Cisco 3850 Reload Slot Command
Sometimes for some reason it will just do something odd. Like enter dir usbflash0 it returns dir is an invalid command yet help lists it. At one point I saw something about it wanting to automatically erase and reload something I said no as I assumed somehow I did something that would overwrite the rommon, etc and everything. Solved: Hi, Is it possible to upgrade the IOS on a cisco 3850 stack in a non disruptive way? Reloading 1 switch at a time? Or do you need to reload the entire stack at once, like a 3750 stack?
Cisco Catalyst 3850 Series Switches with 12 and 24 1 Gigabit Ethernet SFP ports Figure 4. Cisco Catalyst 3850 Series Switches with 10 Gigabit Ethernet 48 ports Table 1 shows the Cisco Catalyst 3850 Series configurations. Cisco Catalyst 3850 Series configurations Model Total 10/100/1000 or SFP or SFP+ ports Default AC power supply Available. Cisco IOS commands. Cisco IOS Master Command List, All Releases. Stack Manager and High Availability Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches) Stack Manager and High Availability Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches). Update 10/10: 16.3.5 official release is now available on cisco.com. Thank you for your participation We are pleased to announce availability of Beta software for 16.3.5. 16.3.5 will be the fourth rebuild on the 16.3 release train targeted towards Catalyst 3650 /3850 switching platforms.
The Cisco IOS CLI is the main user interface for configuring, maintaining, and troubleshooting most Cisco devices. From this user interface, you can directly execute all Cisco IOS commands, and it doesn’t matter how you reach the Cisco IOS platform; you can enter any CLI command from a remote, console, or terminal interface.
In this Cisco Commands cheat sheet article, we’ll go through the most crucial set of Cisco IOS commands that you'll need as an admin daily. You can use this concise set of commands for a quick reference as needed!
Quick Links
1. Cisco IOS Command Hierarchy
The commands in Cisco IOS are hierarchical structured. Knowing the difference between the different modes (and how to move across) will help you configure, monitor, or troubleshoot a router easier.
There are currently eight modes in Cisco IOS commands.
Prompt | Abbreviation | Description |
Router> | U | User EXEC mode, is the first level of access. |
Router# | P | Privileged EXEC mode. The second level of access, accessible with the “enable” command. |
Router(config)# | G | Configuration mode. Accessible only via the privileged EXEC mode. |
Router(config-if)# | I | Interface mode. Level accessible via configuration mode. |
Router(config-router)# | R | Routing mode. Level within configuration mode. |
Router(config-line)# | L | Line level (vty, tty, async). Accessed via the configuration mode |
Router(config-vlan)# | V | Config-vlan, accessible via the global configuration mode. |
Switch(vlan)# | VD | Vlan database, accessible from the privileged EXEC mode. |
Commands To Move Between These Six Modes:
Command | Mode | Description |
enable | U | Moves from User to Privileged mode. |
logout | U | Exit User mode. |
configure <terminal> | P | Moves from Privileged to Configure mode. |
disable | P | Exit user mode. |
Interface <interface description> | G | Enter interface configuration mode. |
vlan vlan-id | G | Moves to configure vlan mode. |
Vlan database | P | Enter vlan database from Privilege mode. |
line | G | Enter line from Global configuration mode. |
exit end | G, R, L, V | return to previous mode. |
2. Fundamentals — Basic Configuration
The following are the fundamental Cisco IOS commands. These commands give you the necessary base to move to more advanced and specific commands.
