cisco command CLI

Cisco official CLI command reference.

router>enable
router#config terminal
router(config)#hostname myhost
router(config)#enable secret mypassword
router(config)#service password-encryption
router(config)#security passwords min-length 10
router(config)#service timestamps [debug datetime msec]
router#terminal monitor
-> display debug output on current vty session
router(config)#no ip domain-lookup
router(config)#interface s0/0/0
router(config-if)#ip address myip mymask
router(config-if)#ip hostname myhostname myip
router(config-if)#clock rate 9600
router(config-if)#description my description
router(config-if)#no shutdown
--> after interface config, always needs no shutdown
router(config-if)#exit
router(config)#ip route network_to_connect mask gateway
router(config)#banner motd # my_banner #

router(config)#line console 0
router(config-line)#password my_console_pw
router(config-line)#login
router(config-line)#logging synchronous
-> system output won't be mangled with your input
router(config-line)#exec-timeout 15 30
--> set timeout 15 minutes 30 seconds
router(config-line)#history size 100
-> history buffer
router(config)#line vty 0 4
router(config-line)#password my_telnet_pw
router(config-line)#login
--> after password reset, always need login.
router(config)#end
router#copy running-config startup-config
router#write mem
->(same as above)
router#copy startup-config tftp://172.16.2.155/tokyo-config
-> backup startup-config over the network.
router#copy startup-config flash:config.bak1
-> backup startup-config to another file.
router#reload
-> restart using the current startup-config

switch#erase nvram:
switch#erase startup-config
switch#delete flash:filename
switch#boot system ROM
-> boots a mini version of IOS
switch#copy tftp flash
-> to upgrade IOS from a network location.
swtich#copy run tftp:10.1.1.100
-> save running-config to network server.
switch#erase nvram
switch#reload
switch#dir flash:/

switch#terminal monitor
-> if using other than console, all messages will be displayed just as in console mode
switch#clock set 13:00:00 12 october 1993
switch#clock timezone EST -5
switch#logging buffered
-> save in ROM, rather than output to screen.
switch#show log
-> now read this log

(config)#ip http authentication enable
-> configure HTTP server interface to enable password, other options are: local (local user database), tacacs
(config)#ip http server
-> enable the HTTP server

switch#show interface status
-> nice brief table
switch#show ip {interface | http | arp}
-> nice brief table
Router>show control s0/0/0
-> shows cable used, clock rate, ...
Router>show interfaces
-> all serial and ethernet connections.
Router>show ip route
Router>show ip interface brief

Router(config-router#)default-information originate
-> Redistributes Default gateway (QZR) to others
Router(config-router)#passive-interface fa0/0
Router(config-router)#redistribute static

(config)#ipv6 host name [port] ipv6addr
(config)#ipv6 unicast-routing
(config)#ipv6 router rip MYNAME
(config-if)#ipv6 address ipv6_prefix/prefix-length [eui-64]
(config-if)#ipv6 rip MYNAME enable
#show ipv6 interface [brief]
#show ipv6 neighbors
#show ipv6 protocols
#show ipv6 rip
#show ipv6 route [summary]
#show ipv6 routers
#show ipv6 static [detail] [interface s0/0]
#show ipv6 traffic
#clear ipv6 rip
#clear ipv6 route *
#clear ipv6 traffic
#debug ipv6 rip
#debug ipv6 routing
#debug ipv6 packet

router

A router is a device that sends packets from one network to another network. The routing table typically contains the address of all known networks and routing information about that network such as:

• Interface
• Routing Path
• Next Hop
• Route Metric (Cost, # hops)
• Route Timeout

Routers build and maintain their routing database by periodically sharing information with other routers. The exact format of these exchanges is based on the routing protocol. The routing protocol determines:

• The information contained in the routing table
• How messages are routed from one network to another
• How topology changes (i.e. updates to the routing table) are communicated between routers

Regardless of the method used, changes in routing information take some time to be propagated to all routers on the network. The term convergence is used to describe the condition when all routers have the same (or correct) routing information.

