Jan 142013
 

How to see which VLANs are currently used on a trunkport on a switch?

Easy Answer:
Do a show mac address-table interface <interface>

and you will get a list of VLANs with MAC addresses used. Of course, any VLAN that have MAC-addresses associated, is in use.

That’s an easy way to find out which VLAN-tags are currently running over a trunk. (keep MAC-address aging timer in mind)

 Posted by at 12:23
Nov 042010
 

Have you ever killed your router/switch by enabling “some” debugging output?
You can easily reduce the impact of debug-logging on cisco devices by disabling logging to the console port. Under normal circumstances you don’t need the logging output on the console port.
In global configuration mode type:

no logging console to disable logging to the console.

This will prevent your router/switch from generating an interrupt for each single character, that is put to the console interface.

 Posted by at 14:59
Nov 032010
 

show running won’t show you any pre-shared-keys for tunnels, aaa-server keys and failover keys in cleartext. You will only see things like:

failover key *****

aaa-server authserver (inside) host 192.168.1.1
key *****

tunnel-group clients ipsec-attributes
pre-shared-key *****

simply use the more system:running-config-command to show all your keys uncrypted.

 Posted by at 11:22
Jul 082010
 

You want to keep older configurations of your router? Maybe to switch back to the last known good config? Or just for documentation? Or to verify the last changes in your config? Or review changes made by your collegue?

Of course RANCID combined with a graphical CVS-viewer would be a very good solution. But you can achieve this task with less effort directly on your router too. Therefor you need the archive-feature.

With the archive commands you can automatically write your configs to flash: – or some other destinations (ftp:, http:, https:, pram:, rcp:, scp:, tftp:)

You have many features with archive – but today let’s focus only on automatically archiving the current configuration when doing a copy running-config startup-config (or the more or less obsolete write mem)

mkdir flash:/configs
configure terminal
archive
path flash:configs/archive
maximum 14
write-memory

Command explanation:

  • mkdir flash:/configs creates a new directory on flash:
  • path flash:configs/archive defines the path and filenamesuffix of the files
  • maximum 14 defines the maximum number of configs held on the flash: (currently 1-14)
  • write-memory will save a new version of the running-config into the archive-folder (flash:configs in our example) each time you do a copy running-config startup-config or write mem

with show archive you can review all existing configs in flash:

Router#sh archive
The maximum archive configurations allowed is 14.
There are currently 3 archive configurations saved.
The next archive file will be named flash:configs/archive-3
Archive # Name
1 flash:configs/archive-0
2 flash:configs/archive-1
3 flash:configs/archive-2 <- Most Recent
4
5
6
7
8
9
10
11
12
13
14
Router#

to view differences between 2 configs use show archive config differences <file1> <file2>
For demonstration I created a new Loopback Interface, added an EIGRP-routing-process and wrote the new configuration to NVRAM (write mem)

show archive config differences flash:configs/archive-2 flash:configs/archive-3

Contextual Config Diffs:
+interface Loopback1
+ip address 192.168.1.1 255.255.255.255
+router eigrp 1
+network 192.168.1.1 0.0.0.0
+no auto-summary
+eigrp stub connected summary

Router#

You also can write a new version of your current configuration into the archive without touching the startup-config with the archive config command.

It is also possible to write a new configuration on a interval-basis. But I don’t recommend this on a flash-device, because if you don’t change your config for a longer time (“long” depends on your backup-interval) you have a maximum of 14 same configurations – and of course lost the configs with real changes.

 Posted by at 14:41
Feb 242010
 

Do you sometimes have the problem, that CTRL-SHIFT-6 (CTRL-^) won’t work to cancel a traceroute or other commands? Especially on foreign keymaps? Than simply change the escape-sequence for your VTYs or CONsole:

change escape-character to CTRL-C on VTYs (telnet and/or ssh-access):

line vty 0 15
escape-character 3
end

change escape-character to ESC on CONsole (serial-access on console port):

line con 0
escape-character 27
end

CTRL-C is a good choice – it’s a well known keystroke to cancel processes on CLIs.
ESC is nice because it uses the very less used ESC key – but the usage of the esc-code has one drawback: If you telnet to a further router from the commandline of your current router, than the command history will not be accessible via your curser up-/down-keys any longer because they are sending keycodes beginning with ESC – this breakes the Cursor-keycodes. Also the 1st CTRL-C will be eaten by router 1 – the next one is passed to router2.

So I recommend to use CTRL-C but of course you can configure any other ASCII-code as the escape-character.

 Posted by at 21:57