Cisco Ios For Dummies 6p6p2u
This document was ed by and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this report form. Report 3i3n4
Overview 26281t
& View Cisco Ios For Dummies as PDF for free.
More details 6y5l6z
- Words: 1,368
- Pages: 29
Cisco IOS for dummies Beginners class today
Markus Germeier [email protected]
This course ` Basis knowledge about Cisco hardware/software ` Introduction to Cisco‘s IOS ` How to configure an IOS based switch
y Examples for Cat2950 / Cat 3550 ` Basic tasks ` NO: advanced features, routing, CatOS
Cisco ` World-wide one of the biggest supplier of network hardware (about 60% world-wide) ` Near 100% probability packet will a Cisco machine while traveling the internet ` Single point of failure? y Monoculture are never good! y Latest security bug (were we lucky?)
Cisco Hardware ` ` ` `
Wide range from small (AP, VoIP-Phone, ...) ... ... to big (ISP core routers) Main Software is IOS But others exists: y Web Interfaces („older“ AP, VoIP) y CatOS for „older“ Catalysts / Supervisor boards
Cisco Catalyst Switches ` Big Hardware ` Full hot-swapable / redundance ` Slot1 Supervisor Board ` N Slots extensions y Network ports y Feature Cards eg. RSM, MSFC, ...
Cisco IOS ` ` ` `
Internetwork Operating System „one-size“ fits all (??) Not really: highly dependant on hardware/version Main interface: command line (CLI) y Console and telnet
` newer versions: web interface (don‘t use it!) and SSH (V1.5, single(/tripple) DES) /
IOS management ` „old-model“: no s, only s ` Privilege levels: from 0 ( nobody) to 15 ( root) ` with ` To configure: „enable“ + enable (== „su -“) ` „new-model“: define s with privilege levels ` One exception:
y On console: priv15 -> priv0 downgrade y thus: „enable“ + still needed
Cisco IOS CLI ` Comfortable interface ` Command completion:
` Got stuck/what command was that? y Show all available commands y Show next required parameter ` : anyplace, anytime, anywhere ` Command shortening: y „show version“ -> „sh ver“
` Usually use short command (beginners: use
!!)
IOS configs ` Getting started:
y „show version“ -> „sh ver“ (HW/SW info) y „show interfaces“ -> „sh int“
` Two configurations: y running-config (the current configuration): „sh run“ y startup-config (config loaded after a reload): „sh start“
` BEWARE: only non-default entries are shown ` (so what are the default entries? That depends ...)
IOS edit config ` change running configuration ` -> changes take immediate effekt (this is dangerous!!) ` To configure: „configure terminal“ -> „conf t“ ` To exit from configuration „exit“ (up one level) or
-Z to quit configuration mode ` After changes, check config: „sh run“ ` Everything is fine: „copy run start“ ` Something bad happened: „reload“ or hard power-cycle y startup-config will be loaded
IOS edit config (2) ` Disable command „X“: ` „no X“ (copy the whole command line!) ` Disable an Interface „shutdown“ ` Classical small reboot: ` „shut“ + „no shut“ on Interface
IOS interfaces ` Physical interfaces (numbers depending on HW):
y In general: Hardware{slot/}number y FastEthernet0/X (F0/X) y GigabitEthernet0/X (G0/X)
` Show interface configuration: y „sh run int F0/1“
` Show interface status: y „sh int F0/1“
IOS interface status switch-cat3550-0195-1#sh int g0/1 GigabitEthernet0/1 is up, line protocol is up (connected) Hardware is Gigabit Ethernet, address is 000c.ce42.b681 (bia 000c.ce42.b681) Description: Uplink c100-e3 [...] Full-duplex, 1000Mb/s [...]
