Router - Faculty - Genesee Community College
Download
Report
Transcript Router - Faculty - Genesee Community College
Chapter 11- Configuring
and Testing Your
Network
Modified by Profs. Chen and Cappellino
Objectives
Learning Objectives
Upon completion of this chapter, you
will be able to:
Define the role of the Internetwork
Operating System (IOS).
Define the purpose of a configuration
file.
Identify several classes of devices
that have the IOS embedded.
Identify the factors contributing to the
set of IOS commands available to a
device.
Identify the IOS modes of operation.
Identify the basic IOS commands.
Compare and contrast the basic
show commands.
Cisco IOS
Routers, switches and other Cisco devices cannot function
without an operating system.
The Cisco Internetwork Operating System (______) is the
________________________________________
Provides
the following services:
The
IOS operates differently depending on different devices, the
device's purpose and _________________
The IOS file itself is several megabytes in size and is stored in a
memory area called _________________.
____________ of flash memory are _______________________________
Using flash memory _____________________________________ to newer
versions or to have new features added.
The
_____________________________________________ and
runs from RAM when the device is operating.
The services provided by the Cisco IOS are accessed using
a command line interface (_____________).
Cisco IOS Access Methods: Console
3 ways to access the CLI:
The CLI can be accessed through a __________
__________, also known as the ____________
Console uses a low speed _______________ to
directly connect computer to console port on the
router or switch.
The ________________________________ that
provides _______________ to a router.
The
console port ________________________
________________________ on the device.
Console port used for the following:
The __________________ of the network device
__________________________ and when remote
access is not possible
_________________________ procedures
The console should be ___________________
_____________________ to prevent unauthorized
device access.
–Console
–Telnet or SSH
–AUX port
Console cont… Initial startup of Cisco routers
Router
Console port
Rollover cable
Terminal or a
PC with
terminal
emulation
software
Com1 or Com2 serial port
Take the following steps to connect a terminal to the console port on the router:
• Connect the terminal using a rollover cable with an RJ-45 to DB-9 adapter.
• Configure the terminal or PC terminal emulation software for 9600 baud, 8 data
bits, no parity, 1 stop bit, and no flow control.
Console cont… Initial startup of Cisco routers
=
Note: A console connection is not the same as
a network connection!
Cisco IOS Access Methods: Telnet and SSH
Telnet is a method for _____________
______________________________
Telnet
sessions _____________________ and at
least _______________________ configured with a
Layer 3 address
Host with a telnet client can access the ________
sessions on the Cisco device.
The IOS _____________________ that the Telnet
session use a _____________________
Secure Shell (________) protocol is a
_____________ method for __________
______________________
Remote login ______________ but more secure
Provides ____________________________ than
Telnet and uses ______________________ when
transporting session data.
Most newer versions of the IOS contain an SSH
server.
Unfortunately, SSH client software is by default, not
provided on client computer operating systems
Cisco IOS Access Methods: AUX
A way to establish a CLI session
__________________________
connection using a modem connected
to the router's ____________________
This
method also does ________________
___________________________ to be
configured or available on the device.
AUX port can also be used locally, like
the console port, with a direct
connection to a computer running a
terminal emulation program.
Only
used locally when there are problems
using the console port
The console port is required for the
configuration of the router and is the
preferred port for troubleshooting
Not all routers have an auxiliary port.
Configuration Files
Network devices depend on ___________________ for their
operation: __________________ and ________________
The
operating system facilitates the ___________________________
__________________________________
Configuration files contain the ______________________________
_____________________________________________
A Cisco network device contains ______ configuration files:
The
___________________________ - used during the __________
____________________________________
________________________, it is used to operate the device.
_____________ to the running configuration will ___________________________
of the Cisco device.
After making any changes, those changes should be saved back to the startupconfig file so that they will be available next time the device restarts.
The running configuration is _____________________________
The
______________________ - used as the ________ configuration
and is ________________________________________
_____________________ so it remains intact when the device is powered down
__________________ each time the router is started or reloaded.
________________ into RAM, the startup config is ________________________
configuration.
Graphic:
Relationship between NVRAM and RAM
Cisco IOS Modes
The Cisco IOS is an operating system which uses
_______________, each mode having its own
particular operation.
