🌐 CLI Mastery & Network Fundamentals

Single building or campus. Example: office network, home network. Typically uses switches and WiFi access points.

Connects multiple LANs across cities/countries. Example: internet, corporate networks between offices. Uses routers and ISP connections.

City-wide network. Example: municipal WiFi, campus networks across a city.

Connects devices within the same network segment (LAN). Learns MAC addresses and forwards frames efficiently.

Maintains a MAC address table, learns source addresses, forwards to known destinations, floods unknown destinations.

VLAN support, Spanning Tree Protocol, Port security, Quality of Service (QoS)

Smart post office within a neighborhood - knows every house and delivers mail efficiently within the area.

Connects different networks together. Makes routing decisions based on IP addresses and routing tables.

Examines destination IP, consults routing table, forwards packets to next hop toward destination.

Static/Dynamic routing, NAT, DHCP, Access Control Lists, VPN termination

International postal service - determines best path to deliver mail between different countries/cities.

Provides wireless connectivity to wired network. Converts between wireless (802.11) and wired (Ethernet) protocols.

SSID management, WPA/WPA2 encryption, Band steering, Load balancing

Controls traffic flow based on security rules. Inspects and filters packets based on various criteria.

Stateful inspection, Application filtering, VPN support, Intrusion prevention

Basic monitoring and troubleshooting. Limited access for regular users.

ping, traceroute, telnet, ssh, basic show commands

View running config, change settings, access detailed information

Lowest - safe for non-technical users

Full monitoring capabilities, system maintenance, file operations

All show commands, copy, reload, debug, clear

Modify running configuration (read-only for configs)

High - full visibility, no modification

Device-wide configuration changes

hostname, interface, line, router, vlan, ip route

Entire device settings, global parameters

Maximum - can break network if misconfigured

Configure specific network interfaces/ports

ip address, switchport mode, speed, duplex, shutdown

Single interface only

Configure remote access (SSH, Telnet, Console)

password, login, transport input, exec-timeout

How users connect remotely

Enter Privileged EXEC mode. May prompt for password.
Shortcut: en
Reverse: disable

Enter Global Configuration mode.
Shortcut: conf t
Alternative: config t

Enter Interface Configuration mode.
Examples: int fa0/1, int gi1/0/1, int vlan1

Enter Line Configuration mode.
Examples: line console 0, line vty 0 4

Go back one level in hierarchy.
Use: Step-by-step exit

Jump directly to Privileged EXEC mode.
Shortcut: Ctrl+Z
Use: Quick escape from any config mode

Hardware, software, uptime, memory info
Shortcut: sh ver
Shows: Model, IOS version, uptime, memory, configuration register

Current active configuration
Shortcut: sh run
Note: This is what's currently running (RAM)

Saved configuration that loads at boot
Shortcut: sh start
Note: This is stored in NVRAM

Quick interface status overview
Shortcut: sh ip int br
Shows: Interface, IP, Status, Protocol

Detailed interface statistics
Shortcut: sh int
Shows: Errors, utilization, duplex, speed

Switch MAC address learning table
Shortcut: sh mac address-table
Shows: Learned MAC addresses per port

Directly connected Cisco devices
Shortcut: sh cdp nei
Shows: Neighbor devices, their interfaces, platform

Routing table (routers only)
Shortcut: sh ip route
Shows: All known networks and next hops

Auto-complete commands and parameters
Example: Type sho + Tab = show

Context-sensitive help
Examples: ? (all commands), show ? (show options), interface ? (interface types)

Show available parameters for command
Example: ip address ? shows IP address syntax

Navigate command history
Use: Recall and modify previous commands

Display command history list
Shows: Last 10-20 commands (configurable)

Ctrl+A (beginning), Ctrl+E (end), Ctrl+U (delete line), Ctrl+K (delete to end)

Page through long output
Example: show running-config | more

Show only lines containing specific text
Example: show run | include interface

Start output from first line containing text
Example: show run | begin vlan

Hide lines containing specific text
Example: show int | exclude down

Save current config to permanent storage
Shortcut: copy run start
Critical: Changes are lost without this!

Restart the device
Note: Unsaved changes will be lost

Alternative way to save configuration
Same as: copy run start

Identifies which "neighborhood" (network) the device belongs to

Identifies the specific "house" (device) within that neighborhood

First 24 bits are network, last 8 bits are host
Example: In 192.168.1.100/24, network is 192.168.1.0

First 16 bits are network, last 16 bits are host
Example: In 172.16.5.100/16, network is 172.16.0.0

❌ Making changes without copy run start
✅ Always save important changes immediately

❌ Trying configuration commands in EXEC mode
✅ Always check your prompt - know which mode you're in

❌ Pressing Enter without reading error output
✅ Read and understand every error message

❌ Guessing command syntax
✅ Use ? liberally to learn proper syntax

Professional engineers use sh run, not show running-config

Reduces typos and increases speed significantly

Up arrow and command editing saves massive amounts of time

Learn | include, | exclude, | begin for large configs

Use show run to capture "before" state, save configs with meaningful names