Scribd
Upload
109 views10 pages

Cisco ISO and Boot Process PDF

Uploaded by

systems_sg
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
109 views10 pages

Cisco ISO and Boot Process PDF

Uploaded by

systems_sg
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Cisco Inter-network Operating System (IOS) A short guide for the NetAdmin

Angelos Stavrou
Let's start out at the very beginning with the question: "What is a Command " The most important thing to understand is that all computers run on Magic. And that Commands are the Magic Words that ma e computers do things. And that a !outers is merely a Computer in a bo" that does nothing but !oute. #o what we are tal ing about here is the Magic Commands $or !outing. And you are going to become the Magician%

O! CO"#S$ there is no %agic so &ets see show things work in practice'''


Things to remember be$ore delving into Cisco &'#:

(ow )o we connect to the router


We connect to the router's Console or A() port with a serial cable using a !*+, connector -older models have ./0 or !#12324. &n case we are trying to con$igure a modular router5 the Console and the A() are most probably on the 6rocessor module. To access a console we need 7ermit and Minicom programs with the $ollowing settings: *+,-- $mu&ation ./-- 0aud No 1arity 2 )ata 0its , Stop 0it Conso&e and A"3 Connectors for Cisco #outers Connector Graphic

RJ-45

DB-25 DCE

DB-25 DTE

%ain 1arts for the processor modu&e


8. #O% - #ead On&y %emory' This is a $orm o$ permanent memory used by the !outer to store: The 96ower1'n #el$ Test9 that chec s the !outer on boot up. The 9/ootstrap #tartup 6rogram9 that gets the !outer going. A very basic $orm o$ the Cisco &'# so$tware. -to change the !'M you have to remove and replace chips4 2. !&ash %emory An :lectronically :rasable and !e16rogrammable memory chip. The 9;lash9 contains the $ull 'perating #ystem5 or 9&mage9. This allows you to (pgrade the '# without removing chips. 3. N*#A% - Non-*o&ati&e #A% This stores your !outer's 9#tartup Con$iguration ;ile9. #imilar to ;lash memory5 this retains data even when power is lost. +. #A% - #andom Access %emory This is regular computer memory chips. These are the wor ing memory o$ the !outer5 and provide Caching5 6ac et /u$$ering5 and hold !outing Tables. The !AM is also where the !unning 'perating #ystem lives when the !outer is on. !AM loses all its data when reset or powered o$$.

&n addition and $or small end routers we can have in the same module: Interfaces 1 Where the !outer meets the 'utside World. /asically your !outer will have Seria& inter$aces5 Which are mostly used to connect long1distance as in a WA< -Wide1Area <etwor 4. =ou will also have LA< -Local1Area <etwor 4 &nter$aces5 such as $thernet4 +oken #ing4 and !))I -;iber .istributed .ata &nter$ace4 If the router is modu&ar4 the Interfaces wi&& 5e different cards or modu&es'

Explanation of the Boot Up Process


1. The "Power-On Self-Test" checks the Router Hardware. This includes the CPU (Central Processor Unit) !e!or" and interfaces. #. The "Bootstrap Program" which is stored in RO$ runs itself %. The "Bootfield" is read to find out the &ro&er O&eratin' S"ste! source. (. The "Operating System Image" is loaded into R)$. (Rando! )ccess $e!or") *. The "Configuration File" sa+ed in ,-R)$ is loaded into the R)$. The Confi'uration .ile is then e/ecuted one line at a ti!e. 0. 1f no "Confi'uration .ile" is found in ,-R)$ the Cisco 1OS will offer "ou the chance to use the "Initial Configuration Dialog". This is a set of 2uestions for "ou to answer to do a 3asic confi'uration. The 4Setu& 5ialo'" will 3e one of the first thin's we see when "ou recei+e a ne router or when the router6s confi'uration is lost or corrupted.

On the router prompt


1f thin's 'o fine we should 3e a3le to see a 4Router78 &ro!&t which is &urel" infor!ational. The Cisco 1OS co!!and-line interface is or'ani9ed around the idea of !odes (Un&ri+ile'ed:Pri+ile'ed) which deter!ine what co!!ands "ou can use. ;ach !ode has a set of co!!ands a+aila3le in that !ode and so!e of these co!!ands are only a+aila3le in that !ode. In any mode! typing a "uestion mar# a$aila%le in that mode& 'outer() ill display a list of the commands

1n addition for an" co!!and we can 'et its o&tions or co!&letion usin' the <uestion !ark= 'outer(sho )

To configure a router you need to have a password for the Privileged EXEC mode using enable! Router7 ena%le result: Router> now we are in a &ri+ile'ed !ode and we can confi'ure the router 3oth in ter!s of securit" and in ter!s of actual functionalit". To lea+e this !ode we can t"&e 4disa3le8 when we are in &ri+ile'ed !ode.1 To enter confi'uration !ode enter the co!!and confi'ure ter!inal and e/it 3" &ressin' Ctrl-?.

