Cisco IOS switch commands

#hardcode speed and duplex for key ports (maybe to routers, servers):
interface INTERFACE
 duplex full|half|auto
 speed 10|100|auto
 description  Whatever You Want To Say        #sh int desc

#configure switch's IP address for telnetting to it, pinging it:
interface vlan 1
  ip address IP.ADD.RESS SUB.NET.MASK
  no shutdown        #administratively down by default

#if want access to/from internetwork (telnet or ping):
ip default-gateway IP.ADD.RESS        #in global config mode


#port security.  allow only specified MAC to use port:
#in interface config mode:
switchport mode access
switchport port-security
switchport port-security mac-address ABCD.1234.9876

show port-security interface INTERFACE


#VLAN creation and port assignment to a vlan:
vlan N           #in global config.  create VLAN n
name NAME        #optionally give it a name in (config-vlan) mode
#in interface config mode of port:
switchport access vlan N    #assign the port to VLAN n
switchport mode access      #optional security  so port is access, not trunk

interface range fa0/1 - 20    #range of interfaces
(config-int-range)# switchport access vlan 50
(config-int-range)# switchport mode access


#what trunking:
sh int trunk
sh int INT switchport       #modes: trunking, what encapsualtion
#interface config mode:  default is dynamic desirable, but is bad, so hardwire it.
##? not in PT: switchport trunk encapsulation dot1q   #optional if switch has other encapsulations
switchport mode trunk       #frames tagged w/4B Vlan # header


#VTP   Vlan info replication protocol
show vtp status

vtp domain NAME    #global config mode. will be adopted by other switches.
vtp mode server|client|transparent   #default is server


#STP.  set this switch as Root bridge:
(config)# spanning-tree vlan N root primary
OR:
(config)# spanning-tree vlan N priority NUM

show spanning-tree          #STP info.  which port(s) blocked.
                            #Note that a port can be Up and Up but BLKed!
(config-if)# spanning-tree portfast      #only on an access port

PVST: per-Vlan spanning tree: load-balancing
RSTP:
(config)# spanning-tree mode rapid-pvst      on all switches

*******************************
Factory-reset of unknown-passworded 3750 switch:
powerup holding Mode button 15-30 sec.
flash_init
dir flash:      see that config.text and vlan.dat are there
del or rename    flash:config.text   and   flash:vlan.dat
boot