Académique Documents
Professionnel Documents
Culture Documents
(IOS) NFFC)
[no] spd enable (IOS) show caller (IOS)
aaa accounting delay-start (IOS) show chunk [summary] (IOS)
aaa authorization console (IOS (>= 12.1(10.6))) show controller switch (Cat 2900XL/3500XL, IOS)
aaa pod server [port <port number>] [auth-type {any | show epc … (IOS)
all | session-key}] server-key <string> (IOS (>=
11.3(7)AA))
ais-enable (IOS) show epc acl lookup {in|out} … (IOS (Cat 2948G-L3, 4908G-
L3, 8540))
arap logging debug-extensions (IOS) show epc acl tcam2acl interface <interface> {in|out} (IOS
(Cat 2948G-L3, 4908G-L3, 8540))
bgp common-administration (IOS) show epc ip-address interface <interface> all-entries (IOS
(Cat 2948G-L3))
bgp maxas-limit <1 – 2000> (IOS) show epc patricia <ingress-interface> ipucast detail (IOS)
bgp redistribute-internal (IOS) show epc patricia <interface> mac (IOS (Cat 2948G-L3,
4908G-L3))
bridge-group <bridge-num> subscriber-loop-control (IOS) show idb (IOS)
clear ip eigrp [<as>] events (IOS) show inband (XID/CatOS)
clear ip eigrp [<as>] logging (IOS) show interface cable <x>/0 privacy statistic (IOS)
clock source free-running|line primary (IOS) show interfaces [<interface-name>] stats (IOS)
csim (IOS) show interfaces [<interface-name>] switching (IOS)
debug buffer (IOS) show ip cef [<network> [<netmask>]] internal (IOS)
debug crypto isakmp detail (IOS) show ip eigrp events [<as-num>] [<start-num>] [<end-
num>] (IOS)
debug crypto isakmp packet (IOS) show ip eigrp sia-event (IOS)
debug dialer detailed (IOS) show ip eigrp timers [<as-num>] (IOS)
debug dialer holdq (IOS) show ip ospf bad-checksum (IOS)
debug ip ospf monitor (IOS) show ip ospf delete-list (IOS)
debug ip packet [detail] [<access-list>] dump (IOS) show ip ospf events (IOS)
debug isdn q931 l3 (IOS) show ip ospf maxage-list (IOS)
debug mica {tx|rx} <slot>/<port> (IOS) show ip ospf statistic (IOS)
debug modem csm (IOS) show ip route hash (IOS)
debug oir (IOS) show ip route profile (IOS)
debug parser mode (IOS) show ip spd (IOS)
debug sanity (IOS) show isdn memory detail (IOS)
dialer disable-multiencaps (IOS) show isdn service [<dsl> | <interface-name>] detail (IOS)
dialer mult-map-same-name (IOS) show isdn status detail (IOS)
eigrp event-log-site <n> (IOS) show isis private (IOS)
eigrp event-logging (IOS) show isis timers (IOS)
eigrp kill-everyone (IOS) show isis tree (IOS)
eigrp log-event-type [dual] [xmit] [transport] (IOS) show list [none] (IOS)
enable engineer (XDI/CatOS) show mbuf (XID/CatOS)
frame-relay fecn-create (IOS) show memory big (IOS)
gdb {kernel | pid <pid-num> | {examine | debug} <pid- show mls nfde (XID/CatOS)
num>} (IOS)
h323 h245 tunnel defer (IOS) show mls status (Cat 6000 Native IOS)
if-console <slot-num> [console|debug] (7000/7500 show mmc np5400 [config| flows |get |indications |ports
Series, IOS) |queue |registers |stat |send] […] (IOS (Cat 2948G-L3,
4908G-L3))
ip cache-ager <secs-between-runs> <fraction-low- show mpls interfaces internal all (IOS)
memory> <fraction> (IOS (>=10.3(8) and >=11.0(3)))
ip cache-invalidate-delay <minimum-delay> <maximum- show msfc (IOS (Cat 6k hybrid))
delay> <quit-interval> (IOS (>=10.3(8) and >=11.0(3)))
ip ospf interface-retry <retries> (IOS) show msfc (CatOS (Cat 6k hybrid))
ip route profile (IOS) show msfc nvram (IOS (Cat 6k hybrid))
ipc-console <slot-num> <cpu> (Catalyst 6000/6500 show parser modes (IOS)
Series, IOS)
ipx sap-interval {<n>|passive} (IOS (>=11.2)) show parser unresolved (IOS)
ipx server-split-horizon-on-server-paths (IOS) show polaris fibmgr usage (CatOS (Cat 6k hybrid))
ipx update interval {rip | sap} passive (IOS show region (IOS)
(>=11.3(1.3)))
isdn incoming progress [validate|accept] (IOS (>= show region address <address> (IOS)
12.1(3.3)T))
modem-mgmt csm debug rbs (IOS) show slip (IOS)
mpls traffic-eng multicast-intact (IOS) show snmp chassis (IOS)
multilink queuing bypass-fifo (IOS) show snmp community (IOS)
neighbor <ip-address> don’t-capability-negotiate (IOS) show snmp host (IOS)
no logging snmp-authfail (IOS) show snmp location (IOS)
no ppp microcode (IOS) show snmp mib (IOS)
no snmp-server sparse-tables (IOS) show snmp newcom (IOS)
ppp dnis <number> [<number> …] (IOS) show snmp notify (IOS)
ppp ipcp accept-address (IOS) show sum (IOS)
ppp ipcp dns|wins {accept | a.b.c.d [e.f.g.h] [accept]} show sum (IOS)
(IOS)
ppp ipcp ignore-map (IOS) show tcam … (Cat 6000 Native IOS)
ppp ipcp unique-address (IOS) snmp-server priority {low | normal | high} (IOS)
ppp max-configure <num> (IOS) spd headroom <n> (IOS)
priv () tcam priority high|low|medium (Cat 6000 Native IOS)
ps -c (XDI/CatOS) test aaa group radius <username> <password> (IOS)
radius send service-type call-check (IOS (>= 12.1(4)T)) test aim eeprom slot <n> (IOS)
radius-server authorization default Framed-Protocol ppp test crash (IOS)
(IOS)
radius-server authorization permit missing Service-Type test mbus power <slot> on|off (GSR IOS)
(IOS)
radius-server unique-ident (IOS) test ppp echotimeout <interface-name> (IOS)
service download-fl (GSR IOS) test transmit (IOS)
service internal (IOS) tracy_close <module> <port> (XID/CatOS with WS-X6608-
T1 or WS-X6608-E1)
service log backtrace (IOS) tracy_start <module> <port> (XID/CatOS with WS-X6608-
T1 or WS-X6608-E1)
service unsupported-transceiver (IOS) traffic-shape fecn-create (IOS)
service-policy classify-per-feature (IOS) ttcp (Cisco 7200/7500, IOS)
set trace <category> <level> (XID/CatOS) tx-queue-limit (IOS)
set trace monitor {enable|disable} (XID/CatOS) virtual-template <template-num> pre-clone <num> (IOS)
show acl stats (XID/CatOS) vpdn ip udp ignore checksum (IOS)
show alignment (IOS) vpdn {l2f|l2tp} session table-size <size> (IOS)
based SPD, lower precedence packets are randomly dropped when the queue size
hits min-threshold. The drop probability increases linearly with the queue
packets are dropped. For regular SPD, lower precedence packets are dropped
when the queue size reaches min-threshold. Defaults are 50 and 75,
respectively. These values were not based on real life experience and may
Reference:
command documented.
<20010510092606.I19846@sj-cse-320.cisco.com> and
<20010510094014.K19846@sj-cse-320.cisco.com> on cisco-nas,
as well as CSCdi82030
aaa pod server [port <port number>] [auth-type {any | all | session- config IOS (>= 11.3(7)AA)
key}] server-key <string>
Syntax Description
port <port number>(Optional) The network access server port to use for POD requests. If noport is specified, port
1700 is used.
auth-type(Optional) The type of authorization required for disconnecting sessions.
o anySession that matches all of the attributes sent in the POD packet isdisconnected. The POD packet may contain
one or more of four key attributes(user-name, framed-IP-address, session-ID, and session-key).
o allOnly a session that matches all four key attributes is disconnected. Allis the default.
o session-keySession with a matching session-key attribute is disconnected. All otherattributes are ignored.
<string>The secret text string that is shared between the network access serverand the client workstation. This
secret string must be the same onboth systems.
