Study Material - Router Basics

CCNA Study Material
Cisco Router Basics

The Router
Router Components (internal)
Router Components (external)
Router's Startup Procedure
Configuration Register
Cisco CLI Command Modes
User Exec Mode
Privileged Exec Mode
Setup Mode
ROM Monitor Mode
The Router:- A Router is a layer 3 network device that moves data between different network
segments and can look into a packet header to determine the best path for the packet to travel.
Routers can connect network segments that use different protocols. They also allow all users in a
network to share a single connection to the Internet or a WAN. It is used to improve network
performance by: segmenting the network and creating separate collision & broadcast domains.
reducing competition for bandwidth.
Broadcasts are not forwarded to other network segments.
Increases security by using Access Lists.
Router Components (internal)
ROM :- ROM is used to store the router's bootstrap startup program, operating system software,
and power-on diagnostic tests programs. In order to perform ROM upgrades you remove and replace
pluggable chips on the motherboard.
Flash Memory :- It holds operating system image(s). Flash memory is erasable, reprogrammable
ROM. You can perform Cisco IOS software upgrades without having to remove and replace chips.
Flash content is retained when you switch off or restart the router.
RAM:- RAM is used to store operational information such as routing tables, router's running
configuration file. RAM also provides caching and packet buffering capabilities. Its contents are lost
when you switch off or restart the router.
NVRAM :- NVRAM (nonvolatile RAM), is used to store the router's startup configuration file. It does
not lose data when power is switched off. So the contents of the startup configuration file are
maintained even when you switch off or restart the router.
Network Interfaces :-The router's network interfaces are located on the motherboard or on
separate interface modules. You configure Ethernet or Token Ring interfaces to allow connection to a
LAN. The synchronous serial interfaces are configured to allow connection to WANs. You can also
configure ISDN BRI interfaces to allow connection to an ISDN WAN..
http://www.mcmcse.com/
CCNA Study Material
Router Components (External)

A router can be configured over any of its network interfaces. You can supply configuration information
to a router using:TFTP servers : Trivial File Transfer Protocol; A simplified version of FTP that allows files to be
transferred from one computer to another over a network.
virtual terminals
network management stations
Router's Startup Procedure
Each time you switch on the router, it goes through power-on self-test diagnostics to verify basic
operation of the CPU, memory and network interfaces.
The system bootstrap software in ROM (boot image) executes and searches for valid router
operating system software (Cisco IOS image). IOS is acronym for Internetwork Operating System.
There are three places to find the Cisco IOS image to load:
Flash memory
A TFTP server on the network
ROM
The source of the Cisco IOS image is determined from the boot field setting of the router's
configuration register.
Configuration Registration: A 16-bit register used to control how the router boots up, where the IOS
image, how to deal with the NVRAM configuration, setting the console baud rate and enabling or
disabling the break function.
The default setting for the configuration register indicates that the router should attempt to
load a Cisco IOS image from flash memory.
If the router finds a valid IOS image, it searches for a valid configuration file. If your router
does not find a valid system image, or if its configuration file is corrupted at startup, and the
configuration register (bit 13) is set to enter ROM monitor mode, the system will bypass the NVRAM
setting and enters ROM monitor mode. This also allow access to the router in the event a password is
lost.
The configuration file, saved in NVRAM, is loaded into main memory and executed one line at
a time. These configuration commands start routing processes, supply addresses for interfaces, and
set media characteristics.
If no configuration file exists in NVRAM, the operating system executes a question-driven
initial configuration routine called the system configuration dialog.
This special mode is also called the Setup mode.
Cisco CLI Command Modes
The Cisco IOS software provides you with access to several different command modes.
Each command mode provides a different group of related commands.
CCNA Study Material
The Cisco Command Line Interface (CLI) is called EXEC. EXEC has two modes: User mode
Privileged mode
For security purposes the two EXEC modes serve as two levels of access to Cisco IOS
commands.
EXEC user commands allow you to
connect to remote devices
make temporary changes to terminal settings
perform basic tests
list system information
If you want to access privileged mode you have to enter a password. The commands
available in Privileged mode also include all those available in User mode. You can use
Privileged EXECcommands to: set operating parameters
perform a detailed examination of the router's status
test and debug router operation
access global and other included configuration modes
From Privileged mode you can enter global configuration mode. This gives you access to
configuration commands that affect the system as a whole, and to other configuration modes.
You can specify the source of the configuration commands as being from : a terminal
memory
the network
You can access many other specific configuration modes from Global Configuration mode
that allow complex configurations to be performed.
Setup Mode: If the router does not have a configuration file it will automatically enter Setup mode
when you switch it on. Setup mode presents you with a prompted dialog, called the system
configuration dialog, in which you establish an initial configuration.
Rom Monitor Mode: If the router does not find a valid operating system image, or if you interrupt the
boot sequence, the system may enter ROM monitor mode. From ROM monitor mode you can boot
the device or perform diagnostic tests.
Cisco IOS Basics

