Commands for CCNA

debug eigrp fsm

Command using to examine some of the output from EIGRP's FSM. Use this command to examine what DUAL does when a route is removed from the routing table.

ping traceroute show ip route show ip interface brief show cdp neighbors detail

Common IOS troubleshooting commands include:

Step 1. Enable DHCP snooping using the ip dhcp snooping global configuration mode command. Step 2. Enable DHCP snooping for specific VLANs using the ip dhcp snooping vlan number command. Step 3. Define ports as trusted at the interface level by defining the trusted ports using the ip dhcp snooping trust command. Step 4. (Optional) Limit the rate at which an attacker can continually send bogus DHCP requests through untrusted ports to the DHCP server using the ip dhcp snooping limit rate rate command.

How to configure DHCP snooping on switch

ip route network mask {next-hop-ip | exit-intf}

IPv4 static routes are configured in global configuration command

encapsulation hdlc

If the default encapsulation method has been changed, use the command in privileged EXEC mode to re-enable HDLC.

ip dhcp pool pool_name

creates a dhcp pool with the specified name and puts the router in DHCPv4 configuration mode

ipv6 dhcp pool pool_name

creates a pool and enters the router in DHCPv6 configuration mode, which is identified by the Router(config-dhcpv6)# prompt.

spanning-tree bpduguard enable

enables BPDU guard

spanning-tree portfast bpduguard default

enables BPDU guard on all PortFast-enabled ports.

IPv6 unicast-routing

enables IPv6 routing

spanning-tree portfast default

enables PortFast on all nontrunking interfaces.

no access-list

enter in global mode to remove entire access list

ip helper-address ip_address

enter in interface mode to configure dhcpv4 relay

ipv6 dhcp relay destination ip_address

enter in interface mode to configure dhcpv6 relay

no ip access-group

enter in interface mode to remove interface from access list

Router(config-if)# no ipv6 nd managed-config-flag Router(config-if)# no ipv6 nd other-config-flag

enter in interface mode, to re-enable an interface for SLAAC(Stateless Address Autoconfiguration) that might have been set to another option

interface port-channel identifier_number

enter port channel interface configuration mode

show ipv6 ospf

examine the OSPFv3 process ID and router ID.

debug ip nat detailed

generates a description of each packet considered for translation. This command also provides information about certain errors or exception conditions, such as the failure to allocate a global address.

show spanning-tree vlan vlan_id

get STP information for a particular VLAN. Use this command to get information about the role and status of each port on the switch.

enable or en

go to Privileged EXEC Mode

R1 (config) # interface g0/0.subinterface_number R1 (config-subif) # encapsulation dot1q vlan_id R1 (config-subif) # ip address 172.17.10.1 255.255.255.0 R1 (config-subif) # interface g0/0 R1 (config-if) # no shutdown

how to configure subinterfaces on router The subinterface number is configurable, but it typically reflects the VLAN number.

no auto-summary

no longer summarizes networks to their classful address at boundary routers

enable password

older one, less secure

clear ip nat translation *

privileged EXEC command to clear all translations from the table. Note: Only the dynamic translations are cleared from the table. Static translations cannot be cleared from the translation table.

redistribute static

propagate that route throughout the EIGRP domain. tells EIGRP to include static routes in its EIGRP updates to other routers. Configure on router configuration mode

show interfaces etherchannel

provide information about the role of the interface in the EtherChannel

show ipv6 route ospf

provides specifics about OSPFv3 routes in the routing table.

service dhcp

re-enable the DHCPv4 server

S1# configure terminal S1 (config-if) # interface interface_id S1 (config-if) # no switchport access vlan S1 (config-if) # end

remove VLAN assignment

no interface port-channel channel_id

remove entire etherchannel

no ip ospf dead-interval

reset OSPFv2 dead interval seconds

no ip ospf hello-interval

reset OSPFv2 hello interval seconds

no ipv6 ospf dead-interval

reset OSPFv3 dead interval seconds

no ipv6 ospf hello-interval

reset OSPFv3 hello interval seconds

show ip route show ip route static show ip route network show running-config | section ip route

show routing table show static routing table show specific routing table for the destination ip show ip route setting on running-config

show span

show spanning-tree protocols

show frame-relay lmi

show the Local Management Interface (LMI) of Frame Relay - The output shows the LMI type used by the Frame Relay interface and the counters for the LMI status exchange sequence, including errors such as LMI timeouts.

