These commands are used on all Cisco devices running the Cisco IOS. If you are unfamiliar with Cisco devices please see: Routers, Using the Cisco IOS.
ROUTER COMMANDS
TERMINAL CONTROLS:
�� Config# terminal editing - allows for enhanced
editing commands
�� Config# terminal monitor - shows output on
telnet session
�� Config# terminal ip netmask-format hexadecimal|bit-count|decimal - changes the format of subnet masks
HOST NAME:
�� Config# hostname
ROUTER_NAME
BANNER:
�� Config# banner motd # TYPE MESSAGE HERE # - # can be substituted for any
character, must start and finish the message
DESCRIPTIONS:
�� Config# description THIS
IS THE SOUTH ROUTER - can be entered at the Config-if level
CLOCK:
�� Config# clock timezone Central -6
# clock set hh:mm:ss dd
month yyyy - Example: clock set 14:35:00 25
August 2003
CHANGING THE REGISTER:
�� Config# config-register 0x2100 - ROM Monitor Mode
�� Config# config-register 0x2101 - ROM boot
�� Config# config-register 0x2102 - Boot from NVRAM
BOOT SYSTEM:
�� Config# boot system tftp FILENAME SERVER_IP - Example: boot system tftp
2600_ios.bin 192.168.14.2
�� Config# boot system ROM
�� Config# boot system flash - Then - Config# reload
CDP:
�� Config# cdp run - Turns CDP on
�� Config# cdp holdtime 180 - Sets the time that
a device remains. Default is 180
�� Config# cdp timer 30 - Sets the update timer.The
default is 60
�� Config# int Ethernet 0
�� Config-if# cdp enable - Enables cdp on the interface
�� Config-if# no cdp enable - Disables CDP on the interface
�� Config# no cdp run - Turns CDP off
HOST TABLE:
�� Config# ip host ROUTER_NAME INT_Address - Example: ip host lab-a 192.168.5.1
-or-
�� Config# ip host RTR_NAME INT_ADD1 INT_ADD2 INT_ADD3 - Example: ip host lab-a 192.168.5.1 205.23.4.2 199.2.3.2 - (for e0,
s0, s1)
DOMAIN NAME SERVICES:
�� Config# ip domain-lookup - Tell router to lookup domain names
�� Config# ip name-server 122.22.2.2 - Location of DNS server
�� Config# ip domain-name cisco.com - Domain to append to end of names
CLEARING COUNTERS:
�� # clear interface Ethernet 0 - Clears counters on
the specified interface
�� # clear counters - Clears all
interface counters
�� # clear cdp
counters
- Clears CDP counters
STATIC ROUTES:
�� Config# ip route Net_Add SN_Mask Next_Hop_Add - Example: ip route 192.168.15.0 255.255.255.0 205.5.5.2
�� Config# ip route 0.0.0.0 0.0.0.0 Next_Hop_Add - Default route
-or-
�� Config# ip default-network Net_Add - Gateway LAN network
IP ROUTING:
�� Config# ip routing - Enabled by default
�� Config# router rip
-or-
�� Config# router igrp 100
�� Config# interface Ethernet
0
�� Config-if# ip address 122.2.3.2 255.255.255.0
�� Config-if# no shutdown
IPX ROUTING:
�� Config# ipx routing
�� Config# interface Ethernet
0
�� Config# ipx maximum-paths 2 - Maximum equal metric paths used
�� Config-if# ipx network 222 encapsulation sap - Also Novell-Ether,
SNAP, ARPA on Ethernet. Encapsulation HDLC on serial
�� Config-if# no shutdown
ACCESS LISTS:
IP Standard
|
1-99
|
IP Extended
|
100-199
|
IPX Standard
|
800-899
|
IPX Extended
|
900-999
|
IPX SAP Filters
|
1000-1099
|
IP STANDARD:
�� Config# access-list 10 permit
133.2.2.0 0.0.0.255 - allow all src ip�s
on network 133.2.2.0
-or-
�� Config# access-list 10
permit host 133.2.2.2 - specifies a specific host
-or-
�� Config# access-list 10
permit any
- allows any address
�� Config# int Ethernet 0
�� Config-if# ip access-group 10 in - also available: out
IP EXTENDED:
�� Config# access-list 101
permit tcp 133.12.0.0 0.0.255.255 122.3.2.0 0.0.0.255
eq telnet
-protocols: tcp, udp, icmp, ip
(no sockets then), among others
-source then destination address
-eq, gt,
lt for comparison
-sockets can be numeric or name (23 or telnet, 21 or
ftp, etc)
-or-
�� Config# access-list 101
deny tcp any host 133.2.23.3 eq
www
-or-
�� Config# access-list 101
permit ip any any
�� Config# interface Ethernet
0
�� Config-if# ip access-group 101 out
IPX STANDARD:
�� Config# access-list 801
