Basics Of Cisco Routers

Document Sample
Basics Of Cisco Routers Powered By Docstoc
					Basics Of Cisco Routers

Introduction

Cisco is well known for its routers and switches. I must admit they are very good quality
products and once they are up and running, you can pretty much forget about them because
they rarely fail.

We are going to focus on routers here since that's the reason you clicked on this page !

Cisco has a number of different routers, amongst them are the popular 1600 series, 2500
series and 2600 series. The ranges start from the 600 series and go up to the 12000 series
(now we are talking about a lot of money).

Below are a few of the routers mentioned :
 Cisco 700 Series Cisco 800 Series Cisco 1600 Series      Cisco 2600 Series Cisco 7200 Series
All the above equipment runs special software called the Cisco Internetwork Operating System
or IOS. This is the kernel of Cisco routers and most switches. Cisco has created what they call
Cisco Fusion, which is supposed to make all Cisco devices run the same operating system.

We are going to begin with the basic components which make up a Cisco router (and switches)
and I will be explaining what they are used for, so grab that tea or coffee and let's get going !

The basic components of any Cisco router are :

1) Interfaces

2) The Processor (CPU)

3) Internetwork Operating System (IOS)

4) RXBoot Image

5) RAM

6) NVRAM

7) ROM

8) Flash memory

9) Configuration Register

Now I just hope you haven't looked at the list and thought "Stuff this, it looks hard and
complicated" because I assure you, it's less painful than you might think ! In fact, once you
read it a couple of times, you will find all of it easy to remember and understand.

Interfaces

These allow us to use the router ! The interfaces are the various serial ports or ethernet ports
which we use to connect the router to our LAN. There are a number of different interfaces but
we are going to hit the basic stuff only.

Here are some of the names Cisco has given some of the interfaces: E0 (first Ethernet
interface), E1 (second Ethernet interface). S0 (first Serial interface), S1 (second Serial
interface), BRI 0 (first B channel for Basic ISDN) and BRI 1 (second B channel for Basic ISDN).

In the picture below you can see the back view of a Cisco router, you can clearly see the
various interfaces it has:(we are only looking at ISDN routers)




You can see that it even has phone sockets ! Yes, that's normal since you have to connect a
digital phone to an ISDN line and since this is an ISDN router, it has this option with the router.
I should, however, explain that you don't normally get routers with ISDN S/T and ISDN U
interfaces together. Any ISDN line requires a Network Terminator (NT) installed at the
customer's premises and you connect your equipment after this terminator. An ISDN S/T
interface doesn't have the NT device built in, so you need an NT device in order to use the
router. On the other hand, an ISDN U interface has the NT device built in to the router.

Check the picture below to see how to connect the router using the different ISDN interfaces:




                     ...........




Apart from the ISDN interfaces, we also have an Ethernet interface that connects to a device in
your LAN, usually a hub or a computer. If connecting to a Hub uplink port, then you set the
small switch to "Hub", but if connecting to a PC, you need to set it to "Node". This switch will
simply convert the cable from a straight through (hub) to a x-over (Node):




                    ..............

The Config or Console port is a Female DB9 connector which you connect, using a special cable,
to your computers serial port and it allows you to directly configure the router.
The Processor (CPU)

All Cisco routers have a main processor that takes care of the main functions of the router. The
CPU generates interrupts (IRQ) in order to communicate with the other electronic components
in the router. The Cisco routers utilise Motorola RISC processors. Usually the CPU utilisation on
a normal router wouldn't exceed 20 %.

The IOS

The IOS is the main operating system on which the router runs. The IOS is loaded upon the
router's bootup. It usually is around 2 to 5MB in size, but can be a lot larger depending on the
router series. The IOS is currently on version 12, and Cisco periodically releases minor versions
every couple of months e.g 12.1 , 12.3 etc. to fix small bugs and also add extra functionality.

The IOS gives the router its various capabilities and can also be updated or downloaded from
the router for backup purposes. On the 1600 series and above, you get the IOS on a PCMCIA
Flash card. This Flash card then plugs into a slot located at the back of the router and the
router loads the IOS "image" (as they call it). Usually this image of the operating system is
compressed so the router must decompress the image in its memory in order to use it.

The IOS is one of the most critical parts of the router, without it the router is pretty much
useless. Just keep in mind that it is not necessary to have a flash card (as described above with
the 1600 series router) in order to load the IOS. You can actually configure most Cisco routers
to load the image off a network tftp server or from another router which might hold multiple
IOS images for different routers, in which case it will have a large capacity Flash card to store
these images.