Cisco IOS
IOS Command Modes
Context Sensitive Help
Keyboard
Editing
&
Hot
keys
Cisco IOS
Cisco Internetwork Operating System software. The proprietary Cisco software that provides
common functionality, scalability, and security for Cisco products.
CCNA Study Material
CLI (Command Line Interface): The screen interface that allows the user to interact with the
operating system by entering commands and optional arguments.
Command Modes
A hierarchical level of Cisco IOS software. Each command mode permits you to configure different
configuration components. For example, you configure global parameters in global configuration
mode, interface parameters in interface configuration mode, and line parameters in line configuration
mode. There are five command modes. Each mode is represented by a different prompt, as shown in
the table below:
Command Mode
Prompt
Command to enter mode
User EXEC
Router1>
login
Privileged EXEC
Router1#
enable
Global configuration
Router1(config)#
configure terminal
Interface
configuration
Router1(config-if)#
interface type
(from global configuration mode)
number
Sub
interface Router1(configconfiguration
subif)#
interface type
number
(to configure a sub interface from within
interface configuration mode)
Router configuration
Router1(configrouter)#
router routing_protocol
Line configuration
Router1(config-line)# line line_type

ending_line_number
Table-1:
Cisco
CLI
Command
Modes,
respective
prompts
line_number
and
commands.
Exec Mode
A console, modem, or Telnet command-line session to the router. There are two primary levels to the
EXEC mode: user-level EXEC mode, and privileged EXEC mode. User-level EXEC is the initial mode
entered upon logging into the router, and allows access only to basic monitoring commands. It is
indicated
by
the
>
prompt:
Router1>
Privileged-level EXEC mode, sometimes called enable mode, provides access to configuration mode,
which permits authorized users to configure and manage the router. To enter the privileged-level
EXEC mode, enter the enable command, enter the enable password, and press Return. The prompt
changes
to
the
pound
sign
(#)
as
shown
in
the
following
example:
Router1>
enable
Password:
netserv3
Router1#
Global Configuration Mode
CCNA Study Material
The commands entered in Global Configuration Mode affect the whole router. Here are the steps from
Privileged
EXEC
mode:-
Router1# configure terminal

OR
Router1# config t
The result will be:
Router1(config)#
Interface Mode
The commands entered in this mode affect the current interface only. Here are the steps from Global
Configuration
mode:-
Router1(config)# interface serial 0

OR
Router1(config)# int serial 0
The result will be:
Router1(config-if)#
Line Mode
The router has three types of terminal lines: one console line, one auxiliary line, and five virtual
(network)
lines:-
Router1(config)# line con 0

OR
Router1(config)# line vty 0 4
The result will be:
Router1(config-line)#
Other configuration modes will be explored in their respective configuration.
Context Sensitive Help
To list all commands available for a particular command mode, enter a question mark (?) at
the system prompt.
To obtain a list of commands that begin with a particular character string, enter the
abbreviated command entry immediately followed by a question mark (?). This form of help is
CCNA Study Material
called word help, because it lists only the keywords or arguments that begin with the
abbreviation you entered. e.g.
Router#
configureconnectcopy
co?
To list a command's associated keywords or arguments, enter a question mark (?) in place of
a keyword or argument on the command line. This form of help is called command syntax
help, because it lists the keywords or arguments that apply based on the command,
keywords, and arguments you have already entered .
e.g.
The following example shows how to use command syntax help to display the next argument of a
partially complete access-list command. One option is to add a wildcard mask. The <cr> symbol
indicates that the other option is to press Return to execute the command.
Router(config)#
A.B.C.D
<cr>
accesslist
Mask
99
deny
of
bits
10.5.8.24
?
to
ignore
Note: If you enter an incorrect command, the caret symbol (^) and help response indicate the error.
Notice that the caret symbol character is displayed at the point in the command string where the IOS
detected
that
you
entered
an
incorrect
command,
keyword,
or
argument.
This error location facility together with the interactive help system allows you to find and correct
syntax
errors
easily.
Keyboard Editing & Hot Keys

The following table offers a comprehensive list of the hot keys and some other keyboard editing
functions.
Delete
- Removes one character to the right of the cursor.
Backspace - Removes one character to the left of the cursor.
TAB
- Finishes a partial command.
Ctrl-A
- Moves the cursor to the beginning of the current line.
Ctrl-N
- Forwards the history buffer.
- Creates new command prompt, followed by all the characters typed at the
Ctrl-R
last one. This is useful for syslog messages.
Ctrl-U
- Erases a line from the command prompt and also from memory buffer.
Ctrl-W
- Erases a word.
Ctrl-Z
- Ends configuration mode and returns to the EXEC mode.
Up Arrow
- Allows user to scroll forward through previous commands.
Down Arrow - Allows user to scroll backward through previous commands.
Esc-B
- Moves the cursor to the beginning of previous word.
Esc-F
- Moves the cursor to the beginning of next word.
Basic Router Configuration
CCNA Study Material
Rename the router

Setting system clock
Show system time
Setting banner for router
Setting the description for an interface
Setting line password
Setting privileged access password
Rename the Router

To specify or modify the host name for the router, global configuration command HOSTNAME is used.
Hostname is case sensitive. The host name is used in prompts and default configuration filenames.
Router(config)#hostnameHow2Pass
The factory-assigned default host name is router.
Setting the System Clock
The system clock runs from the moment the system starts up and keeps track of the current date and
time based on Coordinated Universal Time (UTC), also known as Greenwich Mean Time (GMT). The
system clock can be set from a number of sources, and in turn can be used to distribute the current
time through various mechanisms to other systems. To manually set the system clock, use one of the
formats of the clock set EXEC command.
clock
set hh:mm:ss
clock set hh:mm:ss month day yyyy
day
month
yyyy
In the following example, the system clock is manually set to 1:32 p.m. on May 12, 2001:
Router#
clock
Top
set
13:32:00
12
May
2001
CCNA Study Material
Show System Time

To display the system clock, use the show clock EXEC command. If time has not been set by the
clock set command then this command will show the time lapsed since router is up.
Router#
show
clock
Setting the Banner

To specify a message-of-the-day (MOTD) banner, use the banner motd global configuration
command. The no form of this command deletes the MOTD banner. When someone connects to the
router,
the
MOTD
Router(config)#
banner
banner
appears
motd
before
the
login
message
prompt.
Here (#) sign is used as delaminating character. You can use any character.
Setting the Description for an Interface
To add a description to an interface configuration, use the description interface configuration
command.
Use
the no form
of
this
command
to
remove
the
description.
The description command is meant solely as a comment to be put in the configuration to help you
remember
what
certain
interfaces
are
used
for.
The following example shows how to add a description for a T1 interface:

