1 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ 10 Cisco Device Operation Terms you’ll need to understand: ✓ Random access memory (RAM) ✓ Non-volatile random access memory (NVRAM) ✓ Flash ✓ Central processing unit (CPU) ✓ Read-only memory (ROM) ✓ Configuration register ✓ Exec mode ✓ Privilege mode ✓ Trivial File Transfer Protocol (TFTP) ✓ Simple Network Management Protocol (SNMP) ✓ Protocol translation ✓ Debugging Techniques you’ll need to master: ✓ Issuing infrastructure commands ✓ Viewing router configurations ✓ Using common IOS commands ✓ Configuring protocol translation 2 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Chapter 10 This chapter focuses on monitoring and maintaining router networks via IOS commands. In particular, this chapter describes Cisco router’s major hardware components, common show and debug IOS commands, and methods used to configure protocol translation. This chapter covers the following Cisco device operation CCIE blueprint objec- tives as laid out by the Cisco Systems CCIE program: ➤ Operation commands—show, debug. ➤ Infrastructure—NVRAM, flash, memory, CPU, file system, config reg. ➤ Operations—File transfers, password recovery, Simple Network Management Protocol (SNMP), accessing devices, password security. As with other chapters in this book, additional information is provided for com- pleteness and in preparation for additional subjects as the CCIE program expands. Infrastructure Commands Cisco routers consist of many hardware components. The main components of a Cisco router include: ➤ RAM ➤ NVRAM ➤ Flash ➤ CPU ➤ ROM ➤ Configuration registers ➤ Interfaces Figure 10.1 illustrates Cisco routers’ hardware components. Each hardware com- ponent is vital for Cisco routers to operate properly. To help you prepare for the CCIE exam, the next few sections present the main concepts you need to know about Cisco hardware components. Let’s begin by looking at random access memory (RAM). RAM Routers use random access memory (RAM) to store the current configuration file and other important data collected by the router. This data includes the IP routing table and buffer information. Buffers temporarily store packets before a router processes them. 3 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Cisco Device Operation RAM information is lost if the router power cycles (loses and regains power) or is restarted by an administrator. To view a router’s current configuration, use the show running-config IOS command. Before IOS version 10.3, administrators used the write terminal command to show a router’s configuration. The write terminal command is still valid in today’s IOS releases, but Cisco prefers users to use the show running-config command. NVRAM Non-volatile RAM (NVRAM) stores a copy of the router’s configuration file. The NVRAM storage area is permanent and retained by the router in the event of a power cycle. When the router powers up from a power cycle or a reboot, the stored configuration file is copied by the IOS from the NVRAM to RAM. To view the configuration file stored in NVRAM, issue the show startup-config command. In earlier versions of IOS (before version 10.3), the show config com- mand was used to view the configuration file stored in NVRAM. In IOS ver- sions 11.0+, both the show config and show startup-config commands will work. Again, Cisco prefers to use the show startup-config command. Flash Flash is erasable and programmable and is used to store the router’s IOS image. Furthermore, the flash contains a certain amount of space, which varies by router model to allow multiple versions of IOS to be stored. Therefore, you can delete, Random access memory (RAM) Flash Read only memory (ROM) Non-volatile RAM (NVRAM) Router interfaces LAN, WAN, CONSOLE, AUX PORT Figure 10.1 Components of a Cisco router. 4 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Chapter 10 retrieve, and store new versions of IOS in the flash memory system. To view the flash on a Cisco router, use the show flash IOS command. Listing 10.1 shows a sample flash display on a Cisco 2500 router. Note: On a high-performance router, such as Cisco 4000 series and 7000 series routers, you can make the flash system look like a file system and store many versions of IOS. In the Cisco 2500 series, routers can partition the flash with the partition flash <number of partition> <size of each partition> command. Listing 10.1 The show flash command. R1>sh flash System flash directory: File Length Name/status 1 9558976 c2500-ajs40-l.112-17.bin [9559040 bytes used, 7218176 available, 16777216 total] 16384K bytes of processor board System flash Listing 10.1 shows that the IOS image c2500-ajs40-l.112-17.bin is currently stored on the flash. The Cisco 7500 series router provides the option of installing additional PCMCIA flash memory. If this additional memory is installed, the dir slot0 IOS command displays the IOS image stored within. CPU The central process unit (CPU) is the heart of a router, and every Cisco router has a CPU. A CPU manages all the router’s processes, such as IP routing, and new routing entries, such as remote IP networks learned through some form of dynamic routing protocol. To view a CPU’s status, use the show process IOS command, as shown in Listing 10.2. Listing 10.2 The (truncated) show process command. R1>show process CPU utilization for five seconds: 9%/7%; one minute: 9%; five minutes: 10% PID QTy PC Runtime (ms) Invoked uSecs Stacks TTY Proc 1 Csp 318F396 24456 1043 234 732/1000 0 Load Meter 2 M* 0 28 28 1000 3268/4000 0 Exec 3 Lst 317D1FC 1304 175 5257 1724/2000 0 Check heap The show process command displays the router utilization within the past five seconds and the past one minute as well as the average over the last five minutes. Following the CPU utilization statistics are details about specific processes. 