Category: CCNA Study Guide Chapter 07

Chapter 7 began with a look at the basics of the boot process of a Cisco router. Next, the initial configuration of a Cisco router from the System Configuration Dialog prompts was explored. Extended setup mode was used to assign the router its initial configuration parameters including a hostname, passwords, and interface IP addresses.

Configuration from the IOS command line was looked at next, beginning with the process of logging into and out of a router. The differences between user and privileged EXEC mode was discussed, including how they can be identified by their associated command prompts.

A look at the configuration files on a Cisco router outlined the differences between the running configuration stored in RAM and the startup configuration stored in NVRAM. The syntax for the copy command was also looked at, including its use in saving the running configuration to the startup configuration. An overview of IOS shortcuts explained navigation techniques that can be used from the command line, as well as the use of truncated or shorthand commands. A look at the terminal history command explained how to change the buffer size, or disable it within a session.

The IOS help function was explored next, including the ways in which it can be used to find or complete commands.

A look at IOS configuration modes introduced global configuration mode, as well as the difference between the configure terminal, memory, and network options. Various levels of global configuration mode were also explored, including those associated with interface, line, and routing protocol configuration. The router prompts associated with each were also explained.

The configuration of passwords was also looked at, including the purpose and configuration of enable, enable secret, console, auxiliary, and virtual terminal passwords. The service password-encryption command was also discussed as a way of encrypting passwords not usually encrypted by default. The ability to configure a logon banner was also explored, using the banner motd command.

The interface configuration section outlined the procedure for setting IP addresses on interfaces, as well as the importance of the no shutdown command. An overview of configuring serial interfaces as DCE for lab environments was also discussed. The procedure for enabling and configuring IPX was also looked at, including the configuration of Ethernet encapsulation settings for IPX. The show interface command was discussed as a way to gain information about an interface, including its physical and data link characteristics.

A look at hostnames explained how to change the hostname on a Cisco router, configure a hosts table, and finally how to configure a router to use a DNS server for name resolution.

The copy command was then looked at in more detail. It explained the backup and restoration of configuration files and IOS images, both between memory areas and via a TFTP server. A look at telnet explained the basics of initiating, disconnecting, and switching between sessions. Configuration of the router via a web browser was also briefly explained. Diagnostic utilities were looked at next, including both ping and traceroute.
A look at the Cisco Discovery Protocol followed, including how it can be used to gain valuable information about neighboring Cisco devices.

Cisco Discovery Protocol (CDP) is a proprietary protocol developed by Cisco that provides a quick and easy way to find out about neighboring Cisco devices on your network. Enabled by default, CDP provides a variety of information on neighboring Cisco routers and switches. CDP messages use the Ethernet SNAP frame type.

To view information about neighboring Cisco devices, use the show cdp neighbors command.

cisco2501#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
> Device ID Local Intrfce Holdtme Capability Platform Port ID
accra Eth 0 146 R 2500 Eth 0

The information provided shows that our Cisco 2501 has received CDP announcements from one other piece of equipment – in this case, another Cisco 2500 router. Notice the capability codes listed first. These provide you with an overview of the different types of equipment that can be found via CDP – R designates a router, S a switch, and so forth. These codes are then associated with the devices found, under the Capability header.
Obviously a variety of information is provided by the show CDP neighbors command, but what does it all mean? Each section is looked at below.

• Device ID. The hostname of the neighboring device.
• Local Interface. The interface on which this router received information about the neighboring device.
• Holdtime. The amount of time the router will store this information before dropping it from memory, if additional CDP packets are not received.
• Capability. The type of device that announced itself using CDP.
• Platform. The hardware platform of the neighboring equipment.
• Port ID. The port from which the CDP packet was sent on the neighboring device.

To obtain more detailed information on any CDP neighboring device, use the show cdp neighbor detail command.

cisco2501#show cdp neighbor detail
-------------------------
Device ID: accra
Entry address(es):
IP address: 192.168.1.45
Novell address: 101A.0060.5cc4.f41b
Platform: cisco 2500, Capabilities: Router
Interface: Ethernet0, Port ID (outgoing port): Ethernet0
Holdtime : 178 sec
Version :
Cisco Internetwork Operating System Software
IOS ™ 2500 Software (C2500-D-L), Version 12.0(5), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 15-Jun-99 20:08 by phanguye

This command provides six primary pieces of information about neighboring devices including its hostname, logical addresses (CDP will provide one logical address per protocol), platform, connected interface, CDP holdtime, and IOS version. If you’re looking for a simple way to determine an IP or IPX address of a neighboring device, this command is also the way to go.

