Class A address leading bit pattern/1st octet/notes
0xxxxxxx/0–127/ 0 is invalid, 127 reserved for loopback testing
Class B address leading bit pattern/1st octet/notes
Class C address leading bit pattern/1st octet/notes
Class D address leading bit pattern/1st octet/notes
1110xxxx/224–239/Reserved for multicasting
Class E address leading bit pattern/1st octet/notes
1111xxxx/240–255/Reserved for future use or testing.
Use subnets with all zeroes or ones.
Router(config)# ip subnet-zero
Requirements for route summarization.
1) Routers need to be running a classless routing protocol, as they carry subnet mask information with them in routing updates. (Examples are RIP v2, OSPF, EIGRP, IS-IS, and BGP.) 2) Addresses need to be assigned in a hierarchical fashion for the summarized address to have the same high-order bits
If Ethernet LAN port or connection what's the port type, what's it connected to, what's the cable?
RJ-45. Ethernet hub or Ethernet switch. RJ-45.
If T1/E1 WAN port or connection what's the port type, what's it connected to, what's the cable?
RJ-48C/CA81A T1 or E1 network Rollover
If Console what's the port type, what's it connected to, what's the cable?
8 pin Computer COM port Rollover
If Aux what's the port type, what's it connected to, what's the cable?
8 pin Modem RJ-45
If BRI S/T what's the port type, what's it connected to, what's the cable?
RJ-48C/CA81A NT1 device or PINX RJ-45
If BRI U WAN what's the port type, what's it connected to, what's the cable?
RJ-49C/CA11A ISDN network RJ-45
To cable computer COM port to console of router/switch
Use rollover cable
To cable computer NIC to switch/hub
Use straight-through cable
To cable computer NIC to computer NIC
Use crossover cable
To cable switch or hub port to router's Ethernet port
Use straight-through cable.
To cable switch or hub port to switch or hub port
Use crossover cable (check for uplink button or toggle switch to defeat this)
To cable router's Ethernet port to router's Ethernet port
Use crossover cable
To cable computer NIC to router's Ethernet port
Use crossover cable
To cable router's serial port to router's serial port
Use Cisco serial DCE/DTE cables
List all commands available in the current command mode
List all the possible command choices that start with c
What tells you that there are more parameters that need to be entered
% Incomplete Command
Show all subcommands for a command.
Router#command ?
No error message or 'Incomplete Command' message means the command was entered -
successfully Router#
Move user from user mode to privileged mode in router or switch
Router>enable Router# or switch>enable switch#
Log a user off from privileged (router) or user mode (router and switch)
Router#exit or Router>exit or switch>exit
To move back one level
Router(config-if)#exit Router (config)# or Router(config)#exit Router#
To move from privileged mode back to user mode in router or switch
Router#disable Router> or switch#disable
Alternative to 'exit' command
To enter startup mode from the command line if no startup config present.
Move cursor to beginning of line
Ctrl A
Move cursor back one word
Esc b
Move cursor back one character
Ctrl b (or <- )
Move cursor to end of line
Ctrl e
Move cursor forward one character
Ctrl f (or -> )
Move cursor forward one word
Esc f
Move from any prompt back down to privileged mode
Ctrl z
What indicates that the line has been scrolled to the left
Turn off the ability to use keyboard shortcuts
Router#terminal no editing
Re-enable enhanced editing mode to use keyboard shortcuts
Router#terminal editing
Recall commands in the history buffer in a backward sequence, beginning with the most recent command
Ctrl p (or up arrow)
Return to more recent commands in the history buffer after recalling commands with ctrl p key sequence
Ctrl n (or down arrow)
Set the number of commands in the buffer that can recalled by the router (maximum number is 256)
Router#terminal history size number or Router#history size number
Display information about currently loaded IOS including configuration register (router) or software and hardware (switch)
Router# show version or switch# show version
Display information about flash memory
Router#show flash
List all commands used at this edit level in the history buffer.
Router#show history
Indication of user mode
Router> Limited viewing of config cannot make changes in this mode.
Indicator of privileged mode
Router# Can see config and move to make changes
Indicator of global configuration mode
Indicator of interface mode
Indicator of subinterface mode
Indicator of line mode
Indicator of router configuration mode
Move to global config mode.
