Ch.3

1
Ch.3 Configuring a Router

• CCNA 1 version 3.0

2
Overview

• Students completing this module should be able
  to
• Name a router
• Set passwords
• Examine show commands
• Configure a serial interface
• Configure an Ethernet interface
• Execute changes to a router
• Save changes to a router
• Configure an interface description
• Configure a message-of-the-day banner
• Configure host tables
• Understand the importance of backups and
  documentation

3
CLI command modes

• Routerconfigure terminal
• Router(config)

4
Using exit, end and Control-Z
end
exit
5
Using exit, end and Control-Z

• Routergtena
• Routerconfigure terminal
• Enter configuration commands, one per line. End
  with CNTL/Z.
• Router(config)?
• Configure commands
• aaa Authentication,
  Authorization and Acc..
• access-list Add an access list
  entry
• alias Create command
  alias
• appletalk Appletalk global
  configuration commands
• arap Appletalk Remote
  Access Protocol
• arp Set a static ARP
  entry
• lttext omittedgt
•  
• Router(config)exit
• 000320 SYS-5-CONFIG_I Configured from
  console by con
• Router
• Router(config)interface interface
• Router(config-if)exit

Must be in privileged mode
Message each time you exit global configuration
mode
6
Using exit, end and Control-Z
Router conf t (abbreviated) Router(config)
router protocol Router(config-router)
(commands) Router(config-router)
exit Router(config) exit Router Router(config)
interface type port Router(config-if)
(commands) Router(config-if) end (or
Control-Z) Router
7
Configuring a router name

• Routerconfig t
• Router(config)hostname Tokyo
• Tokyo(config)

Lab 12-1 Command Mode and Router
Identification Page 244
8
Configuring router passwords
Not recommended, clear text
Encrypts the passwords above, but
Use this command instead, password is encryped
Router(config)enable secret ltpasswordgt
9
service password-encryption command

• WARNING
• service password-encryption uses a Cisco Level 7
  encryption which is very easy to decrypt.
• For the GetPass! software www.boson.com
• However, the enable secret ltpasswordgt uses a
  stronger encryption method and cannot be easily
  hacked.

10
enable secret ltpasswordgt command
Doesnt work for enable secret!

• More later!

Lab 12-2 Configuring Router Passwords. Page 247
11
Router Passwords Used in the Cisco Lab
Privilege Password cisco
Console password conpass
VTY 0 4 password vtypass
Auxiliary auxpass
12
Examining the show commands

• show interfaces Displays all the statistics for
  all the interfaces on the router. To view the
  statistics for a specific interface, enter the
  show interfaces command followed by the specific
  interface and port number.
• show controllers serial Displays
  information-specific to the interface hardware
• show clock Shows the time set in the router
• show hosts Displays a cached list of host names
  and addresses
• show users Displays all users who are connected
  to the router
• show history Displays a history of commands
  that have been entered
• show flash Displays information about flash
  memory and what IOS files are stored there
• show version Displays information about the
  router and the IOS that is running in RAM
• show ARP Displays the ARP table of the router
• show protocol Displays the global and interface
  specific status of any configured Layer 3
  protocols
• show startup-configuration Displays the saved
  configuration located in NVRAM
• show running-configuration Displays the
  configuration currently running in RAM

13
show interfaces ltinterfacegt command
MAC Address

• Routergtshow interface ethernet 0
• Ethernet0 is administratively down, line protocol
  is down , using hub 0
• Hardware is Lance, address is 0010.7b3a.cf84
  (bia 0010.7b3a.cf84)
• MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
  rely 255/255, load 1/255
• Encapsulation ARPA, loopback not set, keepalive
  set (10 sec)
• ARP type ARPA, ARP Timeout 040000
• Last input never, output 010535, output hang
  never
• Last clearing of "show interface" counters
  never
• Queueing strategy fifo
• Output queue 0/40, 0 drops input queue 0/75, 0
  drops
• 5 minute input rate 0 bits/sec, 0 packets/sec
• 5 minute output rate 0 bits/sec, 0 packets/sec
• 0 packets input, 0 bytes, 0 no buffer
• Received 0 broadcasts, 0 runts, 0 giants, 0
  throttles
• 0 input errors, 0 CRC, 0 frame, 0 overrun, 0
  ignored, 0 abort
• 0 input packets with dribble condition
  detected
• 63 packets output, 11676 bytes, 0 underruns
• 0 output errors, 0 collisions, 1 interface
  resets
• 0 babbles, 0 late collision, 0 deferred

Status
Routing metric information (later)
Data link encapsulation (Ethernet-II)
ARP cache entries timer
14
Examining the show commands

• We will log into a router and examine some of the
  show commands.