The
CLI uses a hierarchical structure for the modes.
In order from top to bottom, the major modes are:
____________________
mode
________________________ mode
______________________________ mode
_____________________ specific configuration modes
Each mode accomplishes particular tasks and has
specific commands that are available in that mode.
Each
mode uses a ________________________
For example, to configure a router interface, the user must
enter interface configuration mode.
All configurations that are entered in interface configuration mode
apply only to that interface.
Different authentication can be required for each
hierarchal mode.
Cisco IOS Modes cont…
Cisco IOS Modes: Command Prompts
When using the CLI, the mode is
_______________________
________ that is unique to that
mode.
The
word prompt is used because
the system is prompting you to
make an entry.
By default, every prompt ______
with the _______________
Following
the name, the remainder
of the prompt indicates the mode.
For example, the default prompt for
the global configuration mode on a
router would be:
Router(config)#
As commands are used and
modes are changed, the ______
__________________________
context.
1
Cisco IOS Modes: Primary Modes
Cisco IOS software separates the
EXEC sessions into two access
modes.
___________
Mode
Switch__ or
Router__
This mode is the first entrance into the CLI of the
router.
The user EXEC mode allows only a _________
_______________________
Often referred to as ____________________ since
___________ to the configuration are _________
Identified by the > symbol at the end of the prompt
By default, there is no authentication required but
for security sake should be used
IOS Modes: Primary Modes cont.
Privileged
EXEC Mode Switch____
or
Router_____
Also called “_____________”
Allows more commands to be executed.
Allows the ___________________________
____________________________
______________________________ in this mode
The privileged EXEC mode can be identified
by the prompt ending with the # symbol.
By default, does not require authentication but
it should be configured and used.
Global configuration mode and all other more
specific configuration modes can only be
reached from the privileged EXEC mode.
Moving between the User EXEC and
Privileged EXEC Modes
The _________________ commands are used to
_____________________ mode and ______________
mode.
In
order to access privileged EXEC mode, use enable
command.
Router>enable
Once
<Enter> is pressed, the router prompt changes to:
Router#
The # at the end of the prompt indicates that the router is
now in privileged EXEC mode.
If
password authentication has been configured for the
privileged EXEC mode, the IOS prompts for one:
Router>enable
Password:
Router#
The
disable command is used to return from the
privileged EXEC to the user EXEC mode.
For example:
Router#disable
Router>
Basic IOS Command Structure
Each IOS ______________________
___________________ and is executed
at the appropriate prompt.
The
commands are _________________.
Following the command are one or more
keywords and arguments.
For example:
Switch#show running-config
The command show is followed by the keyword
running-config which displays the runningconfiguration as output
Switch(config-if)#description
GCC Campus
Switch
The command is: description. The user defined
argument is GCC Campus Switch
Pressing the <Enter> key submits the
command
Note the command convention
used by Cisco…
Using CLI Help: Context-Sensitive Help
The context-sensitive ________
_________________________
and the arguments associated with
those commands within the context
of the current mode.
To
access, enter a question mark, __,
at any prompt.
No need to strike the <Enter> key.
Uses:
When
unsure of the name for a
command or want to see a
__________________________
Display a list of commands ________
_________________________
Determine which options, arguments
etc are matched with a specific
command
The IOS has several forms
of help available:
–Context-sensitive help
–Command Syntax Check
–Hot Keys and Shortcuts
Using CLI Help cont : Command Syntax Check
When a command is submitted by
pressing the <Enter> key, the command
line interpreter parses the command from
left to right to determine what action is
being requested.
If
the interpreter understands the command, the
requested action is executed.
if the interpreter cannot understand the command
being entered, it will provide feedback describing
what is wrong with the command.
There are ________ different types of
_____________________:
___________ command
Not enough characters to recognize the command
___________ command
Good start on the command, but needs more
argument
__________ command
Part or the whole command is wrong
Using CLI Help cont : Hot Keys and
Shortcuts
The CLI offers a
number of hot keys and
shortcuts make
configuring, monitoring
faster and easier.
