Senior Acquisitions Editor: Kenyon Brown Development Editor: Kim Wimpsett
copy running-config startup-config
Yüklə 22,5 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Deleting the Configuration and Reloading the Device
- Verifying Your Configuration
- Verifying with the show interface Command
- Auto-duplex, Auto Speed, 100BaseTX/FX
- 0 output errors, 0 collisions
|
copy running-config startup-config Destination filename [startup-config]? [ press enter] Building configuration... [OK] Todd#
Building configuration... When you see a question with an answer in [] , it means that if you just press Enter, you’re choosing the default answer. Also, when the command asks for the destination filename, the default answer is startup-config. The reason it asks is because you can copy the configuration to pretty much anywhere you want. Take a look at the output from my switch: Todd#
copy running-config ? flash: Copy to flash: file system ftp: Copy to ftp: file system http: Copy to http: file system https: Copy to https: file system null: Copy to null: file system nvram: Copy to nvram: file system rcp: Copy to rcp: file system running-config Update (merge with) current system configuration scp: Copy to scp: file system startup-config Copy to startup configuration syslog: Copy to syslog: file system system: Copy to system: file system tftp: Copy to tftp: file system tmpsys: Copy to tmpsys: file system vb: Copy to vb: file system To reassure you, we’ll get deeper into how and where to copy files in Chapter 7. For now, you can view the files by typing
or
show startup-config from privileged mode. The sh run command, which is a shortcut for show
running-config , tells us that we’re viewing the current configuration: Todd#
Building configuration... Current configuration : 855 bytes ! ! Last configuration change at 23:20:06 UTC Mon Mar 1 1993 ! version 15.0 [output cut] The
sh start command—one of the shortcuts for the show startup- config
command—shows us the configuration that will be used the next time the router is reloaded. It also tells us how much NVRAM is being used to store the startup-config file. Here’s an example: Todd#
sh start Using 855 out of 524288 bytes ! ! Last configuration change at 23:20:06 UTC Mon Mar 1 1993 ! version 15.0 [output cut] But beware—if you try and view the configuration and see Todd#
startup-config is not present you have not saved your running-config to NVRAM, or you’ve deleted the backup configuration! Let me talk about just how you would do that now. Deleting the Configuration and Reloading the Device You can delete the startup-config file by using the erase startup-config command:
Todd# erase start % Incomplete command. First, notice that you can no longer use the shortcut commands for erasing the backup configuration. This started in IOS 12.4 with the ISR routers. Todd#
erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK]
Erase of nvram: complete Todd#
*Mar 5 01:59:45.206: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram Todd#
Proceed with reload? [confirm] Now if you reload or power the router down after using the erase
startup- config command, you’ll be offered setup mode because there’s no configuration saved in NVRAM. You can press Ctrl+C to exit setup mode at any time, but the reload
command can only be used from privileged mode. At this point, you shouldn’t use setup mode to configure your router. So just say no to setup mode, because it’s there to help people who don’t know how to use the command line interface (CLI), and this no longer applies to you. Be strong—you can do it! Verifying Your Configuration Obviously, show running-config would be the best way to verify your configuration and show startup-config would be the best way to verify the configuration that’ll be used the next time the router is reloaded— right? Well, once you take a look at the running-config, if all appears well, you can verify your configuration with utilities like Ping and Telnet. Ping is a program that uses ICMP echo requests and replies, which we covered in Chapter 3. For review, Ping sends a packet to a remote host, and if that host responds, you know that it’s alive. But you don’t know if it’s alive and also well; just because you can ping a Microsoft server does not mean you can log in! Even so, Ping is an awesome starting point for troubleshooting an internetwork. Did you know that you can ping with different protocols? You can, and you can test this by typing
at either the router user-mode or privileged-mode prompt: Todd#
ping ? WORD Ping destination address or hostname clns CLNS echo ip IP echo ipv6 IPv6 echo tag Tag encapsulated IP echo If you want to find a neighbor’s Network layer address, either you go straight to the router or switch itself or you can type
to get the Network layer addresses you need for pinging. You can also use an extended ping to change the default variables, as shown here: Todd#
Protocol [ip]: Target IP address:
Repeat count [5]: % A decimal number between 1 and 2147483647. Repeat count [5]: 5000 Datagram size [100]: % A decimal number between 36 and 18024. Datagram size [100]: 1500 Timeout in seconds [2]: Extended commands [n]:
Source address or interface: FastEthernet 0/1 Source address or interface: Vlan 1 Type of service [0]: Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 5000, 1500-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 10.10.10.1 Notice that by using the question mark, I was able to determine that extended ping allows you to set the repeat count higher than the default of 5 and the datagram size larger. This raises the MTU and allows for a more accurate testing of throughput. The source interface is one last important piece of information I’ll pull out of the output. You can choose which interface the ping is sourced from, which is really helpful in certain diagnostic situations. Using my switch to display the extended ping capabilities, I had to use my only routed port, which is named VLAN 1, by default.