Reference:
F4/F5 OAM AIS cells when F3 RDI is received. This command is only supported
on the PA-A3 port adapter. The hidden interface command “ais-enable” will
Reference: CSCdm37634
that re-appear:Modem CD dropped unexpectedly. User exceeded timelimit ARAP connection was terminated. v42_input
running (may be low memory) v42_output running (may be low memory) Force Quit pak v42bisflush C Carrier dropped
during startup
Reference:
bgp maxas-limit <1 – 2000> config-router IOS
bgp
This command should be used in router configuration mode; by default
limit, the UPDATE will be stored in the BGP table, but not used in
routes. Using this command will also redistribute IBGP routes. Hidden
Reference:
the specified number. Usefull, if you don’t have physically access to the
telephone:Sucessfull call:wg1r1#csim start 089150 csim: called number = 089150, loop count = 1 ping count = 0 csim
err csimDisconnected recvd DISC cid(21) csim: loop = 1, failed = 1 csim: call attempted = 1, setup failed = 1, tone
failed = 0Call to an undefined number:
wg1r1#csim start 089151 csim: called number = 089151, loop count = 1 ping count = 0 csim err:csim_do_test Error
peer not found
Reference:
shows LSA changes and so can be used to debug why a link marked
Reference:
Reference:
debug modem csm privileged exec IOS
Modem Management Call Switching Module debugging.
Reference:
pinpoint memory corruption problems when analyzing a core dump which was
Reference:
name, traffic will fail to pass on the 2nd and subsequent sessions. This
mult-map-same-name allows 2 users to dial in to the dialer with the same ppp
Reference:
Catalyst 5000 series with Supervisor-Engine II and III and Catalyst 6000
VTY
HW
FW
SW
VTY
That is, the VTY password followed by the VTY password again, followed by
the hardware version, followed by the software version (no spaces, do not
Reference:
shaping.
Reference:
gdb {kernel | pid <pid-num> | {examine | debug} <pid-num>} privileged exec IOS
Seems to activate some internal debugger. Maybe for access via remote gdb.
Probably only useful with a symbol table and an IOS image compiled for
debugging.
Reference:
Reference:
ip cache-ager <secs-between-runs> <fraction-low-memory> config IOS (>=10.3(8) and
<fraction> >=11.0(3))
It’s hidden, and you have to configure “service internal” in order
<secs-between-runs> is 0-2147483 number of seconds between agerruns, default = 60 seconds. If the period
between ager invalidation runs isset to 0, the ager process is disabled entirely.
<fraction-low-memory> is 2-50 1/<fraction-low-memory> ofcache to age per run (low memory), default = 4.
<fraction> is 3-100 1/<fraction> of cache to age per run(normal), default = 20.
light of recent CodeRed attacks, i.e. make the ager more aggressive
Date: Fri, 28 Apr 2000 10:07:03 -0700 (PDT) From: Aaron Leonard <Aaron@cisco.com> Subject: Re: CN: telnet DoS
(CSCdm70743) To: Cisco-NAS@datasys.net Message-id: <01JORKP9PBPIA2AL39@Cisco.COM> References:
<01JOHR9QY432A2AAVQ@Cisco.COM> Reply-To: Cisco-NAS@datasys.net It’s hidden, and you have to configure
“service internal” in order to bring it into existence. I.e. as5300-1(config)#service internal as5300-1(config)#no ip
cache-invalidate-delay It’s generally recommended for systems running 12.0T/12.1 code if they have lots of interfaces
(>300) and are not doing CEF.
determine the state of an interface. The solution was for OSPF to poll the
interface for a while to verify its state. The hidden command allows us to
interfaces. The polls occur every 10 seconds and the command controls the
number of polls that will be done. With a setting of 0 retries there will be
Reference:
Reference:
occurs on server paths.This command is documented in DDTS CSCdm12190. From the release note:By default, split
horizon blocks information about periodic SAPs from being
advertised by a router to the same interface on which the best route to that
SAP is learned. But in the case where the SAP may be learned from
interfaces other than (or in addition to) the interface on which the best
updates as that SAP will not be advertised to the interface(s) where it was
learned from; this will also prevent potential “SAP loop” in the network.
Reference: CSCdm12190
normal periodic SAP or RIP updates nor flash update caused by changes.
Queries will still be replied to. The update interval is set to the same
Reference: CSCdj59918
Reference: CSCdt12611
Reference:
Reference: CSCdm63234
Reference:
neighbor <ip-address> don’t-capability-negotiate config-router IOS
bgp
Turns off CAPABILITY parameters in BGP Open message.
Reference:
interface and on the dialer interface linked to it, results in VERY long
interface).
Reference: CSCdp32980
Reference:
Reference: CSCdj04128
Reference:
priv ROMMON
Enable private commands in the ROMMON. Sometimes a password is required.
Reference:
ensure that RADIUS session IDs are unique across IOS boots. It will have
the side effect of automatically writing the IOS configuration to NVRAM some
time after booting.When the router parses the command “radius-server unique-ident” it sets the
If the box is reloaded, upon booting the router will parse “radius-server
unique-ident” and then set the unique-ident variable to (n+2) and all
“radius-server unique-ident”.