The RXBoot Image

The RXBoot image (also known as Bootloader) is nothing more than a "cut-down" version of the
IOS located in the router's ROM (Read Only Memory). If you had no Flash card to load the IOS
from, you can configure the router to load the RXBoot image, which would give you the ability
to perform minor maintenance operations and bring various interfaces up or down.

The RAM

The RAM, or Random Access Memory, is where the router loads the IOS and the configuration
file. It works exactly the same way as your computer's memory, where the operating system
loads along with all the various programs. The amount of RAM your router needs is subject to
the size of the IOS image and configuration file you have. To give you an indication of the
amounts of RAM we are talking about, in most cases, smaller routers (up to the 1600 series)
are happy with 12 to 16 MB while the bigger routers with larger IOS images would need around
32 to 64 MB of memory. Routing tables are also stored in the system's RAM so if you have
large and complex routing tables, you will obviously need more RAM !

When I tried to upgrade the RAM on a Cisco 1600 router, I unscrewed the case and opened it
and was amazed to find a 72 pin SIMM slot where you needed to attach the extra RAM. For
those who don't know what a 72 pin SIMM is, it's basically the type of RAM the older Pentium
socket 7 CPUs took, back in '95. This type of memory was replaced by today's standard 168 pin
DIMMs or SDRAM.

The NVRAM (Non-Volatile RAM)

The NVRAM is a special memory place where the router holds its configuration. When you
configure a router and then save the configuration, it is stored in the NVRAM. This memory is
not big at all when compared with the system's RAM. On a Cisco 1600 series, it is only 8 KB
while on bigger routers, like the 2600 series, it is 32 KB. Normally, when a router starts up,
after it loads the IOS image it will look into the NVRAM and load the configuration file in order
to configure the router. The NVRAM is not erased when the router is reloaded or even switched
off.

ROM (Read Only Memory)

The ROM is used to start and maintain the router. It contains some code, like the Bootstrap and
POST, which helps the router do some basic tests and bootup when it's powered on or
reloaded. You cannot alter any of the code in this memory as it has been set from the factory
and is Read Only.

Flash Memory

The Flash memory is that card I spoke about in the IOS section. All it is, is an EEPROM
(Electrical Eraseable Programmable Read Only Memory) card. It fits into a special slot normally
located at the back of the router and contains nothing more than the IOS image(s). You can
write to it or delete its contents from the router's console. Usually it comes in sizes of 4MB for
the smaller routers (1600 series) and goes up from there depending on the router model.

Configuration Register

Keeping things simple, the Configuration Register determines if the router is going to boot the
IOS image from its Flash, tftp server or just load the RXBoot image. This register is a 16 Bit
register, in other words has 16 zeros or ones. A sample of it in Hex would be the following:
0x2102 and in binary is : 0010 0001 0000 0010.
Cisco Router Modes

Introduction

From my personal experience, I have noticed that the lower end routers (600-1400) use different
commands than the mid to upper range routers (1600 and above). The commands we are going to
talk about here cover most aspects of the 1600, 1700, 2500, 2600, 3600 series. Most are the same,
but there are always a few variations to these commands depending on the interfaces your router has,
IOS version, and the type of WAN protocols they support.

Because there is such a wide range of interfaces on a router and also alot of different versions of the
Cisco IOS, I decided to stick to an example where our router is running IOS version 12 and has one
IDSN S/T (without NT terminator) interface and one Ethernet interface. That's a total of 2 interfaces. I
understand that this is quite a specific example, but it would take an enourmous amount of time and
effort to cover all cases.

Now, when you power up a Cisco router, it will first run a POST test to ensure all hardware is ok, and
then look into the Flash to load the IOS. Once the IOS is loaded, it will then check the NVRAM for any
configuration file. Since this is a new router, it won't find any, so the router will go into "setup mode".

Setup Mode

The setup mode is a step-by-step process which helps you configure basic aspects of the router. When
using this setup mode, you actually have 2 options:

1) Basic Managment Setup, which configures only enough connectivity for managment to the system.

2) Extended Setup, which allows you to configure some global parameters and interfaces.

It should be noted that when you are prompted to enter a value at the console prompt, whatever is
between the square brackets [ ] is considered to be a default value. In other words, if you hit enter
without entering anything, the value in those brackets will be set for the specific question.

I'll try to keep this as simple and straightforward as possible.

