Differences

This shows you the differences between two versions of the page.

--- wiki:site:cisco:ccnp:switch:prikazy [2018/01/23 10:16]
root odstraněno
+++ — (current)
@@ Line 1: / Line 1: @@
-(Příkazy označené tečkou fungují v GNS3 na routeru s NM-16ESW modulem)
-====== Switch CAM Table ======
-POZOR! příkazy lze psát dvěma způsoby:
-  * Po staru: **mac-adress-table**
-  * Po novu: **mac address-table**
->Switch(config)# **mac address-table aging-time** //seconds(def.300)//
->Switch(config)# **mac address-table static** //aaaa.bbbb.cccc// **interface** //type mod/num// **vlan** //vlan-id//
->Switch# **show mac address-table dynamic** [**address** //mac-address// | **interface** //type mod/num// | **vlan** //vlan-id//]
->Switch# **show mac address-table count**
->Switch# **clear mac address-table dynamic** [**address** //mac-address// | **interface** //type mod/num// | **vlan** //vlan-id//]
-====== Switch Port Configuration ======
->.Switch(config)# **interface** //type module/number//
->.Switch(config)# **interface range** //type module/number [, type module/number ...]//
->.Switch(config)# **interface range** //type module/first-number – last-number//
->.Switch(config)# **define interface-range** //macro-name type module/number
-[, type module/ number ...] [, type module/first-number – last-number] [, ...]//
->.Switch(config)# **interface range macro** //macro-name//
-(předdefinované makro se uloží do configu)
-__Příklad:__\\
-Switch(config)# **define interface-range MyGroup gig 2/0/1 , gig 2/0/3 – 2/0/5 ,
-gig 3/0/1 , gig 3/0/10, gig 3/0/32 – 3/0/48**\\
-Switch(config)# **interface range macro MyGroup**
->.Switch(config-if)# [**no**] **shutdown**
->.Switch(config-if)# **description** //description-string//
->.Switch(config-if)# **speed** {**10** | **100** | **1000** | **auto**(defult)}
-  * GBIC porty - napevno 1000
-  * 1000BASE-T - 10/100/1000
->.Switch(config-if)# **duplex** {**auto** | **full** | **half**}
-  * **auto** - nelze nastavit u 10BASE ethernetu
-  * Ethernet 10 - defaultně **half**
-  * FastEthernet 10/100 - defaultně **full**
-  * Rychlejší - defaultně **auto**
-__Konfigurace detekce chyb (errdisable)__
->.Switch(config)# [**no**] **errdisable detect cause** [**all** | //cause-name//]
-  * Příkaz lze zadat vícekrát pro různé události
-  * .**all** - detekuje vše
-  * **arp-inspection**
-  * .**bpduguard** - Na STP Portfast portu je přijato BPDU
-  * **channel-misconfig** - Chyba v konfiguraci Etherchannelu
-  * **dhcp-rate-limit** - Týká se DHCP Snoopingu
-  * .**dtp-flap** - Flapování trunking enkapsulace (.1Q/ISL)
-  * **gbic-invalid** - Vadný GBIC nebo SFP
-  * **ilpower** - Chyba v PoE
-  * **l2ptguard** - Chyba v tunelování L2 protokolu
-  * .**link-flap** - Flapující linka
-  * **loopback** - Detekuje smyčku na interfacu
-  * .**pagp-flap** - Nekonsistence etherchannelu
-  * **psecure-violation** - Událost port security
-  * .**rootguard** - STP BPDU od root bridge je přijato na nežádoucím portu
-  * **security-violation** - Detekuje chyby týkající se port security
-  * **storm-control** - Detekce L2 bouře
-  * .**udld** - Detekce jednosměrného provozu
-  * **unicast-flood** - Detekuje trigger blokování unicastového floodování
-  * **vmps** - Detekuje chyby při přizazování portu do dynamické VLAN za pomoci VMPS serveru
->.Switch(config)# **errdisable recovery cause** [**all** | //cause-name//]
->.Switch(config)# **errdisable recovery interval** //seconds//
-  * Interval obnovy je def. 300 sekund
-  * Možnost nastavení 30 - 86400 sekund (24hodin)
-__Troubleshooting__
->.Switch# **show interface**
->.Switch# **show interfaces status**
->.Switch# **show interface status err-disabled**
-___Pro zjištění speed/duplex mismatch:___
->.Switch# **show interface** //type mod/num//
-  * hledat nenulové hodnoty v "input errors" a "runts"
-====== VLAN Configuration ======
->Switch(config)# [**no**] **vlan** //vlan-num//
->Switch(config-vlan)# **name** //vlan-name//
-  * //vlan-num// - 1-1001 (1,1002-1005 jsou vytvořené defaultně), extended 1-4094
-  * //vlan-name// - nepovinné, až 32 zanků bez mezer
->Switch(config)# **interface** //type module/number//
->Switch(config-if)# **switchport** (přepne port do režimu L2)
->Switch(config-if)# **switchport mode access**
->Switch(config-if)# **switchport access vlan** //vlan-num//
->Switch# **show vlan**
->Switch# **show vlan brief**
-<code>
-VLAN Name             Status  Ports
----- ---------------- ------- ------
-    default          active  Fa0/1,Fa0/2,Fa0/3,Fa0/10,Fa0/11,Fa0/12
-   VLAN0020         active  Fa0/5,Fa0/6,Fa0/7
-   VLAN0021         active  Fa0/8,Fa0/9
-fddi-default     active
-trcrf-default    active
-fddinet-default  active
-trbrf-default    active
-</code>
->Switch# **show running-config interface** //type module/number//
-<code>
-Building configuration...