permit 233 AA3 - source network/host then destination network/host
-or-
�� Config# access-list 801
permit -1 -1 - �-1� is the same as �any� with network/host addresses
�� Config# interface Ethernet
0
�� Config-if# ipx access-group 801 out
IPX EXTENDED:
�� Config# access-list 901
permit sap 4AA all 4BB all
- Permit protocol src_add
socket dest_add socket
-�all� includes all sockets, or can use socket numbers
-or-
�� Config# access-list 901
permit any any all any all
-Permits any protocol with any address on any socket to
go anywhere
�� Config# interface Ethernet
0
�� Config-if# ipx access-group 901 in
IPX SAP FILTER:
�� Config# access-list 1000
permit 4aa 3 - �3� is the service type
-or-
�� Config# access-list 1000
permit 4aa 0 - service type of �0� matches all services
�� Config# interface Ethernet
0
�� Config-if# ipx input-sap-filter 1000 - filter applied to incoming packets
-or-
�� Config-if# ipx output-sap-filter 1000 - filter applied to outgoing packets
NAMED ACCESS LISTS:
�� Config# ip access-list standard LISTNAME
-can be ip or ipx, standard or extended
-followed by the permit or deny list
�� Config# permit any
�� Config-if# ip access-group LISTNAME in
-use the list name instead of a list number
-allows for a larger amount of access-lists
PPP SETUP:
�� Config-if# encapsulation ppp
�� Config-if# ppp authentication chap pap
-order in which they will be used
-only attempted with the authentification
listed
-if one fails, then connection is terminated
�� Config-if# exit
�� Config# username Lab-b
password 123456
-username is the router that will be connecting to this
one
-only specified routers can connect
-or-
�� Config-if# ppp chap hostname ROUTER
�� Config-if# ppp chap password 123456
-if this is set on all routers, then any of them can
connect to any other
-set same on all for easy configuration
ISDN SETUP:
�� Config# isdn switch-type
basic-5ess
- determined by telecom
�� Config# interface serial 0
�� Config-if# isdn spid1
2705554564
- isdn �phonenumber� of line 1
�� Config-if# isdn spid2
2705554565
- isdn �phonenumber� of line 2
�� Config-if# encapsulation
PPP - or
HDLC, LAPD
DDR - 4 Steps to setting up ISDN with DDR
- Configure switch type
Config# isdn switch-type basic-5ess - can be done at interface config
- Configure static routes
Config# ip route
123.4.35.0 255.255.255.0 192.3.5.5 - sends traffic destined for 123.4.35.0 to 192.3.5.5
Config# ip route
192.3.5.5 255.255.255.255 bri0 - specifies how to get to network 192.3.5.5 (through
bri0)
- Configure Interface
Config-if# ip
address 192.3.5.5 255.255.255.0
Config-if# no shutdown
Config-if# encapsulation ppp
Config-if# dialer-group 1 - applies dialer-list to
this interface
Config-if# dialer map ip
192.3.5.6 name Lab-b 5551212
connect to lab-b at 5551212 with ip 192.3.5.6 if there is interesting traffic
can also use �dialer string 5551212� instead if
there is only one router to connect to
- Specify interesting traffic
Config# dialer-list 1 ip
permit any
-or-
Config# dialer-list 1 ip
list 101 - use
the access-list 101 as the dialer list
- Other Options
Config-if# hold-queue 75 - queue 75 packets before
dialing
Config-if# dialer load-threshold 125 either
-load needed before second line is brought up
-�125� is any number 1-255, where % load is x/255
(ie 125/255 is about 50%)
-can check by in, out, or either
Config-if# dialer idle-timeout 180
-determines how long to stay idle before
terminating the session
-default is 120
FRAME RELAY SETUP:
�� Config# interface serial 0
�� Config-if# encapsulation
frame-relay
- cisco by default, can change to ietf
�� Config-if# frame-relay lmi-type cisco - cisco
by default, also ansi, q933a
�� Config-if# bandwidth 56
�� Config-if# interface
serial 0.100 point-to-point - subinterface
�� Config-if# ip address 122.1.1.1 255.255.255.0
�� Config-if# frame-relay
interface-dlci 100
-maps the dlci to the
interface
-can add BROADCAST and/or IETF at the end
�� Config-if# interface
serial 1.100 multipoint