However, if you want to use a different diagnostic port, you can create a logical interface called a loopback interface as so: Todd(config)#
Todd(config)# interface loopback 0 *May 19 03:06:42.697: %LINEPROTO-5-UPDOWN: Line prot changed state to ups Todd(config-if)# ip address 20.20.20.1 255.255.255.0 Now I can use this port for diagnostics, and even as my source port of my ping or traceroute, as so: Todd#
ping Protocol [ip]: Target IP address: 10.1.1.1 Repeat count [5]: Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: y Source address or interface: 20.20.20.1 Type of service [0]: Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: Packet sent with a source address of 20.20.20.1 The logical interface are great for diagnostics and for using them in our
home labs where we don’t have any real interfaces to play with, but we’ll also use them in our OSPF configurations in ICND2. Cisco Discovery Protocol (CDP) is covered in Chapter 7. Traceroute uses ICMP with IP time to live (TTL) time-outs to track the path a given packet takes through an internetwork. This is in contrast to Ping, which just finds the host and responds. Traceroute can also be used with multiple protocols. Check out this output: Todd#
traceroute ? WORD Trace route to destination address or hostname aaa Define trace options for AAA events/actions/errors appletalk AppleTalk Trace clns ISO CLNS Trace ip IP Trace ipv6 IPv6 Trace ipx IPX Trace mac Trace Layer2 path between 2 endpoints oldvines Vines Trace (Cisco) vines Vines Trace (Banyan)
And as with ping, we can perform an extended traceroute using additional parameters, typically used to change the source interface: Todd#
traceroute Protocol [ip]: Target IP address:
Source address: 172.16.10.1 Numeric display [n]: Timeout in seconds [3]: Probe count [3]: Minimum Time to Live [1]:
Maximum Time to Live [30]: Type escape sequence to abort. Tracing the route to 10.1.1.1 Telnet, FTP, and HTTP are really the best tools because they use IP at the Network layer and TCP at the Transport layer to create a session with a remote host. If you can telnet, ftp, or http into a device, you know that your IP connectivity just has to be solid! Todd#
WORD IP address or hostname of a remote system Todd#
telnet 10.1.1.1 When you telnet into a remote device, you won't see console messages by default. For example, you will not see debugging output. To allow console messages to be sent to your Telnet session, use the terminal monitor command, as shown on the SF router. SF#
terminal monitor From the switch or router prompt, you just type a hostname or IP address and it will assume you want to telnet—you don’t need to type the actual command, telnet .
Verifying with the show interface Command Another way to verify your configuration is by typing show interface commands, the first of which is the show interface ? command. Doing this will reveal all the available interfaces to verify and configure. The
show interfaces command, plural, displays the configurable parameters and statistics of all interfaces on a router. This command comes in really handy when you’re verifying and troubleshooting router and network issues. The following output is from my freshly erased and rebooted 2811 router: Router#
Async Async interface BVI Bridge-Group Virtual Interface CDMA-Ix CDMA Ix interface CTunnel CTunnel interface Dialer Dialer interface FastEthernet FastEthernet IEEE 802.3 Loopback Loopback interface MFR Multilink Frame Relay bundle interface Multilink Multilink-group interface Null Null interface Port-channel Ethernet Channel of interfaces Serial Serial
Tunnel Tunnel interface Vif PGM Multicast Host interface Virtual-PPP Virtual PPP interface Virtual-Template Virtual Template interface Virtual-TokenRing Virtual TokenRing accounting Show interface accounting counters Show interface counters crb Show interface routing/bridging info dampening Show interface dampening info description Show interface description etherchannel Show interface etherchannel information irb Show interface routing/bridging info mac-accounting Show interface MAC accounting info mpls-exp Show interface MPLS experimental accounting info precedence Show interface precedence accounting info pruning Show interface trunk VTP pruning information rate-limit Show interface rate-limit info status Show interface line status summary Show interface summary switching Show interface switching switchport Show interface switchport information trunk Show interface trunk information | Output modifiers The only “real” physical interfaces are FastEthernet, Serial, and Async— the rest are all logical interfaces or commands you can use to verify with. The next command is show interface fastethernet 0/0 . It reveals the hardware address, logical address, and encapsulation method as well as statistics on collisions, as seen here: Router#
Hardware is MV96340 Ethernet, address is 001a.2f55.c9e8 (bia 001a.2f55.c9e8)
reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Auto-duplex, Auto Speed, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output 00:02:07, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 16 packets output, 960 bytes, 0 underruns