Command | Mode | Description |
show version | U,P | Display information about IOS and router. |
show interfaces | U,P | Display physical attributes of the router’s interfaces. |
show ip route | U,P | Display the current state of the routing table. |
show access-lists | P | Display current configured ACLs and their contents. |
show ip interface brief | P | Displays a summary of the status for each interface. |
show running-config | P | Display the current configuration. |
show startup-config | P | Display the configuration at startup. |
enable | U | Acces Privilege mode |
config terminal | P | Access Configuration mode. |
interface <int> | G | Enter interface configuration. |
ip address <ip address> <mask> | I | Assign an IP address to the specified interface. |
shutdown no shutdown | I | Turn off or turn on an interface. Use both to reset. |
description <name-string> | I | Set a description to the interface. |
show ip interface <type number> | U,P | Displays the usability status of the protocols for the interfaces. |
show running-config interface interface <slot/number> | P | Displays the running configuration for a specific interface. |
hostname <name> | G | Set a hostname for the Cisco device. |
enable secret <password> | G | Set an “enable” secret password. |
copy running-config startup-config | P | Saves the current (running) configuration in the startup configuration into the NVRAM. The command saves the configuration so when the device reloads, it loads the latest configuration file. |
copy startup-config running-config | P | It saves (overwrites) the startup configuration into the running configuration. |
copy from-location to-location | P | It copies a file (or set of files) from a location to another location. |
erase nvram | G | Delete the current startup configuration files. The command returns the device to its factory default. |
reload | G | Reboot the device. The NVRAM will take the latest configuration. |
erase startup-config | G | Erase the NVRAM filesystem. The command achieves the similar outcome as “erase nvram” |
3. Network Access
This section covers all popular Cisco’s network access protocols. From how to configure and verify VLANs, trunks, to Layer 2 discovery protocols like CDP and LLDP. We’ll also cover simple Etherchannel, Rapid PVST+ Spanning Tree Protocol configuration.
Command | Mode | Description |
cdp run no cdp run | P | The “cdp run” command enables Cisco Discovery Protocol. The “no cdp run” disables it. |
show cdp | P | Display global information for CDP. |
show cdp neighbors | P | Display all CDP neighbors. |
lldp run no lldp run | P | The “lldp run” command enables the LLDP Protocol. The “no lldp run” disables it. |
show lldp | P | Displays global information for LLDP |
show lldp neighbors | P | Show all LLDP neighbors. |
show mac address-table | P | Display all the MAC address entries in a table. |
spanning-tree mode rapid-pvst | G | A global configuration command that configures the device for Rapid Per VLAN Spanning Tree protocol. |
spanning-tree vlan <1-4094> priority <0-61440> | G | Manually set the bridge priority per vlan. |
spanning-tree vlan <1-4094> root primary | G | Make the switch the root of the SP. |
no spanning-tree vlan <1-4094> | G | Disable SP on the specific VLAN. |
show spanning-tree summary | P | Show a summary of all SP instances and ports. |
show spanning-tree detail | P | Show detailed information of each port in the spanning-tree process. |
show vlan | P | Lists each VLAN and all interfaces assigned to that VLAN. The output does not include trunks. |
show vlan brief | P | Displays vlan information in brief |
show interfaces switchport | P | Display configuration settings about all the switch port interfaces. |
show interfaces trunk | P | Display information about the operational trunks along with their VLANs. |
vlan <1-4094> | G | Enter VLAN configuration mode and create a VLAN with an associated number ID. |
name <name> | V | Within the VLAN configuration mode, assign a name to the VLAN |
switchport mode access | I | In the interface configuration mode, the command assigns the interface link type as an access link. |
switchport access vlan <> | I | Assign this interface to specific VLAN. |
interface range < > | I – range | Access interface range configuration mode from Interface Configuration. |
channel-group <number> | I – range | Assign the Etherchannel. Set the interface range to a channel group. |
no switchport access vlan <> | I | Remove VLAN assignment from interface. It returns to default VLAN 1 |
show vtp status | P | Display all vtp status |
vtp mode <server client transparent> | G | In the global configuration mode, set the device as server, client, or transparent vtp mode. |
switchport mode trunk | I | An interface configuration mode. Set the interface link type as a trunk link. |
switchport trunk native vlan <> | I | Set native VLAN to a specific number. |
switchport trunk allowed vlan <> | I | Allow specific VLANs on this trunk. |
switchport trunk encapsulation dot1q | I | Sets the 802.1Q encapsulation on the trunk link. |
4. IP Connectivity
This section includes some of the most simple yet useful ip connectivity IOS commands. From displaying a routing table, creating static, to default route. We also include dynamic routes with OSPF.
