Tips and Tricks cisco cli command

Welcome,
To configured Cisco devices you must working In cli. Cli isn't so friendly as windows interface, but offers some useful thing to move more easily in command line interface .

First command which help us is INCLUDE or BEGIN

INCLUDE

Example:

When we want display Only this interface which is In vlan 31 we can use „#show interfaces status” but then it will display all interfaces.




But when we use #show interfaces status | include 31 it will show as only interfaces In vlan 31



Include works like grep linux command and display only this line what have specifics strings


Begin

"Begin" command starts displaying configuration, starting from specific string:
For example: we want see Interface configuration where is some specific description like some server name. We don’t need display all configuration and search by own this interface we can use ” show run | begin server1 „



Because interface configuration always starts at description this command shows to as all configuration of this specifics interface


Another command is „do”

If we want set the interface to some vlan but we are In interface mode :

„switch(config-if)#” and we forgot what was the number the vlan what we want set. We use then „do show vlan „



Thanks to this command we can use all command from privilege mode in config mode isn’t beautiful :)

Very useful command "range"

What to do if we want set port security to all 48 interfaces . We don’t enter to config mode each one interface. We used range !!!



And now we can set port security in all interface in one time.


The last command is "reload in"

When you configured router remotely you can always do some mistakes special when you added some new access-list and you cut off access to router. In this case you can call to someone but if there is no body ? In this case you can use command "reload in 30" to order the router to reboot in 30 minutes then startup configuration will return and you can again access to router. To cancel the counter using "reload cancel".




You must remember to always create description on interface it will be very useful in some case of emergency and to normal working in cisco devices.

This command you can used in many situation -use your invention! :)

Pancakes witch spinach

Hello
to Have power for fight against traps and Secrets of network technology, we have to eat good healthy food . I propose recipe for pancakes witch spinach

I don't tell you exactly how many regs you must use. Everything depends on your tast. I invite you to experiment.

First
how to do pancakes !!!


regs:flour, eggs , water, salt
Devices: some bowl where we will mix the cake and mixer

Everything what we need i show on the photo below:






we pour milk, water , eggs , and salt to bin . Start the mixer and mix milk ,eggs ,water and salt in the same time pour flour until everything will have glue consistency. It is better when cake have more molted consistency because pancakes must be very thin like on the photo below:





We must fray pancakes on hot skillet but on small flame, to not burn the pancakes.

When our pancakes are ready, we can start making spinach.



regs: leaf of spinach , salt, peeper , Persian walnut , garlic, relish to soup called "magia" , yogurt or cream and water or extra-virgin olive oil,

devices: pot, something to crush the garlic , glass

Like on photo below:






And now we pour little olive to bin or water to not burned the bin . Next, we put spinach and - if he is frozen- we cover the bin and let it on thin fire to defrosted spinach. After, when our spinach is warm we put peeper , salt , "magia" and on the end we crush the garlic like on the photo:





In the end we pour little yogurt and billed two minutes more, then we turn off the fire under the bin. Now we must put the spinach and nuts on the pancakes and scroll pancakes:




We organised scrolled pancakes site by site in the casserole. But before that we must smeared the casserole using butter :





Now we prepare the tomato . First, we remove the skin from tomato gently slash the skin on top and pour this using boiled water.






After that we can easily remove skin from tomato and then cut to on the paces and put on the pancakes:




IN the end we put on everything the slice of cheese and nuts . Pour in a glass of milk and put to the cooker:





We must cook until cheese change colour of gold:





Extra we can do the garlic sauce
mixed the crushed garlic, yogurt, one teaspoon of juice from lemon and paper


shopping list:
pancakes: flour, eggs , water, salt

spinach:leaf of spinach , salt, peeper , Persian walnut , garlic, relish to soup called "magia" , yogurt or cream and water or extra-virgin olive oil,

and tomato and cheese

Garlic souce: garlic , yogurt , one teaspoon of juice form lemon and paper

ip dhcp snooping en

Hi !
Under you will see my post about Ip DHCP snooping in english, I donn't have so many experience in writing in english, so you have to forgive me ;) I t will be great when you could correct me for making this post better :)


In my opinion Cisco device is not used In 100%. Often happened that company acquire very expensive devise and use it like ordinary cheap switch. Cisco gives as so unbelievable possibility as prevent against some unpredictable surprises. Some example of this surprise can be some wild dhcp server in our network. It doesn’t matter if wild dhcp get to our network because some user install this services on own computer or some admin install server for testing. Network administrator must prevent against this unwonted situations special when we have so advanced tools like cisco device.
Ok lets start from the beginning.
This is first command,which turn on the dhcp reqest filtering
Config)# ip dhcp snooping
Next we must show what vlan we want filtering.
Config)# ip dhcp snooping vlan xx
In next steps we will see very interesting commands. When we use dhcp-agent command, switch starts searching information about ip binding by information included in option 82. Unnecessary not every dhcp server send option 82 information and switch start blocking requests special when you are using dhcp-relay agent . Using this command we are forcing swith to not searching information putted in to option 82

Config)# no ip dhcp snooping information option
There is the option to force switch to put onself option 82 information in to the dhcp packets
Config)# ip dhcp snooping information option
I read somewhere in the interent that when we have gateway vlan interfejs set on the switch we must put command below on this interface
Config-if)# ip helper-address 10.128.0.11
Config-if)# ip dhcp relay information trusted

Don’t forget to putting trust command on the interfejs where dhcp are connected
Config-if)# ip dhcp snooping trust
We must remember that when we use this command on trunk interface to another switch that’s mean that we let in all dhcp reqest packet from dhcp server connect to this another switch even if some of this dhcp server is illegal. This is the reason that we must set ip dhcp snooping on all switch connect in our network.
Using ip dhcp snooping we can defend against many dhcp request what can deplete our ip address pool. Put this command on interfeis connect to each host wich parameter 5. Parametr 5 means how meny reqesut on one second port can recive dhcp request.
Config-if)# ip dhcp snooping limit rate
In the end “show command” shows information,which mac address get ip address. Switch gater itself this information from dhcp reqest packet, which received from port where is turn on ip dhcp snooping trust option

Switch# show ip dhcp snooping binding
MacAddress IP Address  Lease (seconds)  Type  VLAN  Interface
----------- -----------  ----------------  -----  -----  ------------
0000.0100.0201 10.0.0.1 1600 dynamic 100 FastEthernet2/1

When our dhcp ip spoofing is working, we can implement ip arp inspection. Mac address and ip address will be checking by binding address from dhcp serwer
Conf)# ip arp inspection vlan xxx
And here we are. We secured Network against problem, which in very optimistic case can only block our network traffic. In the worst scenario wild dhcp server can be used for stealing some important data. It takes only 5 minutes to implementing this but we score defence against some serius danger.
All we have in downstairs link
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/13ew/configuration/guide/dhcp.html