Category: command line interface
Debugging time-based configuration
alias exec 859 clock set 08:59:30
alias exec 900 clock set 09:00:30
Obviously, these tests are best done in a lab setup … and you have to turn off NTP or any other form of time synchronization.
Merging VTY configurations
line vty 0 2He wanted to merge the three configuration blocks back into a single one but somehow didn't know how to do it.
login
line vty 3
password secret
login
line vty 4
login
To realize what's going on, you have to understand how the IOS generates line configurations. It takes the first line (VTY 0, for example) and generates its configuration. If the next line (VTY 1) has exactly the same configuration, the range of numbers is expanded (becoming VTY 0 1) and so forth until the pool of similar lines is exhausted or a line is found that has at least one parameter different from the starting one, in which case a new block is started. That's why the sample configuration has three blocks (0-2, 3 and 4) even though the first and the third block are identical.
However, if you change the offending parameter, the VTY lines will have identical configurations and will be automatically merged. If you want to be on the safe side, you should change the parameter for all lines, for example:
line vty 0 4
login
password secret
Note: This article is part of You've asked for it series.
The history of Cisco CLI
Setup DNS server in your lab
Copy the text files into router's flash through a Telnet session
If the file in question is a text file, and the router supports Tcl shell, danshtr documented an interesting trick: you create the file in Tclsh interpreter, cut-and-paste the text through the telnet session into a Tcl string and write the string to the file. If you want to have a more cryptic solution here it is:
- Start tclsh;
- Enter puts [open "flash:filename" w+] {. Do not hit the ENTER key at the end of the line
- Copy-paste the file contents. The contents should not include unmatched curly right brackets (every curly right bracket has to be preceded by a matching curly left bracket).
- After the file contents have been pasted, enter } and press ENTER.
- End the tclsh session with tclquit.
Simplify your lab work
If you do a lot of tests in a router lab, you're probably getting upset when you have to retype the login and enable password whenever you log into a router. What I do in my labs is to disable VTY login, set the default privilege level to 15 and disable exec timeout (to stop the router from terminating my session).
line con 0
exec-timeout 0 0
privilege level 15
line vty 0 4
exec-timeout 0 0
privilege level 15
no login
Obviously, this would not bring you additional points on the CCIE lab exam :)
Define new IOS commands with the alias functionality
For example, if want to have the ipconfig command that displays interface IP configuration, you can configure alias exec ipconfig show ip interface. When you execute ipconfig ifname the alias is expanded into show ip interface ifname and displays the IP configuration of a single interface.
Enhanced show interfaces command
It's amazing how many options (most of them still undocumented) the show interfaces command accepts in IOS release 12.4T (I won't even start guessing when each one was introduced, if you're running old IOS releases, please feel free to comment):
- show interfaces description displays interface names, L1 and L2 status (line and line-protocol status) and interface description. Extremely handy if you want to check which interfaces are up/down.
- show interfaces counters protocol status displays the L3 protocols active on each interface.
- show interfaces summary displays the state of various interface queues and related drop counters in a nice tabular format.
- show interfaces accounting displays per-protocol in/out counters.
Here are a few sample printouts:
Turn your flash card into an ATA drive
Show IP access lists attached to an interface
Warm reload does not change the config register
Re-enable debugging without EEM
Notes:
- The router expects a newline character at the end of the configuration file. The best way to ensure it's always there is to add a comment line at the end of the file
- The configuration file load usually fails immediately after the reboot, as the interfaces and IP routing processes are not yet fully operational. You might thus miss the first few seconds of the router's operations (unless you store the extra configuration file Flash or NVRAM).
Sample configuration: periodic upload of router configuration
Pete Vickers sent me a very interesting configuration sample:
To get an IOS device to upload it’s configuration periodically to an external FTP server:
ip ftp source-interface loopback 0
ip ftp username ftp_username
ip ftp password ftp_password
file prompt quiet
!
kron policy-list backup
cli copy running-config ftp://10.20.30.40
!
kron occurrence daily-backup at 0:30 recurring
policy-list backup
The beauty of this example is that you can use it on platforms that don't support Embedded Event Manager (which has a very similar cron functionality) as the kron commands were introduced in 12.2T and 12.3 IOS releases.
Note: You have to use the file prompt quiet configuration command as the commands executed by kron cannot supply any user input
Changing the format of IP routes
And the funniest part of the whole story is that I was utterly impressed with the feature when it was introduced ... and now almost started to reinvent the wheel and implement the same functionality in Tcl
Display per-process memory usage
router#show processes memory sortedUsually the top entry is the *Init* process, which allocates all shared buffers, but routing processes could also exhibit significant memory utilization in large networks.
Total: 13734272, Used: 6372068, Free: 7362204
PID TTY Allocated Freed Holding Getbufs Retbufs Process
0 0 135340 1864 4734916 0 0 *Init*
55 0 242388 188 249076 0 0 URL filter proc
69 0 317996 143308 182184 0 0 IPSEC key engine
62 2 277048 124752 165172 0 0 Virtual Exec
68 0 762828 657056 109896 0 0 Crypto IKMP
80 0 74556 1100 73772 0 0 CEF process
91 0 25704 188 28776 0 0 NTP
67 0 3116 51368 27904 0 0 Crypto ACL
83 0 184 0 25060 0 0 traffic_shape
30 0 89900 0 24700 0 0 IP Input
46 0 32248 1776 23596 0 0 DHCPD Receive
35 0 10236 540 16572 0 0 PPPOE discovery
48 0 95344 51488 14724 0 0 HTTP CORE