Backing Up and Restoring the Cisco IOS 339 Before you begin, make sure that the file you want to place in flash mem- ory is in the default TFTP directory on your host. When you issue the com- mand, TFTP will not ask you where the file is. If the file you want to restore is not in the default directory of the TFTP host, this procedure won’t work. Copying the IOS from the TFTP host to flash memory requires a router reboot. So, instead of upgrading or restoring the IOS at 9 A.M. on Monday morning, you should probably wait until lunchtime. After you enter the copy tftp flash command, you will see a message informing you that the router must reboot and run a ROM-based IOS image to perform this operation: Router#copy tftp flash **** NOTICE **** Flash load helper v1.0 This process will accept the copy options and then terminate the current system image to use the ROM based image for the copy. Routing functionality will not be available during that time. If you are logged in via telnet, this connection will terminate. Users with console access can see the results of the copy operation. ******** Proceed? [confirm](press enter) After you press Enter to confirm you understand that the router needs to reboot, the following router output is displayed. Once the router has used the TFTP host, it will remember the address and just prompt you to press Enter. System flash directory: File Length Name/status 1 8121000 /c2500-js-l.112-18 [8121064 bytes used, 8656152 available, 16777216 total] Address or name of remote host [192.168.0.120]? (press enter) Copyright ©2000 SYBEX , Inc., Alameda, CA www.sybex.com 340 Chapter 7  Managing a Cisco Internetwork The next prompt is for the name of the file you want to copy to flash mem- ory. As noted earlier, this file must be in your TFTP host’s default directory. Source file name? c2500-js56i-l.120-9.bin Destination file name [c2500-js56i-l.120-9.bin]? (press enter) Accessing file 'c2500-js56i-l.120-9.bin' on 192.168.0.120 Loading c2500-js56i-l.120-9.bin from 192.168.0.120 (via Ethernet0): ! [OK] After you tell the router the filename and where the file is, it asks you to confirm that you understand the contents of flash memory will be erased. If you do not have enough room in flash memory to store both copies, or if the flash memory is new and no file has been written to flash memory before, the router will ask to erase the contents of flash memory before writing the new file into flash memory. You are prompted three times, just to make sure that you really want to proceed with erasing flash memory. If you have not issued a copy run start command, you will be prompted to do so, since the router needs to reboot. Erase flash device before writing? [confirm] (press enter) Flash contains files. Are you sure you want to erase? [confirm] (press enter) System configuration has been modified. Save? [yes/no]: y Building configuration [OK] Copy 'c2500-js56i-l.120-9.bin' from server as 'c2500-js56i-l.120-9.bin' into Flash WITH erase? [yes/no] y After you say “yes” to erasing flash memory, the router must reboot to load a small IOS from ROM memory. You cannot delete the flash file if it is in use. Then the contents of flash memory are erased, and the file from the TFTP host is accessed and copied to flash memory. %SYS-5-RELOAD: Reload requested %FLH: c2500-js56i-l.120-9.bin from 192.168.0.120 to flash Copyright ©2000 SYBEX , Inc., Alameda, CA www.sybex.com Backing Up and Restoring the Cisco Configuration 341 System flash directory: File Length Name/status 1 8121000 /c2500-js-l.112-18 [8121064 bytes used, 8656152 available, 16777216 total] Accessing file 'c2500-js56i-l.120-9.bin' on 192.168.0.120 Loading c2500-js56i-l.120-9.bin .from 192.168.0.120 (via Ethernet0): ! [OK] Erasing device eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee Loading c2500-js56i-l.120-9.bin from 192.168.0.120 (via Ethernet0): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!! [output cut] The row of e characters shows the contents of flash memory being erased. Each exclamation point ( ! ) means that one UDP segment has been success- fully transferred. Once the copy is complete, you should receive this message: [OK - 10935532/16777216 bytes] Verifying checksum OK (0x2E3A) Flash copy took 0:06:14 [hh:mm:ss] %FLH: Re-booting system after download After the file is loaded into flash memory and a checksum is performed, the router is rebooted to run the new IOS file. Cisco routers can become a TFTP-server host for a router system image that is run in flash. The global configuration command is tftp-server system ios-name . Backing Up and Restoring the Cisco Configuration A ny changes that you make to the router configuration are stored in the running-config file. If you do not perform a copy run start Copyright ©2000 SYBEX , Inc., Alameda, CA www.sybex.com 342 Chapter 7  Managing a Cisco Internetwork command after you make a change to running-config, that change will be gone if the router reboots or gets powered down. You may want to make another backup