IOS Tips and Tricks – Part 1

Let’s look at some things we can do with Cisco’s IOS to make our lives easier. Here are some useful commands, followed (in parentheses) by their most concise shortcuts at the time of this writing. Although I’m showing them on a router, these commands also work on the IOS-based switches.

As you may know, when interacting with IOS from the command line interface (CLI), there are two main EXEC modes, “user” and “privileged” (the latter is also referred to as “enabled” mode). In “user” mode, you can do limited examination of the device (via “show” commands), and the prompt appears as the device’s hostname (“Router” in this example) followed by the “greater-than” symbol:

  • Router>


In contrast with user mode, in “privileged” mode you can see everything the device is capable of displaying (via “show” commands), access the various configuration modes, and execute the “copy” and “debug” commands, among others. To access privileged mode, use the command “enable”:

  • Router>enable (“en”)
  • Router#

As you can see, when in privileged mode, the hostname is followed by the “pound sign”. If necessary, you can move from privileged mode back to user mode with the “disable” command:

  • Router#disable (“disa”)
  • Router>

You can enter “global configuration mode” from privileged mode:

  • Router#configure terminal (“conf t”)
  • Router(config)#

Nothing requires you to use the briefest shortcuts. For example, many people shortcut the command “configure terminal” as “conf term”, “config t”, or “config term”. Find the shortcuts you like, and use them. With these basics in mind, let’s move on to some ways to streamline our work environment.

By default, if you mistype a command, the router will attempt to resolve it as a hostname via DNS. This will ultimately fail if there is no DNS server available, but it will take time (behind the scenes it makes twelve attempts). To speed things up, you can tell the device not to bother, like this:

  • Router(config)#no ip domain-lookup (“no ip domain-lo”)

Speaking of name-to-address resolution, you can manually build a host table that allows you to use the IP utilities (ping, trace, telnet, etc) by host name:

  • Router(config)#ip host Big_Switch 1.2.3.4
  • Router(config)#ip host SmallSwitch 10.20.30.40
  • Router(config)#ip host TFTP-Server 100.200.50.150

Once you’ve created it, you can display the host table:

  • Router#show host (“s ho”)

Remember that when shortcutting commands, you can only shortcut the keywords, not the variables (such as names or IP addresses).
When various events occur, the device will display informational messages on the console. If you’re annoyed by these console messages, you can shut them off:

  • Router(config)#no logging console (“no logg con”)

Unfortunately, if you disable console logging, you won’t receive any more of those very informative console messages! Nor will you see any debug output, even if debugs are running. I suggest that a better way is to leave the console logging enabled (“logg con”), and synchronize the console output with your typing, like this:

  • Router(config-line)#logging synchronous (“logg s”)

Now if a console message appears while you are typing, it will display the message, and then re-display your input right where you left off, so that you can keep typing. It’s the best of both worlds.

In a lab environment, it’s sometimes handy to disable the inactivity timeout for the console line (the default setting is ten minutes):

  • Router(config)#line console 0 (“lin c 0”)
  • Router(config-line)#exec-timeout 0 (“exec-t 0”)

It also works for the aux and vty lines. You can also use “no exec-timeout”, but be careful not to shortcut it to “no exec”, which shuts off the EXEC process, preventing future logins via the line. I made this mistake once, so I don’t recommend it.

Aside from saving a router or switch configuration to NVRAM, it’s always a good idea to have a backup copy of your current configuration in a separate location in case the device bursts into flame and needs to be replaced. You can do this with “copy run tftp” (or similar), but this requires a file server.

Another way is to do a “show run”, and capture the output to a file. The problem is that as the config is displayed, it will give the “more” prompt every 24 lines (by default). You can disable the “more” function like this:

  • Router#terminal length 0 (“ter l 0”)

Now you can do the “show run” (or whatever) and obtain a continuous output stream. When you’re done with the capture, don’t forget to reset the terminal length to enable the “more” function:

  • Router#terminal length 24 (“ter l 24”)

And speaking of “terminal” commands, remember that to see console messages and debug output in a vty session (telnet or SSH) or the aux port, you have to specifically request it from within the session:

  • Router#terminal monitor (“ter mon”)

While we’re on the subject of debugs, you can display a list of all of the debugs that are currently running:

  • Router#show debugging (“s deb”)

And you can disable all of the running debugs with:

  • Router#no debug all (“no deb all”)

To save a few keystrokes, you can also do it like this:

  • Router#undebug all (“u all”)

Next time, we’ll continue with more helpful commands and shortcuts.

Author: Al Friebe

In this article

Join the Conversation