Lab 12-3 Using Router Show Commands, Page 251
15
Configuring a serial interface
Configuring an IP Address on an interface

• Router(config)interface serial 0/0
• Router(config-if)ip address ltip addressgt
  ltnetmaskgt

16
show ip interface command
Router show ip interface brief Interface
IP-Address OK? Method Status
Protocol Ethernet0 131.108.1.11 YES
manual up up Serial0
198.135.2.49 YES manual
administratively down down
What is wrong here? The administrator has either
done a shutdown on the interface or has
forgotten to do a no shutdown.

• A serial interface will not show up and up
  unless both ends are properly configured (mostly)
  and the no shutdown command is used.
• If one routers configuration looks okay, check
  the other routers configuration.

17
Configuring a serial interface
Lab
Real world

• On serial links that are directly interconnected,
  as in a lab environment, one side must be
  considered a DCE and provide a clocking signal.
• The clock is enabled and speed is specified with
  the clock rate command.
• Router(config)interface serial 0/0
• Router(config-if)clock rate 56000
• Router(config-if)no shutdown

18
Configuring a serial interface
RouterB DCE cable
RouterA DTE cable

• RouterB(config)inter serial 1
• RouterB(config-if)clock rate ?
• Speed (bits per second)
• 1200
• 2400
• 4800
• 9600
• 19200
• 38400
• 56000
• 64000
• lttext omittedgt
• 2000000
• 4000000
• lt300-4000000gt Choose clockrate from list
  above
• RouterB(config-if)clock rate 64000
• RouterB(config-if)

19
Configuring a serial interface
DTE Cable
DCE Cable

• How can you tell which end is the DTE and which
  end is the DCE?
• Look at the label on the cable.
• Look at the connecter between the two cables -
  The DTE cable will always be male and the DCE
  cable will always be female.

20
Configuring a serial interface
RouterB DCE cable
RouterA DTE cable

• RouterAshow controllers serial 0
• HD unit 0, idb 0xECA4C, driver structure at
  0xF1EC8
• buffer size 1524 HD unit 0, V.35 DTE cable
• cpb 0x62, eda 0x403C, cda 0x4050
• RX ring with 16 entries at 0x624000
• 00 bd_ptr0x4000 pak0x0F5704 ds0x62FFB8
  status80 pak_size22
• RouterBshow controllers serial 0
• buffer size 1524 HD unit 0, V.35 DCE cable,
  clockrate 64000
• cpb 0x62, eda 0x408C, cda 0x40A0
• RX ring with 16 entries at 0x624000
• 00 bd_ptr0x4000 pak0x0F2F04 ds0x627908
  status80 pak_size22

This is one of few commands where there must be a
space between the interface type and the port.

• How can you tell which end is the DTE and which
  end is the DCE?
• Use the show controllers command!
• It will also tell you the type of cable, in our
  labs we will be using a V.35 cable.

21
Configuring a serial interface
This end up! (The wider end is up.)

• Please be very careful when connecting the male
  and female V.35 cables together AND when
  connecting the serial cable to the router!
• They only connect ONE WAY!
• Be sure the two ends match!
• Dont force it!

Lab 12-4 Configuring a Serial Interface, Page
256
22
Configuring an Ethernet Interface
23
Interface descriptions

• RouterBshow inter e 0
• Serial0 is up, line protocol is up
• Hardware is HD64570
• Description Engineering LAN, Bldg. 18
• Internet address is 10.1.1.1/24

24
Interface descriptions

• Gateway(config)inter e 0
• Gateway(config-if)description LAN interface for
  Marketing
• Gateway(config-if)end
• Gateway
• Gatewayshow run
• Building configuration...
• lttext omittedgt
• !
• interface Ethernet0
• description LAN interface for Marketing
• no ip address
• no ip directed-broadcast
• shutdown
• lttext omittedgt
• Gatewayshow interface ethernet 0
• Ethernet0 is administratively down, line protocol
  is down
• Hardware is Lance, address is 0000.0c34.9ebb
  (bia 0000.0c34.9ebb)
• Description LAN interface for Marketing

Dont forget this or next time router reboots
these changes will be lost!
25
Configuring interface description
Lab 12-5 Configuring an Ethernet Interface,
Page 260
26
Importance of configuration standards

• In order to manage a network, there must be a
  centralized support standard.
• Configuration, security, performance, and other
  issues must be adequately addressed for the
  network to function smoothly.
• Creating standards for network consistency helps
  reduce network complexity, the amount of
  unplanned downtime, and exposure to events that
  may have an impact on network performance.