Router#config terminal
Configure a router or switch name. Includes 1900 series switches.
Router(config)# hostname shem or (config)#hostname shem
Set enable password on router or switch (2900/2950).
Router(config)# enable password shem or 2900Switch(config)# enable password shem
Set enable secret password on router or switch
Router(config)# enable secret shem
Enter console-line mode on router or switch (2900/2950)
Router(config)#line con 0 or 2900Switch(config)# line con 0
Set console-line mode password to shem on switch or router (2900/2950)
Router(config-line)# password shem or 2900Switch(config-line)# password shem
Enable password checking at login for router or switch (2900/2950)
Router(config-line)# login or 2900Switch(config-line)# login
Enter vty line mode for all five vty lines on router or switch
Router(config)# line vty 0 4
Set vty password to shem
Router(config-line)# password shem
Enter auxiliary line mode
Router(config)# line aux 0
Apply a weak encryption to passwords (from time of entry onwards)
Router(config)# service password-encryption
Display statistics for all interfaces (router) or interface configuration and status of line: up/up, up/down, admin down (switch)
Router# show interfaces or switch# show interfaces
Display statistics for a specific interface
Router# show interface type number
Display a summary of all interfaces, including status and IP address assigned
Router# show ip interface brief
Display statistics for interface hardware. Statistics display the clock rate if set and if the cable is DCE, DTE, or not attached
Router# show controllers type number
Display time set on device
Router# show clock
Display local host-to-IP address cache. These are the names and addresses of hosts on the network to which you can connect
Router# show hosts
Display all users connected to device
Router# show users
Display the ARP table
Router# show arp
Display status of configured Layer 3 protocols
Router# show protocols
Display configuration saved in NVRAM.
Router# show startup-config or switch# show start
Display configuration currently in RAM (router) or DRAM (switch)
Router# show running-config [pre 12.0] more system:running-config [12.x] or switch# show running-config
Move to interface Serial x/y mode
Router(config)# int sx/y
Define optional locally significant descriptor of the link (routers and switches).
Router(config-if) #description Blah blah
Assign address and subnet mask to serial interface
Router(config-if)# ip address a.a.a.a m.m.m.m
Assign a clock rate for the serial interface (DCE only)
Router(config-if)# clock rate rrrrr
Turn interface on
Router(config-if)# no shut
Move to FAst ethernet x/y interface mode
Router(config)# int fax/y
Create a MOTD banner.
Router(config)# banner motd # Blah blah# Where the non-initial # is a delimiter
Set the time zone for display purposes based on CUT.
Router(config)# clock timezone thezone disp
Assign a locally significant host name to an IP address.
Router(config)# ip host shem a.a.a.a
Turn off trying to automatically resolve an unrecognized command to a local host name if one is not going to set up DNS.
Router(config)# no ip domain-lookup
Turn on synchronous logging. Information items sent to console will not interrupt the command one types. The command will be moved to a new line
Router(config-line)# logging synchronous (The informational line does not get inserted into the middle of the command one was trying to type. If one were to continue typing, the command would execute properly, even though it looks wrong on the screen.)
Set time limit when console automatically logs off.
Router(config-line)# exec-timeout m s (Don't use 0 0 in production as it means no timeout.)
Save the running-config from DRAM to local NVRAM Router will execute commands in order they were entered on next reload
Router# copy run start [pre 12.0] copy system:running-config nvram:startup-config [12.x] (Doesn't exist for 1900 series switch)
Save the running-config remotely to TFTP server
Router# copy run tftp [pre 12.0] copy system:running-config tftp: [12.x] Will have to reply IP address of TFTP server & dest file name.
Delete the startup-config file from NVRAM without affecting dynamic memory.
Router# erase start [pre 12.0] erase nvram: [12.x] (Reload the router to clear the running-config.)
Default routing in static case using next-hop address
Router(config)# ip route a.a.a.a
Default routing in static case specifying exit interface
Router(config)#ip route typeport
Display contents of IP routing table
Router# show ip route (The codes to the left of the routes in the table tell you from where the router learned the routes. A static route is described by the letter S.)
Instruct IOS to forward packets destined for an unknown subnet to the best supernet route. A supernet route covers a range of subnets with a single entry. Cmd used in RIP.
