Just another Cisco blog
Posts tagged Commands
BGP Multipath-Relax
May 21st
So I learned a new command today. As usual I want to share with everyone. Today’s command is “bgp bestpath as-path multipath-relax”, which is actually hidden in IOS.
To give some background, BGP will not load balance across multiple paths by default. We can configure it to do so with the “maximum-paths n” command, which is pretty well known. The criteria of this command is that all attributes must match (Weight, LP, AS Path, etc). This is acceptable if we are multihomed to a single AS, but what if we are multihomed to different ASes? In that case we are not able to load balance across theoretically equal paths. Enter the “bgp bestpath as-path multipath-relax” command…
Here’s our first topology:
(click for fullsize)
Now the config:
R1(config)#router bgp 100 R1(config-router)#no synchronization R1(config-router)#neighbor 10.1.12.2 remote-as 200 R1(config-router)#neighbor 10.1.13.3 remote-as 200 R1(config-router)#no auto-summary |
Here we see the basic BGP config on R1. We will only be configuring R1 in this post.
Make IOS Like JUNOS
Mar 24th
Thought you guys would like the title. 
Sorry for the lack of content lately, I’ve been very busy.
Today we’re going to explore the “archive” feature in IOS with a small “archive tutorial”. This was sparked by a recent comment on one of my JUNOS posts. The commenter said that the “archive” command in IOS is the same as “rollback” in JUNOS. They are similar, but “rollback” is there by default where you need to do some tinkering with “archive”. I’ve used it in the past, but never with the intention of mimicking JUNOS’s “rollback”.
Here’s the config:
EDGE(config)#archive EDGE(config-archive)#? Archive configuration commands: default Set a command to its defaults exit Exit from archive configuration mode log Logging commands maximum maximum number of backup copies no Negate a command or set its defaults path path for backups rollback Rollback parameters time-period Period of time in minutes to automatically archive the running-config write-memory Enable automatic backup generation during write memory EDGE(config-archive)#path disk0:config-backup EDGE(config-archive)#max 14 EDGE(config-archive)#write-memory |
To enter the config, we simply type “archive” in global config. There are quite a few options, as we can see. First we’ll need to set our path to store the archived configs, this is a 7200, so I’m using disk0 and a simple naming convention. Next we specify how many configs we want to backup, I’m using the maximum on my device, which is 14. Finally we set the “write-memory” command, which tells the router to archive the config anytime we save.
Useful IOS Commands
Jan 4th
My “Show Run Variations” post sparked an interesting thread on Networking-Forum. I thought it would be nice to make a post with as many useful/little known commands as I can find. I might make a separate page for this depending on how much I can come up with and how frequently updates would be needed. Here we go:
show ip nbar protocol-discovery stats bit-rate top-n 10 |
This command will show you the top 10 protocols (that NBAR can see) on your router. I use this in an alias called “traffic”. You will also need “ip nbar protocol-discovery” enabled on interfaces you want to see statistics for.
show processes cpu sort |
This command will show the sorted CPU usage of all processes running on the router. You could also use “show proc cpu history” to see some ASCII graphs of CPU utilization.
reload in 5 |
TCL Ping Script
Dec 29th
TCL is a scripting language built into IOS (since 12.3(2)T according to Cisco.com), it can be very handy. I use this TCL script quite a bit, but it’s always few and far between, so I find myself Googling for it every time. I decided to post it here so I always know where to find it, heh. This TCL script it pretty basic, you just type it out in a text editor and past it in the console.
Here’s a simple example:
foreach address {
192.168.10.1
192.168.15.1
192.168.25.1} { ping $address } |
With that we get this:
EDGE#tclsh
EDGE(tcl)#foreach address {
+> 192.168.10.1
+> 192.168.15.1
+> 192.168.25.1} { ping $address }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.25.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms |
We could get a bit more complex using some extended ping options, like this:
foreach address {
192.168.10.1
192.168.15.1
192.168.25.1} { ping $address source lo254 repeat 3 } |
In this one we are pinging with a source address of Loopback 254, and only sending 3 pings. It looks like this:
EDGE#tclsh
EDGE(tcl)#foreach address {
+> 192.168.10.1
+> 192.168.15.1
+> 192.168.25.1} { ping $address source lo254 repeat 3 }
Type escape sequence to abort.
Sending 3, 100-byte ICMP Echos to 192.168.10.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.254.254
!!!
Success rate is 100 percent (3/3), round-trip min/avg/max = 1/3/4 ms
Type escape sequence to abort.
Sending 3, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.254.254
!!!
Success rate is 100 percent (3/3), round-trip min/avg/max = 1/3/8 ms
Type escape sequence to abort.
Sending 3, 100-byte ICMP Echos to 192.168.25.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.254.254
!!!
Success rate is 100 percent (3/3), round-trip min/avg/max = 1/3/4 ms |
Short post, just something I needed a place for. Hope it’s useful to some readers.
Show Run Variations
Nov 28th
A recent thread on TechExams gave me the idea for a post on all the variations of the “show run” command. In this article I’ll go through the variations that I use the most, and some others that I don’t use much, but are pretty helpful.
Let’s take a look:
First we’ll look at all the options provided by IOS help:
EDGE#sh run ? all Configuration with defaults brief configuration without certificate data class-map Show class-map information control-plane Show Control-Plane information flow Global Flow configuration subcommands full full configuration interface Show interface configuration linenum Display line numbers in output map-class Show map class information policy-map Show policy-map information ssid Show Dot11 SSID information view View options vlan Show L2 VLAN information vrf Show VRF aware configuration | Output modifiers |
I’m sure everyone reading this has used good old “sh run” many times. What about the other options? I use “sh run interface” quite a bit:
EDGE#sh run int fa0/0 ... interface FastEthernet0/0 description OUTSIDE ip address xx.xx.xx.xx 255.255.255.248 ip access-group OUTSIDE_IN in no ip redirects no ip unreachables no ip proxy-arp ip accounting access-violations ip nbar protocol-discovery ip nat outside ip virtual-reassembly load-interval 30 duplex auto speed auto no cdp enable service-policy input QoS_IN service-policy output SHAPER end |
That and “sh run | section” are probably the variations I use most:
EDGE#sh run | sec ephone-dn ephone-dn 1 dual-line number 5001 no-reg primary label Colby name Colby ephone-dn 3 number 5003 no-reg primary label Laptop name Colby-Laptop ephone-dn 4 number 5004 no-reg primary name Wireless ephone-dn 5 number 5005 no-reg primary ephone-dn 6 number 5006 no-reg primary name Katie ephone-dn 11 dual-line number 555-555-5555 label 555-555-5555 name Colby |
That one is perfect for times when you are looking for specific parts of the config, without having to wade through everything.
A new one I just learned from Networking-Forum:
EDGE#sh run Building configuration... ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! /ospf <--- I typed this filtering... router ospf 200 router-id 192.168.254.254 log-adjacency-changes network 192.168.5.0 0.0.0.255 area 1 network 192.168.13.0 0.0.0.3 area 0 network 192.168.254.254 0.0.0.0 area 0 |
Recent Comments