There are a bunch
listed in the curriculum
You
should be aware of
them- you’ll find you
have some favorites…
IOS “Examination” Commands
Verify and troubleshoot network operation using
a variation of the examination command: show
How would you output a list of available show
commands?
IOS “Examination” Commands cont..
show interfaces
_____________________________ on the device.
To view the statistics for a specific interface, enter
the show interfaces command followed by the specific
interface slot/port number.
Router#show interfaces serial 0/1
show version
Displays
___________________________________
______________, along with hardware information.
Software Version - IOS software version (stored in flash)
Bootstrap Version - Bootstrap version (stored in Boot ROM)
Software image name - IOS filename stored in flash
Router Type and Processor type - Model number and processor type
Hardware Interfaces - Interfaces available on router
Configuration Register - Sets bootup specifications, console speed
setting, and related parameters.
ETC..
IOS “Examination” Commands cont..
show arp - Displays the ________ of the device.
show mac-address-table - (_______ only)
Displays the __________________
show startup-config - Displays the ________
______________ located in ____________.
show running-config - Displays the contents of
the ____________________ file or the
configuration for a specific interface, or map
class information.
show ip interfaces - Displays _____________
________________ on a router.
show
ip interface brief - This is useful to get a quick
summary of the interfaces and their operational state.
Commonly used
IOS Configuration Modes
Global Configuration Mode
AKA
___________ mode
Changes made in this mode _____
_____________________________
________________________
Use the following command to get
from privileged EXEC mode to the
global configuration mode:
Router#_______ __________
Once
the command is executed, the
prompt changes to show that the
router is in global configuration
mode.
Router(config)#
IOS Configuration Modes cont…
Specific Configuration Modes
There
are many different configuration
modes each of which configures a
particular function.
To exit a specific configuration mode
and return to global configuration
mode, enter ______ at a prompt.
To leave a specific configuration mode
and _________________________,
enter _____ or ___________
Best practice
After
a change has been made, save to
the running-config to startup-config to
prevent loss of changes
Router#copy running-config
startup-config
Devices Need Names
The hostname is seen in CLI prompt of each router
or switch
Router’s
factory-assigned default hostname "Router."
Switch’s factory-assigned default hostname, "Switch."
So as to avoid confusion, __________________
______________________ to each device following
company’s naming conventions such as:
Start
with a letter
End with a letter or digit
Have characters of only letters, digits, and dashes
Hostnames ______________________
Applying Names
Once the naming convention has been
identified, the next step is to apply the
names to the router using the CLI.
Router#configure
terminal
Router(config)#
Router(config)#hostname
AtlantaHQ
AtlantaHQ(config)#
Notice that the hostname appears in the
prompt.
To negate the effects of a command,
______________________________
__________________________
Example,
to remove the hostname of a
device, use:
AtlantaHQ(config)# no hostname
Router(config)#
Default hostname is back…
Limiting Device Access
– using Passwords
Passwords are the primary defense against unauthorized access to
network devices.The passwords which can be used are:
____________________ - limits access using the console connection
_____________________ - limits access to the ________________ mode
______________________
- ______________________, limits access to
the _______________________ mode
______________________ - limits device access using Telnet
As good practice, use ______________________________ for each
of these levels of access.
The use of easily guessed passwords is a security issue. Consider
these key points when choosing ___________________________
passwords:
Use
Use
passwords that are more than 8 characters in length.
a combination of upper and lowercase and/or numeric sequences in
passwords.
Avoid using the same password for all devices.
Avoid using common words which are easily guessed.
Note: In most of the labs, we will be using simple passwords such as
cisco or class.
These
weak passwords can be easily guessed and should not be used in a
production environment.
Limiting Device Access –
Console Password
The console port of a device must be
secured with a strong password.
The following are used to set a
password:
Switch(config)#line console 0
The zero is used to represent the first (and in most
cases only) console interface for a router.
Switch(config-line)#password password
password password specifies a password.
Switch(config-line)#__________
The login command configures the router
_______________________________
When login is enabled and a password set, there
will be a prompt to enter a password.
Once these three commands are executed, a
password prompt will appear each time a
user attempts to gain access to the console
port.
