Aruba AOS-CX CLI – Initial thoughts

With everything moving to the cloud and vendors coming out with all different cool dashboards and UI’s for monitoring/managing, dependence on the CLI is not what it used to be. Most of the monitoring and configurations tasks have migrated to the cloud-based dashboards. Each vendor has its flavor for troubleshooting in the cloud dashboard as well.

I do utilize the cloud dashboards, APIs but, I do love using the CLI. I am not a fan of vendors who limit access to the CLI. Nothing is wrong with using cloud dashboards. But I believe, it is imperative to know and understand the CLI; knowing what is happening behind the scenes can give you a good advantage when configuring, designing, monitoring, or troubleshooting issues.

I was not a fan of Aruba AOS-S CLI. I came from Cisco’s world; nothing else made sense initially when it came to the CLI, to be honest. So when I got to see the Aruba AOS-CX CLI; I was excited to see some great CLI features.


This command basically prints out all the available commands in the context you at working in. In my example below; I have all the commands available under the interface configuration. Not only that; it also shows you the “no” commands. Really good for change management.

show capacities:

This is an excellent command that shows system capacity of different features available.

You can take it further and filter it by the feature.

show capacities-status:

This command takes you even further into not only showing the capacity of each feature but their utilization as well. So if the device supports 4094 VLANs and you have 10 VLANs configured, it will show you both values.

Since there is a single OSPF neighbor; it shows the value of 1 and Max value of 512:

This command can also be filtered based on the feature.

show running-config current-context

We are all used to the good old “show runn interface ge x/x/x” command or “show runn | begin ospf” command etc. But this would show me everything after the first OSPF key word and/or at times results were not exactly what I wanted/needed. I always wondered why can’t I just just not see the config specifically. Yes there is a “show runn | section” but it does not work that great. Working with JUNOS CLI is when I first got to see this and now with Aruba CX I have seen this feature as well.

If I want to see what is configured under anything I simply run the command under that context. I absolutely love love love this feature. Makes parsing through the config much easier.

copy checkpoint/checkpoint auto:

“reload in ##” I am happy that I do not have to worry about reloading the whole device if I configure something wrong. Checkpoints make reverting to an older config easier. Moreover, it can help with change management. If I have a large change and need to back out of it? Instead of typing a bunch of “no” commands and then making sure you got everything etc. Want to go back in time to a specific config, compare two different configs? the checkpoint command is a friend.

“checkpoint auto #” is excellent if you think your change may break something and you will lose access to the device. Years ago I remember migrating some circuits that required BGP changes. If there was an issue we would lose access to the device so we were running “reload in #” commands on the Cisco devices. I ended up utilizing some EEM Scripting eventually that sometimes did not work. With “check point auto #” I can simply specify the device to roll back all my changes in 5 min or 10 min if I don’t confirm them.

vlan trunk allowed:

How many of us have added a VLAN to a trunk port and taken down a network because of blowing the allowed VLAN config? Aruba AOS-CX folks looks like learned their lesson and finally updated this command the way it should be. You do not have to use a specific keyword “add” to add VLANs to an existing trunk port. This command simply appends and not overwrite what is there.

Take a look at the port 1/1/1. It is a trunk port with VLAN 1, 10, 20, 30 already allowed. I am going to add one more VLAN to it by using a simple “vlan trunk allowed 40” command.

All the VLANs are still there. Last command simply appended the VLAN instead of over writing it.

There are a bunch more commands that are really useful and come in really handy when configuring, monitoring or troubleshooting in Aruba Switching Portfolio. Really happy and excited to see the Aruba AOS CX CLI and I am certainly impressed.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

2 thoughts on “Aruba AOS-CX CLI – Initial thoughts”

  1. Don’t forget the repeat command or the ability to print/filter packet captures right in the console! Or go right into the shell and do anything Linux.

    1. Thank you Seth, unfortunately I do not have access to any gear so I couldn’t really test some things out that I would have liked to share here. But yes those are good commands also.

WordPress SEO