Router(config)# ip classless
Enable RIP (v1 or v2) as a routing protocol from this mode.
Router(config)# router rip
Specify the network number of the directly connected network you want to advertise. In RIP-1, RIP-2, IGRP one needs to advertise only the classful network number.
Router(config-router)# network w.x.y.z
RIP updates will not be sent out an interface
Router(config-router)# passive-interface typeport
Define a specific neighbor with which to exchange information
Router(config-router)# neighbor a.b.c.d
Turn off split horizon (on by default)
Router(config-router)# no ip split-horizon
Change timers in RIP in seconds except where specified.
Router(config-router# timers basic upd inv holddwn flush sleep(ms)
Limit the number of paths for load balancing to x
Router(config-router)# maximum-paths x (4 = default, 6 = maximum)
Generate a default route into RIP.
Router(config-router)# default-information originate
RIP will now send and receive RIP-2 packets globally as v1 is default
Router(config-router)# version 2
Make interface send only RIP-1 packets
Router(config-if)# ip rip send version 1
Make interface send only RIP-2 packets
Router(config-if)# ip rip send version 2
Make interface send both RIP-1 and RIP-2 packets
Router(config-if)# ip rip send version 1 2
Make interface receive only RIP-1 packets
Router(config-if)# ip rip receive version 1
Make interface receive only RIP-2 packets
Router(config-if)# ip rip receive version 2
Make interface receive both RIP-1 and RIP-2 packets
Router(config-if)# ip rip receive version 1 2
Display all RIP activity in real time
Router# debug ip rip
Display contents of the RIP database
Router# show ip rip database
Change back to RIP-1
Router(config-router)# no version 2
Change RIP routing to RIP-1 from router-config mode.
Router(config-router)# version 1
Turn off RIP-2's summarization of networks at the classful boundary.
Router(config-router)# no auto-summary
Re-enable RIP-2's summarization of networks at the classful boundary.
Router(config-router)# auto-summary
Enable IGRP routing process. No longer supported by Cisco as of Cisco IOS Software Release 12.3. If one uses Cisco IOS 12.3 or newer code, one must use either Enhanced IGRP (EIGRP) or one of the other standards—RIP-1, RIP-2, or OSPF.
Router(config)# router igrp as-number (AS-number used in the IGRP routing process must match all other routers that are going to share routing updates in order for communication to take place.)
Disable the IGRP routing process
Router(config)# no router igrp as-number
Remove network w.x.y.z from the IGRP routing process.
Router(config-router)# no network w.x.y.z
Set the bandwidth of this interface to x kilobits to allow IGRP to make a better routing decision
Router(config-if)# bandwidth x
Allow IGRP to accept unequal-cost routes
Router(config-router)# variance x
Show all IGRP events in real time.
Router# debug ip igrp events
Show IGRP updates between routers
Router# debug ip igrp transactions
Turn on the EIGRP process All routers in the same AS must use the same AS number
Router(config)# router eigrp as-number (1 - 65535)
Specify which network to advertise in EIGRP
Router(config-router)# network w.x.y.z
Log any changes to an EIGRP neighbor adjacency. Recommended for debugging.
Router(config-router)# eigrp log-neighbor-changes
Turn off the auto-summarization feature in EIGRP. Networks are summarized at the classful boundary by default in EIGRP.
Router(config-router)# no auto-summary
Enable manual summarization on this specific EIGRP interface for the given address and mask. Recommended practice is that one turns off automatic summarization, use the ip summary-address command, and summarize manually what one needs to.
Router(config-if)# ip summary-address eigrp as-number w.x.y.z m.m.m.m
Display an EIGRP neighbor table
Router# show ip eigrp neighbors
Display a detailed EIGRP neighbor table
Router# show ip eigrp neighbors detail
Display EIGRP information for each interface
Router# show ip eigrp interfaces
Display EIGRP information for a specific interface
Router# show ip eigrp int type port
Display EIGRP information for interfaces running a specific process
Router# show ip eigrp int processnumb
Display the EIGRP topology table which will display where feasible successors are.
Router# show ip eigrp topology
Display the number and type of packets sent and received in EIGRP.
