configuring the router chapter 7 connecting people to information
TRANSCRIPT
Configuring the Router
Chapter 7
Connecting People To InformationConnecting People To Information
Loading Configuration
Files
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router Configuration Overview
•Load configuration parameters into RAM
•Personalize router identification
•Assign access passwords
•Configure interfaces
•Save configuration parameters to NVRAM
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Loading Configuration Files (Release 10.3+)
Console or Terminal
RAM
TFTP Server
NVRAMNVRAM
configure terminalconfigure terminal
copy startup-config running-configcopy startup-config running-config
copy tftp running-configcopy tftp running-config
copy tftp startup-configcopy tftp startup-config
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Loading from a TFTP Server
Router#copy tftp running-configHost or network configuration file [host]?IP address of remote host [255.255.255.255]? 131.108.2.155Name of configuration file [Router-confg]? P1R1.2Configure using P1R1.2 from 131.108.2.155? [confirm] yBooting P1R1.2 from 131.108.2.155:!! [OK - 874/16000 bytes]P1R1#
TFTP ServerTFTP ServerRAM
Router Modes
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router(config)#
Router>
Router#
Other configuration modes
Exit
Ctrl-Z (end)
Overview of Router ModesUser EXEC mode
Privileged EXEC mode
Global configuration mode
Configuration Mode Prompt
Interface Router(config-if)#Subinterface Router(config-subif)#Controller Router(config-controller)#Line Router(config-line)#Router Router(config-router)#IPX-router Router(config-ipx-router)#Route-mapRouter(config-route-map)#
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Configuring Router Identification
•Sets local identity or message for the accessed router or interface
Router NameRouter(config)#hostname P1R1
P1R1#
Message of the Day BannerP1R1(config)#banner motd #
Accounting Department You have entered a secured system. Authorized access only! #
Interface DescriptionP1R1(config)#interface ethernet 0
P1R1(config-if)#description Engineering LAN, Bldg. 18
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Password Configuration
Router(config)#line console 0Router(config-line)#loginRouter(config-line)#password cisco
Console Password
Virtual Terminal Password
Router(config)#line vty 0 4Router(config-line)#login Router(config-line)#password sanjose
Enable Password
Router(config)#enable password cisco
Secret Password
Router(config)#enable secret sanfran
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router(config)#interface type numberRouter(config-if)#
Configuring an Interface
• type includes serial, ethernet, token ring, fddi, hssi, loopback, dialer, null, async, atm, bri, and tunnel
• number is used to identify individual interfaces
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router(config)#interface type numberRouter(config-if)#
Configuring an Interface
• type includes serial, ethernet, token ring, fddi, hssi, loopback, dialer, null, async, atm, bri, and tunnel
• number is used to identify individual interfaces
Router(config)#interface type slot/portRouter(config-if)#
• For the Cisco 7000 and 7200 series routers
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router(config)#interface type numberRouter(config-if)#
Configuring an Interface
• type includes serial, ethernet, token ring, fddi, hssi, loopback, dialer, null, async, atm, bri, and tunnel
• number is used to identify individual interfaces
Router(config-if)#exit
Quit from current interface configuration mode
Router(config)#interface type slot/portRouter(config-if)#
• For the Cisco 7000 and 7200 series routers
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router#show interfaces Ethernet0 is up, line protocol is up Hardware is Lance, address is 0060.4740.c2b6 (bia 0060.4740.c2b6) MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00
Serial1 is up, line protocol is down Hardware is MK5025 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 9/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec)
show interfaces Command
...
...
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router#show interface serial 1
Serial1 is up, line protocol is up
Hardware is cxBus Serial Description: 56Kb Line San Jose - MP :: :: :: :: :: :: :: :: :: ::
Operational..................Connection Problem...Interface Problem........Disabled ......................
