Using the show Command to Get Information

Using the show Command to Get Information


  • Verify router hardware and software operation using SHOW & DEBUG commands.

As an administrator of Cisco routers and switches, it is inevitable that you will have to get information and statistics to verify the functionality of those devices and the networks that are connected to them. The crux of every command to view these statistics is the show keyword. This section explains what information you can gain from several of these show commands and

tells you how to interpret outputs of those commands.

Some of the show commands will have quite a lot of extraneous output that may not be pertinent to what you are trying to discover. In some extreme cases, this can go on for pages and pages of output and you could spend quite a bit of time weeding through all the information. To assist you finding specific informa tion, the Cisco IOS now gives you the ability to filter the output by adding a pipe symbol (|) followed by the keyword include, exclude, or begin and the expression you want to filter. Include will only show you outputs that include the expression that you define in the command. Exclude provides the exact opposite service in that it will show you all the output except for the expression you specify. Finally, begin will show you the full output beginning at the point the expression is found.

Verifying Your Configurations
Without a doubt, verifying your configurations is one of the most widely used show functions in the Cisco IOS. What better way to double-check or troubleshoot your configuration could there be besides seeing it displayed right in front of you? One caveat to these particular show commands, however, is that you must be in Privileged EXEC to see the configurations. This makes logical sense because you don’t want anybody from User EXEC to see your passwords in the configurations.

To see the active configuration that is running in RAM (that is, running-config), simply type show running-config. Similarly, the command show startup-config displays the configuration that will be loaded after you reboot the router or switch. The following example shows the show running-config command, and the output of some of the router configurations discussed in this chapter, performed on an 1720 router with a fixed Fast Ethernet interface:

Notice that in the output of the show running-config command there are commands such as service timestamps debug uptime, ip subnet-zero, and so on that have not been dis cussed. These are all configurations that are created by default by the IOS, and may vary depending on the version of the IOS that is loaded. On that same note, some configurations do not even show up in the IOS configuration even though they are configured on the router or switch. For instance, both interfaces were administratively enabled in this configuration despite the lack of the command no shutdown being dis played on each interface configuration.

One of your best resources on a simulation that has a troubleshooting scenario is the show running config command. By looking at the configuration and recognizing incorrect or missing entries, you can determine what items must be fixed in a particular device to regain connectivity in the simulated network.

Viewing Interface Statuses and Statistics
Beyond a doubt, the next four show commands will serve as the most useful tools in determining interface functionality and the performance of the network connected to those interfaces. Some of the outputs for these interface-specific show commands display similar statistics; nevertheless, each command serves a unique purpose depending on what facet of the interfaces you are trying to investigate.

show interfaces Command
The most detailed show command that displays statistics about the status of the interfaces and the network traffic for that interface is the show interfaces command. This command shows you statistics for all interfaces on the router or switch; however, if you wish to view information about only a single interface, you can specify that interface in the command (for example, show interfaces serial 0/0). The output that follows illustrates the show interface output for a Fast Ethernet interface:

A common statistic of most of the interface show commands is the actual status of the interface itself. This is identified in the first line of output of the show interfaces commands. The first part of the status identifies the Layer 1 information of the interface, followed by the Layer 2 line protocol status.

If you understand the interface statuses you are ultimately building a solid foundation to accurately troubleshoot any malfunctioning interface. For example, if your interface is in an “up/line protocol up” state, you have eliminated Layer 1 and Layer 2 malfunctions for that interface. From this point, you can determine whether the problem on the interface is perhaps a Layer 3 problem (IP addressing, routing, and so on). Table 8.1 lists the possible values of this command.

Be able to recognize the interface status meanings and determine the possible reasons for that status.

The rest of the output of the show interfaces command is also extremely useful for gaining information about the interface and the network. Of course, you won’t be expected to know all the elements listed in this output; however, Table 8.2 displays some of the valuable common statistics descriptions.

Using the show Command to Get Information

You may be presented with the output of a show interface command with the intention of testing your knowledge of being able to identify problematic elements in the output. For instance, a high load value is evidence of a saturated link, a large number of late collisions is a duplex mismatch, excessive collisions might be indicative of being plugged into a hub, and so on.

Using the show Command to Get Informationtb8.4

show ip interface brief Command
If the goal of your show command is to get a condensed output of the interfaces’ status and their IP addresses, the show ip interface brief command conveniently shows you a minimal display of these statistics as illustrated here:

show controller Command
Although the output of the show controller command is unintelligible to everyone except for the Cisco TAC (Technical Assistance Center), one particularly useful extract from this output is in the show controller serial command. The needle in this haystack of statistics is the line of output that identifies whether a DTE or a DCE cable is attached to the serial interface. This is useful if you are connecting to your router remotely and you are not sure whether your router should be providing the clocking (if you are the DCE interface). The following

excerpt example illustrates this useful output:

IOS File Version show Commands

The following section discusses how to back up your IOS to a TFTP server or download a new version of the IOS to your router or switch. Tasks of this magnitude, however, cannot be performed unless you do some initial legwork. Namely, you must perform some essential steps such as identifying the amount of Flash memory, the IOS filename located in Flash, and the current IOS version that is running on the device. Different Cisco IOS versions and feature sets will ultimately dictate the size of the IOS file and the amount of Flash and DRAM memory required to run the IOS. If you are planning to

upgrade to a new IOS, you must make sure that you have enough memory (the more, the better) in your device. To see the amount of Flash you have and the current IOS file stored in Flash memory, utilize the show flash command as follows:

Typically, the filename of the IOS file in Flash correctly reflects the actual IOS version running currently on the device. However, an administrator can easily change the filename to his or her own purposes, or there could be multiple IOS files stored on the Flash and you are not sure which one is running currently. To ensure the correct version of IOS, use the widely practical show version command. As the following output demonstrates, the show version command displays a plethora of information well beyond the version of IOS running. Table 8.3 explains some of the useful output of this multifaceted command.

