Cisco IOS Classic Command Cheat Sheet

Welcome to our Cisco IOS Classic Command Cheat Sheet!

Cisco switches and routers use the Internetwork Operating System (IOS), which configures and controls the device’s performance and behavior. Cisco’s IOS defines an interface called the Command Line Interface (CLI), which enables administrators to enter commands into a terminal emulation program. The CLI can be accessed through three methods: the console, Telnet and Secure Shell (SSH).  The IOS has evolved over the years.  This cheat sheet is for what is now called IOS Classic.  Though it may also be used with the newer Cisco IOS-XE.  If you use IOS-XR, while many of these command will work, IOS-XR is a ground up re-write and different operating system.
 
 

Cisco Modes

Users can be logged in to a Cisco device using the following modes:
 
  • Exec mode (user mode) — This has a > prompt and allows the user to look around but not change anything. Accessing the CLI by any of the three methods logs the user into Exec
  • Enable mode (privileged mode or privileged exec mode) — This mode has a # prompt and allows the user to execute privileged commands, such as the reload command, which tells the switch to reboot the Cisco IOS. To enter this mode, the user runs the enable command mode.
  • Global configuration mode — This mode has the #(config) prompt and allows users to enter nondisruptive commands and display some information. Unlike exec and enable mode, configuration mode accepts configuration commands — commands that tell the switch the details of what to do and how to do it. Commands entered in configuration mode update the active configuration file, but the actual changes in configuration take place only after the device reboots. To enter configuration mode, a user executes the configure terminal (conf t) command.  Configuration mode contains several sub-modes. One is interface configuration mode, which can be entered by running the interface FastEthernet 0/1 (int fa0/1) configuration command.

Show Command

The show command is one of the most helpful commands because you can find the status of almost every feature of the Cisco IOS. It reads the current configuration from the Cisco device’s RAM and lists the requested settings in the CLI.
For example, the show version command displays information about the Cisco IOS version currently loaded on a device.

Terminal Monitor

terminal monitor – turns on terminal monitoring
terminal no monitor – turns off terminal monitoring

Debug

Similar to the show command, debug reveals information about the device’s settings. However, instead of just listing the current status, the debug command asks the device to continue monitoring different processes in it and send messages to the user when different events occur, showing the status of settings over time. As a result, the debug command takes more CPU cycles, but it lets you monitor what is happening in a switch in real time.
 
  • show debug (displays all current debug operations)
  • debug ip routing (displays routing related events)
  • debug ip rip (displays rip routing events when enabled)
  • debug ip ospf events (displays OSPF activity when enabled on a router)
  • debug all (DANGEROUS – but turns on all debugging on Cisco IOS)

Securing Login to Cisco Devices

Cisco devices authenticate users as they log in, but the default configuration uses only simple password security and the enable password command defines the password for the current login. You can help protect enable mode by using the enable secret command instead. The older enable password command stores the password as clear text in the running configuration, and the only way to encrypt it is to use the weak service password-encryption command. The newer enable secret command automatically encodes the password using a Message Digest 5 (MD5) hash.