Serial1 is up, line protocol is upSerial1 is up, line protocol is downSerial1 is down, line protocol is downSerial1 is administratively down, line protocol is down
KeepalivesCarrier Detect
Interpreting Interface Status
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Configuring a Serial Line
•Enter global configuration mode
Router(config-if)#clock rate 56000Router(config-if)#
Router(config)#interface serial 1Router(config-if)#
Router#configure termRouter(config)#
Router(config-if)#bandwidth 56Router(config-if)#exitRouter(config)#exit
Router#
• Specify interface
• Set DCE clock rate (optional)
• Set bandwidth (optional)
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Determining DCE/DTE Status
Router#show controllers serial 1HD unit 1, idb = 0xBFD3C, driver structure at 0xC39A0buffer size 1524 HD unit 1, V.35 DCE cable, clockrate 56000cpb = 0x83, eda = 0x800, cda = 0x814RX ring with 16 entries at 0x83080000 bd_ptr=0x0800 pak=0x0C54F0 ds=0x836938 status=80 pak_size=2201 bd_ptr=0x0814 pak=0x0C5158 ds=0x835BC8 status=80 pak_size=2202 bd_ptr=0x0828 pak=0x0C4F8C ds=0x835510 status=80 pak_size=26903 bd_ptr=0x083C pak=0x0C4DC0 ds=0x834E58 status=80 pak_size=2204 bd_ptr=0x0850 pak=0x0C6184 ds=0x839840 status=80 pak_size=2205 bd_ptr=0x0864 pak=0x0C4BF4 ds=0x8347A0 status=80 pak_size=22.
.
.
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Verifying Your Changes
Router#show interfaces serial 1Serial1 is up, line protocol is up Hardware is MK5025 MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec, rely 255/255, load 9/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 0:00:00, output 0:00:01, output hang never Last clearing of "show interface" counters never Output queue 0/40, 0 drops; input queue 0/75, 0 drops Five minute input rate 1000 bits/sec, 0 packets/sec Five minute output rate 2000 bits/sec, 0 packets/sec 331885 packets input, 62400237 bytes, 0 no buffer Received 230457 broadcasts, 0 runts, 0 giants 3 input errors, 3 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 403591 packets output, 66717279 bytes, 0 underruns 0 output errors, 0 collisions, 8 interface resets, 0 restarts 45 carrier transitions
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Other Interface Configuration Examples
•Specify the ring speed for Token Ring
Router(config)#interface tokenring 2/0Router(config-if)#early-token releaseRouter(config-if)#ring-speed 16
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Other Interface Configuration Examples
•Specify the ring speed for Token Ring
Router(config)#interface tokenring 2/0Router(config-if)#early-token releaseRouter(config-if)#ring-speed 16
Router(config)#interface ethernet 2Router(config-if)#media-type 10baseT
• Select the media-type connector for the Ethernet interface
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router#configure termRouter(config)#interface serial 1Router(config-if)#shutdown%LINEPROTO-5-UPDOWN: Line Protocol on Interface Serial1, changed state to down%LINK-5-CHANGED: Interface Serial, changed state to administratively down
Shutting Down an Interface
• Use this command to administratively turn off an interface without altering its other configuration entries
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
• Use this command to administratively turn on an interface that has been shut down
Router#configure termRouter(config)#interface serial 1Router(config-if)#shutdown%LINEPROTO-5-UPDOWN: Line Protocol on Interface Serial1, changed state to down%LINK-5-CHANGED: Interface Serial, changed state to administratively down
Shutting Down an Interface
• Use this command to administratively turn off an interface without altering its other configuration entries
Router#configure termRouter(config)#interface serial 1
Router(config-if)#no shutdown%LINK-3-UPTOWN: Interface Serial, changed state to up
%LINEPROTO-5-UPDOWN: Line Protocol on Interface Serial1, changed state to up
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Verifying the Changes (Release 10.3+)
Yes
Make changes in configuration modes
Make changes in configuration modes
Examine resultsRouter#show running-config
Examine resultsRouter#show running-config
Intendedresults?Intendedresults?