show cdp neighbors & show cdp neighbors

show which int connect to which name and int of devices

show ip nat translations

shows active NAT translations

show etherchannel summary

simply display one line of information per port channel

Switch(config)# interface range type module/first-number - last-number

t is simple to make configuration changes to multiple ports on a switch. If a range of ports must be configured, use the interface range command.

configure terminal or conf t

take the device from privileged EXEC mode to the global configuration mode

clock set ?

the IOS displays what command arguments or variables can be next, and provides an explanation of each

dns-server ip_address

the IPv4 address of the DNS server that is available to a DHCPv4 client

show ip ospf interface

the quickest way to verify OSPF interface settings

default-router ip_address

to define the default gateway router for dhcp

ipv6 eigrp as_number

to enable eigrp on an interface

security passwords min-length

to ensure that all configured passwords are a minimum of a specified length

ip ospf priority value_number

to set the OSPFv2 priority of an interface

ipv6 ospf priority value_number

to set the OSPFv3 priority of an interface

show access-list

to show the access list you created

show frame-relay map

to show the map of Frame Relay

netbios-name-server address [address2...address8]

used to define the NetBIOS WINS server for dhcp

domain-name domain

used to define the domain name for dhcp

show ip ospf

used to examine the OSPF process ID and router ID

show ip dhcp server statistics

used to verify that messages are being received or sent by the router. This command displays count information regarding the number of DHCPv4 messages that have been sent and received.

show ntp status

user EXEC command can be used to display such information as the NTP synchronization status, the peer that the device is synchronized to, and in which NTP strata the device is functioning.

show ipv6 dhcp interface

verifies the interface is in relay mode with ipv6_address destination configured as the DHCPv6 server.

show ipv6 dhcp pool

verifies the name of the DHCPv6 pool and its parameters.

ping

verify connectivity

show ipv6 route

verify that IPv6 networks and specific IPv6 interface addresses have been installed in the IPv6 routing table

clear ip nat statistics

verify that the NAT translation is working, it is best to clear statistics from any past translations before testing

show ipv6 protocols

verify that the OSPFv3

show ip ospf neighbor

verify that the router has formed an adjacency with its neighboring routers on OSPFv2

show ipv6 ospf neighbor

verify that the router has formed an adjacency with its neighboring routers on OSPFv3

show glbd

verify the Gateway Load Balancing Protocol (GLBP) status

show ip ospf interface interface_id

verify the current OSPF cost assigned to the interface

debug ip nat

verify the operation of the NAT feature by displaying information about every packet that is translated by the router

show ip eigrp neighbors

view the neighbor table and verify that EIGRP has established an adjacency with its neighbors.

ipv6 rip domain-name enable

enable RIPng on interface for ipv6

show bootvar

(show boot in older IOS versions) to see what the current IOS boot file is set to.

bandwidth 100

Adjusting the Interface Bandwidth for OSPF and EIGRP interfaces in kilobits

no bandwidth

Adjusting the Interface Bandwidth for OSPF and EIGRP interfaces in kilobits to default

copy running-config startup-config

After being executed, the running configuration file updates the startup configuration file.

banner motd # message #

Although requiring passwords is one way to keep unauthorized personnel out of a network, it is vital to provide a method for declaring that only authorized personnel should attempt to gain entry into the device. To do this, add a banner to the device output.

reload

Assuming that we have not overwritten the startup configuration with the changes, we can replace the running configuration with the startup configuration by using this command.

frame-relay lmi-type [cisco | ansi | q933a]

Based on the LMI status messages it receives from the Frame Relay switch, the router automatically configures its interface with the supported LMI type acknowledged by the Frame Relay switch. If it is necessary to set the LMI type, use the command. Configuring the LMI type disables the autosense feature.

