Last month I had the pleasure of helping a client upgrade their Cisco network infrastructure.  The IT Director for this particular company is a one-man IT shop who doesn’t get to work with Cisco’s command line interface very often.  I thought a “cheat sheet” of common Cisco troubleshooting commands handy might speed his network troubleshooting so I put this list together for him.  If you don’t see your favorite commands for Cisco switch troubleshooting here please let me know and I’ll add them!

Update 2: I also put this information into a PDF.  If you’d like a quick reference of these commands for your desk just click here!

Update:  I created a slideshow of sample output from all these commands.  Just scroll down to the bottom and click on one of the images to see what these commands do.

show ip interface brief

This command is probably the one I use most because it shows Layer 1, Layer 2, and Layer 3 interface status all in one screen.  To see sample output from this command, just click the section header above.

show mac address-table

This command shows all MAC addresses the switch is aware of and each address’ associated VLAN and physical port.  By default this command shows the full contents of every VLAN that traverses the switch so I recommend you filter the output with one of the following variations:

• show mac address-table dynamic – Display only learned MAC addresses.
• show mac address-table vlan <vlan id> – Show results for only the specified VLAN.
• show mac address-table | include xxxx – Find out which port a known device is attached to.  Just replace xxxx with the last four digits of a device’s MAC address.  Note that the MAC address must be lower case or it will not match.

show spanning-tree

Spanning-tree prevents loops in a Layer 2 switched network.  In order to avoid unexpected network instability one must be intentional in their spanning-tree design.  To verify that spanning-tree is working as expected, use the show spanning-tree command.  Please note that without any options this will show spanning-tree information for all spanning-tree instances on the switch, so I recommend filtering the results by specifying a particular VLAN using the show spanning-tree vlan <vlan id> command.

show cdp neighbors

CDP stands for Cisco Discovery Protocol.  This command shows all Cisco devices attached to the Cisco device you’re logged in to.  CDP also shows the type of devices attached and the ports connecting them.  The extended version of this command, show cdp neighbors detail, shows additional neighbor information such as management IP address.

show interface

If a Cisco switch has one particular interface that’s misbehaving this is always a good place to look.  By default this command will show statistics for even Layer 3 VLAN interfaces so I recommend you look at a single port at a time by using show interface <type> <identifier>.

show running-config

This command shows the active configuration of a Cisco switch.  Some devices have quite lengthy configurations so I recommend filtering the output as follows.  Due to length I did not include screenshots of all these in the slideshow below.

• show running-config | begin – Start the output at a specific point within the configuration.  For example, “show running-config | begin dhcp” will jump to the dhcp section of the running-config.
• show running-config | include – Show all configuration lines containing a specific phrase.
• show running-config interface <type> <identifier> – Show the configuration of a specific port.

show log

All the show commands I’ve listed so far show what your Cisco switch is doing right now.  If you want to see what the switch has been doing since its last reboot, use “show log.”  You’ll find a wealth of information about the switch’s hardware, software, interfaces, and more.  Whether you’ve got a failed fan, an interface bouncing up and down, or spanning-tree topology changes you’ll find all that information in the log.

Cisco Switch Troubleshooting Commands – Sample Outputs