of the configuration information as an extra precaution, in case the router or switch completely dies, or for documentation. The follow- ing sections describe how to copy the configuration of a router and switch to a TFTP host and how to restore that configuration. Backing Up the Cisco Router Configuration To copy the router’s configuration from a router to a TFTP host, you can use either the copy running-config tftp or copy starting-config tftp command. Either command will back up the router configuration that is cur- rently running in DRAM or that is stored in NVRAM. Verifying the Current Configuration To verify the configuration in DRAM, use the show running-config com- mand (sh run for short), as follows: Router#sh run Building configuration Current configuration: ! version 12.0 The current configuration information indicates that the router is now running version 12.0 of the IOS. Verifying the Stored Configuration Next, you should check the configuration stored in NVRAM. To see this, use the show starting-config command (sh start for short), as follows: Router#sh start Using 366 out of 32762 bytes ! version 11.2 The second line shows how much room your backup configuration is using. In this example, NVRAM is 32KB and only 366 bytes of it are used. Notice that the version of configuration in NVRAM is 11.2 (because I have Copyright ©2000 SYBEX , Inc., Alameda, CA www.sybex.com Backing Up and Restoring the Cisco Configuration 343 not copied running-config to startup-config since upgrading the router). If you are not sure that the files are the same, and the running-config file is what you want to use, then use the copy running-config startup- config to make sure both files are the same, as described in the next section. Copying the Current Configuration to NVRAM By copying running-config to NVRAM as a backup, as shown in the fol- lowing output, you are assured that your running-config will always be reloaded if the router gets rebooted. In the new IOS version 12.0, you are prompted for the filename you want to use. Also, in this example, since the version of IOS was 11.2 the last time a copy run start was performed, the router will let you know that it is going to replace that file with the new 12.0 version. Router#copy run start Destination filename [startup-config]? (press enter) Warning: Attempting to overwrite an NVRAM configuration previously written by a different version of the system image. Overwrite the previous NVRAM configuration?[confirm](press enter) Building configuration [OK] Now when you run show starting-config, the version shows 12.0: Router#sh start Using 487 out of 32762 bytes ! version 12.0 Copying the Configuration to a TFTP Host Once the file is copied to NVRAM, you can make a second backup to a TFTP host by using the copy running-config tftp command (copy run tftp for short), as follows: Router#copy run tftp Address or name of remote host []? 192.168.0.120 Copyright ©2000 SYBEX , Inc., Alameda, CA www.sybex.com 344 Chapter 7  Managing a Cisco Internetwork Destination filename [router-confg]? todd1-confg !! 487 bytes copied in 12.236 secs (40 bytes/sec) Router# Notice that this took only two exclamation points (!!), which are two UDP acknowledgments. In this example, I named the file todd1-confg because I had not set a hostname for the router. If you have a hostname con- figured, the command will automatically use the hostname plus the exten- sion –confg as the name of the file. Restoring the Cisco Router Configuration If you have changed your router’s running-config and want to restore the configuration to the version in startup-config, the easiest way to do this is to use the copy startup-config running-config command (copy start run for short). You can also use the older Cisco command, config mem, to restore a configuration. Of course, this will work only if you first copied running-config into NVRAM before making any changes. If you copied the router’s configuration to a TFTP host as a sec- ond backup, you can restore the configuration using the copy tftp running-config command (copy tftp run for short) or the copy tftp startup-config command (copy tftp start for short), as shown below. Remember that the old command that provides this function is config net. Router#copy tftp run Address or name of remote host []? 