Preliminary Configuration Steps

 

All IOS devices are configured with the minimal configuration possible from the factory. For example, bridges and switches are set up to forward and run a spanning tree on all ports, but they are not configured for advanced features, such as filtering. For routers and access servers, Cisco provides a minimal configuration that requires you to give input before the devices can perform their functions. When you receive your router or access server, all the interfaces on the device are turned off, or administratively downed.

To set up a Cisco device, first plug the device into an electrical outlet and find the power switch located on the back of the device. If you turn on the power switch (sometimes labeled as 1), the device powers on and shows the status LEDs on the front panel.

A notable exception to this convention is the popular Cisco 2500 series routers. This specific series of routers does not have any status LEDs on the front of its devices to show that they are powered on, but its devices each have one status LED on the back near the auxiliary (AUX) console port.

Note

Many of the LEDs associated with other components of the device, such as LAN or WAN interfaces, may not turn on until you have configured them. It is not possible to configure LAN or WAN interfaces without power and without entering the proper IOS configuration commands.


The Console Port

The next step in configuring an IOS device is to find the console port. Every Cisco device has a console port that is used to access the device from a directly attached terminal. The console port is often an RS-232C or RJ-45 port labeled "Console."

After locating the console port, you need to attach a dedicated terminal or PC with a terminal emulator. Cisco provides the necessary cables to connect to the console port with each device. If you have a dedicated terminal to connect to your device, you might use an RS-232C connector on the terminal, connect this to an RJ-45 cable, and then attach this assembly directly to the device.

Some devices, such as the Cisco 7500 router, require you to use an RS-232C connector on both ends of the RJ-45 cable, whereas other devices, such as the Cisco 2500 series, do not. If you plan to use a PC to connect to the device, you might have to attach a DB-9 connector to the serial port of your PC and then use the RJ-45 cable to connect to your device. If your IOS device has an RJ-45 console port (such as a Cisco 2500 series or Cisco 3600 series router), you need only the proper connector from the RJ-45 to your console (often an RS-232C connector) or personal computer (often a DB-9 connector).

After establishing the physical connection from your terminal or PC to the device, you need to configure the terminal to communicate with the device properly. You should set your terminal (or terminal emulation program on your PC) to support the following settings:

  • VT100 emulation

  • 9600 baud

  • No parity

  • 8 data bits

  • 1 stop bit

After these settings are correct, you should power on your device. You should see a banner similar to this code from a Cisco 7206 router:

 System Bootstrap, Version 12.1(1), SOFTWARE Copyright (c) 1986-2000 by cisco Systems Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013.            cisco Systems, Inc.            170 West Tasman Drive            San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 7200 Software (C7200-P-M), RELEASE SOFTWARE 12.0(5) 

Bridges and switches running the IOS may or may not show a banner similar to this, depending on the model of the device and its functionality. Regardless of the banner shown, you should see some output on your terminal or terminal emulator when you power on the device. Depending on your terminal emulation and settings, you may have to press the Enter or Return key on your terminal's keyboard before you see some output.

If you do not see any output on your terminal or terminal emulator, check the connections and ensure that the terminal settings are correct. You might also want to refer to Cisco's Getting Started Guide , which ships with each device.

The System Configuration Dialog

During initial power on, all routers and access servers enter the System Configuration Dialog mode. This interactive mode appears on the console screen and asks you questions to help you configure the basic items in the IOS. The System Configuration Dialog prompts you first for global system parameters and then for interface-specific parameters.

When entering System Configuration Dialog mode, you should see the following code:

 --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. Refer to the 'Getting Started' Guide for additional help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Would you like to enter the initial configuration dialog? [yes]: 

Note

The prompts and interface options shown here may not be exactly the same as shown on your router. The IOS customizes the System Configuration Dialog automatically, depending on the platform and the interfaces installed in your router. This example was done using a Cisco 2500 series router.


You can then press Return or Enter to begin the System Configuration Dialog:

 Would you like to enter the initial configuration dialog? [yes]: First, would you like to see the current interface summary? [yes]: 

The following interface summary is for a device direct from the Cisco factory; it has not been configured yet. Therefore, all interfaces are shown as not configured (indicated by NO in the OK? column). The interfaces do not have IP addresses assigned, so this column shows a value of unassigned for each interface. The Method column refers to how the interface was configured, such as manually or automatically from the network. At this time, the interfaces are not set. The last two columns refer to the status of the interface and the data link protocol that is running on the interface. By default, on a new device, all interfaces begin in a down status and with a down data link layer protocol.

 Interface      IP-Address   OK?    Method    Status  Protocol Ethernet0      unassigned   NO     not set   down    down Serial0        unassigned   NO     not set   down    down 

Interpreting the interface summary further, an Ethernet is a local-area network (LAN) interface, and a serial is a wide-area network (WAN) interface. The interface name Ethernet0 denotes the first Ethernet LAN in the device, and the interface name Serial0 denotes the first serial WAN in the device. Cisco labels the device with these names on the physical ports on the outside of the unit. The various types of LAN and WAN interfaces are discussed in Chapter 3, "The Basics of Device Interfaces."

The next few steps concern configuring the name of the device, a logical name to associate with this physical hardware, and passwords for the device. Let's start with the device name. Use the Singapore router from the ZIP network as a sample device to be configured:

 Configuring global parameters: Enter host name [Router]:  Singapore  

Tip

The IOS accepts the answer shown in brackets ([]) as the default entry to questions. This example shows the default answers being entered for clarity.


