Clearing Configuration Inforamtion
You can clear the configruation infromation from the startup configruation. If you reboot the switch with no startup configuration, the switch enters the setup program so that you can reconfigure the switch with all new settings.
Clearing the Startup Configuration File
To clear the contents of your statup configurtaion.use the erase nvram: or erase statup-config privileged EXEC command.
Deleting a Stored Configruation File
To delete a saved configuration from flash memeory,use the delete flash: filename privileged EXEC command. Depending on the setting of the file prompt global configuration command. you might be prompted for configuration before you delete a file.By default, the switch prompts for configuration on destructive file operations. For more iformation about the file prompt command.see the cisco ios command reference for release 12.2
switch# erase startup-config
switch# erase nvram
switch# delete vlan.dat
switch(config)#service password-encryption
(optional) Encrypt the password when the password is defined or when the configuration is written.
Encryption prevents the password from being readable in the configuration file.
switch(config)#enable secret
switch(config)#eanble password
switch(config)# username name [privilege level] {password encryption-type password}
Enter the username, privilege level, and passowrd for each user.
For name, specify the user ID as one word, Spaces and quotation marks are not allowed.
(optional) For level, specify the privilege level the suer has after gaining access.The range is 0 to 15.Level 15 give privileged EXEC mode access.Level 1 gives user EXEC mode access.
For encryption-type ,enter 0 to specify that an unencrypted password will follow, Enter 7 to specify that a hidden password will follow.
For password,specify the password the user must enter to gain access to the switch.The password must be from 1 to 25 characters,can contain embeded spaces,and must be the last option specified in the username command.
switch(config)# ip routing
switch(config)# ip subnet-zero
system mtu routing bytes
(optional) Change the system MTU for routed prots.The range is 1500 to the system MTU value.the maximum MTU that can be routed for all ports.
Although larger packets can be accepted. they cannot be routed.
no aaa new-model
To disable AAA,use the no aaa new-modul global configure command.To disable AAA authentication, use the no aaa authenication login {default | list-name} method1 [ method2..] global
confgiuration command.To either disable TACACS+ authentication for logins or to return to the default vlaue. use the no login authentication {default |list-name } line configuration command.
switch(cofig)# hostname xxx
switch# configure termianl
switch(config)# interface fasterthernet 0/1
switch(config-if)#no switchport
switch(config-if)#description test
switch(confg-if)#ip add 1.1.1.1 255.255.255.0
switch(config-if)#ip add 2.2.2.2 255.255.255.0 secondary
switch(config-if)# duplex full
switch(config-if)#speed 100
switch(config-if)#no shutdown
switch#conf t
switch(config)#interface fastethernet 0/2
switch(config-if#description test
switch(config-if)#switchport mode access
switch(config-if)#switchport access vlan 123
switch(confgi-if)#speed 100
switch(config-if)#duplex full
switch(config)#interface fastetherent 0/48
switch (config-if)# description test
switch(config-if)# switchport trunk encapsulation dot1q
switch(config-if)# switchport turnk allwoed vlan 1, 2 , 5-8
swtich(config-if)#switchport mode turnk
swtich(config-if)#speed 100
switch(config-if)#duplex full
confgiurate terminal
Enter global configuation mode.
interface interface-id
Specity the port to be configured, and enter interface configuration mode.
swtichport mode trunk
Configure the interface as a VLAN trunk port.
switchport turnk allowed vlan {add| all |except | remov} vlan-list
(optional)configure the list of VLANs allowed on the trunk.
For explanations about using the add,all,except, and remove keywords, see the command reference for this release.
The vlan-list parameter is either a single Vlan number from 1 to 4094 or a range of VLANS described by two VLAN numbers, the lower one first , spearated by a hyphen.Do not enter any spaces between comma-spearated VLAN paratmeters or in hyphen-specified ranges. ALL VLANs
are allowed by default.
end
show interface interface-id swithport
verify your entries in the Trunking VLANs Enabled field of the display.
copy running-config statup-config
(optional) Save your entries in the configuration file.
switch(config)#interface vlan 123
switch(config-if)#description test
switch(config-if)#ip add 1.1.1.1 255.255.255.0
switch(config-if)#ip add 2.2.2.2. 255.255.255.0 secondary
no ip classless
disable classless routing behavior
ip classless routing
switch(config)# router ospf 1
switch(config-router)# network 1.1.1.1 0.0.0.0 area 0
switch#conf t
switch(config)# router sopf process-id
Eanable OSPF routing ,and enter router configuration mode.The process ID is an internally used identification parameter that is locally assigned and can be any positive integer.Each OSPF routing
process has a unique value.
