Geeks Documentation

Sunday, July 13, 2008

2 Speedy on 1 router

1. Ip address setting
/ip address
add address=192.168.0.254/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local comment="Link to Local Lan" disabled=no
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.255 interface=speedy1 comment="Link to Modem 1" disabled=no
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=speedy2 comment="Link to Modem 2" disabled=no

2. Manggle setting for NTH concept and packet mark
/ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=1,2,0 action=mark-connection new-connection-mark=link1 passthrough=yes comment="Mark Nth for link 1" disabled=no
add chain=prerouting in-interface=Local connection-mark=link1 action=mark-routing new-routing-mark=link1 passthrough=no comment="" disabled=no
add chain=prerouting in-interface=Local connection-state=new nth=1,2,1 action=mark-connection new-connection-mark=link2 passthrough=yes comment="Mark Nth for link 1" disabled=no
add chain=prerouting in-interface=Local connection-mark=link2 action=mark-routing new-routing-mark=link2 passthrough=no comment="" disabled=no

3. Nat tables for Link1 and link 2
/ip firewall nat
add chain=srcnat connection-mark=link1 action=src-nat to-addresses=192.168.1.2 to-ports=0-65535 comment="Masquee Nat Link 1" disabled=no
add chain=srcnat connection-mark=link2 action=src-nat to-addresses=192.168.2.2 to-ports=0-65535 comment="Masquee Nat Link 2" disabled=no

4. Ip routing for link 1 and 2
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 routing-mark=link1 comment="Link To modem1" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.2.2 scope=255 target-scope=10 routing-mark=link2 comment="Link To modem1" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.2.2 scope=255 target-scope=10 comment="Default routing" disabled=no <<-- this default routing  simple configuration load balancing.

Saturday, July 12, 2008

Back before it was purchased and renamed Compaq, a company called Digital Equipment Corporation (DEC) created the original version of Spanning Tree Protocol (STP) . The IEEE later created its own version of STP called 802.1D. All Cisco switches run the IEEE 802.1D version of STP, which isn’t compatible with the DEC version.

STP’s main task is to stop network loops from occurring on your layer 2 network (bridges or switches). It vigilantly monitors the network to find all links, making sure that no loops occur by shutting down any redundant links. STP uses the spanning-tree algorithm (STA) to first create a topology database, then search out and destroy redundant links. With STP running, frames will only be forwarded on the premium, STP-picked links. In the following sections, I am going to hit the nitty-gritty of the Spanning Tree Protocol.

Spanning Tree Terms

Before I get into describing the details of how STP works in the network, you need to understand some basic ideas and terms and how they relate within the layer 2 switched network:

STP

Spanning Tree Protocol (STP) is a bridge protocol that uses the STA to find redundant links dynamically and create a spanning-tree topology database. Bridges exchange BPDU messages with other bridges to detect loops, and then remove them by shutting down selected bridge interfaces.

Root bridge

The root bridge is the bridge with the best bridge ID. With STP, the key is for all the switches in the network to elect a root bridge that becomes the focal point in the network. All other decisions in the network—such as which port is to be blocked and which port is to be put in forwarding mode—are made from the perspective of this root bridge.

BPDU

All the switches exchange information to use in the selection of the root switch, as well as in subsequent configuration of the network. Each switch compares the parameters in the Bridge Protocol Data Unit (BPDU) that they send to one neighbor with the one that they receive from another neighbor.

Bridge ID The bridge ID is how STP keeps track of all the switches in the network. It is determined by a combination of the bridge priority (32,768 by default on all Cisco switches) and the base MAC address. The bridge with the lowest bridge ID becomes the root bridge in the network.

Nonroot bridge These are all bridges that are not the root bridge. Nonroot bridges exchange BPDUs with all bridges and update the STP topology database on all switches, preventing loops and providing a measure of defense against link failures.

Root port The root port is always the link directly connected to the root bridge, or the shortest path to the root bridge. If more than one link connects to the root bridge, then a port cost is determined by checking the bandwidth of each link. The lowest cost port becomes the root port. If multiple links have the same cost, the bridge with the lower advertising bridge ID is use. Since multiple links can be from the same device, the lowest port number will be used.

Designated port A port that has been determined as having the best (lower) cost—a designated port will be marked as a forwarding port.

Port cost Port cost determines when multiple links are used between two switches and none are root ports. The cost of a link is determined by the bandwidth of a link.

Nondesignated port Port with a higher cost than the designated port that will be put in blocking mode—a nondesignated port is not a forwarding port.

Forwarding port A forwarding port forwards frames.

Blocked port A blocked port is the port that will not forward frames, in order to prevent loops. However, a blocked port will always listen to frames.

Spanning Tree Operations

As I’ve said before, STP’s job is to find all links in the network and shut down any redundant ones, thereby preventing network loops from occurring. STP does this by first electing a root bridge that will preside over network topology decisions. Once all switches agree on who the root bridge is, every bridge must find the root port. If there are multiple links between switches, there must be one and only one designated port.

Things tend to go a lot more smoothly when you don’t have more than one person making a navigational decision, and so, there can only be one root bridge in any given network. I’ll discuss the root bridge election process more completely in the next section.

Selecting the Root Bridge

The bridge ID is used to elect the root bridge in the STP domain as well as to determine the root port. This ID is 8 bytes long, and includes both the priority and the MAC address of the device. The default priority on all devices running the IEEE STP version is 32,768.

To determine the root bridge, the priority of each bridge is combined with its MAC address. If two switches or bridges happen to have the same priority value, then the MAC address becomes the tie breaker for figuring out which one has the lowest (best) ID. It’s like this: If two switches— I’ll name them A and B—both use the default priority of 32,768, then the MAC address will be used instead. If Switch A’s MAC address is 0000.0c00.1111 and Switch B’s MAC address is 0000.0c00.2222, then Switch A would become the root bridge. Just remember that the lower value is the better one when it comes to electing a root bridge.

BPDUs are sent every 2 seconds, by default, out all active ports on a bridge/switch, and the bridge with the lowest (best) bridge ID is elected the root bridge. You can change the bridge’s ID by lowering its priority so that it will become a root bridge automatically. Being able to do that is important in a large switched network—it ensures that the best paths are chosen.

Note : Changing STP parameters is beyond the scope of this book, but it’s covered in CCNP: Building Cisco Multilayer Switched Networks

Selecting the Designated Port

If more than one link is connected to the root bridge, then port cost becomes the factor used to determine which port will be the root port. So, to determine the port that will be used to communicate with the root bridge, you must first figure out the path’s cost. The STP cost is an accumulated total path cost based on the available bandwidth of each of the links. Table 3.1 shows the typical costs associated with various Ethernet networks.

TABLE 3.1 Typical Costs of Different Ethernet Networks

The IEEE 802.1D specification has recently been revised to handle the new higher-speed links. The IEEE 802.1D specification assigns a default port cost value to each port based on bandwidth.

Spanning-Tree Port States

The ports on a bridge or switch running STP can transition through five different states:

Blocking A blocked port won’t forward frames; it just listens to BPDUs. The purpose of the blocking state is to prevent the use of looped paths. All ports are in blocking state by default when the switch is powered up.

Listening The port listens to BPDUs to make sure no loops occur on the network before passing data frames. A port in listening state prepares to forward data frames without populating the MAC address table.

Learning The switch port listens to BPDUs and learns all the paths in the switched network. A port in learning state populates the MAC address table but doesn’t forward data frames.

Forwarding The port sends and receives all data frames on the bridged port. If the port is still a designated or root port at the end of the Learning state, it enters this state.

Disabled A port in the disabled state (administratively) does not participate in the frame forwarding or STP. A port in the disabled state is virtually nonoperational.

Switch ports are most often in either the blocking or forwarding state. A forwarding port is one that has been determined to have the lowest (best) cost to the root bridge. But when and if the network experiences a topology change (because of a failed link or because someone adds in a new switch), you’ll find the ports on a switch in listening and learning state.

As I mentioned, blocking ports is a strategy for preventing network loops. Once a switch determines the best path to the root bridge, then all other ports will be in blocking mode. Blocked ports can still receive BPDUs—they just don’t send out any frames.

If a switch determines that a blocked port should now be the designated or root port because of a topology change, it will go into listening mode and check all BPDUs it receives to make sure that it won’t create a loop once the port goes to forwarding mode.

Convergence

Convergence occurs when all ports on bridges and switches have transitioned to either the forwarding or blocking modes. No data is forwarded until convergence is complete. Before data can be forwarded again, all devices must be updated. Convergence is important to make sure all devices have the same database, but it does cost you some time. It usually takes 50 seconds to go from blocking to forwarding mode, and I don’t recommend changing the default STP timers. (But you can adjust those timers if necessary.) Forward delay means the time it takes to transition a port from listening to learning mode or vice versa.

Spanning Tree Example

It’s time to begin using and not just reading about this stuff. It’s important to see how a spanning tree works in an internetwork, because it will really help you understand it better. So in this section, I’ll give you a chance to observe what you’ve learned as it takes place in a live network.

In Figure 3.1, you can assume that all five switches have the same priority of 32,768. But now study the MAC address of each switch. By looking at the priority and MAC addresses of each device, you should be able to determine the root bridge:

Once you’ve established which switch has got to be the root bridge, look at the figure again and try to figure out which is the root port on each of the switches. (Hint: Root ports are always forwarding ports, which means they will always be in forwarding mode.) Okay, next try to establish which of the ports will be in blocking mode.

FIGURE 3.1 Spanning tree example

Figure .3.2 has the answers for each of the port states for each switch. Since Switch A has the lowest MAC address, and all five switches use the default priority, Switch A gets to be the root bridge. And remember this: A root bridge always has every port in forwarding mode (designated ports).

To determine the root ports on Switch B and Switch C, just follow the connection to the root bridge. Each direct connection to the root bridge will be a root port, so it will become forwarding. On Switches D and E, the ports connected to Switches B and C are Switches D and E’s closest ports to the root bridge (lowest cost), so those ports are root ports and in forwarding mode.

Take another look at the Figure 3.2. Can you tell which of the ports between Switch D and E must be shut down so a network loop doesn’t occur? Let’s work it out: Since the connection from Switches D and E to Switches B and C are root ports, those can’t be shut down. Next, the bridge ID is used to determine designated and nondesignated ports; so, because Switch D has the lowest (best) bridge ID, Switch E’s port to Switch D will become nondesignated (blocking), and Switch D’s connection to Switch E will be designated (forwarding).

FIGURE 3.2 Spanning tree example answers

When should I worry about spanning tree?

Bob, a Senior Network Administrator at Acme Corporation in San Francisco, is concerned about all the new switches his bosses just asked him to install, which will bring the total number of switches in his network to 20. He is concerned about STP and isn’t sure if he should even think about it since it seems to work OK with the few switches he has installed. Bob calls you for advice. What should you tell Bob when he calls?

If you have fewer than six switches in your internetwork and no more than about 100 users in your network, you would usually just let STP do its job and not worry about it. Understand that each network may vary, but with Bob ending up with about 20 switches, he has to think about STP!

But if you have dozens of switches and hundreds of users in your network, then it’s time to pay attention to how STP is running. That’s because if you don’t set the root switch in this larger switched network, your STP may never converge between switches—a nasty situation that could bring your network down.

Setting the timers and root switch are covered in the CCNP: Building Cisco Multilayer Switched Networks

Spanning Tree Protocol (STP)

Spanning Tree Terms

Before I get into describing the details of how STP works in the network, you need to understand some basic ideas and terms and how they relate within the layer 2 switched network:

STP

Root bridge

BPDU

Designated port A port that has been determined as having the best (lower) cost—a designated port will be marked as a forwarding port.

Port cost Port cost determines when multiple links are used between two switches and none are root ports. The cost of a link is determined by the bandwidth of a link.

Nondesignated port Port with a higher cost than the designated port that will be put in blocking mode—a nondesignated port is not a forwarding port.

Forwarding port A forwarding port forwards frames.

Blocked port A blocked port is the port that will not forward frames, in order to prevent loops. However, a blocked port will always listen to frames.

Spanning Tree Operations

Selecting the Root Bridge

Note : Changing STP parameters is beyond the scope of this book, but it’s covered in CCNP: Building Cisco Multilayer Switched Networks

Selecting the Designated Port

TABLE 3.1 Typical Costs of Different Ethernet Networks

The IEEE 802.1D specification has recently been revised to handle the new higher-speed links. The IEEE 802.1D specification assigns a default port cost value to each port based on bandwidth.

Spanning-Tree Port States

The ports on a bridge or switch running STP can transition through five different states:

Learning The switch port listens to BPDUs and learns all the paths in the switched network. A port in learning state populates the MAC address table but doesn’t forward data frames.

Forwarding The port sends and receives all data frames on the bridged port. If the port is still a designated or root port at the end of the Learning state, it enters this state.

Disabled A port in the disabled state (administratively) does not participate in the frame forwarding or STP. A port in the disabled state is virtually nonoperational.

Convergence

Spanning Tree Example

FIGURE 3.1 Spanning tree example

FIGURE 3.2 Spanning tree example answers

When should I worry about spanning tree?

Setting the timers and root switch are covered in the CCNP: Building Cisco Multilayer Switched Networks

Encrypting Your Passwords (Continued)

Encrypting Your Passwords (Continued)

Because only the enable secret password is encrypted by default, you’ll need to manually configure the user-mode and enable passwords for encryption. Notice that you can see all the passwords except the enable secret when performing a show running-config on a router:

Router#sh running-config

[output cut]

enable secret 5 $1$rFbM$8.aXocHg6yHrM/zzeNkAT.

enable password Brain1

[output cut]

line con 0

password Brain1

login

line aux 0

password Brain

login

line vty 0 4

password Brain2

login

end

Router#

To manually encrypt your passwords, use the service password-encryption command. Here’s an example of how to do it:

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#service password-encryption

Router(config)#^Z

Router#sh run

Building configuration...

[output cut]

enable secret 5 $1$rFbM$8.aXocHg6yHrM/zzeNkAT.

enable password 7 0835434A0D

[output cut]

line con 0

password 7 111D160113

login

line aux 0

password 7 071B2E484A

login

line vty 0 4

password 7 0835434A0D

login

line vty 5 197

password 7 09463724B

login

end

Router#config t

Router(config)#no service password-encryption

Router(config)#^Z

There you have it! The passwords will now be encrypted. You just encrypt the passwords, perform a show run , and then turn off the command. You can see that the enable password and the line passwords are all encrypted.

Banners

A good reason for having a banner is to add a security notice to users dialing or telnetting into your internetwork. You can set a banner on a Cisco router so that when either a user logs into the router or an administrator telnets into the router, the banner will give them the information you want them to have. There are four different banners available that you need to be aware of:

Router(config)#banner ?

LINE c banner-text c, where 'c' is a delimiting

character

exec Set EXEC process creation banner

incoming Set incoming terminal line banner

login Set login banner

motd Set Message of the Day banner

Message of the day (MOTD) is the most extensively used banner. It gives a message to every person dialing into or connecting to the router via Telnet or auxiliary port, or through a console port as seen here:

Router(config)#banner motd ?

LINE c banner-text c, where 'c' is a delimiting character

Router(config)#banner motd #

Enter TEXT message. End with the character '#'.

$ Acme.com network, then you must disconnect immediately.

Router(config)#^Z

Router#

00:25:12 : %SYS-5-CONFIG_I: Configured from console by

console

Router#exit

Router con0 is now available

Press RETURN to get started.

If you are not authorized to be in Acme.com network, then you must disconnect immediately.

Router>

The preceding MOTD banner essentially tells anyone connecting to the router that if they’re not on the guest list, get lost! The part to understand is the delimiting character— the thing that’s used to tell the router when the message is done. You can use any character you want for it, but you can’t use the delimiting character in the message itself. Also, once the message is complete, press Enter, then the delimiting character, then Enter again. It’ll still work if you don’t do that, but if you have more than one banner, they’ll be combined as one message and put on a single line.

These are the other banners:

Exec banner You can configure a line-activation (exec) banner to be displayed when an EXEC process (such as a line-activation or incoming connection to a VTY line) is created. By simply starting a user exec session through a console port, you will activate the exec banner.

Incoming banner You can configure a banner to be displayed on terminals connected to reverse Telnet lines. This banner is useful for providing instructions to users who use reverse Telnet.

Login banner You can configure a login banner to be displayed on all connected terminals. This banner is displayed after the MOTD banner, but before the login prompts. The login banner can’t be disabled on a per-line basis, so to globally disable it, you’ve got to delete it with the no banner login command.

Router Interfaces Interface configuration is one of the most important router configurations, because without interfaces, a router is a totally useless thing. Plus, interface configurations must be exact to enable communication with other devices. Some of the configurations used to configure an interface are Network layer addresses, media type, bandwidth, and other administrator commands.

Different routers use different methods to choose the interfaces used on them. For instance, the following command shows a Cisco 2522 router with 10 serial interfaces, labeled 0 through 9:

Router(config)#int serial ?

<0-9> Serial interface number

Now it’s time to choose the interface you want to configure. Once you do that, you will be in interface configuration for that specific interface. The command to choose serial port 5, for example, would be:

Router(config)#int serial 5

Router(config)-if)#

The 2522 router has one Ethernet 10BaseT port, and typing interface ethernet 0 can configure that interface, as seen here:

Router(config)#int ethernet ?

<0-0> Ethernet interface number

Router(config)#int ethernet 0

Router(config-if)#

The 2500 router, as previously demonstrated, is a fixed configuration router, which means that when you buy that model, you’re stuck with that physical configuration. To configure an interface, you always use the interface type number sequence, but the 2600, 3600, 4000, and 7000 series routers use a physical slot in the router, with a port number on the module plugged into that slot. So on a 2600 router, the configuration would be interface type slot/port , as seen here:

Router(config)#int fastethernet ?

<0-1> FastEthernet interface number

Router(config)#int fastethernet 0

% Incomplete command.

Router(config)#int fastethernet 0?

Router(config)#int fastethernet 0/?

<0-1> FastEthernet interface number

And make note of the fact that you can’t just type int fastethernet 0 . You must type the full command: type slot/port , or int fastethernet 0/0 , or int fa 0/0 . To set the type of connector used, use the media-type command (this is usually auto-detected):

Router(config)#int fa 0/0

Router(config-if)#media-type ?

100BaseX Use RJ45 for -TX; SC FO for -FX

MII Use MII connector

In the following sections, I will continue with the router interface discussion, including how to bring up the interface and set an IP address on a router interface.

Bringing Up an Interface

You can turn an interface off with the interface command shutdown , and turn it on with the no shutdown command. If an interface is shut down, it’ll display administratively down when using the show interfaces (sh int for short) command:

Router#sh int ethernet0

Ethernet0 is administratively down, line protocol is down

[output cut]

Another way to check an interface’s status is via the show running-config command. All interfaces are shut down by default. You can bring up the interface with the no shutdown command ( no shut for short):

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#int ethernet0

Router(config-if)#no shutdown

Router(config-if)#^Z

00:57:08 : %LINK-3-UPDOWN: Interface Ethernet0, changed

state to up

00:57:09 : %LINEPROTO-5-UPDOWN: Line protocol on Interface

Ethernet0, changed state to up

Router#sh int ethernet0

Ethernet0 is up, line protocol is up

[output cut]

Configuring an IP Address on an Interface

Even though you don’t have to use IP on your routers, it’s most often what people use. To configure IP addresses on an interface, use the ip address command from interface configuration mode:

Router(config)#int e0

Router(config-if)#ip address 172.16.10.2 255.255.255.0

Router(config-if)#no shut

Don’t forget to turn on an interface with the no shutdown command. Remember to look at the command show interface e0 to see if it’s administratively shut down or not. Show running-config will also give you this information. If you want to add a second subnet address to an interface, you have to use the secondary parameter. If you type another IP address and press Enter, it will replace the existing IP address and mask. This is definitely a most excellent feature of the Cisco IOS. So, let’s try it. To add a secondary IP address, just use the secondary parameter:

Router(config-if)#ip address 172.16.20.2 255.255.255.0

secondary

Router(config-if)#^Z

You can verify that both addresses are configured on the interface with the show runningconfig command ( sh run for short):

Router#sh run

Building configuration...

Current configuration:

[output cut]

interface Ethernet0

ip address 172.16.20.2 255.255.255.0 secondary

ip address 172.16.10.2 255.255.255.0

I really wouldn’t recommend having multiple IP addresses on an interface because it’s inefficient, but I showed you anyway just in case you someday find yourself dealing with an MIS manager who’s in love with really bad network design and makes you administer it! And who knows? Maybe someone will ask you about it some day and you’ll get to seem really smart because you know!

Serial Interface Commands

Before you jump in and configure a serial interface, there are a couple of things you need to know. First, the interface will usually be attached to a CSU/DSU type of device that provides clocking for the line to the router. But if you have a back-to-back configuration (for example, one that’s used in a lab environment), one end—the data communication equipment (DCE) end of the cable—must provide clocking. By default, Cisco routers are all data terminal equipment (DTE) devices, so you must tell an interface to provide clocking if you need it to act like a DCE device.

You configure a DCE serial interface with the clock rate command:

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#int s0

Router(config-if)#clock rate ?

Speed (bits per second)

1200

2400

4800

9600

19200

38400

56000

64000

72000

125000

148000

250000

500000

800000

1000000

1300000

2000000

4000000

<300-4000000> Choose clockrate from list above

Router(config-if)#clock rate 64000

%Error: This command applies only to DCE interfaces

Router(config-if)#int s1

Router(config-if)#clock rate 64000

It doesn’t hurt anything to try to put a clock rate on an interface. Notice that the clock rate command is in bits per second. You can see if a router’s serial interface has a DCE cable connected with the show controllers int command.

Router>sh controllers s 0

HD unit 0, idb = 0x297DE8, driver structure at 0x29F3A0

buffer size 1524 HD unit 0, V.35 DCE cable

The next command you need to get acquainted with is the bandwidth command. Every Cisco router ships with a default serial link bandwidth of T-1 (1.544Mbps). But this has nothing to do with how data is transferred over a link. The bandwidth of a serial link is used by routing protocols such as IGRP, EIGRP, and OSPF to calculate the best cost (path) to a remote network. So if you’re using RIP routing, then the bandwidth setting of a serial link is irrelevant, since RIP uses only hop count to determine that. (Routing protocols and metrics are discussed in Next Chapter) .Here is an example of using the bandwidth command:

Router(config-if)#bandwidth ?

<1-10000000> Bandwidth in kilobits

Router(config-if)#bandwidth 64

Did you notice that, unlike the clock rate command, the bandwidth command is configured in kilobits?

Hostnames

You can set the identity of the router with the hostname command. This is only locally significant, which means it has no bearing on how the router performs name lookups or how the router works on the internetwork. Here is an example:

Router#config t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname Brain

Brain(config)#hostname Brainmatics

Brainmatics(config)#

Even though it’s pretty tempting to configure the hostname after your own name, it’s a better idea to name the router something pertinent to the location.

