FIRST BOOT OF THE ROUTER & STORING ITS CONFIGURATION

Document Sample
FIRST BOOT OF THE ROUTER & STORING ITS CONFIGURATION Powered By Docstoc
					International Journal of Scientific Research Engineering &Technology (IJSRET)
Volume 1 Issue1 pp 008-0013 March 2012                                           www. ijsret.org ISSN 2278 - 0882


  FIRST BOOT OF THE ROUTER & STORING ITS CONFIGURATION
                                                   1
                                                   Gyan Prakash Pal
                         Faculty of Electronics & Communication Engineering Department,
                                   Shanti Institute of Technology, Meerut (India),
                                                     2
                                                       Sadhana Pal
                         Faculty of Electronics & Communication Engineering Department,
                     Vishveshwarya Institute of Engineering & Technology, Greater Noida (India)


Abstract: Communication devices have become one                  example) it will start in setup mode and it will ask if
of the most important instruments to stay in touch with          you want to enter the initial configuration dialog. If you
each other. Router is a most important device, used to           answer with No, you'll be taken to the command prompt
connect different networks together and route packets            and you'll be able to configure the router manually. If
of data from one network to another. So it’s really              you answer with Yes, you'll be taken through a list of
important to manage a router. If you are locked out of a         questions allowing you to configure the router e.g. set a
router because you forgot the password, this paper will          hostname and enable password and secret, configure
be helpful to re-inter the router. This paper also shows         routed and routing protocols, and assign addresses to
the main components of a router, the router boot                 interfaces. You can initiate this configuration dialog at
sequence and the configuration register, including how           any time by using the setup command.
to use the configuration register for password recovery.
After reading this paper, a new user will understand                     II. THE ROUTER BOOT SEQUENCE
how to bring up a router and how to crack its password,
after that save the running configuration as a backup for               When a router boots up, it performs a series of
future use.                                                      steps, called the boot sequence, which test the hardware
                                                                 and load the necessary software. The boot sequence
Keywords: Router, Configuration register, IOS, RAM,              consists of the following steps:
ROM, NVRAM and CLI commands.
                                                                       a)The router performs a POST. The POST tests the
                 I. INTRODUCTION                                         hardware to verify that all the components of the
                                                                         device are operational and present. For example,
A router boots similar to a regular computer as it first                 the POST checks for the different interfaces on
performs a power on self test (POST) for the hardware,                   the router. The POST is stored in and run from
next loads bootstrap code from ROM, loads the IOS                        ROM.
image from Flash into RAM and finally the router                       b) The bootstrap then looks for and loads the IOS
locates and loads a configuration file. You can reboot a                 software. The bootstrap is a program in ROM that
router by using the power switch or the reload                           is used to execute programs. The bootstrap
command.                                                                 program is responsible for finding where each
                                                                         IOS program is located and then loading the file.
The Internetwork Operating System (IOS) and                              By default, the IOS software is loaded from flash
configuration files reside in different locations in a                   memory in all routers. The default order of an
router. So it is very important to understand both where                 IOS loading in a router is Flash, TFTP server,
these files are located and how they work. The router                    then ROM.
configuration is stored in NVRAM. This is the place                    c)The IOS software looks for a valid configuration
where the router will search for a configuration file.                   file stored in NVRAM. This file is called startup-
Alternatively, you can configure the router to load a                    configuration. An administrator copies the
configuration file from a TFTP server. If the router                     running-configuration file into NVRAM as a
cannot locate a configuration file (on a new router for                  startup-configuration.


                                                       IJSRET @ 2012
International Journal of Scientific Research Engineering &Technology (IJSRET)
Volume 1 Issue1 pp 008-0013 March 2012                                        www. ijsret.org ISSN 2278 - 0882


   d) If a startup-configuration file found in                 14        0×4000       IP broadcasts do not have net
     NVRAM, the router will copy this file and place                                  numbers
     it in RAM and call the file running-configuration.        15        0×8000       Enable diagnostic message and
     Then the router will use this file to run the router.                            ignore NVRAM contents

