1. The Internal Components of a Cisco Router:
The following are the router's components:
- Bootstarp: It will boot the router and then load the IOS.
- POST: Power-On-Self-Test used to check the router's hardware functionality.
- ROM monitor: used for testing and troubleshooting.
- Mini-IOS: called RXBOOT, it's used to load the router IOS into a flash memory.
- RAM: used to hold data (packet, ..).
...
2. Managing Configuration Register:
You can see the current value of the configuration register by using the "show version" command.
2.1. Changing the Configuration Register:
You can change the configuration register value to modify how the router boots and runs. The change can be done using: config-register 0x2101.
The command 'show flash' will show the flash content.
2.2. Recovering Passwords: p 299
The default configuration register value is 0x2102, when loading the router look for configuration stored in NVRAM. To recover a password and ignore the NVRAM content, turn on bit 6. The configuration will become 0x2142.
Here are the main steps to password recovery:
- Iterrupting the Router Boot Sequence: press Ctrl+Break to interrupt the router boot.
- Changing the configuration register: use the 'config-register' command. On Cisco ISR/2600 Series Commands 'confreg 0x2142', Cisco 2500 series, enter 'o/r' followed by the new register value.
- Reloading the Router and Entering Privileged Mode: From the ISR/2600 series type 'I' or 'reset', from a 2500 series type 'I'. When reloading, answer no to enter setup mode.
- Viewing and changing the configuration: copy the startup to the running config file. While you can't view the password since it is encrypted, change the password using the 'enable secret' command.
- Resetting the configuration register and reloading the router: after changing the password, return back the register value to 0x2102.
Finally, save the new configuration to the startup an reload the router.
2.3. Boot System Commands: p 302.
-The 'boot system' command allow you to tell the router which file to boot from flash memory. By default, the router boots the first file found in flash.
-The 'boot system tftp file_name host_addr' command makes your routers boot from TFTP host.
-The 'boot system rom' command loads the mini-IOS from ROM.
3. Backing Up and Restoring the Cisco IOS:
3.1. Verifying Flash Memory:
You can verify the amount of flash memory and the files being stored in flash by using the 'show flash' command.
The 'show version' command shows the actual name of the file that the router is using to run the router.
3.2. Backing Up the Cisco IOS:
To back up the Cisco IOS to a TFTP server, use the 'copy flash tftp' command which will ask you then the server address or name. You have to check the connectivity to the tftp server beforte backing up the IOS.
3.3. Restoring or Upgrading the Cisco Router IOS:
You can download a file from a tftp server to flash by using the 'copy tftp flash' command. Make sure that the file is in the default directory of the tftp server.
3.4. Using the cisco IOS File System (Cisco IFS):
Cisco IFS is a file system that allows you to work with files and directories. The commands you use are dir, copy, more, delete, erase or format, cd and pwd, mkdir and rmdir.
The 'delete' command doesn't free up the space used by the deleted file. To free it up use the command 'squeeze'.
Remember that the IOS is expanded into RAM when the router boots, so the new IOS will not run until you reload the router.
4. Backing Up and Restoring the Cisco Configuration:
4.1. Backing Up the Cisco Router Configuration:
You can use 'copy running-config tftp' or 'copy startup-config tftp' to back up the router configuration that's currently in DRAM or in NVRAM.
4.2. Copying the Current Configuration to NVRAM:
You can use startup-config as a back up, and the current config will be reloaded as the router reboot.
4.3. Copying the Configuration to a TFTP Server: p 317
You can make a back up of the running-config to a tftp server using 'copy running-config tftp'. To restore the configuration use 'copy tftp running-config' or 'copy tftp startup-config'.
4.4. Erasing the Configuration:
To delete the stratup-config file use the command 'erase startup-config'. If you relaod without saving changes, you'll be directed to setup mode.
5. Using Cisco Discovery Protocol (CDP):
It's a proprietary protocol designed to collect information about locally attched and remote devices.
5.1. Getting CDP Timers and Holdtime Information:
The 'sh cdp' command gives you information about two global parameters:
- CDP timer is how often CDP packets are transmitted out all active interfaces;
- CDP holdtime is the amount of time that the device will hold packets received from neighbor devices.