Cisco routers have different configuration modes (depending on the router model), and by this I mean
there are different modes in which different aspects of the router can be configured.

These are :

1) User Exec Mode ( >) - Click to select

2) Privileged Mode (#) which has as a subset, the Global Configuration mode - Click to select

To be able to get into either User Exec or Privileged mode, you will most likely need a password. This
password is set during the initial configuration of the router or later on. Once in Privileged Mode, you
can then enter Global Configuration Mode (password not needed to enter this mode) to then futher
configure interfaces, routing protocols, access lists and more.

The picture below shows you a quick view of the modes. Notice the red arrow, it's pointing towards
the Global Configuration Mode and Privileged mode meaning that some of the specific configuration
modes can be entered from Global Configuration Mode and other from Privileged mode:
I have given each mode its own separate page to avoid squezing all the information into one huge
page. This makes it easier for you to read.


Cisco Basics - User Exec Mode

Introduction

Let's see what it looks like to be in each one of these modes. Here I have telneted into our lab router
and I am in User Exec Mode:




The easiest way to keep track of the mode you're in is by looking at the prompt. The ">" means we
are in User Exec Mode. From this mode, we are able to get information like the version of IOS,
contents of the Flash memory and a few others.
Now, let's check out the available commands in this mode. This is done by using the "?" command and
hitting enter:




Wow, see all those commands available ? And just to think that this is considered a small portion of
the total commands available when in Privileged Mode ! Keep in mind that when you're in the console
and configuring your router, you can use some short cuts to save you typing full command lines.
Some of these are :

Tab: By typing the first few letters of a command and then hitting the TAB key, it will automatically
complete the rest of the command. Where there is more than one command starting with the same
characters, when you hit TAB all those commands will be displayed. In the picture above, if i were to
type "lo" and hit TAB, I would get a listing of "lock, login and logout" because all 3 commands start
with "lo".

?: The question mark symbol "?" forces the router to print a list of all available commands. A lot of the
commands have various parameters or interfaces which you can combine. In this case, by typing the
main command e.g "show" and then putting the "?" you will get a list of the subcommands. This
picture shows this clearly:
Other shortcut keys are :

CTRL-A: Positions the cursor at the beginning of the line.

CTRL-E: Positions the cursor at the end of the line.

CTRL-D: Deletes a character.

CTRL-W: Deletes a whole word.

CTRL-B: Moves cursor back by one step.

CTRL-F: Moves cursor forward by one step.

One of the most used commands in this mode is the "Show" command. This will allow you to gather a
lot of information about the router. Here I have executed the "Show version" command, which
displays various information about the router:
The "Show Interface <interface> " command shows us information on a particular interface. This
includes the IP address, encapsulation type, speed, status of the physical and logical aspect of the
interface and various statistics. When issuing the command, you need to replace the <interface> with
the actual interface you want to look at. For example, ethernet 0, which indicates the first ethernet
interface :




Some other generic commands you can use are the show "running-config" and show "startup-config".
These commands show you the configuration of your router.
The running-config refers to the running configuration, which is basically the configuration of the
router loaded into its memory at that time.

Startup-config refers to the configuration file stored in the NVRAM. This, upon bootup of the router,
gets loaded into the router's RAM and then becomes the running-config !

So you can see that User Exec Mode is used mostly to view information on the router, rather than
configuring anything. Just keep in mind that we are touching the surface here and not getting into any
details.

This completes the User Exec Mode section. If you like, you can go back and continue to the Privileged
Mode section.


Cisco Basics - Priveliged Mode

Introduction

To get into Privileged Mode we enter the "Enable" command from User Exec Mode. If set, the router
will prompt you for a password. Once in Privileged Mode, you will notice the prompt changes from ">"
to a "#" to indicate that we are now in Privileged Mode.

The Privileged Mode (and Global Configuration Mode ) is used mainly to configure the router, enable
interfaces, setup security, define dialup interfaces etc.

I have put a screen shot of the router to give you an idea of the commands available in Privileged
Mode in comparison to the User Exec Mode. Remember that these commands have sub-commands
and can get quite complicated:
As you can see, there is a wider choice of commands in Privileged Mode.

Now, when you want to configure certain services or parts of the router you will need to enter Global
Configuration Mode from within Privileged Mode. If you're confused by now with the different modes
available try to see it this way :

User Exec Mode (distinguished by the ">" prompt) is your first mode, which is used to get statistics
from router, see which version IOS you're running, check memory resources and a few more things.