eigrp log-neighbor-changes

By Default is enable. On router configuration mode command is enabled.This command is used to: 1) Display any changes in EIGRP neighbor adjacencies. 2) Help verify neighbor adjacencies during configuration of EIGRP. 3) Advise the network administrator when any EIGRP adjacencies have been removed.

logging console - logging buffered

By default, Cisco routers and switches send log messages for all severity levels to the console. On some IOS versions, the device also buffers log messages by default. To enable these two settings, use the commands on global configuration mode

ip nat translation timeout timeout_seconds

By default, NAT translation entries time out after 24 hours, unless the timers have been reconfigured

Router(config)# line vty 0 4 Router(config-line )# exec-timeout 10

By setting the exec timeout, you are telling the Cisco device to automatically disconnect users on a line after they have been idle for the duration of the exec timeout value. Exec timeouts can be configured on console, vty, and aux ports. This command will disconnect users after 10 minutes.

maximum-paths value

Cisco IOS, by default, allows EIGRP load balancing using up to four equal-cost paths; however, this can be modified on router configuration mode command. If the value is set to 1, load balancing is disabled.

show ip ospf interface brief

Command is useful to display a summary and status of OSPF-enabled interfaces.

S1(config)# interface f0/6 S1(config-if)# no switchport S1(config-if)# ip address 192.168.200.1 255.255.255.0 S1(config-if)# no shutdown S1(config-if)# end

Configure routed ports by putting the interface into Layer 3 mode with the no switchport interface configuration command. Then assign an IP address to the port. That's it!

ipv6 dhcp server pool_name

Configure the DHCPv6 Interface Interface configuration mode command binds the DHCPv6 pool to the interface.

summary-address address mask

Configured external route summarization on ASBRs on router configuration mode command.

ipv6 router ospf process_id

Configuring the OSPFv3

show ip route ospf

Display all routers learned through OSPFv2 from routing table

show ppp multilink

Display information about a ppp multilink interface

show mac-address-table

Displays all MAC addresses that the switch has learned, how those addresses were learned (dynamic/static), the port number, and the VLAN assigned to the port.

show protocols

Displays information about the routed protocol that is enabled, and the protocol status of interfaces.

show running-config interface interface-id

Displays the commands configured on the specified interface.

Router# show ssh

Displays the status of SSH server connections.

Router# show ip ssh

Displays the version and configuration data for SSH.

clear access-list counters access-list_ID/Name

During testing of an ACL, the counters can be cleared using this command

variance value

EIGRP for IPv4 and IPv6 can also balance traffic across multiple routes that have different metrics. This type of balancing is called unequal-cost load balancing. Command in router configuration mode enables EIGRP to install multiple loop-free routes with unequal cost in a local routing table.

clear ip nat translation

EXEC mode command. It is useful to clear the dynamic entries when testing the NAT configuration.

R3# configure terminal _ R3(config)# interface serial 0/0/0 - R3(config-if)# encapsulation ppp

Enabling PPP on an Interface. Remember that if PPP is not configured on a Cisco router, the default encapsulation for serial interfaces is HDLC.

Router(config)# interface loopback number Router(config-if)# ip address ip-address subnet-mask Router(config-if)# exit

Enabling and assigning a loopback address

frame-relay map protocol protocol-address dlci [broadcast] [ietf] [cisco]

Establishing Frame Relay static mapping depends on your network needs. To map between a next hop protocol address and DLCI destination address, use this command - Use the keyword ietf when connecting to a non-Cisco router.

Step 1: ip domain-name domain-name Step 2: crypto key generate rsa general-keys modulus modulus-size Step 3: Create a local database username entry using the username name secret secret global configuration command. Step 4: Enable vty inbound SSH sessions using the line vty commands login local and transport input ssh.

