1
○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○
10
Cisco Device Operation
Terms you’ll need to understand:
✓ Random access memory (RAM)
✓ Non-volatile random access memory (NVRAM) ✓ Flash
✓ Central processing unit (CPU) ✓ Read-only memory (ROM) ✓ Configuration register ✓ Exec mode
✓ Privilege mode
✓ Trivial File Transfer Protocol (TFTP)
✓ Simple Network Management Protocol (SNMP) ✓ Protocol translation
✓ Debugging
Techniques you’ll need to master:
✓ Issuing infrastructure commands ✓ Viewing router configurations ✓ Using common IOS commands ✓ Configuring protocol translation
This chapter focuses on monitoring and maintaining router networks via IOS commands. In particular, this chapter describes Cisco router’s major hardware components, common show and debug IOS commands, and methods used to configure protocol translation.
This chapter covers the following Cisco device operation CCIE blueprint objec-tives as laid out by the Cisco Systems CCIE program:
➤ Operation commands—show, debug.
➤ Infrastructure—NVRAM, flash, memory, CPU, file system, config reg. ➤ Operations—File transfers, password recovery, Simple Network Management
Protocol (SNMP), accessing devices, password security.
As with other chapters in this book, additional information is provided for com-pleteness and in preparation for additional subjects as the CCIE program expands.
Infrastructure Commands
Cisco routers consist of many hardware components. The main components of a Cisco router include:
➤ RAM ➤ NVRAM ➤ Flash ➤ CPU ➤ ROM ➤ Configuration registers ➤ Interfaces
Figure 10.1 illustrates Cisco routers’ hardware components. Each hardware com-ponent is vital for Cisco routers to operate properly. To help you prepare for the CCIE exam, the next few sections present the main concepts you need to know about Cisco hardware components. Let’s begin by looking at random access memory (RAM).
RAM
Routers use random access memory (RAM) to store the current configuration file and other important data collected by the router. This data includes the IP routing table and buffer information. Buffers temporarily store packets before a router processes them.
RAM information is lost if the router power cycles (loses and regains power) or is restarted by an administrator. To view a router’s current configuration, use the show running-config IOS command. Before IOS version 10.3, administrators used the write terminal command to show a router’s configuration. The write terminal command is still valid in today’s IOS releases, but Cisco prefers users to use the show running-config command.
NVRAM
Non-volatile RAM (NVRAM) stores a copy of the router’s configuration file. The NVRAM storage area is permanent and retained by the router in the event of a power cycle. When the router powers up from a power cycle or a reboot, the stored configuration file is copied by the IOS from the NVRAM to RAM. To view the configuration file stored in NVRAM, issue the show startup-config command. In earlier versions of IOS (before version 10.3), the show config com-mand was used to view the configuration file stored in NVRAM. In IOS ver-sions 11.0+, both the show config and show startup-config commands will work. Again, Cisco prefers to use the show startup-config command.
Flash
Flash is erasable and programmable and is used to store the router’s IOS image. Furthermore, the flash contains a certain amount of space, which varies by router model to allow multiple versions of IOS to be stored. Therefore, you can delete,
Random access memory (RAM)
Flash Read only memory (ROM)
Non-volatile RAM (NVRAM)
Router interfaces LAN, WAN, CONSOLE, AUX PORT
retrieve, and store new versions of IOS in the flash memory system. To view the flash on a Cisco router, use the show flash IOS command. Listing 10.1 shows a sample flash display on a Cisco 2500 router.
Note: On a high-performance router, such as Cisco 4000 series and 7000 series routers, you can make the flash system look like a file system and store many versions of IOS. In the Cisco 2500 series, routers can partition the flash with the partition flash <number of partition> <size of each partition> command.
Listing 10.1 The show flash command. R1>sh flash
System flash directory: File Length Name/status
1 9558976 c2500-ajs40-l.112-17.bin
[9559040 bytes used, 7218176 available, 16777216 total] 16384K bytes of processor board System flash
Listing 10.1 shows that the IOS image c2500-ajs40-l.112-17.bin is currently stored on the flash.
The Cisco 7500 series router provides the option of installing additional PCMCIA flash memory. If this additional memory is installed, the dir slot0 IOS command displays the IOS image stored within.
CPU
The central process unit (CPU) is the heart of a router, and every Cisco router has a CPU. A CPU manages all the router’s processes, such as IP routing, and new routing entries, such as remote IP networks learned through some form of dynamic routing protocol. To view a CPU’s status, use the show process IOS command, as shown in Listing 10.2.
Listing 10.2 The (truncated) show process command. R1>show process
CPU utilization for five seconds: 9%/7%; one minute: 9%; five minutes: 10%
PID QTy PC Runtime (ms) Invoked uSecs Stacks TTY Proc 1 Csp 318F396 24456 1043 234 732/1000 0 Load Meter 2 M* 0 28 28 1000 3268/4000 0 Exec 3 Lst 317D1FC 1304 175 5257 1724/2000 0 Check heap
The show process command displays the router utilization within the past five seconds and the past one minute as well as the average over the last five minutes. Following the CPU utilization statistics are details about specific processes.
ROM
Read only memory (ROM) stores a scaled-down version of a router’s IOS in the event that the flash system becomes corrupted or there is no current IOS image stored in flash. ROM also contains the bootstrap program (sometimes referred to as the rxboot image in Cisco documentation) and device’s power up diagnostics. You can only perform a software upgrade (that is, perform a software image upgrade on the ROM) by replacing ROM chips, because the ROM is not programmable. ROM also contains the bootstrap program and power up diagnostics. The bootstrap program enables you to isolate or rule out hardware issues. For example, you may have a faulty flash card and subsequently the router cannot boot the IOS image. The power diagnostics program tests all the hardware interfaces on the router.