1Almost every configuration command also has a no form. In general, use the no form to disable a feature or function. Use the command without the keyword no to re-enable a disabled feature or to enable a feature that is disabled by default. For example, IP routing is enabled by default. o disable IP routing, enter the no ip routing command and enter ip routing to re!enable it.

Steps for First Boot and Initial Setup*


.or a freshl" confi'ured router we need to S;TUP &asswords to a+oid an" intrusions and &ro3le!s= There are + separate Pass ords "ou need to &rotect "our Router. ,& Console - protects the Console Port .usually our primary entry/ 0& 1uxilary - protects the 1U2 Port .for your modem or another serial/ 3& 445 - Protects against un-authori6ed 4elnet Port logons 7& Ena%le - 8uards the use of the Ena%le 9ode Super-user status& +& Ena%le Secret - an Encrypted Secret form of the 1%o$e .%etter:/ Settin' u& the router6s &asswords= ,& Console @et into Pri+ile'ed ;A;C !ode (for all confi'urations) a) Router7 ena%le Router> @et into @lo3al Confi' !ode throu'h ter!inal (for all $),U)B confi'urations) 3) Router> configure terminal Router(confi')> c)Router(confi')> line console ; d) Router(confi'-line)> pass ord .plaintext password here e) Router(confi'-line>end (alternati+el" "ou can &ress Ctrl-?) 0& 1ux Ce follow all the &re+ious ste&s and we Dust chan'e the line in ste& (c) to= c) Router(confi')> line aux ; 3& <45 Ports -TE are rather a s&ecial case since the" are not real &orts= Eou won6t find a &ort on the 3ack of "our Router la3eled -TE these &orts are !ostl" used for re!ote connections )'ain we follow all the ste&s for the console and we onl" chan'e .c/= d)Router(confi')> line $ty ; 7 (for * lines there !i'ht 3e !oreF)

7& Ena%le pass ord (this &assword is stored as &lain te/t in the confi'uration files and in !e!or" and it should %e a$oided). a) Router7 ena%le 3) Router> configure terminal c)Router(confi')> ena%le pass ord enable-plaintext-password +& Ena%le Secret (this &assword uses a one-wa" cr"&to'ra&hic secret &assword and it is stored as a hashed +alue and thus it is !ore secure). a) Router7 ena%le 3) Router> configure terminal c)Router(confi')> ena%le secret enable-secret-plaintext-password =>1'?I?8S=* DO ?O4 SE4 Ena%le Secret to %e the same as the Ena%le @ it onAt or#&&& DO ?O4 lea$e ena%le mode until you chec# that you can login from 1U2 or <45 and use ena%le successfully:::

Displaying 9odules B Configuration


Router> sho router7sho router7sho router7sho router7sho router7sho router7sho router7sho router7sho router7sho router7sho ) ('i+es a co!&lete list) $ersion memory processes stac#s %uffers flash interfaces protocols running-config startup-config

Co!!onl" used=

Core 'outer Configuration 1P )ddress Confi'uration


Take the followin' ste&s to confi'ure the 1P address of an interface. Ste& 1= ;nter &ri+ile'ed ;A;C !ode= 'outer(ena%le pass ord Ste& #= ;nter the confi'ure ter!inal co!!and to enter 'lo3al confi'uration !ode. 'outerCconfig terminal Ste& %= ;nter the interface t"&e slot:&ort (for Cisco GHHH series) or interface t"&e &ort (for Cisco #*HH series) to enter the interface confi'uration !ode. ;/a!&le= 'outer .config/Cinterface ethernet ;D, Ste& (= ;nter the 1P address and su3net !ask of the interface usin' the i& address i&address su3net!ask co!!and. .or e/a!&le= 'outer .config-if/Cip address ,E0&,FG&,;&, 0++&0++&0++&; Ste& *= ;/it the confi'uration !ode 3" &ressin' Ctrl-? or usin' end '[Link]-if/Cend or HCtrl-IJ

- Routin' Protocol Confi'uration= 'outing Information Protocol .'IP/


Ste& 1= ;nter &ri+ile'ed ;A;C !ode= 'outer(ena%le .use your ena%le pass ord/ Ste& #= ;nter the confi'ure ter!inal co!!and to enter 'lo3al confi'uration !ode. 'outerCconfig terminal Ste& %= ;nter the router ri& co!!and '[Link]/Crouter rip Ste& (= )dd the network nu!3er to use R1P and re&eat this ste& for all the nu!3ers. '[Link]-router/Cnet or# net or#-num%er ;/a!&le= '[Link]-router/Cnet or# ,E0&,FG&,;&; ,ote= To turn off R1P use the no router ri& co!!and. '[Link]/Cno router rip Other useful commands* I S&ecif" a R1P -ersion J" default the software recei+es R1P +ersion 1 and +ersion # &ackets 3ut sends onl" +ersion 1 &ackets. To control which R1P +ersion an interface sends use one of the followin' co!!ands in interface confi'uration !ode= Co!!and Pur&ose ip rip send $ersion , Confi'ure an interface to send onl" R1P +ersion 1 &ackets. ip rip send $ersion 0 Confi'ure an interface to send onl" R1P +ersion # &ackets. ip rip send $ersion , 0 Confi'ure an interface to send onl" R1P +ersion 1 and +ersion # &ackets.

