005 - USERFULL COMMAND CISCO

ROUTER(CONFIG)# NO IP DOMAIN LOOKUP -disables domain lookup process

ROUTER# SHOW TECH-SUPPORT -generates configuration text files

ROUTER# SHOW CONTROLLERS SERIAL 0 -show dce/dte and clock rate information

ROUTER# SHOW RUN INTERFACE SERIAL 0 -shows running configuration of serial interface

ROUTER# TERMINAL MONITOR

ROUTER# TERMINAL LENGTH 0 -show run command output without break

Router(config)# alias exec sr show run -create our own command
--------------------------------------------------------------------------
show tech-support tee tftp://192.168.1.10/test.txt -redirects command output

show run redirect tftp://192.168.1.10/test.txt -redirects command output
---------------------------------------------------------------------------
sh run i include
sh run b begin
sh run e exclude
sh run i ^
sh run i $
sh run linenum
* To view the serial numbers of WIC cards, get details of the specific cards in the router and even the PVDMs (DSPs) in the router.
Note: The show inventory command is not supported on older IOS versions.
show inventory
show inventory raw
show diag
* Commands to see the CPU utilization, processes running on a router and the memory used/available.
show processes cpu : command to display detailed information on the processes
show processes memory : command to show the amount of memory used.
show processes cpu history :gives you a nice graph of CPU utilization. It displays a historical graph of the CPU in 60 seconds, 60 minutes and 72 hour format. This is useful as it shows the CPU utilization over a period of time, rather than just as at a specific point in time.

----------------------------------------------------------------------------

ping 192.168.1.10 repeat 100 source fa0/0 -for extended ping


--------------------------------------------------------------------------------
Delete Non - Empty folder on Cisco device.
Command:  delete /force /recursive flash:directory

----------------------------------------------------------------------------------------------

Verify md5 hash of the image:

Switch #verify /md5 flash:/ c2960-lanbasek9-mz.150-2.SE2.bin
Verify filename []?  c2960-lanbasek9-mz.150-2.SE2.bin
..............................................................................................................................................................................................................................................................................................................................................................................................................................Done!
%Error verifying flash:c2960-lanbasek9-mz.150-2.SE2.bin
Computed signature  = cef59a65fd31713481fb5d245b1ef950
Submitted signature = c2960-lanbasek9-mz.150-2.se2.bin

****************************************************************************

Send message on ssh / vty session

# show line

# send

004 - STP UDLD | LOOP GUARD

UDLD (Unidirectional Link Detection)
• Detects physical broken physical link in absence of layer 1 electrical keepalives (Ethernet calls this a link beat).However, sometimes a cable is intact enough to maintain keepalives, but no to pass data in both directions. This is unidirectional link.
• UDLD detects a unidirectional link by sending periodic hellos out to the interface. It also uses porbes, which must be acknowledged by the devices on the other end of the link. UDLD operates at Layer 2. The port is shutdown if a unidirectional link is found.

• UDLD will not consider a link eligible for disabling until it has seen a neighbor on the interface already.This prevents it from disabling an interface when only one end of the link has been configured to support UDLD.

• The default UDLD message timer is 7 or 15 seconds (depending on the platform), allowing it to detect a unidirectional link before STP has time to transition the interface to forwarding mode
•UDLD has two modes of operation:
* Normal mode – UDLD will notice and log a unidirectional link condition, but the interface is allowed to continue operating.
* Aggressive mode – UDLD will transmit 8 additional messages (1 per second); if none of these are echoed back the interface is placed in the error-disabled state.
UDLD can be enabled globally for all fiber interfaces, or per-interface


Global command but it applies only to fiber ports
Switch(config)# udld { enable | aggressive | message time }

*** The UDLD message time can be from 7 to 90 seconds

To enable udld for non fiber port enable same command on interface mode
Switch(config-if)# udld { enable | aggressive | disable }

To disable UDLD on a specific fiber port, use the following command:
Switch(config-if)# udld disable

To disable UDLD on a specific non-fiber port, use the following command:
Switch(config-if)#no udld enable

To re-enable all interfaces shut by UDLD, use the following: Switch#udld reset

To verify UDLD status, use the following: Switch#show udld interface

##################################################################

Loop guard
Loop guard prevents form loop which occurs as result of blocking port transiting to forwarding state
• If no Bpdu are received on a blocked port for a specific length of time. Loop guard puts that port into “loop inconsistent” blocking state
• Loop Guard automatically re-enables the port if it starts receiving BPDUs again.
• It is most effective when enabled in the entire switched network in conjunction with UDLD.

To enable Loop Guard for all point-to-point links on the switch, use the following command:
Switch(config)# spanning-tree loopguard default

To enable Loop Guard on a specific interface, use the following:
Switch(config-if)# spanning-tree guard loop

003 - STP GUARD & FILTER

-->

Spanning Tree protection

BPDU Guard

• Prevent loops if another switch is attached to Portfast port
• When enabled on interface port goes in error-disabled state if BPDU is received

Switch (config-if)#spanning-tree bpduguard enable (note portfast may not be configured)

• Can be enabled on global configuration mode

Switch(config)#spanning-tree portfast bpduguard default

BPDU Filter:

· If enabled on interface mode it prevents the port from sending or receiving BPDU Switch(cofig-if)#spanning-tree bpdufilter enable

· If enabled globally if portfast interface receive the BPDU it take out portfast status Switch(config)#spanning-treee portfast bpdufilter default

Root Guard

• Prevent other switch becoming root bridge
• Enabled on ports other than the root port and on the switches other than root switch
• Root guard port receives a BPDU that might cause it to become a root port, then the port is put into “root inconsistent” state and does not pass traffic through it.
• But if port stops receiving these BPDU, it automatically re-enables itself Switch(config)#spanning-tree guard root.

002 - cisco password recovery

Access Poing 1300
Default username and password: Cisco
To rest configuration:
[1] CLI :write erase , reload
[2] GUI :System Software > System Configuration. Press the Reset to Defaults button
Password recovery process:
step 1: Reboot access point.
step 2: press ESC when you see this lines on the cli.

Loading"flash:/" ...######################################################
##################################################################### #####################################################################
#################
Once you press ESC, this information is displayed on the CLI screen.
Xmodem file system is available.flashfs[0]: filesystem check interrupted!The system has been interrupted, or encountered an errorduring initialization of the flash filesystem. The followingcommands will initialize the flash filesystem, and finishloading the operating system software:
flash_init
ether_init
tftp_init
boot
ap:
step 3: type command flash_init
step 4: dir flash:
step 5: rename flash:config.txt flash:config.old
step 6: reset
==============================================
For Cisco Catalyst Switch
Step 1: reload switch (Keep MODE button pressed while reloading)
Step 2: type command flash_init
Step 3: rename flash:config.txt flash:config.old
Step 4: reload
===================================================
For Cisco router
Step 1: Reload and press CTR+BREAK
Step 1: o/r 0x2142 then type B {old router}
confreg ox2142 then type reset {new router}

001 - NBMA NETWORK

RFC 2328-compliant modes:________Neighbor__________ DR/BDR
- NBMA (Nonbroadcast)___________ Manual ___________Required
-Point-to-multipoint_____________ Automatic _________Not Required

* Point-to-Multipoint mode treats non-broadcast network as collection of point-to-point link

Cisco modes
-Point-to-multipoint nonbroadcast____ Manual ___________Not Required
-Broadcast (BMA)_______________ Automatic ___________Required
-Point-to-point_________________ Automatic __________Not Required