
yes Enables acceleration of SSL traffic. Default

no Disables acceleration of SSL traffic.
show Acceleration/Ssl/Enabled
Description Displays the configured setting for accelerating SSL traffic. A “yes” indicates that SSL traffic is
accelerated; a “no” indicates it is not.
Access Level Required View (Array-Networks>)
Command Line Syntax show Acceleration/Ssl/Enabled
cert delete
Description Deletes the specified certificate and private key if one exists. A user-named certificate that is
currently configured for HTTPS traffic cannot be deleted unless it is first removed from the
appropriate traffic rule.
Command Line Syntax cert delete <cert>
cert display
Description Displays information about the specified certificate including the common name, the
organization’s name, as well as the location of the certificate.
Access Level Required Advanced (Array-Networks-adv#)t
Command Line Syntax cert display <cert_name> [detailed]
<cert_name> The specified certificate.

detailed Displays additional detailed information.
cert info
Description Displays the name, the issue date and time, the private key type and length, and the number of
associated CA of each certificate on the appliance. The output also displays whether or not the
certificate is currently being used (configured) by a traffic rule traffic rule.
Command Line Syntax cert info

cert list
Description Displays the size, the issue date and time, and the name of each certificate on the appliance.
Command Line Syntax cert list
cert {get| import}
Description Imports a certificate and key file pair from the specified location.
Access Level Advanced (Array-Networks-adv#)
Required
Command Line cert get <cert_name> <protocol>://[<username>:<password>@]<server>/<path>/<server_cert_name>

Syntax or
cert import <cert_name> <protocol>://[<username>:<password>@]<server>/<path>/<server_cert_name>
<cert_name> The name you assign to the imported certificate.

<protocol> The protocol used to import the certificate. It can be FTP, HTTP, or SCP (Secure Copy).
Notes: If SCP is used, the user must have SSH set up on the server and have a user
[<username>] Optional user name that when configured, must be used to access to the location. May
be used in conjunction with a password. If no password is specified, include an
ampersand (@) after the password.
[<password>] The password that restricts access to the server. Only needed if required by the server.
If required, the password must be proceeded by the user name and a colon (:) and
followed by an ampersand (@). If a password is not specified, a prompt appears
requesting a password. Note: If using SCP, the password cannot be specified on the
command line; it can only be specified after being prompted to enter one.
<path> The path where the certificate resides. Note: If FTP or HTTP is used, only relative
pathnames are supported; for SCP, the specified pathname must be an absolute
pathname.
<server_cert_name> The name of the certificate located on the server.

cert {put|export}
Description Exports a certificate and key file pair to the specified location.
Required
Command Line cert put <cert_name> <protocol>://[<username>:<password>@]<server>/<path>[/new_cert_name]

Syntax or
cert export <cert_name> <protocol>://[<username>:<password>@]<server>/<path>[/new_cert_name]
<cert_name> The name of the certificate to export.

<protocol> The protocol used to export the certificate. It can be FTP, HTTP, or SCP (Secure Copy).
ftp://<server>/<path>[/<new_cert_name>]
ftp://<username>:<password>@<server>/<path>[/<new_cert_name>]
ftp://<username>@<server>/<path>[/<new_cert_name>]*
http://<server>/<path>[/<new_cert_name>]
http://<username>@<server>/<path>[/<new_cert_name>]*
http://<username>:<password>@<server>/<path>[/<new_cert_name>]
scp://<username>@<server>/<path>[/<new_cert_name>]*
[<username>] Optional user name that when configured, must be used to access to the location. May
be used in conjunction with a password. If no password is specified, include an
pathname.
[<new_cert_name>] Optional. Renames the certificate being exported to the user-specified name. If
specified, Include a slash “/” before the certificate name.

cert update
Description Overwrites an existing certificate with the updated certificate of the same name. Any traffic rules that are
configured with the specified certificate are automatically updated. The appliance must be rebooted in order to
utilize the updated certificate
Required
Command Line cert update <cert_name> <protocol>://[<username>:<password>@]<server>/<path>/<new_cert_name>

Syntax
<cert_name> The name of the certificate located on the appliance.

<protocol> The protocol used to import the certificate. It can be FTP, HTTP, or SCP (Secure Copy).
[<username>] The user name that restricts access to the server. Only needed if required by the server.
May be used in conjunction with a password. If no password is specified, include an
pathname.
[<new_cert_name>] Optional. Renames the certificate being exported to the user-specified name. If
specified, Include a slash “/” before the certificate name.
CIFS Acceleration Optimization

set Acceleration/Cifs/Enabled

Description Enables/disables acceleration optimization of CIFS traffic.

Command Line Syntax set acceleration/cifs/enabled {yes|no}
yes CIFS traffic is optimally accelerated. Default

no CIFS traffic is still accelerated but not optimally accelerated.
show Acceleration/Cifs/Enabled
Description Displays the configured setting for CIFS traffic acceleration optimization. A “yes” indicates CIFS
traffic is optimally accelerated; a “no” indicates it is not optimally accelerated.
Command Line Syntax show Acceleration/Cifs/Enabled
HTTP Acceleration Optimization

set Acceleration/Http/Enabled
Description Enables/disables acceleration optimization of HTTP traffic.

Command Line Syntax set Acceleration/Http/Enabled {yes|no}
Option Description
yes HTTP traffic is optimally accelerated. Default

no HTTP traffic is still accelerated but not optimally accelerated.
show Acceleration/Http/Enabled
Description Displays the configured setting for HTTP traffic acceleration optimization. A “yes” indicates HTTP
Command Line Syntax show Acceleration/Http/Enabled
MAPI Acceleration Optimization

set Acceleration/Mapi/Enabled

Description Enables/disables acceleration optimization of MAPI traffic.

Command Line Syntax set Acceleration/Mapi/Enabled {yes|no}
yes MAPI traffic is optimally accelerated. Default

no MAPI traffic is still accelerated but not optimally accelerated.
show Acceleration/Mapi/Enabled
Description Displays the configured setting for MAPI traffic acceleration optimization. A “yes” indicates MAPI
Command Line Syntax set Acceleration/Mapi/Enabled
SSL Acceleration Optimization

set Acceleration/Ssl/Enabled
Description Enables/disables acceleration optimization of SSL traffic.

Command Line Syntax set Acceleration/Mapi/Enabled {yes|no}
yes SSL traffic is optimally accelerated. Default

no SSL traffic is still accelerated but not optimally accelerated.
show Acceleration/Ssl/Enabled
Description Displays the configured setting for SSL traffic acceleration optimization. A “yes” indicates SSL
Command Line Syntax show Acceleration/Ssl/Enabled
WCCP Commands
Set WCCP[/#]/Capabilities

Description Configures the preferred methods in which the appliance interacts with the router.
Command Line Syntax set WCCP[/#]/Capabilities <forwarding_method><assignment_method><return_method>
# Not used for the primary WCCP router. Only specified if additional
routers are configured. Up to seven additional routers can be
configured. Additional router entries include: 1-7. If specified, Include
a slash “/” before the number.
<forwarding_method> The method by which redirected packets are transported from the
router to the appliance. Valid methods include: L (L2 redirect) and G
(GRE). Default is G (GRE).
<assignment_method> The method by which redirected packets are distributed to the
appliance. Valid methods include: H (hash) and M (mask). Default is H
(hash).
<return_method> The method by which packets redirected to the appliance are
returned to the router for normal forwarding. Valid methods include:
R (GRE) and 2 (L2 redirect). Default is R (GRE).
Show WCCP[/#]/Capabilities
Description Displays the settings configured for the way in which the appliance interacts with the specified
router.
Command Line Syntax show WCCP[/#]/Capabilities (# only used to check secondary routers [replace with 1-7]. # not
used for primary router.)
Set WCCP[/#]/Password
Description Sets the password that is used when using WCCP.

Command Line Syntax set WCCP[/#]/Password <password>
# Not used for the primary WCCP router. Only specified if additional routers are
configured. Up to seven additional routers can be configured. Additional
router entries include: 1-7. If specified, Include a slash “/” before the number.
<password> The password must match that set for the router. By default no password is
configured.

Show WCCP/#/Password
Description Displays the password (MD5 value) assigned to the specified router.
Command Line Syntax show WCCP[/#]/Password (# only used to check secondary routers [replace with 1-7]. # not
Set WCCP[/#]/Ports
Description Redirects traffic on the specified ports through the router if the appliance is deployed out-of-line.
Command Line Syntax set WCCP [/#]/Ports [<port#> ...]
<port#> By default, no specific ports are configured, which indicates that all ports are
redirected to the aCelera when it is deployed out-of-line. To only redirect
selected ports, add the appropriate ports using the above-mentioned
command. All other traffic will simply be forwarded the WAN with no
acceleration. Up to 8 separate ports can be configured. Each specified port is
separated by a space.

Show WCCP/#/Ports
Description Displays the port numbers for traffic that have been configured to be redirected through the
specified router if the appliance is deployed out-of-line.
Command Line Syntax show WCCP[/#]/Ports (# only used to check secondary routers [replace with 1-7]. # not used for
primary router.)
Set WCCP[/#]/RouterAddress
Description Specifies the address of the router that traffic will be redirected to if the appliance is deployed out-
of-line.
Command Line Syntax set WCCP[/#]/RouterAddress <address>
<address> The router's IP address.
Show WCCP/#/RouterAddress
Description Displays the addresses of the specified router.

