show ip interface brief – Fast Interface Overview & Troubleshooting

1. Purpose and When to Use It

show ip interface brief is the fastest Cisco IOS command for getting a helicopter view of every Layer 3 interface on a router or Layer 3 switch in a single screen. It answers three questions instantly: is the interface physically up, is the protocol running, and what IP address is configured? Engineers run it as the very first step in any connectivity troubleshooting session — before diving into detailed error counters or routing tables.

Confirm which interfaces are fully operational (up/up) versus broken
Spot interfaces that are accidentally shut down (administratively down)
Find interfaces with no IP address assigned (unassigned)
Detect Layer 2/3 protocol failures on physically connected links (up/down)
Quickly triage a device before deciding which follow-up command to run

2. Output Columns Explained

The command always produces the same six-column table. Understanding each column is essential for interpreting the output correctly:

Column	What It Shows	Possible Values & Notes
Interface	The abbreviated name of the interface	e.g., `GigabitEthernet0/0`, `Se0/0/0`, `Loopback0`, `Vlan1`
IP-Address	The IPv4 address configured on the interface	`unassigned` if no IP has been configured; displays the primary address only
OK?	Whether the IP address is valid in the hardware (not a meaningful health indicator in modern IOS)	`YES` in almost all cases; `NO` is rare and indicates an NVRAM issue with the IP assignment
Method	How the IP address was assigned	`manual` — configured with `ip address`; `DHCP` — assigned by a DHCP server; `unset` — no IP configured; `IPCP` — PPP negotiation
Status	Physical (Layer 1) state of the interface	`up` — signal detected; `down` — no signal; `administratively down` — `shutdown` applied in config
Protocol	Data-link (Layer 2) / network-layer (Layer 3) protocol state	`up` — keepalives exchanged, encapsulation matching; `down` — protocol not running

3. Annotated Sample Output

Router# show ip interface brief

Interface              IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0     192.168.1.1     YES manual up                    up
GigabitEthernet0/1     unassigned      YES unset  administratively down down
GigabitEthernet0/2     10.0.0.1        YES manual up                    down
GigabitEthernet0/3     172.16.5.1      YES manual down                  down
Serial0/0/0            10.10.10.1      YES manual up                    up
Loopback0              172.16.1.1      YES manual up                    up
Vlan1                  192.168.10.1    YES manual up                    up

Interface	Status / Protocol	Interpretation	Next Step
`GigabitEthernet0/0`	up / up	Fully operational — physical signal present and protocol running	None; verify IP and routing if connectivity issues persist
`GigabitEthernet0/1`	administratively down / down	Manually disabled with `shutdown`; no IP configured	Run `no shutdown` and configure an IP if needed
`GigabitEthernet0/2`	up / down	Physical signal detected but Layer 2 protocol not running	Check encapsulation mismatch, keepalive settings, remote-end config
`GigabitEthernet0/3`	down / down	No physical signal — cable issue, broken SFP, or remote device off	Inspect cable, transceiver, and remote device
`Serial0/0/0`	up / up	WAN serial link fully operational	None
`Loopback0`	up / up	Loopback interfaces are always up unless administratively shut	None; commonly used as stable router ID for OSPF/EIGRP
`Vlan1`	up / up	SVI (Switch Virtual Interface) active — at least one port in VLAN 1 is up	None

4. Status / Protocol Combinations – All Four Scenarios

Status	Protocol	OSI Layer	Meaning	Common Causes	Resolution
up	up	L1 + L2 OK	Interface is fully operational	Normal operation	No action needed; verify IP addressing and routing if there is still a connectivity issue
up	down	L1 OK, L2 broken	Physical signal is present but the data-link protocol has not established	Encapsulation mismatch (e.g., one side PPP, other side HDLC on a serial link); keepalive failure; clock rate not set on DCE serial; remote side protocol misconfigured	Verify encapsulation matches on both ends; set `clock rate` on DCE; check keepalive settings
down	down	L1 broken	No physical signal detected — interface cannot start the protocol	No cable, wrong cable type, broken cable, remote device powered off, dead SFP/transceiver, hardware fault	Check physical connection, cable type and length, transceiver, and remote device power and port
administratively down	down	Config disabled	Interface was explicitly disabled with the `shutdown` command; this is not a physical problem	`shutdown` applied in interface config mode (Cisco router interfaces default to shutdown; switch ports default to no shutdown)	Enter interface config mode and apply `no shutdown`. See basic interface configuration

Key distinction to memorise: down/down = physical problem (check the cable); administratively down/down = configuration problem (run no shutdown). These look similar at a glance but have completely different root causes.

5. Troubleshooting Scenarios

Scenario A – Interface Administratively Down (No Shutdown Needed)

GigabitEthernet0/2     unassigned     YES unset  administratively down down

Problem: Interface is shut down; no IP configured.