Descriptions

Setting descriptions on an interface is helpful to the administrator and, like the hostname, only locally significant. The description command is a helpful command because you can, for instance, use it to keep track of circuit numbers. Here is an example:

Brainmatics (config)#int e0

Brainmatics (config-if)#description Sales Lan

Brainmatics (config-if)#int s0

Brainmatics (config-if)#desc Wan to Miami circuit:6fdda4321

You can view the description of an interface either with the show running-config command or the show interface command:

Brainmatics #sh run

[cut]

interface Ethernet0

description Sales Lan

ip address 172.16.10.30 255.255.255.0

no ip directed-broadcast

interface Serial0

description Wan to Miami circuit:6fdda4321

no ip address

no ip directed-broadcast

no ip mroute-cache

Brainmatics #sh int e0

Ethernet0 is up, line protocol is up

Hardware is Lance, address is 0010.7be8.25db (bia

0010.7be8.25db)

Description: Sales Lan

[output cut]

Brainmatics #sh int s0

Serial0 is up, line protocol is up

Hardware is HD64570

Description: Wan to Miami circuit:6fdda4321

[output cut]

Brainmatics #

Description: The Helpful Command Bob, a Senior Network Administrator at Acme Corporation in San Francisco, has over 50 WAN

links to various branches throughout the U.S. and Canada. Whenever an interface goes down,

Bob spends a lot of time trying to figure out the circuit number as well as the phone number

of the responsible provider of the WAN link.

The interface description command would be very helpful to Bob because not only can he use

this command on his LAN links so he knows where every router interface is connected to, but

he would benefit the most by adding circuit numbers to each and every WAN interface, as well

as the phone number of the responsible provider.

By spending the few hours it would take to add this information to each and every router interface,

Bob can save a lot of precious time when his WAN links go down (and they will!), and time

is of the essence.

Viewing and Saving Configurations

If you run through setup mode, you’ll be asked if you want to use the configuration you just created. If you say Yes, then it will copy the configuration running in DRAM, (known as the running-config), into NVRAM, and name the file startup-config . You can manually save the file from DRAM to NVRAM by using the copy runningconfig startup-config command (you can use the shortcut copy run start also:

Brainmatics #copy run start

Destination filename [startup-config]?[Enter]

Warning: Attempting to overwrite an NVRAM configuration

previously written by a different version of the system

image.

Overwrite the previous NVRAM configuration?[confirm][Enter]

Building configuration...

Notice that the message we received tells us we’re trying to write over the older startupconfig. The IOS had just been upgraded to version 12.2, and the last time the file was saved, 11.3 was running. Sometimes, when you see a question with an answer in [ ] , it means that if you just press Enter, you’re choosing the default answer.

Also, when the command asked for the destination filename, the default answer was startupconfig. The “feature” aspect of this command output is that you can’t even type anything else in or you’ll get an error, as seen here:

Brainmatics #copy run start

Destination filename [startup-config]?brain

%Error opening nvram:Brain (No such file or directory)

Brainmatics #

You can view the files by typing show running-config or show startup-config from privileged mode. The sh run command, which is a shortcut for show running-config , tells us that we are viewing the current configuration:

Brainmatics #sh run

Building configuration...

Current configuration:

version 12.0

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

hostname Brainmatics

ip subnet-zero

frame-relay switching

[output cut]

The sh start command —one of the shortcuts for the show startup-config command— shows us the configuration that will be used the next time the router is reloaded. It also tells us how much NVRAM is being used to store the startup-config file. Here is an example:

Brainmatics #sh start

Using 4850 out of 32762 bytes

version 12.0

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

hostname Brainmatics

ip subnet-zero

frame-relay switching

[output cut]

You can delete the startup-config file by using the erase startup-config command, after which you’ll receive an error if you ever try to view the startup-config file:

Brainmatics #erase startup-config

Erasing the nvram filesystem will remove all files!

Continue? [confirm] [Enter]

[OK]

Erase of nvram: complete

Brainmatics #sh start

%% Non-volatile configuration memory is not present

Brainmatics #reload

If you reload or power down and up the router after using the erase startup-config command, you’ll be offered setup mode because there’s no configuration saved in NVRAM. You can press Ctrl+C to exit setup mode at any time (the reload command can only be used from privileged mode).

At this point, you shouldn’t use setup mode to configure your router. Setup mode was designed to help people who do not know how to use the Cash Line Interface (CLI), and this no longer applies to you!

Verifying Your Configuration

Obviously, show running-config would be the best way to verify your configuration, and show startup-config would be the best way to verify the configuration that’ll be used the next time the router is reloaded—right?

Well, once you take a look at the running-config, if all appears well, you can verify your configuration with utilities such as Ping and Telnet. Ping is Packet Internet Groper, a program that uses ICMP echo requests and replies. (ICMP is discussed in Chapter 2, “Internet Protocols.”) Ping sends a packet to a remote host, and if that host responds, you know that the host is alive. But you don’t know if it’s alive and also well —just because you can ping an NT server does not mean you can log in! Even so, Ping is an awesome starting point for troubleshooting an internetwork. Did you know that you can ping with different protocols? You can, and you can test this by typing ping ? at either the router user-mode or privileged mode prompt:

Router#ping ?

WORD Ping destination address or hostname

appletalk Appletalk echo

decnet DECnet echo

ip IP echo

ipx Novell/IPX echo

srb srb echo

If you want to find a neighbor’s Network layer address, either you need to go to the router or switch itself, or you can type show cdp entry * protocol to get the Network layer addresses you need for pinging. (Cisco Discovery Protocol [CDP] is covered in Chapter 9.) Traceroute uses ICMP with IP Time To Live (TTL) timeouts to track the path a packet takes through an internetwork, in contrast to Ping, which just finds the host and responds. And Traceroute can also be used with multiple protocols.

Router#traceroute ?