ROM mode is the term for when a router is not running as healthy as it should be.
ROM mode contains a limited number of IOS commands, which enable the administrator to troubleshoot software or hardware problems on a router. The various Cisco model routers have different ROM modes, but in all Cisco routers, you can issue the ? command in ROM mode to identify the available commands used to troubleshoot a Cisco IOS-based router.
Listing 10.3 provides all the available options on a Cisco 4000 router when the ? command is used.
Listing 10.3 The ? command when in ROM mode. > ?
? Types this display $ Toggle cache state
B [filename] [TFTP Server IP address | TFTP Server Name]
Load and execute system image from ROM or from TFTP server C [address] Continue [optional address]
D /S M L V Deposit value V of size S into location L with modifier M
E /S M L Examine location L with size S with modifier M G [address] Begin execution
H Help for commands I Initialize
K Displays Stack trace
L [filename] [TFTP Server IP address | TFTP Server Name]
Load system image from ROM or from TFTP server, but do not begin execution
O Show software configuration register option settings P Set break point
S Single step next instruction T function Test device (? for help)
The options in Listing 10.3 allow you to initialize a router with the I command once you have finished ROM mode. ROM mode enables you to recover lost passwords, by altering the configuration registers, which will be discussed later in this chapter.
Configuration Registers
A configuration register is a16-bit number that defines how a router will operate on a power cycle. These options include if the IOS will be loaded from flash or ROM. Configuration registers are used to advise the Cisco IOS router to load the configuration file from the NVRAM or to ignore the configuration file stored in memory for example. The default configuration register is displayed as 0x2102 on a Cisco router when converted to binary is shown below:
➤ Bit Number—15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 ➤ Value—0 0 1 0 0 0 0 1 0 0 0 0 0 0 1 0
Keep in mind that the bits are numbered from right to left. In the preceding example, the value is displayed as 0x2102(0010.0001.0000.0010). The function of the configuration register bits are determined by their position as follows: ➤ Bits 0 through 3—Determines the boot option whether the router loads the
IOS from the flash (binary value is 010) or ROM (binary value is 000). ➤ Bit 4—Reserved.
➤ Bit 5—Reserved
➤ Bit 6—Tells the router to load the configuration from NVRAM if set to 1 and to ignore the NVRAM if set to 0.
➤ Bit 7—Indicates whether to ignore the Cisco IOS banner. The default setting is 0 or don’t show the Cisco banner at startup; a 1 bit indicates to show the IOS banner message.
➤ Bit 8—Specifies whether to enter ROM mode without power cycling the router. If bit 8 is set to 1 and the break key is issued while the router is up and running normally, the router will go into ROM mode. This is a dangerous scenario because if this is performed your router immediately stops functioning. ➤ Bit 9—Reserved.
➤ Bit 10—Specifies the broadcast address to use where 1 equals the use all 0s for broadcast at boot (in conjunction with bit 14). Bit 10 interacts with bit 14. ➤ Bits 11 and 12—Sets the baud rate of the console port. For example, if bits 11 and 12 are set to 00, the baud rate will be 9600. The baud rate 4800 can be set when these bits are set to 01, 2400bps is 10 and finally 1200bps is 11.
➤ Bit 13—Tells the router to boot from ROM if the flash cannot boot from a network, such as a TFTP server. If bit 13 is set to 0 and no IOS is found, the router will hang. If bit 13 is set to 1 and no IOS is found, the router will boot from ROM.
➤ Bit 14—Interacts with Bit 10 to define broadcast address. The possible com-binations are shown in Table 10.1.
➤ Bit 15—Specifies to enable diagnostics display on startup and ignore the NVRAM.
To view the current configuration register, issue the show version command, as shown in Listing 10.4. The configuration registers setting is the last line in the command output.
Listing 10.4 The (truncated) show version command. R1>show version
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-AJS40-L), Version 11.2(17), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1999 by Cisco Systems, Inc. Compiled Tue 05-Jan-99 13:27 by ashah
Image text-base: 0x030481E0, data-base: 0x00001000 ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE BOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT),
Version 10.2(8a), RELEASE SOFTWARE R1 uptime is 6 days, 1 hour, 36 minutes System restarted by reload
System image file is "flash:c2500-ajs40-l.112-17.bin", .. ..booted via flash
cisco 2520 (68030) processor (revision E) with 8192K/2048K byte Processor board ID 02956210, with hardware revision 00000002 Bridging software.
SuperLAT software copyright 1990 by Meridian Technology Corp. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. TN3270 Emulation software.
Basic Rate ISDN software, Version 1.0.
Table 10.1 Bits 10 and 14 settings.
Bit 14 Bit 10 Address (<net> <host>)
Off Off <ones> <ones> Off On <zeros> <zeroes> On On <net> <zeros> On Off <net> <ones>
1 Ethernet/IEEE 802.3 interface(s) 2 Serial network interface(s)
2 Low-speed serial(sync/async) network interface(s) 1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read ONLY) Configuration register is 0x2102
As you can see, Listing 10.4 uses the show version IOS command to display the configuration register as 0x2102. The show version command also displays other useful router information, such as the uptime of the router, the IOS image in use, and the hardware configuration. Table 10.2 displays common configuration reg-ister values you can use in day-to-day troubleshooting.
Interfaces
Interfaces provide connections to a network. Interfaces include LANs, WANs, and management ports (that is, console and auxiliary ports).