As you see in the next section of this chapter, the two levels of commands in the IOS are privileged and nonprivileged. You must configure a password for each device. This password is the key to entering privileged mode. Privileged passwords should be kept confidential and treated the same as superuser or system administrator passwords. It is strongly recommended that you use the enable secret method and not the older enable password method of setting the password, because the enable secret command uses a one-way cryptographic algorithm. To facilitate all IOS options, you set both methods in this example, but all examples in the rest of this text use the enable secret method. You should set the enable secret to !zippy2u and the enable password to !zippy4me:

 The enable secret word is a one-way cryptographic secret that is used instead of the enable password word when it exists.   Enter enable secret:  !zippy2u  The enable password is used when there is no enable secret and when using older software and some boot images.  Enter enable password:  !zippy4me  

A virtual terminal is a logical terminal connection to an IOS device. By default, all IOS devices allow five simultaneous virtual terminal Telnet sessions (numbered 0 through 4). When the IOS device is active on a network, you can use the Telnet program to access all IOS functions from the virtual terminal in the same manner as accessing the device from the console port. For example, you can use a virtual terminal to connect to a router and to then enter privileged command mode with the enable secret password. At this point, we will set the virtual terminal password for all five virtual terminal sessions to Zipmein:

 Enter virtual terminal password: Zipmein 

We set all virtual terminal passwords to be the same because when users connect to a router, they often do not specify the virtual terminal they want to connect to and instead connect to the first one available.

The next steps in the Systems Configuration Dialog involve setting the desired protocols. You should enable the Simple Network Management Protocol (SNMP) on your device now. SNMP configuration is explained further in Chapter 7, "Basic Administrative and Management Issues." For now, enable SNMP and accept the default community string of public:

 Configure SNMP Network Management? [yes]:  yes  Community string [public]:  public  

The System Configuration Dialog now asks if you want to configure the DECnet protocol, Digital Equipment Corporation's network layer protocol. Because you do not need this protocol on the ZIP network, type no:

 Configure DECnet? [no]:  no  

You are using AppleTalk with multizone networks. (AppleTalk is discussed further in Chapter 5, "AppleTalk Basics." )

 Configure AppleTalk? [no]:  yes  Multizone networks? [no]:  yes  

You are also using the Novell IPX protocol on the ZIP network:

 Configure IPX? [no]:  yes  

The Internet Protocol (IP) is the main protocol on the ZIP corporate network, so you enable it here. When you enable it, the IOS asks you to pick an IP routing protocol that is used by routers to pass routing information. You do not enable the Interior Gateway Routing Protocol (IGRP) as your routing protocol. We show you how to configure IP routing protocols in Chapter 4, "TCP/IP Basics."

 Configure IP? [yes]:     Configure IGRP routing? [yes]:  no  

After the section on protocols, the IOS setup command queries you for information about each specific interface on the device. For each LAN and WAN interface on the device, you are asked for protocol-specific information. The various types of LAN and WAN interfaces are covered in Chapter 3, and protocol specifics, such as IP addressing, IPX network numbers , and AppleTalk cable ranges, are covered in subsequent chapters. The ZIP router in Singapore has a single Ethernet LAN interface and a single Frame Relay WAN interface. You configure IP, IPX, and AppleTalk on each as follows :

 Configuring interface parameters: Configuring interface Ethernet0: 

The following question asks if the interface being configured is in use ”that is, whether you want the interface to be turned on and not administratively turned off. You should turn on the interfaces Ethernet0 and Serial0 for the Singapore router:

 Is this interface in use? [no]:  yes  

You should tell the router to run the IP protocol on this interface and to use the IP address 131.108.1.1 and the subnet mask 255.255.255.128 for Ethernet0. The details of IP addressing, subnetting, and configuration are covered in Chapter 4.

 Configure IP on this interface? [no]:  yes  IP address for this interface:  131.108.1.1  Number of bits in subnet field [0]:  9  Class B network is 131.108.0.0, 9 subnet bits; mask is /25 

The ZIP network in Singapore also runs Novell IPX and AppleTalk. To enable these protocols, you need to give an IPX network number and an AppleTalk cable-range. The details of IPX are covered in Chapter 6, "IPX Basics." AppleTalk is covered in Chapter 5.

 Configure IPX on this interface? [no]:  yes  IPX network number [1]:  4010  Configure AppleTalk on this interface? [no]:  yes  Extended AppleTalk network? [no]:  yes  AppleTalk starting cable range [0]:  4001  

You also need to configure interface Serial0 on the router with the same network layer protocols as follows:

 Configuring interface Serial0:   Is this interface in use? [no]:  yes  Configure IP unnumbered on this interface? [no]:  no  IP address for this interface:  131.108.242.6  Number of bits in subnet field [0]:  14  Class B network is 131.108.0.0, 8 subnet bits; mask is /30 Configure IPX on this interface? [no]:  yes  IPX network number [2]:  2902  Configure AppleTalk on this interface? [no]:  yes  Extended AppleTalk network? [no]:  yes  AppleTalk network number [1]:  2902  

The output of running the System Configuration Dialog is a configuration command script that is interpreted by the device. The System Configuration Dialog itself does not configure the device, but it makes a configuration command script, which is then interpreted by the device and used for configuration. This is the language you need to understand to configure all Cisco IOS products. The remainder of this text explores this scripting language. You probably can already draw connections between the questions asked by the System Configuration Dialog and the following configuration command script.

