More IOS Tips
- Tony Mattke
- Cisco
- June 9, 2010
Learning the particulars of Cisco IOS is one of the most valuable things a network engineer can do. These skills will be the basis of everything you do on the lab and on your network. The following is a collection of things that most everyone uses these days.
Prevent timeout on the serial console. You can also apply this to the VTY lines if you ssh / telnet into the router.
Router(config)#line con 0 Router(config-line)#exec-timeout 0 0 ! 0-minutes 0-seconds
The following configuration will allow you to work uninterrupted from system messages.
Router(config)#line con 0 Router(config-line)#logging synchronous
This command will reset an interface, or a range of interfaces back to its default configuration.
Router(config)#default interface fa0/0 Building configuration...
The Cisco default break character of Ctrl+Shift+6 is a pain to type, it takes both hands, and its just plain stupid. Changing this to something easy and quick is a life saver during any lab or in real life. There are two ways to actually make the change thought. The first way demonstrated only applies to the current session. To make the change more permanent you need to configure the escape character on the line.
Router#terminal escape-character 23 ! 23 = Ctrl+W "^W" is the escape character Router(config)#line con 0 Router(config-line)#escape-character 27 ! 27 = Escape
This is seriously handy for those of us that type faster than we can think at times. Ever been stuck at a Translating “whatever”…domain server (4.2.2.2) ?? The following command will force your router skip the DNS resolution.
Router(config)#no ip domain-lookup
This tip is in 2 parts, first is the do command which allows you to run exec level commands from configuration mode. This is a very handy feature for issuing show commands. The second tip here is combining show ip interface brief with the IOS filtering options and removing lines that contain unassigned interfaces.
Router(config)#do show ip int br | ex una Interface IP-Address OK? Method Status Protocol FastEthernet0/0 192.168.8.9 YES NVRAM up up FastEthernet0/0.2 10.1.8.1 YES NVRAM up up
This command will show you the top 5 protocols as reportd by NBAR on the router. You will need to configure ip nbar protocol-discovery on interfaces that you want to see statistics for.
Router#show ip nbar protocol-discovery stats bit-rate top-n 5
Serial1/0
Input Output
----- ------
Protocol 5min Bit Rate (bps) 5min Bit Rate (bps)
------------------------ ------------------------ ------------------------
ospf 536 345
icmp 234 535
bgp 23 34
citrix 0 0
cuseeme 0 0
unknown 0 0
Total 0 0
How about using extended ping without having to enter the extended ping menu? The so option refers to source, which can also include an interfaces. Other useful options are re or repeat, si or packet size, and df or df-bit which enables the do not fragment bit in the IP header.
Router#ping 10.0.1.2 so 10.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.1.2, timeout is 2 seconds: Packet sent with a source address of 10.0.0.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/12/20 ms
This command will show a sorted CPU usage of all processes running on the router. You can also use show proc cpu history to view an ASCII graphs of CPU utilization.
It may also be usefull to create an alias with filtering. alias exec shproc show proc cpu sort | ex 0.00%__0.00%__0.00%
Router#show processes cpu sort CPU utilization for five seconds: 1%/1%; one minute: 2%; five minutes: 3% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 1 40 167 239 0.00% 0.00% 0.00% 0 Chunk Manager 2 2682 711979 3 0.00% 0.00% 0.00% 0 Load Meter 3 4846 11865575 0 0.00% 0.00% 0.00% 0 Skinny Msg Serve 4 16 142564 0 0.00% 0.00% 0.00% 0 EDDRI_MAIN 5 7707600 542302 14212 0.00% 0.23% 0.19% 0 Check heaps 6 4 2 2000 0.00% 0.00% 0.00% 0 Pool Manager 7 0 2 0 0.00% 0.00% 0.00% 0 Timers 8 0 1 0 0.00% 0.00% 0.00% 0 Crash writer 9 387639 930516 416 0.00% 0.00% 0.00% 0 ARP Input 10 460 3706748 0 0.00% 0.00% 0.00% 0 ARP Background 11 0 2 0 0.00% 0.00% 0.00% 0 ATM Idle Timer 12 0 2 0 0.00% 0.00% 0.00% 0 AAA high-capacit 13 0 1 0 0.00% 0.00% 0.00% 0 AAA_SERVER_DEADT 14 0 1 0 0.00% 0.00% 0.00% 0 Policy Manager 15 0 2 0 0.00% 0.00% 0.00% 0 DDR Timers 16 20 2 10000 0.00% 0.00% 0.00% 0 Entity MIB API 17 28 53 528 0.00% 0.00% 0.00% 0 EEM ED Syslog 18 220 1065579 0 0.00% 0.00% 0.00% 0 HC Counter Timer 19 0 2 0 0.00% 0.00% 0.00% 0 Serial Backgroun 20 0 1 0 0.00% 0.00% 0.00% 0 RO Notify Timers 21 0 1 0 0.00% 0.00% 0.00% 0 RMI RM Notify Wa 22 8 2 4000 0.00% 0.00% 0.00% 0 SMART
The following command allows you to reload your router in a set time period. Rather useful for failsafe recovery while making configuration changes in some circumstances. You can view the status of a reload using the command show reload or cancel it using reload cancel.
Router#reload in 5 Reload scheduled for 16:31:15 EDT Fri Jun 8 2010 (in 5 minutes) by admin on vty0 (198.19.8.98) Reload reason: Reload Command Proceed with reload? [confirm]
The following tip is from @WannabeCCIE – When you’re labbing and have confirm IP connectivity to 20+ devices, TCL can save your butt. Keep this in a text file and paste it into the CLI.
Router#tclsh
Router(tcl)#foreach IPA {
+>150.100.12.1
+>150.100.12.2
+>150.100.24.2
+>150.100.24.4
+>150.100.41.4
+>150.100.40.4
+>} {ping $IPA timeout 1}
!
! or for a list of interfaces off different VRFs
!
Router#tclsh
Router(tcl)#foreach VRF {
+>"RED 100.100.100.2"
+>"RED 100.100.100.5"
+>"RED 100.100.100.6"
+>"BLUE 200.200.200.2"
+>"BLUE 200.200.200.5"
+>"BLUE 200.200.200.6"
+>} {ping vrf $VRF timeout 1}
The following command is rather useful for diagnosing BGP issues, it shows what is causing any RIB Failures preventing any entries in the BGP table from being installed into the main routing table.
Router#show ip bgp rib-failure Network Next Hop RIB-failure RIB-NH Matches 172.16.20.0/24 172.16.20.1 Higher admin distance n/a
If you have any tips that I may of left out or have any questions, please leave a comment below.
