Networking

10 commands you should master when working with the Cisco IOS

Becoming proficient with the Cisco IOS means learning some essential commands. This quick reference describes 10 commands you'll need to rely on when handling various configuration and troubleshooting tasks.

Editor's Note: This article was originally published on TechRepublic July 25, 2006. For your convenience, I'm republishing it in the blog to be part of the Cisco Routers and Switches archive. It is also available as a PDF download.

The Cisco IOS provides thousands of commands, and configuring it can be challenging. Here are 10 commands you need to know, inside and out, when using the Cisco IOS.

#1: The "?"

It may seem entirely too obvious that you should know how to type ? to ask for help when using the Cisco IOS. However, the Cisco IOS is completely different from other operating systems when it comes to using the question mark (help key). As the IOS is a command-line operating system with thousands of possible commands and parameters, using the ? can save your day.

You can use the command in many ways. First, use it when you don't know what command to type. For example, type ? at the command line for a list of all possible commands. You can also use ? when you don't know what a command's next parameter should be. For example, you might type show ip ? If the router requires no other parameters for the command, the router will offer CR as the only option. Finally, use ? to see all commands that start with a particular letter. For example, show c? will return a list of commands that start with the letter c.

#2: show running-configuration

The show running-config command shows the router, switch, or firewall's current configuration. The running-configuration is the config that is in the router's memory. You change this config when you make changes to the router. Keep in mind that config is not saved until you do a copy running-configuration startup-configuration. This command can be abbreviated sh run.

#3: copy running-configuration startup-configuration

This command will save the configuration that is currently being modified (in RAM), also known as the running-configuration, to the nonvolatile RAM (NVRAM). If the power is lost, the NVRAM will preserve this configuration. In other words, if you edit the router's configuration, don't use this command and reboot the router--those changes will be lost. This command can be abbreviated copy run start. The copy command can also be used to copy the running or startup configuration from the router to a TFTP server in case something happens to the router.

#4: show interface

The show interface command displays the status of the router's interfaces. Among other things, this output provides the following:

  • Interface status (up/down)
  • Protocol status on the interface
  • Utilization
  • Errors
  • MTU

This command is essential for troubleshooting a router or switch. It can also be used by specifying a certain interface, like shint fa0/0.

#5: show ip interface

Even more popular than show interface are show ip interface and show ip interface brief. The show ip interface command provides tons of useful information about the configuration and status of the IP protocol and its services, on all interfaces. The show ip interface brief command provides a quick status of the interfaces on the router, including their IP address, Layer 2 status, and Layer 3 status.

#6: config terminal, enable, interface, and router

Cisco routers have different modes where only certain things can be shown or certain things can be changed. Being able to move between these modes is critical to successfully configuring the router.

For example, when logging in, you start off at the user mode (where the prompt looks like >). From there, you type enable to move to privileged mode (where the prompt looks like #). In privileged mode, you can show anything but not make changes. Next, type config terminal (or config t) to go to global configuration mode (where the prompt looks like router(config)# ). From here, you can change global parameters. To change a parameter on an interface (like the IP address), go to interface configuration mode with the interface command (where the prompt looks like router(config-if)#). Also from the global configuration mode, you can go into router configuration using the router {protocol} command. To exit from a mode, type exit.

#7: no shutdown

The no shutdown command enables an interface (brings it up). This command must be used in interface configuration mode. It is useful for new interfaces and for troubleshooting. When you're having trouble with an interface, you may want to try a shut and no shut. Of course, to bring the interface down, reverse the command and just say shutdown. This command can be abbreviated no shut.

#8: show ip route

The show ip route command is used to show the router's routing table. This is the list of all networks that the router can reach, their metric (the router's preference for them), and how to get there. This command can be abbreviated shipro and can have parameters after it, like shiproospf for all OSPF routers. To clear the routing table of all routes, you do clear ip route *. To clear it of just one route, do clear ip route 1.1.1.1 for clearing out that particular network.

#9: show version

The show version command gives you the router's configuration register (essentially, the router's firmware settings for booting up), the last time the router was booted, the version of the IOS, the name of the IOS file, the model of the router, and the router's amount of RAM and Flash. This command can be abbreviated shver.

#10: debug

The debug command has many options and does not work by itself. It provides detailed debugging output on a certain application, protocol, or service. For example, debug ip route will tell you every time a router is added to or removed from the router.

12 comments
willwilco
willwilco

I saw another option that I have yet to try. Once you make your configuration changes, you need to save those changes. This command copies the configuration in RAM that you have been modifying to the configuration in flash. By copying it to flash, it will be saved when the router is powered off and restarted. A shortcut for this command is wr (short for write memory).

stephen.himebaugh
stephen.himebaugh

I use 'show log' and 'show cdp neighbor' more frequently than debug.

davidimitchell
davidimitchell

IOS commands are great learning tools for the Cisco professional. I teach Cisco and find that more IOS commands known by the IT professional the better his or her command of the router will be.

reisen55
reisen55

If I recall from a few years ago, take laptop to router, obtain special cable from RJ45 on laptop to serial 9 pin on the router - connect and telnet into the router. You need router name and password for admin functions. Happy exploring.

BALTHOR
BALTHOR

Now how do I access the firmware in my network card.I suspect that it is very similar.

career
career

term mon should also be in here. It's the easiest way to see errors and debug output in real-time

chris.wade
chris.wade

there's been times when I'm working with a new WAN card that isn't spported by the web interface and requires manually to be setup. It's times like that the IOS commands come in handy.

barth.travis
barth.travis

I've inherited 2 2811's. Supposedly they are both using the same credentials for admin access. One of them will let me admin via the web interface and SSH, and the other will only work with SSH... it rejects the credentials when trying to access the web interface. How can I get around this? Thanks, -Travis

mjlas01
mjlas01

You can easily find rollover cables on eBay for a reasonable price.

career
career

Try adding "ip http authentication local" to the config

option12
option12

several different things could be going on, such as an access list preventing access, etc. You are probably better off accessing these via ssh anyway. Try looking at the usernames, and at the login section of "show running config". you may also need to check if web access is on: ip http server