Cisco – CLI

Print Friendly

Switch Configuration

Set a user password

switch# username admin password NEWPASSWORD

Set the clock and timezone

switch# clock timezone GMT 0 0
switch# clock summer-time BST 5 Sunday march 02:00 5 Sunday October 03:00 60

Set NTP server

switch# ntp server 192.168.1.1

Set name server (DNS)

switch# ip name-server DNS_SERVER_IP

Set domain name

switch# ip domain-name DOMAIN.COM

Set banner

switch# banner motd #
**********************************************************************
** YOUR MESSAGE **
**********************************************************************
#
Define VSANs

switch# vsan database
switch# vsan 1 suspend
switch# vsan 111 name “FABRIC_A”
switch# vsan 111 interface bay 1-16

Configure TACACS and AAA

switch# tacacs+ enable
switch# tacacs-server key secret_key
(Define the secret key to access TACACS+ server. Messages will be send in clear text)
switch# tacacs-server key 7 secret_key (Define the secret key to access TACACS+ server. Messages will be send in encrypted format 7)
switch# tacacs-server timeout 30 (timeout of 30 servers)
switch# tacacs-server host 192.168.75.19 (Define TACACS+ server’s IP address)
switch# aaa group server tacacs+ AUTHGROUP (Define a server group AUTHGROUP)
switch# server 192.168.75.19 (Define first server within server group AUTHGROUP)
switch# aaa authentication login default group AUTHGROUP(Define group for default authentication)
switch# aaa authentication login console group AUTHGROUP (Define group for console authentication)
switch# aaa accounting default group AUTHGROUP local (Define mode for accounting)
switch# aaa authentication login error-enable (Show the message if remote AAA server is not available)

Configure SNMP

switch# snmp-server community eccuser group network-admin
switch# snmp-server community onaro group network-operator
switch# logging server 192.168.1.50 facility local0
switch# no logging console
switch# snmp-server enable traps
switch# snmp-server host 192.168.2.1 traps version 2c public udp-port 162

Zone Maintenance

Creating zone

Basic Zoning

switch# zone name servername_arrayname_portname vsan 111
switch# member pwwn 10:00:00:00:00:00:00:00
switch# member pwwn 50:00:00:80:50:A0:0B:40
switch# zoneset name FABRIC_A vsan 111
switch# member servername_arrayname_portname
switch# zoneset distribute vsan 111
switch# zoneset activate name FABRIC_A vsan 111

Creating IVR zoneset

switch# ivr zone name servername_array1_portname_array2_portname
switch# member pwwn 50:06:04:84:52:A9:0B:43 vsan 121
switch# member pwwn 50:06:04:84:52:A9:0B:AB vsan 111
switch# ivr zoneset name IVR_FABRIC_A
switch# member servername_array1_portname_array2_portname
switch# ivr zoneset activate name IVR_FABRIC_A
switch# ivr commit

Show the status of active zone

switch# show zone status vsan 111

To see all the zonesets on a fabric

switch# show zoneset | inc zoneset

To see all the zonesets active on a fabric

switch# show zoneset active | inc zoneset

To see zoneset/zones in vsan 111

switch# show zoneset active vsan 111

To see the status of IVR zoneset (it will tell you whether a zone is being activated at the moment)

switch# show ivr zoneset status

To see the existing zones within IVR zoneset

switch# show ivr zoneset | inc servername

To see what WWNs are logged in

switch# show flogi database

To rename a zone

switch# zone rename old_name new_name vsan 111
switch# zone distribute vsan 111
switch# zone activate name FABRIC_A vsan 111

To disable the alerts from switch

switch# no snmp-server host 192.168.2.1 traps version 2c public udp-port 162

To change the WWN of a zone member or add/remove new WWN

switch # zone name servername_arrayname_portname vsan 111
switch # no member pwwn 10:00:00:00:C9:7D:27:DA
switch # member pwwn 10:00:00:00:C9:6E:E7:C8
switch # zoneset name FABRIC_A vsan 111
switch # zoneset distribute vsan 111
switch # zoneset activate name FABRIC_A vsan 111