IOS Interface status (2) 5 minute input rate 2219000 bits/sec, 234 packets/sec 5 minute output rate 2725000 bits/sec, 381 packets/sec 310311669 packets input, 132621980 bytes, 0 no buffer Received 911690 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 675982 multicast, 0 pause input 0 input packets with dribble condition detected
` Rule of thumb: <1000 packets/sec are OK ` Look out for errors (== link/cabel problems)
IOS VLANs ` Defining a VLAN: ` Older versions: logical interface: „int vlanX“ ` New version: „vlan database“
y „show“ vlans y „vlan X“ define a VLAN (options possible) y „apply“ save the latest VLAN modifications (don‘t forget)
` Logical VLAN interfaces only used for asg IP addresses
IOS configure interfaces ` „conf t“ ` „int F0/Y“ ` „switchport access vlan X“ ` Interface F0/Y is now member of the VLAN X ` Reminder: VLANs in FB3 domain: y y y y
VLAN X -> 134.102.X/24 VLAN 83 -> 134.102.112/21 VLAN 86 -> 172.21/16 VLAN 229 -> 134.102.124/24
IOS configure trunks ` Trunk: in the case a physical link which transmits more then one VLAN ` Two protocols ISL (Cisco) and IEEE802.1q (== dot1q) ` dot1q is the standard ` „conf t“, „int G0/X“ as usual ` „switchport mode trunk“ (== this port is a trunk) ` „switchport trunk allowed vlan 1,86,218,224“ ` „switchport trunk encapsulation dot1q“ (Cat 3550 only) y The Cat3550 speaks ISL and dot1q (2950 is dot1q-only)
Cisco 2950/3550 step by step ` Configure via console 9600,8N1 ` Initial setup: should be OK, no need to give an IP address ` Three s (, secret, enable) ` Start configuration: „conf t“ no ip http server hostname switch-catXXXX-YYYY
step by step (2) ` Configure s and s aaa new-model aaa authentication default local aaa authorization exec default local service -encryption name root privilege 15 XXXXXX enable XXXXXX
` name root privilege 15 7 0011223344 ` Enable 7 4433221100 ` BEWARE: keep these line secret (not a one-way-func.!!!)
step by step (3) ` Configure DNS server and domain ip domain-name informatik.uni-bremen.de ip name-server 134.102.218.46 ip name-server 134.102.200.14
` Configure timeserver and logging timestamps ntp server 130.149.17.21 ntp server 192.43.244.18 ntp peer 134.102.204.114 service timestamps debug datetime msec service timestamps log datetime msec
step by step (4) ` Define available VLANs ` (this is „outside“ of „configure terminal“) vlan database vlan X vlan Y apply exit
` Define logical Interface with IP address int vlan X ip address 134.102.X.Y 255.255.255.0
step by step (5) ` Define a trunk (uplink) interface GigabitEthernet0/11 description Uplink from FooBar switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,X,Y,Z switchport mode trunk
(3550 only)
` (Switch should now be remotly accessible) ` Define VLANs for every interface switchport access vlan X
step by step (6) ` Loghost logging facility local1 logging 134.102.X.Z
` Miscellaneous (this needs checking) spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id
` Define usefull aliases alias exec 0 term len 0 alias exec c conf t alias exec u sh proc u
Cisco Discovery Protocoll ` IOS announces presence on every Link (layer 2) ` Platform, SW version, IP address, Outgoing Port ` Enabled by default on every interface ` Disable: „no cdp enable“ (e.g. wanted on ATM) ` Check informations: ` „sh cdp neighbors“ ` „sh cdp entry *“ (check verbose all gathered informations)
Standard tasks ` Tools like ping/traceroute/telnet are available ` Advanced modus: e.g. „ping
“ ` Pipe/grep-like command available ` Only for „long-output“ commands ` „command | {begin,exclude,include} expression ` Very usefull: ` „sh arp“ (+ grep) ` „sh mac-address-table“(+ grep)
IOS update ` Don‘t do it! I‘m seriuos!!! ` First problem: CCO with permissions to software needed. (-> ZfN) ` Find out current SW version running („sh ver“) ` Find out new needed version (Cisco documentation!) ` READ the documentation!! ` Always have a known good image ready ` Check reboot on serial console!! ` Worst case: machine does not boot -> Boot Rom
IOS update (2) ` Check space on internal flash ` Delete unwanted stuff (e.g. delete html/*) ` DOS like commands: dir, delete, copy ` „dir“ or „dir flash:“ (bootflash:, slotX, ...) ` Copy new image to flash (r and tftp available) ` Usually TFTP: ` „copy tftp://134.102.218.99/newimage.bin“ flash: ` Check the image: „ flash:newimage.bin“
IOS update (3) ` Check the configuration („sh ver“) ` Lowest two bits define boot behaviour ` Both set: use config (this is wanted!) ` Check current boot path: „sh boot“ ` Empty path: use first image found on flash: ` „boot system flash:newimage.bin;flash:oldimage.bin ` Check everything again! ` „reload“ and cross your fingers
Hints to get started ` Use „show“ a lot: „sh ?“ and „sh X ?“! ` Use „command ?“ a lot! (Find out about parameters) ` Unknown interesting command: Use google:
y site:cisco.com „command foo“ „12.1“ y site:cisco.com „command foo“ „2950“
` „term mon“ + „sh log“
Markus Germeier [email protected]
This course ` Basis knowledge about Cisco hardware/software ` Introduction to Cisco‘s IOS ` How to configure an IOS based switch
y Examples for Cat2950 / Cat 3550 ` Basic tasks ` NO: advanced features, routing, CatOS
Cisco ` World-wide one of the biggest supplier of network hardware (about 60% world-wide) ` Near 100% probability packet will a Cisco machine while traveling the internet ` Single point of failure? y Monoculture are never good! y Latest security bug (were we lucky?)