Router(config)# interface serial 0
Router(config-if)# description T1 line to How2Pass - 128 Kb/s
The description "T1 line to How2Pass - 128 Kb/s" appears in the output of the following EXEC
commands: show
startup-config, show
interfaces,
and show
running-config
Top
Setting the Line Password
To specify a password on a line, use the password line configuration command. Use the no form of
this command to remove the password. The first character cannot be a number. The string can
contain any alphanumeric characters, including spaces, up to 80 characters.
Console Password
Console password is needed when logging into router at user EXEC mode from console.
Router(config)# line console 0
CCNA Study Material
Router(config-line)# password How2pass2004

vty lines password
Virtual terminal lines (vty) are used to allow remote access to the router (by telneting through its
interfaces). The router has five virtual terminal lines by default.
Router(config)# line vty 0 4
Router(config-line)# password How2Pass2004
Setting Privileged Access Password
To set a local password to control access to various privilege levels, use the enable password global
configuration command. Use the no form of this command to remove the password requirement.
An enable password is defined as follows:
Must contain from 1 to 25 uppercase and lowercase alphanumeric characters.
Must not have a number as the first character.
Can have leading spaces, but they are ignored. However, intermediate and trailing spaces are
recognized.
Router(config)# enable password How2Pass2004

Setting Secret (Encrypted) Password
To set an encrypted local password to control access to various privilege levels, use the enable
secret global configuration command. Use the no form of this command to remove the password
requirement.
Router(config)# enable secret How2pass2004
Switching & Bridging

The Switch
Steps of Switch Functioning
Switching Methods
The Bridge
CCNA Study Material
The Switch
A switch is a layer 2 network device that forwards frames using MAC addresses in the header of
frames. It is used to improve network performance by: segmenting the network and creating separate collision domains.
reducing competition for bandwidth.
In a switch frame forwarding is handled by specialized hardware called "Application Specific
Integrated Circuit" (ASIC). ASIC technology allows a silicon chip to be programmed to perform
specific
functions
much
faster
than
that
of
chip
programmed
by
software.
Top
Steps of Switch Functioning
Learning
When switch starts, the MAC address table has no entry. When a node transmits data on its wire the
MAC address of the node is learned by Switch Port connected to that node. In this way all the MAC
addresses are learned by respective ports and these entries remain in the cache for a specific time. If
during this specific time no new frame arrives from a node MAC address entry for that node is
dropped from cache.
Forwarding & Filtering
When a MAC address for a port is learnt, packets addressed to that MAC address are forwarded only
to the port associated with it, using one of the Switching Methods.
Loop Avoidance
Switches and Bridges use Spanning Tree Protocol (STP), specified by IEEE 802.1d, to prevent loops.
Top
Switching Methods
CCNA Study Material
Store & Forward: In this method complete frame is received by the switch. CRC, source address
and destination address are checked. This method has following features: Highest latency (delay in forwarding of frame) but may vary depending upon the length of frame.
Highest error checking.
Lowest frame forwarding speed.
Catalyst 500 switch uses this method.
Cut Through: In this method forwarding starts as soon as destination address of the frame is
received in header. Also known as WIRE SPEED. This method has following features: Lowest latency.
Lowest error checking.
Highest frame forwarding speed.
Fragment Free (Modified Cut Through): In this method forwarding starts as soon as first 64 bytes
of the frame are received as fragmentation occurs usually in first 64 bytes. This method has following
features: Latency approx 60Sec.
Sufficient error checking.
Moderate frame forwarding speed.
Top
The Bridge
It is a layer 2 device used to connect different network types or networks of the same type. Packets
having destination address on the same network segment are dropped. Bridges use "Store and
Forward" method to inspect the whole packet.
Advantages: Using a bridge to segment network can provide: Reliability.
CCNA Study Material
Manageability.
Scalability.
Disadvantages:
A bridge cannot filter out broadcast traffic.
It introduces 20 to 30 % latency.
Only 2 networks can be linked with a bridge.
Frame Relay
Frame
Frame
Frame
Frame
Frame
Relay
Overview
Relay
Relay
Relay
NBMA
Configuration
Sub
interface
Configuration
Relay
Configuration
and
and
Configuration
Verification
Verification
Summary
Frame Relay Overview

