Basic Router Configuration Commands Pdf

admin

Task 2: Perform Basic Router Configurations Configure the R1, R2, and ISP routers according to the following guidelines:. Configure the device hostname. Disable DNS lookup. Configure a privileged EXEC mode password. Configure a message-of-the-day banner. Configure a password for the console connections. EINTE Lab1 Report.pdf - Lab 1 A BASIC DEVICE CONFIGURATION Addressing scheme Output of theu200b show ip routeu200b command for each router R1 Codes C. OSPF DATABASE Output of the show ip ospf database command: OSPF Router with ID (192.168.0.5) (Process ID 5).

In order to help us complete the basic configuration of our Cisco routers, this lesson introduces the use of configuration modes, and how they interact to help us configure the router from the command-line interface (CLI). We will see configuration examples for basic interface components including IP addresses and then an overview of the show commands to verify proper configuration and operations.

Overview of Router Modes

The first step in configuring a router is to be located at privileged mode. Remember, exact modes have two sublevels: user and privileged. You go from user to privilege using the enable command and then from there you can only do monitoring and maintenance commands. If you want to configure, you have to go into global configuration mode at least, and you can accomplish that by typing configure terminal. That changes you to a different mode and the commands that you will have available are going to be different.

While in global configuration mode, anything you configure in that particular mode will affect the router as a whole typically, for example, the router’s host name and passwords and banners. If you want to configure specific components, then you would have to go into that components configuration mode from global configuration.

Router con0 is now available

Press RETURN to get started.

Basic Router Configuration Commands Pdf

Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#
Router(config)#hostname Branch
Branch(config)#^Z
Branch#
*Feb 4 20:09:54.192: %SYS-5-CONFIG_I: Configured from console by console
Branch#

Interface configuration mode requires a command from global config and then the prompt changes to tell you that you are in a different configuration mode. This is similar for sub-interfaces, controllers, access lines and routing protocols. If you want to navigate back and forth between modes, exit takes you one mode back and Ctrl+Z takes you all the way back to privileged EXEC mode with no regards to your location. If you want to navigate between second level configuration modes, then you can do so without having to go back to global configuration mode.

Saving Configuration

The configuration process is typically ongoing and incremental. Administrators may even start the process by cutting text from configuration files and pasting it into the command-line interface. After that, they gradually configure different functions and different components of the router. During change management, new configurations and sections may appear. At all times, for every line that I type into or copy into the command-line interface and hit Enter, that configuration command is going to be active and available in the running configuration. If I boot up the router at that point, I will lose my configurations if I do not save them into the nonvolatile memory. This is again what is called the startup configuration. This command will help you save those configurations into NVRAM and it is recommended to use it frequently, especially during change management.

Branch#copy running-config startup-config
Destination filename [startup-config]?
Building configuration..
[OK]
Branch#

Or:

Branch#write memory
Building configuration..
[OK]

Configuring Router Identification

Accurate and effective documentation in sign posting is always a good practice. Router configuration is no exception and so here we see some commands that will allow you to document your settings and provide visual aids to identify certain components. For example, the host name of the router will be used as your router prompt.

At the command-line interface, the first word you see is the host name. For users connecting to the router, a good banner when they log in or when they access via any of the access lines will be an effective tool to convey the message of policies, access times, or support information. In configuring and changing the router configuration, it is probably important to provide descriptions to different components and so you will have a description command in interface configuration mode that allows you to then identify the interface when you use the show commands.

Console-Line Commands

Another important function in configuring the router is security and access control. The first command there could mitigate the exposure caused by lack of physical security. If someone accesses the console, and they suddenly leave, someone else could come in and use that session to their advantage: view the configurations, view the passwords, or even change them. The exec-timeout command allows you to set up a time out for command-line interface shells. In example, the console connection will time out and relogin the users after 20 minutes and 30 seconds.

Branch(config)#
Branch(config)#line vty 0 4
Branch(config-line)#exec-timeout ?
<0-35791> Timeout in minutes

Branch(config-line)#exec-timeout 20 ?
<0-2147483> Timeout in seconds
<cr>

Branch(config-line)#exec-timeout 20 30 ?
<cr>

Branch(config-line)#exec-timeout 20 30

Some other times you may want to prevent a denial of service attack that we inflict on ourselves. For example, when you are troubleshooting a router, you may enable a good number of messages to be displayed on the console, so that you can see what is going on. Well, that may prevent you from typing commands to fix a problem and so logging synchronous is a command that allows us to redisplay the interrupted console input after a message has been displayed. In other words, I am typing, a message is displayed, well the command I was typing is redisplayed on the screen, so I can follow up and continue typing and fixing the problems.