Message Routing process:

• The sender uses its own IP for the source Network layer address, and the IP of the final receiving device as the destination Network layer address.


• The sender creates a frame by adding its own MAC address as the source Physical layer address. For the destination Physical layer address, it uses the MAC address of the default gateway router.


• The next hop router reads the destination MAC address in the frame. Because the frame is addressed to that router, it processes the frame.


• The router strips off the frame header and examines the packet destination address. It uses a routing protocol to identify the next hop router in the path.
  The router repackages the packet into a new frame. It uses its own MAC address as the source Physical address, the MAC address of the next hop router for the destination Physical address.


• The last router in the path receives the frame and because the destination device is on a directly connected network, the router creates a frame using its own MAC address as the source address, and the MAC address of the destination device as the destination physical address.


• The destination device receives the frame. Inside the packet it finds the destination address matching its own IP address, with the source IP address being that of the original sending device.

Be aware of the following:

• On an Ethernet network, the Data Link layer address is the MAC address. On an IP network, the Network layer address is the IP address.


• Both Data Link physical addresses and Network logical addresses are used to send packets between hosts.


• The Data Link address identifies the physical interface. The Network address contains both a logical network address and a logical device address.


• IP (Network layer) addresses are contained in the IP header; MAC (Data Link) addresses are contained in the Ethernet frame header.


• Both the source and destination Network and Data Link addresses are typically contained in the packet.


• Data Link addresses in the packet change as the packet is delivered from hop to hop. At any point in the process, the Data Link destination address indicates the physical address of the next hop on the route. The Data Link source address is the physical address of the device sending the frame.


• Network addresses remain constant as the packet is delivered from hop to hop. The Network addresses indicate the logical address of the original sending device and the address of the final destination device.


• A router uses the logical network address specified at the Network layer to forward messages to the appropriate network segment.

switch

A switch is a multiport bridge. It provides the same functionality, but with a higher port density. In addition, switches provide features that cannot be found in bridges.

• Switches are associated with the Data Link layer of the OSI Model.


• Switches build a forwarding database in a manner similar to bridges. Switches examine the source and destination Data Link address in each packet to build the database and make forwarding decisions.


• Switches connect multiple segments or devices and forward packets to only one specific port.


• You can connect a single device to a switch port or multiple devices to a switch port by using a hub.

Switches offer the following advantages over a non-switched network.

• Switches create separate collision domains.


• Switches provide guaranteed bandwidth between devices, if dedicated ports are used.


• Switches can be used to provide collision-free networking, if only one device is connected to each switch port.


• Switches enable full-duplex communication.


• Switches induce less latency than other segmentation solutions.


• Switches can simultaneously switch multiple messages.


• Switches can mix 10 Mbps- and 100 Mbps-capable devices, if the switch is a 100 Mbps switch.


• Ethernet switches can be implemented without re-cabling.

Switches have replaced bridges in most network applications.

bridge

A bridge is a data forwarding device that provides data transfer. You should understand the following concepts relating to the operation of bridges.

• Bridges connect two media segments that use the same protocol.
  Bridges examine the source address to determine the media segment of network devices.


• Bridges operate at the Data Link layer of the OSI model.


• Bridges maintain a table of device addresses and their corresponding segments.


• Each segment connected by a bridge can have the same network address.


• Messages within a media segment are prevented from crossing over to another segment.

Bridges' advantages:

• Bridges prevent wasted bandwidth by eliminating unnecessary traffic between segments.


• Bridges increase the maximum network length.


• Bridges forward packets for multiple upper-layer protocols.


• Bridges can link segments with dissimilar transmission media and media access methods.

Bridges' limitations:

• Bridges cannot link multiple architectures because different frame types are used.


• Bridges cannot translate upper-layer protocols.


• Bridges cannot forward packets to different networks based on the network address.


• Bridges do not filter broadcast packets.

Use bridges to isolate traffic to a segment, or to prevent unwanted traffic from crossing over to other segments, or to slow WAN links. When designing the placement of bridges on the network, follow the 80/20 rule.

