Day-21: Cisco IOS Command Structure.

By | June 7, 2022

IOS has a command hierarchy

Router>– User EXEC mode
Router#– Privileged EXEC mode
Router(config)#– Configuration mode (notice the # sign indicates this is accessible only at privileged EXEC mode)
Router(config-if)#– Interface level within configuration mode
Router(config-router)#– Routing engine level within configuration mode
Router(config-line)#– Line level (vty, tty, async) within configuration mode

User Mode.

In user mode we cant configure anything, Only we can read and execute a few basic commands but we can’t change anything.User EXEC level allows you to access only basic monitoring commands

3750>?
Exec commands:
  <1-99>           Session number to resume
  access-enable    Create a temporary Access-List entry
  access-profile   Apply user-profile to interface
  clear            Reset functions
  connect          Open a terminal connection
  disable          Turn off privileged commands
  disconnect       Disconnect an existing network connection
  do-exec          Mode-independent "do-exec" prefix support
  emm              Run a configured Menu System
  enable           Turn on privileged commands
  ethernet         Ethernet parameters
  exit             Exit from the EXEC
  help             Description of the interactive help system
  lock             Lock the terminal
  login            Log in as a particular user
  logout           Exit from the EXEC
  mrinfo           Request neighbor and version information from a multicast router
  mstat            Show statistics after multiple multicast traceroutes
  mtrace           Trace reverse multicast path from destination to source
  name-connection  Name an existing network connection
  ping             Send echo messages
  platform         Platform CPU commands
  platform         Platform specific command
  rcommand         Run command on remote switch
  release          Release a resource
  renew            Renew a resource
  rep              Resilient Ethernet Protocol Exec Commands
  resume           Resume an active network connection
  routing-context  Routing Context
  set              Set system parameter (not config)
  show             Show running system information
  systat           Display information about terminal lines
  tclquit          Quit Tool Command Language shell
  telnet           Open a telnet connection
  terminal         Set terminal line parameters
  traceroute       Trace route to destination
  tunnel           Open a tunnel connection
  where            List active connections

3750>

Privilege Mode.

privileged EXEC level allows you to access few commands. Privileged EXEC level can be password protected to allow only authorized users the ability to configure or manage the router. But you can’t change any major configurations such as Routing protocols configurations, Switching protocols etc.