-Current configuration 64 bytes
-interface FastEthernet 0/5
- switchport access vlan 20
- switchport mode access
-</code>
->Switch# **show mac address-table interface** //type module/number//
-<code>
-Mac Address Table
-—————————————————————
-Vlan Mac Address    Type    Ports
----- -----------    ----    -----
-    0030.b656.7c3d DYNAMIC Fa0/1
-Total Mac Addresses for this criterion: 1
-</code>
->Switch# **show interfaces** //type module/number// **switchport**
-<code>
-Name: Fa0/1
-Switchport: Enabled
-Administrative Mode: dynamic desirable
-Operational Mode: static access
-Administrative Trunking Encapsulation: negotiate
-Operational Trunking Encapsulation: native
-Negotiation of Trunking: On
-Access Mode VLAN: 1 (default)
-Trunking Native Mode VLAN: 1 (default)
-Trunking VLANs Enabled: ALL
-Pruning VLANs Enabled: 2-1001
-Protected: false
-Unknown unicast blocked: false
-Unknown multicast blocked: false
-Broadcast Suppression Level: 100
-Multicast Suppression Level: 100
-Unicast Suppression Level: 100
-</code>
-Alternativně (GNS3):
->Router# **vlan database**
->Router(vlan)# [**no**] **vlan** //vlan-num//
->Router# **show vlan-switch**
->Router# **show vlan-switch brief**
-====== VLAN Trunk Configuration ======
->Switch(config)# **interface** //type mod/port//
->Switch(config-if)# **switchport**
->Switch(config-if)# **switchport trunk encapsulation** {**isl** | **dot1q** | **negotiate**}
->Switch(config-if)# **switchport trunk native vlan** //vlan-id//
->Switch(config-if)# **switchport trunk allowed vlan** {//vlan-list// | **all** | {**add** | **except** | **remove**} //vlan-list//}
->Switch(config-if)# **switchport mode** {**trunk** | **dynamic** {**desirable** | **auto**}}
-Ve všech režimech DTP posílá zprávy každých 30s.
->Switch(config-if)# **switchport nonegotiate**
->Switch# **show interface** //type mod/port//
->Switch# **show vlan id** //vlan-id//
->Switch# **show interface** //type mod/num// **switchport** | **trunk**
->Switch# **show dtp** [**interface** //type mod/num//]
-====== DTP - Dynamic Trunking Protocol ======
->SW# **no-isl-entries enable**
->Switch(config)# **interface** //type mod/port//
->Switch(config-if)# **switchport**
->Switch(config-if)# **switchport mode {dynamic {auto | desirable} | trunk}**
->Switch(config-if)# **switchport trunk encapsulation {isl | dot1q | negotiate}**
->Switch(config-if)# **switchport nonnegotiate**
->Switch(config-if)# **switchport trunk native vlan** //vlan-id//
->Switch(config-if)# **switchport trunk allowed vlan** {//vlan-list// | **all** | {**add** | **except** | **remove**} //vlan-list//}
-Ve všech režimech DTP posílá zprávy každých 30s.
