show version show flash show hardware show interface show vlan brief enable configure terminal # interface FastEthernet 0/1 speed duplex shutdown / no shutdown switchport mode {access | trunk}; put port as only access mode, no trunking switchport access vlan 3; to add port to a VLAN switchport port-security maximum 10; maximum MACs that can be accepted on port switchport port-security mac-address 0123.4567.abcd; to add a MAC address to the allowed MACs of that port switchport port-security mac-address sticky; dynamically add the host connected in that moment to the port switchport port-security violation {protect | restrict | shutdown}: what to do in case that the host connected is not allowed in the port. ; Create a Vlan and assign ports # Vlan 406 # name NOMBRE_NUEVA_VLAN # Exit # interface Vlan 406 # description NOMBRE_NUEVA_VLAN # Exit # interface GigabitEthernet 1/40 # switchport access Vlan 406 # Exit # do show vlan ; Check that associated ports are on VLAN. # interface Vlan 406 # no shutdown ; Activar la VLAN [ct] line vty 0 15 [ct] login local [ct] transport input all [ct] username carlrod2 password 5 cisco123; or username carlrod2 secret cisco123; this to encrypt password # ip domain-name example.com ; better to do no ip domain-lookup : to avoid switch to look for data like "kasjhf" when writing in the vty terminal crypto key generate rsa #no ip domain lookup; to disable translating "xyz" ...domain server (255.255.255.255) [ct] line console 0 [ct] password cisco123 [ct] enable secret cisco123 # hostname switch_name # show running-config # show startup config # remote terminal ; logging of troubleshooting #interface vlan 1 ; Management IP #ip address 172.17.10.13 255.255.254.0 #ip default-gateway 172.17.10.1 ; Default Gateway for Switch #snmp-server community public ro ; snmp public community read only #snmp-server community private rw ; snmp private community read write #snmp-server enable traps vtp ; enable SNMP traps (is vtp necessary?) #snmp-server host 172.17.10.43 version 2c public ; SNMP direct to host with public #snmp-server host 172.17.10.43 version 2c ro; SNMP direct to host with read only show interface summary ; show actual bandwitdh used in each port show interfaces @reliability 255/255, txload 1/255, rxload 1/255 ; muestra cuanto se está utilizando del puerto (el 100% sería 255, entonces txload, en la transmisión 1/255 es una carga muy baja, 255/255 sería carga muy alta, en este caso es muy baja) show interfaces counters #Resume of the interfaces counters multicast show ip interface brief # Resume of Interfaces state show ip interfaces summary; summary of IPs and opened ports show ip igmp groups; show groups of IGMP show ip mroute; Show Multicast detailed routing (ports, request, etc.), specify multicast address at the end to only show that MCA. show platform cpu packet statistics; See CPU processing statistics in packages show processes cpu; show Switch CPU statics #monitor session 1 source interface g1/1; Creation of source interface for port mirroring #monitor session 1 destination interface g1/2; Creation of destination interface for port mirroring, output port must have only switchport mode access configuration at most ntp server 10.10.10.1 ; for NTP as peer for the switch show ip traffic; log to see packets in switch, specifically to see bad hop counts (TTL=1) terminal monitor debug ip errors; debug to see bad hop disposals (TTL=1) --- SCRIPTING TOOLS ---- Router#tclsh Router(tcl)#foreach i { +>192.168.1.1 +>192.168.2.1 +>192.168.3.1 +>192.168.4.1 +>192.168.5.1 +>192.168.6.1 +>192.168.7.1 +>192.168.8.1 +>192.168.9.1 +>192.168.10.1 +>} {ping $i} When you are done, exit tcl with this command: Router(tcl)#tclquit terminal length 0; to show all the data insted by seeing it by pages show running-config | include boundary|interface ; To include two descriptors as a OR. ---; To send Multicast without destiny in a Layer 3 Switch (It will send packets to Loopback address insted of trying to process them (this would cause to increase CPU processing). interface Loopback1 ip address 100.1.1.1 255.255.255.255 ip pim sparse-mode ip pim rp-address 100.1.1.1 ip pim ssm default --- ---; To create and "access-list" for incoming multicast (drop the ones not in the list) (@ interface) ip multicast boundary 12 access-list standard 12 permit 232.0.0.0 0.0.255.255 permit 239.100.10.0 0.0.0.255 permit ip host 172.21.10.10 host 232.21.10.10 permit ip 172.21.10.0 0.0.255.255 232.1.0.0 0.255.255.255 deny all ---- DEBUGGING: # terminal monitor ; to monitor all through SSH and Telnet sessions (conf)# logging console # debug ... ; select the debug options you want to see ------- BOUNDARY para Multicasts 1. Crear Access Lists (standard para solo MCA, extendedn si es incluyendo IP de source para IGMPv3) SWITCH_CRC_01(config)#ip access-list standard test SWITCH_CRC_01(config-std-nacl)#deny any SWITCH_CRC_01(config-std-nacl)#exit SWITCH_CRC_01(config)# SWITCH_CRC_01(config)#ip access-list standard grp1 SWITCH_CRC_01(config-std-nacl)#permit 232.0.0.0 0.255.255.255 SWITCH_CRC_01(config-std-nacl)#permit 224.2.0.0 0.0.255.255 SWITCH_CRC_01(config-std-nacl)#permit 239.0.0.0 0.255.255.255 SWITCH_CRC_01(config-std-nacl)#exit SWITCH_CRC_01(config)# SWITCH_CRC_01(config)#ip access-list extended PSI_SI SWITCH_CRC_01(config-ext-nacl)#permit ip host 172.21.213.28 224.2.2.0 0.0.0.255 SWITCH_CRC_01(config-ext-nacl)#permit ip host 172.21.213.31 224.2.2.0 0.0.0.255 SWITCH_CRC_01(config-ext-nacl)#exit SWITCH_CRC_01(config)# 2. Configurar el puerto con boundary de entrada y salida dependiendo de lo que se necesite SWITCH_CRC_01(config)# interface GigabitEthernet1/48 SWITCH_CRC_01(config-if)# description To_PSI/SI SWITCH_CRC_01(config-if)# no switchport SWITCH_CRC_01(config-if)# ip address 172.21.213.100 255.255.255.0 SWITCH_CRC_01(config-if)# ip pim sparse-mode SWITCH_CRC_01(config-if)# ip multicast boundary PSI_SI in SWITCH_CRC_01(config-if)# ip multicast boundary Video_Boundary_Out out SWITCH_CRC_01(config-if)# power inline never Show running all ! See all the configurations (even default)