WORD Trace route to destination address or hostname

appletalk AppleTalk Trace

clns ISO CLNS Trace

ip IP Trace

oldvines Vines Trace (Cisco)

vines Vines Trace (Banyan)

Telnet is the best tool since it uses IP at the Network layer and TCP at the Transport layer to create a session with a remote host. If you can telnet into a device, your IP connectivity just has to be good. You can only telnet to devices that use IP addresses, and you can use Windows hosts or router prompts to telnet to a remote device:

Router#telnet ?

WORD IP address or hostname of a remote system

From the router prompt, you just type a hostname or IP address and it will assume you want to telnet—you don’t need to type the actual command, telnet . In the following sections, I am going to show you how to verify the interface statistics.

Verifying with the show interface Command

Another way to verify your configuration is by typing show interface commands, the first of which is show interface ? . That will reveal all the available interfaces to configure. The following output is from my 2600 routers:

Router#sh int ?

Async Async interface

BVI Bridge-Group Virtual Interface

CTunnel CTunnel interface

Dialer Dialer interface

FastEthernet FastEthernet IEEE 802.3

Loopback Loopback interface

MFR Multilink Frame Relay bundle interface

Multilink Multilink-group interface

Null Null interface

Serial Serial

Tunnel Tunnel interface

Vif PGM Multicast Host interface

Virtual-Template Virtual Template interface

Virtual-TokenRing Virtual TokenRing

accounting Show interface accounting

crb Show interface routing/bridging info

dampening Show interface dampening info

description Show interface description

irb Show interface routing/bridging info

mac-accounting Show interface MAC accounting info

mpls-exp Show interface MPLS experimental accounting info

precedence Show interface precedence accounting info

rate-limit Show interface rate-limit info

summary Show interface summary

switching Show interface switching

| Output modifiers

The only “real” physical interfaces are FastEthernet, Serial, and async; the rest are all logical interfaces. In addition, the newer IOS shows the “possible” show commands that can be used to verify your router interfaces—a very new feature from Cisco. The next command is show interface fastethernet 0/0 . It reveals to us the hardware address, logical address, and encapsulation method, as well as statistics on collisions, as seen here:

Router#sh int fastethernet 0/0

FastEthernet0/0 is up, line protocol is up

Hardware is AmdFE, address is 00b0.6483.2320 (bia 00b0.6483.2320)

Description: connection to LAN 40

Internet address is 192.168.1.33/27

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 100Mb/s, 100BaseTX/FX

ARP type: ARPA, ARP Timeout 04: 00:00

Last input never, output 00:00:04, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 watchdog

0 input packets with dribble condition detected

84639 packets output, 8551135 bytes, 0 underruns

0 output errors, 0 collisions, 16 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

The most important statistic of the show interface command is the output of the line and

data-link protocol status.

If the output reveals that FastEthernet 0/0 is up and the line protocol is up, then the interface

is up and running:

Router#sh int fa0/0

FastEthernet0/0 is up, line protocol is up

The first parameter refers to the Physical layer, and it’s up when it receives carrier detect. The

second parameter refers to the Data Link layer, and it looks for keepalives from the connecting

end. (Keepalives are used between devices to make sure connectivity has not dropped.)

Here is an example:

Router#sh int s0/0

Serial0/0 is up, line protocol is down

If you see the line is up but the protocol is down, as shown above, you are experiencing a

clocking (keepalive) or framing problem. Check the keepalives on both ends to make sure that

they match, the clock rate is set, if needed, and the encapsulation type is the same on both ends.

The output above would be considered a Data Link layer problem.

Router#sh int s0/0

Serial0/0 is down, line protocol is down

If you discover that both the line interface and the protocol are down, it’s a cable or interface problem. The output above would be considered a Physical layer problem. If one end is administratively shut down (as shown next), the remote end would present as down and down:

Router#sh int s0/0

Serial0/0 is administratively down, line protocol is down

To enable the interface, use the command no shutdown from interface configuration mode. The next show interface serial 0/0 command demonstrates the serial line and the maximum transmission unit (MTU)—1500 bytes by default. It also shows the default bandwidth (BW) on all Cisco serial links: 1.544Kbps. This is used to determine the bandwidth of the line for routing protocols such as IGRP, EIGRP, and OSPF. Another important configuration to notice is the keepalive, which is 10 seconds by default. Each router sends a keepalive message to its neighbor every 10 seconds, and if both routers aren’t configured for the same keepalive time, it won’t work. You can clear the counters on the interface by typing the command clear counters :

Router#sh int s0/0

Serial0/0 is up, line protocol is up

Hardware is HD64570

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation HDLC, loopback not set, keepalive set

(10 sec)

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored,

0 abort

0 packets output, 0 bytes, 0 underruns

0 output errors, 0 collisions, 16 interface resets

0 output buffer failures, 0 output buffers swapped out

0 carrier transitions

DCD=down DSR=down DTR=down RTS=down CTS=down

Router#clear counters ?

Async Async interface

BVI Bridge-Group Virtual Interface

CTunnel CTunnel interface

Dialer Dialer interface

FastEthernet FastEthernet IEEE 802.3

Group-Async Async Group interface

Line Terminal line

Loopback Loopback interface

MFR Multilink Frame Relay bundle interface

Multilink Multilink-group interface

Null Null interface

Serial Serial

Tunnel Tunnel interface

Vif PGM Multicast Host interface

Virtual-Template Virtual Template interface

Virtual-TokenRing Virtual TokenRing

Router#clear counters s0/0

Clear "show interface" counters on this interface

[confirm][Enter]

Router#

00:17:35 : %CLEAR-5-COUNTERS: Clear counter on interface

Serial0 by console

Router#

Verifying with the show ip interface Command

The show ip interface command will provide you with information regarding the layer 3 configurations of a router’s interfaces:

Router#sh ip interface

FastEthernet0/0 is up, line protocol is up

Internet address is 1.1.1.1/24

Broadcast address is 255.255.255.255

Address determined by setup command

MTU is 1500 bytes

Helper address is not set

Directed broadcast forwarding is disabled

Outgoing access list is not set

Inbound access list is not set

Proxy ARP is enabled

Security level is default

Split horizon is enabled

[output cut]

The status of the interface, the IP address and mask, information on whether an access list is set on the interface, and basic IP information are included in this output.