   III. CONFIGURATION REGISTER                                 The boot field, which consists of bits 0-3 in the
                                                               configuration register, controls the router boot
   All Cisco routers have a 16-bit (2 bytes)                   sequence. Table 3 describes the boot field bits.
   configuration register that’s written into NVRAM.
   By default, the configuration register is set to load       Table 3: The Boot Field
   the Cisco IOS from flash memory and load the                Boot      Use
   startup- configuration file from NVRAM.                     Field
                                                               00        To boot in ROM monitor mode, set the
   The16-bit (2 bytes) of the configuration register is                  Configuration register to 2100
   read from 15 to 0, from left to right. The default          01        To boot an IOS image stored in ROM, set
   configuration setting on Cisco routers is 0×2102.                     the Configuration register to 2101
   This means that bits 13, 8 and 1 are on, as shown in        02-F      Any value from 2102 through 210F tells the
   Table 1. Notice that each set of 4 bits is read in                    router to use the boot commands specified in
   binary with a value of 8, 4, 2, 1.                                    NVRAM

Table 1: The Configuration Register Bit Number                              IV.CHECKING THE CURRENT
Configur                                                                     CONFIGURATION REGISTER
ation             2               1            0        2                            VALUE
Register
Bit        1 1 1 1 1 1 9 8 7 6 5 4 3 2 1 0                     To see the current value of the configuration   register,
number     5 4 3 2 1 0                                         use the show version command:
Binary     0 0 1 0 0 0 0 1 0 0 0 0 0 0 1 0
                                                                     Router# show version
                                                                     Cisco IOS Software, 2800 Software (C2800NM-
Note: The prefix 0× to the configuration register                    IPBASE-M), Version 12.3(14)T7, RELEASE
address means that the digits that follow are in                     SOFTWARE (fc2)
hexadecimal.                                                         ROM: System Bootstrap, Version 12.1(3r)T2,
Table 2 lists the configuration register bit meanings.               RELEASE SOFTWARE (fc1)
Notice that bit 6 can be used to ignore the NVRAM                    Copyright (c) 2000 by cisco Systems, Inc.
contents, so this bit is used for password recovery.
                                                                     System returned to ROM by power-on
Table 2: configuration register bit meanings                         System image file is "flash:c2800nm-ipbase-
Bit      Hex          Description                                    mz.123-14.T7.bin"
0-3      0×0000-      Boot field (see table 3)
         0×000F                                                      cisco 2811 (MPC860) processor (revision 0x200)
6        0×0040       Ignore NVRAM contents                          with 60416K/5120K bytes of memory
                                                                     Processor board ID JAD05190MTZ (4292891495)
7        0×0080       OEM bit enabled
                                                                     M860 processor: part number 0, mask 49
8        0×0100       break disabled
                                                                     1 Ethernet/IEEE 802.3 interface(s)
10       0×0400       IP broadcast with all zeros
                                                                     3 FastEthernet/IEEE 802.3 interface(s)
5, 11- 0×0800-        Console line speed                             7     Low-speed     serial(sync/async) network
12       0×1000                                                      interface(s)
13       0×2000       Boot default ROM software if                   239K bytes of NVRAM.
                      network boot fails


                                                     IJSRET @ 2012
International Journal of Scientific Research Engineering &Technology (IJSRET)
Volume 1 Issue1 pp 008-0013 March 2012                                         www. ijsret.org ISSN 2278 - 0882


    62720K bytes of processor board System flash             which will be when the router reboots. Any change to
    (Read/Write)                                             the configuration register won’t take effect until the
                                                             router is reloaded. The 0×2101 will load the IOS from
    Configuration register is 0x2102                         ROM the next time the router is rebooted.
    Router#                                                  Here is our router after setting the configuration register
                                                             to 0×2101 and reloading:
 The last line of this command gives the value of the           Router#show version
 configuration register. In the example, the value is           2800 Software (C2800NM-IPBASE-M), Version
 0×2102-the default setting.                                    12.3(14)T7, RELEASE SOFTWARE (fc2)Cisco
 Notice that the show version command also provides             IOS Software,
 the details of IOS version, ROM, RAM, NVRAM,                   [output cut]
 Flash memory and all interfaces in the preceding               ROM: System Bootstrap, Version 12.1(3r)T2,
 example.                                                       RELEASE SOFTWARE (fc1)
                                                                Copyright (c) 2000 by cisco Systems, Inc.
     V. CHANGING THE CONFIGURATION
                  REGISTER                                      System returned to ROM by power-on
                                                                System image file is "flash:c2800nm-ipbase-
    You can change the configuration register value to          mz.123-14.T7.bin"
   modify how the router boots and runs. There are the          [output cut]
   main reasons you would want to change the                    Configuration register is 0x2101
   configuration register:                                    A router has full IOS in flash. To set the configuration
       • To force the system into the ROM monitor            register back to the default, just type this:
         mode
       • To select a boot source and default boot              Router#config t
         filename                                              Enter configuration commands, one per line. End
       • To enable or disable the Break function               with CNTL/Z.
                                                               Router(config)#config-register 0x2102
       • To control broadcast addresses
                                                               Router(config)#^Z
       • To set the console terminal baud rate                 %SYS-5-CONFIG_I: Configured from console by
       • To load operating software from ROM                   console
       • To enable booting from a Trivial File                 Router#reload
         Transfer Protocol (TFTP) server                       Proceed with reload? [confirm]y
                                                               [output cut]
Before changing the configuration register, make sure          Router#show version
you know the current configuration register value. Use         [output cut]
the show version command to get this information.              Configuration register is 0x2102
You can change the configuration register by using the
config-register command:

Router(config)#config-register 0×2101                                    VI. RECOVERING PASSWORDS
Router(config)#^z
Router#
                                                                     If you forgot the router password, you can change
Router#show version
                                                                   the configuration register to login the router. As I
[Output cut]
                                                                   said earlier, bit 6 in the configuration register is used
Configuration register is 0×2102 (will be 0×2101 at
                                                                   to tell the router whether to use the contents of
next reload)
                                                                   NVRAM to load a router configuration (startup-
                                                                   config).
Notice that the show version command displays the
                                                                    The default configuration register value is 0x2102;
current configuration register value and also that value           meaning that bit 6 is off. With the default setting, the


                                                   IJSRET @ 2012
International Journal of Scientific Research Engineering &Technology (IJSRET)
Volume 1 Issue1 pp 008-0013 March 2012                                      www. ijsret.org ISSN 2278 - 0882


   router will look for and load a router configuration        You can change the configuration register by using the
   stored in NVRAM (startup-config). To recover a              config-register command. To turn on bit 6, use the
   password, you need to turn on the bit 6. Doing this         configuration register value 0x2142.
   will tell the router to ignore the NVRAM contents.          Remember that if you change the configuration register
   The configuration register value after turn on bit 6 is     to 0x2142, the startup-configuration will be bypassed
   0x2142.                                                     and the router will load into setup mode.
   Here are the main steps to password recovery:               To change the bit value on a Cisco ISR/2800 series
     1. Boot the router and interrupt the boot sequence        router, you just enter the command:
        by performing a break, which will take the              rommon 1 > confreg 0x2142
        router into ROM monitor mode.                           You must reset or power cycle for new configuration
     2. Change the configuration register to turn on bit        to take effect
        6 (with the value 0x2142).                              rommon 2 > reset
     3. Reload the router.                                      System Bootstrap, Version 12.1(3r)T2, RELEASE
     4. Enter privileged mode.                                  SOFTWARE (fc1)
     5. Copy the startup-configuration file to running-         Copyright (c) 2000 by cisco Systems, Inc.
        configuration.                                          cisco 2811 (MPC860) processor (revision 0x200) with
     6. Change the password.                                    60416K/5120K bytes of memory
     7. Reset the configuration register to the default
        value.                                                  Self decompressing the image :
     8. Save the router configuration.                          ###########################################
     9. Reload the router (optional).                           ############################### [OK]
                                                                        Restricted Rights Legend
Interrupting the Router Boot Sequence:
Your first step is to boot the router and perform a break.      Use, duplication, or disclosure by the Government is
This is usually done by pressing the Ctrl+Break key             subject to restrictions as set forth in subparagraph
combination when using HyperTerminal while the                  (c) of the Commercial Computer Software - Restricted
router first reboot.                                            Rights clause at FAR sec. 52.227-19 and subparagraph
 Router#reload                                                  (c) (1) (ii) of the Rights in Technical Data and
 Proceed with reload? [confirm]y                                Computer
 %SYS-5-RELOAD: Reload requested by console.                    Software clause at DFARS sec. 252.227-7013.
 Reload Reason: Reload Command.
 System Bootstrap, Version 12.1(3r)T2, RELEASE                        cisco Systems, Inc.
 SOFTWARE (fc1)                                                       170 West Tasman Drive
 Copyright (c) 2000 by cisco Systems, Inc.                            San Jose, California 95134-1706
 cisco 2811 (MPC860) processor (revision 0x200) with
 60416K/5120K bytes of memory                                   Cisco IOS Software, 2800 Software (C2800NM-
                                                                IPBASE-M), Version 12.3(14)T7, RELEASE
Self decompressing the image :                                  SOFTWARE (fc2)
##########                                                      Technical Support: http://www.cisco.com/techsupport
monitor: command "boot" aborted due to user interrupt           Copyright (c) 1986-2006 by Cisco Systems, Inc.
rommon 1 >                                                      Compiled Wed 22-Mar-06 18:40 by pt_team
                                                                Image text-base: 0x40095498, data-base: 0x414E0000
Notice the line monitor: command "boot" aborted due
to user interrupt. At this point, you will be at the            cisco 2811 (MPC860) processor (revision 0x200) with
rommon 1 > prompt, which is called ROM monitor                  60416K/5120K bytes of memory
mode.                                                           Processor board ID JAD05190MTZ (4292891495)
                                                                M860 processor: part number 0, mask 49
Changing the Configuration Register:                            1 Ethernet/IEEE 802.3 interface(s)
                                                                3 FastEthernet/IEEE 802.3 interface(s)



