Cisco switches useful tips
In this article we are listing some Cisco switches useful tips to make your life easier when working and managing Cisco switches
Here are some of the commands:
1. Set a specific switch (normally a layer 3) as the root for Spanning-tree
To set a switch as the primary spanning-tree root for a number of specific VLANs, do as follows:
(config)#show spanning-tree root ;this will display the distance of the switch to the root
(config)#spanning-tree mode pvst
(config)#spanning-tree extend system-id
(config)#spanning-tree vlan 1,10-15,28,30,33,50 priority 16384
By setting this switch to a priority of 16384, we'll force it to be the root switch, as its priority would be lower than the default of 32768
2. Check the warranty of your device
Make sure your Cisco device is still under cover by entering its serial number on this link: https://cway.cisco.com/sncheck/
3. Find out an IP address by its MAC address
Imagine you see through PRTG that a device in a particular Cisco access switch port is taking all the juice, who is that guy? To find out who is that nasty fellow, first do this on the switch where the device is connected:
SWITCH#show mac address-table
This will show you the MAC address that is connected to that port
Then visit the router or the layer 3 device that route traffic to that switch, and issue this command:
ROUTER#show ip arp | inc 0023.2492.9425
And that will list the IP address of the above MAC :)
4. Your friend Telnet
We all know telnet is insecure and uses the well-know port 23, but you can actually use this tool to test the Network Layer of any host, and see if any TCP port is open on that host, SMTP, FTP, HTTP, etc
#telnet 192.168.0.1 25
trying 192.168.0.1,25...Open
The above tells you that port 25 is open in host 192.168.0.1; if you get 'connection refused' that means the port is closed
In Windows OS, use the command route print to quickly discover its gateway
5. How to enable SSH
Do this first to see if SSH is enable in the switch
#show ip ssh
If it is not enable, run these commands to configure the switch
(config)#ip domain-name mydomain.com
(config)#crypto key generate rsa
Use 1024 bits for the key, so that the switch uses SSH v2 instead of SSH version 1
Then configure the VTP lines
(config)#line vty 0 15
(config-line)#transport input ssh
(config-line)#login local
6. Reduce High CPU usage
If you notice high CPU usage, troubleshoot the problem this way:
show processes cpu sorted //**will show you a table with the higest process usage on top
show process cpu history
If the switch has Spanning tree enable per VLAN that could be an issue if you have too many vlans, remove from the affected switch the ones that you don't need