Cisco IOS-XR

From Dave-Wiki
Revision as of 01:10, 13 February 2024 by Dave (talk | contribs)
Jump to navigation Jump to search

General

Show Pending Commit Changes

 # show commit changes diff

Show all VLANs in a building

(might not be applicable if you don't work where I work) 

 # sh run int be 1[BLDG#].*

Find MAC Addresses in ARP Table

(must know VRF first) 

 # sh arp vrf r[0000] | inc [last4MAC]

Show DHCP Helper(s) for a VRF

 # sh run | beg profile r1570 relay

Show Uptime of a Node/Linecard

 admin show logging onboard uptime loc 1/0/CPU0


SFP/Optics

Show Optical Transceiver Info

 # sh controllers Hu0/0/0/7 phy


Initial Config

OOB Management & SSH Config

 hostname router-1
 
 domain vrf management name davehome.net
 domain vrf management name-server 10.4.4.4
 domain vrf management name-server 10.8.8.8
 
 vrf management
  description OOB Management
  address-family ipv4 unicast
  !
 !
 
 control-plane
  management-plane
   out-of-band
    vrf management
    interface MgmtEth0/RP0/CPU0/0
    root
   !
  !
 !
 
 interface MgmtEth0/RP0/CPU0/0
  vrf management
  ipv4 address 10.16.0.2 255.255.255.0
  no shutdown
 !
 
 router static
  vrf management
   address-family ipv4 unicast
    0.0.0.0/0 10.16.0.1
   !
  !
 !
 
 ssh server v2
 ssh server vrf management

TACACS Config

 tacacs source-interface MgmtEth0/RP0/CPU0/0 vrf management
 
 aaa group server tacacs+ authservers
  vrf management
  server-private 10.9.1.1 port 49
   key 0 <insert key here>
  !
  server-private 10.9.2.2 port 49
   key 0 <insert key here>
  !
 !
 
 aaa accounting exec default start-stop group authservers
 aaa accounting system default start-stop group authservers
 aaa accounting commands default start-stop group authservers
 aaa authorization exec default group authservers local
 aaa authorization commands default group authservers local
 aaa authentication login default group authservers local

Smart Licensing

1. In config mode: 

 call-home
  vrf management
  service active
  contact smart-licensing
  source-interface MgmtEth0/RP0/CPU0/0
  profile CiscoTAC-1
   active
   destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
   destination transport-method http
  !
 !
 
 crypto ca trustpoint Trustpool
  vrf management

2. In exec mode:

Our NCS' didn't ship with all the CA's, so we downloaded them: 

 crypto ca trustpool import url http://www.cisco.com/security/pki/trs/ios.p7b

3. Check to make sure CA's were installed (should be more than five certs now): 

 show crypto ca trustpool

4. Now license the router: 

 license smart register idtoken <insert_token_here>

 show license status
Retrieved from "https://davehome.net/wiki/index.php?title=Cisco_IOS-XR&oldid=131"