To view the current LAN or WAN interface, you can issue the show interface command. The show interface command displays all LAN and WAN interfaces. To display information regarding console or auxiliary ports, you can use the show line command. Figure 10.2 summarizes the available IOS commands adminis-trators can use to view a router’s current configuration.
Now that we’ve discussed the hardware basics of Cisco routers, let’s move on to the review how routers operate. While we discuss router operation, we’ll also cover how administrators can manage Cisco routers.
Router Operation
This section concentrates on some of the more common IOS manipulation tasks that you will be required to master. We’ll start by examining how to access rout-ers. Then, we’ll look at how to:
➤ Use passwords to provide security
Table 10.2 Common registers and descriptions.
Register Value Description
0x2100 Boots the router using the system bootstrap found in ROM. 0x2102 Boots the router using flash and NVRAM. This is the
default setting.
0x2142 Boots the router using flash and ignores NVRAM. This value is used to recover passwords or modify configuration parameters.
➤ Copy and back up configurations ➤ Recover passwords
➤ Enable Simple Network Management Protocol management
Methods of Accessing Cisco Routers
A Cisco router can be accessed in number of ways. You can physically access a router via the console port, or you can access a router remotely through a modem via the auxiliary port. You can also access a router via a network or virtual termi-nal ports, which allow Telnet access.
If you do not have physical access to a router—either via a console port or an auxiliary port via dial up—you can access a router through the software interface called the virtual terminal (also referred to as a VTY port). When you Telnet to a router, you are asked for the VTY password. For example, on the following router, R1, the administrator types the remote address of R2 and tries to Telnet to one of the VTY ports. Listing 10.5 provides the session dialog.
Listing 10.5 Using a VTY port to establish a Telnet connection. R1#Telnet 131.108.1.2 Trying 131.108.1.2 ... Open show running-config write terminal show flash dir slot0: show interfaces show startup-config show config
Random access memory (RAM)
Flash Read only memory (ROM)
Non-volatile RAM (NVRAM)
Router interfaces LAN, WAN, CONSOLE, AUX PORT
User Access Verification Password: xxxxx
R2>
In circumstances similar to Listing 10.5, be aware that you will only enter Exec mode. You are still required to supply a privilege password, or the secret password if it’s configured, if you want to access the advanced IOS command set.
IOS Operational Modes
The Cisco IOS supports a number of modes that permit administrators to ac-cess, view, and configure a router. The modes are summarized as follows: ➤ Exec mode—Maintains a limited IOS command set. The Exec mode prompt
for a router named R1 is R1>. Essentially a limited router operational view-only mode. The Exec mode, which allows a user to view the status of the router and has a limited number of commands, is displayed with the follow-ing prompt:
R1>
The > (greater than sign) specifies Exec mode.
➤ Priv Exec mode—Provides all available options, including configuration, de-bug, and test commands. The Priv Exec prompt for a router named R1 is R1#. To enter privileged exec mode (Priv Exec mode), which allows users to have complete control of a router, you must first enable Exec mode and then enter a valid password. The password is known as the enable password. After supplying a valid password, you enter the Priv Exec prompt command (R1#), as shown in the following code snippet:
R1>enable Password: R1#
In the preceding code, the pound sign (#) specifies Priv Exec mode.
➤ Global Configuration mode—Enables you to make global configuration changes. The configuration prompt for a router named R1 is R1(config)#.
➤ Interface Configuration mode—Allows you to modify interface parameters, such as network and IP addressing. The prompt for a router named R1 is R1(config-if )#.
Note: A variety of specialized configuration modes, such as the interface configuration mode, are available when configuring a route-map, netbios-list, or access-list.
➤ ROM Monitor mode—Enables you to recover a router from some form of fault. For example, ROM Monitor mode enables you to recover passwords or serve as a backup if flash fails. The prompt is > or rommon>.
➤ Setup mode—Provides an interactive mode when a router is first powered up out of the box. You will be prompted for information, such as IP address or host name. You can start this mode by entering the setup command. As you can see in the preceding list, each mode uses a distinct prompt.
Providing Password Security
Cisco routers can have passwords set on all operation modes, including the con-sole port, privilege mode, and virtual terminal access. To set a concon-sole password to prevent unauthorized console access to the router, issue the commands shown in Listing 10.6.
All passwords are case sensitive.
Listing 10.6 Setting a console password. R1(config)#line con 0
R1(config-line)#password cisco
You can also set a password on the auxiliary port, R1(config)#line aux 0
R1(config-line)#password cisco
To set the privilege mode password you have two options, they are the enable and secret password. To set these passwords, use the following commands:
R4(config)#enable password cisco R1(config)#enable secret ccie
The command to set an enable password is enable password <password>. You can also set a more secure password, called a secret password, that is encrypted when viewing the configuration with the enable secret <password>command. A secret password overrides an enable password.
In Listing 10.6, the secret password will always be used. Now, let’s issue the show running-config command to display the configuration after entering the enable and secret passwords in the preceding code (see Listing 10.7).
Listing 10.7 The show running-config command after entering enable and secret passwords. R1#sh running-config Building configuration Current configuration: ! version 11.2 ! hostname R1 !
enable secret 5 $1$Aiy2$GGSCYdG57PdRiNg/.D.XI. enable password cisco
As you can see in Listing 10.7, the secret password is encrypted (using Cisco’s proprietary algorithm) while the enable password is readable. This setup enables you to hide secret passwords when the configuration is viewed. If you desire, you can also encrypt the enable password by issuing the service password-encryption command, as displayed in Listing 10.8.
Listing 10.8 The service password-encryption command. R1(config)#service password-encryption
The service password-encryption command encrypts all passwords issued to the router using the MD5 encryption algorithm. Listing 10.9 shows an example of how these passwords appear when the configuration is viewed after all passwords have been encrypted.