Privileged Mode (distingushed by the "#" prompt) is the second mode. Here you can enable or disable
interfaces on the router, get more detailed information on the router, for example, view the running
configuration of the router, copy the configuration, load a new configuration to the router, backup or
delete the configuration, backup or delete the IOS and a lot more.
Global Configuration Mode (distingushed by the " (config)# " prompt) is accessable via Privileged
Mode. In this mode you're able to configure each interface individually, setup banners and passwords,
enable secrets (encrypted passwords), enable and configure routing protocols and a lot more. I dare
say that 70% of the time you want to configure or change something on the router, you will need to
be in this mode.

Getting into Global Configuration

The picture below shows you how to enter Global Configuration Mode:




As you can see, I have telneted into the router and it prompted me for a password. I entered the
password, which is not shown, at this point I am in User Exec Mode and then entered "enable" in
order to get into the Privileged Mode. From here to get into Global Configuration Mode you need to
enter the "configure selection" command.

Now you must be wondering what the various parameters shown in the picture are, under the
"configure" command. These allow you to select how you will configure the router:


       Configure Memory means you enter Global Configuration Mode and are configuring the router
        in its NVRAM. This command will force the router to load up the startup-config file stored in
        the NVRAM and then you can proceed with the configuration. When you're happy with the
        configuration, save it to NVRAM by entering "copy running-config startup-config".


       Configure Network means you enter Global Configuration Mode and load a startup-config file
        from a remote router (using tftp) into your local router's memory and configure it. Once
        you're finished, you need to enter "copy running-config tftp" which will force the router to
        copy its memory configuration onto a tftp server. The router will prompt you for the IP
        address of the remote tftp server.


       Configure Overwrite-network means that you overwrite the NVRAM's configuration with a
        configuration stored on a tftp server. Issuing this command will force the router to prompt for
        an IP address of the remote tftp server. Personally, I have never needed to use this
        command.


       Configure Terminal means you enter Global Configuration Mode and work with the
        configuration which is already loaded into the router's memory (Cisco calls this the running-
        config). This is the most popular command, as in most cases you need to modify or re-
        configure the router on the spot and then save your changes.

You will need to save this configuration otherwise everything you configure will be lost upon power
failure or reboot of the router !

Below are the commands you need to enter to save the configuration, depending on your network
setup:
        Copy running-config startup-config: Copies the configuration which is running in the router's
         RAM in to the NVRAM and gives it a file name of startup-config (default). If one already exists
         in the NVRAM, it will be overwritten by the new one.


        Copy running-config tftp: Copies the configuration which is running in the router's RAM in to
         a tftp server which might be running on your network. You will be asked for the IP address of
         the tftp server and given the choice to select a filename for the configuration. Some
         advanced routers can also act as tftp servers.




Generic Configuration

There are a few standard things with which you always need to configure the router . For example, a
hostname. This is also used as a login name for the remote router to which your router needs to
authenticate. Before we get stuck into the interface configuration we are going to run through a few of
these commands. The following examples assume no passwords have been set as yet and that the
router has a default hostname of "router":

We connect to the router via the console port using the serial cable and type the following

Router> enable (gets us into Privileged Mode)

Router# configure terminal (This command gets us into the appropriate Global Configuration Mode as
outlined above)

Router(config)# hostname swiftpond (This command sets the router's hostname to swiftpond. From
this moment onwards, swiftpond will appear before the ">" or "#" depending on which mode we are
in)

swiftpond(config)# username router2.isp password firewallcx (Here we are telling the router that the
remote router which we are connecting to, has a username of "router2.isp" and our password to
authenticate to router2.isp is "firewallcx")

This is a standard way of authentication with Cisco routers. Your router's hostname is your login name
and your password (in our case "firewallcx") is entered at the same time you define the remote
router's hostname.

Next we create a static route so the router will pass all packets originating from our network to the
remote router. This is usually the case when you connect to your isp.

swiftpond(config)# ip route 0.0.0.0 0.0.0.0 139.130.34.43 (Here we tell our router to create a default
route where any packet -defined by the first 0.0.0.0- no matter what subnetmask -defined by the
second 0.0.0.0- is to be sent to ip 139.130.34.43 which would be the router we are connecting to)