By default, CDP packets are sent out every 60 seconds. The default holdtime is set to 180 seconds – again, this is the length of time that the device will hold information provided by CDP if an update is not received.

To view the CDP holddown and timer values currently configured on your router, use the show cdp command.

cisco2501#show cdp
Global CDP information:
Sending CDP packets every 60 seconds
Sending a holdtime value of 180 seconds

To reconfigure either value, use the cdp timer and cdp holdtime commands, as shown below. We’ll set the holdtime on the router to 200 seconds, and the timer value to 70 seconds. Remember that in order to change just about any setting, you will need to be in global configuration mode.

cisco2501#config t
Enter configuration commands, one per line. End with CNTL/Z.
cisco2501(config)#cdp holdtime 200
cisco2501(config)#cdp timer 70

In some cases, you may not want CDP enabled on a given interface. To turn it off for a single interface, access the interface’s configuration and issue the no cdp enable command.

cisco2501(config)#int e0
cisco2501(config-if)#no cdp enable

In the example above, I disabled CDP, but only on interface Ethernet 0. If you change your mind and want to re-enable CDP on an interface, use the cdp enable command. To globally enable or disable CDP, use the cdp run or no cdp run commands respectively from global configuration mode.

cisco2501(config)#cdp run
cisco2501(config)#no cdp run

To view the CDP properties of all interfaces on your router, use the show cdp interface command.

cisco2501#show cdp interface
Ethernet0 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial0 is down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial1 is down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds

Another useful utility is testing connectivity, especially in routed environments, is traceroute. While ping tests for basic connectivity with another host, traceroute will show you the path that a packet takes (in terms of crossing intermediate routers) between a source and destination. Since we haven’t set up routing yet, traceroute won’t provide us with much useful information. In a routed environment, traceroute provides valuable information because it helps to indicate at which point in a packet’s travels a failure is occurring. Issues might include an intermediate router being offline, or physical connection problems.

Traceroute works by sending groups of 3 UDP datagrams to the destination address specified, with varying time to live (TTL) values. For example, imagine there are three routers between our system and the destination host that we’re to determine the path to. Traceroute will send out 3 UDP datagrams with a TTL of one. When these hit the first router in the path, their TTL will be decremented by one, causing the packets to expire. ICMP “time exceeded” messages will be sent back to the source host. It will then send out another 3 UDP datagrams with a TTL of 2, which will exceed their TTL at the second router. This process continues until the destination host is reached. The cumulative information provided shows the path to the destination. If the process fails at any point, this indicates or suggests a problem area between the source and destination. Traceroute is an exceptionally simple and powerful troubleshooting tool in routed environments. To use it, simply enter traceroute followed by the destination IP address or hostname.

cisco2501#traceroute 192.168.1.209
Type escape sequence to abort.
Tracing the route to 192.168.1.209
1 192.168.1.209 4 msec 40 msec *

As I mentioned previously, traceroute doesn’t provide very much information on our network yet. Once some routing is configured, we’ll be able to see multiple hops in the path to a destination.

While the initial configuration of your Cisco router using the console port and a rollover cable may be necessary, you’ll eventually want to access routers on your network using telnet sessions. Since telnet is an IP-based application, your routers will need to be configured with at least one valid and reachable IP address to use this method. Also remember that in order to connect to a router using telnet, that router will need a virtual terminal (vty) password configured. If not, any connection attempts will be refused. Notice what happens when we attempt to telnet into the accra router at IP address 192.168.1.45.

cisco2501#telnet 192.168.1.45
Trying 192.168.1.45 ... Open
Password required, but none set
[Connection to accra closed by foreign host]
cisco2501#

Using telnet to connect to routers is much faster than connecting via the console port. If you recall, back in the hostname section of this chapter we added an entry to our hosts table that resolved the name accra to its IP address. Because of that, we can easily connect to the accra router by simply entering accra at the prompt. By the same token, we could just as easily enter the IP address without the telnet command preceding it. The router will assume that we’re trying to telnet if we don’t provide any additional information.

cisco2501#accra
Trying accra (192.168.1.45)... Open
User Access Verification
Password:

Before issuing the command, I set a vty password on the accra router – notice it prompts us for a password rather than refusing the connection this time.