Listing 10.9 The show running-config command after encrypting all passwords. R1#show running-config Building configuration... Current configuration: ! version 11.2 hostname R1 !
enable secret 5 $1$Aiy2$GGSCYdG57PdRiNg/.D.XI. enable password 7 121A0C041104
Notice in Listing 10.9 that both the enable and secret passwords are encrypted. The final Cisco password you can set is the virtual terminal password. This pass-word verifies remote Telnet sessions to a router. Listing 10.10 displays the com-mands necessary to set the virtual terminal password on a Cisco router.
Listing 10.10 Using the password command to set a virtual terminal password.
R4(config)#line vty 0 4 R4(config-line)#password ccie
If you issue the no login command below the virtual terminal command (line vty 0 4), remote Telnet users will not be asked to supply a password, and they will automatically enter Exec mode. For example:
R1#telnet R2
Trying 1.1.1.1 ... Open R2>
Keep in mind that the preceding setup is not a secure access method for a router network.
Copying and Backing Up Configuration Files
Cisco IOS allows you to copy and back up the configuration file and the IOS image locally or to a remote TFTP server. With this feature, you can back up your configuration and IOS images as well as copy new configurations.
To save your configuration to a TFTP server or NVRAM, you must use the copy command and determine whether you want to copy the startup or running con-figuration. Listing 10.11 provides a complete list of available copy options. Listing 10.11 The copy command options.
R1#copy ?
flash Copy from system flash flh-log Copy FLH log file to server mop Copy from a MOP server rcp Copy from an rcp server
running-config Copy from current system configuration startup-config Copy from startup configuration tftp Copy from a TFTP server
When you issue a copy command, the first statement indicates what you want to copy and the second statement indicates where the copied information will be placed. For example, to copy a running configuration to NVRAM, you issue the following command:
copy running-config startup-config
Following is a sample display taken from a Cisco 2500 router where the adminis-trator has issued the copy command to save the running configuration to NVRAM:
R1#copy running-config startup-config Building configuration...
[OK] R1#
After you execute a copy command, the router will tell you whether the proce-dure was successful by using indication OK, as shown in the preceding code for the successful copying from the running configuration to NVRAM.
To back up the router’s running configuration to a TFTP server, you use the following copy command:
copy running-config tftp
Listing 10.12 provides an example of saving a running configuration to a TFTP server
Listing 10.12 The copy running-config tftp command. R1#copy running-config tftp
Remote host []? 10.72.128.45
Name of configuration file to write [r1-confg]?
Write file wtc-ts2-confg on host 10.72.128.45? [confirm]Y Building configuration...
Writing R1 !!!! [OK] R1#
After issuing the copy command, you will need to supply the IP address of the destination TFTP server for the running configuration file.
Note: You need to ensure that the remote TFTP server has been configured with sufficient write access so that a file can be copied.
To load a new IOS to flash, use the copy command. To save the flash to a TFTP server, use the copy tftp flash command as follows:
R1#copy tftp flash
To copy the contents of a router’s flash (IOS Image) to a TFTP server, use the copy flash tftp command:
R1#copy flash tftp
Both the copy tftp flash and flash tftp commands require users to enter the IP address of the TFTP server and the IOS image name. Thus, issue a show version command prior to executing these commands so that you can copy the IOS im-age name.
In IOS versions earlier than version 10.3, the write network command was used to copy a configuration file to a TFTP server. Following is a summary of the write network commands found in IOS versions predating version 10.3:
R1#write ?
erase Erase NVRAM memory memory Write to NVRAM memory network Write to network TFTP server terminal Write to your terminal
Table 10.3 summarizes common copy commands used to save and restore con-figuration and IOS files.
Password Recovery
Password recovery allows a router administrator to recover a lost or unknown password on a Cisco router. For password recovery, an administrator must have physical access to the router via the console or auxiliary port. When a user enters an incorrect enable password, the user receives an error message similar to the message shown in Listing 10.13.
Listing 10.13 An incorrect password error message. R1>enable Password: cisco Password: cisco Password: cisco % Bad passwords R1>
When a user receives a % Bad passwords message, the user can neither access the advanced command set, in this case enable mode, nor make any configuration changes. Fortunately, Cisco provides the following 10-step method that admin-istrators can use to recover a lost password without losing configuration files:
Table 10.3 Common file transfer commands.
Command Description
copy running-config startup-config Copies the current configuration to NVRAM.
copy startup-config running-config Copies NVRAM to the running RAM.
copy running-config tftp Copies the current configuration to a TFTP server.
copy tftp running-config Copies a file from a TFTP server to RAM.
copy tftp flash Copies a new IOS image to flash.
1. Power cycle the router.
2. Issue a control break or the break key command on the application to enter into ROM mode. The control break key sequence must be entered within 60 seconds of the router restarting.
3. Once you are in ROM mode change the config register value to ignore the startup configuration file that is stored in NVRAM. Use the following com-mand syntax o/r 0x2142.
4. Allow the router to reboot by entering the command i.
5. After the router has finished booting up, without its startup-configuration look at show startup-config. If the password is encrypted, move to Step 6, which requires you to enter the enable mode (type enable and you will not be required to enter any password) and copy the startup configuration to the running configuration with the copy startup-config running-config com-mand. Then, change the password.
6. Copy the startup configuration to RAM. 7. Enable all active interfaces.
8. Change the configuration register to 0x2102 (default). 9. Reload router.
10. Check the new password.
To review, let’s look at an example. Assume you are directly connected to router R1, and you do not know the enable password. You first need to power cycle the router. So, you power cycle the router and press the control break key (the Esc key) to enter boot mode. Listing 10.14 shows the dialog displayed by the router after a break is issued.
