set Command
The set command sets up the system IP address, DNS server IP address, Ethernet type, system clock and time zone, NTP server IP address, and failover.
Type the following command from your command line, using the appropriate parameter. For more information about a parameter, click the parameter name.
set [ clock | data migration | digest | dns | ethn | failover | ip | ipv6 | ntpserver | regexsearches | reverse_forward | strong_passwd | timezone | tls syslog key password]
| Parameter | Description | Options |
|---|---|---|
| clock | Sets the system date and time. | set clock takes an option in the format: MMDDhhmm[[CC]YY][.ss] |
| data migration | Configures the appliance for data migration. After entering the command, the appliance prompts you to identify which migration path to use. You must run the command on both the source and destination appliances. | None |
| digest | Sets the appliance SHA Digest. The default is the 128-bit MD5 Digest. If the digest setting is changed, the appliance is restarted to synchronize the log data collection processes to use the new SHA Digest.
Usage of the 256-bit SHA2 Digest can reduce the maximum message handling rate of the appliance up to 20%. |
The command takes one of the following options: |
| dns | Queries the Internet Domain Name System (DNS) for host information. This command helps to convert host names into IP addresses and vice versa. | This command takes one option: dns-server-ip-address |
| ethn | Changes network card settings. n is the number of the interface (eth0, eth1, and so on). | This command takes one of the following options: |
| failover | Assigns or resets failover active and standby appliance roles.
Important: Before disabling failover, you must disable Advance Features by running the
system command. After configuring failover, you can reenable the Advanced Features from the CLI on the active appliance.
|
This command takes one of the following options: configure | disable configure - Configures the active and standby appliances for a failover. disable - Resets the active and standby appliances during a failover, removes the data migration configuration for the appliance, and stops data migration. The command prompts you for several options before taking certain actions. For more information, see Failover. |
| ip | Configures the kernel-resident network interfaces on the appliance. | This command takes several options:
ip-address netmask gateway [ifdev] [defaultgw] ifdev specifies eth0, eth1, eth2, or bond0. The default is bond0. defaultgw specifies the default gateway. Optional for specific NICs, but one NIC must be specified. The last gateway specified in defaultgw is in effect. Note: The
defaultgw keyword no longer has any effect and is allowed only for backward compatibility.
When asked whether you want a certificate generated for Blue Coat when you also plan to use the TLS TCP syslog feature, ensure that you choose yes. Alternatively, you can use a custom certificate. |
| ipv6 | Configures the kernel-resident network interfaces on the appliance with IPv6 address. | ipv6-address ipv6-prefix gateway [ifdev] [defaultgw]
ifdev specifies the network interface name or bond interface, like eth0, eth1, eth2, or bond0. defaultgw specifies the default gateway. Optional for specific NICs, but one NIC must be specified. The last gateway specified in defaultgw is in effect. |
| ntpserver | Sets the network time server. | This command takes one of the following options: ipaddress | hostname |
| regexsearches | Sets the number of simultaneous regular expression searches that the appliance can run. | This command takes one option: limit |
| reverse_forward [ disable | tunnel_init on| tunnel_init off| tunnel_init add <ip_address>|tunnel_init delete <ip_address>| tunnel_accept [on|off] ] | disable - Disables reverse tunnel.
tunnel_init on - The appliance tries to initiate tunnels to the partners configured. tunnel_init off - The appliance does not try to initiate tunnels. tunnel_init add <ip_address> - To add a LogLogic appliance IP address to initiate a tunnel to. tunnel_init delete <ip_address> - To remove the tunnel to the LogLogic appliance with the specified IP address. tunnel_accept [on|off] - The appliance does not accept tunnel connections. |
|
| strong_passwd [ enable | disable | settings | expiration ] | Controls the use of strong passwords for user authentication through the CLI on the appliance. (To set strong passwords for GUI access, see
System Settings.)
After disabling strong passwords, all settings are retained, but are only effective when strong passwords are enabled. |
enable - turns on the requirement of strong passwords for appliance users disable - turns off the requirement of strong passwords for appliance users settings - sets the strong password requirements for the appliance. This command requires five options, as follows:
expiration - the number of days after which a user password expires on the appliance (1 through 99999 or never) |
| timezone | Sets the time zone conversion. A time zone table displays with all possible selections. Enter a selection from this time zone table. | None |
| tls syslog key password | Sets the TLS key password if you are enabling TCP TLS support for the TCP collector. For information about how to change and clear passwords, see the Configuring TLS Syslog section. | None |
It is good practice to connect to the CLI through a serial console, and not using SSH, when issuing network configuration commands such as set failover. Network configuration changes might reconfigure the network card, disconnecting an SSH connection.
Examples
- To set up a failover configuration for your Appliances:
- On the active appliance:
> set failover configure Enter the public Ip address of the cluster in the form <ip> <netmask> <broadcast>: CHANGES HAVE NOT BEEN SAVED! > save Writing changes to disk... Removing default gateway... Bringing down the eth0 interface... Bringing down the eth1 interface... Bringing up the eth0 interface... Bringing up the eth1 interface... Setting up default gateway... Bringing down the eth1 interface... Bringing up the eth1 interface... done.
On the standby appliance:> set failover configure CHANGES HAVE NOT BEEN SAVED! > save Writing changes to disk... Removing default gateway... Bringing down the bond0 interface... Bringing up the eth0 interface... Setting up default gateway... Bringing down the eth1 interface... Bringing up the eth1 interface... done.
- To disable the failover configuration:
- On the Standby system:
> set failover disable > save Writing changes to disk... Removing default gateway... Bringing down the eth0 interface... Bringing down the eth1 interface... Bringing up the bond0 interface... Setting up default gateway... done.
On the Active system:> set failover disable CHANGES HAVE NOT BEEN SAVED! > save Writing changes to disk... hecking network configuration now... [IPv4] Please select the network interface that will be the default gateway. 0. 192.168.1.245 eth0 1. Do not save this configuration. Exit now. > 0 The default gateway has been designated. Thank you. Please select the IP address to use to generate the BlueCoat certificate. 0. 192.168.1.245 eth0 1. Do not generate the BlueCoat certificate. > 1 The BlueCoat certificate will not be generated. Thank you. STOPPING MASTER TASK... [writing new cluster configuration] STARTING MASTER TASK...(ok) done.
- To set up network IP addresses for Ethernet interface 0:
-
> set ip 10.1.1.10 255.255.255.0 10.1.1.255 eth1 > show changes Current changes that have not been saved: ip address eth0 10.1.1.10 255.255.255.0 10.1.1.255 CHANGES HAVE NOT BE SAVED! > save
- To enable strong passwords and set each character minimum to 2, total minimum to 8, and expiration to 90:
-
> set strong_passwd enable > set strong_passwd settings 2 2 2 2 8 > set strong_passwd expiration 90