Branch(config-line)#logging synchronous
Branch(config-line)#end
Branch#wr
Building configuration..
[OK]
Branch#

Configuring an Interface

Interfaces are the door to other networks and are one of the things that makes the router a router, the device capable of connecting multiple segments, so their configuration is going to be critical. You can configure interfaces by going into the interface configuration mode, and you do this by typing the command interface and then the interface identifier.

Typically, the interface identifier will depend on the type of router we have and so there are some fixed configuration routers that will simply have Ethernet 0 as an example or Serial 0 as another example. In modular routers, the interface identifier depends on the location of the interface in terms of the various slots and modules in the router chassis. At that point, you would identify the interface with a number and the number is going to be a slot followed by a / followed by a port, and so if the interface I want to accesses is on slot 1 and it is port number 3, then it would be 1/3.

Configuring an Interface Description

It is very important to be able to identify quickly the various components of our configuration. Interface names and numbers are sometimes not too pneumonic or suitable to remember what they are all about. It will be better to know an interface by calling it interface 2 branch 1 than by calling it as 00.

So good description will come handy; it will improve your documentation and will be very effective in troubleshooting. That is the command to assign an interface, a description, and as you can imagine, it is an interface configuration mode command.

Disabling or Enabling an Interface

Interfaces have multiple statuses, and they relate to layers 1 and 2 in the display of our commands. For example, if I do show IP interfaces brief, the output of that command will display the layer 1 status and layer 2 status. One possible status is down and this could happen due to lack of service or signal on a certain interface or due to misconfigurations.

At some point, during troubleshooting or during change management, administrators may want to bring the interface down administratively. These commands show how to do it. The shut down command in interface configuration mode disables the interface, while the no version of the same command will enable the interface. The no keyword is valid for several commands, not only this one, and allows you to negate or revert the action of a certain command.

Configuring IP Address

IP addresses are the building block to IP communications. In a router, any active IP interface will require an IP address. Setting the IP address includes setting of the address itself plus the mask. The mask tells the router how to read the IP address and understand in terms of networks and hosts. Following proper design guidelines you should reach a consensus in terms of how IP addresses are going to be allocated and assigned to different segments and hosts in the network.

In routers, again, all interfaces that transport IP will need one; this also helps the router in defining the topology of the directly connected networks and be able to advertise those networks to other devices via routing protocols. The router’s IP addresses will also sometimes serve as a default gateway to configure on other devices and hosts.

Branch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Branch(config)#interface fa0/0
Branch(config-if)#ip address 192.168.10.1 255.255.255.0
Branch(config-if)#description ### LAN ###
Branch(config-if)#no shutdown
Branch(config-if)#
*Feb 4 20:21:05.434: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Feb 4 20:21:06.435: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Branch(config-if)#
Branch(config-if)#exi
Branch(config)#int fa0/1
Branch(config-if)#ip address 10.1.5.2 255.255.255.252
Branch(config-if)#description ### Internet ###
Branch(config-if)#no shu
*Feb 4 20:22:32.896: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Feb 4 20:22:33.899: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Branch(config-if)#end
Branch#
Branch#wr
Building configuration..
[OK]
Branch#

Basic Router Configuration Commands List

Router show interface Command

Multiple commands are available to verify your configuration; show interfaces is perhaps one of the commands that displays the most information in its output. The basic version of the command will actually display the MAC addresses and IP addresses as well as valuable statistics in terms of number received and transmitted packets and put an output rates and layer 1 and layer 2 counters. Do yourself a favour and try to memorize the following two very useful and important commands!

Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 10.1.5.2 YES manual up up
Interface Status Protocol Description
Fa0/1 up up ### Internet ###
Branch#

Interpreting the Interface Status

The first line of our show interfaces command is the actual status of the interface, and again this is broken into two different statuses, one per layer. The first status is layer 1, the second status is layer 2, and so you can see here some of the combinations that will represent a different overall status of the interface.