Listing 10.14 Password recovery dialog on a Cisco router. System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE Copyright (c) 1986-1995 by cisco Systems
Abort at 0x10EA882 (PC)
!control break issued followed by ? to view help options >>?
$ Toggle cache state
B [filename] [TFTP Server IP address | TFTP Server Name] Load and execute system image from ROM or from TFTP server
C [address] Continue execution [optional address]
D /S M L V Deposit value V of size S into location L with modifier M
E /S M L Examine location L with size S with modifier M G [address] Begin execution
H Help for commands I Initialize K Stack trace
L [filename] [TFTP Server IP address | TFTP Server Name] Load system image from ROM or from TFTP server, but do not begin execution
O Show configuration register option settings P Set the break point
S Single step next instruction T function Test device (? for help)
As you can see in Listing 10.14, the ? symbol can be used to display all the available options. To view the current configuration register, issue the following e/s 2000002 command, which displays the value of the configuration register:
>e/s 2000002
! This command will display the current configuration register 2000002: 2102
! Type q to quit >
The value 2102 is the default register on Cisco IOS routers. For illustrative purposes, let’s change the register to 0x2142, which will tell the IOS to ignore the configu-ration in NVRAM and boot with no configuconfigu-ration. The command to change is 0/r 0x2142 followed by the initialize command, which will reload the router:
>0/r 0x2142 >initialize
The preceding command will reboot the router and ignore your startup configu-ration. The aim here is to change the password without losing your original con-figuration. Listing 10.15 displays a truncated display by the Cisco IOS after it reloads.
Listing 10.15 Dialog after reload.
System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE Copyright (c) 1986-1995 by Cisco Systems
2500 processor with 6144 Kbytes of main memory F3: 9407656+151288+514640 at 0x3000060
Restricted Rights Legend Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-AJS40-L), Version 11.2(17) Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 05-Jan-99 13:27 by ashah
Image text-base: 0x030481E0, data-base: 0x00001000 Basic Rate ISDN software, Version 1.0.
1 Ethernet/IEEE 802.3 interface(s) 2 Serial network interface(s)
2 Low-speed serial(sync/async) network interface(s) 1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read ONLY) — System Configuration Dialog —
At any point you may enter a question mark ‘?’ for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets ‘[]’.
Would you like to enter the initial configuration dialog? [yes]:No Press RETURN to get started!
... Router>
Notice in Listing 10.15 that the router reverts to the default configuration. Enter the enable keyword to get into privilege mode. In this scenario, you will not be prompted for the enable password, because there isn’t one. You can view the startup config by using the show startup-config (or show config in IOS versions predat-ing version 10.3), as shown in Listpredat-ing 10.16.
Listing 10.16 The sh startup-config command. Router#sh startup-config
Using 1968 out of 32762 bytes
! Last configuration change at 16:35:50 UTC Tue May 18 1999 ! NVRAM config last updated at 16:35:51 UTC Tue May 18 1999 version 11.2 service password-encryption no service udp-small-servers no service tcp-small-servers hostname R1 ! enable password 7 05080F1C2243
As you can see in Listing 10.16, the enable password is encrypted. In instances where the password is not encrypted, you could view the password using the sh startup-config command. But, when a password is encrypted, you’ll need to copy the startup config to the running config and change the password manually, by using a command similar to the following:
At this point in the example, you are still in privilege mode, so you can enter Global Configuration mode to change the password back to its original setting (cisco in this instance), as displayed in Listing 10.17.
Listing 10.17 Changing a password and setting the configuration registry commands.
R1#config term
R1(config)#enable password cisco R1(config)#config-register 0x2102
You then complete password recovery by changing the configuration register back to the 0x2102 the default. When the router reloads, it will load the new configu-ration file with the password set to cisco as well change the configuconfigu-ration register back to its default value. Here is the dialog that occurs when the password in the example is set back to cisco using Cisco’s password recovery method:
R1>ena
Password: cisco R1#
Now, we’ll look at SNMP’s configuration parameters and restrictions on Cisco routers.
Enabling Simple Network Management Protocol (SNMP)
Simple Network Management Protocol (SNMP) is an Application layer proto-col that operates at layer 7 of the OSI model. SNMP is used to manage network devices, such as routers and switches. SNMP is also used by routers and switches to notify SNMP managers when errors occur or thresholds are reached the device running SNMP issue trap, which is notification that the threshold has been reached. The Simple Network Management Protocol (SNMP) system consists of three parts:
➤ SNMP Manager—Server based platform requesting and setting parameters. This device has overall control of a network. Cisco supplies the program called
CiscoWorks that collects traps and other SNMP information, such as
hard-ware types, CPU utilization, and much more.
➤ SNMP Agent—Software running on a device. The SNMP manager can get information from a device or set values on the device, such as system contact or router name.
➤ Management Information Base (MIB)—The set of rules that define the infor-mation that is sent and received.
To configure SNMP on a router, you must define the relationship between the manager and the agent. To specify the recipient of a trap message, use the follow-ing IOS command:
snmp-server host host community-string [trap-type]
To specify the types of traps sent:
snmp-server enable traps [trap-type] [trap-option]
To establish trap message authentication: snmp-server trap-authentication
To view sent and received SNMP messages, use the show snmp command. List-ing 10.18 provides a sample sh snmp command display taken from a Cisco router. Listing 10.18 The sh snmp command.