Connection to a frame relay network is done with a local loop from the serial interface of a
router to one of a service providers frame relay switches. Communication across a frame
relay network uses virtual circuits, which are built by a service provider from a routers serial
interface, through a collection of frame relay switches, to another routers serial interface.
Virtual circuits that are programmed into a service providers network to stay active all the
time are called permanent virtual circuits (PVCs). IOS also supports switched virtual
circuits(SVCs), which become active only when they are used; however, SVCs are not yet
widely available from frame relay service providers. We use only PVCs in this chapter.
Many PVCs can be built on a single local loop. PVCs are addressed with Data Link
Connection Identifiers (DLCIs) at layer 2. From our perspective, each PVC has two DLCIs
one at each end. From a routers perspective, each PVC needs only one DLCIthe local
one. When a router wants to transmit a packet to another router across a PVC, the router
must know the local DLCI of the PVC on which the packet is to be transmitted. For this
reason, some people say that DLCIs are locally significant.
Figure 1 shows a basic frame relay network. There are three routersDallas, FortWorth,
and Austin. Each router has a local loop to the frame relay network. There are two PVCs
one from Dallas to FortWorth and one from Dallas to Austin. Let us take a closer look at the
PVC between Dallas and FortWorth. The Dallas end of the PVC has DLCI 100 and the
CCNA Study Material
FortWorth end has DLCI 101. These DLCIs, since they are on different local loops, do not
have to be different, but they usually are, anyway. When Dallas wants to send a packet to
FortWorth, Dallas must transmit the packet out the serial interface that contains the PVC,
and the frame header must contain the local DLCI, 100. The switch knows that the path of
the PVC with DLCI 100 on the Dallas side is supposed to go to the switch connected to
FortWorth. The switch connected to FortWorth knows the path of the PVC extends across
the local loop to FortWorth and the DLCI of the PVC on the local loop is 101. The switch
puts the DLCI 101 into the frame header so the FortWorth router knows, when it receives
the frame, that the frame came in on the PVC with local DLCI 101.
Figure 1 - Basic Frame Relay Network
Dallas has two PVCs coming in on the same local loop; therefore, these PVCs must have
different local DLCIs. The frame relay topology shown in Figure 1 is called a partialmeshednetwork because not all of the routers have PVCs to all of the other routers. We
could also call this particular topology a hub-and-spoke network because there is one router
(the hub) that has a connection to each of the other routers (the spokes), and traffic from a
spoke router must go through the hub to reach another spoke router. A fully meshed network
has PVCs running between all of the router pairs; to make the Figure 1 frame relay topology
into a fully meshed network, we would have to add a PVC between FortWorth and Austin.
Routers and switches maintain contact with each other using Local Management
Interface(LMI). About every 10 seconds, routers and switches send an LMI keepalive across
the local loop. If a router is receiving LMI keepalives from a switch, the router makes the line
protocol of its interface up so the interface state will be up/up. If a Cisco router interface is
connected to a frame relay network and the state of the interface is up/up, the router has a
communication path to a frame relay switch. This has nothing to do with being able to reach
another router on the other end of a PVC. By default, a Cisco router uses LMI to request a
status report from the switch every six keepalives (about once a minute). The status report
contains a list of each of the local loops PVCs, their DLCIs, and their status.
There are two types of LMI that are widely used between routers and switches: Annex D and
Gang of Four. Annex D is from the American National Standards Institute (ANSI). The Gang
of Four LMI was jointly developed by Cisco, DIGITAL, Intel, and Stratacom. The router and
the local switch must agree on the type of LMI they will use between them.
Frame Relay Configuration
CCNA Study Material
There are two ways of configuring frame relay on a Cisco router. The first configuration
method uses the classic, frame relay nonbroadcast multiaccess (NBMA) model. In this
configuration, the frame relay network is treated as a multiaccess network like a LAN;
however, unlike a LAN, a frame relay network has no broadcast capability. There is no
frame relay broadcast address. All of the routers connected to the NBMA network share a
network address such as an IP subnet address or an AppleTalk cable range. The second
configuration method involves treating each of the PVCs as a separate logical point-topoint network, which is done by creating a sub interface for each PVC. The sub interface
method requires more network addresses because each PVC has its own network
address.
Of the two methods, the sub interface method is usually the recommended one. Both
configuration methods are briefly described in the following sections.
We are going to move our IP traffic from the point-to-point serial links to a frame relay
network. To do this, we are going to do something that is not normally recommended in a
production network. We are going to remove the IP addresses from the point-to-point serial
links, and we are going to stop the current IP routing protocol, OSPF, which was configured
inChapter 7. Figure 13-2 shows the IP configuration changes on Dallas, FortWorth, and
Austin.
1) Dallas#configure terminal
2) Enter configuration commands, one per line. End with CNTL/Z.
3) Dallas(config)#no router ospf 100
CCNA Study Material
4) Dallas(config)#interface serial0
5) Dallas(config-if)#no ip address
6) Dallas(config-if)#interface serial1
7) Dallas(config-if)#no ip address
8) Dallas(config-if)#<Ctrl-Z>
9) Dallas#
10)
11) FortWorth#configure terminal
13) FortWorth(config)#no router ospf 200
14) FortWorth(config)#interface serial0
15) FortWorth(config-if)#no ip address
16) FortWorth(config-if)#interface serial1
17) FortWorth(config-if)#no ip address
18) FortWorth(config-if)#<Ctrl-Z>
CCNA Study Material
19) FortWorth#
20)
21) Austin#configure terminal
23) Austin(config)#no router ospf 300
24) Austin(config)#interface serial0
25) Austin(config-if)#no ip address
26) Austin(config-if)#interface serial1
27) Austin(config-if)#no ip address
28) Austin(config-if)#<Ctrl-Z>
29) Austin#
Figure 2: Removal of IP from point-to-point serial links.
After issuing the commands in Figure 2, IP is no longer being routed across our WANs. We will
restore IP connectivity by configuring frame relay on the routers.
CCNA Study Material
Router Modes:
Router>: User mode = Limited to basic monitoring commands
Router#: Privileged mode (exec-level mode) = Provides access to all other router
commands
Router(config)#: global configuration mode = Commands that affect the entire

system
Router(config-if)#: interface mode = Commands that affect interfaces
Router(config-subif)#: subinterface mode = Commands that affect

subinterfaces
Router(config-line)#: line mode = Commands that affect in lines modes

(console, vty, aux)
Router(config-router)#: router configuration mode
Changing switch hostname:

1
Switch(config)# hostname SW1
Configuring passwords:
1
2
SW1(config)# enable secret cisco

! MD5 hash
SW1(config)# enable password notcisco
! Clear text
Securing console port:

1
2
3
SW1(config)# line con 0

SW1(config-line)# password cisco
SW1(config-line)# login
Securing terminal lines:

1
2
3
SW1(config)# line vty 0 4

SW1(config-line)# password cisco
SW1(config-line)# login
Encrypting passwords:
1
SW1(config)# service password-encryption
Configuring banners:
1
2
3
4
5
SW1(config)# banner motd $

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=UNAUTHORIZED ACCESS IS PROHIBITED
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=$
Giving the switch an IP address:

1
2
SW1(config)# interface vlan 1

SW1(config-if)# ip address 172.16.1.11 255.255.255.0
SW1(config-if)# no shutdown
! or DHCP
CCNA Study Material
Setting the default gateway:

1
SW1(config)# ip default-gateway 172.16.1.1
Saving configuration:
1
2
3
4
5
6
7
8
9
SW1# copy running-config startup-config

Destination filename [startup-config]?
name.
Building configuration
[OK]
! Press enter to confirm file
! Short for write memory.