Router# show ip eigrp traffic
Display events/actions related to the DUAL FSM in EIGRP.
Router# debug eigrp fsm
Display events/actions related to EIGRP packets
Router# debug eigrp packet
Display events/actions related to EIGRP neighbors
Router# debug eigrp neighbor
Advertise OSPF interface using the wildcard mask to determine which interfaces to advertise as being in which area.
Router(config-router)# network w.x.y.z m.m.m.m area n
Turn on specified OSPF process number. The process ID is any value between 1–65535. The process ID is not related to the OSPF area. Unlike IGRP or EIGRP, matching this number across all routers does not ensure network adjacencies will form.
Router(config)# router ospf nnnn Router(config-router)#
A 0 (zero) in a wildcard mask means
Check the corresponding bit in the address for an exact match.
A 1 (one) in a wildcard mask means
Ignore the corresponding bit in the address. It can be either 1 or 0.
Any OSPF interface with an exact address of is to be put into area 0.
Router(config-router)# network area 0
Any OSPF interface with an address of 172.16.x.x is to be put into area 0.
Router(config-router)# network area 0
Any OSPF interface with any address is to be put into Area 0
Router(config-router)# network area 0
Move to virtual interface Loopback 0. Loopback interfaces are always "up and up" and do not go down unless manually shut down. This makes Loopback interfaces great for using as an OSPF router ID.
Router(config)# interface lo0
Change OSPF interface priority to nn. A priority of 0 guarantees that the router never wins a designated router (DR) election, and 255 guarantees a tie in the election (tie broken by highest router ID).
Router(config-if)# ip ospf priority nn
Change the bandwidth in OSPF to recalculate the cost of the link.
Router(config-if)# bandwidth nnn
Change the OSPF cost metric to a value of nnnn. Cost = refbw/intbw
Router(config-if)# ip ospf cost nnnn
Turns on simple OSPF authentication. Password sent in clear text.
Router(config-router)# area nn authentication
Set OSPF key (password) to whatever
Router(config-if)# ip ospf authentication-key whatever
Enables OSPF authentication for specified area with MD5 password encryption
Router(config-router)# area nn authentication message-digest
Enable OSPF MD5 algorithm authentication for a particular key-id and key (password) which must be same as neighboring router.
Router(config-if)# ip ospf message-digest-key key-id md5 key
Change OSPF 'Hello' interval timer to n seconds. Must match for router to be neighbor.
Router(config-if)# ip ospf hello-interval timer n
Change OSPF 'dead' interval timer to nn seconds. Must match for routers to be neighbors.
Router(config-if)# ip ospf dead-interval nn
Create a default route in OSPF.
Router(config)# ip route int
Set the default route to be propagated to all OSPF routers
Router(config-router)# default-information-originate
Display basic OSPF information
Router# show ip ospf
Display OSPF information as it relates to all interfaces
Router# show ip ospf interface
Display OSPF information for specified interface.
Router#show ip ospf inttype intno
List all OSPF neighbors and their states
Router# show ip ospf neighbor
Display a detailed list of OSPF neighbors
Router# show ip ospf neighbor detail
Display contents of OSPF database
Router# show ip ospf database
Clear entire routing table, forcing it to rebuild
Router# clear ip route *
Clear specific route to network a.b.c.d
Router# clear ip route a.b.c.d
Reset OSPF counters
Router# clear ip ospf counters
Reset entire OSPF process forcing OSPF to re-create neighbors, database, and routing table
Router# clear ip ospf process
Display all OSPF events
Router# debug ip ospf events
Display various OSPF states and DR and BDR election between adjacent routers
Router# debug ip ospf adj
Display OPSF packets
Router# debug ip ospf packets
Display information on flash memory (for the 2900/2950 series only)
switch# show flash:
Display current switch MAC address forwarding table
switch# show mac-address-table
Display information about switch Ethernet controller
switch# show controllers ethernet-controller
Display whether the switch passed POST
switch# show post
Display the current VLAN configuration
switch# show vlan
Display setting of virtual interface VLAN 1, the default VLAN on the switch
switch# show interface vlan1
Remove VLAN Trunking Protocol (VTP) information from 1900 series switch.