Router#sh int fa 0
FastEthernet0 is up, line protocol is up
Hardware is PQ3_TSEC, address is 0021.a09d.1b6c (bia 0021.a09d.1b6c)
Description: ### PROVIDER ###
Internet address is 192.168.0.65/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of 'show interface' counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 39
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 1 packets/sec
5 minute output rate 1000 bits/sec, 1 packets/sec
491094 packets input, 487489009 bytes
Received 245 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
386363 packets output, 74996232 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out

Basic Router Configuration Commands Pdf

If both components are up, then status is operational. If the physical layer is up, but the data link layer is down, then there may be a connection problem related to say Ethernet. In the case of serial interfaces, this may be an indication of lack of keepalives or mismatched encapsulation types. If both statuses are down, then that probably means that there is no cable attached to the port. Finally, when you shut down the interface, it will show as administratively down.

Navigating the CLI

Let's review the navigation tools and some of the commands that may come handy. We know that here at privileged mode, we can go into global configuration by doing the config T, and then from there, to further other configuration modes like interface configuration mode, like that, for that particular interface. Now from here, we cannot do show commands initially because those belong to the EXEC mode and we are in interface configuration mode. So, if I do things like show ip int brief from here, it says no, you can’t because it is not available in this mode. Well, I can always use a do version of the command. Do will invoke commands that belong to EXEC mode. And so, if I do that, then it displays the output of the show IP interface brief while I am still at the interface configuration mode. Now, if I wanted to navigate and move back and forth, I can use the exit command to go back one level or one section. If I go back to interface configuration mode, though, and want to go all the way back into the EXEC mode, I can do Ctrl-Z, and then that is going to do it. Another command that may come handy is how to break, or abort, certain things. For example, the default behavior if I type an unknown command is to look up that word via DNS and try to resolve it to an IP address and Telnet to it. All that may take a little time. So, if I do that and start looking it up, I can use the keywords to abort, which are Ctrl-Shift-6, and that thing aborts certain commands like this translation, and also ping and trace for testing. And that is going to come handy if you do not want to waste your time here. Useful stuff. Let's move on.

Router#
Router#
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int fa 0
Router(config-if)#
Router(config-if)#sh ip int brie
^
% Invalid input detected at '^' marker.
Router(config-if)#do sh ip int brie
Interface IP-Address OK? Method Status Protocol
BRI0 unassigned YES NVRAM administratively down down
BRI0:1 unassigned YES unset administratively down down
BRI0:2 unassigned YES unset administratively down down
FastEthernet0 192.168.0.65 YES NVRAM up up
FastEthernet1 unassigned YES NVRAM administratively down down
FastEthernet2 unassigned YES unset down down
FastEthernet3 unassigned YES unset down down
FastEthernet4 unassigned YES unset up down
FastEthernet5 unassigned YES unset up down
FastEthernet6 unassigned YES unset up up
FastEthernet7 unassigned YES unset up up
FastEthernet8 unassigned YES unset up up
FastEthernet9 unassigned YES unset down down
NVI0 192.168.0.65 YES unset up up
Tunnel1 10.10.1.65 YES NVRAM up up
Tunnel2 10.10.2.65 YES NVRAM up up
Vlan1 192.168.65.192 YES NVRAM up up
Router(config-if)#
Router(config-if)#exi
Router(config)#
Router(config)#
Router(config)#int fa 0
Router(config-if)#
Router(config-if)#^Z
Router#
Router#unknown
Translating 'unknown'
Translating 'unknown'
% Bad IP address or host name
% Unknown command or computer name, or unable to find computer address
Router#

This tutorial explains basic switch configuration commands in detail with examples. Configuration and commands explained in this tutorial are essential commands to manage a Cisco switch effectively. Learn how to configure and manage a Cisco Switch step by step with this basic switch commands and configuration guide.

To explain basic switch configuration commands, I will use packet tracer network simulator software. You can use any network simulator software or can use a real Cisco switch to follow this guide. There is no difference in output as long as your selected software contains the commands explained in this tutorial.

Create a practice lab as shown in following figure or download this pre-created practice lab and load in packet tracer

If require, you can download the latest as well as earlier version of Packet Tracer from here. Download Packet Tracer

In this topology

  • Two 2960 Series switches are used.
  • Switch1 (Interfarce Gig1/1) is connected with Switch2 (Interface Gig1/1) via cross cable.
  • Switch1 has two PCs connected on interfaces Eth0/1 and Eth0/2 via straight through cable.
  • Same as switch1, Switch2 also has two PCs connected on its interfaces Eth0/1 and Eth0/2.
  • IP address is configured on all PCs PC0 (192.168.1.1/24), PC1 (192.168.1.2/24), PC2 (192.168.1.3/24), PC3 (192.168.1.4/24).