network address wildcard-mask area area-id
Define an interface on which OSPF runs and the area ID for that interface.You can use the wildcard mask as a single command to define one or more interfaces to be associated with a specific OSPF area. The area ID can be decimal value or an IP address.
show ip portocols
verify your entries.
copy running-config statup-config
log-adjacency-change
(optinal) Log change in the djacency state. This is the default state.
redistribute static metric-type 1 subnets
switch#ip route 1.1.1.1 255.255.255.0 1.1.1.2
Configuring Username and password paris
You can configurate username and password paris, which ar locally stored on the switch.These paris are assigned to lines or ports and authenticate enach user before that user can access the switch. If you have defind privilege levels,you can also assign a specific privilege level (with assosciated rights and privilege )to each username and pssword pair.
switch# configure termianl
switch (config)# username test password XXX
swtich(config)#line console 0
switch(config-line)#password xxx
switch(config-line)#login local
switch(config-line)#end
To disable username authentication for a specific user,use the no username name global configuration command,To disable passwrod checking and allow connection without a psssword,user the no login line configuation command.
snmp-server community string [view view-name][ro|rw][access-list-number]
Configrue the community string.
For sting ,specify a string that acts like a pssword and permits access to the SNMP protocol.You can configure one or more communtiry string of any length.
(optional) for view ,specify the view record accessible to the community.
(optional) specify either read-only ro if you want authorized management stations a retrieve MIB objects, By default, the communtiy string permits read-only access to all objects.
(optional)For access-list-number ,enter an ip standard access list numbered form 1 to 99 and 1300 to 1999.
access-list access-list-number {deny | permit} source [source -wildcard]
(optional) if you specifed and IP standard access list number in setp2 ,then create the list ,repeating the command as many times as necessary..
spanning-tree mode {pvst |mst | rapid-pvst}
configuration a spanning-tree mode.All stack members run the same version of spanning-tree.
select pvst to enable pvst+ the default setting.
setlect mst to enable mstp and rstp .
select rapid-pvst to enable rapid pvst+.
no service pad
To enable all packet assembler/disassembler (PAD) commands and connections between PAD devices and access servers, use the service pad global configuration command. Use the no form of this command to not accept incoming and outgoing PAD connections.
service pad [cmns] [from-xot | to-xot]
no service pad [cmns] [from-xot | to-xot]
cmns (Optional) Specifies sending and receiving PAD calls over CMNS.
from-xot (Optional) Accept XOT to PAD connections.
to-xot (Optional) Allow outgoing PAD calls over XOT.
IOS中内建的很多服务我们并不需要,默认时已经关闭。比如service pad ,我们并不需要。
它的历史要追朔到X.25网的年代,由于X.25标准为用户(DTE)和分组交换网路(DCE)之间建立对话和交换数据提供一些共同的规程,这些规程包括数据传输通路的建立、保持和释放,数据传输的差错控制和流量控制,防止网路发生阻塞等等,对于非分组终端,需要用规程转换器,也就是分组拆/装设备(PAD)转换成X.25接口规程,或者由网络设备(如交换机)完成规程转换。
从层次结构的角度来看,PAD功能是在X.25的低三层协议之上所提供的终端控制功能。
在现在的IOS版本中,no service pad 已经成为默认值。
To enable all packet assembler/disassembler (PAD) commands and connections between PAD devices and access servers, use the service pad global configuration command. Use the no form of this command to not accept incoming and outgoing PAD connections.
service pad [cmns] [from-xot | to-xot]
no service pad [cmns] [from-xot | to-xot]
cmns (Optional) Specifies sending and receiving PAD calls over CMNS.
from-xot (Optional) Accept XOT to PAD connections.
to-xot (Optional) Allow outgoing PAD calls over XOT.
IOS中内建的很多服务我们并不需要,默认时已经关闭。比如service pad ,我们并不需要。
它的历史要追朔到X.25网的年代,由于X.25标准为用户(DTE)和分组交换网路(DCE)之间建立对话和交换数据提供一些共同的规程,这些规程包括数据传输通路的建立、保持和释放,数据传输的差错控制和流量控制,防止网路发生阻塞等等,对于非分组终端,需要用规程转换器,也就是分组拆/装设备(PAD)转换成X.25接口规程,或者由网络设备(如交换机)完成规程转换。
从层次结构的角度来看,PAD功能是在X.25的低三层协议之上所提供的终端控制功能。
在现在的IOS版本中,no service pad 已经成为默认值。
蓝色为转载
errdisable recovery interval 30
no file verify auto
vlan internal allocation policy ascending
no file verify auto
vlan internal allocation policy ascending