The commands 'cdp holdtime' and 'cdp timer' allows to configure the CDP's.
Use 'no cdp run' to turn off cdp, 'no cdp enable' and 'cdp enable' to turn off or on for an interface.
5.2. Gathering Neighbor Information:
The 'show cdp neighbor' command delivers information about directely connected devices. CDP packet aren't passed through a Cisco switch.
The 'show cdp neighbors detail' can be run on a router or a switch, it displays detailed information about each directly connected device.
The 'show cdp entry *' command displays the same information as the previous command, but has two options. 'show cdp entry * protocols' display only the ip address of the directly connected devices, 'show cdp entry * version' show only the IOS version.
5.3. Gathering Interface Traffic Information:
The 'show cdp traffic' command displays information about interface traffic, including the number of CDP packets sent and received and errors with CDP.
5.4. Gathering Port and Interface Information:
The 'show cdp interface' gives you the CDP status on router interfaces or switch ports. You can turn off the cdp on a per-interface basis with 'no cdp enable' from the interface configuration mode. You enable a port with 'cdp enable'.
5.5. Documenting a Network Topology Using CDP:
You have a router with a four interfaces, two FastEthernet and two Serial. First, determine the IP addresses of each interface by using the 'show running-config'.
Next, you need to determine the type of device on the others end of each of these interfaces by using 'show cdp neighbors'. Now you know about all the IP addresses of the router plus the types of routers connected to each of its interfaces.
And so you can reveal the network topology. We could've also used the 'show cdp neighbors detail' to view the neighbor's IP addresses.
6. Using Telnet: p 336
On a cisco router, when typing an IP address it assume that you want to telnet to the device. The VTY password is the user-mode password, not enable-mode's one.
To allow console messages to be sent to your Telnet session, use the 'terminal monitor' command.
6.1. Telnetting into Multiple Devices Simultaneously:
You can end a telnet session by typing 'exit', to return to the original router console without closing the telnet session press 'Ctrl+Shift+6', then X.
6.2. Checking Telnet Connections:
To see the connections made from your router to a remote device use 'show sessions'. Youis last session will be prefixed by an asterisk. You can return to a session by typing the number of the connection.
6.3. Checking Telnet Users:
You can list all active consoles and VTY ports in use on your router with 'show users'. In the output, 'con' represent local console. 'vty' has an IP address connected to the local device.
6.4. Closing Telnet Sessions:
To end a telnet session enter 'exit' or 'disconnect' (from a local device and specifying the sessin number). To end a session of a device attached to the local device through Telnet, first check if any devices are telnetted into your router by 'show users', then to clear the connection, use 'clear line #' (# is port number).
7. Resolving Hostnames:
7.1. Building a Host Table:
A host table provides name resolution only on the router that it was built upon. It can be built by 'ip host host_name tcp_port_number ip_address'. You can assign up to eight IP addresses to a hostname. 'show hosts' to view the table.
If you want to remove a hostname from the table use 'no ip host' command.
7.2. Using DNS to Resolve Names:
When typing anything that can't be understood by the device, it try to resolve it using DNS, you can prevent a time-consuming DNS lookup by using 'no ip domain-lookup'. If you have a DNS server, the following steps make DNS
name resolution work:
- 'ip domain lookup' is turned on by default;
- 'ip name-server' sets the up to six IP addresses of the DNS server.
- 'ip domain-name' (optional). It appends the domain name to the hostname you type in, you must have a full DNS name like domain.com .
8. Checking Network Connectivity and Troubleshooting:
8.1. Using the ping Command:
Type 'ping ?' to see the different protocols that you can use with the ping program. The ping can be used in user and privileged mode, but not in configuration mode.
8.2. Using the traceroute (trace) Command
It shows the path a packet takes to get to a remote device. It show you which router in the path to an unreachable network host should be examined more closely for the cause of the network's failure.
8.3. Debugging (p 349)
Debug command is used to display information about various router operations and the related traffic generated or received by the router. Type 'debug ?' to see all options. To disable debugging 'no debug all' or 'undebug all'.
Aucun commentaire:
Enregistrer un commentaire