-Vypnutí DTP:
->Switch(config-if)# **switchport nonegotiate**
->Switch# **show running-config**
->Switch# **show interface** //type mod/port//
->Switch# **show vlan id** //vlan-id//
->Switch# **show interface** //type mod/num// **switchport** | **trunk**
->Switch# **show dtp** [**interface** //type mod/num//]
->Switch# **show interfaces fastethernet 0/1 trunk**
-<code>
-Port    Mode      Encapsulation  Status    Native vlan
-Fa0/1  desirable  n-802.1q       trunking   1
-Port   Vlans allowed on trunk
-Fa0/1  1-150
-<further output omitted>
-</code>
-====== VTP - Vlan Trunking Protocol ======
->Switch(config)# **vtp domain** //domain-name// <sub>...(max.32 znaků)</sub>
->Switch(config)# **vtp mode** {**server** | **client** | **transparent**}
->Switch(config)# **vtp version** {**1** | **2**} <sub>...(def.1)</sub>
->Switch(config)# **vtp password** //password//
-  * //password// - max.32 znaků, case-sensitive, používá se k výpočtu MD5
-**VTP Pruning**
->Switch(config)# **vtp pruning**
->Switch(config)# **interface** //type mod/num//
->Switch(config-if)# **switchport trunk pruning vlan** {{{**add** | **except** | **remove**} //vlan-list//} | **none**}
-VLAN 1,1002-1005 - nikdy nepodléhají pruningu (VLAN 1-kontrolní provoz)
->Switch# **show vtp status**
-<code>
-VTP Version                      : 2
-Configuration Revision           : 0
-Maximum VLANs supported locally  : 1005
-Number of existing VLANs         : 5
-VTP Operating Mode               : Server
-VTP Domain Name                  :
-VTP Pruning Mode                 : Disabled
-VTP V2 Mode                      : Disabled
-VTP Traps Generation             : Disabled
-MD5 digest                       : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
-Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
-</code>
->Switch# **show vtp counters**
-<code>
-VTP statistics:
-Summary advertisements received      : 1
-Subset advertisements received       : 2
-Request advertisements received      : 1
-Summary advertisements transmitted   : 1630
-Subset advertisements transmitted    : 0
-Request advertisements transmitted   : 4
-Number of config revision errors     : 0
-Number of config digest errors       : 0
-Number of V1 summary errors          : 0
-VTP pruning statistics:
-Trunk             Join Transmitted  Join Received      Summary advts received from
-                                                       non-pruning-capable device
------------------ ---------------- --------------- -------------------------------
-Gi0/1                82352             82931              0
-</code>
->Switch# **show vlan brief**
->Switch# **show interface** //type mod/num// **switchport**
->Switch# **show interface** //type mod/num// **pruning**
-====== EtherChannel ======
-Jakmile je nakonfigurován EtherChannel, switch pro něj automaticky vytvoří virt. interface.
->Switch(config)# **interface port-channel** //number//
->Switch(config)# **port-channel load-balance** //method//
-^//method//  ^Hash Operation^Switch model^
-|**src-ip**      |  bits  |  all        |
-|**dst-ip**      |  bits  |  all        |
-|**src-dst-ip**  |  XOR   |  all        |
-|**src-mac**     |  bits  |  all        |
-|**dst-mac**     |  bits  |  all        |
-|**src-dst-mac** |  XOR   |  all        |
-|**src-port**    |  bits  |  4500,6500  |
-|**dst-port**    |  bits  |  4500,6500  |
-|**src-dst-port**|  XOR   |  4500,6500  |
-__**L3 Portchannel**__\\
-  * Switch(config-if)# **no switchport**
-  * Switch(config-if)# **ip address** //address mask//
-===== PaGP =====
->Switch(config)# **interface** //type mod/num//
->Switch(config-if)# **channel-protocol pagp**
->Switch(config-if)# **channel-group** //number// **mode** {**on** | {{**auto** | **desirable**} [**non-silent**]}}
-**non-silent** - sw standartně v módu auto a desirable ani nečeká na žádné pagp zprávy (z důvodu připojení zař.,které pagp neumí), tímto příkazem aktivujeme posílání a očekávání pagp zpráv
-===== LACP =====
->Switch(config)# **lacp system-priority** //priority(1-65535, def.32768)//
->Switch(config)# **interface** //type mod/num//
->Switch(config-if)# **channel-protocol lacp**
->Switch(config-if)# **channel-group** //number(1-64)// **mode** {**on** | **passive** | **active**}
->Switch(config-if)# **lacp port-priority** //priority(1-65535, def.32768)//
-===== Troubleshooting =====
->Switch# **show etherchannel summary**
-<code>
-Switch# show etherchannel summary
-Flags:  D - down         P - in port-channel
-        I - stand-alone  s - suspended
-        H - Hot-standby (LACP only)
-        R - Layer3       S - Layer2
-        u - unsuitable for bundling
-        U - in use       f - failed to allocate aggregator
-        d - default port
-Number of channel-groups in use: 1
-Number of aggregators:           1
-Group  Port-channel   Protocol    Ports
-------+--------------+-----------+------------------------------------------------
-      Po1(SU)         PAgP            Fa0/41(P) Fa0/42(P) Fa0/43 Fa0/44(P)
-                                  Fa0/45(P) Fa0/46(P) Fa0/47(P) Fa0/48(P)
-</code>
->Switch# **show etherchannel port**
-<code>
-                  Channel-group listing:
-                  -----------------------
-Group: 1
-----------
-Ports in the group:
---------------------
-Port: Fa0/41
-------------
-Port state    = Up Mstr In-Bndl
-Channel group = 1        Mode = Desirable-Sl      Gcchange            = 0
-Port-channel  = Po1      GC   = 0x00010001        Pseudo port-channel = Po1
-Port index    = 0        Load = 0x00              Protocol            = PAgP
-Flags:  S - Device is sending Slow hello.  C - Device is in Consistent state.
