Identifying free ports on Cisco Switches

Posted on 2010-04-08
Medium Priority
Last Modified: 2012-05-09
I want to tell what ports are available on a Cisco switch... would it be safe to use "show interfaces counters" if the switch has been up for a long time and use the ports that show 0-1000 packets/bytes of throughput?  Most of the ports are in the billions+  and several are at 0.. but there are some at 1000 and I was "guessing/assuming" that those ports are just noise?

Or is there a better way to identify free ports so we can tell what is/isn't used rather than just looking at plugged in cables that never have been removed?

A friend just suggested "show int summary" and to go by the asterisks THEN by the counters...
Anyone have any better ideas or is that a pretty thorough way to handle it?

Thank you in advance!

Question by:och1
LVL 33

Expert Comment

by:Todd Gerbert
ID: 30132643
sh int | include line proto
"show interfaces" should tell you if the line protocol is up or down (i.e. connected or not), "| include line proto" just filters the results.

Expert Comment

ID: 30132876
show int status | include notconnect


show interfaces summary | exclude \*
LVL 23

Accepted Solution

that1guy15 earned 2000 total points
ID: 30132964
"show interfaces status" will show you if a port is connected or not. That will give you if there is a device on the other end. But with this it could mean that the device on the other end is shutdown or the cable is unplugged. So not 100%

Use this to see which ports are active then use "sh int counters" on the disconnected or downed ports to see if there is any recent traffic on those ports.
Managed Security Services Webinar - March 15

Selecting the right managed security services platform to grow your business can be a huge undertaking. Join WatchGuard and Frost & Sullivan in an upcoming webinar as we dive into the key elements of selecting a vendor platform and partnership to fuel a successful MSSP business.


Author Comment

ID: 30133095
That command will tell me if the port is up RIGHT NOW... but it doesn't help me with a "historical perspective" what if that is a port of someone in accounting that is on vacation or out of the office this week?
I need something that provides a little more "guarantee"....  (I have 40+ switches and 700-ish users/nodes across 13+ locations) and want to find out if we really need more hardware or just need to better utilize the ports that "we don't know we have")
We are definitely not a big network (just spreadt out), and as such, we have to be really careful with expenditures (and save the money for important things like my Experts-exchange membership!!!) :)

Author Comment

ID: 30133147
thank you guys, it took me long enough to respond to the first comment I hadn't read the rest of them yet!

Author Closing Comment

ID: 31712459
I choose this as the "complete" solution because:
After doing the other solution(s) like the one containing "exclude \*" and comparing the results on a "port per port" basis the "exclude \*" solution misleads you in to thinking all of those ports have not been in use for quite awhile.. until you run "show int counters" and compare all the in/out packets and realize that something has recently talked on that port.
Thank you all for your insight.. each of you (even the answers I DIDN"T pick) have shared knowledge with me that I didn't previously have.


Expert Comment

ID: 30134909
How about: show int summary | include       0     0    0     0     0    0     0    0    0
using however many zero's you have on your counter line.

You can use rlogin app from RANCID package (http://www.shrubbery.net/rancid/) to automatically grab the output and dump to text file if your familiar with Linux.

Featured Post

Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question