Router Platform

  • hostname newname (to change the name of the device to the string you specify)
  • copy running-config startup-config or copy run start (to overwrite the current startup config file with what is currently in the running configuration file)
  • copy {tftp | running-config | startup-config} {tftp | running-config | startup-config} (the copy command can be used to copy files on a Cisco device, such as a configuration file or a new version of the Cisco IOS. Files can be copied between RAM, NVRAM and a TFTP server. The first set of parameters in braces is the “from” location; the next set is the “to” location. When a file is copied into NVRAM or a TFTP server, the copy command always overwrites the existing destination file with the new file. However, when the copy command copies a configuration file into the running config file in RAM, the configuration file in RAM is not replaced; it is merged instead)
  • write erase, erase startup-config and erase nvram (these commands all erase the contents of the NVRAM configuration file, so if the device is then reloaded, there is no initial configuration and you have to begin initial device configuration)
  • show running-config
  • show startup-config
  • show clock (displays current time setting)
  • show history (displays a history of input IOS commands)
  • show diag (displays hardware information)
  • show interface (displays all interface information)
  • show ip interface {brief} (displays information about installed ip interfaces)
  • show ip arp (displays entire ARP table)
  • show version (lots of info on IOS version, interfaces, memory and more)
  • show protocols (displays what protocols are currently running)
  • show process (displays all running processes on the platform)
  • show memory (displays current memory usage)
  • show buffers (displays packet buffer allocation and utilization)
  • show ip traffic (displays a summary of IP traffic statistics)
  • show access-list (shows the all the currently configured access-lists, but it also shows you the number of hits each line has received)
  • show users (displays who is currently logged on/configuring the router)
  • show processes – shows active processes running on router
  • show memory – shows memory statistics
  • show flash – describes the flash memory and displays the size of files and the amount of free flash memory
  • show buffers – displays statistics for router buffer pools; shows the size of the Small, Middle, Big, Very Big, Large and Huge Buffers
  • show stacks – shows reason for last reboot, monitors the stack use of processes and interrupts routines
  • show port – similar to the show interface command on routers, this command gives you the status of ports on a switch.
  • show vlan – use this command to make sure your ports are in the VLANs you think they are. Its output is very well designed.
  • show tech-support – this command is great for collecting a lot of info. It basically runs a whole bunch of other show commands, and spits out dozens of pages of detailed output, designed to be sent to technical support. But, it’s also useful for other purposes.

Cisco Discovery Protocol (CDP)

show cdp neighbors {detail} (if CDP is enabled, this is a quick way to display what neighbors exist on which interfaces – must all be Cisco devices)
show cdp interfaces – shows which interfaces are running CDP
show cdp entry – shows CDP neighbor detail
cdp timer 120 – change how often CDP info is sent (default cdp timer is 60)
cdp holdtime 240 – how long to wait before removing a CDP neighbor (default CDP holdtime is 180)
show cdp run – shows if CDP turned on
no cdp run – turns off CDP for entire router (global config)
no cdp enable – turns off CDP on specific interface

TCP

show ip socket
show tcp brief
show tcp tcb (number from tcp above)

Basic IP Routing

show ip protocols
show ip route {summary}
show ip cef {detail}

BGP

show ip bgp neighbor {address}
show ip bgp summary

MPLS

show mpls interfaces
show mpls ip bindings
show mpls forwarding-table {detail}

LDP

show mpls ldp parameters
show mpls ldp neighbor {detail}
show mpls ldp discovery
show mpls ldp bindings

MPLS DEBUG

debug mpls ldp …
debug mpls lfib …
debug mpls packets {interface}

MPLS L3VPNs

ping vrf {vrfname} {ipaddress}
traceroute vrf {vrfname} {address}
telnet {address} /vrf {vrfname}

VRF

show ip vrf {detail}
show ip vrf interfaces
show ip protocol vrf {vrfname}
show ip route vrf {vrfname}
show ip cef vrf {vrfname}
show mpls forwarding vfr {vrfname} {address} {detail}

MBGP

show ip bgp vpnv4 all summary
show ip bgp vpnv4 vrf {vrfname} {iproute}
show ip bgp vpnv4 rd {rd number} summary
show ip bgp vpnv4 rd {rd number} neighbors {address} routes
show ip bgp vpnv4 rd {rd number} tags
show ip bgp neighbor x.x.x.x advertised-routes
show ip bgp recieved-routes

Clearing and Resetting Commands

clear ip route * (clears the ip route tables and causes the routing adjancencies to be reestablished)
clear ip bgp * (clears the BGP routing tables and resets the adjacencies)
clear count {interface} (clears the QoS and traffic counters on the specified interface)

Important Editing keys

backspace or delete key (deletes one character to the left of the CLI cursor position)
crtl-d (deletes one character to the right of the CLI cursor position)
ctrl-b or left arrow (moves cursor to the left on character)
ctrl-f or right arrow (moves cursor to the right one word)
ctrl-shift-6 (break operation – i.e. when ping is hung up)
esc-b (moves cursor to the left one word)
esc-f (moves cursor to the right one word)
ctrl-a (moves cursor to the beginning of a line)
ctrl-e (moves cursor to the end of a line)

We hope you like this cheat sheet!

Leave a Comment

Contact Us Here


Please verify.
Validation complete :)
Validation failed :(
 
Your contact request has been received. We usually respond within an hour, but please be patient. We will get back to you very soon.
Scroll to Top