Networking optimize

Cisco administration 101: Five interface commands you should know

Whether you're a seasoned admin or a newbie, it's always a good idea to review from time to time. When working with routers and switches, you usually don't have to configure an interface using the Cisco IOS every day, and it's easy to become a little rusty on the necessary commands. David Davis lists five Cisco IOS Interface Configuration Mode commands everyone should know.

When working with routers and switches, you usually don't have to configure an interface using the Cisco IOS every day, and it's easy to become a little rusty on the necessary commands. Whether you're a seasoned admin or a newbie, it's important to review from time to time. Let's look at five Cisco IOS Interface Configuration Mode commands everyone should know.

To begin, here's what Interface Configuration Mode looks like in the Cisco IOS:

Router(config-if)#

As the name suggests, you use this mode to configure an interface on a router or switch. To get to this mode, you need to specify the interface you want to configure. Here's an example:

Router(config)# interface FastEthernet0/0
Router(config-if)#

Alternatively, you can configure a group of interfaces at the same time by using the interface range command. Here's an example:

Router(config)# interface range FastEthernet0/0 – 10
Router(config-if-range)#

Once you're in Interface Configuration Mode, you can always enter help to view a list of commands. But that's a long list—how do you know which ones are the most important? Let's look at five commands you should definitely know.

no shutdown

By default, a Cisco router or switch shuts down all ports, meaning the ports aren't operational. However, this is different from a device such as a Linksys router; by default, all ports of one of these devices are operational when you turn on the device.

To enable ports for use, you can use the no shutdown command. This reverses the shutdown state and enables the port. Here's an example:

Router(config-if)# no shutdown

In addition to using this command the first time you use the ports, you can also use it whenever you're having trouble with the port to "bounce" it. You would also use it after making extensive configuration changes to the port.

ip address

To put an IP address on a port, use the ip address command. When using this command, you must provide the IP address and subnet mask. Here's an example:

Router(config-if)# ip address 1.1.1.1 255.255.255.0

Alternatively, you can make the port broadcast and request a DHCP IP address by using the following command:

Router(config-if)# ip address dhcp

description

While adding a description to a port is optional, it offers a great benefit. For example, if you come back to a router a year after configuring it, you may not remember which port goes to the HR LAN and which port goes to the MRK LAN.

By adding details using the description command, anyone working on the router will know, which saves time and could even prevent outages. Here's an example:

Router(config-if)# description HR LAN

You can add even more information. For example:

Router(config-if)# description Sprint T1 to Internet Circuit ID GH.2343 
call 800-555-5555 for support

bandwidth

Like the description command, the bandwidth command is also optional. However, keep in mind that you use the bandwidth command only to tell routing protocols the preferred interface—it doesn't dictate the actual bandwidth of the port. (For more information, see "Clarifying the Cisco IOS bandwidth command.")

I also like to use this command for documentation purposes. For example, I might use it to make sure I know the port speed of a fractional T1 circuit.

Below is an example. Note that the specified bandwidth value is in Kb, so 512 is a 512-Kb circuit.

Router(config-if)# bandwidth 512

ip access-group

It's a common practice to apply an access list to an interface to control traffic coming in or going out. Using an access list, you can filter traffic in just about any way you choose. (For more information, see "Learn additional uses for Cisco IOS access control lists.")

For example, let's say you created an access list called NOHTTPOUT. Here's how you would apply it to the interface:

Router(config-if)# ip access-group NOHTTPOUT out

Some special-purpose
commands

Let's look at a couple of commands that you may not use on a daily basis—but that are still handy to know.

duplex and speed
These typically aren't commands you use every day. In fact, you only use the duplex and speed commands when connecting a router or switch to another device for the first time.

However, these commands are very important because the duplex and speed of an Ethernet interface must match the interface on the other side. I've experienced problems with performance or interfaces going down in the past, only to discover that the speed or duplex didn't match on each side of the connection.

Here's an example of setting an Ethernet port to 100Mb Full duplex:

Router(config-if)# speed 100
Router(config-if)# duplex full

By default, these should autonegotiate. This usually works—but not always. If the autonegotiation doesn't work or doesn't work consistently, you may end up using these commands.

switchport
You only use the switchport command on switches—not routers. It can put a port into trunk mode, into a certain VLAN, or even to set port security.

Its most common use is to configure an interface to connect to an access device (e.g., workstation, server, printer, etc.). Here's an example:

Switch(config-if)# switchport mode access

You can also use this command to put a port in a certain VLAN:

Switch(config-if)# switchport access vlan 101

Which Interface Configuration Mode commands do you use the most? Which ones did I miss? Share your comments in this article's discussion.

Miss a column?

Check out the Cisco Routers and Switches Archive, and catch up on David Davis' most recent columns.

Want to learn more about router and switch management? Automatically sign up for our free Cisco Routers and Switches newsletter, delivered each Friday!

David Davis has worked in the IT industry for 12 years and holds several certifications, including CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of systems/network administrators for a privately owned retail company and performs networking/systems consulting on a part-time basis.

0 comments