Using the show ip interface brief Command

The show ip interface brief command is probably one of the most helpful commands that you can ever use on a Cisco router. This command provides a quick overview of the router’s interfaces including the logical address and status:

Router#sh ip int brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 192.168.1.33 YES manual up up

FastEthernet0/1 10.3.1.88 YES manual up up

Serial0/0 10.1.1.1 YES manual up up

Serial0/1 unassigned YES NVRAM administratively down down

Using the show controllers Command

The show controllers command displays information about the physical interface itself. It’ll also give you the type of serial cable plugged into a serial port. Usually, this will only be a DTE cable that plugs into a type of data service unit (DSU).

Router#sh controllers serial 0/0

HD unit 0, idb = 0x1229E4, driver structure at 0x127E70

buffer size 1524 HD unit 0, V.35 DTE cable

cpb = 0xE2, eda = 0x4140, cda = 0x4000

Router#sh controllers serial 0/1

HD unit 1, idb = 0x12C174, driver structure at 0x131600

buffer size 1524 HD unit 1, V.35 DCE cable

cpb = 0xE3, eda = 0x2940, cda = 0x2800

Notice that serial 0/0 has a DTE cable, whereas the serial 0/1 connection has a DCE cable. Serial 0/1 would have to provide clocking with the clock rate command. Serial 0/0 would get its clocking from the DSU.

This was a fun chapter! I really showed you a lot about the Cisco IOS and I really hope you gained a lot of insight into the Cisco router world. This chapter started off by explaining the Cisco Internetwork Operating System (IOS) and how you can use the IOS to run and configure Cisco routers. You learned how to bring a router up and what setup mode does. Oh, and by the way, since you can now basically configure Cisco routers, you should never use setup mode, right? After I discussed how to connect to a router with a console and LAN connection, I covered the Cisco help features, and how to use the CLI to find commands and command parameters. In addition, I discussed some basic show commands to help you verify your configurations. Setting router passwords is one of the most important configurations you can perform on your routers. I showed you the five passwords to set. In addition, I used the hostname, interface description, and banners to help you administer your router. Well, that concludes your introduction to the Cisco Internetwork Operating System (IOS)! And, as usual, it’s super-important for you to have the basics that we went over in this chapter before you move on to the following chapters.

Simple Configuration for Voip With Cisco

FBI_CIA#sh run

Building configuration...

Current configuration : 2661 bytes

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

hostname FBI_CIA

boot-start-marker

boot-end-marker

enable secret 5 $1$7wh.$Swhg9iMImukpcSw.7sOK51

no aaa new-model

resource policy

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

voice-card 2

ip cef

class-map match-any GOLD

match access-group name ms-sql-traffic

class-map match-any VoipData

match access-group name VoipData

class-map match-any VoipControl

match access-group name VoipControl

policy-map PACKAGE2fordial

class GOLD

bandwidth percent 40

random-detect

set precedence 2

class class-default

fair-queue

random-detect

set precedence 0

policy-map PACKAGE2

class VoipData

set precedence 5

priority percent 25

class VoipControl

bandwidth percent 5

random-detect

set precedence 3

class GOLD

bandwidth percent 40

random-detect

set precedence 2

class class-default

fair-queue

random-detect

set precedence 0

policy-map Reset-VPN-Package2

class VoipData

set precedence 5

class VoipControl

set precedence 3

class GOLD

set precedence 2

interface Loopback0

description IP Loopback untuk Voice

ip address 192.XXX.XXX.31 255.255.255.255

interface FastEthernet0/0

ip address 192.168.215.1 255.255.255.128

speed auto

interface Serial1/0

ip address 172.xxx.xxx.126 255.255.255.252

ip route 0.0.0.0 0.0.0.0 172.17.150.125

no ip http server

no ip http secure-server

control-plane

voice-port 2/0

voice-port 2/1

dial-peer voice 75100 pots

destination-pattern 75100

port 2/0

dial-peer voice 75101 pots

destination-pattern 75101

port 2/1

dial-peer voice 293 voip

description Koneksi Voice Ke Padang

destination-pattern 293

session target ipv4:192.XXX.253.27

dtmf-relay cisco-rtp

ip qos dscp cs5 media

ip qos dscp cs3 signaling

no vad

dial-peer voice 765 voip

description Koneksi Voice ke Solok

destination-pattern 765

session target ipv4:192.XXX.253.30

dtmf-relay cisco-rtp

ip qos dscp cs5 media

ip qos dscp cs3 signaling

no vad

dial-peer voice 623 voip

description Koneksi Voice ke Bukittingi

destination-pattern 623

session target ipv4:192.XXX.253.22

dtmf-relay cisco-rtp

ip qos dscp cs5 media

ip qos dscp cs3 signaling

no vad

dial-peer voice 361 voip

description Koneksi voice ke Painan

destination-pattern 361

session target ipv4:192.XXX.XXX.18

dtmf-relay cisco-rtp

ip qos dscp cs5 media

ip qos dscp cs3 signaling

no vad

line con 0

password cilubak

line aux 0

line vty 0 4

password cilubak

end

FBI_CIA#

Cisco Password Recovery 2600

This section provides an example of the password recovery procedure. This example was created with a Cisco 2600 Series Router.
Even if you do not use a Cisco 2600 Series Router, this output provides an example of what you should experience on your product.