Router(config)# interface GigabitEthernet0/2
Router(config-if)# ip address 192.168.30.1 255.255.255.0
Router(config-if)# no shutdown

Expected result after fix:

GigabitEthernet0/2     192.168.30.1   YES manual up                    up

Scenario B – Physical Layer Failure (down/down)

GigabitEthernet0/3     192.168.40.1   YES manual down                  down

Problem: No physical signal. The IP is configured and the interface is not administratively shut, but the cable is unplugged or the remote device is off. Run show interfaces GigabitEthernet0/3 to check for hardware errors, then inspect the cable and remote device.

Scenario C – Protocol Failure (up/down)

Serial0/1/0            10.20.30.1     YES manual up                    down

Problem: Physical signal present on the serial link but protocol is not establishing. Check with show interfaces Serial0/1/0 — likely an encapsulation mismatch (run show interfaces Serial0/1/0 | include Encapsulation on both ends). Also confirm clock rate is set on the DCE side.

Scenario D – Unassigned IP Address

GigabitEthernet0/4     unassigned     YES unset  up                    up

Problem: The interface is physically up but has no IP address — it cannot route Layer 3 traffic. Assign an IP address in interface configuration mode.

6. IOS Output Filtering with Pipe ( | )

On large routers with many interfaces, show ip interface brief can produce a long list. IOS supports output filtering using the pipe (|) operator:

! Show only lines containing "down" (catches down/down AND administratively down)
Router# show ip interface brief | include down

! Show only a specific interface
Router# show ip interface brief | include GigabitEthernet0/1

! Show only interfaces that are fully up
Router# show ip interface brief | include up

! Exclude loopback interfaces from the output
Router# show ip interface brief | exclude Loopback

! Count how many interfaces are currently down
Router# show ip interface brief | count down

The | include filter is case-sensitive by default on most IOS versions. Use | include [Dd]own if needed to match both cases.

7. Device-Specific Differences

Device Type	What Appears in Output	Notes
Router	Physical routed interfaces (Gi, Se, Fa), subinterfaces, tunnels, loopbacks	All interfaces default to `administratively down` until `no shutdown` is applied
Layer 3 Switch	SVI interfaces (`Vlan<id>`), routed ports, loopbacks	SVI is `up/up` only when at least one access port assigned to that VLAN is `up/up`
Layer 2 Switch	Only SVI interfaces and management VLAN	Physical switch ports do not appear — use `show interfaces status` for those
Loopback interfaces	Always `up/up` unless explicitly shut down	Commonly used as a stable OSPF/EIGRP router ID and for management reachability

8. show ip interface brief vs. Related Commands

Command	Scope	Key Information Shown	Use When…
`show ip interface brief`	All L3 interfaces, one line each	IP address, method, L1 status, L2 protocol status	Starting any troubleshooting session; need a fast overall picture
`show interfaces`	All interfaces, detailed	Error counters (CRC, collisions, drops), speed/duplex, reliability, traffic rates	Interface is up but experiencing errors or poor performance
`show ip interface [name]`	One L3 interface, detailed	ACLs applied, helper addresses, proxy ARP, split horizon, all IP parameters	Verifying IP-level features like ACLs and DHCP relay on a specific interface
`show interfaces status`	All switch ports, one line each	Port name, connected/notconnect/disabled, VLAN, duplex, speed	Checking Layer 2 switch port status, VLAN assignments, and auto-negotiation results
`show running-config interface [name]`	One interface config	Full configuration: IP, description, shutdown state, ACLs, QoS, etc.	Verifying what is actually configured on the interface

9. Key Points & CCNA Exam Tips

show ip interface brief is the go-to first command for any connectivity troubleshooting — always run it before deeper diagnostics
Know all six columns: Interface, IP-Address, OK?, Method, Status, Protocol
The two most important columns are Status (Layer 1) and Protocol (Layer 2)
up / up = fully operational; up / down = L1 OK, L2 broken (encapsulation/keepalive); down / down = physical problem; administratively down / down = shutdown was applied
administratively down is NOT a hardware failure — it means someone ran shutdown in config; fix with no shutdown. See basic interface configuration
On Cisco routers, interfaces default to administratively down; on switches, access ports default to no shutdown. See Cisco IOS modes
unassigned in the IP-Address column means no IP address has been configured on that interface
Method values: manual = ip address command; DHCP = DHCP client; unset = no IP
For Layer 2 switches, physical ports do not appear in show ip interface brief — use show interfaces status instead
An SVI (Vlan<n>) shows up/up only when at least one access port in that VLAN is active. See inter-VLAN routing
Use | include down to instantly filter for all problem interfaces on a device with many ports
For detailed error counters (CRC, collisions, queue drops), follow up with show interfaces <name>

Show IP Interface Brief Command Quiz

1. What is the primary purpose of the `show ip interface brief` command?

A. Display a concise one-line summary of all Layer 3 interfaces, their IP addresses, and operational status B. Show detailed packet error statistics for each interface C. List all VLANs configured on the switch D. Configure IP addresses on interfaces

Correct answer is A. show ip interface brief provides a compact six-column table showing every Layer 3 interface’s name, IP address, OK? status, assignment method, physical status (Status), and protocol state (Protocol). It is the fastest way to get an overall health picture of all interfaces on a Cisco device.

