1 Module 3 – Configuring a Router NIIT-ICT Hanoi info@niithanoi.vn 2 Overview Students completing this module should be able to: • Name a router • Set passwords • Examine show commands • Configure a serial interface • Configure an Ethernet interface • Execute changes to a router • Save changes to a router • Configure an interface description • Configure a message-of-the-day banner • Configure host tables • Understand the importance of backups and documentation 2 NIIT-ICT Hanoi info@niithanoi.vn 3 CLI command modes Router#configure terminal Router(config)# NIIT-ICT Hanoi info@niithanoi.vn 4 Configuring a router name Router#config t Router(config)#hostname Tokyo Tokyo(config)# 3 NIIT-ICT Hanoi info@niithanoi.vn 5 Configuring router passwords Not recommended, clear text Router(config)#enable secret <password> Use this command instead, password is encryped Encrypts the passwords above, but… NIIT-ICT Hanoi info@niithanoi.vn 6 WARNING • service password-encryption uses a Cisco Level 7 encryption which is very easy to decrypt. • For the GetPass! software www.boson.com • However, the enable secret <password> uses a stronger encryption method and cannot be easily hacked. service password-encryption command 4 NIIT-ICT Hanoi info@niithanoi.vn 7 Doesn’t work for enable secret! enable secret <password> command NIIT-ICT Hanoi info@niithanoi.vn 8 exit end Using exit, end and Control-Z 5 NIIT-ICT Hanoi info@niithanoi.vn 9 Router>ena Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#? Configure commands: aaa Authentication, Authorization and Acc access-list Add an access list entry alias Create command alias appletalk Appletalk global configuration commands arap Appletalk Remote Access Protocol arp Set a static ARP entry <text omitted> Router(config)#exit 00:03:20: %SYS-5-CONFIG_I: Configured from console by con Router# Router(config)#interface interface Router(config-if)#exit Router(config)#router routing-protocol Router(config-router)#exit Router(config)#exit Router# Message each time you exit “global configuration mode” Must be in privileged mode Using exit, end and Control-Z NIIT-ICT Hanoi info@niithanoi.vn 10 Router# conf t (abbreviated) Router(config)# router protocol Router(config-router)# (commands) Router(config-router)# exit Router(config)# exit Router# Router(config)# interface type port Router(config-if)# (commands) Router(config-if)# end (or Control-Z) Router# Using exit, end and Control-Z 6 NIIT-ICT Hanoi info@niithanoi.vn 11 Examining the show commands • show interfaces – Displays all the statistics for all the interfaces on the router. To view the statistics for a specific interface, enter the show interfaces command followed by the specific interface and port number. • show controllers serial – Displays information-specific to the interface hardware • show clock – Shows the time set in the router • show hosts – Displays a cached list of host names and addresses • show users – Displays all users who are connected to the router • show history – Displays a history of commands that have been entered • show flash – Displays information about flash memory and what IOS files are stored there • show version – Displays information about the router and the IOS that is running in RAM • show ARP – Displays the ARP table of the router • show protocol – Displays the global and interface specific status of any configured Layer 3 protocols • show startup-configuration – Displays the saved configuration located in NVRAM • show running-configuration – Displays the configuration currently running in RAM NIIT-ICT Hanoi info@niithanoi.vn 12 Router>show interface ethernet 0 Ethernet0 is administratively down, line protocol is down , using hub 0 Hardware is Lance, address is 0010.7b3a.cf84 (bia 0010.7b3a.cf84) MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output 01:05:35, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 63 packets output, 11676 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Router> Status MAC Address Routing metric information (later) Data link encapsulation (Ethernet-II) ARP cache entries timer show interfaces <interface> command 7 NIIT-ICT Hanoi info@niithanoi.vn 13 Where is the MAC Address? Router>show interface serial 0 Serial0 is administratively down, line protocol is down Hardware is HD64570 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input never, output never, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 28 packets output, 9576 bytes, 0 underruns 0 output errors, 0 collisions, 17 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=down DSR=down DTR=down RTS=down CTS=down Router> NIIT-ICT Hanoi info@niithanoi.vn 14 Examining the show commands • We will log into a router a examine some of the show commands. 8 NIIT-ICT Hanoi info@niithanoi.vn 15 Configuring a serial interface Router(config)#interface serial 0/0 Router(config-if)#ip address <ip address> <netmask> Configuring an IP Address on an interface… NIIT-ICT Hanoi info@niithanoi.vn 16 show ip interface command • A serial interface will not show “up” and “up” unless both ends are properly configured (mostly) and a the no shutdown command is used. • If one router’s configuration looks okay, check the other router’s configuration. Router# show ip interface brief Interface IP-Address OK? Method Status Protocol Ethernet0 131.108.1.11 YES manual up up Serial0 198.135.2.49 YES manual administratively down down What is wrong here? The administrator has either done a “shutdown” on the interface or has forgotten to do a “no shutdown”. 