Telnetting from a client machine to a telnet server is known as a forward telnet session. However, when you connect from a telnet server to another telnet server, it is known as a reverse telnet session. In general, this detail isn’t terribly important, but I thought I should mention it since you may come across the term in the Cisco documentation.
After we have connected to the accra router via telnet, we still have the ability to get back to the prompt of the cisco2501 router using a special key sequence. By pressing Ctrl+Shift+6 together and then the letter X, we return to the original prompt. The telnet session to the accra router is still open – we’ve just left it temporarily, perhaps to open yet another reverse telnet session to another router. The ability to switch between connections is much more convenient than constantly logging off and back on.
However, having multiple telnet session open can also be a little confusing. So how can you recall sessions that you’ve initiated and access them again? Well, you should start off with the show sessions command. This will list the currently active sessions, as shown below.

Cisco2501#show sessions
Conn Host Address Byte Idle Conn Name
* 1 192.168.1.45 192.168.1.45 0 0 192.168.1.45
Cisco2501#

The asterisk shown above is used to designate the last session accessed. To reconnect to this telnet session, you can either press Enter twice (this will always access the last session), or enter the number associated with the Conn header – in this case 1, followed by the Enter key.

To end a telnet session, you have two main options. From within a session, just type exit.

accra>exit
[Connection to accra closed by foreign host]
cisco2501#

If you want to close a session without actually being in it, use the disconnect command. For example, to close that accra session from the cisco2501 command prompt, we would enter disconnect followed by the associated connection number.

cisco2051#disconnect 1
Closing connection to 192.168.1.45 [confirm]
cisco2501#

While configuring a router using telnet may be common, it is also possible to configure your router via a web browser. Although it’s disabled by default, your router has its own mini HTTP server built in. This provides yet another way to gain access to the router for the purpose of issuing commands. To enable the HTTP server, use the command ip http server from global configuration mode.

cisco2501(config)#ip http server
cisco2501(config)#

After doing this, open your web browser and point it to one of your router’s IP addresses. While the browser interface may not be pretty, it’s worth being aware of its existence. In general, it really provides no more functionality that what is available in a telnet session, although it does offer the ability to issue commands using hyperlinks. For the most part, I suggest that you keep the HTTP server turned off, since it offers another point of access for potential hacking. After taking a look, the HTTP server can be turned off using the no ip http server command.

The copy command isn’t limited to simply backing up or restoring configuration files. It can also be used to copy your current IOS image to a TFTP server, or to apply a new IOS image to your router. Recall that the Cisco IOS image is stored in Flash memory. Before deciding to install a new IOS image, be sure that your router has enough Flash memory to support the image. Images from different feature sets may require more Flash memory than you currently have installed.

To back up the current IOS to a TFTP server, use the copy flash tftp command.

cisco2501#copy flash tftp
Source filename []? d1205.bin
Address or name of remote host []? 192.168.1.21
Destination filename [d1205.bin]?
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
3289170 bytes copied in 47.668 secs (69982 bytes/sec)

While the copy operation to the TFTP server is completing, the exclamation points shown will scroll across the screen – I have eliminated many of these in order to save space. You will notice that the command requires us to provide information on the image filename and the IP address of the TFTP server. If you’re not sure of the name of the image stored in Flash, use the show flash command.

Router#show flash


System flash directory:
File Length Name/status
1 3289170 d1206.bin
[3289236 bytes used, 905068 available, 4194304 total]
4096K bytes of processor board System flash (Read/Write)

Since this router has only 4 MB of Flash, we are obviously limited to an image that will fit within that space. The contents of Flash can also be viewed using the dir command. You will always need to know the name of the images you want to back up or restore. You should also ensure that the TFTP server is available and has enough room to store the image prior to attempting a backup.