HP Chassis with Cisco Switches

To check PWWN for blades on HP Chassis

hpchassis# show flex-attach virtual-pwwn | inc bay
all bay6 22:06:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay13 22:0d:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay5 22:05:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay14 22:0e:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay15 22:0f:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay7 22:07:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay4 22:04:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay3 22:03:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay11 22:0b:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay12 22:0c:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay2 22:02:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay1 22:01:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay10 22:0a:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay9 22:09:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay16 22:10:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011
all bay8 22:08:00:0d:ec:9e:8d:42 TRUE Thu Sep 22 11:49:39 2011

To check status of interconnects

hpchassis# show interconnect list

To check IP address config of interconnects

hpchassis# show ebipa interconnect
hpchassis# show oa network all

To connect to an interconnect 3

hpchassis# connect interconnect 3

Enable virtual pwwn on all interfaces

hpchassis# flex-attach virtual-pwwn auto interface bay 1-16
hpchassis# flex-attach commit

Switch Maintenance

To check time out drops recorded in switch

switch# show logging onboard timeout-drops

To check if a part was removed from within the switch

show logging log | i "FCOT not present"

<h5>To check the status of port whether it is online</h5>
slot 2 show hard internal fc-mac port 1 all-registers | i DATAPATH
0x00000601 IP_FCMAC_CTL_DATAPATH_ID  0x0021031e => 31e indicates port is online, 0x00210320 = offline

To see the status of FCIP connections

switch# show fcip summary

To set indefinite autologout

switch# line vty
switch# exec-timeout 0

To suspend a VSAN

switch# vsan database
switch# vsan 130 suspend
switch# show vsan 130

To see whether the route to virtual domain is flapping – Output below shows it is flapping every 2 seconds or so

switch# show system internal rib sync-log unicast
Idx  Seq (H)   Oper    Action  VSAN  FC ID/Mask(H)  Time
---  --------  ------  ------  ----  ------ ------  ----
126  0000ff7f  update  delete  130   cb0000 ff0000  Mon Jan 16 00:54:36 2012
127  0000ff80  update  add     130   cb0000 ff0000  Mon Jan 16 00:54:38 2012
0    0000ff81  update  delete  130   cb0000 ff0000  Mon Jan 16 00:54:40 2012
1    0000ff82  update  add     130   cb0000 ff0000  Mon Jan 16 00:54:42 2012
2    0000ff83  update  delete  130   cb0000 ff0000  Mon Jan 16 00:54:44 2012
3    0000ff84  update  add     130   cb0000 ff0000  Mon Jan 16 00:54:46 2012
4    0000ff85  update  delete  130   cb0000 ff0000  Mon Jan 16 00:54:47 2012
5    0000ff86  update  add     130   cb0000 ff0000  Mon Jan 16 00:54:49 2012
6    0000ff87  update  delete  130   cb0000 ff0000  Mon Jan 16 00:54:51 2012

To show vsan/domain list

switch# show systyem internal rib domain
switch# show system internal rib unicast vsan 130
switch# show system internal rib internal memory-pool-usage
switch# show system internal rib multicast
switch# show system internal rib summary
switch# show system internal rib sync-log label
switch# show system internal rib sync-log multicast
switch# show system internal rib sync-log unicast
switch# show system internal rib vsan-attributes
switch# show system internal rib vsan-rewrite

To see domain id for a VLAN on a switch

switch# show fspf database
switch# show fspf database vsan 130 domain 203

To see fibre domain

switch# show fcdomain domain-list

To show which domains are allowed

switch# show fcdomain allowed

To show which FCIDs are allocated in which domain/vlan

switch# show fcdomain address-allocation
show fcdomain fcid persistent

To see the details about VLAN

switch# show vsan
switch# show vsan 130

To see which ports are part of which VSAN

switch# show vsan membership

To show IVR topology on VSAN

switch# show ivr
switch# show ivr vsan-topology

To find out chassis connected to main switch

switch# show fcns database detail | i chassisname prev 6 | i 'port-wwn|ext'

To check LSR owner for the virtual domain representing VSAN 111 in VSAN 130

switch# show ivr internal vdri-fsm summary
switch# show ivr internal dep vsan 130
switch# show ivr internal pvm | I RSCN_OFFLINE | count
switch# show fcns data vsan 130

Look for stale domains or domain mismatch

switch# show zone internal

To check status of management interface

switch# show interface mgmt0

To check version of NX-OS and hardware info

switch# show version

To see modules installed in the switch

switch# show module

To check the status of power supply on supervisor

switch# show module internal exceptionlog

To check the status of hardware

switch# show environment

To check status of sprom backplanes

switch# show sprom backplane [1|2]