-        A - Device is in Auto mode.        P - Device learns on physical port.
-        d - PAgP is down.
-Timers: H - Hello timer is running.        Q - Quit timer is running.
-        S - Switching timer is running.    I - Interface timer is running.
-Local information:
-                                 Hello     Partner  PAgP       Learning  Group
-Port     Flags  State   Timers   Interval  Count    Priority   Method    Ifindex
-Fa0/41   SC     U6/S7   H        30s       1        128        Any       55
-Partner’s information:
-         Partner       Partner           Partner              Partner   Group
-Port     Name          Device ID         Port           Age   Flags     Cap.
-Fa0/41   FarEnd        00d0.5849.4100    3/1            19s   SAC       11
-Age of the port in the current state: 00d:08h:05m:28s
-</code>
->**show running-config interface** //type mod/ num//
->**show interface** //type mod/num// **etherchannel**
->**show etherchannel port-channel**
->**show etherchannel detail**
->**show etherchannel load-balance**
->**show etherchannel port-channel**
->**show {pagp | lacp} neighbor**
->**show lacp sys-id**
-====== STP Spanning-tree protocol ======
->Switch(config)# [**no**] **spanning-tree vlan** //vlan-id//
->Switch(config-if)# [**no**] **spanning-tree vlan** //vlan-id//
-># **show spanning interface** //type mod/port//
-># **debug spanning-tree switch state**
-===== STP Root Bridge: =====
->Switch(config)# [**no**] **spanning-tree extended system-id**
->Switch(config)# **spanning-tree vlan** //vlan-list// **priority** //bridge-priority//
-  * Standart //bridge-priority//: 0-65535, def.32768
-  * Extended //bridge-priority//: 0-61440 (násobky 4096), def.32768
->Switch(config)# **spanning-tree vlan** //vlan-id// **root** {**primary** | **secondary**} [**diameter** //diameter//]
-  * **primary** je-li aktuální priorita roota větší než 24576 switch si nastaví tuto prioritu, jeli priorita roota menší, switch si nastaví o 4096 nižší bridge prioritu (kromě nuly, tu je třeba nastavit ručně).
-  * **secondary** - bridge priority se nastaví na 28672
-<code>
-Switch(config)# spanning-tree vlan 1 root primary
-vlan 1 bridge priority set to 24576
-vlan 1 bridge max aging time unchanged at 20
-vlan 1 bridge hello time unchanged at 2
-vlan 1 bridge forward delay unchanged at 15
-</code>
-===== Root Path Cost: =====
->Switch(config-if)# **spanning-tree** [**vlan** //vlan-id//] **cost** //cost(1-65535)//
->Switch# **show spanning-tree interface** //type mod/num// [**cost**]
-<code>
-Switch# show spanning-tree interface fa0/1
-Vlan              Role Sts Cost       Prio.Nbr Type
------------------ ---- --- ---------- -------- -----------------------------
-VLAN0001          Root FWD 4          128.1    P2p
-VLAN0010          Desg FWD 4          128.1    P2p
-VLAN0020          Root FWD 4          128.1    P2p
-</code>
-===== Port Priority: =====
->Switch(config-if)# **spanning-tree** [**vlan** //vlan-list//] **port-priority** //port-priority(0-255,def.128)//
->Switch# **show spanning-tree interface** //type mod/num//
-===== STP Timers: =====
-Nastavovat jen na ROOTOVI!!!
-__Manuální konfigurace:__
->Switch(config)# **spanning-tree** [**vlan** //vlan-id//] **hello-time** //seconds(1-10,def.2)//
->Switch(config)# **spanning-tree** [**vlan** //vlan-id//] **forward-time** //seconds(4-30,def.15)//
->Switch(config)# **spanning-tree** [**vlan** //vlan-id//] **max-age** //seconds(6-40,def.20)//
-__Automatická konfigurace pomocí makra:__
->Switch(config)# **spanning-tree vlan** //vlan-list// **root** {**primary** | **secondary**} [**diameter** //diameter// [**hello-time** //hello-time//]]
-===== PortFast =====
->Switch(config)# **spanning-tree portfast default**
->Switch(config-if)# [**no**] **spanning-tree portfast**
->Switch(config-if)# **switchport host**
-<code>
-Switch(config-if)# switchport host
-switchport mode will be set to access
-spanning-tree portfast will be enabled
-channel group will be disabled
-</code>
->Switch# **show spanning-tree interface** //type mod/num// **portfast**
-===== UplinkFast =====
->Switch(config)# **spanning-tree uplinkfast** [**max-update-rate** //pkts-per-second(0-65535,def.150)//]
->Switch# **show spanning-tree uplinkfast**
-<code>
-Switch# show spanning-tree uplinkfast
-UplinkFast is enabled
-Station update rate set to 150 packets/sec.