27
Executing adds, moves, and changes
running-config
startup-config
IOS
Bootup program
IOS (running)
ios (partial)
28
Executing adds, moves, and changes

• Routershow startup-config
• Non-volatile configuration memory is not
  present
• Routershow running-config
• Building configuration...
• Current configuration
• !
• version 12.0
• service timestamps debug uptime
• service timestamps log uptime
• no service password-encryption
• !
• hostname Router
• !
• ip subnet-zero
• !
• !
• interface Ethernet0

No startup-config file in NVRAM
Default running-config file, created in RAM
29
The running-config
Executing adds, moves, and changes
Routershow running-config Building
configuration... Current configuration ! version
12.0 service timestamps debug uptime service
timestamps log uptime no service
password-encryption ! hostname Router ! ip
subnet-zero ! interface Ethernet0 no ip address
no ip directed-broadcast shutdown

• The configuration file contains global, process,
  and interface information that directly affects
  the operation of the router and its interface
  ports.
• All changes to the router are made to the
  running-config file and take affect immediately
  on the router (with just a couple of exceptions).
• IP address
• Routing Protocols
• Routers Name
• etc.

30
copy running-config startup-config
During bootup
running-config
RAM
startup-config
Router copy running-config startup-config

• Changes to the router are automatically put in
  the running-config file.
• If the router loses power or reboots, everything
  in RAM is lost including the running-config file.
• To make sure the changes to the routers
  configuration remain saved, you must copy the
  running-config from RAM into the startup-config
  into NVRAM
• Router copy running-config startup-config

31
copy running-config startup-config

• Routercopy running-config startup-config
• Destination filename startup-config?
• Building configuration...
• Routershow startup-config
• !
• version 12.0
• service timestamps debug uptime
• service timestamps log uptime
• no service password-encryption
• !
• hostname Router
• !
• !
• ip subnet-zero
• !
• interface Ethernet0
• no ip address
• no ip directed-broadcast

The startup-config file now identical to
running-config and the router will also have
these changes if the router reboots.
32
copy running-config startup-config

• Router copy running-config startup-config
• Or
• Router copy running startup
• OR
• Router copy run start
• OR
• Any usage of the command or parameters, so that
  they are still uniquely recognizable.
• WARNING
• Using an incorrect configuration file name could
  overwrite the routers IOS in flash, as the
  router believes you are trying to copy a blank
  file into flash.
• Routercopy running-config start-up
• NOTICE
• Flash load helper v1.0
• This process will accept the copy options and
  then terminate
• the current system image to use the ROM based
  image for the copy.
• Routing functionality will not be available
  during that time.
• If you are logged in via telnet, this connection
  will terminate.
• Users with console access can see the results of
  the copy operation.

Incorrect file name!
Press ltcontrolgt C
33
copy running-config startup-config

• Router copy running-config startup-config
• Or
• Router copy running startup
• OR
• Router copy run start
• OR
• Any usage of the command or parameters, so that
  they are still uniquely recognizable.
• WARNING
• This is also incorrect, and will overwrite the
  startup-config with a blank file.
• Routercopy runningconfig startup-config
• Destination filename startup-config?
• ?Bad filename
• Router

Incorrect file name!
Press ltcontrolgt C
34
Displaying the config files
show running-config
show startup-config
1
These commands can only be done in privilege mode
because they display password information.
35
Executing adds, moves, and changes
Mistake Should be copy start run
36
Reinforcing What We Learned

• Lab 12-6 Making configuration Changes, Page 262
• Lab 12-7 Configuring Interface Descriptions,
  Page 266

37
Login banners and Configuring message-of-the-day
(MOTD)
Wording is not the same, but you get the idea.
38
Login banners and Configuring message-of-the-day
(MOTD)
Lab 12-8 Configuring Message of the Day, Page
269

