Category: show filters

Monday, October 13, 2008 07:20 CEST

Display interfaces belonging to a single OSPF process

I’m constantly receiving interesting OSPF-related queries. Obviously the many hidden details of the OSPF specs result in slightly unexpected behavior and constant amazement of engineers studying OSPF. During this week, I’ll focus on a few interesting OSPF intricacies.

Let’s start with an easy one: you can use the show ip ospf interface brief command if you want to display the OSPF interface status (including the interface area, OSPF cost, link type and router status on broadcast links). Unfortunately, this command does not allow you to specify the OSPF process ID and displays interfaces belonging to all OSPF processes (if you run multiple OSPF processes on the router).

Quick tip: display interface bandwidth

To display bandwidths of all interfaces configured on the router use show interface | include protocol|BW command.

Quick tip: display interface IP addresses

To display IP addresses assigned to router’s interfaces (excluding interfaces with no IP address) use show ip interface brief | exclude unassigned command.

read more add comment

show filters

Monday, July 14, 2008 07:24 CEST… updated on Tuesday, November 17, 2020 11:34 UTC

Shorter Display of OSPF Database

Recently I had to explore the behavior of Cisco IOS OSPF implementation and had to inspect OSPF database on routers in various areas.

If you’re only interested in the contents of the database (not in low-level troubleshooting), variety of LSA fields (including LS Age, Options, Checksum, Length …) are just cluttering the printout, so I fine-tuned the show filter to exclude all the non-relevant fields, ending with show ip ospf database parameters | exclude LS|Options|Check|Len|(MTID:[ 0-9]+$) (the MTID field appears in IOS release 12.2SRC).

To make the command more useful, I’ve changed it into a short Tcl script:

read more add comment

Monday, July 7, 2008 07:51 CEST

Simple CLI extensions: handling special characters

Last week I've described how you can extend the exec-mode CLI commands with almost no knowledge of Tcl. A bit more work is required if your commands include Tcl special characters (quotes, braces or backslashes).

For example, to display all routes advertised by customers of AS X, you'd use the following show command: show ip bgp regexp _X_([0-9]+)(_\1)*$ (the regular expression is explained in the AS-path based filter of customer BGP routes post). This command cannot be entered as a Tcl string with variable substitution; Tcl would interpret the [ and \ characters. You could enter the whole command in curly braces, but then there would be no variable substitution that we need to insert command line parameters. To make Tcl happy, use the following Tcl commands:

set cmd {first-part-of-command} stores the command prefix into the cmd variable;
append cmd $argv appends the command line arguments to the command;
append cmd {rest-of-command} appends the rest of the IOS exec command;
puts [exec $cmd] executes the command and prints the results.

For example, the following code will display the customers of a BGP AS specified in the command line (after being stored in a flash file and defined in an alias, of course):

set cmd {show ip bgp regexp _}
append cmd $argv
append cmd {_([0-9]+)(_\1)*$}
puts [exec $cmd]

add comment

Monday, June 30, 2008 07:30 CEST

Simple extensions to exec-mode CLI

The various show filters available in Cisco IOS are a great tool to minimize the amount of printout you have to analyze, their only problem (from my perspective) is that you cannot make an alias out of them, as you usually have to supply one or more parameters to the show command and these parameters have to be inserted before the filter (and the alias command does not support replaceable parameters). You could solve the problem with Tcl shell, but I'm not sure many networking engineers are fluent Tcl programmers. Fortunately, the code you need is so simple anyone can create a working solution.

read more add comment

Wednesday, June 18, 2008 07:28 CEST

Display locally originated BGP routes

Displaying the BGP routes originated in the local AS is simple: you just filter the BGP table with a regular expression matching an empty AS path. Displaying routes originated by the local router is tougher. You could use the fact that the local routes have the weight set to 32768:

PE-A#show ip bgp quote-regexp "^$" | inc Network|32768
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.1.1/32      0.0.0.0                  0         32768 i

This would work if you don’t play with BGP weights in network statements. If you’ve changed the weights, you should filter the routes based on the BGP next-hop: locally originated routes have the next-hop 0.0.0.0 and all other routes should have a non-zero BGP next-hop. To filter BGP routes based on the next-hop you have to:

Define an access-list that matches desired next-hop (0.0.0.0)
Define a route-map that uses the access-list to match IP next hop.
Display BGP routes matched by a route-map.