R1# show snmp
167 SNMP packets input
0 Bad SNMP version errors 0 Unknown community name
0 Illegal operation for community name supplied 0 Encoding errors
197 Number of requested variables 0 Number of altered variables 0 Get-request PDUs
167 Get-next PDUs 0 Set-request PDUs 107 SNMP packets output
0 Too big errors (Maximum packet size 484) 0 No such name errors
0 Bad values errors 0 General errors 107 Get-response PDUs 0 SNMP trap PDUs
The preceding display shows what has been sent and received by a router or switch.
SNMP is one of the most commonly used protocols for network management, and you will undoubtedly run across it over and over again in your networking career. The next section discusses how you can take that little portion of your network that has a legacy protocol that will not go away and translate it to the common protocol in your network, IP for example.
Cisco Protocol Translation
and Applications
Cisco IOS allows networks to translate from one protocol to another without the need to implement every type of protocol across all your routers and throughout your network. Figure 10.3 provides an overview of Cisco’s protocol translation features. The network shown in Figure 10.3 is a relatively small network, but the translation configuration serves as a helpful tool for this section’s discussion. Imagine that the three routers shown in Figure 10.3 use IP, and the PC located on Router 2’s Ethernet segment needs to communicate with the LAT host on
R2 10.1.6.0/24 R1 Translate TCP 10.1.6.100 LAT test Translation configuration R3 Understands IP only, needs to talk
to LAT host IP Network LAT host service called test Dummy IP address 10.1.6.100, does not exist
TCP/IP translated to
LAT service test
router R1’s Ethernet segment. Ordinarily, this would not be possible—either the PC would require LAT to be installed and bridged across the IP network, or the LAT host would require TCP/IP to be installed. Fortunately, Cisco IOS pro-vides a workaround. Instead of installing LAT or TCP/IP, you can use Cisco IOS to translate a TCP/IP session into a LAT session. Using a valid IP address at the R2 Ethernet segment then translating to LAT performs this without the need to install special software or enable bridging, because LAT is not a routable protocol. Cisco IOS supports translation for the following protocols:
➤ TCP/IP ➤ LAT ➤ X.25
Referring to Figure 10.3, let’s suppose a LAT service called test resides on R1’s Ethernet interface. Let’s consider the example where the PC telnets to a valid IP address that is routed to the segment where the LAT host resides. The PC Telnets to a valid IP address on R1’s Ethernet segment for IP routing to work correctly, although this IP host address does not exist, and the translation will be per-formed at R1. When router R1 receives a TCP/IP session request for the IP 10.1.6.100, the router will translate the TCP/IP session into a LAT session and perform the protocol conversion on behalf of the PC. The configuration on router R1 would be as follows:
translate tcp 10.1.6.100 lat test
The preceding setup is an example of a one-way translation. You can also use two-way translations to translate from TCP/IP to LAT as well as from LAT to TCP/IP. A two-way translation might be useful in situations in which you have two LAT devices separated by an IP-only backbone.
To monitor protocol translation, use the show translate IOS command, as follows: R1#sh translate
Translate From: TCP 10.1.6.100 Port 23 To: LAT TEST
1/0 users active, 10 peak, 20 total, 0 failures
The preceding command displays the number of translations in use, the peak number of users who are using protocol translation, and the total number of current active translations.
Up to this point in the chapter, we’ve mostly looked at some useful show IOS commands. Therefore, it’s easy to see that the show command set supplies some
of the most useful IOS commands used by router administrators. Similar to the show command set, the debug command set also contains some useful com-mands for router administrators. Thus, in keeping with the Exam Cram philoso-phy of completeness, the next section focuses on common debug commands that you need to be familiar with.
Common Debug Commands
The debug commands are used to troubleshoot what the router is processing. These commands can only be accessed through privilege mode.
Debug messages are always sent to the console port and can be displayed on your VTY connection by using the terminal monitor IOS command. Without this command, you will not see debug messages during a VTY session.
Debugging output is assigned a high priority in the CPU process. Therefore, debugging output can render a system unusable if a CPU has to provide a consid-erable amount of resources to process debugging data. You should use the debug command with extreme caution in a production environment. Of course, this doesn’t mean that you should never use debug commands. Some common tech-niques used to reduce the impact of debug commands is to turn off debugging on the console port by issuing the no logging console command. You will still re-ceive debug output to a VTY session, but no CPU cycles will be used to send the output to the console. You can also send debug output to an external server in a log file that can be viewed at later time or stored to present to Cisco’s technical assistance center when resolving complex routing or switching faults.
To get an appreciation for the debug command set, you can use the ? command to view the available debugging options. The debugging options are too numer-ous to mention here, but be aware that you have access to the entire IOS debug command set. In the next few sections, we’ll cover the three most useful debug commands used to troubleshoot data networks:
➤ debug ip packet ➤ debug ip routing ➤ debug arp
To turn debugging off, issue the no command with the specific debug command previously issued. For example, if you turn on ARP requests with the debug arp command, you can turn the command off by issuing the no debug arp command. If you have several debug commands active, you can turn them all off at once by issuing the undebug all or no debug all command.
debug ip packet
The debug ip packet command displays general IP packet information. This com-mand can be a handy debug tool to use if you do not receive a response from a remote station. Listing 10.19 shows an example of the debug ip packet com-mand when a user successfully pings a remote router with a local address of 10.1.4.1 and a destination address of 10.1.7.1.