3750#?
Exec commands:
  <1-99>           Session number to resume
  access-enable    Create a temporary Access-List entry
  access-profile   Apply user-profile to interface
  access-template  Create a temporary Access-List entry
  archive          manage archive files
  attach           Console for a module
  beep             Blocks Extensible Exchange Protocol commands
  calendar         Manage the hardware calendar
  call-home        Call-Home commands
  cd               Change current directory
  clear            Reset functions
  clock            Manage the system clock
  cns              CNS agents
  configure        Enter configuration mode
  connect          Open a terminal connection
  copy             Copy from one file to another
  debug            Debugging functions (see also 'undebug')
  delete           Delete a file
  diagnostic       Diagnostic commands
  dir              List files on a filesystem
  disable          Turn off privileged commands
  disconnect       Disconnect an existing network connection
  do-exec          Mode-independent "do-exec" prefix support
  dot1x            IEEE 802.1X Exec Commands
  emm              Run a configured Menu System
  enable           Turn on privileged commands
  eou              EAPoUDP
  erase            Erase a filesystem
  ethernet         Ethernet parameters
  event            Event related commands
  exit             Exit from the EXEC
  format           Format a filesystem
  fsck             Fsck a filesystem
  help             Description of the interactive help system
  hw-module        Apply command (e.g. reset) to specified hardware target
  if-mgr           IF-MGR operations
  ip               Global IP commands
  lock             Lock the terminal
  logging          Handles logging operations
  login            Log in as a particular user
  logout           Exit from the EXEC
  macro            Exec level macro commands
  mediatrace       Mediatrace Commands
  mkdir            Create new directory
  monitor          Monitoring different system events
  more             Display the contents of a file
  mrinfo           Request neighbor and version information from a multicast router
  mrm              IP Multicast Routing Monitor Test
  msp              Exec command to attach profile to flow
  mstat            Show statistics after multiple multicast traceroutes
  mtrace           Trace reverse multicast path from destination to source
  name-connection  Name an existing network connection
  no               Disable debugging functions
  ping             Send echo messages
  platform         Platform CPU commands
  platform         Platform specific command
  pwd              Display current working directory
  rcommand         Run command on remote switch
  release          Release a resource
  reload           Halt and perform a cold restart
  remote           Remote commands
  rename           Rename a file
  renew            Renew a resource
  rep              Resilient Ethernet Protocol Exec Commands
  resume           Resume an active network connection
  rmdir            Remove existing directory
  routing-context  Routing Context
  rsh              Execute a remote command
  send             Send a message to other tty lines
  session          Console session for a module
  set              Set system parameter (not config)
  show             Show running system information
  spec-file        format spec file commands
  systat           Display information about terminal lines
  tclquit          Quit Tool Command Language shell
  tclsh            Tool Command Language shell
  telnet           Open a telnet connection
  terminal         Set terminal line parameters
  test             Test subsystems, memory, and interfaces
  traceroute       Trace route to destination
  tunnel           Open a tunnel connection
  udld             UDLD protocol commands
  undebug          Disable debugging functions (see also 'debug')
  upgrade          Upgrade commands
  verify           Verify a file
  vmps             VMPS actions
  vstack           Vstack Exec Commands
  vtp              Configure global VTP state
  where            List active connections
  which-route      Do OSI route table lookup and display results
  write            Write running configuration to memory, network, or terminal

3750#

Global Configuration Mode.

One can enter in to global configuration mode either by using the command “CONFIGURE TERMINAL” or “CONF T” in Privileged EXEC mode. In global configuration mode, we can make changes to the device configurations. The global configuration mode has symbol ‘#’ after the user name followed by config in braces.