Copying a new IOS image from a TFTP server to Flash involves issuing the command copy tftp flash.

cisco2501#copy tftp flash
Address or name of remote host []? 192.168.1.21
Source filename []? d1206.bin
Destination filename [d1206.bin]?
Accessing tftp://192.168.1.21/d1206.bin...
Erase flash: before copying? [confirm]
Erasing the flash filesystem will remove all files! Continue? [confirm]
Erasing device... eeeeeeeeeeeeeeee ...erased
Erase of flash: complete
Loading d1206.bin from 192.168.1.21 (via Ethernet0): !!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 3289170/6578176 bytes]
Verifying checksum... OK (0xB6BD)
3289170 bytes copied in 89.272 secs (36956 bytes/sec)

Notice that Flash memory was erased completely before the new image was copied over to it. Otherwise, there would not have been enough space to complete the copy process. You’ll also need to issue the reload command after updating the IOS. Finally, use the show version command to ensure that the router is now running the IOS version that you intended to install. Show version also provides a quick and easy way to learn more about your router’s hardware, software, and memory.

Cisco2501#show version
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-D-L), Version 12.0(5), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 15-Jun-99 20:08 by phanguye
Image text-base: 0x0000144C, data-base: 0x00637308
ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE
BOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(8a), RELEASE SOFTWARE (fc1)
Router uptime is 2 days, 8 hours, 9 minutes
System restarted by reload
System image file is "flash:d1206.bin"
cisco 2500 (68030) processor (revision A) with 16384K/2048K bytes of memory.
Processor board ID 02285256, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
1 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
4096K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102

On some routers, including those in the Cisco 2500 series, IOS upgrades should be done from the limited IOS version stored in ROM. Depending upon your model and IOS version, you may be prompted to boot into the ROM-based image after issuing the copy tftp flash command, or you may need to change what are known as configuration register settings. Configuration register settings will be looked at in detail in chapter 13.

When you make changes to a router’s configuration by using configure terminal, you are actually changing the settings stored in RAM – the running configuration. To save these settings to NVRAM, you copy them to the startup configuration, overwriting what was stored there previously. Remember that the copy commands need to be issued from privileged EXEC mode. The example below saves the running configuration settings to the startup configuration.

cisco2501#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...

You can also enter copy run star to achieve the same goal. If you reverse the command, you are copying the contents of the startup configuration into RAM, replacing the current running configuration.

cisco2501#copy star run

You aren’t limited to moving configurations between RAM and NVRAM alone – in fact, you can also save both to a TFTP server. But why would you do this? Mainly to have a backup copy of the files, just in case. For example, it’s always a good idea to copy the startup configuration to a TFTP server prior to changing the configuration of a router. That way, if you mess something up, you can always just restore an old configuration file.

Any TFTP server software can be used. After installing it on your laptop or a network server, you will ultimately reference it by its associated IP address.

To save the startup or running configuration to a TFTP server, enter the commands copy star tftp or copy run tftp respectively. The example below shows the running configuration being saved to a TFTP server.

cisco2501#copy run tftp
Address or name of remote host []? 192.168.1.21
Destination filename [running-config]?
!!
1136 bytes copied in 5.100 secs (227 bytes/sec)

Notice that the command asked us to specify the location of the TFTP server (the address of the remote host). In larger environments, consider using a destination filename that uniquely identifies the router that the file is associated with. In this case, I simply chose the default name, running-config.

Going a step further, you can also restore a configuration file to the router from a TFTP server.

cisco2501#copy tftp run
Address or name of remote host []? 192.168.1.21
Source filename []? running-config
Destination filename [running-config]?
Accessing tftp://192.168.1.21/running-config...
Loading running-config from 192.168.1.21 (via Ethernet0): !
[OK - 1136/2048 bytes]
1136 bytes copied in 5.572 secs (227 bytes/sec)