Command Line Syntax show WCCP[/#]/RouterAddress (# only used to check secondary routers [replace with 1-7]. #
not used for primary router.)
Set WCCP[/#]/Security
Description Enables or disables the security access to the router if the appliance is deployed out-of-line.
Command Line Syntax set WCCP[/#]/Security {yes|no}
yes Enables WCCP security.
no Disables WCCP security. (Default)

Show WCCP/#/Security
Description Displays whether or not WCCP security for sending traffic through the specified router is turned
on or off if the appliance is deployed out-of-line.
Command Line Syntax show WCCP[/#]/Security (# only used to check secondary routers [replace with 1-7]. # not used
for primary router.)
Set WCCP[/#]/ServiceGroup
Description Specifies the service group number of the router if the appliance is deployed out-of-line.
Command Line Syntax set WCCP[/#]/ServiceGroup <group_number>
# Not used for the primary WCCP router. Only specified if additional routers
are configured. Up to seven additional routers can be configured. Additional
router entries include: 1-7. If specified, Include a slash “/” before the
number.
<group_number> The service group number of the router. Default setting 98. The supported
range is 0 - 99.
Show WCCP/#/ServiceGroup
Description Displays the service group number configured for the router that traffic is redirected through if the
appliance is deployed out-of-line.
Command Line Syntax show WCCP[/#]/ServiceGroup (# only used to check secondary routers [replace with 1-7]. # not
CDP Commands
Set cdp/Enabled
Description Enables or disables Cisco Discovery Protocol version 2 support for all interfaces on the appliance.
Command Line Syntax set cdp/Enabled {yes|no}
yes Enables CDP functionality. When enabled, the appliance sends periodic
CDP messages to a multicast address.
no Disables CDP functionality. (Default)
Show cdp/Enabled

Description Displays the configured state for Cisco Discovery Protocol version 2 support for all interfaces on
the appliance (enabled or disabled).
Command Line Syntax show cdp/Enabled
Set cdp/Interval
Description Configures the length of time, in seconds, between sending out CDP multicast messages.
Command Line Syntax set cdp/Interval <seconds>
<seconds> refers to the number of seconds to wait before the appliance sends out another CDP
message. Default is 90 seconds.
Show cdp/Interval
Description Displays the interval period configured on the appliance for sending out CDP multicast messages
to network devices.
Command Line Syntax show cdp/Interval
Set cdp/Holdtime
Description Configures the length of time the device receiving CDP information from the appliance holds it
before discarding it.
Command Line Syntax set cdp/Holdtime <seconds>
<seconds> refers to the number of seconds to wait before discarding CDP information received
from the appliance. Default is 180 seconds; maximum is 256 seconds.
Show cdp/Holdtime
Description Displays the length of time, the device receiving CDP information from the appliance holds it
before discarding it.
Command Line Syntax show cdp/Holdtime
Network Routes
Set NetworkRoutes

Description Configures static routes to avoid using the default gateway for specified traffic.
Required
Command Line set NetworkRoutes <network_address/mask:nexthop_address[:configured_MTU]

Syntax [<;network_address/mask:nexthop_address[:configured_MTU]>…]
<address> The network address.

<mask> The network mask. Include a slash “/” before the mask. The mask can be either
CIDR or x.x.x.x notation.
<nexthop_address> The address of the next hop. Include a colon (:) before the address.
[configured_MTU] The Maximum Transmission Unit (MTU) of the network segment. Specify the
MTU value of each network segment that is lower than the MTU setting
configured for the appliance. If specified, include a colon (:) before the MTU
value.
A single network route consists of the network address, mask, and address of the next hop. It may also
contain the network segment’s MTU value. Multiple network routes can be configured. Use a semi-colon
(;) with no spaces between each network route. By default, no network routes are configured.
Show NetworkRoutes
Description Displays static routes configured for non-local subnets serviced by the appliance.
Command Line Syntax show NetworkRoutes
Deployment
set Deployment/Device
Description Configures the appliance for in-line or out-of-line deployment.

Command Line Syntax set Deployment/Device {inline|outofline}
Option Description
inline Select this option if the aCelera is deployed on the main data path (between two
routers, a router and two switches, or two switches). When inline, the aCelera
uses two interfaces (WAN and LAN).
outofline Select this option if the aCelera is deployed off the main path. When out-of-line,
the aCelera uses one interface (WAN). (Default)
show Deployment/Device
Description Displays the configured deployment setting.

Command Line Syntax show Deployment/Device

Addressing
set Deployment/Addressing
Description Configures the type of WAN addressing used. Traffic between aCelera peers is a number of TCP
connections. There are two different modes for how the source and destination IP addresses are
specified for these connections.
Command Line Syntax set Deployment/Addressing {transparent|correct}
Option Description
Transparent TCP connections use the source and destination IP address of the
original client and server.
Correct TCP connections use the source and destination IP addresses of
the two aCeleras.
show Deployment/Addressing
Description Displays the configured addressing mode (Transparent or Correct).

Command Line Syntax show Deployment/Addressing
Peers
set Acceleration/Peer/AutoDiscoveryEnabled
Description Enables or disables the auto discovery feature. When enabled, the appliance can automatically
discover and be discovered by other appliances that also have Auto Discovery enabled. Auto
Discovery is only applicable if each appliance is deployed in-line.
Command Line Syntax set Acceleration/Peer/AutoDiscoveryEnabled {yes|no}
Option Description
yes Enables auto discovery. Default

no Disables auto discovery.
show Acceleration/Peer/AutoDiscoveryEnabled
Description Displays the configured state of the Auto Discovery feature. A “yes” indicates Auto Discovery is
enabled; a “no” indicates it is not.
Command Line Syntax show Acceleration/Peer/AutoDiscoveryEnabled

set Acceleration/Peer/Permit
Description Adds the specified peer appliance to the defined peers list allowing the aCelera to find the defined
peer. Peers can be manually defined for both in-line and out-of-line deployments.
Access Level View (Array-Networks>)
Required
Command Line Syntax set Acceleration/Peer/Permit /<#> {ip <address>|sn <serial>}


{ip <address>| sn Select either the IP address or the serial number of the remote peer.
<serial>}
show Acceleration/Peer/Permit
Description Displays the IP address or serial number of all defined peers or just the specified peer.
Command Line Syntax show Acceleration/Peer/Permit[/#]
[/#] refers to the number used to identify the peer connection. If not specified, all defined peers
are displayed.
no set Acceleration/Peer/Permit
Description Removes the specified peer from the defined peers list.
Command Line Syntax no set Acceleration/Peer/Permit/<#>
<#> refers to the number used to identify the peer connection.
set Acceleration/Peer/Deny
Description Adds the specified peer to the appliance’s restricted peers list which prevents the aCelera from
connecting to the restricted appliance.
Required
Command Line Syntax set Acceleration/Peer/Deny/<#> sn <serial>


sn <serial> The serial number of the restricted peer
show Acceleration/Peer/Deny

Description Displays the serial number of all restricted peers or just the specified peer.
Command Line Syntax show Acceleration/Peer/Deny[/#]
[/#] refers to number used to identify the peer connection. If not specified, all restricted peers are
displayed.
no set Acceleration/Peer/Deny
Description Removes the specified peer from the restricted peers list.
Command Line Syntax no set Acceleration/Peer/Deny/<#>
Peer Status
Show Status AcceleratingConnections
Description Displays the number of connections currently in the accelerating state, which means that traffic is
accelerating through the specified connections.
Command Line Syntax show status AcceleratingConnections
State
Description Displays a report on the current state of the appliance.

Command line Syntax state
State reset
Description Resets the specified connection. When issued, the peer connection is automatically brought down
and then brought back up.
Command line Syntax state reset <#>
set LoopDetect

Description Enables or disables loop detection. When enabled, the aCelera detects when two bridge interfaces
are connected to the same virtual switch. If this does occur the bridge automatically shuts down to
eliminate an ARP storm.
Command Line Syntax set LoopDetect {yes|no}
Option Description
yes Enables loop detection. Default

no Disables loop detection.
show LoopDetect
Description Displays the configured state of loop detection. A “yes” indicates loop detection is enabled; a “no”
indicates it is not.
Command Line Syntax show LoopDetect
Traffic Rules
set Acceleration/Rule

Description Configures individual traffic rules for matching traffic.

Required
Command Line set acceleration/rule <#> src [<source IP/mask>] [dst <destination IP/mask>] [proto
Syntax {tcp|udp|<protocol #>}] [port <port>] [dscp <dscp>] [action {A|F|D}] [class <class-name>]

[src <source The source IP address and subnet mask (in CIDR). That is where the traffic
IP/mask>] originated from.
[dst <destination The destination IP address and subnet mask (in CIDR).
IP/mask>]
proto The protocol. Select either tcp, udp, or the number associated with the
{tcp|udp|protocol #} appropriate protocol.
port <port> The destination port.
dscp <dscp> The Differentiated Services Code Point (DSCP) ToS marking type for
prioritizing traffic. Valid values include 0-63.
action {A|F|D) The action taken for the rule.
Option Description
A Accelerates the traffic.

F Forwards the traffic with no acceleration.
D Drop the traffic.
[<class-name>] The name of the traffic class to which this rule is matched.
With the exception of the <#> argument, all arguments are optional. A value of “any” is assumed for
unspecified arguments.
show Acceleration/Rule
Description Displays all traffic rules or just the specified rule

Command Line Syntax show Acceleration/Rule [#]
<#> refers to the number used to identify the peer connection. If not specified, all rules are
displayed.
no set Acceleration/Rule
Description Removes the specified match rule from the list. When removed, the match rule is no longer
available for the traffic class.
Command Line Syntax no set Acceleration/Rule</#>
</#> refers to the number used to identify the peer connection.
Traffic Shaper
Set Acceleration/Trafficshaper/Enabled [Yes|No]

Description Enables or disables use of the traffic shaper rules.

Required
Command Line set acceleration/trafficshaper/enabled [yes|no]

Syntax
yes Enables use of the traffic shaper rules.

no Disables use of the traffic shaper rules.
Set Wantxratelimit
Description Configures the WAN transmission rate, in bytes per second.

Command Line Syntax set wantxratelimit <####>
<####> refers to the number used to identify the transmission rate, in bps
Set Shaping/Class
Description Removes the specified match rule from the list. When removed, the match rule is no longer available
for the traffic class.
Required
Command Line set shaping/class/<x> minbw <percentage> name <abc>

Syntax
<x> Sets the traffic class number, starting at 1. For each new traffic shaping
class created, increment this number by 1.
<percentage> Indicates the percent of guaranteed minimum bandwidth for this class of
traffic (from 1% to 100%.). The default is 1%.
<abc> Assigns a name to the traffic class.
Traffic Shaper Rules

Set Shaping/Rule

Description Guarantees a specified level of performance to defined applications or dataflows by allocating

bandwidth to that traffic according to requirements at the source, configured in the associated traffic
class.
Required
Command Line set shaping/rule/<x> src <source ip address> dst <destination ip address> proto <a> port <b>
Syntax dscp <c> class <def>
<#> The traffic class number created earlier with the command:
set shaping/class/<#>
src <source ip The IP address from which the request is initiated. Provide the
address> appropriate IP address and subnet mask in the IP Address/Subnet Mask
fields in the format:
x.x.x.x/y
y indicates the subnet mask (/24 by default)
dst <destination ip The IP address designated to receive the request initiated by the source.
address> Provide the appropriate IP address and subnet mask in the IP
Address/Subnet Mask fields in the format:
x.x.x.x/y
where y indicates the subnet mask (/24 by default)
proto <a> The IP protocol to match to the rule.
 If TCP, proto tcp
 If UDP, proto udp
port <b> The destination port or port range. When specifying a range, include a
dash between the ports (for example 23-25).
dscp <c> The Differentiated Services Code Point (DSCP) ToS marking of the traffic.
Valid markings are from 0 throug 63.
class <def> The name of the traffic class associated with the rule.
Published Addresses
set Acceleration/Addresses/LocalSubnetEnabled
Description Enables or disables the management of traffic on the local subnet.