The following configuration command script is created:

 hostname Singapore enable secret 5 zu6m7$RMMZ8em/.8hksdkkh78p/T0 enable password !zippy4me line vty 0 4 password Zipmein snmp-server community public ip routing ipx routing appletalk routing no decnet routing ! interface Ethernet0 ip address 131.108.1.1 255.255.255.128 ipx network 4010 appletalk cable-range 4001-4001 appletalk discovery no mop enabled ! interface Serial0 ip address 131.108.242.6 255.255.255.252 ipx network 100 appletalk cable-range 2902-2902 no mop enabled ! end Use this configuration? [yes/no]:  yes  [OK] Use the enabled mode `configure' command to modify this configuration. Press RETURN to get started! 

When you press the Return key, the router gives you the following prompt:

 Singapore> 

At this point, you have entered EXEC mode, or the mode used to execute commands within the IOS. Let's first consider the Help system before going into EXEC mode.

The Help System

The Help system in the IOS is available in EXEC mode to help you issue commands to a device. The Help system is context-sensitive, meaning that the help given depends on what you are trying to do with the IOS. For example, if you enter ? at the device prompt, the following information appears:

 Singapore>? Exec commands:   <1-99>           Session number to resume   access-enable    Create a temporary Access-List entry   access-profile   Apply user-profile to interface   attach           attach to system component   clear            Reset functions   connect          Open a terminal connection   disable          Turn off privileged commands   disconnect       Disconnect an existing network connection   enable           Turn on privileged commands   exit             Exit from the EXEC   help             Description of the interactive help system   lock             Lock the terminal   login            Log in as a particular user   logout           Exit from the EXEC   mls              exec mls router commands   mrinfo           Request neighbor and version information from a multicast                    router   mstat            Show statistics after multiple multicast traceroutes   mtrace           Trace reverse multicast path from destination to source   name-connection  Name an existing network connection   pad              Open a X.29 PAD connection   ping             Send echo messages  --More-- 

This is only the first help screen available, and the output has been limited in this example. For a complete listing of EXEC commands, you might want to consult the Cisco IOS Software Command Summary, which can be found at http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/index.htm. Note that the IOS commands are listed on the left side of the help screen, and a brief explanation of each command is listed on the right. Some commands are executed in a single word; the Help system communicates this by showing that your only option is to enter a carriage return after the command, denoted by the <cr> in the display:

 Singapore>  lock ?  <cr> Singapore>  lock  

When you use the Help system, the IOS does not require you to repeat the command after you ask for help. In the previous example, the word lock is repeated by the IOS auto-matically after the Help screen appears.

You can also use the Help system to find the available completion options for a given EXEC command. As you will see throughout this text, the IOS has many commands available to show the current status of the device. Many of these commands begin with show . In the following information, you can see all of the possible options after you type the word show :

 Singapore>  show ?  alps           Alps information   backup         Backup status   bootflash:     display information about bootflash: file system   bootvar        Boot and related environment variable   calendar       Display the hardware calendar   cef            Cisco Express Forwarding   ces            CES Show Commands   clock          Display the system clock   context        Show context information about recent crash(s)   dialer         Dialer parameters and statistics   disk0:         display information about disk0: file system   disk1:         display information about disk1: file system   drip           DRiP DB   dss            DSS information   flash:         display information about flash: file system   fras-host      FRAS Host Information   history        Display the session command history   hosts          IP domain-name, lookup style, nameservers, and host table   ipc            Interprocess communications commands   location       Display the system location   management     Display the management applications   microcode      show configured microcode for downloadable hardware   mls            multilayer switching information   modemcap       Show Modem Capabilities database   mpoa           MPOA show commands   ncia           Native Client Interface Architecture   ppp            PPP parameters and statistics   rmon           rmon statistics   rtr            Response Time Reporter (RTR)   sessions       Information about Telnet connections   sgbp           SGBP group information   slot0:         display information about slot0: file system   slot1:         display information about slot1: file system   snmp           snmp statistics   syscon         System Controller information   tacacs         Shows tacacs+ server statistics   terminal       Display terminal configuration parameters   traffic-shape  traffic rate shaping configuration   users          Display information about terminal lines   version        System hardware and software status   vpdn           VPDN information Singapore>  show  

Note that the IOS repeats the initial portion of the command you typed so that you do not have to repeat it.

The Help system in the IOS also completes partial commands when you use the Tab key. If you enter an unambiguous EXEC command and then press the Tab key, the IOS completes the command. As an example, we'll show you the show sessions command, which lets you see all the Telnet sessions on an IOS device:

If you enter

 Singapore>  show sess  

and then press the Tab key, the IOS completes the command:

 Singapore>  show sessions  

If you enter an ambiguous command, such as

 Singapore>  show s  

the IOS cannot complete the command. This is an ambiguous string, possibly meaning show sessions or show snmp . Pressing the Tab key at this point causes the terminal bell to ring on most systems.

Tip

You do not have to use the full command in EXEC level in the IOS-an unambiguous string defaults to the proper command. This means that the commands show sess and show sessions produce the same output.


