Cisco IOS (Internetworking Operating System) - I

Download

Cisco IOS (originally Internetwork Operating System) is software used on most Cisco Systems routers and current Cisco network switches. (earlier Switches ran on CatOS.) IOS is a package of routing, switching, internetworking and telecommunications functions integrated into a multitasking operating system.

The first IOS was written by William Yeager in 1986.

CLI – command Line Interface

There are different ways to configure a router but most often, the first place we would connect to is the console port. The console port is usually an RJ-45 (8 Pin Modular) connection.

We can also connect to a Cisco router through an auxiliary port but for that we need a modem.

The third way to connect to a Cisco router is in-band, through the program Telnet.

Bringing Up a Router

When we first bring up a Cisco router, it will run a power on self-test (POST). If it passes, it will then looks for and load the Cisco IOS from flash memory-- if an IOS file is present. After that, the IOS loads and looks for a valid configuration--the startup-config, that’s stored by default in non-volatile RAM, or NVRAM.

If there isn’t a configuration in NVRAM, the router will go in to set up mode, a step by step process to help you configure the router. You can also enter setup mode at any time from the command line by typing the command setup from something called privilege mode.

Flash Memory- Flash memory is electronically erasable programmable read-only memory—an EEPROM.

The Pound signs (#) are telling us that the IOS is being decompressed into RAM. After it is decompressed into RAM, the IOS is loaded and starts running the router.

After the interface status messages appear and we press enter the Router > prompt will appear. This is called user exec mode (User mode). And it’s mostly used to view statistics, but it’s also a steppingstone to logging into privileged mode.

We can only view and change the configuration of a Cisco router in privileged exec mode, which we can enter with the enable command.

At first we see Press “Enter” to start

Router > (User Mode)

Router > enable

Router# (Privileged Mode)

To exit from this mode we type here exit or disable or logout

Router# exit

Router>

(Ctrl+C) Exit

To configure from CLI, you can make global changes to the router by typing configure-terminal, which puts you in global configuration mode and changes what’s known as the running-config.

You can type config from the privileged-mode prompt then just press enter to take the default of terminal.

Router#config t

Router (config) # (configure mode)

To make changes to an interface, we use the interface command from global configuration mode.

Router (config) #int fa0/0

Router (config-if) #

Subinterfaces

Subinterfaces allow you to create logical interfaces within the router. The prompt then changes to Router (config-subif) #

Router (config-if) int fa0/0.1

Router (config-subif) #

Line Commands

To configure user-mode passwords, use the line command. The prompt then becomes

Router (config-line) #

Router # config t

Router (config) # line console 0

Router (config-line) # password Cisco

The line console 0 command is known as a major command (also called a global command) and any command typed from the (config-line) prompt is known as a subcommand.

Routing Protocol Configurations

To configure routing protocols such as RIP and EIGRP, use the prompt (config-router) #.

Router # config t

Router (config) #router rip

Router (config) # version 2

Router (config-router) #

We can use the Cisco advanced editing features to help us to configure the router. If we type in a question mark at any prompt we will be given a list of all the commands available from that prompt.

Router #?

By typing the clock? We will get a list of the next possible parameters and what they do.

Router# clock?

Router# clock set?

Router# clock set 10:30:10 10 28 Aug

Use the show history command to see the last 10 commands that were entered on the router.

Router# show his

The show version command will provide basic configuration for the system hardware as well as the software version, the names and sources of configuration files, and the boot images.

Router# show version

To check the running config

Router# show run

To check the serial interface

Router# show serial 0/0/0

We can set the identity of the router with hostname command.

Router# config t

Router (config) #hostname Cisco

Cisco (config) #

A banner is more than just a little cool-one very good reason for having a banner is to give any and all who dare attempt to telnet or dial into your internetwork a little security notice.

Router (config) # banner motd @unauthorized access prohibited@

Other type of banner

1. Incoming banner,
2. Login banner.

Setting Passwords

There are five passwords used to secure your Cisco routers. Console, auxiliary, telnet, enable and enable secret.

Two passwords are used to set your enable password that’s used to secure privileged mode. This will prompt a user for a password when the enable command is used.

The other three are used to configure a password when user mode is accessed either through the console port, through the aux port or via telnet.

We set the enable passwords from global configuration mode

Router (config) # enable password cisco

Sets the enable password on older, pre 10.3 systems, and isn’t ever used if an enable secret is set.

Secret – Is the newer, encrypted password that overrides the enable password if it’s set.

Use -tacas- this tells the router to authenticate through a TACACS server.

Router (config) #enable secret CCNA

User mode passwords are assigned by using the line command

Router (config) #line vty 0 4

# Password ccnp

#login

Aux-sets the user-mode password for the auxiliary port. It’s usually used for attaching a modem to the router, but it can be used as a console as well.