Command Line Syntax set Acceleration/Addresses/LocalSubnetEnabled {yes|no}
Option Description
yes Manages (accelerates) traffic on the local subnet. Default

no Disables acceleration of the aCelera's local subnet.
show Acceleration/Addresses/LocalSubnetEnabled

Description Displays whether or not the local subnet is managed by the aCelera. A “yes” indicates the local
subnet is managed by the aCelera; a “no” indicates it is not.
Command Line Syntax set Acceleration/Addresses/LocalSubnetEnabled
set Acceleration/Addresses/Permit
Description Adds other addresses to the aCelera’s published list which allows these addresses to receive and send
accelerated data.
Required
Command Line set Acceleration/Addresses/Permit/<#> ip <address/mask>

Syntax

ip <address/mask> The IP address and subnet mask of the location. Specify the subnet mask in
CIDR notation (for example, “/24”). To accelerate all addresses, use the
value 0.0.0.0/0 for the <address/mask>. Make sure to include the
keyword, ip, followed by a single space before the <address/mask>.
show Acceleration/Addresses/Permit
Description Displays the IP address or serial number of all defined peers or just the specified peer.
Command Line Syntax show Acceleration/Addresses/Permit[/#]
[#] refers to the number used to identify the peer connection. If not specified, all peers are
displayed.
no set Acceleration/Addresses/Permit
Description Removes the specified addresses from the permit list. When removed, that location is no longer
managed by the aCelera.
Command Line Syntax no set Acceleration/Addresses/Permit/<#>
set Acceleration/Addresses/Deny

Description Adds addresses to the restricted list, which prevents traffic to and from those addresses to be accelerated by the
aCelera.
Access Advanced (Array-Networks-adv#)
Level
Required
Command set Acceleration/Addresses/Deny/<#> ip <address/mask>

Line Syntax

ip <address/mask> The IP address and subnet mask of the remote location. Specify the subnet
mask in CIDR notation (for example, “/24”). Make sure to include the keyword,
ip, followed by a single space before the <address/mask>.
show Acceleration/Addresses/Deny
Description Displays a list of all addresses or just the specified address in the restricted list.
Required
Command Line show Acceleration/Addresses/Deny[/#]

Syntax
no set Acceleration/Addresses/Deny
Description Removes the specified addresses from the restricted list.

Command Line Syntax no set Acceleration/Addresses/Deny/<#>
Acceleration Content Removal

historyclear
Description Clears the appliance’s acceleration history and optionally increases the size of the disk. See
Clearing Acceleration History on page 88.
Command Line Syntax Historyclear [resize]
[resize] is an optional argument that also permits the history disk to be resized after the history
store has been cleared.
VLAN
set MgtVLAN

Description Allows traffic sourced from all VLANs or just the specified VLAN to be accelerated.
Command Line Syntax set MgtVLAN <vlan_id>
<vlan_id> the VLAN ID. Valid ID range is 0-4095. The default value of 0 indicates an untagged
VLAN.
show MgtVLAN
Description Displayed the configured VLAN ID.

Command Line Syntax show MgtVLAN
Public Addresses
set PublicAddress
Description The public IP address. Not configured by default.

Command Line Syntax set PublicAddress <address>
show PublicAddress
Description Displays the configured IP address.

Command Line Syntax show PublicAddress
Software Update
Update Get

Description Downloads a software update from the specified location.

Required
Command line update get <protocol>://[<username>:<password>@]<server>/<path>/<file>

Syntax
<protocol> The protocol used to download the file. It can be FTP, HTTP, or SCP
(Secure Copy). Notes: If SCP is used, the user must have SSH set up on
the server and have a user account password. SCP does not support
specifying the password on the command line. Supported URL formats
include the following:
[<username>] Optional user name that when configured, must be used to access to the
location. May be used in conjunction with a password. If no password is
specified, include an ampersand (@) after the password.
[<password>] The password that restricts access to the server. Only needed if required
by the server. If required, the password must be proceeded by the user
name and a colon (:) and followed by an ampersand (@). If a password is
not specified, a prompt appears requesting a password. Note: If using
SCP, the password cannot be specified on the command line; it can only
be specified after being prompted to enter one.
<server> IP address of the server or host name on which the software update
resides.
<path> The path where the file resides. Note: If FTP or HTTP is used, only
relative pathnames are supported; for SCP, the specified pathname must
be an absolute pathname.
<file> The name of the file to download.
Update Install
Description Installs a previously downloaded software update file and then reboots the appliance.
Command line Syntax update install <file>
<file> - the filename

Update Info
Description Displays information about the new software package that was downloaded via the update get
command.
Command line Syntax update info <file>
<file> - the filename supplied by Array Networks
Update Delete
Description Deletes all software files or just the specified file from the appliance.
Command line Syntax update delete [<file>]
<file> - the filename supplied by Array Networks
Logging
Set LogLevel
Description Configures the level of detail that is saved to a log file.

Command Line Syntax set LogLevel #
Value Description
# is one of the following values:

0 Detailed debugging events. All events are logged. Array Networks Customer Support
use only for detailed debugging purposes.
1 Debugging events. Array Networks Customer Support use only for debugging
purposes.
2 Test events. Array Networks Customer Support use only for testing purposes.
3 Informational events
4 Normal but significant conditions (Default)
5 Warning conditions
6 Error conditions
7 Critical events. Immediate action is required
8 Fatal events. The appliance is unusable.
Show LogLevel
Description Displays the detail level setting that was configured for saving information to a log file.
Command Line Syntax show LogLevel

Log Display
Description Displays the contents of the specified log file.

Required
Command Line log display <log#>

Syntax <log#> indicates the specified log number. Valid entries include:
0 Indicates the current log file. (Default)

1-6 Indicates previously generated log files. 1= the 2nd most recent log; 6 = the oldest
log
Log Grep
Description Performs a case-insensitive search through the log file for the specified text string and displays the
results.
Command Line Syntax log grep <"text_string"> [<log#>]
"text_string" Indicates the specified text string to search on. Quotes are required if
whitespace is used.
log# Indicates the specified log number. Valid entries include:
1-6 Indicates previously generated log files.
Log List
Description Displays a list of all log files on the appliance.

Command Line Syntax log list
Log Tail

Description Displays a specified number of lines at the tail end of a log file.
Command Line Syntax log tail [<n_lines>] [<log#>]
[<n_lines>] Optional parameter. Indicates the number of lines that are displayed.
Default is 10.
[<log#>] Optional parameter that can be used with n_lines. Indicates the specified log
number. Valid entries include:

Log Put
Description Uploads the specified log file to the specified location.

Required
Command Line log put <log#> <protocol>://[<username>:<password>@]<server>/<path>[/<new_filename>]

Syntax
<log#> Indicates the log file to upload. Valid values include:

<protocol> The protocol used to download the file. It can be FTP, HTTP, or SCP (Secure Copy).
account password. Supported URL formats include the following:
http://<username>@<server>/<path>[/new_filename>]*
http://<username>:<password>@<server>/<path>[/<new_filename]
[<username>] Optional user name that when configured, must be used to access to the location.
[<password>] The password that restricts access to the server. Only needed if required by the
server. If required, the password must be proceeded by the user name and a colon
(:) and followed by an ampersand (@). If a password is not specified, a prompt
appears requesting a password. Note: If using SCP, the password cannot be
specified on the command line; it can only be specified after being prompted to
enter one.
<server> The IP address of the server or host name on which the log file will reside.
<path> The path where the log file will reside. Note: If FTP or HTTP is used, only relative
pathname.
[<new_filename>] Optional. Renames the log file being uploaded to the user-specified name. If
specified, Include a slash “/” before the filename.
Log Rotate
Description Immediately rotates logs and optionally deletes all stored log files.
Command Line Syntax log rotate [delete]
[delete] – Optional. If specified, deletes all stored log files.
Log Write

Description Writes the message to the log to aid in diagnosing issue that may occur. Use the command before and
after the event to quickly help to identify the area of the logs that are relevant to the issue
Command Line Syntax log write <message>
Syslog
Set NetSyslog/Enabled
Description Enables or disables network syslog messaging. When enabled, messages are sent to the local log
file on the appliance as well as to the specified network servers every time a log message is
generated.
Command Line Syntax set NetSyslog/Enabled {yes|no}
Option Description
yes Enables network syslog.

no Disables network syslog. (Default)
Show NetSyslog/Enabled
Description Displays the configured state of network syslog messaging (enabled or disabled).
Command Line Syntax show NetSyslog/Enabled
Set NetSyslog/Facility
Description Configures the facility type to filter the type of messages that are being logged.
Command Line Syntax set NetSyslog/Facility <facility#>
By default, <facility#> is configured with a value of 1, which indicates that all Array Networks-
defined messages are logged. Additional supported facility numbers include the following user-
customized values: 16, 17, 18, 19, 20, 21, 22, and 23.
Show NetSyslog/Facility
Description Displays the facility configured network syslog messages.

Command Line Syntax show NetSyslog/Facility
Set NetSyslog/Servers

Description Specifies the IP addresses of network servers to which syslog messages are sent to.
Command Line Syntax set NetSyslog/Servers <ip_address>[<;ip_address><;ip_address>]
The <ip_address> refers to the IP address of network servers that will receive log messages from
the appliance. Up to three servers can be specified. Use a semi-colon (;) with no spaces between
each specified IP address.
Show NetSyslog/Servers
Description Displays the configured IP addresses of network servers to which syslog messages are sent to.
Command Line Syntax show NetSyslog/Servers
Configuration
Config Apply
Description Updates the configuration file with any setting settings that have been made and makes them
current.
Command Line Syntax config apply
Config Clear
Description Clears all configuration changes that have not yet been updated using config apply.
Command Line Syntax config clear
Config Delete
Description Deletes a locally stored configuration file.

Command Line Syntax config delete <file>
Config Display
Description Displays the contents of the specified configuration file.

Command Line Syntax config display <filename>
<filename> is the specified configuration file.
Config List

Description Lists all configuration files stored on the appliance. Displayed information includes the software
version and build number each configuration file was created with, the size of the file, the date and
time it was created, and the name of each configuration file.
Command Line Syntax config list
Config Unapplied
Description Displays all unapplied configuration changes.

