设备健康状态检查
show version # 查看IOS版本、运行时长、硬件型号、内存大小
show version | include register # 快速查看16进制特征码,判断是否发生过系统崩溃
show processes cpu sorted # CPU占用率TOP排名(5秒/1分钟/5分钟区间)
show processes cpu history # CPU历史使用曲线(可视化神器)
show processes memory sorted # 内存占用TOP排名
show environment all # 电源、风扇、温度状态(ASR9K、N9K必查项)
show logging # 系统日志查询(重点关注%SYS、%PLATFORM错误)
show platform # 硬件组件状态(检测模块离线、硬件故障)
show redundancy # 双主控冗余状态(ASR1K、C9500、C9300核心检查)
show ip device tracking all count # IP设备跟踪表项数量(预防ARP泛洪攻击)
接口状态诊断
show interfaces # 完整接口信息(数据量大需过滤)
show ip interface brief # 核心命令!接口IP与状态一览
show interfaces status # 交换机端口状态(连接状态、双工模式、VLAN)
show interfaces counters errors # 错误计数器(输入错误/CRC/帧异常)
show interfaces | include line protocol|CRC|input error|rate # 快速筛选异常接口
show interfaces transceiver detail # 光模块详细信息(温度、电压、光功率)
show interfaces link # N9K专属命令,查看光模块链路历史状态
show interfaces ethernet x/y switchport # 查看端口模式(接入/中继)、Native VLAN
show interfaces trunk # 所有Trunk端口、允许VLAN列表、Native VLAN
接口故障排查时,首先通过show ip int brief定位状态异常接口,再使用show int x/x深入分析物理层(CRC错误、输入错误)或协议层(链路协议down)问题。这些网络系统命令是日常运维的基础工具。
路由表与路由协议
show ip route summary # 路由表总览(快速获取路由条目数量)
show ip route | include B|O|E # 筛选BGP/OSPF/EIGRP路由
show ip route vrf * # 所有VRF路由表查看
show ip bgp summary # BGP邻居状态检查(首要命令)
show ip bgp vpnv4 all summary # MPLS VPN邻居状态
show bgp ipv4 unicast summary # 新版语法(IOS-XE 16+)
show ip bgp neighbors x.x.x.x advertised-routes # 查看发送的路由信息
show ip bgp neighbors x.x.x.x received-routes # 查看接收路由(需开启软重配)
show ip bgp x.x.x.x # 查看特定前缀在BGP表中的详细信息
show ip ospf neighbor # OSPF邻居状态(重点关注Dead Time和状态)
show ip ospf interface brief # OSPF接口成本、区域类型
show ip ospf database router x.x.x.x # 查看自身LSA信息
show ip eigrp topology x.x.x.x/32 # EIGRP特定前缀的后续路径
show ip cef x.x.x.x detail # CEF转发表详情(排障关键环节)
路由排障标准化流程:
- ping测试失败时,先执行
show ip route x.x.x.x检查路由存在性
- 接着使用
show ip cef x.x.x.x验证CEF转发表
- 最后通过
traceroute确认实际转发路径
这套路由协议排查组合能快速定位路由学习或数据转发问题。
交换与二层网络
show vlan brief # VLAN状态与端口分配
show spanning-tree detail # STP根桥、端口角色、BPDU计数器
show spanning-tree vlan x blockedports # 快速查看阻塞端口
show etherchannel summary # 端口通道聚合状态(直观显示)
show mac address-table vlan x # 指定VLAN的MAC地址表
show mac address-table count vlan x # MAC表条目统计(防MAC泛洪)
show arp | include x.x.x.x # ARP表项查询
show ip dhcp snooping binding # DHCP Snooping绑定表
show port-security interface x # 端口安全违规计数
QoS策略监控
show policy-map interface x/x # 关键命令!查看每类流量丢包与队列状态
show queueing interface x/x # 传统设备队列状态查看
show platform hardware qos interface x/x # Nexus硬件队列统计
ACL与安全策略
show access-lists # ACL规则内容查看
show ip access-list interface x/x # 接口应用的ACL规则
show access-lists | include 10.1.1.1 # 快速查看命中计数
show logging | include DENY # ACL拒绝日志筛选
组播网络诊断
show ip pim neighbor
show ip pim rp mapping
show ip mroute
show ip igmp groups
show ip mfib # 硬件组播转发表(关键指标)
MPLS与L3VPN专项
show mpls ldp neighbor
show mpls forwarding-table
show ip bgp vpnv4 all labels
show mpls ldp discovery detail
show vrf detail
show ip vrf interfaces
流量监控与NetFlow
show ip flow top-talkers # 传统版本流量TOP统计
show ip flow export
show flow monitor x statistics # 灵活NetFlow统计
Nexus(NX-OS)专属命令
show queuing interface eth x/y # 队列丢包统计(实用功能)
show hardware internal errors # 硬件错误计数器
show forwarding adjacency # 邻接表查看
show system internal pktmgr stats # 检查CPU punt包统计
show logging logfile | include DROP # 硬件丢包日志
高效排障脚本集
! 别名配置(全局配置模式)
alias exec bgpsum show ip bgp summary vrf all
alias exec routsum show ip route summary | exclude 0.0.0.0
alias exec cefdrop show cef drops
alias exec intsum show ip interface brief
alias exec errlog show logging | include ERR|CRIT|DROP|FAIL
alias exec health show version | include image|uptime ; show processes cpu sorted | exclude 0.00 ; show processes memory sorted ; show environment all ; show logging | include ERR
Show命令使用精髓
- 遵循从宏观到微观的原则(summary → detail)
- 按软件表到硬件表的顺序检查(RIB → FIB → Adjacency)
- 先查看计数器再分析日志(show interface counters → show log)
- 善用管道过滤命令 | include/section,提升90%操作效率
- Nexus设备优先使用 show hardware/internal 系列命令,获取真实硬件数据
掌握这些运维实践能显著提升网络故障定位速度。
发表于 2025-11-27 02:22:28
|
查看: 16|
回复: 0