To check clock

switch# show clock

To show callhome config

switch# show callhome

To show status of interfaces in brief

switch# show interface fc1/1 [brief|detail]

To see SNMP details

switch# show snmp

To see accounting log – login by different users

switch# show accounting log

To see whcih processes are running

switch# show process

To see the processes that are currently consuming more than 0% CPU on the switch. As this command provides a snapshot of the moment it is executed, it is often necessary to run this command multiple times for several minutes (depending on the frequency of CPU spikes)

switch# show process cpu | ex 0.0%

To produce graphical output showing CPU usage history over the last 60 secs, 60 mins, and last 72 hrs

switch# show processes CPU history

To see memory utilisation by processes

switch# show process memory
switch# show system internal platform internal mem-stats

To see memory stats for ports

switch# show port internal mem-stats detail

To see statys of IVR merging

switch# show cfs merge status name ivr

To show licensed hostid

switch# show license host-id

To show license installed

switch# show license

To show usage of license

switch# show license usage

To show history/reason for reset of system/supervisor

switch# show system reset-reason

To see the status of OS upgrade/last install

switch# show install all status
switch# show system internal log install [detail]

To see how long the system has been up since

switch# show system uptime

To check the status of internal xbar communication links between system and modules

switch# show system internal xbar all

To show details of hardware/ipc channel

switch# show hardware
switch# show hardware internal version
switch# show hardware ipc-channel status
switch# show hardware internal ipc-channel event-log
switch# show hardware internal ipc-channel info
switch# show hardware internal platform event-log
switch# show hardware internal sprom event-log

To show status of features such as ivr

switch# show system internal feature-mgr feature state

To check filesystems mounted and their sizes

switch# show system internal flash

To check status of services such as ftp/core/debug/bootflash etc

switch# show system internal urifs
switch# show system internal sysmgr service all

To check the status of suprevisors

switch# show redundancy status
switch# show system internal redundancy status

To show product id/serial number of modules installed

switch# show inventory

To show internal counters

switch# show int counter brief

To show health stats

switch# show system health statistics

To show VSAN topology

switch# show topology

To show fcroute details

switch# show fcroute unicase

To show local FCS database (shows doamin id, vsan id)

switch# show fcs database

To show fcs IE

switch# show fcs ie

To show internal information about flogi database

switch# show flogi internal info

To show details about fspf

switch# show fspf
switch# show fspf database
switch# show fspf interface
switch# show fspf internal info

To See zone analysis – a bit more than zone status

switch# show zone analysis active vsan 111
switch# show zone statistics vsan 111

To see event history of changes in vsans

switch# show zone internal change event-history vsan 111

To see ifindex-table in vsans

switch# show zone internal change event-history vsan 111

To set up the description of a port

switch# interface ext 1
switch# switchport description <hostname>

To set the beacon on a port?

switch# interface fc1/1
switch# switchport beacon

To turn it off

switch# no switchport beacon

To change buffer to buffer credit

switch# switchport fcrxbbcredit 18

To confirm the valid power status of a power supply

switch# system internal platform internal info
For a MDS9513 Enterprise Switch a value of volt 42 indicates that the a power supply is working correctly

To check port-channel (ISL) info

# show port-channel database
# show port-channel summary

How to reload (power cycle) a line card

# poweroff module 1
# no poweroff module 1 

OR
# reload module 1

sanaswati

2 Responses to “Cisco – CLI”

  1. Bhuvan 04/07/2013 at 12:54 am # Reply

    Could you help me on giving the command how to delete the zone? I found below command but i think it disables the traffic.

    switch(config)# no zone zone_name permit vsan 100

    • Ketan Patel
      Ketan Patel 05/07/2013 at 8:46 am # Reply

      If you are removing a zone from a zoneset, then it is the opposite of adding the zone. Sample commands would be:
      # zoneset name test_zoneset vsan 100
      # no member test_zonename
      # zoneset distribute vsan 100
      # zoneset activate name test_zoneset vsan 100

      If you want to delete the zone, the commadns would be opposite of creating a new zone.
      # zone name new_zone vsan 100 => create a new zone
      # no zone name new_zone vsan 100 => delete the zone

Leave a Reply

*