9 NIIT-ICT Hanoi info@niithanoi.vn 17 Lab Real world • On serial links that are directly interconnected, as in a lab environment, one side must be considered a DCE and provide a clocking signal. • The clock is enabled and speed is specified with the clock rate command. Router(config)#interface serial 0/0 Router(config-if)#clock rate 56000 Router(config-if)#no shutdown Configuring a serial interface NIIT-ICT Hanoi info@niithanoi.vn 18 RouterB(config)#inter serial 1 RouterB(config-if)#clock rate ? Speed (bits per second) 1200 2400 4800 9600 19200 38400 56000 64000 <text omitted> 2000000 4000000 <300-4000000> Choose clockrate from list above RouterB(config-if)#clock rate 64000 RouterB(config-if)# RouterB DCE cable RouterA DTE cable Configuring a serial interface 10 NIIT-ICT Hanoi info@niithanoi.vn 19 How can you tell which end is the DTE and which end is the DCE?  Look at the label on the cable.  Look at the connecter between the two cables - The DTE cable will always be male and the DCE cable will always be female. DTE Cable DCE Cable Configuring a serial interface NIIT-ICT Hanoi info@niithanoi.vn 20 RouterA#show controllers serial 0 HD unit 0, idb = 0xECA4C, driver structure at 0xF1EC8 buffer size 1524 HD unit 0, V.35 DTE cable cpb = 0x62, eda = 0x403C, cda = 0x4050 RX ring with 16 entries at 0x624000 00 bd_ptr=0x4000 pak=0x0F5704 ds=0x62FFB8 status=80 pak_size=22 RouterB#show controllers serial 0 buffer size 1524 HD unit 0, V.35 DCE cable, clockrate 64000 cpb = 0x62, eda = 0x408C, cda = 0x40A0 RX ring with 16 entries at 0x624000 00 bd_ptr=0x4000 pak=0x0F2F04 ds=0x627908 status=80 pak_size=22 RouterB DCE cable RouterA DTE cable How can you tell which end is the DTE and which end is the DCE?  Use the show controllers command!  It will also tell you the type of cable, in our labs we will be using a V.35 cable. This is one of few commands where there must be a space between the interface type and the port. Configuring a serial interface [...]... info@niithanoi.vn 34 17 Configuring host tables NIIT-ICT Hanoi info@niithanoi.vn 35 Router(config)# ip domain-lookup Router#wreh Translating "wreh" domain server (25 5 .25 5 .25 5 .25 5) (Takes a few seconds) Translating "wreh" domain server (25 5 .25 5 .25 5 .25 5) (Takes a few seconds) Router(config)# no ip domain-lookup Router#wreh Translating "wreh" % Unknown command or computer name, or unable to find computer address... Gateway ! ! banner motd ^C Warning! Stay away! ^C NIIT-ICT Hanoi info@niithanoi.vn Delimiter always shows as “^C” 32 16 Host name resolution Router# ping 1 72. 16. 32. 1 Router# ping Auckland Router# telnet 1 92. 168.53.1 Router# telnet Beirut Router# traceroute 1 92. 168.89.1 Router# traceroute Capetown • • • The Cisco IOS software maintains a cache of host name-to-address mappings for use by... BW 10000 Kbit, DLY 1000 usec, rely 25 2 /25 5, load 1 /25 5 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Gateway#copy run start Don’t forget this or next time router Destination filename [startup-config]? reboots these changes will be lost! Building configuration Gateway# NIIT-ICT Hanoi info@niithanoi.vn 29 Configuring interface description... info@niithanoi.vn 42 21 Summary (1 /2) The router has several modes: • User EXEC mode • Privileged EXEC mode • Global configuration mode • Other configuration modes The command-line interface may be used to make changes to the configuration: • Setting the hostname • Setting passwords • Configuring interfaces • Modifying configurations • Showing configurations NIIT-ICT Hanoi info@niithanoi.vn 43 Summary (2/ 2) An... unable to find computer address • • • If you are not using the services of a DNS server, it is best to disable this process DNS (Domain Name Service) is enabled by default with a server address of 25 5 .25 5 .25 5 .25 5, which is a local broadcast If enabled, with no DNS server on the network, may cause a slight, but irritable delay when making typing mistakes NIIT-ICT Hanoi info@niithanoi.vn 36 18 Configuration... router on which they are configured (DNS is also an option – later) NIIT-ICT Hanoi info@niithanoi.vn 33 Host name resolution Configuring Multiple IP Addresses Router(config)# ip host SantaCruz 1 72. 16. 32. 1 1 92. 168.53.1 • This does not make the router a DNS (Domain Name Server) • This command does not turn your router into a DNS server • This command does not effect packets entering your router to be... these changes if the router reboots NIIT-ICT Hanoi info@niithanoi.vn 25 Displaying the config files show running-config show startup-config 1 These commands can only be done in privilege mode because they display password information NIIT-ICT Hanoi info@niithanoi.vn 26 13 Configuring an Ethernet Interface NIIT-ICT Hanoi info@niithanoi.vn 27 Interface descriptions RouterB#show inter e 0 Serial0 is up, line... interface Serial0 no ip address no ip directed-broadcast shutdown NIIT-ICT Hanoi info@niithanoi.vn Default running-config file, created in RAM 22 11 Executing adds, moves, and changes Router#show running-config Building configuration Current configuration: ! version 12. 0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Router ! ip subnet-zero ! interface... into the startup-config into NVRAM: Router# copy running-config NIIT-ICT Hanoi info@niithanoi.vn startup-config 24 12 copy running-config startup-config Router#copy running-config startup-config Destination filename [startup-config]? Building configuration Router#show startup-config ! version 12. 0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Router... startup-config IOS IOS (running) Bootup program ios (partial) NIIT-ICT Hanoi info@niithanoi.vn 21 Executing adds, moves, and changes Router#show startup-config %% Non-volatile configuration memory is not present No startup-config file in NVRAM Router#show running-config Building configuration Current configuration: ! version 12. 0 service timestamps debug uptime service timestamps log uptime no service password-encryption