Command Line Syntax config unapplied

Config Get
Description Downloads a configuration file from the specified location on a remote server.
Command Line Syntax config get <protocol>://[<username>:<password>@]<server>/<path>/<filename>
<protocol> The protocol used to download the configuration file. It can be FTP, HTTP, or
SCP (Secure Copy). Notes: If SCP is used, the user must have SSH set up on the
server and have a user account password. SCP does not support specifying the
password on the command line. Supported URL formats include the
following:
<username> Optional username that restricts access to the location.
[<username>] Optional user name that when configured, must be used to access to the
location. May be used in conjunction with a password. If no password is
specified, include an ampersand (@) after the password.
[<password>] The password that restricts access to the server. Only needed if required by
the server. If required, the password must be proceeded by the user name and
a colon (:) and followed by an ampersand (@). If a password is not specified, a
prompt appears requesting a password. Note: If using SCP, the password
cannot be specified on the command line; it can only be specified after being
prompted to enter one.
<path> The path where the configuration resides. Note: If FTP or HTTP is used, only
relative pathnames are supported; for SCP, the specified pathname must be an
absolute pathname.
<filename> The name of the configuration file to be downloaded.
Config Load
Description Loads and applies a previously downloaded configuration file.

Command Line Syntax config load <filename>

Config Put
Description Uploads a configuration file to the specified location on a remote server.

Required
Command Line config put <file> <protocol>://[<username>:<password>@]<server>/<path>[/<new_filename>]

Syntax
<file> The name of the configuration file to be uploaded.

<protocol> The protocol used to upload the configuration file. Valid protocols include FTP,
HTTP, or SCP (Secure Copy). Notes: If SCP is used, the user must have SSH set up
on the server and have a user account password. SCP does not support specifying
the password on the command line. Supported URL formats include the following:
ftp://<username>@<server>/<path>[/<new_filename]*
http://<server>/<path>/[/<new_filename]
http://<username>@<server>/<path>[/<new_filename]*
[<username>] Optional user name that when configured, must be used to access to the location.
[<password>] The password that restricts access to the server. Only needed if required by the
server. If required, the password must be proceeded by the user name and a colon
(:) and followed by an ampersand (@). If a password is not specified, a prompt
appears requesting a password. Note: If using SCP, the password cannot be
specified on the command line; it can only be specified after being prompted to
enter one.
<server> The IP address of the server or host name on which the configuration resides.
<path> The path where the configuration resides. Note: If FTP or HTTP is used, only
relative pathnames are supported; for SCP, the specified pathname must be an
absolute pathname.
[<new_filename>] Optional. Renames the configuration being uploaded to the user-specified name. If
Config Reset
Description Resets the configuration settings to factory default except for the current passwords and the
following network management interface settings which are configured via the set command:
appliance’s IP address (Address), the subnet mask (SubnetMask), the gateway address
(Gateway), the domain name (DomainName), the addresses of each configured DNS server
(DnsAddress), the hostname (HostName), and configured static routes (NetworkRoutes). It
then reboots the appliance after prompting the user to allow the reboot.
When the optional all argument is specified, all configuration settings are reset to factory default.
The appliance then reboots after prompting the user to allow the reboot.
Command Line Syntax config reset [all]

Config Restore
Description Restores the startup configuration from disk.

Command Line Syntax config restore
Config Save
Description Permanently saves the currently running configuration file with changes that have been previously
updated using the config apply command. If a filename is specified, the running configuration file is
saved to that file instead of the startup configuration file.
Command Line Syntax config save [<filename>]
[<filename>] is the optional user-specified name to save the current running configuration to.
Show
Description Displays all settings configured for the appliance.

Command Line Syntax show
Show ConfigDate
Description Displays the date that the configuration was last modified.
Command Line Syntax show ConfigDate
Show Changes
Description Displays appliance-specific changes that have not yet been applied using config apply.
Command line Syntax show changes
Show {Running-Config|Run}
Description Displays changes that have been applied using config apply.
Command line Syntax show Running-Config or show Run
Show {Startup-Config|Startup}

Description Displays the settings that were in effect when the aCelera booted.
Command line Syntax show Startup-Config or show Startup
Network Settings
Set Address
Description Configures the IP address of the local appliance.

Command Line Syntax set Address <ip_address>
<ip_address> is the IP address of the appliance. By default, the appliance is configured with an
address of 192.168.117.1.
Show Address
Description Displays the configured IP address of the appliance.

Command Line Syntax show Address
Set DnsAddress
Description Configures the appliance with the DNS server address.

Command Line Syntax set DnsAddress <dns_address> [<dns_address> ...]
Up to two DNS address may be configured. By default, this setting is not configured.
Show DnsAddress
Description Displays the configured DNS address(es).

Command Line Syntax show DnsAddress
Set DomainName
Description Specifies the domain name of the local appliance.

Command Line Syntax set DomainName <domain_name>
By default, this setting is not configured.
Show DomainName

Description Displays the configured domain name.

Command Line Syntax show DomainName
Set Gateway
Description Configure the gateway address of the main interface.

Command Line Address set Gateway <gateway_address>
By default, this setting is not configured.
Show Gateway
Description Displays the configured gateway address.

Command Line Syntax show Gateway
Set HostName
Description The text string that appears at the CLI command prompt and at the top of the graphical user
interface window. This setting is typically changed to reflect the location where the appliance is
installed. Note: The text string cannot contain any spaces.
Command Line Syntax set HostName <hostname>
<hostname> is any valid name. Default is Array Networks.
Show HostName
Description Displays the host name of the appliance.

Command Line Syntax show HostName
Set Comment
Description A user-defined comment used to describe the hostname.

Command Line Syntax set Comment <comment>
<comment> is any valid name.
Show Comment

Description Displays the user-defined comment used to describe the hostname.

Command Line Syntax show HostName
Set SubnetMask
Description Configures the subnet mask of the local appliance.

Command Line Syntax set SubnetMask <subnet_mask>
<subnet_mask> Subnet mask is specified in dot-decimal notation. Default is 255.255.255.0.
Show SubnetMask
Description Displays the setting assigned to the subnet mask field.

Command Line Syntax show SubnetMask
Set WanTxMTU
Description Adjusts the MTU (Maximum Transmission Unit) setting configured for the appliance's Ethernet
interface.
Command Line Syntax set WanTxMTU <bytes>
<bytes> is the largest number of bytes the appliance can transmit as a single packet for the
appliance’s Ethernet interface. Default setting is 1500 bytes.
Show WanTxMTU
Description Displays the MTU (Maximum Transmission Unit) value configured for the appliance, in bytes.
Command Line Syntax show WanTxMTU
User Accounts
Dis[able] Adv[anced]
Description Reduces the privilege level from advanced level to view level.
Command Line Syntax disable adv or dis advanced or disable adv or disable advanced
Dis[able] View

Description Closes the current privilege level and exits the CLI.
Access Level Required View (Array-Networks>) or Advanced (Array-Networks-adv#)
Command Line Syntax dis view or disable view
En[able] Adv[anced]
Description Enables advanced privileges.

Command Line Syntax en adv or en advanced or enable adv or enable advanced
Set Password
Description Configures a separate password for each of the appliance's CLI privilege levels.
Command Line Syntax set Password view
set Password adv[anced]
Option Description
view Configures a password that must be used to access to the view level. Default is
1234.
advanced Configures a password that must be used to access the advanced level. Default
is 123456.
Date and Time

Date Set
Description Sets the date and time in UTC format.

Required
Command Line Syntax date set <MMDDhhmm[[CC]YY][.ss]>

MM 2-digit month
DD 2-digit day of month
hh 2-digit hour (0-23)
mm 2-digit minute (0-59)
CC 2-digit century
YY 2-digit year
.ss 2-digit seconds (0-59)
Date

Description Displays the current date and time in UTC format.

Command Line Syntax date
Set NtpEnabled
Description Configures the appliance to utilize the Network Time Protocol (NTP) to synchronize its time and
date with that of the network. When enabled, the date set command is disabled.
Command Line Syntax set NtpEnabled {yes|no}
Option Description
yes Enables NTP.

no Disables NTP. (Default)
Show NtpEnabled
Description Displays the configured state of Network Time Protocol function (enabled or disabled).
Command Line Syntax show NtpEnabled
Set NtpServers
Description Configures the appliance to utilize the Network Time Protocol (NTP) to synchronize its time and
date with that of the network. When enabled, the date set command is disabled.
Command Line Syntax set NtpServers <server> [<server> ...]
<server> refers to the server the appliance uses to synchronize with. <server> can be either the IP
address or host name. If multiple servers are listed, the first specified server is the one the
appliance synchronizes with; other listed severs are used as backup servers. Separate each server
address or name with a space.
Show NtpServers
Description Displays the server(s) the appliance uses to synchronize the time and date on the network.
Command Line Syntax show NtpServers
Diagnostics
Arp Display|Show

Description Display ARP table entries.

Command Line Syntax arp display
arp show
Arp Clear
Description Clears the ARP table entries.

Command Line Syntax arp clear
Cdb Set
Description Directly manipulates internal configuration settings. This command should only be used under the
direction of Array Networks Customer Support. Note: cdb set is case-sensitive.
Command Line Syntax cdb set <path>/<parameter> <value>
<path> The full path where the parameter is located.

<parameter> Any parameter viewable from the cdb show command.
<value> The value configured for the specified parameter.
Cdb Show
Description Displays all configuration and status settings configured for the appliance or just the specified
setting. The displayed output also includes internal configuration settings. The output displayed
provides Array Networks Customer Support with additional data for troubleshooting the
appliance.
Command Line Syntax cdb show [<path>/<parameter>]
<path> The full path where the parameter is located.

<parameter> Any parameter viewable from the cdb set command.
<value> The value configured for the specified parameter.
If cdb show is issued without the path/parameter option, all configuration and status settings are
displayed.
Ifconfig
Description Displays information for each network interface installed on the appliance. Information such as the
number of packets dropped and overruns is displayed.
Command Line Syntax ifconfig

Interfaces
Description Displays the aCelera’s configured network settings and current statistical information for each of
its interfaces (WAN, LAN, and Heartbeat).
Command Line Syntax interfaces
Netstat
Description Displays network connection statistics for the appliance. Optionally displays network interface
statistics for the appliance's physical and virtual interfaces.
Command Line Syntax netstat [interfaces]
Option Description
- Displays the internal network connections that exist on the appliance.

interfaces Displays interface statistics for the physical and virtual interfaces.
Nslookup
Description Performs a DNS lookup of the specified host.

Command Line Syntax nslookup <host> [server]
<host> Required parameter. The host name.

[<server>] Optional parameter. IP address of the DNS server.
Ping
Description Tests and monitors an appliance in the network. Use Ping whenever you need to test a connection
to an appliance.
Command Line Syntax ping <host> [count <number-to-send>] size <packet-size>
<host> Required parameter. The host name to ping. If only host name is
specified, ping will send five ICMP echo requests of size 56 bytes.
[count <number-to- Optional parameter. Sends the specified number of echo requests. The
send> ] user can specify the 'count' keyword and a value to send any number of
ICMP requests.
size <packet-size> Sends the specified packet size (Default = 56).
Route

Description Displays the kernel's routing tables and/or routing cache

Command Line Syntax Route [-a –c -n]
Option Description
- When no option is specified, the routing table is displayed.