Command | Mode | Description |
Show ip route | P | Show the routing table. |
Show ip route ospf | P | Show routes created by the OSPF protocol. |
ip default-gateway <ip_address> | G | Set the default gateway for the router. |
ip route <network> <mask> <next hop> | G | Create a new static route |
no ip route <network> <mask> <next hop> | G | Remove a specific static route. |
ip route 0.0.0.0 0.0.0.0 <nex thop> | G | Configure a default route |
router ospf <process ID> | G | Enable OSPF with an ID. The command will open the router configuration mode. |
show ip ospf interface | P | Display all the active OSPF interfaces |
5. IP Services
This section shows the common commands for configuring NAT, DHCP, and DNS services. It also includes simple and useful SNMP and Syslog commands for monitoring and logging.
Command | Mode | Description |
ip nat <inside outside> | I | Specific whether the interface is the inside or outside of NAT. |
ip nat inside source <ACL No.> <pool static IP> <overload> | G | Configure dynamic NAT. It instructs the router to translate all addresses identified by the ACL on the pool. To configure Port Address Translation (PAT) use the “overload” at the end. |
ip nat inside source static <local IP> <global IP> | G | Create a static NAT from inside (local IP) to outside (global IP) |
ip nat outside source static <ACL No.> <pool static IP> | G | Create a static NAT from outside (ACL) to inside (IP pool) |
ntp peer <ip-address> | G | Configure the time by synchronizing it from an NTP server. |
ip dhcp excluded-address <first-ip-address> <last-ip-address> | G | The IP addresses that the DHCP server should not assign to the DHCP client. |
ip dhcp pool <name> | G | Enters the DHCP pool configuration mode and creates a new DHCP pool. |
network <network ID> <mask> | G – DHCP | Inside the DHCP configuration mode. Define the address pool for the DHCP server. |
default-router <IP address> | G – DHCP | Set the default gateway IP address for the DHCP clients. |
dns-server <IP address> | G – DHCP | Set the DNS server IP address for the DHCP clients. |
ip helper-address <ip address> | I | Turns an interface into a DHCP bridge. The interface redirects DHCP broadcast packets to a specific IP. |
show ip dhcp pool | P | Display information about the DHCP pool |
show ip dhcp binding | P | Display information about all the current DHCP bindings. |
ip dns server | G | Enable DNS service. |
ip domain-lookup | G | Enable domain lookup service. DNS client |
ip name-server <IP address domain name> | G | Set a public DNS server. |
snmp-server community <community-string> ro | G | Enable SNMP Read-Only public community strings. |
snmp-server community <community-string> rw | G | Enable SNMP Read-Only private community strings. |
snmp-server host <ip-address> version <community-string> | G | Specific the hosts to receive the SNMP traps |
logging <ip address> | G | Determines the Syslog server to send log messages. |
logging trap level | G | Limit Syslog messages based on severity level |
show logging | P | Shows the state logging (syslog). Shows the errors, events, and host addresses. It also shows SNMP configuration and activity. |
terminal monitor | P | Enables debug and system’s error messages for the current terminal. |
sh ip ssh | P | Verify SSH access into the device. |
6. Security
In this section, we include the most basic AAA configuration commands for Cisco IOS. We’ll also include basic standard and extended ACLs and port security configuration commands.
