1 / 37

Chapter 9

Chapter 9. Managing a Cisco Internetwork. Objectives. Back up a Cisco IOS to a TFTP server Upgrade or restore a Cisco IOS from a TFTP server Back up and restore a Cisco router configuration using a TFTP server Use the Cisco Discovery Protocol to gather information about neighbor devices

eliora
Download Presentation

Chapter 9

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 9 Managing a Cisco Internetwork

  2. Objectives • Back up a Cisco IOS to a TFTP server • Upgrade or restore a Cisco IOS from a TFTP server • Back up and restore a Cisco router configuration using a TFTP server • Use the Cisco Discovery Protocol to gather information about neighbor devices • Create a host table on a router and resolve host names to IP addresses • Verify your IP host table • Use the OSI model to test IP

  3. Cisco Router Rom Components • ROM • Starts & maintains the router • Bootstrap • Brings up the router during initialization • POST • Checks basic functionality; hardware & interfaces • ROM monitor • Manufacturing testing & troubleshooting

  4. Cisco Router Rom Components (con’t) • Mini-IOS • RXBOOT • Start an interface • Load Cisco IOS into Flash Memory • Minimum set of commands

  5. Cisco Router Components • RAM • Holds packet buffers, routing tables, & s/w • Stores running-config • Flash Memory • Holds Cisco IOS • Not erased when the router is reloaded • NVRAM • Holds router (& switch) configurations • Not erased when the router is powered down • Configuration Register • Controls how the router boots up0x2102

  6. Boot Sequence #1: Router performs a POST #2: Bootstrap looks for & loads the Cisco IOS #3: IOS software looks for a valid configuration file #4: Startup-config file (from NVRAM) is loaded • If startup-config file is not found, the router will start the setup mode

  7. Configuration Registers • Register • 16-bit software written into NVRAM • Loads IOS from flash memory & looks for the startup-config file • Configuration Register Bits • 16 bits read 15-0, from left to right • default setting: 0x2102 Register 2 1 0 2 Bit number 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 Binary 0 0 1 0 0 0 0 1 0 0 0 0 0 0 1 0 NOTE: 0x means the digits that follow are in hexadecimal

  8. Configuration & Boot Field Meanings http://www.thtech.net/databanks-networking-confreg.php

  9. Checking the Register Value Router#sh version Cisco Internetwork Operating System Software IOS ™ C2600 Software (C2600-I-M), Version 12.0(3)T3 RELEASE SOFTWARE (fc1) [output cut] Configuration register is0x2102

  10. Changing the Configuration Register • Force the system into the ROM monitor mode • Select a boot source & default boot filename • Enable or disable the Break function • Set the console terminal baud rate • Load operating software from ROM • Enable booting from a TFTP server

  11. Changing the Configuration Register Router(config)#config-register 0x0101 Router(config)#^Z Router#sh ver [output cut] Configuration register is 0x2102 (will be 0x0101 at next reload) Disable Break 0x01xx Boot From Rom 0x0101

  12. Recovering Passwords Step #1: Boot the router & interrupt the boot sequence by performing a break Step #2: Change the configuration register to turn on bit 6 (0x2142) ignore NVRAM Step #3: Reload the router Step #4: Enter the privileged mode Step #5: Copy the startup-config to running-config Step #6: Change the password Step #7: Reset the configuration register to the default value Step #8: Reload the router

  13. Recovering Passwords Step #1: Boot the router & interrupt the boot sequence by performing a break Warning: Windows NT’s default HyperTerminal program will not perform the break • How to Simulate a Break Key Sequence • Connect to the router with the following terminal settings: • 1200 baud rate • No parity • 8 data bits • 1 stop bit • No flow control • You will no longer be able to see any output on your screen. This is normal. • Reload the router and press the spacebar for 10-15 seconds. This generates a signal similar to the break sequence. • Disconnect your terminal and reconnect with a 9600 baud rate. You should now be in ROM Monitor mode; rommon>

  14. Recovering Passwords Step #2: Change the configuration register to turn on bit 6 (0x2142) rommon>confreg 0x2142 You must reset or power cycle for new config to take effect Step #3: Reload the router • Type reset • The router will reload & ask if you want to enter setup mode • Answer NO Step #4: Enter the privileged mode Router>enable Router#

  15. Recovering Passwords Step #5: Copy the startup-config to running-config Router#copy startup-config running-config Step #6: Change the password Router#config t Router(config)#enable secret cisco Step #7: Reset the configuration register to the default value Router(config)#config-register 0x2102 Step #8: Reload the router

  16. Configuration Tools • ClickStart • WEB based • Small Office / Home • CISCO 1700 and below • IOS 11.1 or above • ConfigMaker • Graphical interface • Small to Medium size networks • CISCO 800 – CISCO 4000 • Hubs. Modems, Routers, Switches, etc

  17. Backing up & Restoring the Cisco IOS • Before you upgrade….. • Copy the existing IOS to a TFTP host! • Verify Flash Memory Router#sh flash System flash directory: File Length Name/status 1 8121000 c2500-js-1.112-18.bin [8121064 bytes used, 8656152 available, 16777216 total] 16384K bytes of processor board System flash (Read ONLY) Router#

  18. F Image runs in Flash m Image runs in RAM R Image runs in ROM L Image will be relocated at run time Z Image is Zip compressed x Image is Mzip compressed w Image is "Stac" compressed IOS Image Naming

  19. Filename Explained c2500 Platform j Enterprise image s File contains extended capabilities l Indicates file may be moved, not compressed 120-8 Revision number .bin Executable binary file c2500-js-l_120-8.bin

  20. Backing up the Cisco IOS #1: Ensure you have good connectivity to the TFPT host Router#ping 192.168.0.120 #2: Copy the IOS from flash to the TFTP host Router#copy flash tftp • The TFTP host must have a default directory specified • You will be prompted ip-address

  21. Restoring or Upgrading the Cisco IOS #1: Ensure you have good connectivity to the TFTP host Router#ping 192.168.0.120 #2: Copy the IOS from the TFTP host to flash Router#copy tftp flash • The TFTP host must have a default directory specified • Copying the IOS from a TFTP host to flash requires a router reboot • Once TFTP is used – ip address will be remembered • You will prompted for source and destination file name • Another router can be tftp-server for system image

  22. Backing up the Configuration Step #1: Verify the Current Configuration Router#sh run Step #2: Verify the Stored Configuration Router#sh start • Verify available memory Step #3: Copy running-config to NVRAM Router#copy run start Router#sh start Step #4: Copy running-config to a TFTP host Router#copy run tftp • A second backup

  23. Restoring the Configuration • Used when… • You need to copy the startup-config to the running-config • Errors made in editing the running-config • Changes made at the TFTP host need to be copied to the running-config or startup-config Router#copy tftp run or Router#copy tftp start • NOTE: The configuration file is ASCII. Any text editor will enable changes • Erasing the Configuration Router#erase startup-config • NOTE: When the router reboots it will be in setup mode

  24. Using Cisco Discovery Protocol (CDP) • A Cisco proprietary protocol • Designed to collect information about directly attached & remote devices • Hardware information • Protocol information • Useful in troubleshooting & documenting the network

  25. Getting CDP Timers & Holdtime Information • Configuration • CDP Timer: How often CDP packets are transmitted to all active interfaces • CDP Holdtime: The amount of time that the device will hold packets received from neighbor devices Router#sh cdp Global CDP information Sending CDP packets every 60 seconds Sending a holdtime value of 180 seconds Router#config t Router(config)#cdp timer 90 Router(config)#cdp holdtime 240

  26. Getting Neighbor Information • Shows information about directly connected devices • CDP packets are not passed through a Cisco switch • Can only see what is directly attached Router#sh cdp nei or Router#sh cdp neighbor detail • Detailed information; hostname, IP address, etc

  27. sh cdp nei • Hostname of device directly attached • Local Interface – int you recv’d info on • Holdtime • Capability – router, bridge, switch, etc.. • Platform • Port ID – neighbors cdp broadcast port • sh cdp nei detail • Ip address • IOS version

  28. Getting Interface Traffic & Port Information • Interface Traffic Information: • CDP packets sent & received • Errors with CDP Router#sh cdp traffic • Port & Interface Information: • Encapsulation on the line • Timer & Holdtime for each interface Router#sh cdp interface

  29. CDP • no cdp run • Diasble cdp for the router • Enabling CDP on an interface - default • (config-if)# cdp enable • Disabling CDP on an interface • (config-if)# no cdp enable

  30. Using Telnet • A virtual terminal protocol • Part of the TCP/IP suite • Allows connections to remote devices • Gather information • Run programs NOTE: The VTY passwords must be set on the routers

  31. Setting VTY password: Router#config t Router(config)#line vty 0 4 Router(config)#login Router(config)#password cisco Router(config)#^Z Router#172.16.10.2 Trying 172.16.10.2 … Open User Access Verification Password: RouterB> Remember…. VTY password is the user mode (>) password - not the enable mode (#) password With no enable/enable secret password set, the following happens: RouterB>en % No password set RouterB> This equates to good security! Using Telnet

  32. Telnet Commands • Telnetting into Multiple Devices Ctrl+Shift+6 (release) X – returns to local control • Checking Telnet Connections Router#sh sessions • Return to Telnet sessionsession# enter enter • Checking Telnet Users Router#sh users • Closing Telnet Sessions RouterB>exit - remote device RouterB>disconnect session # – local device

  33. Resolving Hostnames • To use a hostname rather than an IP address to connect to a remote host a device must be able to translate the hostname to an IP address • Build a host table on each router • Build a Domain Name System (DNS) server

  34. Building a Host Table • Provides name resolution only on the router on which it is built [ip host name tcp_port_number ip_address] Router(config)#ip host RouterB 172.16.10.2 Router(config)#ip host switch 192.168.0.148 Router#sh hosts • Default TCP port number: 23 Router#RouterB RouterB#(Ctrl+Shift+6) (X) Router#switch • no ip host name • Remove a hostname entry

  35. Using DNS to Resolve Names • Used when you have many devices on your network • Making DNS work… • ip domain-lookup • Turned on by default • ip name-server ip-address • Sets the IP address of the DNS server (up to 6 ea.) • ip domain-name name • Appends the domain name to the hostname Ex: ip domain-name sau.eduping routerA translated toping routerA.sau.edu

  36. Checking Network Connectivity • Ping • Displays the minimum, average, & maximum times it takes for aping packet to find a spedified system + return Router#ping RouterB • Trace • Shows the path a packet takes to get to a remote device Router#trace RouterB

  37. Summary • Backed up a Cisco IOS to a TFTP server • Upgraded or restored a Cisco IOS from a TFTP server • Backed up and restored a Cisco router configuration using a TFTP server • Used the Cisco Discovery Protocol to gather information about neighbor devices • Created a host table on a router and resolve host names to IP addresses • Verified your IP host table • Used the OSI model to test IP

More Related