Notes: CCENT – IOS Commands: Part 1

Notes: CCENT – IOS Commands: Part 1

Cisco IOS Technologies Official Website

!!!—Before I start ANYTHING, I would like you to remember to NEVER practice some of these commands on actual running production hardware, Routers, Switches, PIX/ASA devices, etc. You should be using either real lab hardware or a simulator like GNS3 or Packet Tracer. Using these commands will definitely cause problems in production networks, and you will most likely have a manager/boss/employee that will want run you over with their car or throw you in a wood chipper. (or probably fired and arrested.)—!!!

I will be using this router from GNS3 as an example for these notes:
Figure 1:

Here is the output for ‘show version’:

R1#show version
Cisco IOS Software, C2600 Software (C2600-IPBASEK9-M), Version 12.4(9)T, RELEASE SOFTWARE (fc1)
Technical Support:
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Sat 17-Jun-06 02:46 by prod_rel_team

ROM: ROMMON Emulation Microcode
ROM: C2600 Software (C2600-IPBASEK9-M), Version 12.4(9)T, RELEASE SOFTWARE (fc1)

R1 uptime is 1 minute
System returned to ROM by unknown reload cause - suspect boot_data[BOOT_COUNT] 0x0, BOOT_COUNT 0, BOOTDATA 19
System image file is "tftp://"

!!!!-----OUTPUT OMITTED-----!!!!

If you require further assistance please contact us by sending email to

Cisco 2621 (MPC860) processor (revision 2.2) with 56320K/9216K bytes of memory.
Processor board ID FTX0945W0MY
M860 processor: part number 0, mask 0
3 FastEthernet interfaces
2 Serial interfaces
128K bytes of NVRAM.
8192K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102

Here is the output for ‘show run’:

R1#show run
Building configuration...

Current configuration : 761 bytes
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R1
no aaa new-model
resource policy
memory-size iomem 15
ip cef
no ip domain lookup
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
interface Serial0/0
 no ip address
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
interface Serial0/1
 no ip address
interface FastEthernet1/0
 no ip address
 duplex auto
 speed auto
no ip http server
no ip http secure-server
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0 4

Because GNS3 does not emulate a switch IOS (there is a way to emulate a switch using a router), I will be instead using this switch from Packet Tracer:
Figure 2:

Here is the output for SW1, ‘show version’:

SW1#show version
Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(25)FX, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 12-Oct-05 22:05 by pt_team

ROM: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)FX, RELEASE SOFTWARE (fc4)

System returned to ROM by power-on

Cisco WS-C2960-24TT (RC32300) processor (revision C0) with 21039K bytes of memory.

24 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)

63488K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : 0060.3E17.6D9B
Motherboard assembly number     : 73-9832-06
Power supply part number        : 341-0097-02
Motherboard serial number       : FOC103248MJ
Power supply serial number      : DCA102133JA
Model revision number           : B0
Motherboard revision number     : C0
Model number                    : WS-C2960-24TT
System serial number            : FOC1033Z1EY
Top Assembly Part Number        : 800-26671-02
Top Assembly Revision Number    : B0
Version ID                      : V02
CLEI Code Number                : COM3K00BRA
Hardware Board Revision Number  : 0x01

Switch   Ports  Model              SW Version              SW Image
------   -----  -----              ----------              ----------
*    1   26     WS-C2960-24TT      12.2                    C2960-LANBASE-M

Configuration register is 0xF

Here is the output of SW1 for ‘show run’:

%SYS-5-CONFIG_I: Configured from console by console
show run
Building configuration...

Current configuration : 1006 bytes
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
hostname SW1
interface FastEthernet0/1
interface FastEthernet0/2
interface FastEthernet0/3
interface FastEthernet0/4
interface FastEthernet0/5
interface FastEthernet0/6
interface FastEthernet0/7
interface FastEthernet0/8
interface FastEthernet0/9
interface FastEthernet0/10
interface FastEthernet0/11
interface FastEthernet0/12
interface FastEthernet0/13
interface FastEthernet0/14
interface FastEthernet0/15
interface FastEthernet0/16
interface FastEthernet0/17
interface FastEthernet0/18
interface FastEthernet0/19
interface FastEthernet0/20
interface FastEthernet0/21
interface FastEthernet0/22
interface FastEthernet0/23
interface FastEthernet0/24
interface GigabitEthernet1/1
interface GigabitEthernet1/2
interface Vlan1
 no ip address
line con 0
line vty 0 4
line vty 5 15

Some History:
As you may notice (or may not, that’s fine), Cisco’s IOS in, it’s earliest forms was actually based on Unix. This is because before Cisco, a lot of routers were actualy based on Unix in the first place.  As Cisco’s IOS started becoming more and more defined, it was later based on Linux.

There are lots and lots and lots of Cisco IOS versions developed by Cisco, and they all do a vast array of different things.
The version  we see on R1(Figure1), is C2600-IPBASEK9-M – Version 12.4(9)T.  Every part of a Cisco IOS’s version name has a meaning.
I’m not going to  delve deep into Versions and builds, because I really want to get to what these set of notes are all about.