5 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Cisco Device Operation ROM Read only memory (ROM) stores a scaled-down version of a router’s IOS in the event that the flash system becomes corrupted or there is no current IOS image stored in flash. ROM also contains the bootstrap program (sometimes referred to as the rxboot image in Cisco documentation) and device’s power up diagnostics. You can only perform a software upgrade (that is, perform a software image upgrade on the ROM) by replacing ROM chips, because the ROM is not programmable. ROM also contains the bootstrap program and power up diagnostics. The bootstrap program enables you to isolate or rule out hardware issues. For example, you may have a faulty flash card and subsequently the router cannot boot the IOS image. The power diagnostics program tests all the hardware interfaces on the router. ROM mode is the term for when a router is not running as healthy as it should be. ROM mode contains a limited number of IOS commands, which enable the administrator to troubleshoot software or hardware problems on a router. The various Cisco model routers have different ROM modes, but in all Cisco routers, you can issue the ? command in ROM mode to identify the available commands used to troubleshoot a Cisco IOS-based router. Listing 10.3 provides all the available options on a Cisco 4000 router when the ? command is used. Listing 10.3 The ? command when in ROM mode. > ? ? Types this display $ Toggle cache state B [filename] [TFTP Server IP address | TFTP Server Name] Load and execute system image from ROM or from TFTP server C [address] Continue [optional address] D /S M L V Deposit value V of size S into location L with modifier M E /S M L Examine location L with size S with modifier M G [address] Begin execution H Help for commands I Initialize K Displays Stack trace L [filename] [TFTP Server IP address | TFTP Server Name] Load system image from ROM or from TFTP server, but do not begin execution O Show software configuration register option settings P Set break point S Single step next instruction T function Test device (? for help) 6 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Chapter 10 The options in Listing 10.3 allow you to initialize a router with the I command once you have finished ROM mode. ROM mode enables you to recover lost passwords, by altering the configuration registers, which will be discussed later in this chapter. Configuration Registers A configuration register is a16-bit number that defines how a router will operate on a power cycle. These options include if the IOS will be loaded from flash or ROM. Configuration registers are used to advise the Cisco IOS router to load the configuration file from the NVRAM or to ignore the configuration file stored in memory for example. The default configuration register is displayed as 0x2102 on a Cisco router when converted to binary is shown below: ➤ Bit Number—15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 ➤ Value—0 0 1 0 0 0 0 1 0 0 0 0 0 0 1 0 Keep in mind that the bits are numbered from right to left. In the preceding example, the value is displayed as 0x2102(0010.0001.0000.0010). The function of the configuration register bits are determined by their position as follows: ➤ Bits 0 through 3—Determines the boot option whether the router loads the IOS from the flash (binary value is 010) or ROM (binary value is 000). ➤ Bit 4—Reserved. ➤ Bit 5—Reserved ➤ Bit 6—Tells the router to load the configuration from NVRAM if set to 1 and to ignore the NVRAM if set to 0. ➤ Bit 7—Indicates whether to ignore the Cisco IOS banner. The default setting is 0 or don’t show the Cisco banner at startup; a 1 bit indicates to show the IOS banner message. ➤ Bit 8—Specifies whether to enter ROM mode without power cycling the router. If bit 8 is set to 1 and the break key is issued while the router is up and running normally, the router will go into ROM mode. This is a dangerous scenario because if this is performed your router immediately stops functioning. ➤ Bit 9—Reserved. ➤ Bit 10—Specifies the broadcast address to use where 1 equals the use all 0s for broadcast at boot (in conjunction with bit 14). Bit 10 interacts with bit 14. ➤ Bits 11 and 12—Sets the baud rate of the console port. For example, if bits 11 and 12 are set to 00, the baud rate will be 9600. The baud rate 4800 can be set when these bits are set to 01, 2400bps is 10 and finally 1200bps is 11. 