For security, when prompted for a password,
the ______________________________
___________________________________
Limiting Device Access –
Enable and Enable Secret Passwords
To provide additional security, use enable
password or _____________ command to
establish authentication before accessing
__________________ (enable) mode.
Best to use the enable secret command as it
uses encryption for more robust security
“enable password” command is older and is not
encrypted
The following commands are used to set the
passwords:
Router(config)#enable
Router(config)#enable
password password
secret password
If no enable password or enable secret
password is set, the _____________________
_____________________________________
Without
an enable password having been set,
attempting to use a Telnet session would trigger
the following message:
% No password set
Enable and Enable Secret Password example:
Limiting Device Access
– VTY Password
The vty lines allow access to a router
via Telnet.
By
default, Cisco devices generally support
______________________________
A password needs to be set ____________.
The same password _________ be set for
all connections or unique passwords can be
set for some or all lines
The following commands are used to
set a password:
Router(config)#line
vty 0 4
Router(config-line)#password password
Router(config-line)#_____________
By default, the IOS includes the “_____”
command on the VTY lines which
prevents Telnet access to the device
without first requiring authentication.
Encrypting Password Display
Another useful command
___________________________
___________________________
__________________________
This
is the __________________
________________ command.
This command causes the
encryption of passwords to occur
when a password is configured.
When viewing the configuration file, all
passwords will then be encrypted
Once
the encryption has been
applied, removing the encryption
service does not reverse the
encryption.
Limiting Device Access
– _______ Messages
Provides _______________________________
________________________________________
___________ into that device
Banners
can be an important part of the legal
process in the event that someone is prosecuted for
breaking into a device.
Some examples information to include in a
banner:
"Use
of the device is specifically for authorized
personnel."
"Legal action will be pursued for any unauthorized
use."
The IOS provides multiple types of banners. One
common banner is the message of the day
(__________________).
Configured in _________________
Requires the use of delimiters at the
beginning and
end of the message to identify the content of the
banner message.
Lines of text are entered to represent the banner
message.
Switch(config)#banner motd # message #
Note needed spaces
between message and
delimiting character
Managing Configuration Files
After making changes to a
configuration, consider 3 options:
1. Make the Changed
Configuration the New Startup
Configuration
Where
is the running configuration
stored?
Saving the ____________________
______________________________
________________________ as the
new startup configuration.
Be sure to verify changes before saving
Switch#
copy _____________
_______________________
Saves the changes to the config file
Managing Configuration Files cont..
2. Return the Device to Its Original Configuration
If
changes made to the running configuration do not
have the desired effect, it is necessary to restore the
previous configuration.
Assuming that we have not overwritten the startup configuration with the changes, we can
replace the running configuration with the startup configuration
_________________________________________
command.
When initiating a reload, a prompt will appear to ask
whether to save the changes made. To
___________________________
3. Removing All Configurations
If
undesired changes were saved to the
______________, this requires _____________
configuration and _______________________
Router# erase startup-config
Reloads the device to remove the current running
configuration file and blanks the router
Router#reload
System configuration has been
modified. Save? [yes/no]: n
Proceed with reload? [confirm]
*Apr 13 01:34:15.758: %SYS-5RELOAD: Reload requested by
console. Reload Reason:
Backing Up Configurations Offline
Configuration files should be stored as
backup files in the event of a problem.
Configuration
files can be stored in a safe
place on a Trivial File Transfer Protocol
(___________) server, a _____ memory
stick etc.
A configuration file should also be
___________________________
Backup Configuration on TFTP Server
Use
either the copy running-config tftp or
copy startup-config tftp command and
follow these steps:
1. Enter the copy running-config tftp command.
2. Enter the IP address of the host where the
configuration file will be stored.
3. Enter the name to assign to the configuration
file.
4. Answer yes to confirm each choice
Backup Configurations with Text Capture
(HyperTerminal)
Configuration files can be ____________
__________________ for later use.
When using _______________, follow
these steps:
1. On the Transfer menu, click Capture Text.
2. Choose the location.
3. Click Start to begin capturing text.
4. Once capture has been started, execute the
show running-config or show startupconfig command at the privileged EXEC
prompt. Text displayed in the terminal window
will be placed into the chosen file.