It is possible to configure a Cisco device to support SSH using four steps Just note that the modulus determines the size of the key and can be configured from 360 bits to 2048 bits. The larger the modulus, the more secure the key, but the longer it takes to encrypt and decrypt information. The minimum recommended modulus length is 1024 bits.

debug ppp authentication

Never assume your authentication configuration works without testing it. Debugging allows you to confirm your configuration and correct any deficiencies. For debugging PPP authentication, use the command.

interface interface_id ipv6 ospf process_id area area_id

OSPFv3 configure directly on the interface instead of using network command router configuration mode command

show ip route

On a Cisco IOS router, this command can be used to display the routing table of a router.

route print or netstat -r

On a Windows host, those commands can be used to display the host routing table. Both commands generate the same output. The output may seem overwhelming at first, but is fairly simple to understand.

delete vlan.dat

On a switch you must also issue the delete vlan.dat command in addition to the erase startup-config command in order to return the device to its default "out-of-the-box" configuration (comparable to a factory reset)

keepalive

On interface configuration command. By default, the keepalive time interval is 10 seconds on Cisco serial interfaces. You can change the keepalive interval. The LMI status exchange messages determine the status of the PVC connection. A large mismatch in the keepalive interval on the router and the switch can cause the switch to declare the router dead.

metric weights tos k1 k2 k3 k4 k5

On router configuration mode command. To change EIGRP composite metric. Modifying the metric weights value is generally not recommended.

show ip route show interfaces show ip interface

Other interface verification commands: 1) Displays the contents of the IPv4 routing table stored in RAM. 2) Displays statistics for all interfaces on the device. 3) Displays the IPv4 statistics for all interfaces on a router.

show run | begin [interface interface-id]

Sticky MAC addresses are added to the MAC address table and to the running configuration.

crypto key zeroize rsa

To delete the RSA key pair. After the RSA key pair is deleted, the SSH server is automatically disabled.

ip hello-interval eigrp as_number seconds

The command to configure a different Hello interval for ipv4 EIGRP on interface configuration mode

ipv6 hold-time eigrp as_number seconds

The command to configure a different Hello interval for ipv6 EIGRP on interface configuration mode

ip hold-time eigrp as_number seconds

The command to configure a different Hold time for ipv4 EIGRP on interface configuration mode

ipv6 hello-interval eigrp as_number seconds

The command to configure a different Hold time for ipv6 EIGRP on interface configuration mode

description Link to LAN -0

The description text is limited to 240 characters. On production networks, a description can be helpful in troubleshooting by providing information about the type of network that the interface is connected to and if there are any other routers on that network.

lease { days [hours] [minutes] | infinite}

The duration of the DHCPv4 lease can be changed

debug ip packet

The extended ACL is used with this command to debug

channel-group identifier_number mode active

The identifier specifies a channel group number. The mode active keywords identify this as an LACP EtherChannel configuration.

service password-encryption

This command causes the encryption of passwords to occur when a password is configured. The purpose of this command is to keep unauthorized individuals from viewing passwords in the configuration file.

show ip dhcp binding

This command displays a list of all IPv4 address to MAC address bindings that have been provided by the DHCPv4 service.

show version

This command displays information about the currently loaded IOS version, along with hardware and device information.

spanning-tree vlan vlan_id priority value

This command gives more granular control over the bridge priority value. The priority value is configured in increments of 4,096 between 0 and 61,440.

debug ip dhcp server events

This command reports server events, like address assignments and database updates. It is also used for decoding DHCPv4 receptions and transmissions.

login block-for 120 attempts 3 within 60

This command will block login attempts for 120 seconds, if there are three failed login attempts within 60 seconds.

Switch(config)# line vty 0 15 Switch(config-line)# password cisco Switch(config-line)# login

This prevents Telnet access to the device without authentication.

Switch(config)# line console 0 Switch(config-line)# password cisco Switch(config-line)# login

This reduces the chance of unauthorized personnel physically plugging a cable into the device and gaining device access. The console user will be prompted to enter a password before gaining access to the CLI.

ntp server ip-address

To allow the software clock to be synchronized by an NTP time server. use in global configuration mode

switchport port-security violation {protect | restrict | shutdown}

To change the violation mode on a switch port.

clear frame-relay inarp

To clear dynamically created Frame Relay maps that are created using Inverse ARP

ipv6 summary-address eigrp as_number prefix/prefix_length

To configure EIGRP for IPv6 manual summarization on a specific EIGRP interface, use the following interface configuration mode command:

ip default-gateway 192.168.10.1

To configure a default gateway on a switch

ipv6 route ::/0 {ipv6-address | interface-type interface-number}

To configure a default static IPv6 route

ntp master [stratum]