A sample configuration and show command printout is included below:

ip access-list standard AllZeros
 permit 0.0.0.0
!
route-map NextHopSelf permit 10
 match ip next-hop AllZeros

PE-A#show ip bgp route-map NextHopSelf | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.1.1/32      0.0.0.0                  0         32768 i

To make this command simpler to use, define an alias: alias exec mybgp show ip bgp route-map NextHopSelf | begin Network.

see 3 comments

Tuesday, June 10, 2008 06:44 CEST

Display BGP routes originated in the local AS

The easiest way to display BGP routes originating in the local autonomous system is to use the regular expression ^$ (empty AS-path) in the show ip bgp regexp command, for example:

PE-A#show ip bgp regexp ^$
BGP table version is 10, local router ID is 10.0.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.1.1/32      0.0.0.0                  0         32768 i
r>i10.0.1.2/32      10.0.1.2                 0    100      0 i

If you want to apply a show filter to the printout of this command, you have to use the quote-regexp variant; otherwise the rest of the line is interpreted as regular expression. To skip the header explaining the BGP status code (we know them by heart by now, don’t we?), use …

PE-A#show ip bgp quote-regexp "^$" | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.1.1/32      0.0.0.0                  0         32768 i
r>i10.0.1.2/32      10.0.1.2                 0    100      0 i

… and end with the eye candy – define this command as an alias: alias exec localbgp show ip bgp quote-regexp "^$" | begin Network.

add comment

Tuesday, May 6, 2008 06:24 CEST

A bug in the IOS “section” filter

The section filter of the show commands contains a nasty bug ~~(at least in the IOS release 12.4T)~~ in IOS release 12.2SRC: if a line in the section matches the same regular expression as the section header, the rest of the section is not printed.

Display operational IPv6 interfaces

The brief display of the state of IPv6 interfaces in the router (show ipv6 interface brief) is significantly different from the well-known show ip interface brief display as the IPv6 address might not fit in the same line as all the other data. To filter the printout and display only the operational interfaces, you have to replace the include filter with the section filter, which displays all the lines matching the regular expression as well as associated follow-up lines.

PE-A#show ipv6 interface brief | section up
Serial1/0                  [up/up]
    unassigned
Serial1/1                  [up/up]
    FE80::C800:CFF:FEA7:0
Loopback0                  [up/up]
    unassigned

The definition of the associated follow-up lines depends on the printout. Usually the indented lines are assumed to belong to a section, but you might be surprised.

see 1 comments

Monday, March 10, 2008 07:39 CET

Display the names of the configured route-maps

I’m probably getting old … I keep forgetting the exact names (and capitalization) of route-maps I’ve configured on the router. The show route-maps command is way too verbose when I’m simply looking for the exact name of the route-map I want to use, so I wrote a Tcl script that displays the names of the route-maps configured on the router. If you add a -d switch, it also displays their descriptions (to be more precise, the first description configured in the route-map).

Show active IOS processes

You can use the show process cpu sorted command in combination with an output filter to display only those IOS processes that consumed noticeable amount of CPU time in the last five minutes, last minute or last five seconds. Use the following patterns to construct your regular expression:

The [0-9.]+% pattern will match any non-zero percentage;
The 0.00% pattern will obviously match the zero-percentage display;
As the percentage figures are separated by various amounts of whitespace characters, we have to use the ' +' pattern to match those;

The show filter should exclude the processes that have the zero percentage in the desired column and any percentage in the other two columns (any other filter would show too many or too few processes). To display processes active in the last minute, use the show process cpu sorted 1min | exclude [0-9.]+% +0.00% +[0-9.]+% command (and define an alias to make it easier to use).

read more add comment

show filters

Monday, October 8, 2007 07:45 CEST

Display IP packet filters attached to router's interfaces

A few days ago, Jeremy Stretch asked me whether there's a command to display packet lists attached to router's interfaces. While he got pretty far with the output filters, he would like to have a nice tabular format as well as the contents of the access lists displayed next to the interfaces. The show ip access-list interface name command comes pretty close, but it displays the information only for a single interface, so it was time to write another Tcl script. To install it on your router:

Download it from my web site and copy it to your router's flash or NVRAM.
Define an alias, for example alias exec filters tclsh flash:packetFilters.tcl.

The script recognizes two parameters: the all parameter displays all interfaces, including ones with no access lists and the verbose parameter displays the contents of the access list after the interface name.

Display OSPF neighbor sorted by OSPF process ID

I had two issues with the show ip ospf neighbors command:

It is not sorted by the OSPF process ID, so you get a mess if you have more than one OSPF process and don't specify the process ID in the show command
It does not display the OSPF area the neighbor belongs to

To fix both problems, I wrote a Tcl script that displays OSPF neighbors sorted by process ID and includes the fields I wanted to have. To install it on your router:

Download it from my web site.
Copy the ospfNeighbors.tcl file to your router's flash (or NVRAM).
Define an alias, for example alias exec ospf tclsh flash:ospfNeighbors.tcl.

read more add comment

Saturday, August 25, 2007 06:46 CEST

Skip the “show ip route” legend

Are you as upset as I am with the constant display of the legend in front of the routes displayed with the show ip route command? Two output filters can help you.