0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Router# You probably guessed that we’re going to go over the important statistics from this output, but first, just for fun, I’ve got to ask you, which subnet is FastEthernet 0/0 a member of and what’s the broadcast address and valid host range? I’m serious—you really have to be able to nail these things NASCAR-fast! Just in case you didn’t, the address is 192.168.1.33/27. And I’ve gotta be honest—if you don’t know what a /27 is at this point, you’ll need a miracle to pass the exam! That or you need to actually read this book. (As a quick reminder, a /27 is 255.255.255.224.) The fourth octet is a block size of 32. The subnets are 0, 32, 64, etc.; the FastEthernet interface is in the 32 subnet; the broadcast address is 63; and the valid hosts are 33–62. All good now? If you struggled with any of this, please save yourself from certain doom and get yourself back into Chapter 4, “Easy Subnetting,” now! Read and reread it until you’ve got it dialed in! Okay—back to the output. The preceding interface is working and looks to be in good shape. The show interfaces command will show you if you’re receiving errors on the interface, and it will also show you the maximum transmission unit (MTU). MTU is the maximum packet size allowed to transmit on that interface, bandwidth (BW) is for use with routing protocols, and 255/255 means that reliability is perfect! The load is 1/255, meaning no load. Continuing through the output, can you figure out the bandwidth of the interface? Well, other than the easy giveaway of the interface being called a “FastEthernet” interface, we can see that the bandwidth is 100000 Kbit, which is 100,000,000. Kbit means to add three zeros, which is 100 Mbits per second, or FastEthernet. Gigabit would be 1000000 Kbits per second. Be sure you don’t miss the output errors and collisions, which show 0 in my output. If these numbers are increasing, then you have some sort of Physical or Data Link layer issue. Check your duplex! If you have one side as half-duplex and one at full-duplex, your interface will work, albeit really slow and those numbers will be increasing fast! The most important statistic of the show interface command is the output of the line and Data Link protocol status. If the output reveals that FastEthernet 0/0 is up and the line protocol is up, then the interface is up and running: Router#
sh int fa0/0 FastEthernet0/0 is up, line protocol is up The first parameter refers to the Physical layer, and it’s up when it receives carrier detect. The second parameter refers to the Data Link layer, and it looks for keepalives from the connecting end. Keepalives are important because they’re used between devices to make sure connectivity hasn’t been dropped. Here’s an example of where your problem will often be found—on serial interfaces: Router#
sh int s0/0/0 Serial0/0 is up, line protocol is down If you see that the line is up but the protocol is down, as displayed here, you’re experiencing a clocking (keepalive) or framing problem—possibly an encapsulation mismatch. Check the keepalives on both ends to make sure they match. Make sure that the clock rate is set, if needed, and that the encapsulation type is equal on both ends. The preceding output tells us that there’s a Data Link layer problem. If you discover that both the line interface and the protocol are down, it’s a cable or interface problem. The following output would indicate a Physical layer problem: Router#
sh int s0/0/0 Serial0/0 is down, line protocol is down As you’ll see next, if one end is administratively shut down, the remote end would present as down and down: Router#
Serial0/0 is administratively down, line protocol is down To enable the interface, use the command no shutdown from interface configuration mode. The next show interface serial 0/0/0 command demonstrates the serial line and the maximum transmission unit (MTU)—1,500 bytes by default. It also shows the default bandwidth (BW) on all Cisco serial links, which is 1.544 Kbps. This is used to determine the bandwidth of the line for routing protocols like EIGRP and OSPF. Another important configuration to notice is the keepalive, which is 10 seconds by default. Each router sends a keepalive message to its neighbor every 10 seconds, and if both routers aren’t configured for the same keepalive time, it won’t work! Check out this output: Router#
sh int s0/0/0 Serial0/0 is up, line protocol is up Hardware is HD64570
Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input never, output never, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 16 interface resets 0 output buffer failures, 0 output buffers swapped out DCD=down DSR=down DTR=down RTS=down CTS=down You can clear the counters on the interface by typing the command
: Router# clear counters ? Async Async interface BVI Bridge-Group Virtual Interface CTunnel CTunnel interface Dialer Dialer interface FastEthernet FastEthernet IEEE 802.3 Group-Async Async Group interface Line Terminal line Loopback Loopback interface MFR Multilink Frame Relay bundle interface Multilink Multilink-group interface Null Null interface Serial Serial Tunnel Tunnel interface Vif PGM Multicast Host interface Virtual-Template Virtual Template interface Virtual-TokenRing Virtual TokenRing Router#
clear counters s0/0/0 Clear "show interface" counters on this interface [confirm]
Router#
00:17:35: %CLEAR-5-COUNTERS: Clear counter on interface Serial0/0/0 by console Router#
Let’s take a look at the output of the show interfaces command one more time before I move on. There are some statistics in this output that are important for the Cisco objectives. 275496 packets input, 35226811 bytes, 0 no buffer Received 69748 broadcasts (58822 multicasts) Yüklə 22,5 Mb. Dostları ilə paylaş:
|