Reference: CSCdu77149
Reference: http://www.cisco.com/warp/public/63/17.html
service internal config IOS
Activate some Cisco commands normally used for internal testing.
Reference:
configuration. This fix addresses the consistency issue when QoS Mod CLI is
configured via the “service-policy” command on the 7500 vs the other IOS
platforms.After this fix, each packet will be matched for a matching class under the
class and all features configured under the class act on the packet. In the
current IOS releases, matching happens across all classes under a policy
until the first matching class is found for every configured QoS feature.
reverts to the current existing behaviour. By way of this fix, the default
behaviour will be common for all platforms. This fix is going to affect 7200
Reference: CSCds43683
fabric, fcp, fddi, fib, filesys, fpoe, garp, gvrp, hamgr, http,
inband, ipc, kerberos, l3age, l3sup, lane, ld, llc, ltl, mbuf, mcast,
mdg, memdbg, mls, mlsm, modport, ntp, nvsync, oob, pagp, protfilt,
ssh, syncmgr, synfig, syslog, tacacs, test, tftp, tftpd, udld, verb,
Warning: Can produce losts of output depending on your configuration and the
level chosen.
components. There are some interesting counters like compilation errors and
also usage counters for various tables (different masks, subnets, etc).
Useful when you can’t commit your ACL with a TCAM error message.ACL: local stats table Messaging —————————
——————————- rxScpMsg: 0 rxScpMsgAbort: 0 rxAclMsg: 1257 rxAclMsgAbort: 0 aclMsgUnknownType: 0
outOfSequence: 0 appIdMisUse: 0 intfConfError: 0 msgSendFailed: 1 appIdDifferAfterSwover:0 ignoreRaclOverride: 1
draco-id: 65535-ffffffff-ffffffff draco-id: 33-ffffffff-ffffffff Resources ———————————————————- ACL malloc
fail: 0 noLou: 0 noMask: 0 noCapmap: 0 tcamFull: 0 compilerErr: 18 noLabel: 0 louExpandGt: 0 louExpandLt: 0
louExpandNeq: 0 louExpandRange: 0 freeListRebuild: 0 Acl engine stats ———————————————————-
perseusL3Parity: 0 perseusSequenceErr: 0 perseusLabelOverflow: 0 perseusCamLookupErr: 0 perseusDbusErr: 0
perseusCpuParityErr: 0 perseusIPChecksumErr: 1 perseusShortPacketErr: 0 perseusCpuTmout: 0 **lookup fifo
undeflow:0 Hardware resource usage for ACL Tcam: label:3.73%, lou:20.31%, mask:11.86%, value:4.4% Acl manager
stats ———————————————————- aclRestarted: F Sec vacl restore done: T Lda vacl restore done: T Qos acl
restore done: T Feature intf count: 0 HA stats ———————————————————- activeHaCopyFail: 0 Gsync_count:
1 Sleep on gsync Gsync done Wakeup on gsync 14:58:43 14:58:45 14:58:45 00:00:00 00:00:00 00:00:00 00:00:00
00:00:00 00:00:00 00:00:00 00:00:00 00:00:00 000:00:00 00:00:00 00:00:00 00:00:00 00:00:00 00:00:00
00:00:00 00:00:00 00:00:00 00:00:00 00:00:00 00:00:00 00:00:00 00:00:00 00:00:00 00:00:00 00:00:00 00:00:00
Reference:
EARL 1 chip NFFC and a data rate that exceeds 80MBS across the backplane
because of a defect that causes the ECB to reset continuously. Usually users
will report a network slowdown.This command will display the number of times the ECBs have reset since last
power on, a number of 1 for each ECB is normal. Numbers in the hundreds or
large chunk (which is then carved up into smaller pieces) instead of by each
the total switch utilization. An example is presented below:Switch#sh controller switch Switch registers: Device Type :
0x00040273 Congestion Threshold : 0x00000E95 Peak Total Allocation : 0x0000001A Total Allocation : 0x00000000
Peak Total Bandwidth : 0x00000020 Total Bandwidth : 0x00000000 Total Bandwidth Limit : 0x000003DE Lower
Bandwidth Limit : 0x000003DE Switch Mode : 0x00040000 Switch#The Total Bandwidth Limit varies between different
2900XL and 3500XL models.
