Cisco

NX-OS Basic Commands Cheat Sheet

javirodz

I am going to start today some hands on labs to practice for my CCNA (DCICN) Data Center test (640-911). This post is going to look more like a series of questions and answers with the commands used in the exercises.

1.  To delete the start-up configuration

Switch#write erase boot
Switch#reload

2. To enter Global Configuration Mode

Switch#config
Switch(config)#

3. How to the save the Configuration

Switch#copy running-config start-config or
Switch#copy run star

4. Set the hostname

Switch#config t
Switch(config)#hostname switchA

5. Setting up the management ip address and description

switchA#config t
switchA(config)#int mgmt0
switchA(config-if)#ip address 10.10.10.2 255.255.255.0
switchA(config-if)#description management address
switchA(config-if)#end
switchA#

6. Creating VLANs

switchA#
switchA(config)#vlan 10
switchA(config-vlan)#name meaningful-name
switchA(config-vlan)#exit
switchA(config)#

7. Assign an interface to a vlan

switchA#config t
switchA(config)#int e3/1
switchA(config-if)#switchport
switchA(config-if)#switchport mode access
switchA(config-if)#switchport access vlan 10
switchA(config-if)#end
switchA(config)#

8. RIP

Nexus7k(config)# feature rip
Nexus7k(config)# router rip RodzRIP
Nexus7k(config-router)# address-family ?
ipv4 Configure IPv4 address-family
ipv6 Configure IPv6 address-family
Nexus7k(config-router)# address-family ipv4 unicast
Nexus7k(config-router-af)# int e3/1 - 2
Nexus7k(config-if-range)# ip router rip RodzRIP

9. EIGRP

Nexus7k(config)# feature eigrp
 Nexus7k(config)# router eigrp RodzEIGRP
 Nexus7k(config-router)# au?
 authentication autonomous-system
 Nexus7k(config-router)# autonomous-system ?
 <1-65535> Local AS number
 Nexus7k(config-router)# autonomous-system 100
 Nexus7k(config-router)# int e3/1 - 2
 Nexus7k(config-if-range)# ip router eigrp RodzEIGRP

10. OSPF

Nexus7k(config-if-range)# feature ospf
Nexus7k(config)# router ospf  JRVOSPF
Nexus7k(config-router)# int e3/1 -2
Nexus7k(config-if-range)# ip router ospf JRVOSPF area 0

11. Configure ports for routing, Example ports e3/1 and e3/2

Nexus7(config-if)# int e3/1
Nexus7(config-if)# no switchport
Nexus7(config-if)# ip address 172.16.10.1/24
Nexus7(config-if)# no shutdown
Nexus7(config-if)# int e3/2
Nexus7(config-if)# no switchport 
Nexus7(config-if)# ip address 172.16.20.1/24
Nexus7(config-if)# no shutdown

12. Configure a static route to remote network 192.168.10.0/24

Switch#conf t
Switch#(config)#ip route 192.168.10.0/24 e3/1 172.16.10.2

13. VLAN TRUNK

Switch#conf t
Switch#(config)#int e3/28
Switch#(config-if)#switchport
Switch#(config-if)#switchport mode trunk
Switch#(config-if)#switchport trunk allowed vlan add 10
Switch#(config-if)#switchport trunk allowed vlan remove 10
Switch#(config-if)#end

14. Changing Native VLAN

Switch#conf t
Switch#(config)#int e3/28
Switch#(config-if)#switchport
Switch#(config-if)#switchport mode trunk
Switch#(config-if)#switchport trunk native vlan 660

15. Configuring VTP

Switch#conf t
Switch#(config)#feature vtp
Switch#(config)#vtp mode server
Switch#(config)#vtp domain <domain-name>
Switch#(config)#vtp password <password>
Switch#(config)#vtp version 2
Switch#(config)#vtp pruning
Switch#(config)#sh vtp status

16. Configuring Inter-VLAN Routing

feature interface-vlan
interface vlan 10
ip address 172.16.10.1/24
int vlan 20
ip address 172.16.20.1/24
int vlan 30
ip address 172.16.30.1

17. STP

show spanning-tree
conf t
spanning-tree vlan 1 priority 4096 (multiples of 4096 up to 61440)
int e3/40-44
spanning-tree port type edge (for hosts)
int e3/45-48
spanning-tree port type network (for inter switch links)

18. Set a switch as root bridge

spanning-tree vlan 1 root primary

19 port-channels

interface port-channel 1
int e3/31-38
switchport
switchport mode  trunk
channel group 1 mode on
channel group 1 force mode on

20. Show the forward/filter table

show mac address-table

21. Show the STP root bridge for a VLAN

sh spanning-tree
sh spanning tree vlan <vlan#>

22. Configure a switch port to not transition through STP

spanning-tree port type edge

23. Show port channel

sh interface port-channel number

24 ACL To deny access to host 172.16.50.5 for telnet and ftp:

access-list 110 deny tcp any host 172.16.50.5 eq 21
access-list 110 deny tcp any host 172.16.50.5 eq 23
access-list 110 permit ip any any
int e3/1
ip access-group 110 out

25. Named ACL

ip access-list Deny_FTP
deny tcp any host 10.10.10.10 eq ftp
permit ip any any
int e3/2
ip accès-group Deny_FTP out
sh access-lists

26. Configure Session

config session <session name>
....
verify
commit

27. Object Groups

object-group ip address <name>
10.0.0.0/8
172.16.0.0/12
192.168.0.0/24
show object group <name>
10 10.0.0.0/8
20 172.16.0.0/12
30 192.168.0.0/24
Nexus7(config)# object-group ip port Permit_Ports
Nexus7(config-port-ogroup)# range 2011 2099
Nexus7(config-port-ogroup)# eq 31156
Nexus7(config-port-ogroup)# gt 32655
Nexus7(config-port-ogroup)# show object-group Permit_Ports
Protocol port object-group Permit_Ports
        10 range 2011 - 2099
Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.