-a Displays routing table and routing cache.
-c Displays routing cache.
-n Displays numerical addresses instead of trying to determine symbolic host names,
which may be useful if trying to determine why the route to server cannot be
displayed.
Show History
Description Displays compression-related related statistics such as the size of the history store, number of LAN
and WAN transactions, amount of compressed and uncompressed data (in megabits) entering and
exiting the compression engine, and the ratio of data coming in and going out of the compression
engine.
Command Line Syntax show history
Show Mem[ory]
Description Displays the appliance's memory usage.

Command Line Syntax show mem[ory]
Show IP-Traffic
Description Displays various IP-related statistics such as packet information including total packets received,
forwarded, and dropped, and connection information including the number of active and passive
connections, and failed and established connections.
Command Line Syntax show ip-traffic
Show Proc[cesses]
Description Displays the various processes running on the appliance. Process information can be sorted by
either the highest CPU or memory consumption. Note: Depending on the number of configured
cores, the CPU percentage can be greater than 100%. Each process may have multiple threads and
each can be running on a different core and theoretically utilizing up to 100% of that core. The
displayed output sums the CPU usage of all threads to determine the process percentage.
Command Line Syntax show proc[cess] [cpu]
Option CPU - Information is sorted based on CPU consumption in descending order. If no option is
specified, it is sorted based on memory consumption in descending order.

Traceroute
Description Traces the route packets take to the specified host by displaying the sequence of hops the packet
has traversed.
Command Line Syntax traceroute <host> [hops <max-number-of-hops>]
<host> Required parameter. The IP address or name of the host to trace.

hops [<max-number- Optional parameter. Displays no more than the configured number of
of-hops>] hops encountered en-route to the specified host. Any hops required
beyond the configured number are not displayed. The default is 30; the
maximum is 99.
Test {Bandwidth|BW}
Description Allows and restricts bandwidth testing as well as displays whether testing is currently allowed or
restricted.
Command Line Syntax test{bandwidth|bw} {allow|reject|status}
Select either test bandwidth or test bw along with one of the following options:
Option Description
allow Launches a bandwidth performance test that runs in the background.

reject Turns off bandwidth testing.
status Indicates whether or not bandwidth testing is allowed or restricted.
Test {Bandwidth|BW} {tcp|udp} Server
Description Performs bandwidth testing by initiating either a TCP or UDP test against the specified server.
Note: UDP tests will yield significantly lower throughput than TCP tests.
Command Line Syntax test {bandwidth|bw} {tcp|udp} server <ip_address> [<time>] [<tcp-window-size>]
tcp|udp tcp initiates a TCP test; udp initiates a UDP test.

<ip_address> IP address of the server to perform the test against.
[<time>] Optional parameter that specifies a length of time, in seconds, to
perform the test (default is 10 seconds).
[<tcp-window-size>] Optional parameter that specifies the size of the TCP window. The
parameter is specified in the format <number><K|M>, where
K=Kilobytes and M=Megabytes (default is 16 Kbytes).
Values Select either test bandwidth or test bw along with one of the following options:

test Syslog
Description Tests event logging by generating a test message in the log file and if network system logging is
enabled, also generates network syslog messages to each configured network syslog server. The
test messages to the log file and network syslog server(s) are only generated if the
specified log level name is equal-to or above the current configured log level configured
via the set LogLevel command. Use the log tail command to view the test message.
Command Line Syntax test syslog <loglevel_name>
Values <loglevel_name> is trace, debug, test, info, notify, warning, error, critical, or fatal.
test {Dl|Download|Get}
Description Performs a simulated test to see if a document can be successfully downloaded and how long it
takes to do so. Can also use test Download and test Get to perform the same function.
Command Line Syntax test download <protocol>://<server>/<path>/<file> [<attempts>]
<protocol> The protocol used to download the file. Valid protocols include FTP
or HTTP.
<server> The IP address of the server or DNS name (if configured on the
network) on which the file resides.
<path> The path where the test file resides. Only relative path names are
supported.
<file> Name of the file to test the download function.
[<attempts>] Optional parameter that indicates the number of times to attempt
the download. If no number of attempts is specified, the setting
defaults to 1.
Status Information
Show Status

Description Displays the following information:

 The hostname where the aCelera resides (Hostname)
 A user-defined comment if one exists (Comment)
 The serial number of the aCelera (Serial Number)
 The version of software installed on the aCelera (Software Version)
 The length of time the aCelera has been running (System Uptime)
 The IP address assigned to the aCelera (IP Address)
 The configured gateway address (Gateway)
 The primary DNS server address and if configured the secondary DSN server address
(Primary DNS)
 The domain name that the aCelera is part of (Domain Name)
 Whether or not the aCelera is being managed by CMS (Managed by CMS), the following are
displayed:
- The hostname or IP address where CSM resides (CMS Hostname/IP)
- The number of minutes the aCelera waits to poll the CMS (CMS Poll Interval)
- The port number of the server that CMS is listening on (CMS Server TCP Port)
 The number of accelerated peer connections (Accelerated Peers)
 The percentage of disk space currently used within the user disk for items such as logs and
configuration files (User Disk Utilization)
 The percentage of space being utilized by the disk that stores history information (History
Disk Utilization)
 The amount of system memory being utilized as a percentage (Memory Utilization)
 The current percentage of CPU in use (CPU Utilization)
 The following information for the WAN and LAN interfaces since the aCelera was last booted:
- The number of packets sent from the interface (Tx Pkts)
- The number of packets received by the interface (Rx Pkts)
- The number of errors transmitted by the interface (Tx Er)
- The number errors received by the interface (RxErr)
- The number of bytes sent from the interface (Tx Bytes)
- The number of bytes received by the interface (Rx Bytes)
Command Line Syntax show status
Show Status Address
Description Displays the configured IP address of the appliance.

Command Line Syntax show status Address
Show Status DnsAddress
Description Displays the configured DNS address(es).

Command Line Syntax show status DnsAddress
Show Status DomainName

Description Displays the configured domain name.

Command Line Syntax show status DomainName
Show Status Gateway
Description Displays the configured gateway address.

Command Line Syntax Show status Gateway
Show Status SubnetMask
Description Displays the setting assigned to the subnet mask field.

Command Line Syntax show status SubnetMask
Show Status LanRxBytes
Description Displays the total bytes received by the LAN-side interface since the last boot.
Command Line Syntax show status LanRxBytes
Show Status LanRxPackets
Description Displays the total packets received by the LAN-side interface since last boot.
Command Line Syntax show status LanRxPackets
Show Status LanRxErrors
Description Displays the number of errors received by the LAN-side interface since last boot.
Command Line Syntax show status LanRxErrors
Show Status LanTxBytes
Description Displays the total bytes sent by the LAN-side interface since the last boot.
Command Line Syntax show status LanTxBytes
Show Status LanTxPackets

Description Displays the total packets sent by the LAN-side interface since last boot.
Command Line Syntax show status LanTxPackets
Show Status LanTxErrors
Description Displays the number of errors sent by the LAN-side interface since last boot.
Command Line Syntax show status LanTxErrors
Show Status WanRxBytes
Description Displays the total bytes received by the WAN-side interface since the last boot.
Command Line Syntax show status WanRxBytes
Show Status WanRxErrors
Description Displays the number of errors received by the WAN-side interface since last boot.
Command Line Syntax show status WanRxErrors
Show Status WanRxPackets
Description Displays the total packets received by the WAN-side interface since last boot.
Command Line Syntax show status WanRxPackets
Show Status WanTxBytes
Description Displays the total bytes sent by the WAN-side interface since the last boot.
Command Line Syntax show status WanTxBytes
Show Status WanTxPackets
Description Displays the total packets sent by the WAN-side interface since last boot.
Command Line Syntax show status WanTxPackets
Show Status WanTxErrors

Description Displays the number of errors sent by the WAN-side interface since last boot.
Command Line Syntax show status WanTxErrors
Show Status BootTime
Description Displays the date and time the appliance was booted, in UTC format.
Command Line Syntax show status BootTime
Show Status MemoryUtilization
Description Displays the percentage of memory currently being utilized.

Command Line Syntax show status MemoryUtilization
Show Status CpuUtilization
Description Displays the percentage of CPU resources currently being utilized.

Command Line Syntax show status CpuUtilization
Show Status DiskSpaceUtilization
Description Displays the percentage of disk space currently being utilized for user data such as configuration
files.
Command Line Syntax show status DiskSpaceUtilization
Show Status HistorySpaceUtilization
Description Displays the percentage of disk space currently being utilized for history information
Command Line Syntax show status HistorySpaceUtilization
Show Status SN

Description Displays the appliance's serial number.

Command Line Syntax show status SN
Show Status SoftwareVersion
Description Displays the version of software and build number installed on the appliance.
Command Line Syntax show status SoftwareVersion
SNMP
Set Snmp/Trap/ConnectionDropTraps
Description Enables or disables peer-to-peer connection monitoring. When enabled, a single SNMP trap is
generated whenever any peer-to-peer connection transitions. When configured, a trap will be
generated if the state of the remote end of an established peer connection changes from the
“Accelerating” state to “Connecting”. Another trap will be generated when the state is returned to
“Accelerating”.
Command Line Syntax set snmp/trap/ConnectionDropTraps {yes|no}
Option Description
yes Enables peer-to-peer connection monitoring.

no Disables peer-to-peer connection monitoring. (Default)
Show SNMP/Trap/ConnectionDropTraps
Description Displays whether peer-to-peer connection monitoring is enabled or disabled.

Command Line Syntax show SnmpTrap/ConnectionDropTraps
Set Snmp/Trap/Destinations

Description Configures which hosts will receive SNMP notifications.

Command Line Syntax set Snmp/Trap/Destinations <destination>[<,destination>]
<destination> syntax:
[<community>@]<ip_address>[:<port>]
[<community>] Optional SNMP community name. If not specified, the default string public is
assumed. If specified, follow name with an ampersand (@).
<ip_address> The IP address of the host that is receiving notifications.
[<port>] Optional UDP port number for the host. If specified, include a colon (:) before
the port number. Default port number is 162.
A single trap destination consists of the optional SNMP community name, IP address, and optional
port. Multiple destinations can be specified, however, Array Networks recommends configuring no
more than two trap destinations. Use a comma between each trap destination (no spaces).
Show SNMP/Trap/Destinations
Description Displays the IP addresses that receive SNMP notifications.

Command Line Syntax show SnmpTrap/Destinations
Set Snmp/Trap/Interval
Description Configures the trap event using the specified parameter.