7 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Cisco Device Operation ➤ Bit 13—Tells the router to boot from ROM if the flash cannot boot from a network, such as a TFTP server. If bit 13 is set to 0 and no IOS is found, the router will hang. If bit 13 is set to 1 and no IOS is found, the router will boot from ROM. ➤ Bit 14—Interacts with Bit 10 to define broadcast address. The possible com- binations are shown in Table 10.1. ➤ Bit 15—Specifies to enable diagnostics display on startup and ignore the NVRAM. To view the current configuration register, issue the show version command, as shown in Listing 10.4. The configuration registers setting is the last line in the command output. Listing 10.4 The (truncated) show version command. R1>show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-AJS40-L), Version 11.2(17), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1999 by Cisco Systems, Inc. Compiled Tue 05-Jan-99 13:27 by ashah Image text-base: 0x030481E0, data-base: 0x00001000 ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE BOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(8a), RELEASE SOFTWARE R1 uptime is 6 days, 1 hour, 36 minutes System restarted by reload System image file is "flash:c2500-ajs40-l.112-17.bin", booted via flash cisco 2520 (68030) processor (revision E) with 8192K/2048K byte Processor board ID 02956210, with hardware revision 00000002 Bridging software. SuperLAT software copyright 1990 by Meridian Technology Corp. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. TN3270 Emulation software. Basic Rate ISDN software, Version 1.0. Table 10.1 Bits 10 and 14 settings. Bit 14 Bit 10 Address (<net> <host>) Off Off <ones> <ones> Off On <zeros> <zeroes> On On <net> <zeros> On Off <net> <ones> 8 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Chapter 10 1 Ethernet/IEEE 802.3 interface(s) 2 Serial network interface(s) 2 Low-speed serial(sync/async) network interface(s) 1 ISDN Basic Rate interface(s) 32K bytes of non-volatile configuration memory. 16384K bytes of processor board System flash (Read ONLY) Configuration register is 0x2102 As you can see, Listing 10.4 uses the show version IOS command to display the configuration register as 0x2102. The show version command also displays other useful router information, such as the uptime of the router, the IOS image in use, and the hardware configuration. Table 10.2 displays common configuration reg- ister values you can use in day-to-day troubleshooting. Interfaces Interfaces provide connections to a network. Interfaces include LANs, WANs, and management ports (that is, console and auxiliary ports). To view the current LAN or WAN interface, you can issue the show interface command. The show interface command displays all LAN and WAN interfaces. To display information regarding console or auxiliary ports, you can use the show line command. Figure 10.2 summarizes the available IOS commands adminis- trators can use to view a router’s current configuration. Now that we’ve discussed the hardware basics of Cisco routers, let’s move on to the review how routers operate. While we discuss router operation, we’ll also cover how administrators can manage Cisco routers. Router Operation This section concentrates on some of the more common IOS manipulation tasks that you will be required to master. We’ll start by examining how to access rout- ers. Then, we’ll look at how to: ➤ Use passwords to provide security Table 10.2 Common registers and descriptions. Register Value Description 0x2100 Boots the router using the system bootstrap found in ROM. 0x2102 Boots the router using flash and NVRAM. This is the default setting. 0x2142 Boots the router using flash and ignores NVRAM. This value is used to recover passwords or modify configuration parameters. 9 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Cisco Device Operation ➤ Copy and back up configurations ➤ Recover passwords ➤ Enable Simple Network Management Protocol management Methods of Accessing Cisco Routers A Cisco router can be accessed in number of ways. You can physically access a router via the console port, or you can access a router remotely through a modem via the auxiliary port. You can also access a router via a network or virtual termi- nal ports, which allow Telnet access. If you do not have physical access to a router—either via a console port or an auxiliary port via dial up—you can access a router through the software interface called the virtual terminal (also referred to as a VTY port). When you Telnet to a router, you are asked for the VTY password. For example, on the following router, R1, the administrator types the remote address of R2 and tries to Telnet to one of the VTY ports. Listing 10.5 provides the session dialog. Listing 10.5 Using a VTY port to establish a Telnet connection. R1#Telnet 131.108.1.2 Trying 131.108.1.2 . Open show running-config write terminal show flash dir slot0: show interfaces show startup-config show config Random access memory (RAM) Flash Read only memory (ROM) Non-volatile RAM (NVRAM) Router interfaces LAN, WAN, CONSOLE, AUX PORT Figure 10.2 Interface IOS commands. 