3750#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
3750(config)#?
Configure commands:
  aaa                         Authentication, Authorization and Accounting.
  access-list                 Add an access list entry
  access-session              Access Session Global Configuration Commands
  alias                       Create command alias
  ancp                        Configure ANCP
  archive                     Archive the configuration
  arp                         Set a static ARP entry
  async-bootp                 Modify system bootp parameters
  audit                       Router Audit
  authentication              Auth Manager Global Configuration Commands
  auto                        Configure Automation
  banner                      Define a login banner
  beep                        Configure BEEP (Blocks Extensible Exchange Protocol)
  bfd                         BFD configuration commands
  bfd-template                BFD template configuration
  boot                        Modify system boot parameters
  bridge                      Bridge Group.
  buffers                     Adjust system buffer pool parameters
  call-home                   Enter call-home configuration mode
  cdp                         Global CDP configuration subcommands
  cef                         Cisco Express Forwarding
  cisp                        Set CISP parameters
  class-map                   Configure CPL Class Map
  clns                        Global CLNS configuration subcommands
  clock                       Configure time-of-day clock
  cluster                     Cluster configuration commands
  cns                         CNS agents
  config-register             Define the configuration register
  configuration               Configuration access
  control-plane               Configure control plane services
  default                     Set a command to its defaults
  default-value               Default character-bits values
  define                      interface range macro definition
  device-sensor               IOS Sensor Commands
  diagnostic                  Configure diagnostic information
  dnsix-dmdp                  Provide DMDP service for DNSIX
  dnsix-nat                   Provide DNSIX service for audit trails
  do-exec                     To run exec commands in config mode
  dot1x                       IEEE 802.1X Global Configuration Commands
  downward-compatible-config  Generate a configuration compatible with older software
  eap                         EAP Global Configuration Commands
  emm                         Specify pre-loading of MDF
  enable                      Modify enable password parameters
  end                         Exit from configure mode
  energywise                  EnergyWise Global Configuration Commands
  eou                         EAPoUDP Global Configuration Commands
  epm                         EPM Global Configuration Commands
  errdisable                  Error disable
  ethernet                    Ethernet configuration
  event                       Event related configuration commands
  exception                   Exception handling
  exit                        Exit from configure mode
  fallback                    Fallback configuration commands
  file                        Adjust file system parameters
  flow                        Global Flow configuration subcommands
  format                      Format the output
  fullcoredump                Configure parameters required for coredump
  global-address-family       Enter address-family base routing topology mode
  help                        Description of the interactive help system
  hostname                    Set system's network name
  identity                    Identity Configuration Commands
  interface                   Select an interface to configure
  ip                          Global IP configuration subcommands
  ipc                         Configure IPC system
  ipv6                        Global IPv6 configuration commands
  isis                        Global ISIS configuration subcommands
  key                         Key management
  kron                        Kron interval Facility
  l2                          Layer 2
  l2protocol-tunnel           Tunnel Layer2 protocols
  lacp                        LACP configuration
  li-view                     LI View
  line                        Configure a terminal line
  link                        Enable Link State Tracking feature
  lldp                        Global LLDP configuration subcommands
  location                    Global location configuration commands
  logging                     Modify message logging facilities
  login                       Enable secure login checking
  mab                         MAC Authentication Bypass Global Configuration Commands
  mac                         Global MAC configuration subcommands
  macro                       Macro configuration
  media-proxy                 Global media proxy configuration
  mediatrace                  Mediatrace Application
  memory                      Configure memory management
  metadata                    Metadata Application
  module                      Module
  monitor                     Monitoring different system events
  netconf                     Configure NETCONF
  netflow-lite                Netflow-lite Configuration Subcommands
  network-policy              Network Policy
  nmsp                        NMSP configuration commands
  no                          Negate a command or set its defaults
  ntp                         Configure NTP
  parser                      Configure parser
  password                    Configure encryption password (key)
  policy-manager              Policy Manager configuration commands
  policy-map                  Configure CPL Policy Map
  port-channel                EtherChannel configuration
  power                       Power configure
  pppoe                       Point to Point Protocol over Ethernet
  privilege                   Command privilege parameters
  process                     Configure process
  process-max-time            Maximum time for process to run before voluntarily relinquishing processor
  profile                     MSP Profile
  qos                         Global QoS configuration subcommands
  regexp                      regexp commands
  rep                         Resilient Ethernet Protocol characteristics
  resource                    Configure Resource settings
  rif                         Source-route RIF cache
  rmon                        Remote Monitoring
  route-map                   Create route-map or enter route-map command mode
  router                      Enable a routing process
  sampler                     Define a Sampler
  sasl                        Configure SASL
  scheduler                   Scheduler parameters
  scripting                   Configure options for scripting languages
  service                     Modify use of network based services
  service-family              Configure extenal service-family clients
  shell                       Configure shell command
  shutdown                    Shutdown system elements
  snmp                        Modify non engine SNMP parameters
  snmp-server                 Modify SNMP engine parameters
  spanning-tree               Spanning Tree Subsystem
  stacks                      Configure stacks
  standby                     Global HSRP configuration commands
  subscriber-policy           Subscriber policy
  system                      Set the global ethernet configuration
  table-map                   Configure Table Map
  tacacs-server               Modify TACACS query parameters
  template                    Select a template to configure
  tftp-server                 Provide TFTP service for netload requests
  time-range                  Define time range entries
  track                       Object tracking configuration commands
  ttyscan                     Configure Line scanning delay time
  udld                        Configure global UDLD setting
  username                    Establish User Name Authentication
  vlan                        Vlan commands
  vmps                        VMPS settings
  vrf                         VRF commands
  vstack                      Configure vstack parameters and enable or disable SmartInstall
  vtp                         Configure global VTP state
  wsma                        Configure Web Services Management Agents
  xdr                         Configure XDR parameters

3750#

Interface Configuration Mode.