1900switch# delete vtp
Reset 1900 series switch back to factory defaults
1900switch# delete nvram
Restart a 1900 series switch
1900switch# reload
Set the 1900 series user mode password to shem.
1900Switch(config)# enable password level 1 shem
Set the 1900 series enable mode password to shem
1900Switch(config)# enable password level 15 shem
Set the 1900/2900/2950 series enable secret password to shem.
1900Switch(config)# enable secret shem or 2900Switch(config)# enable secret shem
Set 1900 series switch IP address and mask to allow for remote access
1900Switch(config)# ip address w.x.y.z m.m.m.m
Set the 1900 series switch default gateway address to allow IP information an exit past the local network
1900Switch(config)# ip default-gateway w.x.y.x
Force full-duplex operation on 1900/2900/2950 switches
Switch(config-if)# duplex full
Enable auto-duplex config on 1900/2900/2950 switches
Switch(config-if)# duplex auto
Force half-duplex operation on 1900/2900/2950
Switch(config-if)# duplex half
Force 10-Mbps operation on 2900/2950 switch
2900Switch(config-if)# speed 10
Force 100-Mbps operation on 2900/2950 switches
2900Switch(config-if)# speed 100
Enable auto-speed configuration on 2900/2950 switches
2900Switch(config-if)# speed auto
Turn on HTTP service with 1900/2900/2950
X900Switch(config)# ip http server
Set port number for HTTP on 1900/2900/2950 switches. This port should be turned off for security reasons unless it is being used
X900Switch(config)# ip http port 80
Display current MAC address forwarding table on 1900/2900/2950 switches
switch# show mac-address-table
Delete all entries from current MAC address forwarding table 1900/2900/2950 switches
switch# clear mac-address-table
Delete only dynamic entries from MAC address table of 1900/2900/2950 switches
switch# clear mac-address-table dynamic
Set a permanent address of aaaa.aaaa.aaaa in the MAC address table for an interface in a 1900 switch
1900Switch(config)# mac-address-table permanent aaaa.aaaa.aaaa typeportnumb
Delete all permanent entries in a 1900 switch MAC address table.
1900Switch# clear mac-address-table perm
Make a 1900 switch interface secure
1900Switch(config-if)# port secure
Allow only nn MAC addresses in the MAC table for this interface on a 1900 switch
1900Switch(config-if)# port secure max-mac-count nn
Display the MAC address table with security information of a 1900 switch
1900Switch# show mac-address-table security
Display the spanning-tree table of the switch (Cisco IOS 12.1 and later)
Switch# show spanning-tree
Display spanning-tree info for port type portno
2950# show spanning-tree int type portno
Display spanning tree info for a specific VLAN
2950# show spanning-tree vlan x
Display all informational messages about changes in the spanning tree topology
2950# debug spanning-tree {all}
Change Spanning-Tree Priority of a Switch. In Cisco IOS 12.1 where nn can be from 1–65535. Lower number means better chance of being elected the root bridge. The default is 32768.
Switch(config)#spanning-tree vlan 1 priority nn
Change this switch to the root switch for VLAN x by lowering its priority to either 24576 or 100 less than current root bridge, whichever number is lower
Switch# spanning-tree vlan x root
Configure EtherChannel where x is the number of the channel-group and must match the other interface
Switch(config-if)# channel-group x mode on
Display detailed EtherChannel information
Switch# show etherchannel x detail
Display EtherChannel port information
Switch# show etherchannel x port
Display EtherChannel port-channel information
Switch# show etherchannel x port-channel
Display a one-line summary per channel-group in EtherChannel environment
Switch# show etherchannel x summary
Display 1900 series VLAN information
1900Switch# show vlan
Display which ports belong to which VLAN on a 1900 switch
1900Switch# show vlan-membership
Display information about VLAN n only on a 1900 switch
1900Switch# show vlan 2
Create and name static VLAN nn on 1900 switch
1900Switch(config)# vlan n name shem
Assign 1900 switch port to VLAN n
1900Switch(config-if)# vlan static n
Assigning 2950 Switch Ports Using the range Command
2950Switch(config)# int range type crd/port/m - n Note space surrounding hyphen
Set all 2950 ports to access mode
2950Switch(config-if-range)# switchport mode access
Assign all 2950 ports to VLAN nn
2950Switch(config-if-range)# switchport access vlan 10