Router>enable
Password:
Password:
Password:
% Bad secrets

Router>show version
Cisco Internetwork Operating System Software
IOS ™ C2600 Software (C2600-IS-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 07-Dec-99 02:21 by phanguye
Image text-base: 0×80008088, data-base: 0×80C524F8

ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

Router uptime is 3 minutes
System returned to ROM by abort at PC 0×802D0B60
System image file is “flash:c2600-is-mz.120-7.T”

cisco 2611 (MPC860) processor (revision 0×202) with 26624K/6144K bytes of memory.
Processor board ID JAB031202NK (3878188963)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
2 Ethernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash partition 1 (Read/Write)
8192K bytes of processor board System flash partition 2 (Read/Write)

Configuration register is 0×2102

Router>

!— The router was just powercycled, and during bootup a
!— break sequence was sent to the router.
!

*** System received an abort due to Break Key ***

signal= 0×3, code= 0×500, context= 0×813ac158
PC = 0×802d0b60, Vector = 0×500, SP = 0×80006030
rommon 1 > confreg 0×2142

You must reset or power cycle for new config to take effect

rommon 2 > reset

System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
Copyright (c) 1999 by cisco Systems, Inc.
TAC:Home:SW:IOS:Specials for info
C2600 platform with 32768 Kbytes of main memory
program load complete, entry point: 0×80008000, size: 0×6fdb4c

Self decompressing the image : ###############################
##############################################################
##############################################################
##############################################################
############################### [OK]
Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco Internetwork Operating System Software
IOS ™ C2600 Software (C2600-IS-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 07-Dec-99 02:21 by phanguye
Image text-base: 0×80008088, data-base: 0×80C524F8

Would you like to enter the initial configuration dialog? [yes/no]: n

Press RETURN to get started!

00:00:19: %LINK-3-UPDOWN: Interface BRI0/0, changed state to up
00:00:19: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
00:00:19: %LINK-3-UPDOWN: Interface Ethernet0/1, changed state to up
00:00:19: %LINK-3-UPDOWN: Interface Serial0/0, changed state to down
00:00:19: %LINK-3-UPDOWN: Interface Serial0/1, changed state to down
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0,
changed state to down
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0,
changed state to up
Router>
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/1,
changed state to up
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0,
changed state to down
00:00:20: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1,
changed state to down
00:00:50: %SYS-5-RESTART: System restarted –
Cisco Internetwork Operating System Software
IOS ™ C2600 Software (C2600-IS-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 07-Dec-99 02:21 by phanguye
00:00:50: %LINK-5-CHANGED: Interface BRI0/0,
changed state to administratively down
00:00:52: %LINK-5-CHANGED: Interface Ethernet0/0,
changed state to administratively down
00:00:52: %LINK-5-CHANGED: Interface Serial0/0,
changed state to administratively down
00:00:52: %LINK-5-CHANGED: Interface Ethernet0/1,
changed state to administratively down
00:00:52: %LINK-5-CHANGED: Interface Serial0/1,
changed state to administratively down
00:00:53: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0,
changed state to down
00:00:53: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/1,
changed state to down
Router>
Router>enable
Router#copy startup-config running-config
Destination filename [running-config]?
1324 bytes copied in 2.35 secs (662 bytes/sec)
Router#
00:01:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:1,
changed state to down
00:01:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:2,
changed state to down
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable secret <>
Router(config)#^Z
00:01:54: %SYS-5-CONFIG_I: Configured from console by console
Router#show ip interface brief

Interface IP-Address OK? Method Status Protocol
Ethernet0/0 10.200.40.37 YES TFTP administratively down down
Serial0/0 unassigned YES TFTP administratively down down
BRI0/0 193.251.121.157 YES unset administratively down down
BRI0/0:1 unassigned YES unset administratively down down
BRI0/0:2 unassigned YES unset administratively down down
Ethernet0/1 unassigned YES TFTP administratively down down
Serial0/1 unassigned YES TFTP administratively down down
Loopback0 193.251.121.157 YES TFTP up up
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface Ethernet0/0
Router(config-if)#no shutdown
Router(config-if)#
00:02:14: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
00:02:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0,
changed state to up
Router(config-if)#interface BRI0/0
Router(config-if)#no shutdown
Router(config-if)#
00:02:26: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down
00:02:26: %LINK-3-UPDOWN: Interface BRI0/0:2, changed state to down
00:02:26: %LINK-3-UPDOWN: Interface BRI0/0, changed state to up
00:02:115964116991: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0/0,
TEI 68 changed to up
Router(config-if)#^Z
Router#
00:02:35: %SYS-5-CONFIG_I: Configured from console by console
Router#copy running-config startup-config
Destination filename [startup-config]?
Building configuration…
[OK]
Router#show version
Cisco Internetwork Operating System Software
IOS ™ C2600 Software (C2600-IS-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 07-Dec-99 02:21 by phanguye
Image text-base: 0×80008088, data-base: 0×80C524F8

ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

Router uptime is 3 minutes
System returned to ROM by abort at PC 0×802D0B60
System image file is “flash:c2600-is-mz.120-7.T”

cisco 2611 (MPC860) processor (revision 0×202)
with 26624K/6144K bytes of memory.
Processor board ID JAB031202NK (3878188963)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
Basic Rate ISDN software, Version 1.1.
2 Ethernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash partition 1 (Read/Write)
8192K bytes of processor board System flash partition 2 (Read/Write)

Configuration register is 0×2142

Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#config-register 0×2102
Router(config)#^Z
00:03:20: %SYS-5-CONFIG_I: Configured from console by console

Router#show version
Cisco Internetwork Operating System Software
IOS ™ C2600 Software (C2600-IS-M), Version 12.0(7)T, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 07-Dec-99 02:21 by phanguye
Image text-base: 0×80008088, data-base: 0×80C524F8

ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

Router uptime is 3 minutes
System returned to ROM by abort at PC 0×802D0B60
System image file is “flash:c2600-is-mz.120-7.T”

2 Ethernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash partition 1 (Read/Write)
8192K bytes of processor board System flash partition 2 (Read/Write)

Configuration register is 0×2142 (will be 0×2102 at next reload)

Router#