  • ‘C2600’ – This is the hardware platform, meaning its an IOS developed for 2600 series routers.
  • ‘IPBASEK9’ – This is the feature set that shows the capabilities of the operating system. IPBase is the entry level IOS.
  • M’ – Indicates the memory location of the IOS.
  • ‘Version 12.4’ – Is the ‘Train Number’, the version release of IPBaseK9.
  • ‘(9)’ – Maintenance ID
  • ‘T’ – This the ‘Train ID’.

One thing I really want to point out here, is that Cisco’s IOS has a hierarchical system of where commands can be used. There are modes that allow you to only do certain things on an IOS, and there are modes that can allow you to completely configure a Cisco device. Basically, what mode you are in, determines what commands are available to you. When you take your exam, you should definitely be able to point these out and tell them apart.

  • ‘Setup Mode’ – This mode usually appears when you first power on a router and a have no configuration in place. Here the router will walk you through basic configurations that you may use in your network. You will find admins hardly ever use the mode, because again, it’s very basic, and you’ll find you have a lot more power when you completely configure a router or switch from it’s basic defaults by yourself. When the router prompts you if you wish to ‘Continue with configuration dialog? [yes/no]:’ I usually input no. We don’t want to get involved with basic setup.
             --- System Configuration Dialog ---
    Continue with configuration dialog? [yes/no]: no
    Press RETURN to get started!
  • ‘User Exec’
    In this mode, you are not allowed to do too many things to the Cisco device itself. This is more of a restricted mode where you can’t make changes at all. You can however do things such as:
    -Show the memory statistics. (‘show memory’)
    Show the version of the IOS (‘show version’)
    Show the device’s clock (‘show clock’)
    Show the users that are currently logged into the device (show users)
    Initiate telnet or ssh sessions to other devices (‘telnet’ and ‘ssh’)
    Perform traceroutes (‘traceroute’ ip address or hostname)
    Perform pings (ICMP Echo requests) (‘ping’ ip address or hostname)What User Exec Mode looks like:


    The Commands you can find in Exec Mode:

    Exec commands:
      access-enable    Create a temporary Access-List entry
      access-profile   Apply user-profile to interface
      clear            Reset functions
      connect          Open a terminal connection
      crypto           Encryption related commands.
      disable          Turn off privileged commands
      disconnect       Disconnect an existing network connection
      enable           Turn on privileged commands
      exit             Exit from the EXEC
      help             Description of the interactive help system
      lock             Lock the terminal
      login            Log in as a particular user
      logout           Exit from the EXEC
      modemui          Start a modem-like user interface
      mrinfo           Request neighbor and version information from a multicast
      mstat            Show statistics after multiple multicast traceroutes
      mtrace           Trace reverse multicast path from destination to source
      name-connection  Name an existing network connection
      pad              Open a X.29 PAD connection
      ping             Send echo messages
      ppp              Start IETF Point-to-Point Protocol (PPP)
      release          Release a resource
      renew            Renew a resource
      resume           Resume an active network connection
      rlogin           Open an rlogin connection
      set              Set system parameter (not config)
      show             Show running system information
      slip             Start Serial-line IP (SLIP)
      ssh              Open a secure shell client connection
      systat           Display information about terminal lines
      telnet           Open a telnet connection
      terminal         Set terminal line parameters
      traceroute       Trace route to destination
      tunnel           Open a tunnel connection
      udptn            Open an udptn connection
      where            List active connections
      x28              Become an X.28 PAD
      x3               Set X.3 parameters on PAD

    You can see there are quite a plethora of commands here. Lots, and Cisco doesn’t expect you to know them all off by heart. Hence why you can use ‘?’ in the IOS.

  • ‘Privileged Mode’ – Privileged Mode is where you start getting into a part of the hierarchy in the IOS that allows you to actually manage features and configure  certain parameters.
    What privileged mode looks like:


    Now, I’ll tell you right now, that the list of available commands Privileged Mode will give you is just downright enormous, so there isn’t really a reason to show you the entire output. Instead I’ll go through and pick out the commands you need to concern yourself with.
    A list of available commands in privileged mode:

    Exec commands:
      configure        Enter configuration mode
      copy             Copy from one file to another
      debug            Debugging functions (see also 'undebug')
      disable          Turn off privileged commands
      enable           Turn on privileged commands
      erase            Erase a filesystem
      exit             Exit from the EXEC
      help             Description of the interactive help system
      lock             Lock the terminal
      login            Log in as a particular user
      logout           Exit from the EXEC
      ping             Send echo messages
      reload           Halt and perform a cold restart
      traceroute       Trace route to destination
      undebug          Disable debugging functions (see also 'debug')
      vlan             Configure VLAN parameters
      write            Write running configuration to memory, network, or terminal

    Yeah, quite scary I’m sure. Like I said, Cisco doesn’t expect you to know what each and every command does on a Cisco device. Just the basics of the IOS. Here you can see that you can do a lot of things you can do in the User Exec mode. But this is where it gets deeper, you can ‘show’ even more things here, such as the running config (refer to Figure1  and Figure2).

