看设备健康度
show version # 看IOS版本、运行时长、硬件型号、内存大小
show version | include register # 快速看16进制特征码,判断有没有crash过
show processes cpu sorted # CPUTOP,5秒/1分钟/5分钟占用
show processes cpu history # CPU历史曲线(神级)
show processes memory sorted # 内存TOP
show environment all # 电源、风扇、温度(尤其是ASR9K、N9K必看)
show logging # 最近日志,重点看%SYS、%PLATFORM
show platform # 硬件状态(看有没有模块掉线、硬件故障)
show redundancy # 双主控倒换状态(ASR1K、C9500、C9300必看)
show ip device tracking all count # IPDT表项数量(防ARP泛滥)
接口状态类
show interfaces # 最经典,但信息太多
show ip interface brief # 最常用!接口+IP+状态一目了然
show interfaces status # 交换机端口状态(连没连、双工、VLAN)
show interfaces counters errors # 错误计数器(Input errors/CRC/Runts/Giants)
show interfaces | include line protocol|CRC|input error|rate # 快速筛问题接口
show interfaces transceiver detail # 光模块详细信息(温度、电压、光功率!)
show interfaces link # N9K专属,看光模块链路起伏历史
show interfaces ethernet x/y switchport # 查看接入/中继、Native VLAN
show interfaces trunk # 所有Trunk口、允许VLAN、Native VLAN
任何接口问题,先敲 show ip int brief 找黄灯/红灯接口,再针对性敲 show int x/x 看是物理层(CRC、input error)还是协议层(line protocol down)。
路由表&路由协议类
show ip route summary # 路由表总览,最快看出路由条目数
show ip route | include B|O|E # 只看BGP/OSPF/EIGRP路由
show ip route vrf * # 所有VRF路由表
show ip bgp summary # BGP邻居状态,永远第一条!
show ip bgp vpnv4 all summary # MPLS VPN邻居状态
show bgp ipv4 unicast summary # 新版语法(IOS-XE 16+)
show ip bgp neighbors x.x.x.x advertised-routes # 看我发出去的路由
show ip bgp neighbors x.x.x.x received-routes # 看对方发来的路由(需开启soft-reconfiguration)
show ip bgp x.x.x.x # 看具体前缀在BGP表里的细节
show ip ospf neighbor # OSPF邻居(重点看Dead Time和State)
show ip ospf interface brief # OSPF接口成本、区域类型
show ip ospf database router x.x.x.x # 看自己的LSA
show ip eigrp topology x.x.x.x/32 # EIGRP具体前缀的后继
show ip cef x.x.x.x detail # CEF转发表(排障金三角最后一环)
排障思路:
- ping不通
→
- show ip route x.x.x.x 看有没有路由
→
- show ip cef x.x.x.x 看CEF表
→
- traceroute确认路径
这三条命令走完,基本能定位是路由问题还是转发问题。
交换&二层类
show vlan brief # VLAN是否存在、端口分配
show spanning-tree detail # STP根桥、端口角色、计数器
show spanning-tree vlan x blockedports # 快速看被阻塞的端口
show etherchannel summary # 所有端口通道状态(一目了然!)
show mac address-table vlan x # MAC表
show mac address-table count vlan x # MAC表条目数(防环路爆表)
show arp | include x.x.x.x # ARP表
show ip dhcp snooping binding # DHCP Snooping绑定表
show port-security interface x # 端口安全违规计数
QoS类
show policy-map interface x/x # 最重大!看每个类的丢包、队列
show queueing interface x/x # 老设备查看队列情况
show platform hardware qos interface x/x # Nexus硬件队列统计
ACL&安全类
show access-lists # 查看ACL内容
show ip access-list interface x/x # 查看接口应用的ACL
show access-lists | include 10.1.1.1 # 快速看命中计数
show logging | include DENY # 被ACL拒绝的日志
多播类
show ip pim neighbor
show ip pim rp mapping
show ip mroute
show ip igmp groups
show ip mfib # 硬件转发表(重大!)
MPLS & L3VPN 专属
show mpls ldp neighbor
show mpls forwarding-table
show ip bgp vpnv4 all labels
show mpls ldp discovery detail
show vrf detail
show ip vrf interfaces
NetFlow & 监控类
show ip flow top-talkers # 老版本Top流量
show ip flow export
show flow monitor x statistics # Flexible NetFlow统计
Nexus(NX-OS)
show queuing interface eth x/y # 队列丢包(超级好用)
show hardware internal errors # 硬件错误计数
show forwarding adjacency # 邻接表
show system internal pktmgr stats # 看有没有punt到CPU
show logging logfile | include DROP # 硬件丢包日志
我自己写的“万能排障脚本”
! 别名集合(全局配置模式下配置)
alias exec bgpsum show ip bgp summary vrf all
alias exec routsum show ip route summary | exclude 0.0.0.0
alias exec cefdrop show cef drops
alias exec intsum show ip interface brief
alias exec errlog show logging | include ERR|CRIT|DROP|FAIL
alias exec health show version | include image|uptime ; show processes cpu sorted | exclude 0.00 ; show processes memory sorted ; show environment all ; show logging | include ERR
show 命令使用心法
- 先宏观后微观(summary → detail)
- 先软件表后硬件表(RIB → FIB → Adjacency)
- 先计数器后日志(show interface counters → show log)
- 永远记得加 | include/section 过滤!节省90%时间
- Nexus系列多用 show hardware/internal 开头命令,软件表骗不了人
© 版权声明
文章版权归作者所有,未经允许请勿转载。
你看思科锐捷市场不太大。
收藏了,感谢分享