To control how &ackets recei+ed fro! an interface are &rocessed use one of the followin' co!!ands= Co!!and Pur&ose ip rip recei$e $ersion , Confi'ure an interface to acce&t onl" R1P +ersion 1 &ackets. ip rip recei$e $ersion 0 Confi'ure an interface to acce&t onl" R1P +ersion # &ackets ip rip recei$e $ersion , 0 Confi'ure an interface to acce&t onl" R1P +ersion 1 or # &ackets. I Ena%le or Disa%le Split Kori6on Use one of the followin' co!!ands in interface confi'uration !ode= Co!!and Pur&ose ;na3le s&lit hori9on= ip split-hori6on 5isa3le s&lit hori9on= no ip split-hori6on

- Routin' Protocol Confi'uration= O&en Shortest Path .irst (OSP.)


Ste& 1= ;nter &ri+ile'ed ;A;C !ode= 'outer(ena%le pass ord Ste& #= ;nter the confi'ure ter!inal co!!and to enter 'lo3al confi'uration !ode. 'outerCconfig terminal Ste& %= ;nter the router os&f co!!and and follow 3" the &rocess-id. '[Link]/Crouter ospf process-id Pick the &rocess-id which is not 3ein' used. To deter!ine what ids are 3ein' used issue the show &rocess co!!and. '[Link]/Csho process Ste& (= )dd the network nu!3er !ask and area-id '[Link]-router/Cnet or# net or#-num%er mas# area area-id The network-nu!3er identifies the network usin' OSP.. The !ask tells which 3its to use fro! the network-nu!3er and the area-id is used for deter!inin' areas in an OSP. confi'uration. ;/a!&le= '[Link]-router/Cnet or# ,E0&,FG&,;&; 0++&0++&0++&; area ;&;&;&; !epeat this step for all the networ" numbers# To turn off OSP. use the followin' co!!and. '[Link]/Cno router ospf process-id Other useful co!!ands

I Confi'ure OSP. 1nterface Para!eters $ou are not re%uired to alter an" of these &ara!eters 3ut so!e interface &ara!eters !ust 3e consistent across all routers in an attached network. 1n interface confi'uration !ode s&ecif" an" of the followin'=

Routin' Protocol Confi'uration= 1nterior @atewa" Routin' Protocol (1@RP)

I Create the 1@RP Routin' Process To create the 1@RP routin' &rocess use the followin' re<uired co!!ands startin' in glo%al configuration mode* ;na3le an 1@RP routin' &rocess which &lace "ou in router confi'uration !ode. Ste& 1= '[Link]/Crouter igrp Lautonomous-system( )ssociate networks with an 1@RP routin' &rocess. Ste& #= '[Link]-router/Cnet or# Lnet or#-num%er(

I &isable 'olddown The holddown !echanis! is used to hel& a+oid routin' loo& in the network 3ut has the effect of increasin' the to&olo'" con+er'ence ti!e. To disa3le holddowns with 1@RP use the followin' co!!and in router confi'uration !ode. )ll de+ices in an 1@RP autono!ous s"ste! !ust 3e consistent in their use of holddowns. 5isa3le the 1@RP holddown &eriod= '[Link]-router/C no metric holddo n I Enforce a (aximum )etwor" &iameter 5efine a !a/i!u! dia!eter to the 1@RP network. Routes whose ho& counts e/ceed this dia!eter are not ad+ertised. The default !a/i!u! dia!eter is 1HH ho&s. The !a/i!u! dia!eter is #** ho&s. Use the followin' co!!and in router confi'uration !ode. '[Link]-router/C metric maximum-hops hops Confi'ure the !a/i!u! network dia!eter. I To turn off *+!P, use the following command# '[Link]/Cno router igrp Lautonomous-system(

Routin' Protocol Confi'uration=Jorder @atewa" Protocol (J@P)

I Enable -+P !outing Use the following commands in global configuration mode" ;na3le a J@P routin' &rocess which &laces "ou in router confi'uration !ode. '[Link]/Crouter %gp Lautonomous-system( network network-nu!3er K!ask network-!askL Kroute-!a& route-!a&-na!eL .la' a network as local to this autono!ous s"ste! and enter it to the J@P ta3le. I Confi'ure J@P ,ei'h3ors= '[Link]-router/Cneigh%or Mip-address N peer-group-nameO remoteas num%er S&ecif" a J@P nei'h3or. I Reset J@P Connections Use either of the followin' co!!ands in ;A;C !ode to reset J@P connections Reset a &articular J@P connection= 'outerCclear ip %gp address Reset all J@P connections= 'outerCclear ip %gp = I To turn off J@P use the followin' co!!and. '[Link]/Cno router %gp Lautonomous-system(

You might also like