In this mode we change the configuration of the interfaces such as IP address configuration and other interface-level configurations.

3750(config)#interface gigabitEthernet 1/1
3750(config-if)#?
Interface configuration commands:
  aaa                 Authentication, Authorization and Accounting.
  access-expression   Build a bridge boolean access expression
  ancp                ANCP interface commands
  arp                 Set arp type (arpa, probe, snap) or timeout or log options
  authentication      Auth Manager Interface Configuration Commands
  auto                Configure Automation
  backup              Modify backup parameters
  bandwidth           Set bandwidth informational parameter
  bfd                 BFD interface configuration commands
  bgp-policy          Apply policy propagated by bgp community string
  bridge-group        Transparent bridging interface parameters
  carrier-delay       Specify delay for interface transitions
  cdp                 CDP interface subcommands
  channel-group       Etherchannel/port bundling configuration
  channel-protocol    Select the channel protocol (LACP, PAgP)
  clns                CLNS interface subcommands
  counter             Enable IPv4 and IPv6 combined statistic counters
  dampening           Enable event dampening
  default             Set a command to its defaults
  delay               Specify interface throughput delay
  description         Interface specific description
  dot1q               dot1q interface configuration commands
  dot1x               Interface Config Commands for IEEE 802.1X
  duplex              Configure duplex operation.
  eou                 EAPoUDP Interface Configuration Commands
  ethernet            Ethernet interface parameters
  exit                Exit from interface configuration mode
  flowcontrol         Configure flow operation.
  glbp                Gateway Load Balancing Protocol interface commands
  help                Description of the interactive help system
  history             Interface history histograms - 60 second, 60 minute and 72 hour
  ip                  Interface Internet Protocol config commands
  ipv6                IPv6 interface subcommands
  isis                IS-IS commands
  iso-igrp            ISO-IGRP interface subcommands
  keepalive           Enable keepalive
  lacp                LACP interface subcommands
  link                Interface link related commands
  lldp                LLDP interface subcommands
  load-interval       Specify interval for load calculation for an interface
  location            Interface location information
  logging             Configure logging for interface
  loopback            Configure internal loopback on an interface
  mab                 MAC Authentication Bypass Interface Config Commands
  macro               Command macro
  mdix                Set Media Dependent Interface with Crossover
  media-proxy         Enable media proxy services
  metadata            Metadata Application
  mtu                 Set the interface Maximum Transmission Unit (MTU)
  neighbor            interface neighbor configuration mode commands
  netflow-lite        Netflow-lite Configuration Subcommands
  network-policy      Network Policy
  no                  Negate a command or set its defaults
  ntp                 Configure NTP
  ospfv3              OSPFv3 interface commands
  pagp                PAgP interface subcommands
  qos                 QoS configuration
  rmon                Configure Remote Monitoring on an interface
  routing             Per-interface routing configuration
  service-policy      Configure CPL Service Policy
  shutdown            Shutdown the selected interface
  snmp                Modify SNMP interface parameters
  source              Get config from another source
  spanning-tree       Spanning Tree Subsystem
  speed               Configure speed operation.
  standby             HSRP interface configuration commands
  storm-control       storm configuration
  switchport          Set switching mode characteristics
  timeout             Define timeout values for this interface
  topology            Configure routing topology on the interface
  transmit-interface  Assign a transmit interface to a receive-only interface
  udld                Configure UDLD enabled or disabled and ignore global UDLD setting
  vnet                Configure VNET interface options
  vrf                 VPN Routing/Forwarding parameters on the interface
  vrrp                VRRP Interface configuration commands
  vtp                 Enable VTP on this interface

3750(config-if)#

Leave a Reply

Your email address will not be published.