    The show list also gets extremely long, so what I’ll point out are the more important things you need to no about right now.

     R1#show ?
      access-lists              List access lists
      adjacency                 Adjacent nodes
      cdp                       CDP information
      clock                     Display the system clock
      configuration             Configuration details
      controllers               Interface controller status
      flash:                    display information about flash: file system
      frame-relay               Frame-Relay information
      history                   Display the session command history
      hosts                     IP domain-name, lookup style, nameservers, and host
      interfaces                Interface status and configuration
      inventory                 Show the physical inventory
      ip                        IP information
      logging                   Show the contents of logging buffers
      mac-address-table         MAC forwarding table
      memory                    Memory statistics
      processes                 Active process statistics
      protocols                 Active network routing protocols
      running-config            Current operating configuration
      sessions                  Information about Telnet connections
      spanning-tree             Spanning tree topology
      startup-config            Contents of startup configuration
      trunk                     Trunk info
      version                   System hardware and software status
      vlans                     Virtual LANs Information
      vtp                       VTP information

  • ‘Global Config’ – Global config is the mode in IOS where all of your configurations are made. As well as moving into it’s sub-configuration modes for routing protocols, interfaces, and a lot of key configurations that “globally” affect the router are made here. In this mode you have the power to do everything basically. (With power comes responsibility.)
    What global config looks like:


    Because the global config level lets you configure just about every parameter in the Cisco IOS, this mode has a huge plethora of switch options. Here are some of  the commands you need to be concerned with:

    Configure commands:
      access-list                 Add an access list entry
      banner                      Define a login banner
      boot                        Modify system boot parameters
      cdp                         Global CDP configuration subcommands
      clock                       Configure time-of-day clock
      crypto                      Encryption module
      do                          To run exec commands in config mode
      enable                      Modify enable password parameters
      end                         Exit from configure mode
      frame-relay                 global frame relay configuration commands
      ftp-server                  FTP Server configuration commands
      help                        Description of the interactive help system
      hostname                    Set system's network name
      interface                   Select an interface to configure
      ip                          Global IP configuration subcommands
      line                        Configure a terminal line
      logging                     Modify message logging facilities
      login                       Enable secure login checking
      password                    Configure encryption password (key)
      shutdown                    Shutdown system elements
      spanning-tree               Spanning Tree Subsystem
      trunk                       Global trunk configuration
      username                    Establish User Name Authentication
      vlan                        VLAN commands
      vtp                         Configure global VTP state
  • ‘Interface Level (config-if)’ – This is a mode used to configure interface parameters. You find you are in a certain interface’s configuration when you see this: (for instance, here we entered the configuration mode for the router’s ethernet interface.)
    R1(config)#interface fastEthernet 0/0

    In this mode you will be configuring all sorts of parameters for interfaces, they couldahh be Ethernet, Serial, Fiber, Sub-interfaces, loopbacks, etc. These are parameters you should be concerned with at this point: (All these commands are grouped together for multiple interface types):

    Interface configuration commands:
      cdp                     CDP interface subcommands
      clock                   Configure serial interface clock
      duplex                  Configure duplex operation.
      exit                    Exit from interface configuration mode
      encapsulation           Set encapsulation type for an interface
      ip                      Interface Internet Protocol config commands
      logging                 Configure logging for interface
      shutdown                Shutdown the selected interface
      speed                   Configure speed operation.
  • Line (config-line) – This is where you configure the parameters for telnet, such as the password, privilege level, timeout, etc.
    Line configuration commands:
      exec-banner                 Enable the display of the EXEC banner
      exec-timeout                Set the EXEC timeout
      exit                        Exit from line configuration mode
      history                     Enable and control the command history function
      logging                     Modify message logging facilities
      login                       Enable password checking
      motd-banner                 Enable the display of the MOTD banner
      no                          Negate a command or set its defaults
      password                    Set a password
      privilege                   Change privilege level for line
      session-timeout             Set interval for closing connection when there is
                                  no input traffic
      telnet                      Telnet protocol-specific configuration
      terminal-type               Set the terminal type
      timeout                     Timeouts for the line
  • ‘Protocol Level (config-router)’ – This mode is when you’re adding network statements for which subnets you want the router to advertise out it’s interfaces. There are  quite a plethora of switches to configure routing parameters. For the CCNA the ones you should really be concerned with is, RIP, RIPv2, EIGRP, and OSPF. Other protocols are for more advanced studies.
    R1(config)#router ?
      bgp       Border Gateway Protocol (BGP)
      eigrp     Enhanced Interior Gateway Routing Protocol (EIGRP)
      isis      ISO IS-IS
      iso-igrp  IGRP for OSI networks
      mobile    Mobile routes
      odr       On Demand stub Routes
      ospf      Open Shortest Path First (OSPF)
      rip       Routing Information Protocol (RIP)
    R1(config)#router rip