SW1# wr
Building configuration
[OK]
Working environment:
name lookup, history, exec-timeout and logging behavior, also valid for line con 0.
1
2
3
4
5
SW1(config)# no ip domain-lookup
SW1(config-line)# history size 15
SW1(config-line)# exec-timeout 10 30
SW1(config-line)# logging synchronous
Configuring switch to use SSH:

1
Configure DNS domain name:

SW1(config)# ip domain-name example.com
Configure a username and password:

SW1(config)# username admin password cisco
Generate encryption keys:
The size of the key modulus in the range of 360 to 2048
1
2
SW1(config)# crypto key generate rsa

How many bits in the modulus [512]: 1024
Define SSH version to use:

SW1(config)# ip ssh version 2
1
2
3
4
Enable vty lines to use SSH:

SW1(config-line)# login local
! You can set vty lines to use only telnet or only ssh or both as in the
example.
SW1(config-line)# transport input telnet ssh
Aliases:
Used to create shortcuts for long commands.
CCNA Study Material
1
2
3
SW1(config)# alias exec c configure terminal

SW1(config)# alias exec s show ip interface brief
SW1(config)# alias exec sr show running-config
Description, speed and duplex:

1
2
3
4
5
6
SW1(config)# interface fastEthernet 0/1

SW1(config-if)# description LINK TO INTERNET ROUTER
SW1(config-if)# speed 100
! Options: 10, 100, auto
! The range keyword used to set a group of interfaces at once.
SW1(config)# interface range fastEthernet 0/5 10
SW1(config-if-range)# duplex full (options: half, full, auto)
Verify Basic Configuration:
Shows information about the switch and its interfaces, RAM, NVRAM, flash, IOS,
etc.
SW1# show version
Shows the current configuration file stored in DRAM.

SW1# show running-config
Shows the configuration file stored in NVRAM which is used at first boot process.
SW1# show startup-config
Lists the commands currently held in the history buffer.

SW1# show history
address if assigned.
SW1# show ip interface brief
1
1
Shows the description of all interfaces

SW1# show interfaces description
Shows the status of all interfaces like connected or not, speed, duplex, trunk or
access vlan.
SW1# show interfaces status
Shows the public encryption key used for SSH.
SW1# show crypto key mypubkey rsa
Shows detailed information about the specified interface, its status, protocol,
duplex, speed, encapsulation, last 5 min traffic.

SW1# show interface vlan 1
Shows an overview of all interfaces, their physical status, protocol status and ip
Shows information about the leased IP address (when an interface is configured to
get IP address via a dhcp server)

SW1# show dhcp lease
CCNA Study Material
CCNA Router and Catalyst Switch IOS Command Reference

By Jamison Schmidt
This reference guide provides router and switch commands to help you prepare for Cisco's CCNA
certification exam. This guide covers IOS version 11 and higher. We will try to get VLSM and
Supernetting commands added for the new 640-801 CCNA exam.
Reference Quick Links

Router Commands
Show Commands
Catalyst Commands
Router Commands
Terminal Controls:
Config# terminal editing - allows for enhanced editing commands

Config# terminal monitor - shows output on telnet session
Config# terminal ip netmask-format hexadecimal|bit-count|decimal - changes
the format of subnet masks
Host Name:
Config# hostname ROUTER_NAME

Banner:
Config# banner motd # TYPE MESSAGE HERE # - # can be substituted for

any character, must start and finish the message
Descriptions:
Config# description THIS IS THE SOUTH ROUTER - can be entered at the

Config-if level
Clock:
Config# clock timezone Central -6

# clock set hh:mm:ss dd month yyyy - Example: clock set 14:35:00 25 August
2003
Changing The Register:
CCNA Study Material
Config# config-register 0x2100 - ROM Monitor Mode

Config# config-register 0x2101 - ROM boot
Config# config-register 0x2102 - Boot from NVRAM
Boot System:
Config# boot system tftp FILENAME SERVER_IP - Example: boot system tftp
2600_ios.bin 192.168.14.2
Config# boot system ROM
Config# boot system flash - Then - Config# reload
CDP:
Config# cdp run - Turns CDP on

Config# cdp holdtime 180 - Sets the time that a device remains. Default is
180
Config# cdp timer 30 - Sets the update timer.The default is 60
Config# int Ethernet 0
Config-if# cdp enable - Enables cdp on the interface
Config-if# no cdp enable - Disables CDP on the interface
Config# no cdp run - Turns CDP off
Host Table:
Config# ip host ROUTER_NAME INT_Address - Example: ip host lab-a

192.168.5.1
-or-
Config# ip host RTR_NAME INT_ADD1 INT_ADD2 INT_ADD3 - Example: ip host

lab-a 192.168.5.1 205.23.4.2 199.2.3.2 - (for e0, s0, s1)
DNS:
Config# ip domain-lookup - Tell router to lookup domain names

Config# ip name-server 122.22.2.2 - Location of DNS server
Config# ip domain-name cisco.com - Domain to append to end of names
CCNA Study Material
Clearing Counters:
# clear interface Ethernet 0 - Clears counters on the specified interface