5. Stop the capture process
6. View the output to verify that it was not
corrupted.
Restoring Text Configurations
A configuration file can be copied from storage
to a device. When copied into the terminal, the
IOS executes each line of the configuration text
as a command.
_________________________________
to
ensure that encrypted passwords are in plain text
and that non-command text such as "--More--"
and IOS messages are removed.
At the CLI, the device must be set at the global
configuration mode to receive the commands
from the text file being copied.
When using HyperTerminal, the steps are:
1. Locate the file to be copied into the device and
open the text document.
2. Copy all of the text.
3. On the Edit menu, click paste to host.
The text in the file will be applied as commands
in the CLI and become the running configuration
on the device.
Remove
Configuring Interfaces on a router
Interface configuration is ____________________
So
far commands have been generic
Each interface on a router has its own unique IPv4
address.
The
address assigned to each interface exists in a
separate network devoted to the interconnection of
routers.
Configuring Interfaces:
Ethernet Interfaces
Router ____________________________
___________________________________
directly connected to the router.
Each
Ethernet interface must have an
______________________ to route IP packets.
To configure an Ethernet interface follow
these steps:
Router#config
t
Router(config)#interface FastEthernet 0/0
Router(config-if)#ip address ip_address
subnetmask
Router(config-if)#no shutdown
The “____________________” command enables
the Interface
By default, interfaces are disabled.
If an interface needs to be disabled for
maintenance or troubleshooting, use the shutdown
command.
Configuring Interfaces:
Serial Interfaces
_____________________________________
_____________________________
Each
connected serial interface must have an
__________________________________ to
route IP packets.
Configure the IP address with the commands:
Router#config t
Router(config)#interface Serial 0/0
Router(config-if)#ip address ip_address
subnetmask
Serial interfaces ____________________ to
control the timing of the communications.
In
most environments, a DCE device such as a
CSU/DSU will provide the clock.
By default, ________________________, but
they can be configured as DCE devices.
On serial links that are directly interconnected,
as in our lab environment, one side must
________________________________ signal:
Router(config-if)#clock rate 56000
Done on router’s side with DCE cable
Router(config-if)#no shutdown
* 56000 is clock rate value used in lab*
Configuring Interfaces: Description of an Interface
A ___________________________________
______________________ should be part of the
configuration of each interface.
The
interface description will appear in the output of
these commands: show startup-config, show
running-config, and show interfaces.
Example- description listing locations connected to int.
Interface F0/0 is connected to the mail switch in the admin building
To create- use the command _______________
___________________ and the description detail
HQ-switch1# configure terminal
HQ-switch1(config)#interface fa0/1
HQ-switch1(config-if)#description
switch in Building A
Connects to main
Configuring a Switch Interface
A LAN switch is an _____________ where
the ___________________ _____________
_________________________________
_____________________________________
___________________________________.
Switch interfaces (ports) are enabled by
default
Descriptions can be assigned
1
To be able to _____________________, an
________________________________
Switch then acts like a host device
Address for a switch is assigned to
a Virtual
LAN interface (VLAN)- usually __________
Enable this interface with no shutdown
command.
Like any other host, the ________________
__________________________ to
communicate outside of the local network.
Assign
the gateway with the ip default-gateway
command.
Only needed for the management traffic, but
not for the regular data frame forwarding.
Test The Stack: The Ping Command
Recall: What does Ping do?
Ping is used to _________________________________
When
troubleshooting, use an _______________________
starting with the ________________________ and then
________to the _________ and, finally, to __________________
By using the ping command in this ordered sequence, problems can
be isolated.
IOS Ping Indicators
A
ping from the IOS will yield to one of several indications for each
ICMP echo that was sent. The most common indicators are:
_____- indicates receipt of an ICMP echo reply- _____________
_ - indicates a _______ while waiting for a reply- issues/security block
____ - an ICMP ___________ message was received
Testing the Loopback- recall- What is the loopback?
As
a first step to verify the IP configuration on the local host.
C:\>ping 127.0.0.1
Test The Router Interface Assignment
Verifying the Router Interfaces
One
of the most used commands is show ip interface
brief
Provides a summary of the key information for all the interfaces
including the IP address, if any, assigned to each interface and
the operational status of the interface.