-UplinkFast statistics
-Number of transitions via uplinkFast (all VLANs)             : 2
-Number of proxy multicast addresses transmitted (all VLANs)  : 52
-Name                  Interface List
---------------------- --------------------------------
-VLAN0001              Gi0/1(fwd)
-VLAN0010              Gi0/1(fwd)
-VLAN0100              Gi0/1(fwd)
-</code>
-===== BackboneFast =====
->Switch(config)# **spanning-tree backbonefast**
->Switch# **show spanning-tree backbonefast**
-<code>
-Switch# show spanning-tree backbonefast
-BackboneFast is enabled
-</code>
-===== Root Guard =====
->Switch(config-if)# **spanning-tree guard root**
->Switch# **show spanning-tree inconsistentports**
-===== BPDU Guard =====
->Switch(config)# **spanning-tree portfast bpduguard default**
->Switch(config-if)# [**no**] **spanning-tree bpduguard enable**
->Switch# **show spanning-tree summary**
->Switch# **show spanning-tree summary totals**
-===== Loop Guard =====
->Switch(config)# **spanning-tree loopguard default**
->Switch(config-if)# [**no**] **spanning-tree guard loop**
->Switch# **show spanning-tree summary**
-===== UDLD =====
->Switch(config)# **udld** {**enable** | **aggressive** | **message time** //seconds(7-90,def.7 or 15)//}
->Switch(config-if)# **udld** {**enable** | **aggressive** | **disable**}
->Switch# **show udld interface** //type mod/num//
->Switch# **udld reset**
-===== BPDU Filter =====
->Switch(config)# **spanning-tree bpdufilter default**
->Switch(config-if)# **spanning-tree bpdufilter** {**enable** | **disable**}
->Switch# **show spanning-tree summary**
-===== Troubleshooting STP =====
->Switch# **show spanning-tree** [**detail**]
->Switch# **show spanning-tree** **vlan** //vlan-id//
->Switch# **show spanning-tree** [**vlan** //vlan-id//] **summary** [**totals**]
->Switch# **show spanning-tree** [**vlan** //vlan-id//] **root**
->Switch# **show spanning-tree** [**vlan** //vlan-id//] **bridge**
->Switch# **show spanning-tree bridge brief**
->Switch# **show spanning-tree interface** //type mod/num//
->Switch# **show spanning-tree interface** //type mod/num// **detail**
->Switch# **show spanning-tree interface** //type mod/num// **cost**
->Switch# **show spanning-tree interface** //type mod/num// **portfast**
->Switch# **show spanning-tree uplinkfast**
->Switch# **show spanning-tree backbonefast**
->Switch# **show spanning-tree inconsistentports**
->Switch# **show udld interface** //type mod/num//
-====== Rapid PVST+ ======
-Konfigurace edge portů:
->Switch(config-if)# **spanning-tree portfast**
-Nastavení p2p pro half-duplex linku: (propojení switchů na half-duplexu)
->Switch(config-if)# **spanning-tree link-type point-to-point**
-Zapnutí RPVSTP+:
->Switch(config)# **spanning-tree mode rapid-pvst**
-Přechod zpět na PVST+:
->Switch(config)# **spanning-tree mode pvst**
->Switch# **show spanning-tree**
->Switch# **show spanning-tree vlan** //vlan-id//
-<code>
-Switch#show spanning-tree vlan 1
-VLAN0001
-  Spanning tree enabled protocol rstp
-  Root ID    Priority    0
-             Address     0001.421C.5EA1
-             Cost        4
-             Port        25(GigabitEthernet0/1)
-             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
-  Bridge ID  Priority    1  (priority 0 sys-id-ext 1)
-             Address     0060.3E78.B994
-             Hello Time  2 sec  Max Age 20 sec  Forward Delay 15 sec
-             Aging Time  20
-Interface        Role Sts Cost      Prio.Nbr Type
----------------- ---- --- --------- -------- --------------------------------
-Fa0/23           Altn BLK 19        128.23   P2p
-Fa0/24           Altn BLK 19        128.24   P2p
-Gi0/1            Root FWD 4         128.25   P2p
-Gi0/2            Desg FWD 4         128.26   Shr
-</code>
-====== MST - Multiple Spanning Tree ======
->SW(config)# **spanning-tree mode mst**
->SW(config)# **spanning-tree mst configuration**
->SW(config-mst)# **name** //region_name (32 znaků)//
->SW(config-mst)# **revision** //number (0-35535)//