The show sessions command is different from the session command. The session command enables you to connect to a virtual console session of a hardware module on the IOS device. Some IOS devices have multiple hardware modules that each have their own virtual console access. Examples of this are the Route Switch Module (RSM) and the Asynchronous Transfer Mode (ATM) module in a Catalyst switch. You can specify the module that you wish to connect to using the session command followed by the module number. For example, if you have an ATM module as the third module (typically in the third slot of the device) in a Catalyst switch running the IOS, you can do the following to access the module:

 Router>session 3 Trying ATM-3... Connected to ATM-3. Escape character is `^]'. ATM> 

You have now established a session to the ATM module. This is different from a Telnet session to the router itself, and all commands that you now execute are performed by the ATM module.

Nonprivileged and Privileged Modes

You can execute two basic levels of commands from the EXEC mode. The first level is nonprivileged mode. Nonprivileged mode is denoted on the device prompt with the greater-than (>) character after the device name, such as the following:

 Singapore> 

In this mode, you can examine the status of the IOS device but cannot change any parameters.

The second level of commands comprises the privileged commands, also known as enable mode. To enter privileged mode, you must know the enable secret password on the system. You can then enter the EXEC command enable to switch from nonprivileged to privileged mode:

 Singapore>enable Password: Singapore# 

In the previous example, when prompted for a password, you enter the enable secret password (in this case, !zippy2u ), which is not echoed to the terminal. An IOS device in privileged mode changes the > character in the prompt to a hash mark (#). To move from privileged to nonprivileged mode, use the EXEC command disable :

 Singapore#disable Singapore> 

Notice that in privileged mode, more commands are available than in nonprivileged mode, as indicated by the Help system:

 Singapore#? Exec commands:   <1-99>           Session number to resume   access-enable    Create a temporary Access-List entry   access-profile   Apply user-profile to interface   access-template  Create a temporary Access-List entry   attach           attach to system component   bfe              For manual emergency modes setting   calendar         Manage the hardware calendar   cd               Change current directory   clear            Reset functions   clock            Manage the system clock   configure        Enter configuration mode   connect          Open a terminal connection   copy             Copy from one file to another   debug            Debugging functions (see also 'undebug')   delete           Delete a file   dir              List files on a filesystem   disable          Turn off privileged commands   disconnect       Disconnect an existing network connection   enable           Turn on privileged commands   erase            Erase a filesystem   exit             Exit from the EXEC   format           Format a filesystem   help             Description of the interactive help system   lock             Lock the terminal   login            Log in as a particular user   logout           Exit from the EXEC   microcode        microcode commands   mkdir            Create new directory   mls              exec mls router commands   more             Display the contents of a file   mpoa             MPOA exec commands   mrinfo           Request neighbor and version information from a multicast                    router   mstat            Show statistics after multiple multicast traceroutes   mtrace           Trace reverse multicast path from destination to source   name-connection  Name an existing network connection   ncia             Start/Stop NCIA Server   no               Disable debugging functions   pad              Open a X.29 PAD connection   ping             Send echo messages   ppp              Start IETF Point-to-Point Protocol (PPP)   pwd              Display current working directory   reload           Halt and perform a cold restart   rename           Rename a file  --More-- 

Note that the preceding output has been truncated for brevity.

Memory Configuration Issues

Of the three portions of memory on an IOS device, two hold the device configuration. The third holds the IOS operating system. The difference between the configuration commands and the IOS operating system is that the configuration commands are used to configure the device and the IOS operating system is the software that runs on the device.

You learn about the two types of memory that hold IOS configuration commands ” random-access memory (RAM) and nonvolatile random-access memory (NVRAM) ”in this section. You also learn how to load the IOS operating system to a third type of memory on the device, electronically erasable programmable read-only memory (EEPROM), also known as Flash memory. To execute any memory-related commands on a device, you need to be in privileged mode (as shown in the following examples).

Device Configuration Memory

The current, or running, configuration of an IOS device can be seen by using the EXEC command show running-config . The output of this command lists the IOS configuration commands that the device is running, as follows:

 Singapore#  show running-config  Current configuration: hostname Singapore enable secret 5 zu6m7$RMMZ8em/.8hksdkkh78p/T0 enable password !zippy4me line vty 0 4 password Zipmein snmp-server community public ip routing ipx routing appletalk routing no decnet routing ! interface Ethernet0 ip address 131.108.1.1 255.255.255.128 ipx network 4010 appletalk cable-range 4001-4001 appletalk discovery no mop enabled ! --More-- 

The output has been truncated for brevity.

The running configuration of a device is held in RAM, which is erased if the device loses power. You must save the current configuration to NVRAM, called the startup-config, if you want the device to resume the same running configuration after a power cycle. The EXEC command copy , which copies from the first memory location to the second, is used to save the running configuration to NVRAM:

 Singapore#  copy running-config startup-config  [OK] Singapore# 

You have now saved the current running configuration in RAM as the startup configuration in NVRAM. You can use the copy command in the reverse manner also, copying from the startup configuration to the running configuration as follows:

 Singapore#  copy startup-config running-config  [OK] Singapore# 

You might want to copy your startup-config to your running-config so that you can revert to your startup-config after making configuration changes on a device. For example, imagine that you make some configuration changes on a device. You observe the behavior of the device and decide that the changes were incorrect. If you had not copied your running-config to startup-config, you could copy your startup-config to your running-config. When you copy from the startup configuration in NVRAM to the running configuration in RAM, be aware of the merging of IOS configuration commands that could occur (see the section "Merging and Superseding of Configuration Commands," later in this chapter).