Listing 10.19 The debug ip packet command.R1#debug ip packet IP packet debugging is on
R1# ping 10.1.7.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.7.1, timeout is 2 seconds: !!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max=36/36/36ms R1#
IP: s=10.1.4.1 (local), d=10.1.7.1 (Serial2), len 100, sending IP: s=10.1.7.1 (Serial2), d=10.1.4.1 (Serial2), len 100, rcvd 3 IP: s=10.1.4.1 (local), d=10.1.7.1 (Serial2), len 100, sending IP: s=10.1.7.1 (Serial2), d=10.1.4.1 (Serial2), len 100, rcvd 3 IP: s=10.1.4.1 (local), d=10.1.7.1 (Serial2), len 100, sending IP: s=10.1.7.1 (Serial2), d=10.1.4.1 (Serial2), len 100, rcvd 3 IP: s=10.1.4.1 (local), d=10.1.7.1 (Serial2), len 100, sending IP: s=10.1.7.1 (Serial2), d=10.1.4.1 (Serial2), len 100, rcvd 3 IP: s=10.1.4.1 (local), d=10.1.7.1 (Serial2), len 100, sending IP: s=10.1.7.1 (Serial2), d=10.1.4.1 (Serial2), len 100, rcvd 3
In Listing 10.19, the display shows a successful ping request as well as several messages. In the message area, the s field indicates the source of the IP packet, which is 10.1.4.1 for the local router. The (local) information after 10.1.4.1 indi-cates that the IP address refers to a local interface. The d field indiindi-cates the destination IP device, which is 10.1.7.1 via Serial 2. The len field specifies the length of the IP packet. The last field indicates whether the packet was sent (sending) or received (rcvd).
debug ip routing
The debug ip routing command displays the IP routing entries that have been inserted or removed from an IP routing table. This information can be useful if a router is not sending or receiving IP routing updates. The debug ip routing com-mand display can confirm what the router is inserting or deleting from the IP routing table. Listing 10.20 presents an example taken from an OSPF router that has just been activated.
Listing 10.20 The debug ip routing command. R1#debug ip routing
IP routing debugging is on
RT: add 9.1.1.1/32 via 10.1.4.2, ospf metric [110/870] RT: add 10.1.7.0/24 via 10.1.4.2, ospf metric [110/2431] RT: add 131.108.1.0/24 via 10.1.4.2, ospf metric [110/2431] RT: add 131.108.2.0/24 via 10.1.4.2, ospf metric [110/879]
In Listing 10.20, you can see that a number of remote networks have been dis-covered. Also, the metric and administrative distances are displayed.
debug arp
The debug arp command displays all Address Resolution Protocol requests. For example, this command can be used to determine why a certain end device is not responding to an ARP request. Listing 10.21 provides a sample debug arp dis-play taken from a Cisco router.
Listing 10.21 The debug arp output request.
IP ARP: sent req src 10.72.128.45 0000.0c11.1111, dst 10.72.128.1 0000.0000.0000
Listing 10.21 shows the ARP request from a device with an IP address of 10.72.128.45 and a MAC address of 0000.0c11.1111. This device needs the MAC address of the IP device 10.72.128.1. The 0000.0000.0000 indicates an unknown MAC address. Listing 10.22 displays the reply from the device with the IP ad-dress 10.72.128.1.
Listing 10.22 The debug arp output reply.
IP ARP: rcvd rep src 10.72.128.1 0010.117a.a813, dst 10.72.128.45
Listing 10.22 displays an output of the debug command debug arp. In this par-ticular case the router has replied to the request for the MAC address that is configured with the IP address 10.72.128.1.
Practice Questions
Question 1
Which of the following is not a Cisco router component? ❍ a. RAM
❍ b. NVRAM ❍ c. Flash ❍ d. ROM ❍ e. CPA
The correct answer is e. The CPA acronym does not refer to any hardware com-ponent on any Cisco router. Answers a, b, c, and d are incorrect, because Cisco routers consist of RAM, NVRAM, Flash, and ROM.
Question 2
Which of the following router components stores the startup configuration? ❍ a. RAM
❍ b. NVRAM ❍ c. Flash ❍ d. ROM
The correct answer is b. NVRAM stores a router’s startup configuration. Answer a is incorrect, because RAM stores a copy of the configuration and is copied from NVRAM when a router is powered up. Answers c and d are incorrect, because flash is used to store IOS images and ROM contains a scaled-down version of IOS.
Question 3
Which IOS command displays the IOS images stored on flash? ❍ a. show IOS
❍ b. show cisco ❍ c. show flash ❍ d. display flash
The correct answer is c. The show flash IOS command displays the images stored on flash. You can also use sh fl as shorthand. Answers a, b, and d are incorrect, because they are invalid IOS commands.
Question 4
What IOS command was used to display the following corrupted IOS display?
CPU utilization for five seconds: 7%/5%; one minute: 7%; five minutes: 7%
PID QTy PC Runtime (ms) Invoked %^&$#@^ 2 M* 0 16 14 3 Lst 317D1FC 7456 136 4 Cwe 3182F1E 0 5 Mst 31218F0 8 2 6 Lwe 31A9B5E 24 48 ... ❍ a. show protocol ❍ b. show process ❍ c. show cpu ❍ d. display process
The correct answer is b. The display shows the utilization of the CPU on the first line, which corresponds to the display provided by the IOS command show pro-cess, or sh proc. Answer a is incorrect, because show protocol displays the proto-col in use per interface. Answers c and d are incorrect, because they are invalid IOS commands.
Question 5
Which configuration register will instruct a router to ignore the startup con-figuration?
❍ a. 0x2102 ❍ b. 0x2142 ❍ c. 0x2101 ❍ d. 0x2100
The correct answer is b. The bit in position 6 tells the router to boot the configu-ration from NVRAM or ignore the configuconfigu-ration in NVRAM.. Answer a is in-correct, because 0x2102 is the default configuration register and boots the configuration from NVRAM. Answer c is incorrect, because 0x2101ignores the IOS on flash. Answer d is incorrect, because 0x2100 causes the router to boot into ROM mode (and the prompt will be >).
