Cisco IOS-XR

From Dave-Wiki
Jump to navigation Jump to search


Show Pending Commit Changes

 show commit changes diff

Show all VLANs in a building

(might not be applicable if you don't work where I work)

 show run int be 1[BLDG#].*

Find MAC Addresses in ARP Table

(must know VRF first)

 show arp vrf r[0000] | inc [last4MAC]

Show DHCP Helper(s) for a VRF

 show run | beg profile r1570 relay

Show Uptime of a Node/Linecard

 admin show logging onboard uptime loc 1/0/CPU0

Packet Capture

1. On A9k:

Add monitor-session to the interface on which you wish to perform packet capture. If the monitor session is already on another interface, you may want to remove it from there first.

 (config)# conf
 (config)# int be10121.910
 (config-subif)# monitor-session rsb ethernet

2. On capture server (i.e., rsb-9k):

 sudo tcpdump -ni p2p1 -w cap1.pcap
don't resolve IP addresses
specifies interfaces to listen on
output file

Show any current monitor-sessions:

 show monitor-session rsb status


Edit a Prefix List

 edit prefix-list [prefix-list name] vim

Clear an ARP Entry

 clear arp-cache bundle-ether 20011.2105 [A.B.C.D] location all


Show Optical Transceiver Info

 show controllers Hu0/0/0/7 phy

Initial Config

OOB Management & SSH Config

 hostname router-1
 domain vrf management name
 domain vrf management name-server
 domain vrf management name-server
 vrf management
  description OOB Management
  address-family ipv4 unicast
    vrf management
    interface MgmtEth0/RP0/CPU0/0
 interface MgmtEth0/RP0/CPU0/0
  vrf management
  ipv4 address
  no shutdown
 router static
  vrf management
   address-family ipv4 unicast
 ssh server v2
 ssh server vrf management


 tacacs source-interface MgmtEth0/RP0/CPU0/0 vrf management
 aaa group server tacacs+ authservers
  vrf management
  server-private port 49
   key 0 <insert key here>
  server-private port 49
   key 0 <insert key here>
 aaa accounting exec default start-stop group authservers
 aaa accounting system default start-stop group authservers
 aaa accounting commands default start-stop group authservers
 aaa authorization exec default group authservers local
 aaa authorization commands default group authservers local
 aaa authentication login default group authservers local

Smart Licensing

1. In config mode:

  vrf management
  service active
  contact smart-licensing
  source-interface MgmtEth0/RP0/CPU0/0
  profile CiscoTAC-1
   destination address http
   destination transport-method http
 crypto ca trustpoint Trustpool
  vrf management

2. In exec mode:

Our NCS' didn't ship with all the CA's, so we downloaded them:

 crypto ca trustpool import url

3. Check to make sure CA's were installed (should be more than five certs now):

 show crypto ca trustpool

4. Now license the router:

 license smart register idtoken <insert_token_here>
 show license status