• At least 80% of network traffic should stay within a segment.


• No more than 20% of network traffic should pass through the bridge to another segment.

Ethernet 5-4-3 rule

Ethernet and IEEE 802.3 historically implemented a 5-4-3 rule, is also known as the IEEE way. (before switch days)
5 Segments
4 Repeaters
3 Populated Segments
2 Unpopulated Segments
1 Collision Domain

TCP/IP Protocol Suite Facts

Groups of protocols (called protocol suites or protocol stacks) are designed to interact and be used together. The TCP/IP protocol suite is used on the Internet and on most networks. The TCP/IP protocol suite was developed to work independently of the Physical layer implementation. When learning about TCP/IP protocols, it is common to use a theoretical layered model called the TCP/IP model (also known as the Department of Defense (DoD) model). The layers of the DoD model are as follows:

• The Application layer (also called the Process layer) corresponds to the Session, Presentation, and Application layers of the OSI model.


• The Host-to-host layer is comparable to the Transport layer of the OSI model and is responsible for error checking and reliable packet delivery. Here, the data stream is broken into segments that must be assigned sequence numbers so that the segments can be reassembled correctly on the remote side after they are transported.


• The Internet layer is comparable to the Network layer of the OSI model. It is responsible for moving packets through a network. This involves addressing of hosts and making routing decisions to identify how the packet transverses the network.


• The Network Access layer corresponds to the functions of the Physical and Data Link layers of the OSI model. It is responsible for describing the physical layout of the network and how messages are formatted on the transmission medium. Sometimes this layer is divided into the Network Access and the Physical layer.

The following table lists several protocols in the TCP/IP protocol suite.

Protocol	Description	OSI Model Layer(s)	DoD Model Layer
File Transfer Protocol (FTP)	provides a generic method of transferring files. It can include file security through usernames and passwords, and it allows file transfer between dissimilar computer systems.	Application, Presentation, Session	Application Process
Trivial File Transfer Protocol (TFTP)	Transfer files between a host and an FTP server. However, it provides no user authentication and uses UDP instead of TCP as the transport protocol.	Application, Presentation, Session	Application Process
Hypertext Transfer Protocol (HTTP)	Used by Web browsers and Web servers to exchange files (such as Web pages) through the World Wide Web and intranets. HTTP can be described as an information requesting and responding protocol. It is typically used to request and send Web documents, but is also used as the protocol for communication between agents using different TCP/IP protocols.	Application, Presentation, Session	Application Process
Simple Mail Transfer Protocol (SMTP)	Route electronic mail through the internetwork. E-mail applications provide the interface to communicate with SMTP or mail servers.	Application, Presentation, Session	Application Process
Simple Network Management Protocol (SNMP)	Managing complex networks. SNMP lets network hosts exchange configuration and status information. This information can be gathered by management software and used to monitor and manage the network.	Application, Presentation, Session	Application Process
Telnet Remote Terminal Emulation (Telnet)	allows an attached computer to act as a dumb terminal, with data processing taking place on the TCP/IP host computer. It is still widely used to provide connectivity between dissimilar systems.	Application, Presentation, Session	Application Process
Network File System (NFS)	developed by Sun Microsystems. It consists of several protocols that enable users on various platforms to seamlessly access files from remote file systems.	Application, Presentation, Session	Application Process
Voice Over Internet Protocol (VoIP)	optimized for the transmission of voice through the Internet or other packet switched networks. Voice over IP protocols carry telephony signals as digital audio encapsulated in a data packet stream over IP.	Application, Presentation, Session	Application Process
Domain Name System (DNS)	A system that is distributed throughout the internetwork to provide address/name resolution.	Application, Presentation, Session	Application Process
Transmission Control Protocol (TCP)	Provides connection-oriented services and performs segment sequencing and service addressing. It also performs important error-checking functions and is considered a host-to-host protocol.	Transport	Host-to-Host (Transport)
User Datagram Protocol (UDP)	Not connection-oriented like TCP. Because of less overhead, it transfers data faster, but is not as reliable.	Transport	Host-to-Host (Transport)
Internet Protocol (IP)	The main TCP/IP protocol. A connectionless protocol that makes routing path decisions, based on the information it receives from ARP. It also handles logical addressing issues through the use of IP addresses.	Network	Internet
Internet Control Message Protocol (ICMP)	ICMP works closely with IP in providing error and control information that helps move data packets through the internetwork.	Network	Internet
Internet Group Membership Protocol (IGMP)	Define host groups. All group members can receive broadcast messages intended for the group (called multicasts). Multicast groups can be composed of devices within the same network or across networks (connected with a router).	Network	Internet
Address Resolution Protocol (ARP)	used to get the MAC address of a host from a known IP address. ARP is used within a subnet to get the MAC address of a device on the same subnet as the requesting device.	Network	Internet
Reverse Address Resolution Protocol (RARP) Bootstrap Protocol (BOOTP)	Both BOOTP (Bootstrap Protocol) and RARP are used to discover the IP address of a device with a known MAC address. BOOTP is an enhancement to RARP, and is more commonly implemented than RARP. As its name implies, BOOTP is used by computers as they boot to receive an IP address from a BOOTP server. The BOOTP address request packet sent by the host is answered by the server.	Network	Internet
Dynamic Host Configuration Protocol (DHCP)	simplifies address administration. DHCP servers maintain a list of available and assigned addresses, and communicate configuration information to requesting hosts. DHCP has the following two components. * A protocol for delivering IP configuration parameters from a DHCP server to a host * A protocol specifying how IP addresses are assigned	Network	Internet
Open Shortest Path First (OSPF)	A route discovery protocol that uses the link-state method. It is more efficient than RIP in updating routing tables, especially on large networks.	Network	Internet
Routing Information Protocol (RIP)	A route discovery protocol that uses the distance-vector method. If the network is large and complex, OSPF should be used instead of RIP.	Network	Internet