# clear counters - Clears all interface counters
# clear cdp counters - Clears CDP counters
Static Routes:
Config# ip route Net_Add SN_Mask Next_Hop_Add - Example: ip route

192.168.15.0 255.255.255.0 205.5.5.2
Config# ip route 0.0.0.0 0.0.0.0 Next_Hop_Add - Default route
-or-
Config# ip default-network Net_Add - Gateway LAN network

IP Routing:
Config# ip routing - Enabled by default

Config# router rip
-or-
Config# router igrp 100

Config# interface Ethernet 0
Config-if# ip address 122.2.3.2 255.255.255.0
Config-if# no shutdown
IPX Routing:
Config# ipx routing

Config# ipx maximum-paths 2 - Maximum equal metric paths used
Config-if# ipx network 222 encapsulation sap - Also Novell-Ether, SNAP, ARPA
on Ethernet. Encapsulation HDLC on serial
Access Lists:
IP Standard
1-99
IP Extended
100-199
CCNA Study Material
IPX Standard
800-899
IPX Extended
900-999
IPX SAP Filters
1000-1099
IP Standard:
Config# access-list 10 permit 133.2.2.0 0.0.0.255 - allow all src ips on

network 133.2.2.0
-or-
Config# access-list 10 permit host 133.2.2.2 - specifies a specific host

-or-
Config# access-list 10 permit any - allows any address
Config# int Ethernet 0

Config-if# ip access-group 10 in - also available: out
IP Extended:
Config# access-list 101 permit tcp 133.12.0.0 0.0.255.255 122.3.2.0
0.0.0.255 eq telnet
-protocols: tcp, udp, icmp, ip (no sockets then), among others
-source then destination address
-eq, gt, lt for comparison
-sockets can be numeric or name (23 or telnet, 21 or ftp, etc)
-or-
Config# access-list 101 deny tcp any host 133.2.23.3 eq www

-or-
Config# access-list 101 permit ip any any

Config-if# ip access-group 101 out
CCNA Study Material
IPX Standard:
Config# access-list 801 permit 233 AA3 - source network/host then

destination network/host
-or-
Config# access-list 801 permit -1 -1 - -1 is the same as any with

network/host addresses

Config-if# ipx access-group 801 out
IPX Extended:
Config# access-list 901 permit sap 4AA all 4BB all

- Permit protocol src_add socket dest_add socket
-all includes all sockets, or can use socket numbers
-or-
Config# access-list 901 permit any any all any all

-Permits any protocol with any address on any socket to go anywhere

Config-if# ipx access-group 901 in
IPX SAP Filter:
Config# access-list 1000 permit 4aa 3 - 3 is the service type

-or Config# access-list 1000 permit 4aa 0 - service type of 0 matches all
services

Config-if# ipx input-sap-filter 1000 - filter applied to incoming packets
-or-
CCNA Study Material
Config-if# ipx output-sap-filter 1000 - filter applied to outgoing packets

Named Access Lists:
Config# ip access-list standard LISTNAME

-can be ip or ipx, standard or extended
-followed by the permit or deny list
Config# permit any
Config-if# ip access-group LISTNAME in

-use the list name instead of a list number
-allows for a larger amount of access-lists
PPP Setup:
Config-if# encapsulation ppp

Config-if# ppp authentication chap pap
-order in which they will be used
-only attempted with the authentification listed
-if one fails, then connection is terminated
Config-if# exit
Config# username Lab-b password 123456
-username is the router that will be connecting to this one
-only specified routers can connect
-or-
Config-if# ppp chap hostname ROUTER

Config-if# ppp chap password 123456
-if this is set on all routers, then any of them can connect to any other
-set same on all for easy configuration
ISDN Setup:
Config# isdn switch-type basic-5ess - determined by telecom
Config# interface serial 0
Config-if# isdn spid1 2705554564 - isdn phonenumber of line 1
Config-if# isdn spid2 2705554565 - isdn phonenumber of line 2
CCNA Study Material
Config-if# encapsulation PPP - or HDLC, LAPD

DDR - 4 Steps to setting up ISDN with DDR
1.
Configure switch type
Config# isdn switch-type basic-5ess - can be done at interface config

2.
Configure static routes
Config# ip route 123.4.35.0 255.255.255.0 192.3.5.5 - sends traffic destined for

123.4.35.0 to 192.3.5.5
Config# ip route 192.3.5.5 255.255.255.255 bri0 - specifies how to get to network
192.3.5.5 (through bri0)
3.
Configure Interface

Config-if# encapsulation ppp
Config-if# dialer-group 1 - applies dialer-list to this interface
Config-if# dialer map ip 192.3.5.6 name Lab-b 5551212
connect to lab-b at 5551212 with ip 192.3.5.6 if there is interesting traffic
can also use dialer string 5551212 instead if there is only one router to connect to
4.
Specify interesting traffic
Config# dialer-list 1 ip permit any

-orConfig# dialer-list 1 ip list 101 - use the access-list 101 as the dialer list
5.
Other Options
Config-if# hold-queue 75 - queue 75 packets before dialing

Config-if# dialer load-threshold 125 either
-load needed before second line is brought up
-125 is any number 1-255, where % load is x/255 (ie 125/255 is about 50%)
-can check by in, out, or either
Config-if# dialer idle-timeout 180
-determines how long to stay idle before terminating the session
-default is 120
Frame Relay Setup
Config# interface serial 0

Config-if# encapsulation frame-relay - cisco by default, can change to ietf
CCNA Study Material
Config-if# frame-relay lmi-type cisco - cisco by default, also ansi, q933a

Config-if# bandwidth 56
Config-if# interface serial 0.100 point-to-point - subinterface

