Switch

Basic Setup and query

• enable
• configure terminal
• hostname CoreSwitch01
• enable secret cisco
• show running-config
• write-memory
• show flash:
• show interface status
• show interface fastEthernet 0/1 switchport
• show mac-address-table

SSH

• ip domain-name alphabook.cn
• crypto key generate rsa
• username cisco privilege 15 secret cisco
• line vty 0 4
• login local
• transport input ssh

Vlan

• vlan 1 (management vlan by default)
• Create vlan (Manually on all switches)
  • vlan 10
  • vlan 20
• show vlan brief
• interface vlan 10
• ip address 192.168.100.1 255.255.255.0
• no shutdown

VTP (risk)

• configure trunk first
• vtp domain alphabook
• vtp mode server / client
• vtp password cisco
• vtp pruning (on server)
• show vtp status

Spanning-tree

• PVST+
• RPVST
• MST
  • spanning-tree mode mst
  • spanning-tree mst configuration
  • name cisco
  • revision 1
  • instance 1 vlan 10,11,12
  • instance 2 vlan 20,21,22
  • spanning-tree mst 1 root primary
  • spanning-tree mst 2 root secondary

Switchport Mode Access

• interface fastEthernet 0/1
• description 1F-P001
• switchport mode access
• switchport access vlan 10
• interface fastEthernet 0/2
• description 1F-P002
• switchport mode access
• switchport access vlan 20

Switchport Mode Trunk

• interface range gigabitEthernet 0/1 - 2
• switchport trunk encapsulation dot1q
• switchport mode on
• switchport nonegotiate
• switchport trunk native vlan 10
• switchport trunk allowed 1,10,20,30,1002-1005
• show switchport trunk

EthernetChannel

• interface range gigabitEthernet 0/1 - 2
• channel-group 1 mode on
• show etherchannel summary
• show etherchannel port-channel
• show etherchannel load-balance

StackWise

• Cisco StackWise technology provides an innovative new method for collectively utilizing the capabilities of a stack of switches. Individual switches intelligently join to create a single switching unit with a 32-Gbps switching stack interconnect. Configuration and routing information is shared by every switch in the stack, creating a single switching unit. Switches can be added to and deleted from a working stack without affecting performance.
• https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3750-series-switches/prod_white_paper09186a00801b096a.html

VRRP Virtual Router Redundancy Protocol

• interface plan 10
• vrrp 10 ip 192.168.10.1
• vrrp priority 105 (100 by default)
• show vrrp brief

802.1x Authentication

• configure terminal
• aaa new-model
• aaa authentication dot1x default group radius
• dot1x system-auth-control
• radius-server host 192.168.1.100
• radius-server key cisco
• interface fastEthernet 0/1
• switchport mode access
• dot1x port-control auto
• show dot1x

Backup and Restore

• copy running-config tftp:
• copy tftp: running-config

Reset Configuration

• erase startup-config
• dir
• delete flash:vlan.dat
• reload

Reset Password

• flash_init
• load_helper
• dir flash:
• rename flash:config.text flash:config.old
• boot
• rename flash:config.old flash:config.text
• copy flash:config.text system:running-config
• enable secret cisco
• write memory

Trick

• service password-encryption
• no ip domain-lookup
• default interface fastEthernet 0/1
• PVID Port Vlan ID