Command Line Syntax set Snmp/Trap/Interval <time_period>
<time_period> refers to the interval between trap evaluations, in seconds.
Show SNMP/Trap/Interval
Description Displays the interval at which trap notifications are sent to specified hosts.
Command Line Syntax show SnmpTrap/Interval
Set Snmp/Trap/<#>/Clear
Description Sets the condition that clears the trap.

Command Line Syntax set Snmp/Trap/<#>/Clear <clear_expression>
# Indicates the number assigned to the trap event (0-10 are supported).
<clear_expression> Refers to a constant expression that when "true", clears the trap.
Show Snmp/Trap/#/Clear

Description Displays the condition that clears the trap.

Command Line Syntax show Snmp/Trap/<#>/Clear
# indicates the number assigned to the trap event (0-10 are supported)
Set Snmp/Trap/<#>/Comment
Description Allows the user to provide a descriptive comment for the trap event.
Command Line Syntax set Snmp/Trap/<#>/Comment <comment>
<comment> Refers to the user-defined string to describe the trap event.
Show Snmp/Trap/<#>/Comment
Description Displays the user-defined comment that describes the trap event.
Command Line Syntax show Snmp/Trap/<#>/Comment
Set Snmp/Trap/<#>/Set
Description Sets the condition that initiates the trap.

Command Line Syntax set Snmp/Trap/<#>/Set <set_expression>
<set_expression> Refers to a constant expression that when "true" (encountered), initiates the
trap.
Show Snmp/Trap/<#>/Set
Description Displays the condition that initiates the trap.

Command Line Syntax show Snmp/Trap/<#>/Set
Set Snmp/Trap/<#>/Value

Description Configures the trap event using the specified parameter.

Command Line Syntax set Snmp/Trap/<#>/Value <parameter>
<parameter> Any valid parameter associated with the set or show command to which the
"set" and "clear" expressions are applied.
Show Snmp/Trap/<#>/Value
Description Displays the trap event parameter used to configure the trap event.
Command Line Syntax show Snmp/Trap/<#>/Value
Set SnmpReadCommunity
Description Sets the SNMP read community string to validate incoming SNMP Gets in the Management
Information Base (MIB). If no string is specified, the default string public is assumed. If specified,
follow name with an ampersand (@).The string can be up to 20 alpha-numeric characters in
length. Punctuation symbols are supported.
Command Line Syntax set SnmpReadCommunity <string>
<string> refers to any valid string. Default is public.
Show SnmpReadCommunity
Description Displays the SNMP read community string.

Command Line Syntax show SnmpReadCommunity
Tech Reports
Tech-Report List
Description Displays a list of all technical reports on the appliance.

Command Line Syntax tech-report list
Tech-Report Delete

Description Deletes all technical reports or just the specified report.

Command Line Syntax tech-report delete [<file>]
[<file>] is the optional user-specified to delete. If no filename is specified, all technical reports are
deleted.
Tech-Report {Create|Generate}
Description Generates a technical report with the user-specified filename. Technical reports contain internal
data that can be used by Array Networks Customer Support to debug and troubleshoot problems if
they occur.
Command Line Syntax tech-report {create|generate} <file>
Type either create or generate to create a report.
<file> is the name of report to create.
Tech-Report Put

Description Uploads all generated reports on the appliance to the specified location.
Required
Command Line tech-report put <file> <protocol>://[<username>:<password>@]<server>/<path>[/<new_filename>]

Syntax
<file> The name of the technical report to upload.

<protocol> The protocol used to upload technical reports. It can be FTP, HTTP, or SCP (Secure Copy).
Notes: If SCP is used, the user must have SSH set up on the server and have a user account
password. SCP does not support specifying the password on the command line. Supported
URL formats include the following:
ftp:// <username>@<server>/<path>[/<new_filename>]*
* Will prompt for password.
[<username>] Optional user name that when configured, must be used to access to the location. May be
used in conjunction with a password. If no password is specified, include an ampersand (@)
after the password.
[<password>] The password that restricts access to the server. Only needed if required by the server. If
required, the password must be proceeded by the user name and a colon (:) and followed by
an ampersand (@). If a password is not specified, a prompt appears requesting a password.
Note: If using SCP, the password cannot be specified on the command line; it can only be
specified after being prompted to enter one.
<server> The IP address of the server or host name on which to upload the reports.
<path> The path where the file resides. Note: If FTP or HTTP is used, only relative pathnames are
[<new_filename>] Optional. Renames the technical report being uploaded to the user-specified name. If
Tech-Trace {On|Off}
Description Starts or stops gathering of trace information into logs.

Command Line Syntax debug s2 tech-trace {on|off}
Tech-Trace Adv
Description When tech-trace is on, includes enhanced trace information in the logs.
Command Line Syntax debug s2 tech-trace adv
Tech-Trace Dump

Description Writes accumulated trace information from logs to an internal file that is accessed by tech-report
when it generates a technical report.
Command Line Syntax debug s2 tech-trace dump
Gets2scripts
Description Downloads a script for gathering trace information for Array Networks use when debugging an
issue.
Command Line Syntax debug gets2scripts <url>
where <url> is an address provided by Array Networks Customer Support.
Tech-Trace Run
Description Runs a script (that you download with gets2scripts) that gathers trace information for Array
Networks use when debugging an issue.
Command Line Syntax debug s2 tech-trace run <myCmds>
where <myCmds> is the name of the script.
CMS
set cms/Enabled
Description Enables or disables CMS.

Command Line Syntax set cms/Enabled {yes|no}
Option Description
yes The appliance is managed by CMS

no The aCelera is managed independently via the CLI or GUI. Default is no.
show cms/Enabled

Description Shows the configured state of CMS. A “yes” indicates the aCelera is managed by CMS; a “no”
indicates it is managed by the local GUI or CLI.
Command Line Syntax show cms/Enabled
set cms/address
Description Configures the IP address or the host name where CMS is located.
Command Line Syntax set cms/address <host_name or ip_address>
The IP address or the host name where CMS is located. Default is cms_server.
show cms/address
Description Displays the configured IP address or the host name where CMS is located.
Command Line Syntax show cms/address
set cms/poll
Description Configures the polling interval of the aCelera with CMS, in minutes. A 0 indicates that polling is
disabled. Default is 5.
Command Line Syntax set cms/poll <minutes>
The polling interval of the aCelera with CMS. A 0 indicates that polling is disabled. Default is 5.
show cms/poll
Description Displays the polling interval of the aCelera with CMS, in minutes. A 0 indicates that polling is
disabled.
Command Line Syntax show cms/poll
set cms/port
Description Configures the port the aCelera uses to access CMS.

Command Line Syntax set cms/port <port_number>
The port used to access CMS. Default is 443.
show cms/port

Description Displays the port configured port used to access CMS.

Command Line Syntax show cms/port
set cms/timeout
Description Configures the number of minutes to re-connect to the CMS server if the connection is lost.
Command Line Syntax set cms/timeout <timeouts>
The number of minutes to re-connect to the CMS server if the connection is lost. Default is 15.
show cms/timeout
Description Displays the number of minutes to re-connect to the CMS server if the connection is lost.
Command Line Syntax show cms/timeout
set cms/register
Description Registers or unregisters the appliance from CMS control.

Command Line Syntax set cms/Register {yes|no}
Option Description
True The appliance will be managed by CMS

False The appliance is not managed by CMS. false.
show cms/register
Description Shows the configured state of CMS control. A “true ” indicates the aCelera is managed by CMS; a
“no” indicates it is managed by the local GUI or CLI.
Command Line Syntax show cms/register
Services
set TelnetEnabled

Description Enables or disables telnet sessions to the appliance.

Command Line Syntax set TelnetEnabled {yes|no}
Values Select the appropriate option:
Option Description
yes Enables Telnet to remotely access the appliance. (Default)

no Disables Telnet to remotely access the appliance.
Show TelnetEnabled
Description Displays whether access to the CLI via Telnet is enabled or disabled.
Command Line Syntax showTelnetEnabled
SSH
Description Provides secure access to the remote host.

Command Line Syntax ssh [username@]{host|ip_address}
[username] A valid user name that is recognized by the host. Only needed if required by
the client.
{host} The host name configured for the appliance via the set HostName command.
{ip_address]} The IP address configured for the appliance via set Address command.
While attempting to access the CLI via SSH, some SSH clients may prompt the user to supply a user
name. Type “cli” to allow the login process to continue.
SSH Delete
Description Deletes all fingerprints from the appliance.

Command Line Syntax ssh delete
SSH List
Description Lists the cached public keys on the appliance.

Command Line Syntax ssh list
SSH Regenerate-Server-Keys

Description Regenerates the public/private server keys on the appliance. The previous key pair is deleted.
Command Line Syntax ssh regenerate-server-keys
set HttpEnabled
Description Enables or disables access to the GUI via HTTP.

Command Line Syntax set Http Enabled {yes|no}
Option Description
yes Enables access to the GUI via HTTP. Default

no Disables access to the GUI via HTTP.
show HttpEnabled
Description Displays whether or not HTTP access to the GUI is enabled or disabled.
Command Line Syntax set HttpEnabled
Other Device Commands

Exit
Description Exits the CLI shell from either privilege level.

Command Line Syntax exit
No Set
Description Resets the specified appliance setting to its factory default setting.
Command Line Syntax no set <parameter>
<parameter> - Any configuration parameter viewable from the show command.
Reboot

Description Immediately reboots the appliance if no changes have been made. Otherwise a yes/no prompt to
save any unapplied changes to the configuration needs to be answered before reboot continues.
The reboot command attempts to shut down all in-flight traffic. While waiting for the appliance to
reboot, the CLI command line prompt is displayed and is accessible to the user. Do not attempt to
issue CLI commands while the system is rebooting. Also, do not attempt to close a Telnet session
while the appliance is rebooting.
Command Line Syntax reboot
Set IcmpEchoReply
Description Controls whether or not the appliance will reply to ICMP Echo Requests.
Command Line Syntax set IcmpEchoReply {on|off}
Option Description
on Enables ICMP echo replies. (Default)

off Disables ICMP echo replies.
Show IcmpEchoReply
Description Displays whether or not the appliance is configured to reply to ICMP Echo Requests.
Command Line Syntax show IcmpEchoReply
Set Motd
Description Configures a banner to be displayed when the CLI is first accessed. The banner is only displayed
once upon login.
Command Line Syntax set motd <banner>
<banner> is the user-specified message.
Show Motd
Description Displays the message that is displayed whenever the CLI is accessed.
Command Line Syntax show Motd
Set RebootOnFailure

Description Allows or prevents the appliance to automatically reboot if any internal errors are detected by the
software.
Command Line Syntax set RebootOnFailure {yes|no}
Option Description
yes The appliance reboots if an error is detected. (Default)

no The appliance does not reboot if an error is detected.
Show RebootOnFailure
Description Displays the setting configured for allowing the appliance to automatically reboot in the event of
an appliance failure.
Command Line Syntax show RebootOnFailure
Shutdown
Description Shuts down the appliance. To restart the appliance, you must flip the power switch to on.
Command Line Syntax shutdown
Terminal Length 0
Description Disables terminal CLI output pagination so that all lines of text are displayed without scrolling.
This command takes effect immediately and is good for the current CLI session.
Command Line Syntax terminal length 0
Terminal Length Auto
Description Restores terminal CLI output pagination if the terminal length 0 command had issued for the
current CLI session.
Command Line Syntax terminal length auto
Help
Description This command lists all commands, and their description, which are available in the current access
level.
Command Line Syntax help

Show
Description Shows all settings configured for the appliance.