Cisco Hardware ` ` ` `
Wide range from small (AP, VoIP-Phone, ...) ... ... to big (ISP core routers) Main Software is IOS But others exists: y Web Interfaces („older“ AP, VoIP) y CatOS for „older“ Catalysts / Supervisor boards
Cisco Catalyst Switches ` Big Hardware ` Full hot-swapable / redundance ` Slot1 Supervisor Board ` N Slots extensions y Network ports y Feature Cards eg. RSM, MSFC, ...
Cisco IOS ` ` ` `
Internetwork Operating System „one-size“ fits all (??) Not really: highly dependant on hardware/version Main interface: command line (CLI) y Console and telnet
` newer versions: web interface (don‘t use it!) and SSH (V1.5, single(/tripple) DES) /
IOS management ` „old-model“: no s, only s ` Privilege levels: from 0 ( nobody) to 15 ( root) ` with ` To configure: „enable“ + enable (== „su -“) ` „new-model“: define s with privilege levels ` One exception:
y On console: priv15 -> priv0 downgrade y thus: „enable“ + still needed
Cisco IOS CLI ` Comfortable interface ` Command completion:
` Usually use short command (beginners: use
IOS configs ` Getting started:
y „show version“ -> „sh ver“ (HW/SW info) y „show interfaces“ -> „sh int“
` Two configurations: y running-config (the current configuration): „sh run“ y startup-config (config loaded after a reload): „sh start“
` BEWARE: only non-default entries are shown ` (so what are the default entries? That depends ...)
IOS edit config ` change running configuration ` -> changes take immediate effekt (this is dangerous!!) ` To configure: „configure terminal“ -> „conf t“ ` To exit from configuration „exit“ (up one level) or
IOS edit config (2) ` Disable command „X“: ` „no X“ (copy the whole command line!) ` Disable an Interface „shutdown“ ` Classical small reboot: ` „shut“ + „no shut“ on Interface
IOS interfaces ` Physical interfaces (numbers depending on HW):
y In general: Hardware{slot/}number y FastEthernet0/X (F0/X) y GigabitEthernet0/X (G0/X)
` Show interface configuration: y „sh run int F0/1“
` Show interface status: y „sh int F0/1“
IOS interface status switch-cat3550-0195-1#sh int g0/1 GigabitEthernet0/1 is up, line protocol is up (connected) Hardware is Gigabit Ethernet, address is 000c.ce42.b681 (bia 000c.ce42.b681) Description: Uplink c100-e3 [...] Full-duplex, 1000Mb/s [...]
IOS Interface status (2) 5 minute input rate 2219000 bits/sec, 234 packets/sec 5 minute output rate 2725000 bits/sec, 381 packets/sec 310311669 packets input, 132621980 bytes, 0 no buffer Received 911690 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 675982 multicast, 0 pause input 0 input packets with dribble condition detected
` Rule of thumb: <1000 packets/sec are OK ` Look out for errors (== link/cabel problems)
IOS VLANs ` Defining a VLAN: ` Older versions: logical interface: „int vlanX“ ` New version: „vlan database“
y „show“ vlans y „vlan X“ define a VLAN (options possible) y „apply“ save the latest VLAN modifications (don‘t forget)
` Logical VLAN interfaces only used for asg IP addresses
IOS configure interfaces ` „conf t“ ` „int F0/Y“ ` „switchport access vlan X“ ` Interface F0/Y is now member of the VLAN X ` Reminder: VLANs in FB3 domain: y y y y
VLAN X -> 134.102.X/24 VLAN 83 -> 134.102.112/21 VLAN 86 -> 172.21/16 VLAN 229 -> 134.102.124/24
IOS configure trunks ` Trunk: in the case a physical link which transmits more then one VLAN ` Two protocols ISL (Cisco) and IEEE802.1q (== dot1q) ` dot1q is the standard ` „conf t“, „int G0/X“ as usual ` „switchport mode trunk“ (== this port is a trunk) ` „switchport trunk allowed vlan 1,86,218,224“ ` „switchport trunk encapsulation dot1q“ (Cat 3550 only) y The Cat3550 speaks ISL and dot1q (2950 is dot1q-only)
Cisco 2950/3550 step by step ` Configure via console 9600,8N1 ` Initial setup: should be OK, no need to give an IP address ` Three s (, secret, enable) ` Start configuration: „conf t“ no ip http server hostname switch-catXXXX-YYYY
step by step (2) ` Configure s and s aaa new-model aaa authentication default local aaa authorization exec default local service -encryption name root privilege 15 XXXXXX enable XXXXXX
` name root privilege 15 7 0011223344 ` Enable 7 4433221100 ` BEWARE: keep these line secret (not a one-way-func.!!!)