Delete all VLAN information from the 1900 series switch and reset VTP parameters to the factory defaults
1900Switch# delete vtp
Remove interface from 1900 series VLAN nn and puts it back into default VLAN 1
1900Switch(config-if)# no vlan static nn
Remove only VLAN nn from 1900 series switch database
1900Switch(config)# no vlan nn name shem
Display the complete VLAN database
2900Switch# show vlan
Display a summary of the VLAN database
2900Switch# show vlan brief
Display a summary of each switch interface, including speed and duplex settings
2900Switch# show interfaces
Display information about VLAN packets a switch has received but is not capable of supporting
2900Switch# debug sw-vlan packets
Turn trunking mode on in 1900 switch
1900Switch(config-if)# trunk on
Turn port to trunking mode on 2900 series switch
2900Switch(config-if)# switchport mode trunk
Set encapsulation type to Dot1Q on 2900 series switch. This is the default encapsulation type
2900Switch(config-if)# switchport trunk encapsulation dot1q
Display trunking information about port 0/26 on 1900 series switch
1900Switch# show trunk A
Change the 1900 series switch to VTP client mode
1900Switch(config)# vtp client
Changes the 1900 series switch to default VTP server mode
1900Switch(config)# vtp server
Change the 1900 series switch to VTP transparent mode
1900Switch(config)# vtp transparent
Set the name of the 1900 series switch VTP management domain to shem
1900Switch(config)# vtp domain shem
Set the VTP password to shem
1900Switch(config)# vtp password shem
Display all 1900 series VTP information
1900Switch# show vtp
Load IOS with image-name. If entered first it is the first place the router will go to look for the IOS.
Router(config)# boot system flash image-name
Load IOS with image-name from a TFTP server. Enter first if you want to go to a TFTP server first.
Router(config)# boot system tftp image-name w.x.y.z
Load IOS from ROM
Router(config)# boot system rom
Copies configuration file from TFTP server to DRAM
Router# copy tftp run [pre 12.0] Router# copy tftp: system:running-config [12.x] Will have to supply IP address of TFTP server and file name to be retrieved.
Backing Up IOS to TFTP Server
Router# copy flash tftp 2900Switch# copy flash:filename tftp Will have to supply name of IOS image and address of TFTP server and dest file name.
Restoring/Upgrading IOS from TFTP Server
Router# copy tftp flash Will have to supply addr or name of remote host, source, dest filename. If Flash memory is full, must reply to erase it first.
Firmware Upgrade of Catalyst 2950 Series Switch
2950Switch#archive tar /x tftp://w.x.y.x/filename.tar flash:
Make switch now boot to this IOS
2950Switch(config)# boot system flash filename.bin
Changes the router configuration register to nnnn
router(config)# config-register 0xnnnn
Password Recovery Procedures for Cisco Routers
1: Boot the router and interrupt the boot sequence as soon as text appears on the screen. 2: Change the configuration register to ignore contents of NVRAM (0x2142). 3: Reload the router. 4: Enter privileged mode. (Do not enter setup mode.) 5: Copy startup-config into running-config. 6: Change the password. router(config)# enable secret new 7: Reset configuration register back to default value (0x2102). 8: Save the configuration. 9: Verify configuration register. 10: Reload the router using reload command.
Password Recovery for 2900/2950 Series Switches
1. Unplug the power supply from the back of the switch 2. Press and hold the Mode button on the front of the switch 3. Plug the switch back in 4. a) For the 2900 series switch Wait until the LED above port 1X goes out, then release the Mode button b. For the 2950 series switch Wait until the STAT LED goes out, then release the Mode button. 5. switch: flish_init 6. switch: load_helper 7. switch: flash: 8. switch: rename flash:config.text flash:config.old 9. switch: boot 10. Type n to exit the initial configuration dialog which takes you to user mode. 11. switch>en 12. switch#rename flash:config.old flash:config.text [to rename file back to original name]. 13. switch#copy flash:config.text system:running-config {Copies config file into memory} xx 2900Switch#config t (and change passwords as needed). xx. 2900Switch#copy run start
Display global CDP information (such as timers)
Router# show cdp
Display information about neighbors
Router# show cdp neighbors

