shutdown
Disables an interface, preventing it from sending or receiving traffic, typically used for administrative shutdown or troubleshooting.
shutdownWhen to Use This Command
- Disabling a switch port connected to a decommissioned device to prevent unauthorized access.
- Shutting down a router interface during maintenance to avoid routing loops or traffic blackholing.
- Temporarily disabling a port to test connectivity issues without unplugging cables.
- Disabling unused ports on a switch for security hardening.
Command Examples
Shutdown a GigabitEthernet interface
shutdown%LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to administratively down %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to down
The first message indicates the interface was administratively disabled. The second confirms the line protocol is down, meaning no Layer 2 keepalives are exchanged.
Shutdown and verify with show interfaces
shutdownRouter(config-if)# shutdown
Router(config-if)# end
Router# show interfaces gigabitEthernet 0/1
GigabitEthernet0/1 is administratively down, line protocol is down
Hardware is Gigabit Ethernet, address is 0011.2233.4455 (bia 0011.2233.4455)
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255The first line of output shows 'administratively down' indicating the shutdown command was applied. The line protocol is down as a result. Other fields like MTU, bandwidth, and load are still displayed but irrelevant since the interface is disabled.
Understanding the Output
When you issue the 'shutdown' command, the router immediately generates syslog messages indicating the interface state changed to 'administratively down' and the line protocol went down. In 'show interfaces' output, the key field is the first line: 'GigabitEthernet0/1 is administratively down, line protocol is down'. The phrase 'administratively down' is the critical indicator that the shutdown command was applied. A normal 'down' state (without 'administratively') would indicate a physical layer issue. The line protocol being down is expected because the interface is disabled. In a production network, you should verify that the interface is indeed administratively down before assuming it's a physical fault. Watch for 'up/up' when you intend to disable an interface—that means the shutdown command was not applied or was reversed with 'no shutdown'.
CCNA Exam Tips
CCNA exam tip: The 'shutdown' command is used in interface configuration mode; remember that 'no shutdown' enables the interface.
CCNA exam tip: In the output of 'show interfaces', 'administratively down' always means the shutdown command was applied, not a physical problem.
CCNA exam tip: You may be asked to troubleshoot why an interface is down; distinguish between 'administratively down' (shutdown) and 'down/down' (cable or peer issue).
CCNA exam tip: On switches, shutdown can be applied to both physical ports and VLAN interfaces (SVIs).
Common Mistakes
Mistake: Forgetting to use 'no shutdown' after configuring an interface, leaving it disabled unintentionally.
Mistake: Applying shutdown to a trunk port without verifying it's safe, causing disruption to multiple VLANs.
Mistake: Confusing 'shutdown' with 'reload' or 'poweroff'—shutdown only disables the interface, not the device.
Related Commands
no shutdown
Enables an interface that has been administratively disabled, allowing it to forward traffic and participate in network operations.
show interfaces
Displays detailed status and statistics for all interfaces or a specific interface, used to verify interface operational state, errors, and performance.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions