Monday, August 19, 2019

CCNA LESSON 10. BASIC CISCO ROUTER CONFIGURATION

 

10.Basic Cisco Router Configuration

Basic configuration of Router



• While configuring the router you should be in the global mode i.e. Configuration mode. The commands that are run in the configuration mode are used to change or assign settings of the router.
• If you want to check the configuration or any information of the configuration you should execute the command in privileged mode.
• In privileged mode command, if you press question mark '?' at the prompt, you will get a list of all the commands available.

Router#?
Exec commands:
<1-99>               -----      Session number to resume
auto                    -----      Exec level Automation
clear                   -----      Reset functions
--More--

• For the next page you can press spacebar or if you want to move one line at a time you can press enter. For exit, you can press q or any other key which will return to the prompt.

• You can also use question mark '?' to find the next command in a string, as shown below type the command followed by a question mark

Router#clock ?
set Set the time and date

Router#clock set ?
hh:mm:ss  Current Time

Router#clock set 01:31:00 ?
<1-31>       Day of the month
MONTH    Month of the year

Router#clock set 01:31:00 15 dec ?
<1993-2035>        Year

Router#clock set 01:31:00 15 dec 2015 ?
<cr>

Router#clock set 01:31:00 15 dec 2015
Router#
• As you can see that clock ? command provide the next command in a string until you get <cr> i.e. carriage return.
• To verify the date and time of the clock, you can use the below command

Router#show clock
*1:31:45.359 UTC Tue Dec 15 2015


Verifying Router Configuration


• To verify the configuration of the router, you can use show running-config command and show startup-config command.

Router#show running-config

•This command will display the information that is in the RAM that will be the current state.

Router#show startup-config

This command will display the information that is in the NVRAM that is either copied from RAM and will be used the next time the router is reloaded. You can check the connectivity by using the ping command at either the router user-mode or privileged-mode prompt:

Router>ping ?

WORD Ping destination address or hostname
ip IP echo

Or

Router#ping ?
WORD Ping destination address or hostname
ip IP echo
<cr>


You can use traceroute command to track the path of a packet that takes through an internetwork.

Router#traceroute ?
WORD Trace route to destination address or hostname
ip IP Trace
<cr>

Verifying with the show interface Command
• Cisco routers support two types of connections such as:

Ports
• Ports are used for configuration purpose and provide an out-of-band management method that is managing process without affecting traffic flowing through Cisco devices. Cisco router and switches has console port and in some models we can see auxiliary port.

Interfaces• Interfaces are used to connect devices together like switch to router, router to router, PC to router.
• Interfaces can be used for management purposes but it will affect the performance of the device. Such connections are referred to as inband connections. Cisco router has seria interfaces and Ethernet interfaces, etc.

Connecting to a Cisco Router


• For the connection of Cisco Router there are many interfaces available such as:

Console port


• The console port is usually an RJ-45 i.e. an 8-pin modular connection located at the back of the router that can be connected to your computer serial port by a console cable.. While accessing console port, you may or may not be prompted for a password. The new ISR routers use cisco as the username and cisco as the password by default. If your computer does not have a serial interface then you can uses a serial to USB convertor.

Auxiliary port


• We can also use auxiliary port similarly as a console port to connect to a Cisco router. An auxiliary port can also be to connect a modem.
• You can also connect via telnet to a Cisco router. As you all known telnet is a terminal emulation program that acts as though it's a dumb terminal. Using telnet command you can get connected to any of the active interface such as Ethernet or serial port on a router.

show interface command


The show interface fastethernet 0/0 is used to show the hardware address, logical address, encapsulation method and statistics on collisions.



The fastethernet output shown that it is up as refer to the Physical layer as it receives carrier detect.

The protocol is also up and running which is related to Data Link layer.

The show interfaces command output will have error message if it receive errors on the interface.

It also shows the maximum transmission units (MTUs) i.e. 1,500 bytes, bandwidth (BW) i.e. 100000Kbit, which is 100,000,000 bit, which is 100Mbits per second, Delay i.e. DLY is 100 usec, reliability that is 255/255 which means perfect, and load is 1/255 means no load i.e. shown as txload and rxload.

The show interface serial 0/0 command demonstrates, the first Physical layer parameter is up as it receives carrier detect. The second Data Link layer parameter i.e. line protocol is up, and from the connecting end it looks for keepalives.

Keepalives are used between devices to make sure connectivity is reliable and has not dropped.

It also demonstrates the default maximum transmission unit (MTUs) i.e. 1,500 bytes.

It also shows the bandwidth (BW) on all Cisco serial links i.e. 128Kbit. These links determine the bandwidth of the line for routing protocols such as EIGRP and OSPF.

Delay i.e. DLY is 20000 usec, reliability that is 255/255 which means perfect, and load is 1/255 means no load i.e. shown as txload and rxload.

The keepalive, by default is 10 seconds. Both router should have same keepalive time so they can they can send keepalive message to its neighbor router every 10 seconds. If keepalive time does not match then it won’t work.


Example on serial interfaces

• As you can see that the line is up but the protocol is down which is due to framing or clocking or keepalive problem or encapsulation mismatch. So you have to check for the clock rate is set , keepalive matches on both the end, and the data encapsulation is same on both the ends.

Router# show interfaces serial 0/0
Serial0/0 is up, line protocol is down

• If both parameters are down as shown below then it can be a problem of cable or interface which refer to as a Physical layer problem:

Router# show interfaces serial 0/0
Serial0/0 is down, line protocol is down
• If one end is administratively shut down then router configuration includes the shutdown interface configuration command

Router# show interfaces serial 0/0
Serial0/0 is administratively down, line protocol is down

show ip interface command


• The show ip interface command will provide you with information regarding the status of the interface, the IP address and mask, information on whether an access list is set on the interface, and basic IP information.

Router#show ip interface
• The show ip interface brief command provides a quick summary of the router’s interfaces, the IP address and status of the line and protocol:

Router#show ip interface brief

Interface                            IP-Address        OK?         Method                            Status     Protocol
FastEthernet0/0                192.168.1.1         YES         manual                            up            up
Serial0/0                            192.168.2.1         YES         manual                             up            up
Serial0/1                            unassigned         YES         unset administratively    down       down

• Administrative down mean the interface is in shutdown state, so to make it up and running you can give a no shutdown command at that particular interface.


The show controllers Command


• The show controllers command displays information about the type of serial cable plugged into a serial port. We plug in DTE (Data Transmission Equipment) cable that a type of data service unit (DSU).

Router#show controllers serial 0/0
Interface Serial0/0
Hardware is PowerQUICC MPC860
DTE V.35 TX and RX clocks detected
idb at 0x81081AC4, driver data structure at 0x81084AC0
Router#show controllers serial 0/1
Interface Serial0/0
Hardware is PowerQUICC MPC860 DCE V.35, clock rate 64000
idb at 0x81081AC4, driver data structure at 0x81084AC0

• As you can see, the serial 0/0 has a DTE (Data Transmission Equipment) cable and the serial 0/1 has a DCE (Data Communication Equipment) cable.
• On Serial 0/1 you have to provide the clock rate command.
• As on Serial 0/0 you don't have to provide the clock rate command as it would get its clocking from the DSU.

Administrative Configurations for Router and Switch


• Let us look at the administrative configuration command, to configure the network device such as router and switch for administering the network.
• The administrative functions that you can configure on a router and switch are as follows:
  1. Hostnames
  2. Interface descriptions
  3. Passwords

Hostnames
• To assign an identity to your router you can use the below command in global mode:

Router(config)#hostname andheri
andheri(config)#
• Assign name can be useful as to where the device actually lives will make finding it a whole lot easier. And it also helps you confirm that you are, indeed, configuring the right device.

Router Interfaces


Here is the command to make changes to an interface; you use the interfacecommand from global configuration mode:

Router(config)#interface ?
Ethernet IEEE 802.3
FastEthernet FastEthernet IEEE 802.3
GigabitEthernet GigabitEthernet IEEE
802.3z Loopback Loopback interface
Serial Serial
Virtual-Template Virtual Template interface
range interface range command


Router(config)#interface fastEthernet 0/0
Router(config-if)#

You can see that after executing the interface command the prompt has change from Router(config)# to Router(config-if)# i.e. the interface configuration mode.

Subinterfaces


To create logical interface of the router, you can use the following command.

Router(config-if)#
Router(config-if)#interface fastEthernet 0/0.1
Router(config-subif)#

The below command will let you go in interface configuration mode where you can assign ip address.

To enter serial interface
Router(config)#
Router(config)#interface serial 0/0
Router(config-if)#

To enter fastethernet interface

Router(config)#
Router(config)#interface fastEthernet 0/0
Router(config-if)#

You can verify the interface and slot/port by just typing the following command.

Router#show ip interface brief

Interface                    IP-Address    OK?     Method                           Status    Protocol
FastEthernet0/0        192.168.1.1    YES      manual                           up           up
Serial0/0/0                 192.168.2.1    YES      manual                           up           up
Serial0/0/1                 unassigned    YES      unset administratively  down      down
Serial0/1/0                 unassigned     YES     unset administratively  down      down
Serial0/2/0                 unassigned    YES      unset administratively  down      down

Or

Router#show running-config



In some router you will get three numbers instead of two i.e. serial 0/0/0 wherethe first 0 is the router itself, and the other two '0' are slot/port. Here's an example of a serial interface on my 2811:

For the show ip interface brief, you can see the two FastEthernet interfaces, the two serial interface in slot 0 (0/0/0 and 0/0/1), the serial interface in slot 1 (0/1/0), and the serial interface in slot 2 (0/2/0). Now it is more easy for you to understand and configure the interface

Bringing Up an Interface


• By giving the no shutdown or shutdown you can enable or disable an interface as shown.

Router(config)#interface fastEthernet 0/0
Router(config-if)#no shutdown

Assigning an IP Address on an Interface


• To assign IP address on a respective interface, you can use IP address command from interface configuration mode:

Router(config)#interface fastEthernet 0/0
Router(config-if)#ip address 192.168.1.1 255.255.255.0
Router(config-if)#no shutdown
• After assigning the IP address you can type in the no shutdown command to enable the interface and show running-config or show ip interface brief to verify the configuration.
• For assigning IP address to serial interface

Router(config)#interface serial 0/0
Router(config-if)#ip address 192.168.2.1 255.255.255.0
Router(config-if)#no shutdown

Assigning Clock Rate Command


•If router serial interface is connected to a DCE end via a CSU/DSU type of device
that provides clocking for the line to the router, then you have to assign a clock
rate on that interface.


Router(config)#interface serial 0/0
Router(config-if)#clock rate ?
Speed (bits per second)
1200
2400
4800
9600
14400
19200
28800
32000
38400
48000
56000
57600
64000
<300-8000000> Choose clockrate from list above
Router(config-if)#bandwidth 1000
Router(config-if)#clock rate 64000 

The clock rate command is used to set in bits per second on the serial interface that isDCE which can be verify by looking at the cable end to check for a label of DCE or DTE or show controller serial 0/0 command as shown below.

Router#show controllers serial 0/0
Interface Serial0/0
Hardware is PowerQUICC MPC860
DCE V.35, clock rate 64000
idb at 0x81081AC4, driver data structure at 0x81084AC0

You can assign bandwidth in kilobits, on the interface with the following command

Router(config)#interface serial 0/0
Router(config-if)#bandwidth ?
<1-10000000> Bandwidth in kilobits
Router(config-if)#bandwidth 1000

Setting Passwords


• Cisco router and switches can be secure using five passwords
console
auxiliary
enable password
enable secret
telnet (vty)

• Enable password and enable secret is assigning to secure the privileged mode whereas for securing console port you have to assign console password which will prompt for password before entering user mode.
• For auxiliary port you can use auxiliary password same for telnet access, you can assign telnet i.e. vty password.

Enable Passwords


• You can secure the privileged mode by assigning the following command from the global configuration.

Router(config)#enable password cisco@123
• The enable password is in text mode you can check with the help of show running-config command.
• To set the encrypted password that overrides the enable password if it’s set. Then you can use:

Router(config)#enable secret cisco@1234

• User-mode passwords are assigned by using the line command:

Router(config)#line ?
<2-499> First Line number
aux Auxiliary line
console Primary terminal line
tty Terminal controller
vty Virtual terminal
x/y/z Slot/Subslot/Port for Modems

Auxiliary Password


• To assign the auxiliary password, go into global configuration mode and do the following.

Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#line aux ?
<0-0> First Line number
Router(config)#line aux 0
Router(config-line)#password auxil@123
Router(config-line)#login
• In order to prompt for password, you have to give login command if you fail to do so the there will be no prompt for authentication.

Console Password

• In order to secure access to router configuration i.e. console port you can assign password to it by using line console 0 command.
• In order to get a prompt for authentication here also you have to give login command as shown below

Router(config)#line console 0
Router(config-line)#password con@123
Routerconfig-line)#login

Encrypting Your Passwords


• As only enable secret password is encrypted as compare to other user mode and enable password, you can also encrypt those password by doing:

Router(config)#service password-encryption

• The passwords will now be encrypted. You just encrypt the passwords, perform a show run, and then turn off the command.

Router(config)#no service password-encryption

Saving Configurations


• After doing the entire configuration it is compulsory to save those entire configurations as if router is reloaded due to some power failure, so in order to do so, you have to copy the configuration in RAM TO NVRAM.
• You can manually save the file from DRAM to NVRAM by using the following command in privileged mode:

Router#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]

Deleting the Configuration and Reloading the Router


• If you want to wipe out the configuration from the NVRAM, You can use the erase startup-config command:

Router#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Router#

To reload the router


Router#reload
Proceed with reload? [confirm]
• After erasing the startup-config, if you reload the router it will take you to the setup mode as there is nothing left.

- No comments:
Labels:
Subscribe to: Posts (Atom)

CCNA LESSON 10. BASIC CISCO ROUTER CONFIGURATION

  10.Basic Cisco Router Configuration Basic configuration of Router • While configuring the router you should be in the global mode i....