                                                     IJSRET @ 2012
International Journal of Scientific Research Engineering &Technology (IJSRET)
Volume 1 Issue1 pp 008-0013 March 2012                                      www. ijsret.org ISSN 2278 - 0882


7 Low-speed serial(sync/async) network interface(s)           Resetting the Configuration Register and Reloading
239K bytes of non-volatile configuration memory.              the Router:
62720K bytes of processor board System flash                  After you are finished changing password, set the
(Read/Write)                                                  configuration register back to the default value with the
Cisco IOS Software, 2800 Software (C2800NM-                   config-register command:
IPBASE-M), Version 12.3(14)T7, RELEASE
SOFTWARE (fc2)                                                 Router#config t
Technical Support: http://www.cisco.com/techsupport            Router(config)#config-register 0x2102
Copyright (c) 1986-2006 by Cisco Systems, Inc.                 Router(config)#
Compiled Wed 22-Mar-06 18:40 by pt_team
                                                              Finally, save the new configuration with a copy
      --- System Configuration Dialog ---                     running-config startup-config and reload the router.
                                                               Router#copy running-config startup-config
Continue with configuration dialog? [yes/no]: n
                                                               Destination filename [startup-config]?
                                                               Building configuration...
Press RETURN to get started!
                                                               [OK]
                                                               Router#
Router>en
                                                               Router#reload
Router#
                                                               Proceed with reload? [confirm]
The router will reload and ask if you want to use setup        %SYS-5-RELOAD: Reload requested by console.
mode (because no startup-config is used). Answer NO            Reload Reason: Reload Command.
to entering setup mode; press Enter to go into user            System Bootstrap, Version 12.1(3r)T2, RELEASE
mode and then type enable to go into privileged mode.          SOFTWARE (fc1)
                                                               Copyright (c) 2000 by cisco Systems, Inc.
Viewing and Changing the Configuration:                        cisco 2811 (MPC860) processor (revision 0x200) with
Now you are past the point where you would need to             60416K/5120K bytes of memory
enter the user-mode and privileged-mode password in a
router. Copy the startup-config file to the running-           Self decompressing the image :
config file:                                                   ###########################################
                                                               ############################### [OK]
Router#copy startup-config running-config                                Restricted Rights Legend
or use the shortcut:                                           Use, duplication, or disclosure by the Government is
Router#copy start run                                          subject to restrictions as set forth in subparagraph
                                                               (c) of the Commercial Computer Software - Restricted
                                                               Rights clause at FAR sec. 52.227-19 and
The configuration is now running in random access              subparagraph
memory (RAM), and you are in privileged mode,                  (c) (1) (ii) of the Rights in Technical Data and
meaning that you can now view and change the                   Computer
configuration. But you can’t view the enable secret            Software clause at DFARS sec. 252.227-7013.
setting for the password since it is encrypted. To change
the password, do this                                                cisco Systems, Inc.
                                                                     170 West Tasman Drive
Router#config t                                                      San Jose, California 95134-1706
Enter configuration commands, one per line. End with
CNTL/Z.                                                        Cisco IOS Software, 2800 Software (C2800NM-
Router(config)#enable secret Gyan                              IPBASE-M), Version 12.3(14)T7, RELEASE
Router(config)#                                                SOFTWARE (fc2)
                                                               Technical Support: http://www.cisco.com/techsupport