->SW(config-mst)# **instance** //number(0-15)// **vlan** //vlan_range//
->SW(config)# **spanning-tree mst** //instance-id// **root** {**primary** | **secondary**}[**diameter** diameter]
->SW(config)# **spanning-tree mst** //instance-id// priority //bridge-priority//
->SW(config-if)# spanning-tree mst instance-id cost cost
->SW(config-if)# spanning-tree mst instance-id port-priority port-priority
->SW(config)# **spanning-tree mst hello-time** //seconds//
->SW(config)# **spanning-tree mst forward-time** //seconds//
->SW(config)# **spanning-tree mst max-age** //seconds//
->SW(config-mst)# **show pending**
->SW# **show spanning-tree mst**
-====== Multilayer switching ======
-===== InterVLAN Routing =====
->Switch# **show interface** //type mod/num// **switchport**
-<code>
-Switch# show interface gigabitethernet 0/1 switchport
-Name: Gi0/1
-Switchport: Disabled
-Switch#
-</code>
-=== Konfigurace L2 portu: ===
->Switch(config)# **interface** //type mod/num//
->Switch(config-if)# **switchport**
->Switch(config-if)# **no shutdown**
-=== Konfigurace L3 portu: ===
->Switch(config)# **interface** //type mod/num//
->Switch(config-if)# **no switchport**
->Switch(config-if)# **ip address** //ip-address mask// [**secondary**]
->Switch(config-if)# **no shutdown**
-=== Konfigurace SVI portu: ===
->Switch(config)# **vlan** //vlan-id//
->Switch(config-vlan)# **name** //vlan-name//
->Switch(config-vlan)# **exit**
->Switch(config)# **interface vlan** //vlan-id//
->Switch(config-if)# **ip address** //ip-address mask// [**secondary**]
->Switch(config-if)# **no shutdown**
->Switch# **show interface vlan** //vlan-id//
->Switch# **show vlan**
->Switch# **show ip interface brief**
-===== Autostate of a SVI =====
-Zajistí, že tento interfejs nebude mít vliv na stav SVI:
->Switch(config-if)# **switchport autostate exclude**
-===== CEF Cisco Express Forwarding =====
-Na Cat3750 a 4500 lze vypnout:
->Switch(config-if)# **no ip route-cache cef**
->Switch(config-if)# **no ip cef**
-=== FIB table ===
->Switch# **show ip cef** [//type mod/num// | **vlan** //vlan-id//] [**detail**]
-<code>
-Switch# show ip cef vlan 101
-Prefix			Next Hop		Interface
-.1.1.0/24 		attached 		Vlan101
-.1.1.2/32 		10.1.1.2 		Vlan101
-.1.1.3/32 		10.1.1.3 		Vlan101
-</code>
->Switch# **show ip cef** [//prefix-ip prefix-mask//] [**longer-prefixes**] [**detail**]
-**longer-prefixes** - vypíše i routy s delší maskou než která byla specifikována v příkazu
-<code>
-Switch# show ip cef 10.1.0.0 255.255.0.0 longer-prefixes
-Prefix 			Next Hop 		Interface
-.1.1.0/24 		attached 		Vlan101
-.1.1.2/32 		10.1.1.2 		Vlan101
-.1.1.3/32 		10.1.1.3 		Vlan101
-.1.2.0/24 		attached 		Vlan102
-.1.3.0/26 		192.168.1.2 		Vlan99
-.168.1.3 		Vlan99
-.1.3.64/26 		192.168.1.2 		Vlan99
-.168.1.3 		Vlan99
-.1.3.128/26		192.168.1.4 		Vlan99
-.168.1.3	 	Vlan99
-[output omitted]
-</code>
-<code>
-Switch# show ip cef 10.1.3.0 255.255.255.192 detail
-.1.3.0/26, version 270, epoch 0, per-destination sharing
-packets, 0 bytes
-   via 192.168.1.2, Vlan99, 0 dependencies
-      traffic share 1
-      next hop 192.168.1.2, Vlan99
-      valid adjacency
-   via 192.168.1.3, Vlan99, 0 dependencies
-      traffic share 1
-      next hop 192.168.1.3, Vlan99
-      valid adjacency
-packets, 0 bytes switched through the prefix
-   tmstats: external 0 packets, 0 bytes
-            internal 0 packets, 0 byte
-</code>
-  * version = počet updatů CEF záznamu od vytvotření tabulky
-  * epoch = počet zahození CEF tabulky a vytvoření celé nové
-=== Adjacency table ===
->Switch# **show adjacency** [//type mod/num// | **vlan** //vlan-id//] [**summary** | **detail**]
-<code>
-Switch# show adjacency summary
-Adjacency Table has 106 adjacencies
-   Table epoch: 0 (106 entries at this epoch)
-   Interface		Adjacency Count
-   Vlan99 		21
-   Vlan101 		3
-   Vlan102 		1
-   Vlan103 		47
-   Vlan104 		7
-   Vlan105 		27
-</code>
-<code>
-Switch# show adjacency vlan 99 detail