When the Total Bandwidth reaches the Total Bandwidth Limit value, the switch
has reached its full bandwidth capacity and begins to drop packets. The Peak
Total Bandwidth is the highest value attained by the Total Bandwidth since
the last time the show controller switch command was executed. Note, the
values for the above parameters are in hexadecimal.The Congestion Threshold value is used as conservative value for
the maximum
Allocation reaches this value, the switch may drop frames. The Peak Total
Allocation value shows the highest value attained by the Total Allocation
since the last time the show controller switch command was executed. It is
possible for the Peak Total Allocation and/or the Total Allocation to be
1.Speed mismatch between an ingress and egress port; for example, several
4.Numerous ports that are experiencing collisions and/or output errors due
Reference: http://www.cisco.com/warp/customer/473/19.html
probably in parts to the Catalyst 8500 series):gepard#show epc ? E-PAM show comands: IF-entry IF Entry in IF-Table
VC-entry VC Entry in VC-Table VLAN-entry VLAN Entry in VLAN-Table aal5 aal5 statistics acl ACL FPGA related debug
commands adm Show contents of ADM in IOS age-timer Aging Timer atm-debug-status ATM debug statistics
atmup_ipmcast Show Multicast VC leg to external VC mapping caller-stats Caller Stats at a merge-point caller-tags
Caller Tags cam Show contents of E-PAM CAM card Show information managed by CARD coredb show coredb counters
Counters of all epif-ports discards discard statistics exvc-entry External VC Entry in VC-Table fe-channel FE-Channel
Membership Information fpga Access ACL FPGA resources freecam Free space in CAM ifmapping Interface mapping to
CAM IF number ip-address Show adjacency entries in line cards ip-prefix Show IP prefix entries (compare to CEF
output) ipmcast Show IP Multicast table in E-PAM CAM ipx-node Show IPX node entry in E-PAM CAM ipx-prefix Show
IPX prefix in E-PAM CAM jaguar-fpga-epld Access ACL2 EPLD Addresses with WID=2 lec-ipx Show LEC Local IPX
Information lsipc Show LSIPC information mac Show MAC address in E-PAM macfilter Show MAC filter address database
mailbox Read the mailbox value mem Show contents of packet memory in E-PAM patricia Show Patricia tree in E-PAM
CAM port-qos Show current port qos configuration queuing queueing statistics register print contents of EPIF register ri-
register Show last reported contents of EPIF RI register sm Show 1483 Local static map information spd selective
packet drop statistics status Status of all epif-ports switching VC switching statistics tcam TCAM related commands
ucode uCode images on all epif-ports udp-flood Show LS UDP-flooding informationSome of these commands are
documented as part of the Catalyst 8540
documentation but are also useful on the Catalyst 2948G-L3 which seems to
be based (at least partly) on the same hardware platform as the Catalyst 8540.See:
http://www.cisco.com/univercd/cc/td/doc/product/atm/c8540/12_1/11_ey/trouble/l3_net.htm
Reference:
show epc acl lookup {in|out} … privileged exec IOS (Cat 2948G-L3,
4908G-L3, 8540)
Displays whether the ACL would permit or deny a specific IP packet on a particular
interface.
Reference: http://www.cisco.com/univercd/cc/td/doc/product/l3sw/8540/12_1/lhouse/sw_confg/8500acl.htm
show epc acl tcam2acl interface <interface> {in|out} privileged exec IOS (Cat 2948G-L3,
4908G-L3, 8540)
Displays the ACL entries programmed in the TCAM for a particular interface.