Using the show Command to Get Informationtb8.3

Be able to rattle off all the information that you can extract from the show version command, including the current loaded IOS version, configuration register, and total memory of RAM, NVRAM, and Flash.

Table 8.4 reviews the show commands discussed in this chapter, including their functions and whether they are in User EXEC or both User EXEC and Privileged EXEC.

Using the show Command to Get Informationtb8.2

Troubleshooting Commands


  • Verify device configuration and network connectivity using ping, traceroute, telnet, SSH or other utilities.
  • Verify router hardware and software operation using SHOW & DEBUG commands.

Troubleshooting a Cisco device and the networks to which it is connected is an integral part of being a Cisco administrator. Most of your troubleshooting can be solved by verifying your configurations and the device’s operations, using the show commands mentioned in the previous section. However, at times you may need to use additional commands to help identify and troubleshoot faults in the network.

Specifically, the clear command in Privileged EXEC resets statistical information that is being stored for the outputs of your show commands. For example, if you saw the output of the show interfaces serial 0/0 command and noticed excessive late collisions, how do you know whether those are recent statistics or collisions that occurred last week? Using the clear

counters command resets those statistics so you can view up-to-date information from the show interfaces output. One of the most widely utilized commands for troubleshooting is the ping command. ping uses ICMP echo and echo reply messages to verify connectivity to IP devices. To ping a specific device from User EXEC or Privileged EXEC, enter ping followed by the IP address or hostname of the device you are trying to verify, as follows:

Notice that the ping response contains a period (. ) followed by four exclamation marks (! ). An exclamation mark character is indicative of a successful receipt of a reply to the ping. The period character indicates that a timeout has occurred for that particular ICMP echo packet. In some instances, you may receive a U character, which signifies a Destination Unreachable ICMP message. These messages are indicative that a router along the packet’s path to the destination did not know how to reach the destination network. When this occurs, the router sends a Destination Unreachable message back to the packet’s source.

ICMP Destination Unreachable messages are sent by a routing device when it does not know how to reach the destination network. The router sends this ICMP message back to the packet’s source.

Notice that in the output of the ping command, the first ping packet timed out. This actually is quite normal when pinging a device on a LAN because the router or switch might have to resolve the MAC address on the data link segment with an ARP request. Any successive pings shortly after should receive 100% of replies.

Similar to other operating systems, you can manipulate some of the options in a ping echo request, such as the datagram size and the timeout period in the Cisco IOS. To specify these options, you need to use an extended ping command. This command requires you to be in Privileged EXEC and is used by typing ping followed by the Enter key (no IP address). From there, you can change the default parameters such as the datagram sizes, timeout, and the number of packets sent, as shown in the following example:

The extended ping must be entered in Privileged EXEC. The command is ping followed by the Enter key.

Another useful ICMP utility is the traceroute command. As the name states, traceroute sends ICMP messages and receives a reply from every routing device along the path to the destination. This is useful in situations where you suspect a router on the route to an unreachable network is failing. The command syntax for traceroute is similar to the ping command. In fact, you can also perform an extended traceroute by using the traceroute command in lieu of the ping keyword.

traceroute is an ICMP utility that tests the connectivity to a device by receiving responses from each routing device along the path to the destination. It is especially useful when you suspect a router on the route to an unreachable network is failing.

The final troubleshooting command (for now) is another exclusive Privileged EXEC command that should be used only when all other troubleshooting has failed. The debug command displays real-time information on such things as routing updates, packet forwarding, and interface keepalives, to name a few. The reason behind the cautionary tone of this explanation is because the debug command is very processor intensive and can generate a lot of information on your terminal screen. For this reason, it is highly recommended that you use these

commands only in emergency situations or in a lab environment. If you must troubleshoot on a production router, be sure to issue the show processes command as follows:

The majority of the output will not make sense; however, the top of the output lists the CPU utilization up to the last 5 minutes. If any of these values exceeds 60%, do not use the debug commands. If you do, your router is likely to seize up from over-utilization.

It is recommended to use the show processes command before using any debug commands to veri
fy the router’s current CPU utilization.

When you are finished troubleshooting, you can turn off debugging by putting a no in front of the command, or you can turn off all debugging by typing no debug all or undebug all. Specific debugging commands are discussed throughout the course of this book.

If your device is seizing up from too much debug processing, turn it off by using the no debug all or undebug all commands.


To see accurate timestamps for your debug messages, it is highly recommended that you configure the clock to reflect the correct date and time by using the clock command in Privileged EXEC. In addition, to add a timestamp to the debug output, use the service timestamp command in Global Configuration.

About the author


Leave a Comment