Tuesday, 1 June 2010

IOS


IOS functions

These are some important things that the Cisco router IOS software is responsible for:
  • Carrying network protocols and functions
  • Connecting high-speed traffic between devices
  • Adding security to control access and stop unauthorized network use
  • Providing scalability for ease of network growth and redundancy
  • Supplying network reliability for connecting to network resources
  • Defines the network topology
  • Access to network resources
  • Routing and switching functions

IOS tips

Show total and free memory
show processes memory

Add privileged user with SHA256 password hashing
username admin privilege 15 secret 4 strong_password

 Show brief information about all IP addresses
show ip interface brief

Enable VLAN interface on a switch or router manually, even if there are no ports in it
(config-if)#no autostate

 Disable pause and breaks during show run
For routers
terminal length 0
For ASA
Pager 0




Privilege levels

There are 16 different privilege levels that can be used. Level 0 is user mode. Level 15 is the privileged mode. Level 1 through 14 are available for customization and use. The command used are:


Cisco(config)#privilege mode level level command
Cisco(config)#enable secret level level password

The privilege command is used to add authorized IOS commands to each customized levels. The enable secret command defines the secret password needed to access this particular privilege level. The options for these commands are:


  • mode: it selects an exec or configuration option that will be included with this privilege level

  • level: it defines the privilege level (number between 1 and 14)

  • command: it is a specific IOS command at the specified mode that is included in this privilege level

  • password: it is the password associated to the level

An example of privilege level configuration:




Cisco(config)#privilege interface level 2 ip address
Cisco(config)#privilege configure level 2 interface



Some facts



  • Blinking System led after POST signal means that there is internal problem, that prevent IOS loading.

  • Show interfaces shows you broadcast addresses.

  • show running requires privileged EXEC mode

  • If you enter a major command, Cisco router switches you from one configuration mode to another.

  • If both the enable secret and the enable password commands are configured on your router you can enter either the enable secret or the enable password

  • Banner login: The first nonblank character after the banner login phrase is interpreted as the beginning delimiter character.

  • Banner motd - dispalys message before login

  • Banner login - shows messagr before login, but after motd

  • Banner exec - shows message after login

  • The extended ping command works only at the privileged EXEC command line. The normal ping works both in the user EXEC mode and the privileged EXEC mode.

  • terminal monitor - shows everything on monitor

  • Ctrl+C and CTRL+Z are the same - returns to enable EXEC mode from anywhere. END returns to enable EXEC from anywhere. Exit rerturns one level up.

  • You can exit setup mode by pressing Ctrl-C

  • The commands show protocols, show interfaces, and show ip interface will show you the layer 1 and 2 status and the IP addresses of your router’s interf aces



Booting

There are 4 types of memory in router:




  • ROM - read only memory, stores:



  1. POST (power-on self-test) - self check test, it checks hardware.

  2. ROM monitor - software for testing and troubleshooting.

  3. Mini-IOS - уменьшенная версия IOS, предназначена для технического обслуживания

  4. Bootstrap - загрузчик, отвечает за поиск IOS и его загрузки



  • RAM - stores running configuration, buffers, arp tables, route tables and etc.

  • Flash - stores IOS. It is also possible to store any files here.

  • NVRAM(non volatile random access memory) - stores router configuration and configuration register.


First, POST is launched from ROM. If POST is ok, bootstrap is loaded. Bootstrap searches for IOS image and launches it. Ususally IOS is loaded from FLASH, but it can be configured, using configuration register. This is 16 bit register in NVRAM. This register defines options of booting router.

Bits in register are numbered from 15 to 0, from left to right. By default this register is 2102 in decimal.

Other possible values of configuration register:


  • 2100 - boot into ROM monitor

  • 2101 - boot mini IOS from ROM


  • 2002 - enable Break function(this means that, if you push CTRL+Break during work, you will enter ROM monitor mode

  • 2142 - ignore NVRAM(configuration), it is usually used to restore passwords





PIPE


  • Append – add to url

  • Begin

  • Exclude

  • Include

  • Redirect – redirect to url

  • Section

  • Tee – copy output to url

Telnet

By default, all Cisco routers support up to five simultaneous Telnet sessions

To use multiple telnet connections:

Ctrl+Shift+6 and then X

To go back to the connection, just hit enter twice

Or select connection number from



show sessions


and hit enter..

To end telnet session type exit!

to resume session:



resume 4


To disconnect session:



disconnect 3


To apply access list:



access class 1



CDP
CDP provides:


  • Device ID

  • Capabilities

  • Platform



- No comments:
Labels: ,
Subscribe to: Comments (Atom)

Ping does not work

Today I would like to discuss a banal situation: host A is directly connected to host B, ping from host A to host B does not work. What are...