-Protocol   Interface		Address
-IP	   Vlan99		192.168.1.2(5)
-packets, 0 bytes
-A5E45B145000E387D51000800
-				   ARP		01:52:50
-				   Epoch: 0
-IP	   Vlan99		192.168.1.3(5)
-packets, 104 bytes
-CF1C909A0000E387D51000800
-				   ARP		04:02:11
-				   Epoch: 0
-</code>
-  * **000A5E45B145**000E387D51000800 - Next-hop MAC adresa
-  * 000A5E45B145**000E387D5100**0800 - lokální MAC (MAC interface Vlan99)
-  * 000A5E45B145000E387D5100**0800** - Protocol type (IP)
-  * **ARP 01:52:50** - stáří ARP záznamu
-**Adjacency "glean state":**
-<code>
-Switch# show ip cef adjacency glean
-Prefix 			Next Hop		Interface
-.1.1.2/32 		attached 		Vlan101
-.0.0.0/8 		attached 		EOBC0/0
-[output omitted]
-Switch# show ip arp 10.1.1.2
-Switch# show ip cef 10.1.1.2 255.255.255.255 detail
-.1.1.2/32, version 688, epoch 0, attached, connected
-packets, 0 bytes
-   via Vlan101, 0 dependencies
-      valid glean adjacency
-</code>
-<code>
-Switch# show cef drop
-CEF Drop Statistics
-Slot	Encap_fail	Unresolved	Unsupported	No_route 	No_adj	ChkSum_Err
-RP	   8799327		 1	      45827	5089667 	    32 		0
-</code>
-<code>
-Switch# show cef not-cef-switched
-CEF Packets passed on to next switching layer
-Slot   No_adj   No_encap   Unsupp’ted   Redirect   Receive   Options   Access   Frag
-RP    3579706          0            0          0  41258564         0        0      0
-</code>
-===== DHCP na MLS =====
-=== Konfigurace DHCP serveru ===
->Switch(config)# **ip dhcp excluded-address** //start-ip end-ip//
->Switch(config)# **ip dhcp pool** //pool-name//
->Switch(config-dhcp)# **network** //ip-address subnet-mask//
->Switch(config-dhcp)# **default-router** //ip-address// [//ip-address2//] [//ip-adress3//] ...
->Switch(config-dhcp)# **lease** {**infinite** | {//days// [//hours// [//minutes//]]}}
->Switch# **show ip dhcp binding**
-=== Konfigurace DHCP Relay ===
-  * konfiguruje se na L3 interfejsu, který bude klientům ve svém subnetu provádět relay
-  * ip helper-address - lze zadat víckrát
->Switch(config)# **interface vlan5**
->Switch(config-if)# **ip address** //192.168.1.1 255.255.255.0//
->Switch(config-if)# **ip helper-address** //192.168.199.4//
-===== HSRP =====
->Switch(config-if)# **standby** //group(1-255 / 1-16)// **priority** //priority(0-255, def.100)//
->Switch(config-if)# **standby** //group// **timers** [**msec**] //hello// [**msec**] //holdtime//
-  * //hello// = 1-254 s nebo 15-999 ms (def. 3 s)
-  * //holdtime// = 1-255 s nebo 50-3000 ms (def. 10 s), doporučuje se trojnásobek Hello timeru
->Switch(config-if)# **standby** //group// **preempt** [**delay** [**minimum** //seconds//] [**reload** //seconds//]]
-  * //delay// - pozdržení převzetí aktivní role
-  * //minimum// - 0-3600s, měří se od chvíle kdy je router schopen převzít aktivní roli (interface up, nakonfigurování HSRP)
-  * //reload// - 0-3600s po restartu routeru, účelem je dát čas routovacím protokolům aby zkonvergovaly
->Switch(config-if)# **standby** //group// **track** //type mod/num// [//decrementvalue(def.10)//]
->Switch(config-if)# **standby** //group// **ip** //ip-address// [**secondary**]
->Switch(config-if)# **show standby** [**vlan** //vlan-id// | //type mod/num//] [**brief**]
-__Plaint-text Authentikace:__
->Switch(config-if)# **standby** //group// **authentication** //string//
-__MD5 Authentikace - string:__
->Switch(config-if)# **standby** //group// **authentication md5 key-string** [**0** | **7**] //string//
-__MD5 Authentikace key-chain:__
->Switch(config)# **key chain** //chain-name//
->Switch(config-keychain)# **key** //key-number//
->Switch(config-keychain-key)# **key-string** [**0** | **7**] //string//
->Switch(config)# **interface** //type mod/num//
->Switch(config-if)# **standby** //group// **authentication md5 key-chain** //chain-name//
-===== VRRP =====
->Switch(config-if)# **vrrp** //group(0-255)// **priority** //level(1-254,def.100)//
->Switch(config-if)# **vrrp** //group(0-255)// **timers advertise** [**msec**] //interval(def.1s)//
