Cisco Command 'Show Interface' Breakdown

The "show interface" command is a common command used on Cisco devices and other networking equipment to display detailed information about the status and configuration of network interfaces.

When executed, the command typically provides information on the following aspects of each interface:

  • Interface status (up/down)
  • Line protocol status (up/down)
  • Hardware type
  • MAC address
  • MTU (Maximum Transmission Unit)
  • Bandwidth
  • Duplex mode (Full/Half)
  • Input/Output traffic rates
  • Input/Output error statistics (CRC errors, runts, giants, etc.)
  • Input/Output queue information
  • Reliability and load values
  • Encapsulation type
  • ARP configuration details
  • Other interface-specific settings and statistics

Interface Status

Up/Up: The interface is both administratively up (enabled) and operationally up (able to pass traffic).

Up/Down: The interface is administratively up (enabled) but operationally down (not able to pass traffic). This might happen due to cable issues, device misconfiguration, or the remote end being down.

Down/Down: The interface is both administratively down (disabled) and operationally down (not able to pass traffic). This means the interface has been intentionally shut down.

Administratively down: The interface has been manually disabled by an administrator using the "shutdown" command.

Err-disabled: The interface has been automatically disabled due to certain conditions such as port-security violations or BPDU guard violations.

Testing: The interface is in a testing state, typically used for diagnostic purposes.


Hardware and MAC Address

Hardware: This field indicates the specific hardware type of the interface. Cisco devices have various interface types, such as Ethernet, FastEthernet, GigabitEthernet, Serial, etc.

For example, "Gt96k FE" refers to a Fast Ethernet interface on a Gt96k hardware platform.

MAC Address: The MAC address is a unique identifier assigned to each network interface card (NIC) in a device. It consists of 6 pairs of hexadecimal characters (e.g., c201.1d00.0000) and is burned into the NIC during manufacturing.

The MAC address is used to uniquely identify devices on a local network (LAN). It is essential for data link layer communication as it helps in forwarding frames to the correct destination within a LAN.


Interface Properties

MTU (Maximum Transmission Unit): This represents the maximum size of data packets that can be transmitted over the interface without fragmentation.

Bandwidth: Indicates the bandwidth capacity of the interface, usually measured in bits per second (bps) or kilobits per second (Kbps).

Propagation Delay: The time it takes for a signal to travel from the sender to the receiver on the interface. This is a measure of the physical distance and delay in the medium.

Reliability: A measure of the interface's stability and reliability, often represented as a fraction or percentage.

Duplex: Specifies the communication mode of the interface, either half-duplex (HDx) or full-duplex (FDx). In half-duplex, the interface can either send or receive data, but not simultaneously, while in full-duplex, it can send and receive data simultaneously.

Speed: The speed at which the interface can transmit and receive data, often represented in megabits per second (Mbps) or gigabits per second (Gbps).

Encapsulation: Refers to the data link layer protocol used on the interface, such as ARPA (Ethernet version 2), PPP, HDLC, or frame-relay.

Keepalive: The time interval at which the router sends keepalive packets to check for end-to-end connectivity.


Reliability and Load

Reliability: Reliability is a measure of how dependable and error-free the interface is in transmitting and receiving data.

It is represented as a ratio or percentage, typically with two values separated by a slash (e.g., 255/255). The first value indicates the number of successfully transmitted packets, and the second value represents the total number of packets sent.

  • A reliability of 255/255 indicates that all transmitted packets have been successfully received, indicating a highly reliable interface.
  • A reliability of 0/255 suggests that none of the transmitted packets have been successfully received, indicating a very unreliable interface.
  • A high reliability value generally indicates a healthy and stable network connection, while a low value could suggest issues with connectivity or transmission errors.

Load: Load refers to the amount of traffic or utilisation on the network interface. It is represented as a ratio or percentage, similar to reliability. The load values are also two values separated by a slash (e.g., 1/255).

  • The first value represents the current load on the interface (e.g., 1), while the second value represents the maximum possible load (e.g., 255).
  • A load of 1/255 indicates a minimal utilisation of the interface.
  • A load of 255/255 indicates the interface is operating at its maximum capacity.
  • The load values help network administrators assess how heavily the interface is being used. A high load value could indicate congestion or network traffic, while a low load value suggests the interface is lightly utilised.

Traffic Statistics

Packets Input: The total number of packets received by the interface since the last time the counters were cleared.

Bytes Input: The total number of bytes received by the interface since the last time the counters were cleared.

Received Broadcasts: The number of broadcast packets received by the interface.