�� Config-if# no inverse-arp - turns IARP off; good to do
�� Config-if# frame-relay map
ip 122.1.1.2 48 ietf
broadcast
-maps an IP to a dlci (48 in
this case)
-required if IARP is turned off
-ietf and broadcast are
optional
�� Config-if# frame-relay map
ip 122.1.1.3 54 broadcast
SHOW COMMANDS
�� Show access-lists - all access lists on
the router
�� Show cdp - cdp
timer and holdtime frequency
�� Show cdp entry
* - same
as next
�� Show cdp neighbors
detail -
details of neighbor with ip add and ios version
�� Show cdp
neighbors
- id, local interface, holdtime, capability, platform
portid
�� Show cdp
interface
- int�s running cdp and
their encapsulation
�� Show cdp
traffic -
cdp packets sent and received
�� Show controllers serial 0 - DTE or DCE status
�� Show dialer - number of times dialer string has
been reached, other stats
�� Show flash - files in flash
�� Show frame-relay lmi - lmi
stats
�� Show frame-relay map - static and dynamic
maps for PVC�s
�� Show frame-relay pvc - pvc�s
and dlci�s
�� Show history - commands entered
�� Show hosts - contents of host table
�� Show int f0/26 - stats of f0/26
�� Show interface Ethernet 0 - show stats of
Ethernet 0
�� Show ip - ip
config of switch
�� Show ip
access-lists - ip access-lists on switch
�� Show ip
interface
- ip config of interface
�� Show ip
protocols
- routing protocols and timers
�� Show ip route - Displays IP routing
table
�� Show ipx
access-lists - same, only ipx
�� Show ipx
interfaces
- RIP and SAP info being sent and received, IPX addresses
�� Show ipx route - ipx
routes in the table
�� Show ipx
servers -
SAP table
�� Show ipx
traffic -
RIP and SAP info
�� Show isdn active - number with active
status
�� Show isdn status - shows if SPIDs are valid, if connected
�� Show mac-address-table - contents of the
dynamic table
�� Show protocols - routed protocols
and net_addresses of interfaces
�� Show running-config - dram config file
�� Show sessions - connections via
telnet to remote device
�� Show startup-config - nvram
config file
�� Show terminal - shows history size
�� Show trunk a/b - trunk stat of port
26/27
�� Show version - ios
info, uptime, address of switch
�� Show vlan - all configured vlan�s
�� Show vlan-membership - vlan
assignments
�� Show vtp - vtp
configs
CATALYST COMMANDS
For Native IOS - Not CatOS
SWITCH ADDRESS:
�� Config# ip address 192.168.10.2 255.255.255.0
�� Config# ip default-gateway 192.168.10.1
DUPLEX MODE:
�� Config# interface Ethernet
0/5 - �fastethernet� for 100 Mbps ports
�� Config-if# duplex full - also, half | auto |
full-flow-control
SWITCHING MODE:
�� Config# switching-mode
store-and-forward - also, fragment-free
MAC ADDRESS CONFIGS:
�� Config# mac-address-table permanent aaab.000f.ffef e0/2 - only this mac will work on this port
�� Config# mac-address-table restricted static aaab.000f.ffef e0/2
e0/3
-port 3 can only send data out port 2 with that mac
-very restrictive security
�� Config-if# port secure
max-mac-count 5 - allows only 5 mac
addresses mapped to this port
VLANS:
�� Config# vlan 10 name FINANCE
�� Config# interface Ethernet
0/3
�� Config-if# vlan-membership static 10
TRUNK LINKS:
�� Config-if# trunk on - also, off | auto |
desirable | nonegotiate
�� Config-if# no trunk-vlan 2
-removes vlan 2 from the
trunk port
-by default, all vlans are
set on a trunk port
CONFIGURING VTP:
�� Config# delete vtp - should be done prior to adding to a network
�� Config# vtp server - the default is server, also client and transparent
�� Config# vtp domain Camp - name doesn�t matter, just so all switches
use the same
�� Config# vtp password 1234 - limited security
�� Config# vtp pruning enable - limits vtp
broadcasts to only switches affected
�� Config# vtp pruning disable
FLASH UPGRADE:
�� Config# copy
tftp://192.5.5.5/configname.ios opcode - �opcode� for ios upgrade, �nvram� for startup config
DELETE STARTUP CONFIG:
�� Config# delete nvram
Contact Us
NOTE: this form DOES NOT e-mail this article, it sends feedback to the author.
|
|