step by step (3) ` Configure DNS server and domain ip domain-name informatik.uni-bremen.de ip name-server 134.102.218.46 ip name-server 134.102.200.14
` Configure timeserver and logging timestamps ntp server 130.149.17.21 ntp server 192.43.244.18 ntp peer 134.102.204.114 service timestamps debug datetime msec service timestamps log datetime msec
step by step (4) ` Define available VLANs ` (this is „outside“ of „configure terminal“) vlan database vlan X vlan Y apply exit
` Define logical Interface with IP address int vlan X ip address 134.102.X.Y 255.255.255.0
step by step (5) ` Define a trunk (uplink) interface GigabitEthernet0/11 description Uplink from FooBar switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,X,Y,Z switchport mode trunk
(3550 only)
` (Switch should now be remotly accessible) ` Define VLANs for every interface switchport access vlan X
step by step (6) ` Loghost logging facility local1 logging 134.102.X.Z
` Miscellaneous (this needs checking) spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id
` Define usefull aliases alias exec 0 term len 0 alias exec c conf t alias exec u sh proc u
Cisco Discovery Protocoll ` IOS announces presence on every Link (layer 2) ` Platform, SW version, IP address, Outgoing Port ` Enabled by default on every interface ` Disable: „no cdp enable“ (e.g. wanted on ATM) ` Check informations: ` „sh cdp neighbors“ ` „sh cdp entry *“ (check verbose all gathered informations)
Standard tasks ` Tools like ping/traceroute/telnet are available ` Advanced modus: e.g. „ping
IOS update ` Don‘t do it! I‘m seriuos!!! ` First problem: CCO with permissions to software needed. (-> ZfN) ` Find out current SW version running („sh ver“) ` Find out new needed version (Cisco documentation!) ` READ the documentation!! ` Always have a known good image ready ` Check reboot on serial console!! ` Worst case: machine does not boot -> Boot Rom
IOS update (2) ` Check space on internal flash ` Delete unwanted stuff (e.g. delete html/*) ` DOS like commands: dir, delete, copy ` „dir“ or „dir flash:“ (bootflash:, slotX, ...) ` Copy new image to flash (r and tftp available) ` Usually TFTP: ` „copy tftp://134.102.218.99/newimage.bin“ flash: ` Check the image: „ flash:newimage.bin“
IOS update (3) ` Check the configuration („sh ver“) ` Lowest two bits define boot behaviour ` Both set: use config (this is wanted!) ` Check current boot path: „sh boot“ ` Empty path: use first image found on flash: ` „boot system flash:newimage.bin;flash:oldimage.bin ` Check everything again! ` „reload“ and cross your fingers
Hints to get started ` Use „show“ a lot: „sh ?“ and „sh X ?“! ` Use „command ?“ a lot! (Find out about parameters) ` Unknown interesting command: Use google:
y site:cisco.com „command foo“ „12.1“ y site:cisco.com „command foo“ „2950“
` „term mon“ + „sh log“
Related Documents 3h463d
Cisco Ios For Dummies 6p6p2u
December 2019 50
Ios Cloud Development For Dummies 25524c
October 2021 0
Cisco Ios List 2n155b
November 2019 172
Converting Cisco Ios Configurations To Cisco Ios Xr Configurations 5v4346
April 2022 0
Cisco Ios Url Filtering 2d4o1b
July 2022 0
Cisco Ios Images For Dynamips - Gns3 2v1d70
November 2019 312More Documents from "Gary Lu" f1e19
Cisco Ios For Dummies 6p6p2u
December 2019 50
2nd Gen Mazda3 Mazdaspeed3 Workshop Manual (1) 93j4e
November 2019 277
At3 Fender Manual 2a4u1z
November 2019 137
Etap Electrical Tutorial Pdf 6n596x
October 2019 2,561
Native Instruments Controller Editor Manual English 4x21k
November 2019 106