192.168.0.120 Source filename []? todd1-confg Destination filename [running-config]? (press enter) Accessing tftp://192.168.0.120/todd1-confg Loading todd1-confg from 192.168.0.120 (via Ethernet0): !! [OK - 487/4096 bytes] 487 bytes copied in 5.400 secs (97 bytes/sec) Router# 00:38:31: %SYS-5-CONFIG: Configured from tftp:// 192.168.0.120/todd1-confg Router# Copyright ©2000 SYBEX , Inc., Alameda, CA www.sybex.com Using Cisco Discovery Protocol 345 The configuration file is an ASCII text file. This means that before you copy the configuration stored on a TFTP host back to a router, you can make changes to the file with any text editor. Erasing the Configuration To delete the startup-config file on a Cisco router, use the command erase startup-config, as follows: Router#erase startup-config Erasing the nvram filesystem will remove all files! Continue? [confirm](press enter) [OK] Erase of nvram: complete Router# The preceding command deletes the contents of NVRAM on the router. The next time the router boots, it will run in setup mode. Using Cisco Discovery Protocol Cisco Discovery Protocol (CDP) is a proprietary protocol designed by Cisco to help administrators collect information about both locally attached and remote devices. By using CDP, you can gather hardware and protocol information about neighbor devices. This information is useful for trouble- shooting and documenting the network. Getting CDP Timers and Holdtime Information The show cdp command (sh cdp for short) shows information about two CDP global parameters that can be configured on Cisco devices:  CDP timer is how often CDP packets are transmitted to all active interfaces.  CDP holdtime is the amount of time that the device will hold packets received from neighbor devices. Copyright ©2000 SYBEX , Inc., Alameda, CA www.sybex.com 346 Chapter 7  Managing a Cisco Internetwork Both the Cisco routers and the Cisco switches use the same parameters. The output on a router looks like this: Router#sh cdp Global CDP information: Sending CDP packets every 60 seconds Sending a holdtime value of 180 seconds Router# Use the global commands show cdp holdtime and show cdp timer to configure the CDP holdtime and timer on a router. Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#cdp ? holdtime Specify the holdtime (in sec) to be sent in packets timer Specify the rate at which CDP packets are sent(in sec) run Router(config)#cdp timer 90 Router(config)#cdp holdtime 240 Router(config)#^Z You can turn off CDP completely with the no cdp run command from global configuration mode of a router. To turn CDP off or on in a router interface, use the no cdp enable and cdp enable commands, which are dis- cussed in more detail in the “Getting Port and Interface Information” section a bit later in this chapter. Getting Neighbor Information The show cdp neighbor command (sh cdp nei for short) shows informa- tion about directly connected devices. It is important to remember that CDP packets are not passed through a Cisco switch, and you only see what is directly attached. On a router connected to a switch, you will not see the other devices connected to the switch. Copyright ©2000 SYBEX , Inc., Alameda, CA www.sybex.com Using Cisco Discovery Protocol 347 The following output shows the show cdp neighbor command used on a 2509 router. Todd2509#sh cdp nei Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater Device ID Local Intrfce Holdtme Capability Platform Port ID 1900Switch Eth 0 238 T S 1900 2 2500B Ser 0 138 R 2500 Ser 0 Todd2501# Table 7.5 summarizes the information displayed by the show cdp neighbor command for each device. Another command that provides neighbor information is the show cdp neighbor detail command (show cdp nei de for short), which also can TABLE 7.5 Output of the show cdp neighbor Command Field Description Device ID The hostname of the device directly connected. Local Interface The port or interface on which you are receiving the CDP packet. Holdtime The amount of time the router will hold the information before discarding it if no more CDP packets are received. Capability The neighbor’s capability, such as router, switch, or re- peater. The capability codes are listed at the top of the command output. Platform The type of Cisco device. In the above output, a Cisco 2509, Cisco 2511, and Catalyst 5000 are attached to the switch. The 2509 only sees the switch and the 2501 router connected through its serial 0 interface. Port ID The neighbor device’s port or interface on which the CDP packets are broadcast. Copyright ©2000 SYBEX , Inc., Alameda, CA www.sybex.com 348 Chapter 7  Managing a Cisco Internetwork be run on the router or switch. This command shows detailed information about each device connected to the device, as in the router output below. Todd2509#sh cdp neighbor detail Device ID: 1900Switch Entry address(es): IP address: 0.0.0.0 Platform: cisco 1900, Capabilities: Trans-Bridge Switch Interface: Ethernet0, Port ID (outgoing port): 2 Holdtime : 166 sec Version : V9.00 Device ID: 2501B Entry address(es): IP address: 172.16.10.2 Platform: cisco 2500, Capabilities: Router Interface: Serial0, Port ID (outgoing port): Serial0 Holdtime : 154 sec Version : Cisco Internetwork Operating System Software IOS (tm) 3000 Software (IGS-J-L), Version 11.1(5), RELEASE SOFTWARE (fc1)Copyright (c) 1986-1996 by cisco Systems, Inc.Compiled Mon 05-Aug-96 11:48 by mkamson Todd2509# The output above shows the hostname and IP address of the directly con- nected devices. In addition to the same information displayed by the show cdp neighbor command (see Table 7.5), the show cdp neighbor detail command shows the IOS version of the neighbor device. The show cdp entry * command displays the same information as the show cdp neighbor details command. The following is an example of the router output of the show cdp entry * command. Todd2509#sh cdp entry * Device ID: 1900Switch Copyright ©2000 SYBEX , Inc., Alameda, CA www.sybex.com [...]