To configure a device as having an NTP master clock to which peers can synchronize themselves. use in global configuration mode

ip route 0.0.0.0 0.0.0.0 {exit-intf | next-hop-ip}

To configure an IPv4 default static route

R3(config)# interface serial 0/0/0 - R3(config-if)# encapsulation ppp - R3(config-if)# compress [ predictor | stac ]

To configure compression over PPP, enter the following commands:

ipv6 bandwidth-percent eigrp as-number percent

To configure the percentage of bandwidth that can be used by EIGRP for IPv6 on an interface

traffic-share balanced

To control how EIGRP traffic is distributed among routes when there are multiple routes for the same destination network that have different costs. Traffic is then distributed proportionately to the ratio of the costs.

router ?

To determine which routing protocols are supported by the IOS

no cdp run

To disable CDP globally, use the global configuration command

no cdp enable

To disable CDP on an interface, use the interface command

show port-security [interface interface-id]

To display port security settings for the switch or for the specified interface

show ntp associations

To display the status of NTP associations. use in privileged EXEC mode

show ip interface brief

To display the usability status of interfaces configured for various IP addresses, use the show ip interface brief command in privileged EXEC mode.

ip ospf message-digest-key key md5 password ip ospf authentication message-digest interface

To enable MD5 authentication for OSPF on a per-interface basis, configure: on interface configuration mode command. on interface configuration mode command.

ip ospf message-digest-key key md5 password area area-id authentication message-digest router

To enable OSPF MD5 authentication globally, configure: on interface configuration mode command. on configuration mode command.

sdm prefer lanbase-routing

To enable the routing functionality on the 2960 switch in global configuration mode

erase NVRAM:startup-config erase startup-config

To erase the startup configuration file

ip summary-address eigrp as_number network_address subnet_mask

To establish EIGRP manual summarization on a specific EIGRP interface, use the following interface configuration mode command

area area_id range address mask

To manually configure interarea route summarization on an ABR (OSPFv2) on router configuration mode command.

area area_id range prefix/prefix_length.

To manually configure interarea route summarization on an ABR (OSPFv3) on router configuration mode command.

Router(config-if)# ipv6 nd other-config-flag

To modify the RA(Router Advertisement) message sent on the interface of a router to indicate stateless DHCPv6. The stateless DHCPv6 option informs the client to use the information in the RA message for addressing, but additional configuration parameters are available from a DHCPv6 server.

Router(config-if)# ipv6 nd managed-config-flag

To modify the RA(Router Advertisement) message sent on the interface of a router to signify stateful DHCPv6:

_ _ _ - _ _ Router(config)# boot system flash0://c1900-universalk9-mz.SPA.152-4.M3.bin _ Router(config)# boot system tftp://c1900-universalk9-mz.SPA.152-4.M3.bin _ no boot system

To upgrade to the copied IOS image after that image is saved on the router's flash memory, configure the router to load the new image during bootup. command is a global configuration command that allows the user to specify the source for the Cisco IOS Software image to load. Specify the flash device as the source of the Cisco IOS image. _ Specify the TFTP server as a source of Cisco IOS image. _ _ commands in the configuration, the router defaults to loading the first valid Cisco IOS image in flash memory and running it.

show standby

To verify Hot Standby Router Protocol (HSRP) state

cd nvram pwd dir

To view the contents of NVRAM, you must change the current default file system

show ip ospf database

Verify Link-State Database of OSPF (LSDB)

show port-security address

Verify Secure MAC Addresses To display all secure MAC addresses configured on all switch interfaces, or on a specified interface with aging information for each