Command | Mode | Description |
enable secret <password> | G | Set an “enable” secret password. Enable secret passwords are hashed via the MD5 algorithm. |
line vty 0 4 | G | A global configuration command to access the virtual terminal configuration. VTY is a virtual port used to access the device via SSH and Telnet. 0 4 to allow five simultaneous virtual connections |
line console 0 | G | A global configuration command to access the console configuration. |
password <password> | L | Once in line mode, set a password for those remote sessions with the “password” command. |
Login local | The authentication uses only locally configured credentials. | |
username <username> privilege <level> secret <password> | G | Require a username with a specific password. Also configure different levels of privilege. |
service password-encryption | G | Makes the device encrypt all passwords saved on the configuration file. |
crypto key generate rsa | G | Generate a set of RSA key pairs for your device. These keys may be used for remote access via SSH. |
access-list | G | Defined a numbered ACL |
ip access-list | G | Defined an IPv4 ACL. |
access-list access-list-number <deny permit}> source <source> [log] | G | Create a standard ACL. |
access-list access-list-number <deny permit}> protocol <> source <source [ports]>destination <destination [ports]> [Options] | G | Create an extended ACL. |
ip access-class <access-list-name> <in out> no ip access-group <access-list-name> <in out> | L | A line configuration command mode. It restricts incoming and outgoing connections to a particular vty line. Use “no” to remove the restriction. |
show ip access-list | P | Show all IPv4 ACLs |
switchport mode access | I | From the interface configuration mode, this command assigns the interface link type as an access link. |
switchport port-security | I | enable dynamic port security on the specific interface. |
switchport port-security maximum <max value> | I | Specify the maximum number of secure MAC addresses on the specific interface. |
switchport port-security mac-address <mac-address sticky [mac-address]> | I | Force a specific mac-address to the interface. Also use the “sticky” option to make the interface remember the first mac-address connected to the interface. |
switchport port-security violation <shutdown restrict protect> | I | Define the action to be taken when a violation is detected on the port. |
show port security | P | Display the port security configuration on each interface. |
7. Troubleshooting Commands
In the final section of this cheat sheet we’ll include basic troubleshooting commands. We already included some of these commands on previous sections, but they are also very useful when it comes to troubleshooting.
Command | Mode | Description |
ping <target IP hostname> <repeat Count [5]> <source [IP interface] | P | Diagnose connectivity with extended ping. Check reachability, RRTs, and packet loss. |
traceroute <target IP hostname><source [IP interface] | P | Use traceroute to diagnose connectivity on a hop by hop basis. |
telnet | P | Use Telnet to check for listening ports (1 to 65535) on a remote device. |
show interface | P | Use this command to discover the physical attributes; find duplex, link types, and speed mismatches. Both ends must match. Also use this command to find errors. |
speed <10 100 1000 auto> | I | Set the speed of an interface. Or configure it as auto. |
duplex <auto full half> | I | Set the interface duplex. |
show interface include fastethernet input errors | P | This command searches across all interfaces and outputs the ones that include input errors. |
show ip interface | P | Use this command to discover the status for all the protocols on that interface. |
shutdown no shutdown | I | Interface configuration mode. Restart an interface |
show ip route | P | This command is useful for determining the route of ip packets. |
show cdp neighbors | P | Discover basic information about neighboring Cisco’s routers and switches |
show mac address-table | P | Display the contents of the mac-address table. |
Show vlan Show vlan brief | P | Find vlan status and interfaces assigned to the vlans. |
show vtp status | P | Use this command to discover the current VTP mode of the device. |
show interfaces trunk | P | Check the allowed VLANs on both ends of the trunk. |
show ip flow top-talkers | P | If Netflow is enabled, this command is very useful to troubleshoot top talkers. |
We hope this Cisco Commands Cheat sheet was Helpful and will come in handy in the future! Feel free to bookmark or add this to your website for reference as needed!
Do you want to perform a Cisco 3850 IOS Upgrade?
Page Contents
- Step 2 start the install
This short post will show you how to upgrade the software on a single Cisco 3850 switch or a 3850 stack, using TFTP and USB.
The Cisco 3850 IOS upgrade procedure is very easy but it is a bit different than the usual software image of previous switches i.e 3750 etc.
The main difference is the Cisco 3850 switch run IOS-XE so you have to copy the .bin file to the flash on the switch and then install the software on the switch.
- Download the required image from cisco.com
- Begin the install
- Reboot the switch
Step 1 copy the new image to the 3850
3850-SW1#copy tftp flash
Address or name of remote host []? 10.1.1.250
Source filename []? cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin
Destination filename [cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin]?
