Cheat sheet: Cisco IOS

    This is just a collection of basic Cisco IOS commands for configuring Cisco
switches and routers. If you are configuring this equipment for production use
then I hope that you are 100% sure in what you are doing - if not: hire me.

Cisco IOS versions: (major version).(minor version(release number).(interim
build number))identifier.

Where identifier is (T)echnology, (B)roadband, (E)nterprise, (S)ervice Provider,
XA = Special Functionality, XB..
Packaging/Feature sets

Standard: Providing basic IP routing, Enhanced: Full IPv4 routing support,
Advanced IP services: As enhanched with IPv6 support.
Configure router

Just logged in to User Exec Mode, to gain Priviliged Mode

    MyRouter> enable

To access Global Configuration Mode

    MyRouter# conf t

Interface Mode

    MyRouter(config)# interface GigabitEthernetX/Y
    MyRouter(config-int)#

Routing Configuration Mode

    MyRouter(config)# router routing-protocol-name (e.g. ospf, rip, ..)
    MyRouter(config-route)#

Configure name of router

    MyRouter> enable
    MyRouter# conf t
    MyRouter(config)# hostname "XoolRouter"
    XoolRouter(config)#

To set the time correctly

    XoolRouter(config)# clock-timezone CET 1
    XoolRouter(config)# clock summer-time CEST recurring last Sun Mar 1:00 last
Sun Oct 1:00

Configure internal name-servers for usage on the unit

    XoolRouter(config)# ip name-server a.b.c.d

Configure NTP

    XoolRouter(config)# ntp server a.b.c.d

Set port description

    XoolRouter(config)# interface GigabitEthernet0/1
    XoolRouter(config-int)# description "TO: UPLINK"

Disable / shutdown a port

    XoolRouter(config-int)# shut

Set a port to trunk mode (isl or 802.1q vlans)

    XoolRouter(config-int)# switchport mode trunk
    XoolRouter(config-int)# switchport trunk encapsulation dot1q

Set allowed vlan on interface in trunk mode

    XoolRouter(config-int)# switchport trunk allowed vlan add 100

Note: Default is to allow every vlan. Remember to have add before vlan number or
you will negate all allowed-vlan config on the interface!

Set a native vlan on a trunk port, all packets not tagged with vlan headers

    XoolRouter(config-int)# switchport trunk set native vlan 1

Gotcha: If the interface in the other end is in default config, atleast with
3560 series (switchport mode dynamic auto) the switches will negotiate this to
be a trunk interface and therefore all packets are tagged.

Set an interface/port to access on the vlan 100

    XoolRouter(config-int)# switchport mode access
    XoolRouter(config-int)# switchport access vlan 100

To negate a command

    XoolRouter(config-int)# no shut

Add IP address to interface

    XoolRouter(config-int)# no switchport
    XoolRouter(config-int)# ip address a.b.c.d (netmask)

Relay broadcast (e.g. to dhcp server)

    XoolRouter(config-int)# ip helper-address a.b.c.d

Enable routing on switch (a.b.c.d = def gw).
Note: When ip routing is enabled the ip default-gateway command is not in use.
If you enable ip routing without the ip route 0.0.0.0... command you might loose
the connection to your equipment!

    XoolRouter(config)# ip route 0.0.0.0 0.0.0.0 a.b.c.d
    XoolRouter(config)# ip routing

Port shaping a Gigabit Port to 100Mbit

    XoolRouter(config)# mls qos
    XoolRouter(config)# class-map match-all in
    XoolRouter(config-cmap)# match-access-group 110
    XoolRouter(config-cmap)# policy-map 100mbit-in
    XoolRouter(config-pmap)# class in
    XoolRouter(config-pmap)# police 100000000 1000000 exceed-action drop
    XoolRouter(config-pmap)# interface GigabitEthernet0/5
    XoolRouter(config-int)# speed 1000
    XoolRouter(config-int)# duplex full
    XoolRouter(config-int)# service-policy 100mbit-in

NOTE: The above commands where in bits while srr-queue bandwidth limit is
percent of port. Therefore if you want a gigabitport policed to anything below
10Mbit you will need to set the speed to 10 or 100 on the port.

    XoolRouter(config-int)# srr-queue bandwidth limit 10

Show active configuration and write the changes.
Note: When in Configuration Mode commands can be run in Priviliged Mode by
adding the command do in front.

    XoolRouter(config)# do sh run
    XoolRouter(config)# end
    XoolRouter# write

Upgrade IOS

    XoolRouter# copy tftp://a.b.c.d/filename.bin flash:

To restart the router

    XoolRouter# reload

To restart the unit when a time delay of e.g. 15 minutes has passed

    XoolRouter# reload in 15

Cancel a pending reload

    XoolRouter# reload cancel