IOS CLI Speed Tips

14 January 2013 by 15 Comments

While studying for the CCIE, one point I hear all the time is the importance of being fast. With the new Troubleshooting section, speed is more important now than ever. With that in mind, I have compiled a small list of tips and methods to help you be as efficient with the IOS CLI as possible. Please add tips I may have forgotten below!

Let’s start out with keyboard combinations.

  • Ctrl+T: Swap the current character with the one before it
  • Ctrl+K: Erase all characters from the current cursor position to the end of the line
  • Ctrl+X: Erase all characters from the current cursor position to the beginning of the line
  • Ctrl+C: Exit configuration mode
  • Ctrl+A: Moves the cursor to the beginning of the current line
  • Ctrl+E: Moves the cursor to the end of the current line
  • Ctrl+U: Erases a line
  • Ctrl+W: Erases a word
  • Ctrl+Z: Exits configuration mode, returning you to privileged EXEC mode
  • Ctrl+Shift+6+x: Cancels the current command/process. A great way to cancel a failing command like a traceroute.
  • q: Rather than hitting the spacebar multiple times in order to get to the end of multiple pages of output, this will cut the output of a show command off at the cursor and return to the command input prompt.

The Pipe “|”  can be used to redirect output from a standard out to standard in of a second command. In order to read the output of the command “show run” use “show run | SECOND_COMMAND_HERE”

Next, how about some output redirection and tweaking? Many times, show commands will output more information than needed. Using several different methods it is possible to limit that output to exactly what you want and remove the unneeded output. I will use the sample output of “show version” as an example.

Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(22)T, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Thu 09-Oct-08 20:48 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)

ROUTER uptime is 6 days, 22 hours, 18 minutes
System returned to ROM by bus error at PC 0x616BF164, address 0xFF00823C at 20:23:03 EST Fri Dec 28 2012
System image file is “flash:c1841-adventerprisek9-mz.124-22.T.bin”
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

Cisco 1841 (revision 7.0) with 356352K/36864K bytes of memory.
Processor board ID FTX1224Y0ER
2 FastEthernet interfaces
1 Serial interface
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
125440K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0×2102

Include: Often shortened to just “i”, this is similar to the UNIX “grep” command. “Include” will search the output of a command for the string specified. All lines which include the specified string will be returned. The include command is case sensitive.

show version | include interface
2 FastEthernet interfaces
1 Serial interface

Exclude: Pretty self explanatory, “exclude” will output all of a show command, excluding lines which contain the string specified following “exclude.”

Logical “or” pipe: Using a pipe “|” between 2 strings without a space, you can create an “or” statement and match multiple strings at once. If you wanted to find both the DRAM and NVRAM of the above output in one command:

show version | include NVRAM|DRAM
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.

This is not an “and or” statement, just “or.” Thanks to Martin van den Broek for alerting me to my mistake.

Begin: Often shortened to “b”, this command outputs the first line which includes the string, plus all lines following.

show version | begin interface
2 FastEthernet interfaces
1 Serial interface
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
125440K bytes of ATA CompactFlash (Read/Write)
Configuration register is 0x2102

Section: The section command is one of my favorites. While it is not supported on all Cisco devices, routers running 12.4(T) and above should support it. The IOS indents the configuration of certain items such as VLANs, interfaces, etc. For example, the interface has settings like IP address, speed and encapsulation indented directly after the interface line. All of the items tabbed under the interface line is considered part of the interface “section.”  This will include the output of the “show run” command and limit it to just the section specified. For example:

show run | section line vty 0 4
line vty 0 4
privilege level 15
logging synchronous
transport input ssh

Alias: The IOS allows you to create a shortcut to a command by creating an alias for longer commands. I will not go into the details of how to do so, because Ian Castleman has already posted an excellent article about how to do so here.

Regular Expressions: Again, fellow Packet Pushers community members have posted exceptional articles about this topic. Ethan Banks’ article can be found here, and Jason Ashworth’s can be found here.