If you want to view the startup configuration, issue the EXEC command show startup-config :

 Singapore#  show startup-config  Using 1240 out of 7506 bytes ! hostname Singapore enable secret 5 zu6m7$RMMZ8em/.8hksdkkh78p/T0 enable password !zippy4me line vty 0 4 password Zipmein snmp-server community public ip routing ipx routing appletalk routing no decnet routing ! interface Ethernet0 ip address 131.108.1.1 255.255.255.128 ipx network 4010 appletalk cable-range 4001-4001 appletalk discovery no mop enabled ! --More-- 

The output has been truncated for brevity. Note that the first line of the startup configuration shows the amount of NVRAM that the configuration uses and the total NVRAM on the device.

The startup configuration matches the running configuration after a copy running-config startup-config command is issued. However, if you configure the device (as explained in the next section) and do not save an altered running configuration to the startup configuration, the device reverts to the last configuration saved in the startup configuration the next time it gets power-cycled.

You can erase the startup configuration using the erase startup-config command:

 Singapore#  erase startup-config  Erasing the nvram filesystem will remove all files! Continue? [confirm] [OK] Singapore# 

If you now reload your router by turning off the power or by using the privileged EXEC command reload , the device startup configuration is blank. This sequence of events ”erasing the startup configuration and reloading the device ”causes the IOS device to begin with the System Configuration Dialog, as discussed earlier in this chapter.

IOS Flash Memory

Flash memory is the location where a Cisco device holds the binary executable IOS images that constitute the operating system for the device. Do not confuse IOS images with IOS configurations. As you have seen earlier in the chapter, an IOS configuration tells the device its current configuration, while an IOS image is the actual binary program that parses and executes the configuration.

Depending on the amount of Flash memory you have installed and the IOS image size that you want to store on the Flash memory, your device can hold multiple IOS images. If you have multiple IOS images on a given device, you can configure which image the device executes after a reload. You can copy IOS images received from Cisco to your IOS devices using several different TCP/IP-based file transfer protocols, including the Trivial File Transfer Protocol (TFTP), the File Transfer Protocol (FTP), and the UNIX remote copy protocol (rcp). We will discuss using both TFTP and FTP for transferring the IOS software image to your device. Although rcp is an available protocol, it requires configuration of both your IOS-based device and your rcp server, which is beyond the scope of this text. Additionally, the use of rcp presents certain security risks that are better addressed with additional IOS and network proficiency.

Deciding whether to use TFTP or FTP to transfer the IOS image from a server to your IOS device depends on several factors:

  • The availability of TFTP or FTP on your server or workstation (as provided by your server administrator). If your server administrator does not allow TFTP, for example, you will need to rely on FTP to perform the transfer.

  • The type of network connection that is available from your server to your IOS device. If your server is on a LAN that is directly connected to your IOS device, TFTP will perform adequately, and the transfer time will likely not be excessive. If your server is several LAN or WAN hops away, FTP will perform better and reduce the transfer time of the IOS image from the server to the device.

  • The level of security that you wish to maintain for the transfer of your IOS image from the server. TFTP does not require any kind of identification or authentication to perform the transfer. FTP requires a username and password to perform the transfer.

Note

We strongly recommend that you contact your local Cisco support channel to help you determine which IOS image to run on your routers.


Using TFTP for IOS Image Transfer

Before you can transfer an IOS image to your device, you need to have the IOS image file on a TFTP server. If you do, use the copy tftp flash command to initiate the transfer. In the following example, we copy the IOS image c2500-i-l.120-5.P.bin onto the Singapore router. Note that the Singapore router shows you the current contents of the Flash memory and then asks you for the IP address of the TFTP server and for the name of the IOS image before confirming the copy process. As a final step, the device verifies that the file has been loaded without error:

 Singapore#  copy tftp flash  System flash directory: File  Length   Name/status   1   2980876  c2500-is-mz.111-3.P.bin [2980876 bytes used, 5407732 available, 8388608 total] IP address or name of remote host [255.255.255.255]? 131.108.20.45 Name of file to copy ? c2500-i-l.120-5.P.bin Copy c2500-i-l.120-5.P.bin from 131.108.20.45 into flash memory? [confirm] Loading from 131.108.20.45:  !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 1906676/4194240 bytes] Verifying via checksum... vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv Flash verification successful. Length = 1906676, checksum = 0x12AD 

Note

All EXEC commands that use the network to perform an action return an exclamation point (!) character when successful and a period (.) when unsuccessful .


If you want to perform the reverse of the previous process-namely, copy an IOS image from the Flash memory on a device to a TFTP server-use the EXEC command copy flash tftp . We recommend that you keep a copy of all your IOS images on a server and make backups of these files regularly. When upgrading IOS images, it is imperative to have the last known working IOS image for your network on a server. This precaution enables you to revert to a working IOS image by using the copy tftp flash command in the event of an unforeseen IOS caveat.

You can view the contents of Flash memory at any time using the EXEC command show flash:

 Singapore>  show  flash  System flash directory: File  Length   Name/status   1   1906676  c2500-i-l.120-5.bin [1906676 bytes used, 6481932 available, 8388608 total] 8192K bytes of processor board System flash 

Note

Some Cisco IOS devices execute the IOS image from Flash memory and cannot overwrite the image while it is executing. These Cisco IOS devices use the Flash load helper system to copy IOS images from a TFTP server.