We will see an example on the following slide….notice…
The _____ in the ______ column shows it is __________________
The ______________________________ shows that the _______
______________________________
Testing Router Connectivity
Connectivity
of a router can also be tested with the ping
and traceroute commands.
Test The Router Interface graphic…
Test The Switch Interface Assignment
Verifying the Switch Interfaces
____________________
brief used to verify the switch
interfaces as well as router’s
Recall: the IP address for the switch is applied to a VLAN interface and
it’s status will also show
A ____________________________________________ to the
interface or the network interface of the devices that is connected is not
operational.
An interface is considered _________________________________
____________________________________
Testing Switch Connectivity
Like
other hosts, the switch can test its Layer 3
connectivity with the ping and traceroute commands.
Note the following important facts…
An
___________________________ for a switch to perform its job
of frame forwarding and
The ___________________ to communicate outside its local
network.
Test The Switch Interface graphic…
Test The Interface Assignment
So far we have talked about how
to test the router and the switch
The next step in the testing
sequence is to ______________
___________________________
_________________ and that the
NIC is ready to transmit signals
across the media.
Ping
the IP address of the host
device itself
If this test ______, it is likely that
there are __________________
___________________________
and may require reinstallation of
either or both.
Testing hosts on the Local Network
Successfully pinging remote hosts
verifies that __________________
______________________________
(* May not work in XP *)
Possible
failure messages include:
Destination Unreachable, .
Request Timed Out.- indicating that no
response was made to the ping attempt
Extended Ping (Entered at router
prompt)
Allows
ping to be customized with more
options for use in troubleshooting
Example:
Assigning longer timeout periods would
indicate a possible latency issue
Testing Gateway and Remote Connectivity
The next step in the testing sequence is
to use the ping command to _______
________________________ address.
Recall:
the ______________________
____________________ so communication
with the gateway is important
To discover the gateway IP address use the
ipconfig command at the command prompt
If the gateway test fails,
_______________________
ensure that
the proper address is being tested.
If all devices are configured properly, check
the _______________ to ensure that it is
secure and properly connected.
Testing Gateway and Remote Connectivity
Once verification of the local LAN and gateway is
complete, testing can proceed to ____________.
As seen in the graphic, verification tests should
begin within the local network and progress
outward to the remote devices.
First,
the ___________________ of the local
network gateway router.
Then, ___________________________________
Last, test the communication to the remote network
by _____________________________________
______________________
If you cannot ping at any point, first _________
_________________ using the show ip route
command
If there is no route to reach this network, you will
need to identify why the route does not existcheck for configuration issues.
NOTE: ping will not always help identify the cause
of a problem but can give direction in the
troubleshooting process.
Recall-
way
ping can be blocked at any point along the
1.
2.
3.
4.
#1-4 indicate ping
process…
Tracing and Interpreting Trace Results
The next step in the testing is to
____________________
returns
a list of hops as a packet is
routed through a network.
When performing the trace from
______________, use ___________.
When performing the trace from
__________ CLI, use ____________.
A trace command can show the
path of the last successful
communication and help isolate the
problem
Example--
C:\>tracert 10.1.0.2 from
the Windows cmd prompt
Example-- RouterA#traceroute
10.1.0.2 from the router’s CLI
Network Baselines
One of the most effective tools for monitoring and
troubleshooting network performance is to establish
a ____________________________
The
________________________________________
__________________________________
Consists of an _______________________________________
_____________________________
Measuring
performance at varying times and loads will
assist in creating a better picture of overall network
performance.
Baseline reports can consist of _______________
_____________________________________
To
To
obtain a list of MAC to IP address mapping, use arp
see a mapping of hosts on a switch, use the command:
#show mac-address-table
Network Baselines cont…
Run the _________________ _________ and save
the data each time.
An examination of the files will begin to reveal
______________ in network performance and
provide the baseline for future troubleshooting.
Note
issues such as reoccurring error messages, response
times from host to host etc
Data generated using either the computer prompt or
the router prompt can contribute to the baseline.
_____________________ is vitally
important and key!!