->Switch(config-if)# **vrrp** //group(0-255)// **timers learn**
->Switch(config-if)# **no vrrp** //group(0-255)// **preempt**
->Switch(config-if)# **vrrp** //group(0-255)// **preempt** [**delay** //seconds(def.0s)//]
->Switch(config-if)# **vrrp** //group(0-255)// **authentication** //string//
->Switch(config-if)# **vrrp** //group(0-255)// **ip** //ip-address// [**secondary**]
->Switch# **show vrrp** [**brief**]
->Switch# **show vrrp brief all**
->Switch# **show vrrp interface** //type mod/num//
-===== GLBP =====
->Switch(config-if)# **glbp** //group// **ip** [//ip-address// [**secondary**]]
->Switch# **show glbp** [//group//] [**brief**]
-=== AVG ===
->Switch(config-if)# **glbp** //group(0-1023)// **priority** //level(1-255, def.100)//
->Switch(config-if)# **glbp** //group// **preempt** [**delay minimum ** //seconds//]
->Switch(config-if)# **glbp** //group// **timers** [**msec**] //hellotime// [**msec**] //holdtime//
-  * //hellotime// - 1-60s nebo 50-60000ms
-  * //holdtime// - až 180s nebo 180000ms, musí být větší (ideálně třikrát) než hellotime
-=== AVF ===
->Switch(config-if)# **glbp** //group// **timers redirect** //redirect timeout//
-  * "redirect timer" - **0-3600 s**, defaultně **600 s**
-  * "timeout timer" - **700-64800** s (18h), def. **14400** s (4h)
->Switch(config)# **track** //object-number(1-500)// **interface** //type mod/num// {**line-protocol** | **ip routing**}
-  * **line-protocol** - sleduje line protocol up/down
-  * **ip routing** - sleduje zapnutý routing, nastavenou IP adresu, a line protocol na interfejsu
->Switch(config-if)# **glbp** //group// **weighting** //maximum// [**lower** //lower//] [**upper** //upper//]
-  * //lower// - 1-254, def. 1
-  * //upper// - 1-254, def. = 100 (defaultně = max weight)
->Switch(config-if)# **glbp** //group// **weighting track** //object-number// [**decrement** //value//]
-=== Load Balancing ===
->SW_AVG(config-if)# **glbp** //group// **load-balancing** [**round-robin** | **weighted** | **host-dependent**]
-  * //value// - 1-254. def. 10
-====== Supervizor and Route Processor Redundancy ======
- * první konfigurace se musí udělat na obou supervizorech
-  * pak už jen na aktivním (změny apod.)
->Router(config)# **redundancy**
->Router(config-red)# **mode** {**rpr** | **rpr-plus** | **sso**}
-  * **rpr-plus** - verze IOS obou supervizorů musejí být stejné, jinak to poběží jen jako **rpr**
->Router# **show redundancy states**
-<code>
-Router# show redundancy states
-	    my state = 13 -ACTIVE
-	  peer state = 8 -STANDBY HOT
-		Mode = Duplex
-		Unit = Secondary
-	     Unit ID = 2
-Redundancy Mode (Operational) = Route Processor Redundancy Plus
-Redundancy Mode (Configured) = Route Processor Redundancy Plus
-	Split Mode = Disabled
-      Manual Swact = Enabled
-    Communications = Up
-      client count = 11
-   client_notification_TMR = 30000 milliseconds
-	    keep_alive TMR = 9000 milliseconds
-	  keep_alive count = 1
-      keep_alive threshold = 18
-	     RF debug mask = 0x0
-</code>
-==== Synchronizace supervizorů ====
->Router(config)# **redundancy**
->Router(config-red)# **main-cpu**
->Router(config-r-mc)# **auto-sync** {**startup-config** | **config-register** | **bootvar**}
-Návrat do defaultu:
->Router(config-r-mc)# **auto-sync standard**
-==== Nonstop Forwarding ====
-BGP
->Router(config)# **router bgp** //as-number//
->Router(config-router)# **bgp graceful-restart**
-EIGRP
->Router(config)# **router eigrp** //as-number//
->Router(config-router)# **nsf**
-OSPF
->Router(config)# **router ospf** //process-id//
->Router(config-router)# **nsf**
-IS-IS
->Router(config)# **router isis** //process-id//
->Router(config-router)# **nsf** [**cisco** | **ietf**]
->Router(config-router)# **nsf interval** [//minutes//]
->Router(config-router)# **nsf t3** {**manual** //seconds// | **adjacency**}
->Router(config-router)# **nsf interface wait** //seconds//

wiki.lkaplan.cz

User Tools

Site Tools

Differences

Page Tools