Using FTP for IOS Image Transfer

Unlike TFTP, FTP requires a username and password to both identify and authenticate the IOS device and its administrator to the FTP server prior to the transfer of the IOS software image. Two methods are used to provide the username and password for the transfer:

  • Specifying the username and password as part of the copy ftp EXEC command

  • Predefining the username and password via the global configuration commands ip ftp username and ip ftp password

The former is useful when many different individuals perform software image upgrades to the router. The latter is useful when only one individual performs the upgrades or when a specific login account and password have been set up for the express purpose of transferring the IOS software images. In either case, the corresponding username and password must exist on your FTP server before the transfer process is initiated. In the following examples, the FTP username is joebob, and the FTP password is getmysoftware.

As with TFTP, before you can transfer an IOS image to your device, you need to have the IOS image file on an FTP server. If you do, use the privileged EXEC command copy ftp:/ /username:password flash to both specify the username and password for authentication and to initiate the transfer. Substituting our selected username and password, the command would look like copy ftp://joebob:getmysoftware flash . In the following example, we copy the IOS image c2500-i-l.120-5.P.bin onto the Singapore router. Note that the Singapore router shows you the current contents of the Flash memory and then asks you for the IP address of the FTP server and for the name of the IOS image before confirming the copy process. Optionally , the FTP server IP address and IOS image name may also be specified as part of the copy command, similar to the username and password, as ftp://username:password@ftpservername/ios-image-name . As a final step of the transfer process, the device verifies that the file has been loaded without error:

 Singapore#  copy ftp://joebob:getmysoftware flash  System flash directory: File  Length   Name/status   1   2980876  c2500-is-mz.111-3.P.bin [2980876 bytes used, 5407732 available, 8388608 total] IP address or name of remote host [255.255.255.255]? 131.108.20.45 Name of file to copy ? c2500-i-l.120-5.P.bin Copy c2500-i-l.120-5.P.bin from 131.108.20.45 into flash memory? [confirm] Loading from 131.108.20.45:  !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 1906676/4194240 bytes] Verifying via checksum... vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv Flash verification successful. Length = 1906676, checksum = 0x12AD 

As discussed previously, the username and password may be defined in the running configuration prior to initiating the IOS image transfer and optionally may be stored in the startup configuration for future use. The FTP username and password are defined using the global configuration commands ip ftp username and ip ftp password . In the following example, we configure the Singapore router with the FTP username joebob and password getmysoftware and then initiate an IOS image transfer:

 Singapore#  configure terminal  Singapore(config)#  ip ftp username   joebob  Singapore(config)#  ip ftp password   getmysoftware  Singapore(config)#^  Z  Singapore#  copy ftp flash  System flash directory: File  Length   Name/status   1   2980876  c2500-is-mz.111-3.P.bin [2980876 bytes used, 5407732 available, 8388608 total] IP address or name of remote host [255.255.255.255]? 131.108.20.45 Name of file to copy ? c2500-i-l.120-5.P.bin Copy c2500-i-l.120-5.P.bin from 131.108.20.45 into flash memory? [confirm] Loading from 131.108.20.45:  !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 1906676/4194240 bytes] Verifying via checksum... vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv Flash verification successful. Length = 1906676, checksum = 0x12AD 

Note

A complete discussion of IOS configuration modes and methods is contained in the upcoming section "User Configuration Mode."


As in the previous example, the Singapore router shows you the current contents of the Flash memory and then asks you for the IP address of the FTP server and for the name of the IOS image before confirming the copy process. As a final step of the transfer process, the device verifies that the file has been loaded without error.

As with TFTP, it is possible to perform the reverse of the previous process ”namely, to copy an IOS image from the Flash memory on a device to an FTP server ”using the EXEC command copy flash ftp . As in the previous process, you must specify the username and password needed for the FTP transfer either as part of the copy command or by predefining them in the running configuration. Regardless of the transfer protocol, we recommend that you keep a copy of all your IOS images on a server and make backups of these files regularly. When you're upgrading IOS images, it is imperative to have the last known working IOS image for your network on a server. This precaution enables you to revert to a working IOS image by using the copy ftp flash command in the event of an unforeseen IOS caveat.

Managing Flash Memory Space

All the commands that transfer IOS software images to Flash memory will evaluate the available space and prompt you to erase and compress the existing Flash memory contents to make additional space, if required. There may be occasions when you would like to erase all or just a portion of the existing contents of Flash memory independent from the transfer process. You can erase the entire contents of Flash memory by using the privileged EXEC command erase flash . To delete a specific IOS image from Flash memory, use the delete command. For example, to delete the IOS image c2500-i-l.120-5.bin from Flash memory, use the EXEC privileged command delete c2500-i-l.120-5.bin. On Cisco devices that have an external Flash memory card (usually located in a slot called slot0), the delete command only marks an IOS image file for deletion; it does not actually perform the deletion and thus free the space on Flash memory. You must execute the squeeze command to complete the file deletion process.

User Configuration Mode

To configure an IOS device, you must use the EXEC privileged command configure . The configure command has three options:

  • Configure from terminal

  • Configure from memory

  • Configure from network

Tip

In nonprivileged mode, privileged mode, and user configuration mode, the IOS enables you to repeat commands without retyping them. To do so, move up or down the stack of existing commands until you reach the command you want to repeat. When you reach it, press the Return key. The command is repeated at the current command line. On most terminals, the up arrow key moves up and the down arrow key moves down the stack of previous commands. If the arrow keys do not work on your terminal, you can move up the stack of previous commands with Ctrl+P (previous) and down with Ctrl+N (next).


