Cisco cheat sheet

This is work in progress...

ASA

• How to drop or terminate existing connections on the firewall 

Even if you add an ACL to prevent unnecessary traffic it applies only to a new incoming connections. To clear already existing connection you can use one of these:

clear local-host ?
clear conn ?
clear xlate ?

References: link1, link2

• Cisco ASA connection table state description and examples
• ASA performance troubleshooting tips
• How to list numbers next to ACL rules on Cisco

• Performance troubleshooting commands

console logs
show blocks
show blocks queue history detail
show clock
show conn count
show controller
show counters
show cpu hogging process
show cpu usage
show crashinfo
show crashinfo module 1
show disk0: controller
show failover
show failover history
show firewall
show history
show interface
show kernel process
show memory
show memory detail
show mode
show module
show perfmon
show process
show running-config
show service-policy
show startup-config errors
show traffic
show xlate count


Switches

• On a Cisco switch how to find physical port mapping to ASIC chipsets 

switch#show platform port-asic version

Port-Asic Version Info:

========================

ASIC-0: Version:1 DeviceType:0x2CA

ASIC-1: Version:1 DeviceType:0x2CA

ASIC-2: Version:1 DeviceType:0x2CA

ASIC-3: Version:1 DeviceType:0x2CA

ASIC-4: Version:1 DeviceType:0x2CA

ASIC-5: Version:1 DeviceType:0x2CA

ASIC-6: Version:1 DeviceType:0x2CA

ASIC-7: Version:1 DeviceType:0x2CA

ASIC-8: Version:1 DeviceType:0x2CA

ASIC-9: Version:1 DeviceType:0x2CA

ASIC-10: Version:1 DeviceType:0x2CA

ASIC-11: Version:1 DeviceType:0x2CA

switch# sh platform pm if-numbers

interface gid  gpn  lpn  port slot unit slun port-type lpn-idb gpn-idb

----------------------------------------------------------------------

Gi0/1     1    1    1    5/3  1    1    1    local     Yes     Yes

Gi0/2     2    2    2    5/0  1    2    2    local     Yes     Yes

Gi0/3     3    3    3    5/1  1    3    3    local     Yes     Yes

Gi0/4     4    4    4    5/2  1    4    4    local     Yes     Yes

Gi0/5     5    5    5    4/2  1    5    5    local     Yes     Yes

Gi0/6     6    6    6    4/3  1    6    6    local     Yes     Yes

Gi0/7     7    7    7    4/0  1    7    7    local     Yes     Yes

Gi0/8     8    8    8    4/1  1    8    8    local     Yes     Yes

....

References: link1

• How to troubleshoot switch ports and interface errors (like drop packets) (Troubleshooting Switch Port and Interface Problems)

switch# sh interfaces GigabitEthernet0/35

switch# sh interfaces counters errors
Port        Align-Err     FCS-Err    Xmit-Err     Rcv-Err  UnderSize  OutDiscards
Gi0/1               0           0           0           0          0            0
...
Gi0/33              0           0           0           0          0         2904
Gi0/34              0           0           0           0          0     10007689
Gi0/35              0           0           0           0          0      3826473
Gi0/36              0           0           0           0          0            0


switch# sh controllers ethernet-controller gigabitethernet 0/35

 
     Transmit FastEthernet0/20                Receive
   3538920087 Bytes                       2280518202 Bytes
    305038868 Unicast frames              3307737521 Unicast frames
    142899941 Multicast frames                     0 Multicast frames
     19633020 Broadcast frames                  4000 Broadcast frames
            0 Too old frames              2280260439 Unicast bytes
            0 Deferred frames                      0 Multicast bytes
            0 MTU exceeded frames             256000 Broadcast bytes
            0 1 collision frames                   0 Alignment errors
            0 2 collision frames                   2 FCS errors
            0 3 collision frames                   0 Oversize frames
            0 4 collision frames                   0 Undersize frames
            0 5 collision frames                   0 Collision fragments
            0 6 collision frames
            0 7 collision frames           657619578 Minimum size frames
            0 8 collision frames          1231476052 65 to 127 byte frames
            0 9 collision frames           316726340 128 to 255 byte frames
            0 10 collision frames          333559372 256 to 511 byte frames
            0 11 collision frames          204171553 512 to 1023 byte frames
            0 12 collision frames          564188628 1024 to 1518 byte frames
            0 13 collision frames                  0 Overrun frames
            0 14 collision frames                  0 Pause frames
            0 15 collision frames
            0 Excessive collisions                 0 Symbol error frames
            0 Late collisions                      0 Invalid frames, too large
            0 VLAN discard frames                  0 Valid frames, too large
            0 Excess defer frames                  0 Invalid frames, too small
   1771916610 64 byte frames                       0 Valid frames, too small
   2039491270 127 byte frames
    101128332 255 byte frames                      0 Too old frames
    498899274 511 byte frames                      0 Valid oversize frames
    158317216 1023 byte frames                     0 System FCS error frames
    192786423 1518 byte frames                     0 RxPortFifoFull drop frame
            0 Too large frames
            0 Good (1 coll) frames
            0 Good (>1 coll) frames

switch# sh controllers ethernet-controller port-asic statistics 

switch# sh controllers utilization
switch# sh controllers gigabitEthernet 0/35 utilization
Receive Bandwidth Percentage Utilization   : 14
Transmit Bandwidth Percentage Utilization  : 18

switch# sh platform port-asic stats drop

References: Switch Command Reference, link2, link3, Troubleshooting Switch Port

Routers

TBD