Command line Syntax show
Set ExecTimeout
Description Configures the amount of time of user inactivity that must occur before timing out a CLI session.
Any time the inactivity timeout value is changed, you must log out and then log in again for the
new setting to take effect
Command Line Syntax set ExecTimeout <minutes>
<minutes> indicates the number of minutes of user inactivity before closing the CLI session. A
value of 0 disables the timer (Default).
Show ExecTimeout
Description Displays the CLI session inactivity timeout period, in minutes.

Command Line Syntax show ExecTimeout
Version
Description Displays information about the current version of software running on the on the appliance.
Information displayed includes the version number, the date the software was last uploaded, the
hardware model number and serial number of the appliance, processor, disk, and memory
information.
Command Line Syntax Ver[sion]

Appendix B Log Messages
Refer to the following table for information on the messages that may be displayed in the logs.
ID Level Log Message Description
CDBWD:100 NOTIFY /galaxy/bin/cdb_watchdog The health monitor process has been started
started. hblim=30000 with the following parameters: heartbeat limit
abtlim=15000 killim=30000 30 secs; abort response limit 15 seconds; kill
limit 30 seconds.
CDBWD:101 NOTIFY [proc] is now being monitored The health monitor process has detected the
presence of the named process and is now
monitoring it. Known processes: s2d.
CDBWD:102 INFO [proc] has exited The named process has exited and is no longer
being monitored.
CDBWD:103 ERROR [proc] heartbeat overdue for [n] The named process has not sent a heartbeat
seconds, sending SIGABRT for the indicated number of seconds and is
therefore deemed to have become hung. An
ABORT signal has been sent to it.
CDBWD:104 ERROR [proc] SIGABRT pending for [n] The named process was previously sent an
seconds, sending SIGKILL ABORT signal but has not responded or exited
for the indicated number of seconds. A KILL
signal has been sent which should be
unblockable.
CDBWD:105 CRITICAL [proc] KILL signal pending for [n] The named process was previously sent a
seconds, rebooting. KILL signal but has not exited for the indicated
number of seconds. This indicates that the
system is probably hung. The health monitor
process will now exit which should force a
system reboot.

A P P E N D I X B: LOG MESSAGES

Appendix C Array Networks MIB
MIB Support
Array Networks' Enterprise-specific MIBs contain information pertaining to the properties associated with the
acceleration appliance. Each MIB is contained in a zip file format. Log into the Array Networks Customer Support
website using your user name and password to download the following Array Networks MIBS. Use the text
editor or MIB viewer of your choice to view the information.
 Array Networks Base MIB
 Array Networks Appliance MIB
In addition, the following MIBs are supported:
 RFC 1213 MIB II
 MIB-II provides a system for managing TCP/IP-based internetworks.
 RFC 2011 IP MIB
 SNMPv2 Management Information Base for the Internet Protocol using SMIv2
 RFC 2012 TCP MIB
 RFC 2013 UDP MIB
 RFC 2863 IF MIB
 RFC 3411 SNMP-FRAMEWORK MIB
 Describes the architecture for describing Simple Network Management Protocol (SNMP)
Management Frameworks.
 RFC 3412 SNMP-MPD MIB
 Describes the Message Processing and Dispatching for Simple Network Management Protocol
(SNMP) messages within the SNMP architecture.
 RFC 3414 SNMP-USER-BASED-SM MIB
 Describes the User-based Security Model (USM) for Simple Network Management Protocol
(SNMP) version 3 for use in the SNMP architecture.
 RFC 3415 SNMP-VIEW-BASED-ACM MIB
 Describes the View-based Access Control Model (VACM) for use in the Simple Network
Management Protocol (SNMP) architecture.
 RFC 3418 SNMPv2 MIB
 Defines managed objects which describe the behavior of a Simple Network Management
Protocol (SNMP) entity.

A P P E N D I X C : ARRAY NETWORKS MIB

Chapter 1
Appendix D Glossary of Terms

Terms
Applied Configuration Changes
Appliance and connection settings that have been made since the appliance was booted and applied to
the running current configuration file using the config apply command.
Configuration File
A collection of various configuration settings that reside in a file on the appliance.
Defined Peers List

A list that resides on a peer containing the IP address and/or serial number of remote peers that it
communicates with.
Directory Browsing Acceleration

Accelerates directory browsing by treating directory listings as objects. The directory is differenced
against a previously served version of that directory listing. The history containing the directory is
available for differencing by any user who is being served that listing. This allows the appliance to
compress directories and perform object level differencing which only transmits new information.
Directories with a large number of files benefit the most from directory browsing acceleration. As with
files, access to directory listings are always controlled by the server.
In-Line Deployment
Places the appliance directly on the network path between the router and a switch.
Local Read Response (LRR) – Content Level Optimization

Provides improved second-time file download response times by allowing the appliance to detect when
it has the correct data available on the client-side appliance. The appliance can then respond to the read
operation locally reducing the need to communicate with the server. A request for a file will cause
another check to see if the file is locked. If it is not locked, a freshness check to the server takes place to
ensure the cached file is the freshest (a client at the server side could have changed the file, and the local
appliance would not know about this). If the file has not changed, it can be delivered locally at LAN
speeds. If the file has changed, content is object differenced to get the freshest data locally and deliver it.
Local Read Response (LRR) – Protocol Level Optimization

Provides fast response to file status requests by using lock status to reduce round trips across the WAN.
The sequence of events that occur when a file is requested is as follows: Upon the request, a check is
made to see if the client-side appliance is set up to read, meaning the file requested has a lock on it. The
fact that the file is locked means it is being written to, so content read will be the freshest data. When
the lock is released the appliance will have the freshest content in cache.
Local Subnet
Refers to local traffic serviced by the appliance. All devices whose IP addresses have the same prefix are
part of a local network.

APPENDIX D: GLOSSARY OF TERMS
Traffic Rules
Traffic rules provide the mechanism for identifying and categorizing traffic. Once traffic is identified, it
processed by the rule and either is accelerated across the WAN, forwarded (bridged), or dropped.
NAT
NAT (Network Address Translation) is a process of translating the source header of IP packets so they
will be routable across wide area networks.
Out-of-line Deployment
Places the appliance off the main data path usually off a switch or router. Also referred to as a “one-arm
deployment.”
Peer Connections
Refers to two appliances pass traffic to each other.
Permanent Configuration Changes

Refers to configuration changes made since the appliance was booted that have been updated using the
config apply command and permanently saved using the config save command. Permanent changes will
be retained if the appliance is rebooted.
Privilege Levels
The aCelera contains two privilege levels for viewing and or configuration settings: View and Advanced.
The view level allows users to view the configured settings. The advanced level permits users to view
and configure settings.
Published Addresses
The IP address of locations that the aCelera manages traffic for.
Read-Ahead
Reduces the number of round-trip times waiting for an acknowledgement by allowing the appliance to
generate read-ahead requests while a file is open. This pre-fetching of content of requests minimizes the
latency associated with read operations. The appliance automatically generates the expected read
requests itself to the server and does so without waiting for each read response.
Restricted Peer List

A list that resides on a peer containing the IP address and/or serial number of remote peers that it are
restricted from pass communicates with the peer.
Remote Subnets
Refers to non-local network traffic that can be accelerated by the appliance.
Running Configuration
The file that contains configuration and connection settings configured for the current session.
Startup Configuration File

The configuration file containing the settings that were loaded when the appliance was booted.
Unapplied Configuration Changes

Refers to configuration settings that have been modified since the appliance was booted but have not
yet been updated using the config apply command.
Write-behind
Reduces the number round-trip times required to perform write operations by providing early
acknowledgements to client content requests which speeds up the request for the next block of data.
Server acknowledgements are spoofed by the client side appliance so subsequent writes from the client
happen sooner without incurring a WAN round trip as would be the case if the acknowledgement came
from the server.

Chapter 1
Appendix E
Index
A apply updates, 11, 12, 16, 17, 18, 21, 23, 27, 29,
30, 31, 34, 38, 39, 41, 43, 44, 50, 52, 55, 56, 58,
Acceleration
61, 62, 65, 67, 68, 70, 72, 84, 88, 97, 100, 117,
disable, 58, 60 118, 119, 127, 193, 224, 227, 260, 261
enable, 58, 60 backup to disk, 105, 113, 114, 226
enable, disable, 58, 60 compare, 113
optimization, 60 delete, 118, 119, 224
Address display contents, 112, 120, 224
configure, 15, 16, 17, 19, 22, 26, 28, 30, 31, 32, 36, display unapplied changes, 119, 224
37, 40, 42, 44, 45, 46, 47, 51, 52, 53, 58, 60, 62,
list files, 120, 224
64, 65, 66, 67, 68, 69, 70, 71, 73, 74, 76, 78, 79,
86, 88, 90, 92, 94, 96, 100, 102, 103, 105, 107, manage, 108
109, 110, 111, 112, 113, 114, 116, 117, 118,
restore startup config, 11, 109, 110, 227
119, 120, 121, 122, 123, 124, 125, 127, 128,
129, 130, 131, 132, 133, 137, 141, 142, 144, save settings, 11, 12, 16, 17, 18, 21, 23, 27, 29, 30,
145, 152, 154, 156, 158, 169, 170, 171, 173, 31, 34, 38, 39, 41, 43, 44, 50, 52, 55, 56, 59, 61,
175, 178, 179, 180, 181, 183, 184 62, 65, 67, 68, 70, 72, 84, 88, 97, 100, 109, 115,
193, 227, 261
display, 154
startup config, 112, 120, 224
Authentication
upload, 116, 117, 225
regenerate keys, 150
view running config, 111
B
view startup config, 112
Bandwidth Testing, 189, 237
Correct Addressing, 28, 173, 175
Bandwidth Testing, 189
D
C
Dashboard, 154, 160
Certificates, 73, 74, 76, 78, 79, 81
Data History
CLI
clearing, 103, 105
add display message, 55
Defined Peers
overview, 10
define, 173, 175, 260
session inactivity timeout period, 56
remove, 173, 175, 260
CMS, 23, 248, 249
restrict, 173, 175, 260
Collect Trace Information
Disk Space Utilization, 158, 242
script, 139
Display Configuration Parameters, 154
Collecting Trace Information, 138, 139
Display Message, 55
Configuration File
Display Update Information, 121
download, 116
DNS Address
list files on device, 120
configure, 15, 16, 17, 19, 22, 26, 28, 30, 31, 32, 36,
Configuration Files
37, 40, 42, 44, 45, 46, 47, 51, 52, 53, 58, 60, 62,
64, 65, 66, 67, 68, 69, 70, 71, 73, 74, 76, 78, 79,