OSI model encapsulation

Encapsulation is the process of breaking a message into packets, adding control and other information, and transmitting the message through the transmission media. You need to know the following five-step data encapsulation process:

1. The Physical layer converts the frames into bits for transmission across the transmission media.
2. The Data Link layer converts the packets into frames, adding physical device addressing information.
3. The Network layer converts the segments into packets, adding logical network and device addresses.
4. The Transport layer breaks the data into pieces called segments, adding sequencing and control information.
5. Upper layers prepare the data to be sent through the network.

Layer	description & keywords	protocols	device	encapsulation
application	* provides interface for a service to operate * communication partner identification	HTTP, Telnet, FTP, SNMP		user info & data
presentation	* file format * encryption, translation, compression * data format & exchange	JPEG, BMP, TIFF, PICT, MPEG, WMV, ASCII, EBCDIC, MIDI, WAV		data
session	* separates data streams * setup, maintina, tear down communication sessions	SQL, NFS, ASP, RPC, X window		data
transport	* reliable & unreliable * end to end flow control * port and socket #s * segmentation, sequencing, combination.	TCP(connection-oriented) UDP(connectionless)		segment
network	* logical address * path determination * routing packets	IP(ICMP, ARP), IPX, AppleTalk, DECNET	routers, layer 3 switches	packet
data link (logical link control, media access control)	* convert bits to bytes and bytes to frames * MAC address, hardware address * logical network topology * media access * flow control (ack, buffering, windowing) * parity & CRC	* LAN: 802.2(LLC), 802.3(Ethernet), 802.5(Token-ring), 802.11(Wireless) * WAN: HDLC, PPP, Frame relay, ISDN, ATM	NIC, switch, bridge	frame
physical	* move bits across media * cables, connectors, pin position * electrical signals (voltage, bit sync) * physical topology	EIA/TIA 232 (serial signaling) V.35(modem) Cat5 RJ45	media (cable, wire), connector, transceivers, modem, repeater, hub, multiplexer, CSU/DSU, wireless access point	bit