Config-if# frame-relay interface-dlci 100
-maps the dlci to the interface
-can add BROADCAST and/or IETF at the end
Config-if# interface serial 1.100 multipoint

Config-if# no inverse-arp - turns IARP off; good to do
Config-if# frame-relay map ip 122.1.1.2 48 ietf broadcast
-maps an IP to a dlci (48 in this case)
-required if IARP is turned off
-ietf and broadcast are optional
Config-if# frame-relay map ip 122.1.1.3 54 broadcast
Show Commands
Show access-lists - all access lists on the router

Show cdp - cdp timer and holdtime frequency
Show cdp entry * - same as next
Show cdp neighbors detail - details of neighbor with ip add and ios version
Show cdp neighbors - id, local interface, holdtime, capability, platform portid
Show cdp interface - ints running cdp and their encapsulation
Show cdp traffic - cdp packets sent and received
Show controllers serial 0 - DTE or DCE status
Show dialer - number of times dialer string has been reached, other stats
Show flash - files in flash
Show frame-relay lmi - lmi stats
Show frame-relay map - static and dynamic maps for PVCs
CCNA Study Material
Show frame-relay pvc - pvcs and dlcis

Show history - commands entered
Show hosts - contents of host table
Show int f0/26 - stats of f0/26
Show interface Ethernet 0 - show stats of Ethernet 0
Show ip - ip config of switch
Show ip access-lists - ip access-lists on switch
Show ip interface - ip config of interface
Show ip protocols - routing protocols and timers
Show ip route - Displays IP routing table
Show ipx access-lists - same, only ipx
Show ipx interfaces - RIP and SAP info being sent and received, IPX addresses
Show ipx route - ipx routes in the table
Show ipx servers - SAP table
Show ipx traffic - RIP and SAP info
Show isdn active - number with active status
Show isdn status - shows if SPIDs are valid, if connected
Show mac-address-table - contents of the dynamic table
Show protocols - routed protocols and net_addresses of interfaces
Show running-config - dram config file
Show sessions - connections via telnet to remote device
Show startup-config - nvram config file
Show terminal - shows history size
Show trunk a/b - trunk stat of port 26/27
Show version - ios info, uptime, address of switch
Show vlan - all configured vlans
Show vlan-membership - vlan assignments
Show vtp - vtp configs
CCNA Study Material
Catalyst Commands For Native IOS - Not CatOS

Switch Address:
Config# ip address 192.168.10.2 255.255.255.0

Config# ip default-gateway 192.168.10.1
Duplex Mode:
Config# interface Ethernet 0/5 - fastethernet for 100 Mbps ports

Config-if# duplex full - also, half | auto | full-flow-control
Switching Mode:
Config# switching-mode store-and-forward - also, fragment-free

MAC Address Configs:
Config# mac-address-table permanent aaab.000f.ffef e0/2 - only this mac will

work on this port
Config# mac-address-table restricted static aaab.000f.ffef e0/2 e0/3
-port 3 can only send data out port 2 with that mac
-very restrictive security
Config-if# port secure max-mac-count 5 - allows only 5 mac addresses

mapped to this port
VLANS:
Config# vlan 10 name FINANCE

Config# interface Ethernet 0/3
Config-if# vlan-membership static 10
Trunk Links:
Config-if# trunk on - also, off | auto | desirable | nonegotiate

Config-if# no trunk-vlan 2
-removes vlan 2 from the trunk port
-by default, all vlans are set on a trunk port
CCNA Study Material
Configuring VTP:
Config# delete vtp - should be done prior to adding to a network

Config# vtp server - the default is server, also client and transparent
Config# vtp domain Camp - name doesnt matter, just so all switches use the
same
Config# vtp password 1234 - limited security
Config# vtp pruning enable - limits vtp broadcasts to only switches affected
Config# vtp pruning disable
Flash Upgrade
Config# copy tftp://192.5.5.5/configname.ios opcode - opcode for ios

upgrade, nvram for startup config
Delete Startup Config:
Config# delete nvram
Configuring port security:

1
Make the switch interface as access port:

SW1(config-if)# switchport mode access
Enable port security on the interface:

SW1(config-if)# switchport port-security
Specify the maximum number of allowed MAC addresses:

SW1(config-if)# switchport port-security maximum 1
Define the action to take when violation occurs:

SW1(config-if)# switchport port-security violation shutdown
protect, restrict
! options: shutdown,
Specify the allowed MAC addresses:
The sticky keyword is used to let the interface dynamically learns and configures the MAC
addresses of the currently connected hosts.
SW1(config-if)# switchport port-security mac-address 68b5.9965.1195

H.H.H, sticky
Verify and troubleshoot port security:

1
Shows the entries of the mac address table:

SW1# show mac-address-table
! options:
CCNA Study Material
Overview of port security of all interfaces:

SW1# show port-security
Shows detailed information about port security on the specified interface:

SW1# show port-security interface fa0/5
Configuring VLANs:
1
2
Create a new VLAN and give it a name:

SW1(config)# vlan 10
SW1(config-vlan)# name SALES
1
2
3
Assign an access interface to access a specific VLAN:

SW1(config-if)# switchport access vlan 10
Configuring an auxiliary VLAN for cisco IP phones:

1
2
3
4

! accessing vlan 10 (data) and 12 (VoIP)
SW1(config-if) #switchport access vlan 10
SW1(config-if) #switchport voice vlan 12
Configuring Trunks:
1
2
3

SW1(config-if)# switchport mode trunk
! options: access, trunk, dynamic auto, dyn
desirable
SW1(config-if)# switchport trunk allowed vlan add 10
! options: add, remove, all,
except
Securing VLANs and Trunking:

1
Administratively disable unused interfaces:

SW1(config-if)# shutdown
1
2
Prevent trunking by disabling auto negotiation on the interface:

SW1(config-if)# nonegotiate
! or hardcode the port asan access port
Assign the port to an unused VLAN:

SW1(config-if)# switchport access vlan 222
Configuring VTP:
Configure VTP mode:
The transparent VTP mode is used when an engineer wants to deactivate VTP on a
particular switch
SW1(config)# vtp mode server
! options: server, client, transparent
Configure VTP domain name:

SW1(config)# vtp domain EXAMPLE
! case-sensitive
Configure VTP password (optional):

SW1(config)# vtp password cisco
! case-sensitive
CCNA Study Material
Configure VTP pruning (optional):

SW1(config)# vtp pruning
! only works on VTP servers
Enable VTP version 2 (optional):

SW1(config)# vtp version 2
Verify and troubleshoot VLANs and VTP:

1
Lists information about administrative setting and operation status of interface:

SW1# show interfaces if switchport
Lists all the trunk ports on a switch including the trunk allowed VLANs:
SW1# show interfaces trunk
Lists information about the VLANs:

SW1# show vlan {brief | id | name | summary}
Lists VTP configuration (mode, domain-name, version, etc) and revision number:
SW1# show vtp status
Shows the VTP password:

SW1# show vtp password
STP optimization:
1
2
3
4
1
Hard coding the root bridge (changing bridge priority):
SW1(config)# spanning-tree vlan 1 root primary

SW1(config)# spanning-tree vlan 1 root secondary
! Priority must be a multiply of 4096
SW1(config)# spanning-tree [vlan 1]priority 8192
Changing the STP mode:
SW1(config)# spanning-tree mode rapid-pvst
pvst
! options: mst, pvst, rapid-
Enabling portfast and BPDU guard on an interface:
Portfast and BPDU guard are enabled only on interfaces connected to end user hosts
1
2
SW1(config-if)# spanning-tree portfast

SW1(config-if)# spanning-tree bpduguard enable
Changing port cost:

SW1(config-if)# spanning-tree [vlan 1] cost 25
Bundling interfaces into an etherchannel:

SW1(config-if)# channel-group 1 mode on
STP verification and troubleshooting:

1
Shows detailed info about STP state:

SW1# show spanning-tree
Shows STP info only on a specific port:

SW1# show spanning-tree interface fa0/2
Shows STP info only for a specific VLAN:

SW1# show spanning-tree vlan 1
Shows info about the root switch:

SW1# show spanning-tree [vlan 1] root
! options: auto, desirable, on
CCNA Study Material
Shows info about the local switch:

SW1# show spanning-tree [vlan 1] bridge
Show the state of the etherchannels:

SW1# show etherchannel 1
Provides informational messages about the changes in the STP topology:

SW1# debug spanning-tree events
Enabling or disabling CDP:

1
Enabling CDP globally on a switch:

SW1(config)# cdp run
Disabling CDP on a given interface:

SW1(config-if)# no cdp enable
Using CDP for network verification and troubleshooting:

1
Shows global information about CDP itself:

SW1# show cdp
Shows information about CDP on a specific interface:

SW1# show cdp interface fa0/2
names capabilities:
SW1# show cdp neighbors
1
2
3
1
Shows information about the directly connected cisco devices including interfaces
Shows detailed information about the neighboring cisco devices including device
address and version of IOS they run:

SW1# show cdp neighbors detail
! OR
SW1# show cdp entry *
Shows detailed information about the specified entry only:
SW1# show cdp entry SW2

Study Material - Router Basics

Caricato da

Informazioni sul documento

Descrizione originale:

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Study Material - Router Basics

Caricato da

Copyright:

Formati disponibili

CCNA Study Material

Cisco Router Basics

CCNA Study Material

Router Components (External)

CCNA Study Material

Cisco IOS Basics

CCNA Study Material

Command to enter mode

Router1(config-line)# line line_type

Global Configuration Mode

CCNA Study Material

Router1# configure terminal

Router1(config)# interface serial 0

Router1(config)# line con 0

Context Sensitive Help

CCNA Study Material

Keyboard Editing & Hot Keys

Basic Router Configuration

CCNA Study Material

Rename the router

Rename the Router

CCNA Study Material

Show System Time

Setting the Banner

The following example shows how to add a description for a T1 interface:

CCNA Study Material

Router(config-line)# password How2pass2004

Must contain from 1 to 25 uppercase and lowercase alphanumeric characters.

Must not have a number as the first character.

Router(config)# enable password How2Pass2004

Switching & Bridging

CCNA Study Material

CCNA Study Material

CCNA Study Material

Frame Relay Overview

CCNA Study Material

Figure 1 - Basic Frame Relay Network

Frame Relay Configuration

CCNA Study Material

2) Enter configuration commands, one per line. End with CNTL/Z.

3) Dallas(config)#no router ospf 100

CCNA Study Material

11) FortWorth#configure terminal

13) FortWorth(config)#no router ospf 200

14) FortWorth(config)#interface serial0

15) FortWorth(config-if)#no ip address

16) FortWorth(config-if)#interface serial1

17) FortWorth(config-if)#no ip address

CCNA Study Material

21) Austin#configure terminal

23) Austin(config)#no router ospf 300

24) Austin(config)#interface serial0

25) Austin(config-if)#no ip address

26) Austin(config-if)#interface serial1

27) Austin(config-if)#no ip address

Figure 2: Removal of IP from point-to-point serial links.

CCNA Study Material

Router>: User mode = Limited to basic monitoring commands

Router(config)#: global configuration mode = Commands that affect the entire

Router(config-if)#: interface mode = Commands that affect interfaces

Router(config-subif)#: subinterface mode = Commands that affect

Router(config-line)#: line mode = Commands that affect in lines modes