Console - Sets a console user-mode password.

Vty sets a telnet password on the router. If this password isn’t set then telnet can’t be used by default.

To configure the auxiliary password go in to global configuration mode and type line aux? You can see here that you only get a choice of 0-0.

Router#config tRouter (config) #line aux 0Router (config-line) #password ccnpRouter (config-line) #loginRouter #sh run

Through this command we see all password but if we want to change or encrypt all passwords format then we run this command

Router (config) #service password encryption

For turn off this command

Router (config) #no service password encryption

Descriptions – Setting the descriptions on an interface is helpful to the administrator and like the hostname only locally significant.

Router (config-if) #description sales LAN

Router Interfaces

Interfaces configuration is one of the most important router configurations, because without interfaces a router is pretty much a completely useless object. Plus interfaces configurations must be totally precise to enable communication with other devices. Some of the configurations used to configure an interface are network layer addresses, media type, bandwidth and other administrator command.

Configure an IP address on an interface

Router (config) #int e0

Router (config-if) #Ip add 192.168.10.10 255.255.255.0

Router (config-if) #no shut

We configure a DCE serial interface with the clock rate command.

Router (config) #int s0/0

Router (config-if) #clock rate 64000

Router (config-if) #bandwidth 64

We can manually save the file from DRAM to NVRAM by using the copy run command

We can delete the startup config file by using the erase startup config command

Router # erase startup-config

To restart the router via command

Router# reload

Save? (yes/no) n

Ping – Ping is packet Internet Groper, a programme that uses ICMP Echo requests and replies. Ping sends a packet to a remote host, and if that host responds, means that the host is alive.

Trace route – Uses ICMP with IP time to live (TTL) time outs to track the path a packet takes through an internetwork, in contrast to Ping, which just finds the host and responds. And Trace route can also be used with multiple protocols.

Verifying with the show interface Command

Router#show int fa0/0

Router#show int s0/0

Another important configuration to notice is the keepalive, which is 10 seconds by default, each router sends a keepalive message to its neighbor every 10 seconds, and if both routers aren’t configured for the same keepalive time, it won’t work.

We can clear the counters on the interface by typing the command clear counters.

Router#clear counters s0/0

MTU – Maximum Transmission Unit (1500 bytes by default)

Using the “show ip int” brief command.

This command provides a quick overview of the routers interfaces including the logical address and status.

Router#show ip int brief

Show Protocols command

The show protocols command is a really helpful command you’d use in order to see the quick status of layers 1 and 2 of each interface as well as the ip address used.

Using the show Controllers Command

The show controllers command displays information about the physical interfaces itself. It will also give you the type of serial cable plugged in to a serial port. Usually this will only be a DTE cable that plugs in to a type of Data Service Unit (DSU).

Router#show controllers serial 0/0

Router#show controllers serial 0/1

Notice that serial 0/0 has a DTE cable, whereas the serial 0/1 connection has a DCE cable. Serial 0/1 would have to provide clocking with the clock rate command. Serial 0/0 would get its clocking from the DSU.

Understand the sequence of what happens when you power on a router

When you first bring up a cisco router it will run a power on self-test (post), and if that passes, it will then look for and load the Cisco IOS from flash memory, if a file is present the IOS then proceeds to load and looks for a valid configuration in NV RAM called the Startup-config. If no file is present in NV RAM, the router will go into setup mode.

Set up mode is automatically started if a router boots and no startup – config is in NV RAM. We can also bring up set up mode by typing setup from the privileged mode.

Understand the difference between user mode and privileged mode. User mode provides a command line interface with very few available commands by default. User mode does not allow the configuration to be viewed or changed. Privileged mode allows a user to both view and change the configuration of a router. You can enter privileged mode by typing the command enable.

Remember what the command show version Provides

The show version command will provide basic configuration for the system hardware as well as the software version, the names and sources of configuration files, the config-register setting and the boot images.

Remember the diff between the enable password and enable secret password

Both of these passwords are used to gain access into privileged mode. However, the enable secret is newer and is always encrypted by default. Also, if you set the enable password and then set the enable secret, only the enable secret will be used.

If we type show int serial 0 and see that is down, line protocol is down, this will be considered a physical layer problem. If you see it as up, line protocol is down, then you have a data link layer problem.

Using the Pipe

This Pipe (|) allows s to wade through all the configurations or other long outputs and get straight to our goods fast.

Router#show run | begin interface

Router#show Ip route | include 192.168.1.1

For SSH Login

Router#host cisco

Cisco#conf t

Cisco (config) #Ip domain name cisco.com

#username R1 password cisco123

#crypto key generate rsa general-keys modulus 1024

#ssh version 2

#line vty 0 4

#transport input ssh telnet

#login local

----

@NetwaxLab