Click Switch1 and click CLI menu item and press Enter Key

Navigating between different switch command modes

Cisco switches run on proprietary OS known as Cisco IOS. IOS is a group of commands used for monitoring, configuring and maintaining cisco devices. For security and easy administration, IOS commands are divided in the set of different command modes. Each command mode has its own set of commands. Which commands are available to use, depend upon the mode we are in.

Following table lists necessary commands to navigate between different IOS modes with examples.

Mode Purpose Prompt Command to enter Command to exit
User EXEC Allow you to connect with remote devices, perform basic tests, temporary change terminal setting and list system information Router > Default mode after booting. Login with password, if configured. Use exit command
Privileged EXEC Allow you to set operating parameters. It also includes high level testing and list commands like show, copy and debug. Router # Use enable command from user exec mode Use exit command
Global Configuration Contain commands those affect the entire system Router(config)# Use configure terminal command from privileged exec mode Use exit command
Interface Configuration Contain commands those modify the operation of an interface Router(config-if)# Use interface type number command from global configuration mode Use exit command to return in global configuration mode
Sub-Interface Configuration Configure or modify the virtual interface created from physical interface Router(config-subif) Use interface type sub interface number command from global configuration mode or interface configure mode Use exit to return in previous mode. Use end command to return in privileged exec mode.
Setup Used by router to create initial configuration, if running configuration is not present Parameter[Parameter value]: Router will automatically insert in this mode if running configuration is not present Press CTRL+C to abort. Type Yes to save configuration, or No to exit without saving when asked in the end of setup.
ROMMON If router automatically enter in this mode, then it indicates that it fails to locate a valid IOS image. Manual entrance in this mode Allow you to perform low-level diagnostics. ROMMON> Enter reload command from privileged exec mode. Press CTRL + C key combination during the first 60 seconds of booting process Use exit command.

How to get help on Cisco Switch command mode

Switch provides two types of context sensitive help, word help and command syntax help.

Word help

Word help is used to get a list of available commands that begin with a specific letter. For example if we know that our command begins with letter e, we can hit enter key after typing e? at command prompt. It will list all possible commands that begin with letter e.

We can list all available commands, if we don't know the initials of our command. For example to list all available commands at User exec mode, just type ? at command prompt and hit enter key.

Command syntax help

Command syntax help can be used to get the list of keyword, commands, or parameters that are available starting with the keywords that we had already entered. Enter ? (Question mark) after hitting Space key and prompt will return with the list of available command options. For example to know the parameters required by show ip command type show ip ? and prompt will return with all associate parameters. If prompt returns with <CR> only as an option, that means switch does not need any additional parameters to complete the command. You can execute the command in current condition.

How to set name on switch

Basic Router Configuration Commands Pdf

Switch name can be set from global configuration mode. Use hostname [desired hostname] command to set name on switch.

How to set password on a Catalyst switch

Passwords are used to restrict physical access to switch. Cisco switch supports console line for local login and VTYs for remote login. All supported lines need be secure for User Exec mode. For example if you have secured VTYs line leaving console line unsecure, an intruder can take advantage of this situation in connecting with device. Once you are connected with device, all remaining authentication are same. No separate configuration is required for further modes.

Password can be set from their respective line mode. Enter in line mode from global configuration mode.

VTY term stand for virtual terminal such as telnet or SSH. Switch may support up to thousand VTYs lines. By default first five (0 - 4) lines are enabled. If we need more lines, we have to enable them manually. 2960 Series switch supports 16 lines. We can set a separate password for each line, for that we have to specify the number of line. In our example we set a common password for all lines.

Above method is good for small companies, where numbers of network administrators are very few. In above method we have to share password between all administrators. Switch supports both local and remote server authentication. Remote server authentication is a complex process and not included in any entry level exams. For this article I am also skipping remote server method. In local database authentication method switch allows us to set a separate password for each user. Two global configuration commands are used to set local user database.

Both commands do same job. Advantage of using secret option over password option is that in secret option password is stored in MD5 encryption format while in password option password is stored in plain text format.

Along with User Exec mode we can also secure Privilege Exec mode. Two commands are available for it.

