Hey Network Ninjas! When you’re rocking with Cisco routers or switches, you’re grooving to the beat of Cisco IOS—the Internetwork Operating System. This guide is your backstage pass to mastering the Command Line Interface (CLI), from basic configurations to advanced troubleshooting tricks
Flavors of Cisco IOS
Traditional Cisco IOS:
- This is the original operating system used on Cisco routers and switches for decades.
- It features a well-known set of commands familiar to network engineers.
Cisco IOS XE:
- An evolution of the traditional Cisco IOS, offering more stability.
- Built on the Linux operating system, it prevents the entire system from crashing due to a single runaway process.
- Commands from traditional Cisco IOS work seamlessly in Cisco IOS XE.
Cisco NX-OS:
- Found primarily in data center environments on Cisco Nexus switches.
- Features a unique set of commands tailored for data center operations.
Cisco IOS XR:
- Designed for large enterprise and service provider routers.
- Offers a distinct command set different from traditional Cisco IOS and IOS XE.
In this article, we will concentrate on commands applicable to both Cisco IOS and Cisco IOS XE. So, let's get started, shall we?
Exploring Cisco IOS Features
Privilege Levels
Cisco IOS allows for different privilege levels, ensuring that help desk personnel can access troubleshooting commands without altering critical configurations like BGP settings. We have 16 different privilege levels, numbered 0 through 15, which dictate which commands are available to which users. Here are the default levels:
Level 0:
- Supports only five basic commands, allowing minimal interaction.
- Typically used for very limited access.
Level 1 (User Mode):
- This is the default mode upon logging in.
- Provides access to a limited set of read-only commands, sufficient for basic troubleshooting and diagnostics.
Level 15 (Privileged Mode):
- Provides full access to all commands, including both read-only and read-write commands.
- This level is used for complete configuration and management.
To illustrate how privilege levels work, let's visit gns3 and use a Cisco 7200 router for this.
User Mode (Level 1):
- When opened the console of the router the prompt displays a greater-than sign (>).
- Use the command show privilege to confirm the current privilege level.
- Limited commands are available, primarily for viewing configurations without making changes.
- Example commands:
show,exit, and context-sensitive help (?).
Privileged Mode (Level 15):
- Enter this mode using the
enablecommand, followed by the password. - The prompt changes to a pound sign (#).
- Full command access is available for complete configuration and management.
- Example command: show privilege confirms the current level as 15.
Customizing Privilege Levels
Let's further explore how to customize privilege levels by restricting the trace route command to level 2 and above:
Access Level 15:
- Enter privileged mode with enable 15 and provide the password.
- Enter global configuration mode with configure terminal or conf t.
Assign a Password to Level 2:
- Use the command enable secret level 2 [password] (e.g., enable secret level 2 Cisco).
trace route Command to Level 2:- Use the command privilege exec level 2 traceroute.
Test Command Availability:
Verify the trace route command in level 2 and ensure it's not available in level 1.
Example:
- In level 1, % Invalid input detected at '^' marker.
- In level 2, after entering enable 2 and providing the password, trace route is available. [Here no IP is configured so its showing (% Unrecognized host or address.)]
Command Line Interface (CLI):
Moving Between Configuration Modes
Let's jump right into router R1 and explore:
1. Global Configuration Mode:
- Enter with configure terminal or shortcut conf t.
- Commands affect the entire system ((config) prompt).
2. Interface Configuration Mode:
- Navigate using interface gig 0/0 from global config.
- Configure specific interface settings ((config-if) prompt).
Exiting Configuration Modes
- Back to Global Configuration: Use exit.
- Exit Entirely: Use
endto return to privilege exec mode.
Exploring Specialized Configuration Modes
Router Configuration Mode:
- Access with router ospf 1 for OSPF settings.
- Commands specific to OSPF configuration ((config-router) prompt).
Exploring Device Configuration and Status
Basic Commands for Routers
View Running Configuration:
Command: show running-config
Displays the current configuration running in memory.
Note: We can use spacebar to see more and q to quite the menu.
View IP Interfaces:
Command: show IP interface brief
Lists interfaces, their IP addresses, and their statuses (layer 1 and layer 2).
Differences between "down" and "administratively down" states on Cisco routers or switches:
Down State: Indicates a physical or data link layer issue where the interface is physically disconnected or not operational due to hardware failure or cable disconnection. Usually requires troubleshooting of physical connections, cables, or hardware components to resolve.
Administratively Down State: Indicates that the interface has been intentionally disabled by an administrator using the
shutdowncommand in interface configuration mode. Typically used for planned maintenance, security reasons, or to prevent traffic on unused interfaces.
Detailed Interface Information:
Command: show interfaces [interface identifier]
Provides detailed information for a specific interface, including speed, IP address, and traffic statistics.
Basic Interface Statistics:
Command: show interfaces stats
Offers basic statistics for interfaces.
View CDP Neighbors:
Command: show CDP neighbors
Lists directly connected Cisco devices.
Detailed CDP Neighbor Information:
Command: show CDP neighbors detail
Provides detailed information about connected devices, such as IOS version.
View IP Routing Table:
Command: show IP route
Displays the router's IP routing table, including connected and learned routes.
View IOS Version:
Command: show version
Shows the IOS version and other system information.
Commands for Switches
View MAC Address Table:
Command: show MAC address-table
Lists MAC addresses learned on different ports.
Show Switch Stack Information:
Command: show switch
Used on stackable switches to view their role in a stack.
Show Installed Modules:
Command: show inventory
Displays modules installed in the physical device.
Reference Table of Cisco IOS Commands
Finally, here's a reference table of the commands we've covered. Feel free to take a screenshot for quick access:
| Command | Description | Privilege Level |
|---|---|---|
show running-config | View the current running configuration | Privileged (15) |
show startup-config | View the saved startup configuration | Privileged (15) |
show IP interface brief | Summary of IP interfaces and their statuses | User (1) |
show interfaces | Detailed information about all interfaces | User (1) |
show interfaces [identifier] | Detailed information about a specific interface | User (1) |
show interfaces stats | Basic statistics for all interfaces | User (1) |
show CDP neighbors | List of directly connected Cisco devices | User (1) |
show CDP neighbors detail | Detailed information on CDP neighbors | User (1) |
show IP route | Display the IP routing table | User (1) |
show version | Show the Cisco IOS version and system information | User (1) |
show MAC address-table | Display the MAC address table of the switch | User (1) |
show switch | Display information about the switch stack | User (1) |
show inventory | Show installed hardware modules and details | User (1) |
configure terminal (conf t) | Enter global configuration mode | Privileged (15) |
interface [type number] | Enter interface configuration mode | Privileged (15) |
exit | Exit to the previous mode | All |
end | Exit configuration mode and return to privilege mode | All |
Conclusion:
Y'all have now saddled up and taken a ride through the wild frontier of Cisco IOS commands! From setting up your routers and switches to mastering privilege levels and diving into interface configurations, you’ve got the lasso on all the key tools you need. Remember, whether you’re taming a routing table or corralling a MAC address table, these commands are your trusty steeds. So, keep this guide handy, and you’ll be wrangling networks like a true Cisco cowboy. Happy trails, and may your packets always find their way home until then Happy Hacking!