Router(config)# key chain name-of-chain _ _ _ Router(config-keychain)# key key-id _ _ _ _ _ Router(config-keychain-key )# key-string key-string-text _ _ _ Router(config)# interface type number _ Router(config-if)# ip authentication mode eigrp as-number md5 _ Router(config-if)# ip authentication key-chain eigrp as-number name-of-chain

a. In global configuration mode, create the keychain. Although multiple keys can be configured, this section focuses on the use of a single key. _ b. Specify the key ID. The key ID is the number used to identify an authentication key within a keychain. The range of keys is from 0 to 2,147,483,647. It is recommended that the key number be the same on all routers in the configuration. _ c. Specify the key string for the key. The key string is similar to a password. Routers exchanging authentication keys must be configured using the same key string. _ Configure EIGRP to perform message authentication with the previously defined key. Complete this configuration on all interfaces enabled for EIGRP. _ _ Specify the keychain that should be used for authentication. The name-of-chain argument specifies the keychain that was created previously.

ip ospf cost 647

alternative to setting the default interface bandwidth, the cost can be manually configured on an interface

spanning-tree vlan vlan_id root primary

assigned as the primary root bridge

ip ssh time-out 60

auto logout idle for 60 second on ssh

auto-cost reference-bandwidth 100

change reference bandwidth to 100Mb/s on OSPF domain

show running-config | include no service dhcp

check the dhcp server is not disable on router

show interface trunk

check the status of the trunk ports on the switches

no hostname

command caused the device to revert to the default hostname.

show ip protocols

command displays the IPv4 routing protocol settings currently configured on the router.

show ipv6 ospf interface brief

command displays the active OSPFv3 interfaces

show frame-relay pvc

command displays the status of all the PVCs configured on the router. You can also specify a particular PVC.

clock set 19:50:00 ?

command explanation with more than one argument or variable option

show snmp community

command output does not display information relating to the SNMP community string or, if applicable, the associated ACL.

enable secret password

command provides greater security because the password is encrypted

ip bandwidth-percent eigrp as_number percent

command to configure the percentage of bandwidth that can be used by EIGRP on an interface. By default, EIGRP uses only up to 50 percent of an interface's bandwidth for ipv4 EIGRP information.

debug frame-relay lmi

command to determine whether the router and the Frame Relay switch are sending and receiving LMI packets properly. - Look at the figure to examine the output of an LMI exchange. -out is an LMI status message sent by the router. -in is a message received from the Frame Relay switch. -A full LMI status message is a type 0. -An LMI exchange is a type 1. -dlci 102, status 0x2 means that the status of DLCI 102 is active. - The possible values of the status field are as follows: -0x0 - The switch has this DLCI programmed, but for some reason it is not usable. The reason could possibly be the other end of the PVC is down. -0x2 - The Frame Relay switch has the DLCI and everything is operational. -0x4 - The Frame Relay switch does not have this DLCI programmed for the router, but that it was programmed at some point in the past. This could also be caused by the DLCIs being reversed on the router, or by the PVC being deleted by the service provider in the Frame Relay cloud.

clear counters

command to reset the PVC statistics counters. Wait 5 or 10 minutes after clearing the counters before issuing the show commands again. Note any additional errors. If you need to contact the carrier, these statistics help in resolving the issues.

terminal length number

command to specify the number of lines to be displayed. A value of 0 (zero) prevents the router from pausing between screens of output.

show frame-relay pvc [interface interface] [dlci]

command to view PVC and traffic statistics. This command is also useful for viewing the number of BECN and FECN packets received by the router. The PVC status can be active, inactive, or deleted.

show snmp

command, as it displays the information that is commonly of interest when examining the SNMP configuration. Unless there is an involved SNMPv3 configuration, for the most part the other command options only display selected portions of the output of the commands

ip route 0.0.0.0 0.0.0.0 interface interface_id

configuration of an IPv4 default static route

ip ospf dead-interval 20

configure OSPFv2 dead interval to 20 seconds

ip ospf hello-interval 5

configure OSPFv2 hello interval to 5 seconds

ipv6 ospf dead-interval 20

configure OSPFv3 dead interval to 20 seconds

ipv6 ospf hello-interval 5

configure OSPFv3 hello interval to 5 seconds

ipv6 ospf process_id area area_id

configure OSPFv3 on interfaces

R1(config)# access-list 1 permit 192.168.10.0 0.0.0.255 R1(config)# interface interface_id R1(config-if)# ip access-group 1 out