In the case where you were not configuring the router to connect to the Internet but to join a small
WAN which connects a few offices, then you probably want to use a routing protocol:

swiftpond(config)# router rip (Enables RIP routing protocol. After this command you enter the routing
protocols configuration section -see below- where you can change timing parameters and other)

swiftpond(config-router)#

At this prompt you can fine tune RIP or just leave it to the default setting which will work fine. The
"exit" command takes you one step back:

swiftpond(config-router)# exit

swiftpond(config)#

Alternatively, you can use IGRP as a routing protocol, in which case you would have to enter the
following:
swiftpond(config)# router igrp 1 (The "1" defines the Autonomous system number)

swiftpond(config-router)#

Again, the "exit" command will take you back one step:

swiftpond(config-router)# exit

swiftpond(config)#

After that, we need to create a dialer list which our WAN interface BRI (ISDN) will use to make a call
to our ISP.

swiftpond(config)# dialer-list 1 protocol ip permit (Now we are telling the router to create a dialer list
and bind it to group 1. The "protocol ip permit" tells the router to initiate a call for an ip packet)

I'll give you a quick example to make sure you understand the reason we put this command:

If you launched your web browser, it would send an http request to the server you have set as a
homepage e.g www.firewall.cx. This request which your computer is going to send, is encapsulated in
an ip packet that will cause your router to initiate a connection, as it is now configured to do so.

The dialup interface for Cisco routers is broken into 2 parts: a Dialer-list and a Dialer-group.

The Dialer-list defines the rules for placing a call. Later on when you configure the WAN interface, you
bind that Dialer-list to the interface by using the Dialer-group command (shown later on).




Configuring Interfaces

In our example we said we have a router with one Ethernet and one basic ISDN interface (max of
128Kbit). We are going to go through the process of configuring the interfaces. We will start with the
Ethernet Interface.

In order to configure the interface, we need to be in Global Configuration Mode, so we need to type
first "enable" in order to get into Privileged Mode and then "configure terminal" to get into the
appropriate Global Configuration Mode (as explained above). Now we need to select the interface we
want to configure, in this case the first ethernet interface (E0) so we type "interface e0".

This picture shows clearly all the steps:




Any commands entered here will affect the first ethernet interface only. So we start with the IP
address. It's important to understand that this IP address would be visible to both networks to which
the router is connected. If we were connecting to the Internet then everyone would be able to see this
IP. Futhermore, the IP address would also be the default gateway for our firewall or machine which
would physically connect directly to the router.

The following commands will configure the ethernet interface's IP address::
(config-if)# ip address 192.168.0.1 255.255.255.0

or

(config-if)# ip address 139.130.4.5 255.255.255.0 secondary

Now that we have given e0 its IP address, we need to give the ISDN interface its IP as well, so we
need to move to the correct interface by typing the following:

(config-if)# exit (this exits from the e0 interface configuration)

(config-if)# interface bri0 (this command enters the configuration for the first ISDN interface)

(config-if)# ip address 10.0.0.2 255.255.255.224 (this command sets the IP address for BRI 0 which
is also known as the WAN IP address)

Now when it comes to configuring WAN interfaces, you need more than just an IP address (LAN
interfaces such as E0 are a lot easier to configure). You need to set the encapsulation type, the
authentication protocol the router will use to authenticate to the remote router, the phone number it
will need to dial and a few more:

(config-if)# encapsulation ppp (This command sets the packet's encapsulation to ppp which is 100%
compatible with all routers no matter what brand)

(config-if)# dialer string 0294883452 (This command tells the router which phone number it needs to
dial in order to establish a connection with our remote router e.g your ISP)

(config-if)# dialer group 1 (This command tells the router to use the dialer list 1 (configured
previously) to initiate a connection)

(config-if)# idle-timeout 2000000 (This command is optional and allows us to set an idle timeout so if
the router is idle for so many seconds, it will disconnect. A value of 2 million seconds means the
router will never disconnect)

(config-if)# isdn switch-type basic-net3 (This command tells the router the type of ISDN interface we
are using. Each country has its own type, so you need to consult your Cisco manual to figure out
which type you need to put here)

(config-if)# dialer load-threshold 125 outbound (This command is optional and allows us to specify a
threshold upon which it will place another call. The value it takes is from 1 to 255. A value of 125
means bring up the second B channel if either the inbound or outbound traffic load is 50%.

That pretty much does it for our ISDN (WAN) interface. All you need to do now is to SAVE the
configuration !

Well I hope it wasn't too bad for you, since there is a quite a bit of information on this page. I
encourage you to read through it again until you understand what is going on, then you will find it a
breeze to configure a Cisco router yourself !

				
DOCUMENT INFO
Shared By:
Stats:
views:15
posted:8/25/2011
language:English
pages:16
Description: Basics Of Cisco Routers