• Router(config)hostname Gateway
• Gateway(config)
• Gateway(config)banner motd
• Enter TEXT message. End with the character ''.
• Warning!
• Stay away!
• Gateway(config)end
• Gatewayexit
• Press RETURN to get started.
• Warning!
• Stay away!
• User Access Verification
• Password
• Gatewayshow run
• Building configuration...
• lttext omittedgt

Prompt changes
MOTD (Message Of The Day)
Delimiter always shows as C
39
Host name resolution

• Router ping 172.16.32.1
• Router ping Auckland
• Router telnet 192.168.53.1
• Router telnet Beirut
• Router traceroute 192.168.89.1
• Router traceroute Capetown

• The Cisco IOS software maintains a cache of host
  name-to-address mappings for use by EXEC
  commands.
• This cache speeds up the process of converting
  names to addresses.
• Host names, unlike DNS names, are significant
  only on the router on which they are configured.
  (DNS is also an option later)

40
Host name resolution
Configuring Multiple IP Addresses
Router(config) ip host SantaCruz 172.16.32.1
192.168.53.1

• This does not make the router a DNS (Domain Name
  Server).
• This command does not turn your router into a DNS
  server.
• This command does not effect packets entering
  your router to be routed.
• This only affects the IOS commands entered at the
  router prompt.
• Multiple ip addresses can be entered in case one
  interface is down.
• It is usually a good idea to use the same list of
  names on all your router configs.

41
Configuring host tables
42
Router(config) ip domain-lookup Routerwreh Trans
lating "wreh"...domain server (255.255.255.255)
(Takes a few seconds) Translating
"wreh"...domain server (255.255.255.255) (Takes a
few seconds) Router(config) no ip
domain-lookup Routerwreh Translating "wreh"
Unknown command or computer name, or unable to
find computer address

• If you are not using the services of a DNS
  server, it is best to disable this process.
• DNS (Domain Name Service) is enabled by default
  with a server address of 255.255.255.255, which
  is a local broadcast.
• If enabled, with no DNS server on the network,
  may cause a slight, but irritable delay when
  making typing mistakes.
• Lab 12-9 Configuring Host Tables, Page 271

43
Configuration backup and documentation

• Configuration files should be stored as backup
  files in the event of a problem.
• Configuration files can be stored on a network
  server, on a TFTP server, or on a disk stored in
  a safe place.

44
Copying, editing, and pasting configurations

• A TFTP server will allow image and configuration
  uploads and downloads over the network.
• The TFTP server can be another router, or it can
  be a host system.

45
Copying, editing, and pasting configurations

• The TFTP host can be any system that has TFTP
  software loaded and operating and able to receive
  files from the TCP/IP network.

46
Copying, editing, and pasting configurations
startup-config
running-config
IOS
RAM
IOS (running)
copy flash tftp
copy tftp flash
copy startup-config tftp
copy tftp startup-config
copy running-config tftp
copy tftp running-config
47
Copying, editing, and pasting configurations

• Troubleshooting Be sure you can ping the TFTP
  server.

48
TFTP Software and Servers
Router copy flash tftp

• When using Windows, the TFTP server software must
  be running.
• The copy can be performed from the console port
  or from a telnet session.
• The telnet session can be performed on the same
  computer where the TFTP server is running (or to
  a different computer).

49
TFTP Software and Servers

• TFTP software either comes free with the OS
  (Linux/Unix) or can be downloaded for free.

50
TFTP Software and Servers

• Just double click on the shortcut
• Remember, TFTP is Trivial FTP
• No authentication
• No login
• No choice for directory
• Uses UDP and verified via a TFTP checksum (not
  TCP ACKs)
• Managing Configuration Files with TFTP, Page 323

51
Summary (1/2)

• The router has several modes
• User EXEC mode
• Privileged EXEC mode
• Global configuration mode
• Other configuration modes
• The command-line interface may be used to make
  changes to the configuration
• Setting the hostname
• Setting passwords
• Configuring interfaces
• Modifying configurations
• Showing configurations

52
Summary (2/2)

• An understanding of the following key points
  should have been achieved
• Configuration standards are key elements in the
  success of any organization maintaining an
  efficient network.
• Interface descriptions can include important
  information to help network administrators
  understand and troubleshoot their networks.
• Login banners and messages-of-the-day provide
  users with information upon login to the router.
• Host name resolutions translate names to IP
  addresses to allow the router to quickly convert
  names to addresses.
• Configuration backup and documentation is
  extremely important to keep a network operating
  smoothly.