2. What does the "Method" column in `show ip interface brief` indicate?

A. The interface duplex setting B. How the IP address was assigned (manual, DHCP, or unset) C. The hardware status of the interface D. The Layer 2 VLAN assignment of the port

Correct answer is B. The Method column shows how the IP address was assigned: manual means it was configured with the ip address command; DHCP means it was assigned by a DHCP server; unset means no IP has been configured at all; IPCP means it was negotiated via PPP.

3. What does the status "administratively down" mean?

A. The physical cable is unplugged B. The interface is up but the protocol is not running C. The interface has been disabled by the shutdown command in configuration D. The interface is up and functioning normally

Correct answer is C. "Administratively down" means the shutdown command was applied to the interface in configuration mode — it is a deliberate configuration action, not a physical or hardware failure. On Cisco routers, interfaces default to this state. Fix it by running no shutdown in interface configuration mode. See basic interface configuration.

4. Which two columns in `show ip interface brief` indicate whether an interface is operationally active?

A. Method and Protocol B. Interface and IP-Address C. IP-Address and OK? D. Status and Protocol

Correct answer is D. The Status column shows the physical (Layer 1) state of the interface (up, down, or administratively down). The Protocol column shows the data-link/network-layer (Layer 2/3) state. Both must show up for the interface to be fully operational and able to forward traffic.

5. An interface shows Status: up but Protocol: down. What does this most likely indicate?

A. The physical layer is fine but a Layer 2/3 protocol issue is preventing the protocol from establishing B. The interface is administratively down C. The interface is disabled in configuration D. The interface is operating normally

Correct answer is A. Status up confirms Layer 1 (physical signal) is present — the cable is connected and the link is detected. Protocol down means Layer 2 has not established. On serial links this is typically an encapsulation mismatch (PPP vs. HDLC) or missing clock rate on the DCE. On Ethernet it can indicate a keepalive failure or misconfigured remote device.

6. What information is NOT shown by `show ip interface brief`?

A. Interface IP address B. Packet error counts (CRC, collisions, drops) C. Interface name D. Interface status (up/down)

Correct answer is B. show ip interface brief is a high-level summary command and does not include error counters such as CRC errors, collisions, input errors, or queue drops. For those statistics you need show interfaces <name>, which provides detailed per-interface error and traffic counters.

7. Which command filters `show ip interface brief` output to show only a specific interface?

A. show interfaces status GigabitEthernet0/1 B. show running-config interface GigabitEthernet0/1 C. show ip interface brief | include GigabitEthernet0/1 D. show ip interface GigabitEthernet0/1

Correct answer is C. The IOS pipe operator (|) followed by include filters the output to show only lines containing the specified string.

show ip interface brief | include
                  GigabitEthernet0/1

returns just the line for that interface. show ip interface brief | include down is another useful variant that shows all problem interfaces at once.

8. What output would you see for an interface that was disabled with the `shutdown` command?

A. Status: up, Protocol: up B. Status: down, Protocol: up C. Status: down, Protocol: down D. Status: administratively down, Protocol: down

Correct answer is D. The shutdown command places the interface in the administratively down state, which is distinct from a physical down state. This distinction matters because it immediately tells the engineer that the fix is a configuration change (no shutdown), not a hardware investigation.

9. What does the "OK?" column indicate in `show ip interface brief` output?

A. Whether the IP address is reachable from another host B. Whether the IP address assignment is valid in hardware C. Whether the interface is administratively down D. Whether the IP address was assigned by DHCP

Correct answer is B. The OK? column indicates whether the IP address is valid in the hardware address table. In practice it shows YES for almost every interface in modern IOS, even on interfaces that are down or have no IP. A NO value is rare and typically indicates an NVRAM corruption or hardware address initialisation issue.

10. Which command provides more detailed interface information than `show ip interface brief`, including error counters and speed/duplex?

A. show interfaces B. show ip route C. show running-config D. show vlans

Correct answer is A. show interfaces provides the full per-interface detail: speed, duplex, MTU, reliability (255/255), traffic rates (5-minute averages), and all error counters (CRC, runts, giants, collisions, late collisions, input/output queue drops). Use show ip interface brief first to identify which interface needs attention, then follow up with show interfaces <name> for the detail.