Question 6
Which IOS commands display the configuration register? [Choose the two best answers] ❑ a. show version ❑ b. show hardware ❑ c. show running-config ❑ d. show startup-config ❑ e. show configuration-register
The correct answers are a and b. To view the configuration register, you can use the show version (sh ver) or show hardware (sh ha) IOS command. Answers c and d are incorrect, because they will not display the register. The command show run-ning-config will display the current configuration on the router. The command show startup-config will display the configuration store in NVRAM. Answer e is incorrect, because show configuration-register is an invalid IOS command.
Question 7
How can a Cisco router be accessed? [Choose the three best answers] ❑ a. Console port
❑ b. VTY port ❑ c. Exec mode ❑ d. Auxiliary port
The correct answers are a, b, and d. To access a Cisco router, you can be physically connected via the console port or remotely connected via a modem on the auxil-iary port. You can also Telnet to a router through the virtual terminal (VTY port). Answer c is incorrect, because the Exec mode is a mode of operation and not an access method.
Question 8
Which IOS command will encrypt all passwords configured on a Cisco router? ❍ a. password all
❍ b. service password encryption ❍ c. service password-encryption ❍ d. password encryption
The correct answer is c. To encrypt passwords on a Cisco router, you use the service password-encryption global command. Answers a, c, and d are incorrect, because they are invalid Cisco IOS commands.
Question 9
Which IOS command can be used to copy an IOS image from a TFTP server to ROM?
❍ a. copy tftp flash ❍ b. copy flash tftp ❍ c. copy tftp rom ❍ d. copy rom tftp
The correct answer is e. You cannot write to ROM, which is read-only memory. The ROM contains a scaled-down version of IOS. You can physically swap the ROM chips. You cannot perform a software upgrade by using any IOS com-mand. Answers a, b, c, and d are incorrect, because ROM is not programmable. The copy tftp flash command will copy an IOS image from a TFTP server to the flash on board a Cisco router. The copy flash tftp command stores a copy of the flash on a Cisco router to a TFTP server. The copy tftp rom command is not a valid Cisco IOS command. The command copy rom tftp is also not a valid IOS command.
Question 10
Which IOS command enables you to monitor CPU processes down to the packet level? ❍ a. reload ❍ b. terminal on ❍ c. debug ❍ d. show ❍ e. display
❍ f. Cisco routers do not have a CPU
The correct answer is c. To see a detailed view of CPU tasks, you use the debug command. Answer a is incorrect, because the reload command is used to reload the router. Answer b is incorrect, because terminal on is an invalid IOS com-mand. Answer d is incorrect, because, while the show command displays status and configuration parameters, it does not show detail at the packet level. Answer e is incorrect, because display is an invalid IOS command. Answer f is incorrect, because all Cisco routers contain a CPU.
Question 11
Which IOS commands will turn off all currently active debug commands on a Cisco router? [Choose the two best answers]
❑ a. debug all ❑ b. no debug all ❑ c. undebug all ❑ d. no debug
The correct answers are b and c. To turn off all debugging, you can use no debug all or undebug all. Answer a is incorrect, because debug all turns on every pos-sible debug command. Answer d is incorrect; if you issue no debug, the router will respond by requesting for more information, because the command is in-complete.
Question 12
Which IOS command will set the enable password to CisCo? ❍ a. enable password cisco
❍ b. enable-password CisCo ❍ c. enable password CisCo ❍ d. enable password cisco ❍ e. Both c and d are correct
The correct answer is c. All passwords on a Cisco router are case sensitive, and the syntax to set the password is enable password. Therefore, to set the password to CisCo, the IOS command is enable password CisCo. Answers a and d are incorrect, because the password is entered incorrectly. Answer b is incorrect, be-cause enable-password CisCo is an invalid IOS command—there is no dash between enable and password. Answer e is incorrect, because only answer c shows the correct command.
Question 13
SNMP operates at which layer of the OSI model? ❍ a. Layer 1 ❍ b. Layer 2 ❍ c. Later 3 ❍ d. Layer 4 ❍ e. Layer 5 ❍ f. Layer 6 ❍ g. Layer 7
The correct answer is g. SNMP is an Application layer protocol, and the Appli-cation layer is layer 7 of the OSI model. Answers a, b, c, d, e, and f are incorrect, because SNMP operates at layer 7 of the OSI model.
Need to Know More?
Chappell, Laura. Introduction to Cisco Router Configuration (ICRC). Macmillan Publishing Company: Indianapolis, Indiana, 1998. ISBN: 1-57870-076-0. Chapters 5 and 6 provide an excellent overview of Cisco router device operation.
Cisco IOS 12.0 Fundamentals. Cisco Press: Indianapolis, Indiana, 1999.
ISBN 1-57870-155-4. This book provides all the configurable op-tions available with Cisco IOS. Each chapter provides a brief intro-duction followed by all the IOS command options. Part I provides a comprehensive description of the command line interface. Part II de-scribes file management on Cisco routers, and Part III details system management, with extensive coverage of show commands.
Coe, Jeffrey, and Matthew Rees. CCNA Routing And Switching Exam
Cram. The Coriolis Group: Scottsdale, Arizona, 1999. ISBN
1-57610-434-6. Chapter 5 provides details about managing Cisco routers along with some helpful sample examination questions.
www.cisco.com provides a wealth of documentation related to the topics discussed in this chapter. For debug commands and sample displays, visit the documentation home page.