There are a number of things that I put into my standard router/switch builds, and I thought I’d share them here. If you have any to add, please do!
service timestamps debug datetime msec localtime show-timezone year service timestamps log datetime msec localtime show-timezone year service password-encryption clock timezone GMT 0 clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 2:00 no ip domain lookup no ip ospf name-lookup line con 0 exec-timeout 10 0 logging synchronous line vty 0 4 exec-timeout 5 0 logging synchronous
So what does the above exactly do? Let’s break them down one at a time.
service timestamps debug datetime msec localtime show-timezone year service timestamps log datetime msec localtime show-timezone year
This tells the router to include the correct timezone, date, year in the log file, down to the very millisecond. Very handy when troubleshooting.
service password-encryption
A no-brainer really. Encrypt your passwords in the config.
clock timezone GMT 0 clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 2:00
You’ll need to change this to suit your timezone. This correctly tells my devices what timezone they are in, and when to change their clocks. You’ll never need to add or subtract an hour again!
no ip domain lookup
Ever mistyped a command only for the router to try and resolve it for what seems like 5 minutes? This command disables lookups for your mistyped commands.
no ip ospf name-lookup
If you run OSPF and do a show ip ospf neighbor, you’ll notice it sometimes takes forever. Why? What’s happening is that IOS is trying to resolve the neighbor ID’s to a hostname through RDNS. I always want it to be quick, and I also want to know my neighbor ID’s by the ID. This command disables that RDNS lookup.
line con 0 exec-timeout 30 0 logging synchronous line vty 0 4 exec-timeout 5 0 logging synchronous
If I’m consoled onto the device, I don’t want to have to keep logging into it because of a timeout. I set this to 30 minutes to ensure this doesn’t happen. You could set this to 0 0 but be careful, this will cause it to NEVER log out (unless the device reboots or something) – This means you could console in, make some changes, come back in 3 months and reconnect that console cable in. You’ll still be connected!
Logging synchronous prevents IOS from logging on the same line you’re currently typing in.
Comments