When you type the configure command, the IOS prompts you for which of the three options you want to use, as follows:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? 

The default, which is the first option, enables you to configure the IOS device from your terminal in real time. The commands are executed by the IOS immediately after you enter them:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)# 

The device then changes the prompt to show that you are in configuration mode and allows you to enter configuration commands. When you are finished entering commands, enter Ctrl+Z (^Z). In the following example, you change the device name from Singapore to Seoul using the global configuration command hostname:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)#  hostname Seoul  Seoul(config)#^  Z  Seoul# 

As you can see from the prompt, the command takes effect immediately to change the host name of the device. You do not need to save this new running configuration to the startup configuration to activate the command.

The second option, configuring from memory, allows you to copy the contents of the device's startup configuration, which are stored in NVRAM, to the current configuration. This option is useful if you have changed a configuration parameter in real time and you want to revert to the previous configuration saved in the startup configuration. This configure command performs the same function as the copy startup-config running-config command you saw in the previous section:

 Seoul#  configure  Configuring from terminal, memory, or network [terminal]?  memory  Singapore# 

The third option, configuring from the network, enables you to load a configuration file from a server running the TFTP:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]?  network  Host or network configuration file [host]? Address of remote host [255.255.255.255]?  131.108.20.45  Name of configuration file [singapore-confg]? Configure using singapore-confg from 131.108.20.45? [confirm] Loading singapore-confg !![OK] Singapore# 

In the preceding configure command, we accepted the IOS defaults shown in brackets ([]) by pressing a carriage return as a reply to the question.

TFTP is a protocol that allows the IOS device to query for a specific file from a host running a TFTP server. TFTP uses the IP protocol, so you need to have IP routing configured between the IOS device and the TFTP server for this option to work properly. See Chapter 4 for more information on the configuration of IP routing.

When configuring an IOS device from a TFTP server, the device defaults to trying to load a file with the name of the device followed by the string -confg. In this case, the device named Singapore tries unsuccessfully to load the file singapore-confg by default.

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]?  network  Host or network configuration file [host]? Address of remote host [255.255.255.255]?  131.108.20.45  Name of configuration file [singapore-confg]? Configure using singapore-confg from 131.108.20.45? [confirm] Loading singapore-confg ... [timed out] Singapore# 

A device can fail to load a configuration file because of problems with IP network connectivity or a TFTP violation.

Configuration Commands

Configuration commands are used to configure an IOS device. As seen in the previous section, the configuration commands can be entered from the terminal, loaded from the startup configuration, or downloaded via a file using TFTP and the EXEC command configure. All configuration commands must be entered into the IOS device in configu-ration mode, not at the EXEC level. A configuration command entered at the device prompt is incorrect:

 Singapore#  hostname  Seoul                   ^ % Invalid input detected at '^' marker. 

A configuration command entered in configuration mode is correct:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)#  hostname Seoul  Seoul(config)#^  Z  Seoul# 

All IOS commands fit into one of three categories:

  • Global commands

  • Major commands

  • Subcommands

A global command is a configuration command that affects the overall IOS configuration. In this chapter, you have seen some global commands in the configuration command script made by the System Configuration Dialog, including hostname, enable secret , and ip routing. Each of these commands changes the IOS configuration without needing additional commands. The hostname command sets the name of the device, the enable secret command sets the enable secret password used to enter privileged mode, and the ip routing command turns on IP routing.

A major command is a command that enables subcommands to configure the device. A major command does not configure the IOS device itself. In the following example, the command interface Ethernet0 is a major command that tells the IOS that the subsequent subcommands relate specifically to a LAN interface named Ethernet0. In this example, the subcommand ip address assigns an IP address to Ethernet0:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)#  interface Ethernet0  Singapore(config-if)#  ip address 131.108.1.1 255.255.255.128  Singapore(config-if)#^  Z  Singapore# 

In the previous example, the IOS interprets interface Ethernet0 as a major command. It shows this by changing the configuration prompt to Singapore(config-if) to reflect that the subsequent commands are subcommands for the interface. The command interface Ethernet0 does not configure the device itself-it requires subcommands to complete the configuration.

A major command requires the context of a subcommand to configure the device. The subcommand ip address 131.108.1.1 255.255.255.128 requires an interface to be interpreted properly. The combination of a major command and a subcommand is the proper combination to configure an IOS device.

As of IOS 12.0, some IOS major commands have an additional level of configuration subcommands. For example, on an ATM interface, which we will discuss further in Chapter 3, you specify the interface with the major command interface atm 0. You can then specify the permanent virtual path identifier and virtual circuit identifier for this interface to use with the subcommand pvc [ name] vpi/vci. This subcommand has an additional level of subcommand that enables you to specify the ATM quality of service associated with VPI/VCI. For example, here we set an ATM interface to have VPI/VCI equal to 5/42 with an unspecified bit rate (UBR) quality of service to 384 kbps:

 Router#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Router(config)#  interface atm0  Router(config-if)#  pvc 5/42  Router(config-if)#  ubr 384  Router(config-if)#^  Z  Router# 

This configuration appears in the router as follows (all output except the previous configuration has been truncated):

 Router#  show running-config  Current configuration: ! interface ATM0   pvc 5/42     ubr 384 ! 