APPENDIX E: INDEX
86, 88, 90, 92, 94, 96, 100, 102, 103, 105, 107, display, 3, 7, 9, 11, 16, 17, 19, 20, 23, 28, 36, 38,
109, 110, 111, 112, 113, 114, 116, 117, 118, 40, 45, 46, 47, 54, 64, 65, 70, 71, 75, 80, 81, 82,
119, 120, 121, 122, 123, 124, 125, 127, 128, 86, 87, 88, 95, 96, 105, 114, 117, 122, 134, 136,
129, 130, 131, 132, 133, 137, 141, 142, 144, 143, 145, 146, 149, 151, 156, 171, 173, 175,
145, 152, 154, 156, 158, 169, 170, 171, 173, 177, 181, 188, 190, 197, 199, 200, 201, 206,
175, 178, 179, 180, 181, 183, 184 210, 211, 213, 215, 216, 217, 219, 222, 223,
226, 228, 232, 235, 237, 238, 239, 243, 246,
display, 154
248, 250, 260, 261
Domain Name
L
configure, 15, 16, 17, 19, 22, 26, 28, 30, 31, 32, 36,
License, 79, 151
37, 40, 42, 44, 45, 46, 47, 51, 52, 53, 58, 60, 62,
64, 65, 66, 67, 68, 69, 70, 71, 73, 74, 76, 78, 79, Log files
86, 88, 90, 92, 94, 96, 100, 102, 103, 105, 107,
delete, 128
109, 110, 111, 112, 113, 114, 116, 117, 118,
119, 120, 121, 122, 123, 124, 125, 127, 128, rotate, 128
129, 130, 131, 132, 133, 137, 141, 142, 144,
upload, 136
145, 152, 154, 156, 158, 169, 170, 171, 173,
175, 178, 179, 180, 181, 183, 184 Logging
display, 154 Network Syslog, 4, 53
G set log level, 51
Gateway Logs
configure, 15, 16, 17, 19, 22, 26, 28, 30, 31, 32, 36, add comment, 134, 223
37, 40, 42, 44, 45, 46, 47, 51, 52, 53, 58, 60, 62,
delete, 13, 129
64, 65, 66, 67, 68, 69, 70, 71, 73, 74, 76, 78, 79,
86, 88, 90, 92, 94, 96, 100, 102, 103, 105, 107, display contents, 131, 132, 221
109, 110, 111, 112, 113, 114, 116, 117, 118,
119, 120, 121, 122, 123, 124, 125, 127, 128, list, 129, 130, 221
129, 130, 131, 132, 133, 137, 141, 142, 144, manage, 128
145, 152, 154, 156, 158, 169, 170, 171, 173,
175, 178, 179, 180, 181, 183, 184 rotate, 13, 128, 129, 222
Get a Software Update, 121 text search, 132, 133, 221
gets2scripts, 139 upload, 136, 137, 222
H Loop Detection, 31
History Disk Utilization, 158, 242 M
historyclear, 103, 105 Memory Utilization, 158, 242
HistoryDiskUtilization, 158, 242 N
I Network Configuration Settings, 15, 16, 17, 19, 22,

26, 28, 30, 31, 32, 36, 37, 40, 42, 44, 45, 46, 47, 51,
ifconfig, 183, 234 52, 53, 58, 60, 62, 64, 65, 66, 67, 68, 69, 70, 71, 73,
Ifconfig, 183, 234 74, 76, 78, 79, 86, 88, 90, 92, 94, 96, 100, 102, 103,
105, 107, 109, 110, 111, 112, 113, 114, 116, 117,
Install a Software Update, 121 118, 119, 120, 121, 122, 123, 124, 125, 127, 128,
129, 130, 131, 132, 133, 137, 141, 142, 144, 145,
IP Address
152, 154, 156, 158, 169, 170, 171, 173, 175, 178,
configure, 3, 7, 9, 11, 16, 17, 19, 20, 23, 28, 36, 38, 179, 180, 181, 183, 184
40, 45, 46, 47, 54, 64, 65, 70, 71, 75, 80, 81, 82,
NetworkRoutes
86, 87, 88, 95, 96, 105, 114, 117, 122, 134, 136,
143, 145, 146, 149, 151, 156, 171, 173, 175, configure, 40
177, 181, 188, 190, 197, 199, 200, 201, 206,
210, 211, 213, 215, 216, 217, 219, 222, 223, O
226, 228, 232, 235, 237, 238, 239, 243, 246, Out-of-line, 25
248, 250, 260, 261

APPENDIX E: INDEX
download, 219
P install, 219
Packet Capture manage, 121
manage, 148, 149 upload, 121
view file information, 124, 220
Passwords
view files, 123
assigning, 107
Static Routes
Peer Auto Discovery, 62
configure, 40
Ping, 145
Subnet Mask
Published Addresses
configure, 15, 16, 17, 19, 22, 26, 28, 30, 31, 32, 36,
add other addresses, 4, 67, 69, 71, 215, 261 37, 40, 42, 44, 45, 46, 47, 51, 52, 53, 58, 60, 62,
exclude, 4, 67, 69, 71, 215, 261 64, 65, 66, 67, 68, 69, 70, 71, 73, 74, 76, 78, 79,
86, 88, 90, 92, 94, 96, 100, 102, 103, 105, 107,
local address, 4, 67, 69, 71, 215, 261 109, 110, 111, 112, 113, 114, 116, 117, 118,
remove, 4, 67, 69, 71, 215, 261 119, 120, 121, 122, 123, 124, 125, 127, 128,
129, 130, 131, 132, 133, 137, 141, 142, 144,
R 145, 152, 154, 156, 158, 169, 170, 171, 173,
Remote Administration 175, 178, 179, 180, 181, 183, 184
HTTP, 42, 43, 251 display, 154
HTTPS, 42 subnets
manage, 42 display additional subnets, 154
ssh, 42 T
telnet, 42, 43, 250 Tcpdump
Reset the System to Factory Default, 121 monitoring network traffic, 147
Routing Tables, 179, 180, 235 Technical Reports
S create, 13, 137, 138
Script delete, 13, 141, 246

list, 142, 246, 247
for collecting trace information, 139
manage, 137
Shutting Down the Device, 102
upload, 143, 144, 246
SNMP
tech-report, 137
community string, 4, 25, 44, 45, 46, 47, 49, 50,
243, 244, 245, 257 tech-trace, 138
configure community passwords, 44 traffic class, 89
trap destination, 4, 25, 44, 45, 46, 47, 49, 50, 243, Traffic Classes, 90
244, 245, 257 Traffic Rules
traps, 4, 25, 44, 45, 46, 47, 49, 50, 243, 244, 245, manage, 4, 85, 86, 94, 213, 214, 215, 261
257
Traffic Shaper
SNMP Traps, 45, 47
manage, 89
SnmpReadCommunity
Traffic Shaper Rules
configure password, 44
manage, 93
Software
Transparent Addressing, 28, 173, 175
delete, 127, 220

APPENDIX E: INDEX
V
Version Information, 155, 192, 242
VLAN, 3, 17, 18, 217
W
WAN Addressing
correct addressing, 28, 173, 175
Correct Addressing, 28
transparent addressing, 28, 173, 175
Transparent Addressing, 28
WAN MTU, 30
WCCP, 26, 36, 37, 39, 204

Acelera User Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Acelera User Guide

Uploaded by

Copyright:

Available Formats

Array Networks™ aCeleraTM WAN Optimization

2013 ARRAY NETWORKS, INC. ALL RIGHTS RESERVED.

Array Networks, Inc.

aCeleraTM WAN Optimization Appliance User Guide

ii aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

iii aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

4.1 Deployment Options .............................................................................................................................................................................. 20

iv aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

5.1 General Acceleration Settings ............................................................................................................................................................ 48

aCelera™ Virtual Appliance User Guide – Release 4.2 v

6.1 General Administration Commands................................................................................................................................................ 87

6.6.4 Listing Technical Reports.................................................................................................................................................121

aCelera™ Virtual Appliance User Guide – Release 4.2 vii

7.1 Status ..........................................................................................................................................................................................................133

viii aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

CLI Command Reference ................................................................................................................................................................................171

aCelera™ Virtual Appliance User Guide – Release 4.2 ix

MIB Support .........................................................................................................................................................................................................236

x aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

 Chapter 1: Configuration Settings Checklist

1 aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

2 aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

Configuration Description Refer to

Configuration Description Refer to

3 aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

Configuration Description Refer to

Configuration Description Refer to

4 aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

Configuration Description Refer to

aCelera™ Virtual Appliance User Guide – Release 4.2 5

2.1 Accessing the Graphical User Interface

2.1.1 Supported Browsers

2.1.2 Login Screen

2.1.3 Graphical User Interface

6 aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

The screen is divided as follows:

2.2 Accessing the Command Line Interface

2.2.1 Running the Virtualization Hypervisor Program

2.2.2 Initiating a Telnet Session

aCelera™ Virtual Appliance User Guide – Release 4.2 7

2.2.3 Initiating an SSH Session

2.3 Command Line Interface Basics

Privilege Description Command Line Prompt

2.3.1 Accessing the Advanced Level in the CLI

Navigate from Navigate to Command

8 aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

2.3.2 Command Line Conventions

2.3.3 Keys and Key Combinations Available During a CLI Session

Key/Key Combination Description

Backspace or Delete Deletes the character to the left of the cursor.

2.3.4 Controlling Terminal Output Pagination

2.3.5 Exiting the CLI

2.3.6 Configuration Basics

aCelera™ Virtual Appliance User Guide – Release 4.2 9

2.4 CLI Document Conventions

boldface Text appearing in tech-report create tech-report create

10 aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

aCelera™ Virtual Appliance User Guide – Release 4.2 11

12 aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4

3.1 System Settings

3.1.1 Configuring General Settings

4. Click Apply to update the configuration with the new settings.

13 aCeleraTM WAN Optimization Appliance User Guide – Release 4.2.4