Packets Output: The total number of packets transmitted by the interface since the last time the counters were cleared.

Bytes Output: The total number of bytes transmitted by the interface since the last time the counters were cleared.

Input Queue: This shows the number of packets in the input queue and its maximum size. It also provides information about any drops or flushes that have occurred in the input queue.

Output Queue: This shows the number of packets in the output queue and its maximum size.

Minute Input Rate: The average rate at which packets are received in bits per second (bps) and packets per second (pps) over the last minute.

Minute Output Rate: The average rate at which packets are transmitted in bits per second (bps) and packets per second (pps) over the last minute.


Packet Details

The Packet Details section typically includes information about the following:

Runts: This refers to Ethernet frames that are smaller than the minimum allowed frame size (64 bytes). Runts can be a sign of transmission issues or collisions.

Giants: These are Ethernet frames that exceed the maximum allowed frame size (usually 1518 bytes for standard Ethernet). Giants can indicate issues with the frame size configuration or errors in transmission.

Throttles: Throttles occur when the interface is unable to buffer incoming packets due to high traffic load. This can lead to packet loss.

Input Errors: This counter increases when the interface receives a frame with any kind of error, such as runts, giants, CRC errors, or other issues.

CRC Errors: The number of packets received with CRC (Cyclic Redundancy Check) errors. CRC errors usually indicate problems with the integrity of the data during transmission.

CRC errors can occur due to various reasons, such as:

  1. Electromagnetic Interference: External electromagnetic interference can cause data corruption during transmission.
  2. Signal Attenuation: Weakened signals over long distances can lead to errors in the transmitted data.
  3. Cabling Issues: Damaged or poorly terminated cables can result in corrupted data.
  4. Network Interface Card (NIC) Problems: Malfunctioning or misconfigured NICs can introduce errors.
  5. Congestion: High network traffic or congestion can increase the likelihood of errors.
  6. Collisions: In shared Ethernet networks, collisions can lead to CRC errors.

Frame Errors: This represents the number of packets received with CRC errors and non-integer octets. Frame errors can occur due to various issues, including problems with cabling or network cards.

Overruns: Overruns occur when the interface is unable to receive traffic in its hardware buffer because the input rate exceeds the interface's capacity to process the data.

Ignored: The number of packets that the interface ignored due to low internal buffer space. This can happen during periods of high traffic or congestion.

Watchdog Expirations: This happens when the interface receives a packet that is larger than the maximum allowed size (usually 2048 bytes). Watchdog expirations can indicate potential issues with packet fragmentation or misconfiguration.

Input Packets with Dribble Condition Detected: Dribble frames are frames that are slightly longer than the standard frame size. The interface may still accept these frames, but they can be an indicator of potential issues.

Output Errors: Similar to input errors, output errors occur when anything goes wrong with the transmission of a packet.

Output errors can occur due to various reasons, including:

  1. CRC Errors: Similar to input errors, CRC errors can also occur during transmission when the cyclic redundancy check (CRC) value calculated on the outgoing data packet does not match the expected value. This indicates possible data corruption during transmission.
  2. Collisions: Collisions happen in half-duplex Ethernet networks when multiple devices attempt to transmit data simultaneously, resulting in data packet collisions. In modern full-duplex Ethernet networks, collisions are less likely to occur.
  3. Late Collisions: Late collisions occur after a specific time window during the data transmission. They are typically caused by cable issues or excessive cable lengths.
  4. Output Underruns: Output underruns occur when the interface's output buffer runs out of data to transmit before the transmission process completes. This can happen if the interface cannot send data as fast as it is being received.
  5. Throttles: Throttles occur when the interface is unable to buffer the incoming packets due to high traffic load. This can lead to packet drops and output errors.
  6. Output Ignored: Output ignored packets are those that are intended to be transmitted but are ignored by the interface due to insufficient resources or other factors.

Output Drops: Output drops occur when the output queue is full or reaches its maximum capacity, and new data packets cannot be accommodated for transmission.

Output drops can be caused by various factors, including:

  1. Congestion: High network traffic or congestion on the outbound interface can lead to the output queue filling up quickly, resulting in dropped packets.
  2. High Data Rate: If the data rate at which data is being received for transmission is higher than the rate at which the interface can transmit, output drops may occur.
  3. QoS (Quality of Service) Configurations: If Quality of Service policies are implemented and configured on the interface, certain packets may be given priority, causing other packets to be dropped when the queue is full.
  4. Buffer Overflows: When the output buffer of the interface is overwhelmed with data, it may result in output drops.