This time, we entered the command copy tftp run, since we wanted to copy the running configuration file from the TFTP server to the running configuration of the router. We also had to specify the IP address of the TFTP server, and the name of the file to restore.
One last note as far as the configuration files are concerned. During your studies (and in real life) there will be times when you just want to kill the entire configuration of the router, reboot, and start from scratch. This is easy enough to accomplish. In fact, it only takes one command. Effectively, what you want to do is erase the startup configuration stored in NVRAM. If you do this and reboot the router, it’s just like starting anew – when the router does reboot, you’ll be presented with the System Configuration Dialog. While practicing for your exams, it is definitely in your best interest to go through the router configuration process many times, or until you feel completely comfortable with it. To erase the startup configuration, use the erase startup-config command.

cisco2501#erase startup-config
Erasing the nvram filesystem will remove all files! Continue? [confirm][OK]
Erase of nvram: complete

It’s always a good idea to backup your startup configuration to a TFTP server before issuing this command, just in case you want to return to where you were previously.

Although we’ve taken a reasonable look at configuring router settings and interfaces, we’ve only spent a little bit of time on what is perhaps the most important topic of all – knowing how to backup and restore router elements such as configuration files and IOS images.

Backing up and restoring configuration files and IOS images requires you to remember the simple command learned earlier – copy from to. In all of the examples that we’re going to look at here, you will need to remember how the copy command is structured. In fact, you should make a point of reading the command in that way as well. For example, the command copy running-config startup-config should actually be read as “copy settings from the running configuration to the startup configuration”. In other words, save the configuration currently stored in RAM to NVRAM, where it will be found the next time the router boots. It may sound simple, but it’s also important.

In order to truly understand your interfaces, you’ll need to make use of the show interface command. By specifying an interface along with the command, you’ll be provided with statistical information, the interface’s MAC address, logical addresses, encapsulation, and most importantly, whether the interface is functioning correctly or not.
The show interface command is issued from the privileged EXEC mode prompt. In order to view the configuration of our router’s Ethernet 0 interface, use the show interface e0 command.

Router#show interface e0
Ethernet0 is up, line protocol is up
Hardware is Lance, address is 00e0.f751.d6af (bia 00e0.f751.d6af)
Internet address is 192.168.1.46/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255
Encapsulation ARPA, loopback not set, keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 2000 bits/sec, 3 packets/sec
5 minute output rate 1000 bits/sec, 2 packets/sec
15248 packets input, 1718569 bytes, 0 no buffer
Received 5405 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 input packets with dribble condition detected
12122 packets output, 4045434 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 babbles, 0 late collision, 1 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out

It’s important to be familiar with the information provided by the show commands. When looking at the output of the show interface e0 command, a variety of information is provided, including the interface IP address, MAC address, statistics, and so forth. However, the first line contains information that is absolutely critical – it tells us about both the physical and data link characteristics of the interface.

The first portion, Ethernet 0 is up, refers to the Physical layer characteristics of the interface. In this case, it means that the link is receiving a carrier detect signal – in other words, our Ethernet interface is plugged into a working switch or hub. If the message had been Ethernet 0 is down, that would generally indicate a physical connectivity problem, such as the cable being disconnected.

The second portion, line protocol is up, refers to the Data Link layer characteristics of the interface. Keepalives are the messages sent over a link to ensure that a given interface is usable. If keepalives are functioning correctly, the line protocol is considered to be up.
There are four possible entries that you may come across when using the show interface command. Each is outlined below. Although this example uses an Ethernet interface, it could just as well be the output for a serial interface.

• Ethernet0 is up, line protocol is up. Both the Physical and Data Link characteristics of the interface are functioning correctly.
• Ethernet0 is down, line protocol is down. This message usually represents a physical interface problem. For example, the cable may be disconnected. This problem can also occur if this interface is connected to another router whose interface has been shut down using the shutdown command.
• Ethernet0 is up, line protocol is down. In this case, Physical layer connectivity is obviously not the issue. The line protocol being down is usually related to either a clocking issue (such as with keepalives) or a mismatch between the frame types being used on connected devices. For example, one router being configured to use ARPA frames, and another to use SNAP.
• Ethernet0 is administratively down, line protocol is down. This output means that a local interface has been manually shut down using the shutdown command. In the example below, the shutdown command is issued for interface serial 0, followed by the show int s0 command.

Router(config)#int s0
Router(config-if)#shutdown
Router(config-if)#^Z
Router#show int s0
Serial0 is administratively down, line protocol is down