If you are new to Cisco or just want to improve your skills I recommend this course from Udemy at the time of writing for just $20 for lifetime access! I’m also a really big fan of Pluralsight
Have you ever looked at a comms cabinet run of Cisco switches only to find that ever interface is patched, some of them have no link lights and you don’t know which ones can be unpatched. The below steps are my method finding which interfaces have not been used in a long time. There are plenty of tools and network monitoring solutions that could be used, the below is the native IOS method.
If you run show interface against an interface the output includes details on the last time the interface received or sent data. In the case of the below screenshot 7 weeks.
But if manually checking interface after interface does not sound fun then the below regex after the show interface command will return a list of all interfaces that haven’t been used in the last 6+ weeks or have never been used.
show int | i proto.*notconnect|proto.*administratively down|Last in.* [6-9]w|Last in.*[0-9][0-9]w|[0-9]y|disabled|Last input never, output never, output hang never
The command will give an output similar to the below;
I generally run this command and then do a show interface to check the detail and description to make sure I haven’t missed anything before un-patching the interface.
Unfortunately this command does not work 100% properly. It showed me a port which is only unused since 2 weeks.
GigabitEthernet1/0/25 is down, line protocol is down (notconnect)
Hardware is Gigabit Ethernet, address is 580a.20dd.8c99 (bia 580a.20dd.8c99)
MTU 1500 bytes, BW 10000 Kbit/sec, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 2w0d, output 2w0d, output hang never
Last clearing of “show interface” counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
31066381 packets input, 8796519066 bytes, 0 no buffer
Received 620213 broadcasts (348900 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 348900 multicast, 0 pause input
0 input packets with dribble condition detected
63243708 packets output, 43477234713 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
1663 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
Do you know why this happens and can this be fixed?