Again as I mentioned earlier, password stored with secret command is encrypted while password stored with password command remains in plain text. You only need to use single command. If you would use both commands as I did, enable secret command would automatically replace the enable password command.

How to reset switch to factory defaults

During the practice several times we have to reset switch to factory defaults. Make sure you don't run following commands in production environment unless you understand their effect clearly. Following commands will erase all configurations. In production environment you should always takes backup before removing configurations. In LAB environment we can skip backup process.

How to set IP address in Switch

IP address is the address of device in network. Switch allows us to set IP address on interface level. IP address assigned on interface is used to manage that particular interface. To manage entire switch we have to assign IP address to VLAN1( Default VLAN of switch). We also have to set default gateway IP address from global configuration mode. In following example we would assign IP 172.16.10.2 255.255.255.0 to VLAN1 and set default gateway to 172.16.10.1.

How to set interface description

Switches have several interfaces. Adding description to interface is a good habit. It may help you in finding correct interface. In following example we would add description Development VLAN to interface FastEthernet 0/1.

How to clear mac address table

Basic Router Configuration Commands Pdf

Switch stores MAC addresses in MAC address table. Gradually it could be full. Once it full, switch automatically starts removing old entries. You can also clear these tables manually from privileged exec mode. To delete all entries use following command

To delete only dynamic entries use

How to add static MAC address in CAM table

For security purpose sometime we have to add mac address in CAM table manually. To add static MAC address in CAM table use following command

In above command we entered an entry for static MAC address aaaa.aaaa.aaaa assigned to FastEnternet 0/1 with default VLAN1.

How to save running configuration in switch

Switch keeps all running configuration in RAM. All data from RAM is erased when we turned off the device. To save running configuration use following command

How to set duplex mode

Switch automatically adjust duplex mode depending upon remote device. We could change this mode with any of other supported mode. For example to force switch to use full duplex mode use

To use half duplex use

show version

show version command provides general information about device including its model number, type of interfaces, its software version, configuration settings, location of IOS and configuration files and available memories.

show mac-address-table

Switch stores MAC address of devices those are attached with its interfaces in CAM table. We can use show mac-address-table command to list all learned devices. Switch uses this table to make forward decision.

show flash

Switch stores IOS image file in flash memory. show flash command will list the content of flash memory. This command is useful to get information about IOS file and available memory space in flash.

show running-config

Configuration parameter values are created, stored, updated and deleted from running configuration. Running configuration is stored in RAM. We can use show running-config command to view the running configuration.

Router

show startup-config

Any configuration stored in RAM is erased when devices is turned off. We can save running configuration in NVRAM. If we have saved running configuration in NVRAM, it would be automatically loaded back in RAM from NVRAM during the next boot. As switch load this configuration back in RAM in startup of device, at NVRAM it is known as startup-config.

show vlan

show vlan command will display the VLANs. For administrative purpose, switch automatically create VLAN 1 and assign all its interfaces to it. You can create custom VLANs from global configuration mode and then assign them to interfaces.

show interface

show interface command displays information about interfaces. Without argument it would list all interfaces. To get information about specific interface we need to pass its interface number as an argument. For example to view details about FastEthernet 0/1, use show interface fastethernet 0/1.

First line from output provides information about the status of interface.

The first up indicates the status of the physical layer, and the second up indicates to the status of the data link layer.

Possible interface status

  • up and up :- Interface is operational.
  • up and down :- Its data link layer problem.
  • down and down :- Its physical layer problem.
  • Administratively down and down :- Interface is disabled with shutdown command.

Possible values for physical layer status

Cisco Basic Commands List Pdf

  • Up :- Switch is sensing physical layer signal.
  • Down :- Switch is not sensing physical layer signal. Possible reasons could be cable is not connected, wrong cable type is used and remote end device is turned off.
  • Administratively down :- Interface is disabled by using shutdown command.

Possible values for data link layer status

  • Up :- The data link layer is operational.
  • Down :- The data link layer is not operational. Possible reasons could be a disabled physical layer, missed keep alives on a serial link, no clocking or an incorrect encapsulation type.

Cisco Router Configuration Commands

show ip interface brief

show ip interface brief is a extremely useful command to get quick overview of all interfaces on switch. Microsoft office x for mac. It lists their status including IP address and protocol.

Configuring A Router Pdf

That’s all for this article.