Skip to Content

command line

Service Config - Error opening tftp://255.255.255.255

Tue, 2013-02-19 21:31
Command Line

If you have worked on a newer Cisco IOS device, you may have seen the following error messages: 

%Error opening tftp://255.255.255.255/network-confg (Socket error)
%Error opening tftp://255.255.255.255/cisconet.cfg (Socket error)
%Error opening tftp://255.255.255.255/router-confg (Socket error)
%Error opening tftp://255.255.255.255/ciscortr.cfg (Socket error)

If you are wondering what these messages mean, it is the result of the config service being enabled by default in some IOS versions. Read on to learn about how it works and how to disable it.

Use the Configure Replace command to speed up your labbing

Tue, 2013-01-15 20:31

I've been labbing quite a bit lately, working on Narbik's R&S workbooks, and I've been rebooting my rack after nearly every lab to clear things out. Well, I was perusing the Interwebs and a forum post reminded me of the config replace command. Sheesh! I wish I would have remembered that a few hundred reboots ago...

Even though I knew about this command, and have even included it in a blog post or two in the past, I had forgotten about it since I wasn't using it all that often. So, just in case someone else out there has forgotten about it, I figured I'd do a quick write up demonstrating the command in action and hopefully jostle some memories (or just help me remember if I forget it again).

Here is a 1841 router that used to be R5, but I changed it's hostname to Testing and did a no shutdown on all it's interfaces. Follow the config below for the usage:

Save yourself some time with the default interface command

Mon, 2012-11-26 01:00
Command Line

If you configure Cisco equipment on a regular basis, you might find yourself in a situation with a large number of router or switch ports that need to be reconfigured. There are several ways you can prep your switch ports to complete your task:

  • You could do a "show run" and then build a script that includes the "no" form in front of each of the old commands, then apply your new script.
  • You could simply overwrite the old config with the new and then go do the no form of the stuff you don't want after the fact.
  • You could erase the startup-config then reload the switch and start from scratch (assuming the device isn't in production anymore).

There are probably another half dozen different ways of simply erasing the config and starting over, but there's one more option that this post is focused on today: the default interface command.

SecureCRT Feature - Alt Select

Tue, 2012-10-30 08:08

If you are a SecureCRT user, here's a feature that might save you some time. Let's say you have a list of information in your terminal window that you'd like to copy - perhaps the output of "show ip interface brief." However, instead of the whole output, you only want the list of interfaces, not the rest of it. Normally, you would just highly the whole output of information and then either paste it as is or paste it in a notepad window and delete all the stuff you don't want. 

This gives you the following output:

R2#show ip int bri
Interface                  IP-Address      OK? Method Status                Protocol
Serial0/0                  unassigned      YES unset  up                    up      
Serial0/1                  unassigned      YES manual up                    down    
Serial0/2                  unassigned      YES unset  up                    down    
Serial0/3                  unassigned      YES unset  administratively down down    
FastEthernet1/0            10.1.1.2        YES manual up                    up      
FastEthernet2/0            192.168.100.2   YES manual up                    up      
Multilink1                 223.254.254.198 YES manual up                    up

Well, there is another way. A much cleaner way...

SecureCRT Feature - Chat Window

Thu, 2012-10-04 11:00
SecureCRT Icon

If you are a SecureCRT user, you might find a certain feature useful when configuring multiple devices via CLI. The feature is called Chat Window and it's not what it appears at first glance.

When I first saw the Chat Window feature listed in the View menu, I assumed it was some sort of remote tech support option or a way to collaborate with multiple users. Although it is certainly possible to use it to "chat" using the IOS Send command, it is far more powerful as a quick way to configure several routers or switches at the same time. 

Here's how it works...

How to do Crtl+Break sequence in SecureCRT without a Break Key

Mon, 2012-06-25 00:08
Command Line

So, for the past couple years I've been using a Mac Book Pro for the majority of my writing, but still relied on a Windows platform for most of my command line work. I recently was faced with the need to perform a password reset on a device using Secure CRT on my Macbook Pro, and wouldn't you know it? There's no Break key! Here's how I got around this issue, if you have another way to do it, please feel free to share in the comments below.

1. Start out by establishing your console connection.

How to concatenate multiple text files into one

Mon, 2012-04-23 07:01
Command Line

Have you ever wanted to merge a bunch of text files together into one large one? For example, if you use a tool to go grab a bunch of show command results and output it to a text file per device, it's handy if you can have the operating system merge all that together for you. Many of you have likely done this at one point or another, but I figured it was worth capturing here to share the syntax.

So, if you are in a Windows command prompt, you can use the type command to output the contents of a file.

C:\>type text1.txt
This is a test.

Then you can use the type command plus the double arrows to merge a bunch of files:

C:\>type *.txt >> merge.txt

text1.txt

text2.txt

text3.txt

text4.txt

This leaves you with all the original files plus a new one called merge.txt. Piece of cake.

Navigating the IOS command line

Mon, 2012-02-20 09:23

I decided to put together a quick blog post on some handy IOS file management commands. I'll likely add to this again in the future to make it more complete, but I wanted to get something started, so here it is..

dir - Get a directory listing of whatever path your are in. 

How to setup Configuration Change Notification and Tracking

Wed, 2012-01-25 22:53

Have you ever found yourself troubleshooting a problem caused by a coworker or consultant mistyping a command? It happens, everyone makes mistakes, but what's frustrating is when people won't own up and admit they made the mistake. Not only is it dishonest, it can impede a fast resolution by knowing what to undo.