Accessing tftp://10.1.1.250/cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin…
Loading cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin from 10.251.226.253 (via Port-channel1): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Once the file has been copied verify the new IOS is present in flash
3850-SW1#dir flash:
Directory of flash:/
46472 -rwx 2097152 Sep 22 2013 10:23:20 +00:00 nvram_config
46468 -rwx 1689445 Aug 22 2013 20:48:35 +00:00 asic_dump_reg-1.csv
46467 -rwx 1689445 Aug 22 2013 21:17:05 +00:00 asic_dump_reg-0.csv
46469 -rwx 114 Sep 13 2013 06:08:19 +00:00 express_setup.debug
46466 -rw- 223737704 Feb 12 12:01:30 +00:00 cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EX3.bin
38721 drwx 4096 Sep 22 2013 10:14:12 +00:00 mnt
77443 -rwx 1224 Sep 22 2013 10:13:17 +00:00 packages.conf
46470 -rwx 736 Sep 20 2013 18:34:18 +00:00 vlan.dat
69699 -rwx 74369252 Sep 22 2013 10:13:12 +00:00 cat3k_caa-base.SPA.03.02.02.SE.pkg
69700 -rwx 5808828 Sep 22 2013 10:13:12 +00:00 cat3k_caa-drivers.SPA.03.02.02.SE.pkg
69701 -rwx 32488292 Sep 22 2013 10:13:12 +00:00 cat3k_caa-infra.SPA.03.02.02.SE.pkg
69702 -rwx 30403764 Sep 22 2013 10:13:12 +00:00 cat3k_caa-iosd-universalk9.SPA.150-1.EX2.pkg
69703 -rwx 16079584 Sep 22 2013 10:13:12 +00:00 cat3k_caa-platform.SPA.03.02.02.SE.pkg
69704 -rwx 64580300 Sep 22 2013 10:13:13 +00:00 cat3k_caa-wcm.SPA.10.0.111.0.pkg
1621966848 bytes total (1123991552 bytes free)
Step 1a copy the software to the 3850 using USB
The image for the 3850 is very big 250Mb+ so copying via TFTP can take a while, a much better solution is to use a USB stick.
The process is very simple and much easier than using tftp. All you need is a USB stick that is recognised by the switch and a console connection.
I use a Kingston 16GB stick – http://www.amazon.co.uk/Kingston-Drive-Premium-Metal-Casing/dp/B005SP91UW
Copy the image file into the root of drive and insert the USB drive into the USB slot on the front of the 3850.
From the Command line verify that the switch can recognise the file system.
dir usbflash0:
Cisco Switch Reload Command
This should list all the files on your USB
You now need to copy the image from the USB to the Flash of the switch.
copy usbflash0:cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EX3.bin flash:
Now proceed to the software install in Step 2
Step 2 start the install
3850-SW1#software install file flash:cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EX3.bin switch 1-2
Please note the switch 1-2 command at the end will install the image onto switch 1 and 2 in your stack, so if you are running a stack of 8 switches you need to enter switch 1-8
This step will unpack the .bin file and install the software, after the software has installed you will be promted to reboot, the switch will reload and you can then verify you are running the new IOS
3850-SW1#sh ver i INSTALL
* 1 32 WS-C3850-24T 03.03.01SE cat3k_caa-universalk9 INSTALL
2 32 WS-C3850-24T 03.03.01SE cat3k_caa-universalk9 INSTALL
Cisco 3850 Reload Slot Command Linux
How do I update my Cisco 9300 switch stack?
Check my other post on how to upgrade a Nexus 9k here – https://www.rogerperkin.co.uk/cisco/software-upgrade-guides/nexus-9000-software-upgrade/
Can I upgrade my Cisco 3850 with USB?
Cisco 3850 Reload Slot Commands
Yes you can, the upgrade procedure detailed above covers both USB method and FTP method. I personally prefer USB method if I am on site with the equipment.
If you are interested in Network Automation check out my pages onAnsible & Python
For a more detailed guide to this process please check this Cisco Doc – here
Official Cisco Documentation