Saving command output to file(s): Say you want to save the output of “show run” to a file on the flash of the router. Similar to “>” redirect option in UNIX/Windows CLIs, the “redirect” command works wonders. The first option is the file location such as NVRAM, flash, TFTP, etc. The second is the name of the file. The following saves “show run” to a text file named “backup.txt” on the flash of the router.

show run | redirect flash:backup.txt

Append: The same idea as the “redirect” command, “append” will append or add the output of a show command to the bottom of an existing file: the same concept as “>>” in the UNIX/Windows CLI. To add the output of the “show ip interface brief” to the backup.txt file created above, one would use the following:

show ip interface brief | append flash:backup.txt

Do: Odds are you already know this one, but I will include it just in case. When in either global or sub-configuration mode, privilege mode commands are not supported and will cause an “invalid input detected” error. However, by using “do” prior to a command when in global/sub-configuration mode, you can run a privilege level command from any higher mode. This is an excellent method to use show commands without having to exit out of global config mode. Just a quick note – this command is neither required nor supported on the ASA or NX-OS. All privilege commands can be used from global/sub-configuration modes in the ASA and NX-OS. (Thanks to Marvin Rhoads for informing me about the NX-OS)

End: Again, most of you probably already know this one. The end command will take you from a sub-configuration mode such as interface configuration back to privileged exec mode. This will save you from having to use the “exit” command multiple times.

Well, what did I miss? I am always looking for more tools to help speed up my CLI usage.

Filed Under: Blogs, Certification, Network Management Tagged With: , ,
About Alex Clark

Alex Clark is a 21 year old college student from Ohio who was lucky enough to discover what he loves early on in life: Networking, Cisco, Linux and other nerdy activities. He works as a network engineer/analysts and is working towards his next certification whenever there is free time. He has earned his CCNP, CCNA: Security, CCNA: Wireless, CCDA and CCNA. He is actively working on the CCIE R& S and hopes to sit the lab before 2014. In the more immediate future, he is finishing his CCDP.

  • Techkid

    Very nice article. I have to say that Im very impressed to see what all certifications you have accomplished at age 20

  • Infinite Monkey

    Be careful with Ctrl+Z in some of the Cisco operating systems. If you have text on the line it may be submitted before moving back to priv mode.

    For instance:

    3750-lab(config)#hostname bacon^Z
    bacon#

    • http://twitter.com/BobMcCouch Bob McCouch

      Correct, Ctrl+Z is dangerous if anything is actually input. Ctrl+C will quit from config mode *without* executing the line.

  • Martin van den Broek

    Great post, I liked the keyboard combos in particular.

    With regards to the AND OR issue. Your logical “AND OR” pipe is really only an “OR” pipe. I will return lines with either NVRAM or DRAM. It will not exclusively return lineS with both on the same line; for that you will have to issue the following.

    show version | include DRAM.*NVRAM|DRAM.*NVRAM

    This of course will return nothing because there is no line in the “show version” output that contains both in one line, but I hope it will explain the difference between OR and AND.

    • Alex__Clark

      My mistake, you are correct. Thank you for clearing that up!

  • mmi

    At a –MORE– prompt, you can search forward. Just press /, followed by the (regex) search expression. Handy when you accidentially started a long unfiltered, paginated output and want to move quickly to somewhere further down.

    • mmi

      Almost forgot to mention one of my favorites, CTRL-R. For all those devices that are not yours and therefore lack logging synchronous ;)

  • Martin van den Broek

    @mmi

    And only a / will skip you to the next instance of the previously entered search while in –MORE– mode. E.g. “show runn | b router ospf” will stop at the first occurrence of a line containing “router ospf”. Pressing just / right now will stop at the second occurrence of a line containing “router ospf”.

    • mmi

      Nice, didnt know that. Looks like its possible to filter with + and -, too, instead of jumping to the next result.

  • MarvinRhoads

    The “do” prepend also isn’t required when in configuration mode on NX-OS.

    • Alex__Clark

      Thank you for the addition! I added that to the article.

  • http://twitter.com/markmeulemans Mark Meulemans

    CTRL+N is the equivalent of CTRL+A & CTRL+K combined, AKA, it wipes the entire line. If you’re using screen when consoled into a device (ie, from a Mac or Linux) CTRL+A is used within screen so it can mess you up sometimes.

  • Will Hogan

    The most important command used in data center networking. Terminal Color. I laughed so hard when I saw that.

  • http://umairhoodbhoy.net/ Umair Hoodbhoy

    Nicely written. I’m interested in learning more about how you and your peers in college establish yourselves as professional network engineers in the workforce. There is a very high barrier of entry for college students in network engineering unlike there is for software or hardware engineering. All the best!

  • MattGou

    Thanks for the compilation of commands!! Another one I just learned is entering ‘terminal length 0′. Any show commands you enter after entering that will not pause when the output is more information than a single screen. For example, after entering that command, type ‘show run’ and watch the full output dump onto your screen. Saves a lot of space-bar pressing when you want to review the full output.

    switch#term len 0

    switch#show run