... pressed Ctrl+Shift +6, then X, which took me back to my Todd2509 router console Todd2509# Copyright ©2000 SYBEX , Inc., Alameda, CA www .sybex. com Using Telnet 355 Checking Telnet Connections To see the connections made from your router to a remote device, use the show sessions command Todd2509#sh sessions Conn Host Address 1 172. 16. 10.2 172. 16. 10.2 * 2 192. 168 .0.148 192. 168 .0.148 Todd2509# Byte Idle Conn... devices You can issue the telnet command from any router prompt, as in the following example: Todd2509#telnet 172. 16. 10.2 Trying 172. 16. 10.2 Open Password required, but none set [Connection to 172. 16. 10.2 closed by foreign host] Todd2509# Copyright ©2000 SYBEX , Inc., Alameda, CA www .sybex. com 352 Chapter 7 Managing a Cisco Internetwork As you can see, I didn’t set my passwords—how embarrassing! Remember... 2501B Entry address(es): IP address: 172. 16. 10.2 Platform: cisco 2500, Capabilities: Router Interface: Serial0, Port ID (outgoing port): Serial0 Holdtime : 151 sec Version : Cisco Internetwork Operating System Software IOS (tm) 3000 Software (IGS-J-L), Version 11.1(5), RELEASE SOFTWARE (fc1)Copyright (c) 19 86- 19 96 by cisco Systems, Inc.Compiled Mon 05-Aug- 96 11:48 by mkamson Todd2509# Getting Interface... Ctrl+Shift +6, then X to return to the main console of the Todd2509 router Todd2509#2501b Trying 2501B (172. 16. 10.2) Open User Access Verification Password: 2501B> Todd2509#(control+shift +6, then x) Todd2509#switch Trying switch (192. 168 .0.148) Open Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc 1993-1999 All rights reserved Enterprise Edition Software Ethernet Address: 00-B0 -64 -75-6B-C0... (maximum of 6) Todd2509(config)#ip name-server 192. 168 .0.70 Todd2509(config)#ip domain-name lammle.com Todd2509(config)#^Z Todd2509# After the DNS configurations are set, you can test the DNS server by using a hostname to ping or telnet a device, as shown below Todd2509#ping 2501b Translating "2501b" domain server (192. 168 .0.70) [OK] Type escape sequence to abort Sending 5, 100-byte ICMP Echos to 172. 16. 10.2,... Age Type (perm, OK) 0 IP (perm, OK) 0 IP Address(es) 172. 16. 10.2 192. 168 .0.148 In the preceding router output, you can see the two hostnames and their associated IP addresses The perm in the Flags column means that the entry is manually configured If it said temp, it would be an entry resolved by DNS Copyright ©2000 SYBEX , Inc., Alameda, CA www .sybex. com Resolving Hostnames 359 To verify that the host... 2501B(config-line)#password todd 2501B(config-line)#^Z 2501B# %SYS-5-CONFIG_I: Configured from console by console Now, let’s try connecting to the router again (from the 2509 router console) Todd2509#172. 16. 10.2 Trying 172. 16. 10.2 Open User Access Verification Password: 2501B> Copyright ©2000 SYBEX , Inc., Alameda, CA www .sybex. com Using Telnet 353 Remember that the VTY password is the user mode password, not the... ©2000 SYBEX , Inc., Alameda, CA www .sybex. com 3 56 Chapter 7 Managing a Cisco Internetwork Closing Telnet Sessions You can end Telnet sessions a few different ways Typing exit or disconnect is probably the easiest and quickest To end a session from a remote device, use the exit command 2509# (I pressed enter twice here) [Resuming connection 2 to 192. 168 .0.148 ] switch>exit [Connection to 192. 168 .0.148... ©2000 SYBEX , Inc., Alameda, CA www .sybex. com 366 Chapter 7 Managing a Cisco Internetwork Command Description copy run start Copies the running-config file to the startup-config file copy run tftp Copies the running-config file to a TFTP host copy tftp flash Copies a file from a TFTP host to flash memory copy tftp run Copies a configuration from a TFTP host to the running-config file Ctrl+Shift +6, then... Ethernet connectivity to the TFTP host, and you also know the IOS filename, back up your IOS by typing copy Copyright ©2000 SYBEX , Inc., Alameda, CA www .sybex. com Hands-on Labs 371 flash tftp This command tells the router to copy the contents of flash memory (this is where the IOS is stored by default) to a TFTP host 6 Enter the IP address of the TFTP host and the source IOS filename The file is now copied . /c2500-js-l.112-18 [8121 064 bytes used, 865 6152 available, 167 772 16 total] Accessing file 'c2500-js56i-l.120-9.bin' on 192. 168 .0.120 Loading c2500-js56i-l.120-9.bin .from 192. 168 .0.120 (via Ethernet0):. /c2500-js-l.112-18 [8121 064 bytes used, 865 6152 available, 167 772 16 total] Address or name of remote host [192. 168 .0.120]? (press enter) Copyright ©2000 SYBEX , Inc., Alameda, CA www .sybex. com 340 Chapter. Router#sh start Using 366 out of 32 762 bytes ! version 11.2 The second line shows how much room your backup configuration is using. In this example, NVRAM is 32KB and only 366 bytes of it are used.