If you are a network administrator, then you probably know that on many switches typing the command ‘show run’ will display the running switch configuration and typing the command ‘show vlan’ will display the currently configured VLANs on the switch. If you are a system administrator, I would compare the ‘show run’ command to running ‘dmesg’ and the ‘show vlan’ command to running ‘ls’.
Why do I bring this up? Before answering, let me ask you a question: would you schedule a maintenance window to run these commands?
My answer to the question is no. The reason for this is two-fold. First, the commands listed above do not require escalated priviledges to run. This means that any user who has permission to log onto the system can run the commands. Second, the commands listed above do not change, and thus should not impact, the equipment in any way.
I would now like to direct your attention to the following Cisco caveat: CSCtb94329, which is listed below.
Symptom: Running the show vlan or the show vlan id vlan number cli causes the vlan-mgr to crash and the switch to reset. This may occur if the interfaces are down (due to admin-shut or link failure) in a way that there are several discontinuities within a range of interfaces.
Who would have thought such a simple command could have such a large impact?
For those interested, this issue is seen in NX-OS Release 4.1(3)N1(1) and has been fixed in NX-OS Release 4.1(3)N1(1a).
© 2010, Steve Flanders. All rights reserved.