configure access list with number and apply it on specific interface

spanning-tree portfast

configure as a edge ports that will never have a switch connected to it and immediately transitions to forwarding

ppp authentication pap/chap

configure authentication over ppp by using pap or chap on serial interfaces

ip dhcp excluded-address ip_address/ip_address from low to high for range

configure dhcp excluded addresses

ip access-list standard NO_ACCESS

configure ip access list for name with NO_ACCESS

ipv6 access-list NAME

configure ipv6 access list with NAME name

ipv6 address fe80::1 link-local

configure link local address on router

router ospf process-id network

configure ospf

auto-cost reference-bandwidth ref-bw

configure reference badwidth for OSPF in Mb/s

ip address dhcp

configure router interface as dhcpv4 client on interface mode

ipv6 enable ipv6 address autoconfig

configure router interface as dhcpv6 client on interface mode

ip route 192.168.1.0 255.255.255.0 interface interface_id/next hop address or ip route 192.168.1.0 255.255.255.0 interface interface_id next hop address

configure static route

hostname Sw-Floor-1 or ho Sw-Floor-1

configure the host name of device to Sw-Floor-1

passive-interface interface_id

configure the interface to passive interface on OSPF

S1(config)# vlan vlan_id S1(config-vlan)# name vlan_name S1(config-vlan)# exit S1(config)# interface interface_id S1(config-if)# switchport mode access S1(config-if)# switchport access vlan vlan_id

configure the switch port to the vlan

spanning-tree vlan vlan_id root secondary

configured as the secondary root bridge. This ensures that the alternate switch becomes the root bridge if the primary root bridge fails.

access-class access-list_number in/out

configured in vty line configuration mode restricts incoming and outgoing connections

show ipv6 interface brief

confirms that the correct global IPv6 addresses have been successfully configured and that the interfaces are enabled

debug ipv6 dhcp detail

debug command to view detailed ipv6 dhcp packets

S1# conf t S1 (config-if) # no vlan vlan_id S1 (config-if) # end

delete a VLAN

no ip access-list extended extended_name

delete entire extended ACL in global configuration command.

no service dhcp

disable DHCPv4 server

no cdp run

disable the use of CDP (Cisco Discovery Protocol) on devices or ports that do not need to use it

ip ssh authentication-retries 2

disconnect after 2 fail input password on ssh

cl?

display a list of commands or keywords that start with the characters cl

show etherchannel port-channel

display information about a specific port channel interface

show vlan brief

display the contents of the vlan.dat file.

show ip eigrp topology all-links

displayed EIGRP topology table of all links whether they satisfy the FC (Feasible Condition) or not.

show ip nat translations verbose

displays additional information about each NAT translation, including how long ago the entry was created and used.

show ip dhcp conflict

displays all address conflicts recorded by the DHCPv4 server

show ipv6 dhcp conflict

displays any address conflicts logged by the stateful DHCPv6 server.

show ip nat statistics

displays information about the total number of active translations, NAT configuration parameters, the number of addresses in the pool, and the number of addresses that have been allocated.

show running-config | section dhcp

displays the DHCPv4 commands configured on running-config

show interface port-channel

displays the general status of the port channel interface

show ipv6 interface gigabitethernet 0/0

displays the interface status and all of the IPv6 addresses belonging to the interface

Ctrl + Z

moving from any configuration mode all the way back to privileged EXEC mode

end

moving from any configuration mode all the way back to privileged EXEC mode

disable

return from the privileged EXEC to the user EXEC mode

passive-interface default

set all interfaces to passive interface on OSPF

show ip eigrp topology

show EIGRP topology table

show ip arp

show Resolution Protocol Address on Cisco Router

arp -a

show Resolution Protocol Address on PC

show running-config | section interface interface_id

show ip helper-address on interface

show file systems

which lists all of the available file systems on a Cisco 1941 router, in this example. This command provides useful information such as the amount of available and free memory, the type of file system, and its permissions. Permissions include read only (ro), write only (wo), and read and write (rw), shown in the Flags column of the command output.