Save changes to backupRouter#copy running-config startup-configRouter#copy running-config tftp
Save changes to backupRouter#copy running-config startup-configRouter#copy running-config tftp
Examine backup fileRouter#show startup-config
Examine backup fileRouter#show startup-config
No
Remove changesRemove changes
Noninvasive changes:Router(config)#no....Router#copy start runRouter#copy TFTP run
Router#reloadRouter#copy TFTP startRouter#reload
Invasive changes:
Last resort changes:Router#erase startRouter#reload
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Saving Configuration Changes (Release 10.3+)
Router#copy running-config startup-configRouter#
RAMNVRAMNVRAM
Router#copy running-config tftpRemote host [172.16.2.155]?
RAMTFTP or rcp server
Managing the Configuration Environment
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
ROM monitorROM monitor
Locating the Cisco IOS SoftwareConfiguration Registers
Registers in NVRAM for modifying fundamental Cisco IOS softwareIdentifies where to boot Cisco IOS image (for example, use config-mode commands)
Configuration Registers Registers in NVRAM for modifying fundamental Cisco IOS software
Identifies where to boot Cisco IOS image (for example, use config-mode commands)
Router#configure terminalRouter(config)#boot system flash IOS_filenameRouter(config)#boot system tftp IOS_filename tftp_addressRouter(config)#boot system rom[Ctrl-Z]Router#copy running-config startup-config
Router#configure terminalRouter(config)#boot system flash IOS_filenameRouter(config)#boot system tftp IOS_filename tftp_addressRouter(config)#boot system rom[Ctrl-Z]Router#copy running-config startup-config
Boot system commands not found In NVRAMBoot system commands not found In NVRAM
Get default Cisco IOS software from FlashGet default Cisco IOS software from Flash
Flash memory emptyFlash memory empty
Get default Cisco IOS software from TFTP serverGet default Cisco IOS software from TFTP server
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router#show version
IOS (tm) 2500 Software (C2500-JS-L), Version 11.2 (6), RELEASE SOFTWARE (fc1)Copyright (c) 1986-1997 by cisco Systems, Inc.Compiled Tue 06-May-97 16:17 by kuongImage text-base: 0x0303ED8C, data-base: 0x00001000
ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWAREROM: 3000 Bootstrap Software (IGS-RXBOOT), version 10.2 (8a), RELEASE SOFTWARE (fc1) Router uptime is 21 hours, 13 minutesSystem restarted by reloadSystem image file is "flash:c2500-js-l.112-6.bin", booted via flash
Configuration register is 0x2102
Determining the Current Configuration Register Value
...
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
• Configuration Register bits 3, 2, 1, and 0 set boot option
• Check Configuration Register setting with show version
Configuration Register Values
Configuration-Register Value
0x0
0x2 to 0xF
0x1
Meaning
Use ROM monitor mode(Manually boot using the b command)
Examine NVRAM for boot system commands (0x2 default if router has Flash)
Automatically boot from ROM(Provides IOS subset)
Router#configure terminalRouter(config)#config-register 0x2102[Ctrl-Z]Router#reload
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router#configure terminalRouter(config)#boot system flash c2500-js-l [Ctrl-Z]Router#copy running-config startup-config
Flash
NetworkRouter#configure terminalRouter(config)#boot system tftp test.exe 172.16.13.111[Ctrl-Z]Router#copy running-config startup-config
ROMRouter#configure terminal
Router(config)#boot system rom[Ctrl-Z]
Router#copy running-config startup-config
•Multiple boot system commands select bootstrap fallback sequence
Boot System Options in Software
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Preparing for a NetworkBackup Image
NetworkServerRouter
Check space available on serverCheck space available on server
Check naming conventionCheck naming convention
Check access to the serverCheck access to the server
NetworkServer
NetworkServer
c2500-js-l.112-6
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router#show flash
System flash directory:File Length Name/status
1 7871172 c2500-js-l.112-6.bin
[7871236 bytes used, 517372 available, 8388608 total]8192K bytes of processor board System flash (Read ONLY)
Verifying Available Memory
•Verify that Flash memory has room for the Cisco IOS image
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router#show flash
System flash directory:File Length Name/status
1 7871172 c2500-js-l.112-6.bin
[7871236 bytes used, 517372 available, 8388608 total]8192K bytes of processor board System flash (Read ONLY)
Deciphering Image Filenames
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router#copy flash tftpSystem flash directory:File Length Name/status 1 7871172 c2500-js-l.112-6.bin[7871236 bytes used, 517372 available, 8388608 total]8192K bytes of processor board System flash (Read ONLY)
IP address of remote host [255.255.255.255]? 172.16.13.111filename to write on tftp host? c2500-js-l.112-6 writing c2500-js-l.112-6 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! successful tftp write.Router#
Creating a Software Image Backup
•Back up current files prior to updating Flash
NetworkServer
FLASHFLASH
copy flash tftp
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Router#copy tftp flashIP address or name of remote host [255.255.255.255]? 172.16.13.111
Name of tftp filename to copy into flash []? c4500-js-lcopy c4500-js-l.112-6 from 172.16.13.111 into flash memory? [confirm]<Return>
xxxxxxxx bytes available for writing without erasure.erase flash before writing? [confirm]<Return>
Clearing and initializing flash memory (please wait)####...##Loading from 172.16.13.111: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!(text omitted) [OK - 324572/524212 bytes]Verifying checksum...
VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV(text omitted)
Flash verification successful. Length = 1804637, checksum = 0xA5D3
Upgrading the Image from the Net
•Erase Flash occurs before loading new image
NetworkServer
FLASHFLASH
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Overwriting an Existing Image
•Note message that image already exists
NetworkServer
FLASHFLASH
Router#copy tftp flashIP address or name of remote host [255.255.255.255]? 172.16.13.111
Name of tftp filename to copy into flash []? c4500-js-l.112-6 File c4500-js-l.112-6 already exists; it will be invalidated!
Copy c4500-js-l.112-6 from 172.16.13.111 into flash memory? [confirm]<Return>xxxxxxxx bytes available for writing without erasure.
erase flash before writing? [confirm]<Return>Clearing and initializing flash memory (please wait)####...##
Loading from 172.16.13.111: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(text omitted) [OK - 324572/524212 bytes]
Verifying checksum...VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV
VVVVVV(text omitted)Flash verification successful. Length = 1204637, checksum = 0x95D9
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Changing a Configuration Using Setup Mode
Router#setup
--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.Use ctrl-c to abort configuration dialog at any prompt.Default settings are in square brackets '[ ]'.
Continue with configuration dialog? [yes/no]:yes
First, would you like to see the current interface summary? [yes]:no
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Setup Mode Global ParametersConfiguring global parameters:
Enter host name [Router]:P1R1
The enable secret is a one-way cryptographic secret usedinstead of the enable password when it exists.
Enter enable secret [<Use current secret>]:
Enter enable password [sanfran]:% Please choose a password that is different from the enable secret
Enter enable password [sanfran]:cisco Enter virtual terminal password [sanjose]:
Configure SNMP Network Management? [no]: Configure IP? [yes]:
Configure IGRP routing? [yes]: Your IGRP autonomous system number [1]:...
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Configuring interface parameters:
Configuring interface TokenRing0: Is this interface in use? [no]: <Return>
Configuring interface Serial0: Is this interface in use? [yes]: Configure IP on this interface? [yes]: Configure IP unnumbered on this interface? [no]: IP address for this interface: 172.16.97.67 Number of bits in subnet field [0]: Class B network is 172.16.0.0, 0 subnet bits; mask is 255.255.0.0 Configure Novell on this interface? [yes]: no
Configuring interface Serial1: Is this interface in use? [yes]: no
Setup Mode Interface Parameters
Co
nn
ecti
ng
Pe
op
le T
o In
form
ati
on
Setup Mode Script ReviewThe following configuration command script was created:
hostname P1R1enable secret 5 $1$g722$dg2UVvWG6eekNRTE5LfmM/enable password sanfranline vty 0 4password sanfransnmp-server community!ip routingno decnet routing no xns routingnovell routingno apollo routingappletalk routingno clns routingno vines no bridge no mop enabled-- More --
interface TokenRing0shutdown
!interface Serial0
ip address 172.16.97.67 255.255.0.0
interface Serial1shutdown
!router igrp 200
network 172.16.0.0!
end
Use this configuration? [yes/no]: yes[OK]
Use the enabled mode 'configure' command to modify this configuration.