Reference: http://www.cisco.com/univercd/cc/td/doc/product/l3sw/8540/12_1/lhouse/sw_confg/8500acl.htm
show epc ip-address interface <interface> all-entries privileged exec IOS (Cat 2948G-L3)
Shows the IP adjacencies installed in the CAM hardware:gepard#show epc ip-address interface FastEthernet 1 all-
entries IPaddr: 192.168.60.116 MACaddr: 0090.27b7.24d7 FastEthernet14(17) IPaddr: 192.168.60.117 MACaddr:
0090.27d1.d47a FastEthernet15(18) IPaddr: 192.168.60.112 MACaddr: 00d0.b720.6fc9 FastEthernet10(13) IPaddr:
192.168.60.113 MACaddr: 00d0.b720.750f FastEthernet11(14) IPaddr: 192.168.60.114 MACaddr: 00d0.b720.7357
FastEthernet12(15) IPaddr: 192.168.60.115 MACaddr: 00d0.b720.755e FastEthernet13(16) IPaddr: 192.168.60.125
MACaddr: 0050.0457.edbf FastEthernet19(22) IPaddr: 10.232.4.202 MACaddr: 0009.b7b4.0700 Port-channel1.2(60)
IPaddr: 192.168.60.120 MACaddr: 0090.27c3.f042 FastEthernet5(8) IPaddr: 192.168.60.100 MACaddr:
0002.b3ac.5470 GigabitEthernet50(53) IPaddr: 192.168.60.101 MACaddr: 0002.b3ac.5470 GigabitEthernet50(53)
IPaddr: 192.168.60.102 MACaddr: 0090.27d1.88bf FastEthernet4(7) IPaddr: 192.168.60.103 MACaddr:
0090.27d1.88bf FastEthernet4(7) IPaddr: 192.168.60.99 MACaddr: 6080.0f3c.0000 IPaddr: 192.168.60.110 MACaddr:
0090.27dd.f9a6 FastEthernet8(11) IPaddr: 192.168.60.111 MACaddr: 00d0.b708.adb3 FastEthernet9(12) IPaddr:
192.168.61.21 MACaddr: 0800.20ee.4ead FastEthernet46(49) IPaddr: 192.168.60.20 MACaddr: 0030.6e11.0157
FastEthernet37(40) IPaddr: 192.168.60.21 MACaddr: 0030.6e11.139f FastEthernet38(41) IPaddr: 192.168.60.22
MACaddr: 0002.b3ac.5454 GigabitEthernet49(52) IPaddr: 192.168.61.22 MACaddr: 0800.20ec.6709
FastEthernet46(49) IPaddr: 192.168.60.23 MACaddr: 0002.b3ac.53f5 FastEthernet43(46) IPaddr: 192.168.60.30
MACaddr: 00e0.18c2.baf9 FastEthernet21(24) IPaddr: 192.168.60.25 MACaddr: 0030.6e12.099a FastEthernet39(42)
IPaddr 192.168.60.26 missing […] Total number of IP adjacency entries: 46 Missing IP adjacency entries: 1
Reference: http://www.cisco.com/warp/public/473/48.html
show epc patricia <interface> mac privileged exec IOS (Cat 2948G-L3,
4908G-L3)
Layer 2 forwarding table entries for a given MAC address in a bridge group
are viewed using the show bridge bridge-group-number command.However, bridge table entries on the Catalyst 2948G-
L3 and 4908G-L3 switches
are actually formed internally of at least two entries, one on the source
interface (where the device with that MAC resides) and one on each
the frame, the traffic sourced from that MAC is destined). This is because
the learning process for populating the bridging tables on the Catalyst
rather than on a switch-wide basis.gepard#show epc patricia interface FastEthernet 9 mac 1# MAC
addr:0000.0000.0000 VC:0 Entry: 2# MAC addr:0900.2b01.0001 MyMAC 3# MAC addr:0180.c200.0000 MyMAC 4#
MAC addr:0100.5e00.0006 MyMAC 5# MAC addr:0100.5e00.0005 MyMAC 6# MAC addr:0100.5e00.0002 MyMAC 7#
MAC addr:0100.0ccc.cccd MyMAC 8# MAC addr:0100.0ccc.cccc MyMAC 9# MAC addr:00e0.18c2.baf9 IF Number:24
Entry:Remote 10# MAC addr:00d0.b720.755e IF Number:16 Entry:Remote 11# MAC addr:00d0.b720.7357 IF
Number:15 Entry:Remote 12# MAC addr:00d0.b720.6fc9 IF Number:13 Entry:Remote 13# MAC addr:00d0.b720.750f
IF Number:14 Entry:Remote 14# MAC addr:0090.27dd.f9a6 IF Number:11 Entry:Remote 15# MAC
addr:0090.27d1.d47a IF Number:18 Entry:Remote 16# MAC addr:0090.27c3.f042 IF Number:8 Entry:Remote 17#
MAC addr:0090.27b7.24d7 IF Number:17 Entry:Remote 18# MAC addr:00d0.b708.adb3 IF Number:12 Entry:Local 19#
MAC addr:0030.6e12.099b IF Number:59 Entry:Remote […] 29# MAC addr:0002.b3ac.5474 IF Number:59
Entry:Remote 30# MAC addr:0003.9f17.980f HsrpMAC 31# MAC addr:0001.428b.d280 IF Number:4 Entry:Remote 32#
MAC addr:0000.0c07.ac00 HsrpMAC Total number of MAC entries: 32
Reference: http://www.cisco.com/warp/public/473/47.html
Later IOS versions show the maximum number of software IDBs, too.vxr15#sh idb Maximum number of IDBs 3000 26
SW IDBs allocated (2368 bytes each) 22 HW IDBs allocated (4064 bytes each) HWIDB#1 1 FastEthernet0/0 (HW
IFINDEX, Ether) …
Reference:
not responding over inband’.Inband FX1000 Control Information General Ctrl Regs: RegsBase: 42000000 DevCtrl:
003C0001 DevStatus: 0000000F TxCtrl: 000400FA RxCtrl: 0000821E Tx Ctrl Regs: TxDBase: 019AF000 TxDSize:
00002000 TxDHead: 383 TxDTail: 383 TxIpg: 00A00810 Rx Ctrl Regs: RxDBase: 019AA000 RxDSize: 00004000
RxDHead: 993 RxDTail: 990 Inband PCI Information DeviceID: 1000 VendorID: 8086 Status: 0200 Command: 0116
ClassCode: 020000 Revision: 03 Latency: FC CacheLine: 08 BaseAddr: 42000004 NonSwapAddr: 00000000 SwapAddr:
02000000 Inband Driver Information Transmit: FirstTxD: A19AF000( 0) LastTxD: A19B0FF0( 511) TxHead: A19B0850(
389) TxTail: A19B0850( 389) FreeTxDs: 00000512 Receive: FirstRxD: A19AA000( 0) LastRxD: A19ADFF0(1023)
RxHead: A19ADDF0( 991) RxTail: A19ADDE0( 990) FreeRxDs: 00001023 System: SpurIntrs: 00000000 OutofMbufs:
00000000 TotalMbufs: 00013088 TotalMCls: 00005536 FreeMbufs: 00011532 FreeMCls: 00004043 MacAddr:
00D0017957FF Resynch: 00000000 Inband FX1000 Statistics Transmit: TxPkts: 61337989 TxBytes: 2412393989
Inband Stuck Count: 00000000 Pkts/Sec: 00000000 QueuedPkts: 00000000 LateColl: 00000000 ExcessColl: 00000000
Ovfl: 00000000 OvflRate: 00000000 JmboPktDrp: 00000000 MaxPktRcvd: 00000000 Detail Tx Pkt Info (clear on read)
64: 00000000 65-127: 50108072 128-255: 04559900 256-511: 00910493 512-1023: 00000600 1024-1522:
00988696 Bcast: 00000000 Mcast: 00000033 # pkts: 56567761 Receive: RxPkts: 43941855 RxBytes: 2483893904
Pkts/Sec: 00000000 SeqErrInt: 00000000 Ovfl: 00000000 OvflRate: 00000000 OvInt: 00000000 OvIntRate: 00000000
CrcErrs: 00000000 SymbErrs: 00000000 ISLCrcErrs: 00000000 SeqErrs: 00000000 DescOv: 00000000 DescOvRate:
00000000 LenErrs: 00314103 DefrPkts: 00000000 Detail Rx Pkt Info (clear on read) 64: 00000000 65-127: 17144848
128-255: 25105957 256-511: 00849533 512-1023: 00497913 1024-1522: 00029504 Bcast: 00000000 Mcast:
00840799 Good pkt: 43627755 Undersize: 00000000 NoBuff: 00000000 Frags: 00000000 Oversize: 00314103 Jabber:
00000000 # pkts: 43941858
using baseline privacy on a particular cable interface.Here is an example output of this command.CMTS# show interface
cable 4/0 privacy statistic CM key Chain Count : 12 CM Unicast key Chain Count : 12 CM Mucast key Chain Count : 3
Reference: http://www.cisco.com/warp/public/109/docsis_bpi.shtml
Reference:
Reference:
Reference:
hash buckets and hence provide feedback to Cisco if the hash algorithm is
producing a particularly bad distribution into some buckets.”Example output:router#show ip route hash nettable:
Bucket Majornets Subnettted Subnets —————————————— 0 17 1 3 […] 4095 18 0 0 supernettable: 0 16 […]
4095 6 Routing table summary: Total nets: 159234 Total major nets: 67731 Total super nets: 38199
status of external (SSE) SPD. SPD mode will be one of disabled, normal,
packets go.labR4#show ip spd Current mode: normal. Queue min/max thresholds: 73/74, Headroom: 100, Extended
Headroom: 10 IP normal queue: 0, priority queue: 0. SPD special drop mode: none
process. Shows you the frequency of things like L1/L2 hello etc.ctalkb#sh isis timers Hello Process Expiration Type |
0.856 (Parent) | 0.856 L2 Hello (Ethernet3/0) | 6.352 L1 Hello (Ethernet3/0) | 6.940 Adjacency Update Process
Expiration Type | 1.060 (Parent) | 1.060 Ager | 1.352 L2 CSNP (Ethernet3/0) | 8.616 L1 CSNP (Ethernet3/0) |
3:25.860 (Parent) | 3:25.860 LSP refresh | 9:02.160 LSP lifetime | 9:24.568 LSP lifetime | 17:16.084 LSP lifetime |
20:58.536 Dynamic Hostname cleanup
Reference: Phrack, Volume 0xa, Issue 0x38
switch is being starved for memory. Within the display, “clusters” is the
number of buffers that are available for NMP to process incoming packets,
number of buffers that are available for the NMP at any given time. If this
is zero then this means that NMP has no buffers to process any incoming
frames. “lowest clfree” determines the lowest watermark that NMP has hit at
any time. If this value is zero but clfree is nonzero, then this means that
at one instance NMP ran out of buffers. This can be because of a broadcast
Reference:
nde buffer’ should grow until a threshold and then get flushed to the
series switch is hit by a bug which renders flow exports impossible and so
Reference:
router. If the used IOS image supports the MPLS Egress NetFlow Accounting
Feature then the output shows if MPLS Egress NetFlow Accounting is enabled
on the interface.
using the PFC2.Example output:[…] Total FIB entries: 262144 Allocated FIB entries: 13894 Free FIB entries: 248250
FIB entries used for IP ucast: 13853 FIB entries used for IPX : 1 FIB entries used for IP mcast: 40 Total adjacencies:
262144 Allocated adjacencies: 1365 Free adjacencies: 260779 Adjacencies used for IP ucast (FIB) : 288 Adjacencies
used for IPX (FIB) : 3 Adjacencies used for IP mcast (FIB) : 36 Adjacencies used for IP mcast (Netflow) : 0 Adjacencies
used for Policy Routing : 1023 Adjacencies used for Feature Manager (Netflow): 0 Adjacencies used for Local Director :
0 Adjacencies used for Diagnostics : 5 Adjacencies used for FTEP : 10 […]
Reference:
. All SNMP queries sent to a router are prioritized as either low or medium
priority, depending on the version of code run by the route processor. This
means that processes with a higher priority than the SNMP process will be
Reference:
enqueue over the normal input hold queue limit. This is to reserve room for
failover.
Reference:
changes to down, PPP parameteres are renegotiated and the line comes
up again.
Reference:
The output is identical to the one produced by the Dick Tracy debugging tool
from Cisco.
Reference: From Heinz Ulm’s web site, originally from Martin Gagnon, Canada
Reference:
Cisco 7500 router:Router#ttcp transmit or receive [receive]: transmit Target IP address: 1.1.1.1 perform tcp half close
[n]: send buflen [8192]: send nbuf [2048]: bufalign [16384]: bufoffset [0]: port [5001]: sinkmode [y]: buffering on
writes [y]: show tcp information at end [n]: ttcp-t: buflen=8192, nbuf=2048, align=16384/0, port=5001 tcp -> 1.1.1.1
%Connect failed: Destination unreachable; gateway or host down Router#ttcp transmit or receive [receive]: perform
tcp half close [n]: receive buflen [8192]: bufalign [16384]: bufoffset [0]: port [5001]: sinkmode [y]: rcvwndsize
[4128]: delayed ACK [y]: show tcp information at end [n]: ttcp-r: buflen=8192, align=16384/0, port=5001
rcvwndsize=4128, delayedack=yes tcpFrom the Open Forum:Question: When using the Cisco hidden command ttcp (to
generate traffic),
perform tcp half close [n] send bufflen [8192]: send nbuf [2048] bufalign [16384]: bufoffset [0]: port [5001]:
sinkmode [y]: show tcp information at end [n]:Answer:
Half close is regarding the tcp syn-ack; send bufflen is the size of the
data in the packet; port is the tcp/udp port the data is sent on, and
sinkmode tells the device to ignore other network traffic or not.
Reference:
tx-ring-limit command.
Reference: CSCdk17210
the number of sessions you wish to pre-clone. Please note that with l2tp
[by default], if you choose to pre-clone you are limited to the number of
sessions you pre-cloned. i.e. if you pre-clone 1000 sessions, you cannot
Reference:
by L2TP/L2F and can be used to temporarily reduce CPU load.This probably is per the suggestion in RFC 2661, section
8.1: “The default
for any L2TP implementation is that UDP checksums MUST be enabled for both
checksums always be enabled on control packets.”And Dennis Peng from Cisco added the following note (on cisco-nas):
us into the process switching path which will result in increased CPU
usage. By default, Cisco LAC’s will not set the UDP checksum, so in a
Cisco to Cisco environment, you don’t need this command. But other
is probably a good idea to include it. One big vendor which sets the