10 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Chapter 10 User Access Verification Password: xxxxx R2> In circumstances similar to Listing 10.5, be aware that you will only enter Exec mode. You are still required to supply a privilege password, or the secret password if it’s configured, if you want to access the advanced IOS command set. IOS Operational Modes The Cisco IOS supports a number of modes that permit administrators to ac- cess, view, and configure a router. The modes are summarized as follows: ➤ Exec mode—Maintains a limited IOS command set. The Exec mode prompt for a router named R1 is R1>. Essentially a limited router operational view- only mode. The Exec mode, which allows a user to view the status of the router and has a limited number of commands, is displayed with the follow- ing prompt: R1> The > (greater than sign) specifies Exec mode. ➤ Priv Exec mode—Provides all available options, including configuration, de- bug, and test commands. The Priv Exec prompt for a router named R1 is R1#. To enter privileged exec mode (Priv Exec mode), which allows users to have complete control of a router, you must first enable Exec mode and then enter a valid password. The password is known as the enable password. After supplying a valid password, you enter the Priv Exec prompt command (R1#), as shown in the following code snippet: R1>enable Password: R1# In the preceding code, the pound sign (#) specifies Priv Exec mode. ➤ Global Configuration mode—Enables you to make global configuration changes. The configuration prompt for a router named R1 is R1(config)#. ➤ Interface Configuration mode—Allows you to modify interface parameters, such as network and IP addressing. The prompt for a router named R1 is R1(config-if )#. Note: A variety of specialized configuration modes, such as the interface configuration mode, are available when configuring a route-map, netbios-list, or access-list. [...]... set the enable password to CisCo? ❍ a enable password cisco ❍ b enable-password CisCo ❍ c enable password CisCo ❍ d enable password cisco ❍ e Both c and d are correct The correct answer is c All passwords on a Cisco router are case sensitive, and the syntax to set the password is enable password Therefore, to set the password to CisCo, the IOS command is enable password CisCo Answers a and d are incorrect,... Chappell, Laura Introduction to Cisco Router Configuration (ICRC) Macmillan Publishing Company: Indianapolis, Indiana, 1998 ISBN: 1-57870-076-0 Chapters 5 and 6 provide an excellent overview of Cisco router device operation Cisco IOS 12.0 Fundamentals Cisco Press: Indianapolis, Indiana, 1999 ISBN 1-57870-155-4 This book provides all the configurable options available with Cisco IOS Each chapter provides... network, IP for example Cisco Device Operation 21 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Cisco Protocol Translation and Applications Cisco IOS allows networks to translate from one protocol to another without the need to implement every type of protocol across all your routers and throughout your network Figure 10.3 provides an overview of Cisco s protocol translation... incorrect, because display is an invalid IOS command Answer f is incorrect, because all Cisco routers contain a CPU Question 11 Which IOS commands will turn off all currently active debug commands on a Cisco router? [Choose the two best answers] ❑ a debug all ❑ b no debug all ❑ c undebug all ❑ d no debug Cisco Device Operation 31 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○... Notice in Listing 10.9 that both the enable and secret passwords are encrypted The final Cisco password you can set is the virtual terminal password This password verifies remote Telnet sessions to a router Listing 10.10 displays the commands necessary to set the virtual terminal password on a Cisco router Cisco Device Operation 13 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○... show configuration-register is an invalid IOS command Cisco Device Operation 29 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Question 7 How can a Cisco router be accessed? [Choose the three best answers] ❑ a Console port ❑ b VTY port ❑ c Exec mode ❑ d Auxiliary port The correct answers are a, b, and d To access a Cisco router, you can be physically connected via the... unknown password on a Cisco router For password recovery, an administrator must have physical access to the router via the console or auxiliary port When a user enters an incorrect enable password, the user receives an error message similar to the message shown in Listing 10.13 Listing 10.13 An incorrect password error message R1>enable Password: cisco Password: cisco Password: cisco % Bad passwords... why a certain end device is not responding to an ARP request Listing 10.21 provides a sample debug arp display taken from a Cisco router Listing 10.21 The debug arp output request IP ARP: sent req src 10.72.128.45 0000.0c11.1111, dst 10.72.128.1 0000.0000.0000 Listing 10.21 shows the ARP request from a device with an IP address of 10.72.128.45 and a MAC address of 0000.0c11.1111 This device needs the... are incorrect, because flash is used to store IOS images and ROM contains a scaled-down version of IOS Cisco Device Operation 27 ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Question 3 Which IOS command displays the IOS images stored on flash? ❍ a show IOS ❍ b show cisco ❍ c show flash ❍ d display flash The correct answer is c The show flash IOS command displays the... the Cisco IOS after it reloads Listing 10.15 Dialog after reload System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE Copyright (c) 1986-1995 by Cisco Systems 2500 processor with 6144 Kbytes of main memory F3: 9407656+151288+514640 at 0x3000060 Restricted Rights Legend Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-AJS40-L), Version 11.2(17) Copyright (c) 1986-1999 by cisco . chapter covers the following Cisco device operation CCIE blueprint objec- tives as laid out by the Cisco Systems CCIE program: ➤ Operation commands—show, debug set the virtual terminal password on a Cisco router. 13 ○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○○ Cisco Device Operation Listing 10.10 Using the password