As a result, you might find yourself wishing there was a relatively simple way to see every command typed into every router and switch in the network... You can do this with a AAA server, but it can be cumbersome to have to scour through the logs on your ACS server. However, there is another way and it's really easy to configure.

Configuration Change Notification and Logging, or simply Configuration Logging, is Cisco's method to log every configuration command entered on your Cisco IOS routers and switches. The feature was introduced in 12.3(4)T & 12.2(25)S, so it should be available in almost any IOS device that's been upgraded in the last 5 years. It can log locally up to a specified number of lines of config, and even send the commands off to a syslog server.

The following examples are from a Cisco 3550 switch and demonstrate how to configure and monitor change logging.

How to configure DHCP Snooping on a Cisco Catalyst switch

Wed, 2012-01-04 22:20
Command Line

A question was asked in the Tekcert forums regarding DHCP snooping configuration. After thinking about writing an in depth response, I decided to just write a full blown blog post.

Everything in this post has been tested in a lab environment with a Cisco 3550, Infoblox DHCP servers, a Netgear router as a "rogue" dhcp server, and a MacBook Pro as a client. The 3550 is configured with ip routing and a layer 3 interface on the subnet where the DHCP servers are located (10.0.10.0/24). VLAN 20 has been created on the 3550 with an interface ip address of 10.0.20.254/24. All the DHCP server configuration and helper addresses were tested and working prior to implementing DHCP snooping to eliminate any doubt as to whether the DHCP snooping configuration is working or not. So, let's get started.

How to use the changeip command to modify the FQDN of a Mac OS X Server

Mon, 2011-11-28 00:38

I was recently faced with having to change the domain name on a Mac OS X Server. If I had to do this on a Windows machine, it would be a relatively simple process using a GUI interface. However, on a Mac server, there isn't (as of version 10.6.8) a way to change the fully qualified domain name (FQDN) via a GUI. Thankfully, there is a way to change the domain settings using the CLI and it's a piece of cake.

The changeip command was created to allow administrators to change the ip address and FQDN in static config files on a Mac OS X Server. For example, if you setup the DNS and iCal services, instead of manually updating the config files associated with these services, simply running the changeip command updates the files for you. 

The syntax for the command is as follows:

How to configure Rate Limit to stop bandwidth hogs

Mon, 2011-09-26 00:11

Have you ever had a low speed serial link get overrun by a single user hogging all the bandwidth? Well, there is a quick and easy way to prevent any type of traffic from using up an entire link - rate-limit.

To implement this feature, you simply type in rate-limit under an interface and specify a few parameters such as the allowable bits per second and the burst rate. However, if you do that it will rate-limit all traffic traversing the link which honestly the link will do on its own when traffic exceeds the available bandwidth. A more useful configuration is to include the access-group keyword in the command and point it to an access list that defines the traffic you want to rate-limit.

To demonstrate, I've configured two routers connected with a low speed serial link clocked at 128k. Without the rate limit configured, you can ping between them with no problems:

How to configure an IPv4 GRE tunnel to carry IPv6 traffic

Mon, 2011-09-12 08:03

Continuing the review of the TSHOOT Topology, on the IPv6 network map there is a GRE tunnel that is configured between Router 3 and Router 4. This tunnel is in place to allow IPv6 traffic to traverse the 10.1.1.8/30 IPv4 network. So, while reviewing the IPv6 tshoot topology, I decided to try out the tunnel configuration.

There are several ways to configure tunnels to allow IPv6 traffic to traverse IPv4 networks (and vice versa). This post will be focusing on a GRE tunnel configuration. If you want to review the other ways to create tunnels, i.e.  Automatic IPv4-Compatible IPv6 Tunnels, IPv6 Rapid Deployment Tunnels, and Automatic 6to4 Tunnels, I've included a link below to a great resource on Cisco's website that shows some great examples of other tunnels.

I threw together the following network diagram to provide a visual of what we are configuring: 

IPv6_GRE_Tunnel2

Implementing Netflow - ip route-cache flow vs ip flow ingres

Fri, 2011-08-19 07:42

If you have ever implemented NetFlow, you may have noticed there are different commands available under interface configuration mode to enable collection. If you aren't sure what the different is between ip route-cache flow and ip flow ingress, here's the simple explanation:

To enable flow collection on a whole interface (including sub-interfaces), use:

ip route-cache flow

To enable flow collection only on a specific sub-interface, use:

ip flow ingress

CEF Troubleshooting Commands

Tue, 2011-08-16 07:22

Whenever you are faced with troubleshooting a routing problem and the routing table looks normal, don't forget to check CEF. Cisco Express Forwarding (CEF) has been enabled by default for quite some time on most Cisco routers and has been known to cause issues from time to time.

I've created a list of a few of the most common (and a few not so common) CEF show commands that can help you track down a problem. Let's start with the basics - the FIB and the Adjacency table.

Forwarding Information Base (FIB) - This is a table that the router builds based on the routing table, but it's not the same thing as a routing table.  It contains the same forwarding decision information, but where the routing table would be like an encyclopedia of where to send packets, this is a cheat sheet.

Adjacency table - This is a table of all the layer 2, next hop information for the entries in the FIB.

Syndicate content


Dr. Radut