                                                    IJSRET @ 2012
International Journal of Scientific Research Engineering &Technology (IJSRET)
Volume 1 Issue1 pp 008-0013 March 2012                                     www. ijsret.org ISSN 2278 - 0882


Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Wed 22-Mar-06 18:40 by pt_team                          By the help of changing configuration register, you
Image text-base: 0x40095498, data-base: 0x414E0000               can bypass the booting sequence to enter the router.
                                                                 Now you can recover the password of the router
cisco 2811 (MPC860) processor (revision 0x200) with              and save the running-configuration file to the
60416K/5120K bytes of memory                                     startup-configuration for future use. Have a pleasant
Processor board ID JAD05190MTZ (4292891495)                      stay in your router.
M860 processor: part number 0, mask 49
1 Ethernet/IEEE 802.3 interface(s)                                                REFERENCES
3 FastEthernet/IEEE 802.3 interface(s)
7 Low-speed serial(sync/async) network interface(s)        [1] Comer, D. Internetworking with TCP/IP, Volume 1:
239K bytes of non-volatile configuration memory.           Principles, Protocols and Architecture. Upper Saddle
62720K bytes of processor board System flash               River, NJ: Prentice Hall, 2000.
(Read/Write)                                               [2] Comer, D. Computer Networks. Upper Saddle
Cisco IOS Software, 2800 Software (C2800NM-                River, NJ: Prentice Hall, 2004.
IPBASE-M), Version 12.3(14)T7, RELEASE                     [3] Huitema, C. Routing in the Internet. Upper Saddle
SOFTWARE (fc2)                                             River, NJ: Prentice Hall, 2000.
Technical Support: http://www.cisco.com/techsupport        [4] Perlman, R. Interconnection: Bridges, Routers,
Copyright (c) 1986-2006 by Cisco Systems, Inc.             Switches and Internetworking Protocols. Reading, MA:
Compiled Wed 22-Mar-06 18:40 by pt team                    Addison-Wesley, 2000.
                                                           [5] Stallings, W. Data and Computer Communications.
%LINK-5-CHANGED: Interface Vlan1, changed                  Upper Saddle River, NJ: Prentice Hall, 2004.
state to up                                                [6] Stallings, W. High Speed Networks. Upper Saddle
%LINK-5-CHANGED: Interface FastEthernet0/0,                River, NJ: Prentice Hall, 1998.
changed state to up                                        [7] Yuan R. and Strayer, W. Virtual Private Network.
%LINK-5-CHANGED: Interface FastEthernet0/1,                Reading, MA: Addison-Wesley, 2001.
changed state to up                                        [8] Tanenbaum, A. Computer Networks. Upper Saddle
%LINK-5-CHANGED: Interface FastEthernet1/0,                River, NJ: Prentice Hall, 2003.
changed state to up                                        [9] Peterson, L. and Davie B. Computer Networks: A
%LINK-5-CHANGED:            Interface  Ethernet1/1/0,      System Approach. San Francisco, CA: Morgan,
changed state to up                                        Kaufmans, 2000.
%LINK-5-CHANGED: Interface FastEthernet0/0,                [10]Moy, J. OSPF: Anatomy of an Internet Routing
changed state to administratively down                     Protocol. Reading, MA: Addison-Wesley, 1998.
%LINK-5-CHANGED: Interface FastEthernet0/1,
changed state to administratively down
%LINK-5-CHANGED: Interface FastEthernet1/0,
changed state to administratively down
%LINK-5-CHANGED:            Interface  Ethernet1/1/0,
changed state to administratively down
%LINK-5-CHANGED: Interface Vlan1, changed
state to administratively down
Press RETURN to get started!

Router>
Router>enable
Password:
Router#

               VII. CONCLUSION


                                                 IJSRET @ 2012

				
DOCUMENT INFO
Shared By:
Tags:
Stats:
views:29
posted:5/11/2012
language:Latin
pages:6