As seen in the previous section, you can configure the IOS device from a configuration file loaded via the TFTP protocol by using the configure command and selecting the Network option. This configuration file must be a text file that contains the desired global commands, major commands, and subcommands to configure the device. When loading the configuration file, the device interprets the configuration commands immediately and executes them, just as if you had typed in the commands using the configure command and the Terminal option.

Configuration Help

The IOS Help system is available while you are configuring a device. Use the question mark (?) command to find the available configuration options at any time during device configuration. In the example that follows, this feature finds the global commands available on a device in configuration mode:

 Singapore(config)#? Configure commands:  aaa                         Authentication, Authorization and Accounting.  access-list                 Add an access list entry  alias                       Create command alias  arp                         Set a static ARP entry  async-bootp                 Modify system bootp parameters  banner                      Define a login banner  boot                        Modify system boot parameters  bridge                      Bridging Group.  buffers                     Adjust system buffer pool parameters  busy-message                Display message when connection to host fails  cdp                         Global CDP configuration subcommands  chat-script                 Define a modem chat script  clock                       Configure time-of-day clock  config-register             Define the configuration register  default-value               Default character-bits values  dialer-list                 Create a dialer list entry  dnsix-dmdp                  Provide DMDP service for DNSIX  dnsix-nat                   Provide DNSIX service for audit trails  downward-compatible-config  Generate a configuration compatible with older software  enable                      Modify enable password parameters --More-- 

Note that the previous output has been truncated for brevity. You can also use the Help system to find the configuration subcommands available when entering a command. In this example, you find the subcommands that are available for the IP protocol when configuring the Ethernet0 interface:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)#  interface Ethernet0  Singapore(config-if)#  ip ?  Interface IP configuration subcommands:   access-group        Specify access control for packets   accounting          Enable IP accounting on this interface   address             Set the IP address of an interface   bandwidth-percent   Set EIGRP bandwidth limit   broadcast-address   Set the broadcast address of an interface   directed-broadcast  Enable forwarding of directed broadcasts   gdp                 Gateway Discovery Protocol   hello-interval      Configures IP-EIGRP hello interval   helper-address      Specify a destination address for UDP broadcasts   hold-time           Configures IP-EIGRP hold time   irdp                ICMP Router Discovery Protocol   mask-reply          Enable sending ICMP Mask Reply messages   mobile              Mobile Host Protocol   mtu                 Set IP Maximum Transmission Unit   policy              Enable policy routing   probe               Enable HP Probe support   proxy-arp           Enable proxy ARP   rarp-server         Enable RARP server for static arp entries   redirects           Enable sending ICMP Redirect messages   rip                 Router Information Protocol   route-cache         Enable fast-switching cache for outgoing packets --More-- 

Note that the previous output has been truncated for brevity.

Removing Configuration Commands

To remove a configuration command from an IOS device, add the keyword no to the beginning of the configuration command. The following example shows how to remove the IP address from the interface Ethernet0:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)#  interface Ethernet0  Singapore(config-if)#  no ip address 131.108.1.1 255.255.255.0  Singapore(config-if)#^  Z  Singapore# 

For the removal of any global command, major command, or subcommand, follow the same procedure.

Default Configuration Commands

Cisco IOS default configuration commands do not appear in show running-config or show startup-config. If you enter a command that is a default configuration command, the device accepts the command without error. For example, as you will see in the next chapter, all serial interfaces on Cisco routers default to High-Level Data Link Control (HDLC) encapsulation. Entering the interface configuration subcommand encapsulation hdlc for a serial interface does not result in a new line of configuration on the router.

All IOS commands also have a default configuration. You can use the default configuration command as a precursor to any global command, major command, or subcommand to return the configuration value to its default configuration. Many IOS configuration commands are disabled by default, so the default form is the same as the no form, as in the previous section. For example, the following configurations will also remove the IP address from Ethernet0 of the Singapore router:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)#  interface Ethernet0  Singapore(config-if)#  default  ip address  Singapore(config-if)#^  Z  Singapore# 

By contrast, some commands are enabled by default with a specific configuration. In these cases, the default command enables the command with the default configuration:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)#  default hostname  Singapore(config-if)#^  Z  Router# 

In this example, the hostname command is enabled by default with the device name set to Router.

Merging and Superseding of Configuration Commands

A new configuration command may supersede an existing command, in which case the IOS automatically removes the existing command. On the other hand, a new command may merge with an existing command instead of superseding it. As an example of merged commands, it is possible to configure two different snmp-server commands on a device. Imagine that you perform the following configuration:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)#  snmp-server community public  Singapore(config)#^  Z  Singapore# 

At this point, you decide to change the snmp-server configuration of the device, so you perform the following configuration:

 Singapore#  configure  Enter configuration commands, one per line. End with CTRL+Z. Configuring from terminal, memory, or network [terminal]? Singapore(config)#  snmp-server community zipnet  Singapore(config)#^  Z  Singapore# 

Because it is possible to have multiple snmp-server commands, this second snmp-server command is merged into the current configuration, and both commands are active, as shown in the following portion of show running-config:

 ! snmp-server community public snmp-server community zipnet ! 

To replace the first snmp-server configuration command with the second, do the following:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)#  no snmp-server community public  Singapore(config)#  snmp-server community zipnet  Singapore(config)#^  Z  Singapore# 

An example of a command that does not merge is the hostname command that sets the name of a device. In the following example, we configure a new name for the Singapore router:

 Singapore#  configure  Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CTRL+Z. Singapore(config)#  hostname Sing-router  Sing-router(config)#^  Z  Sing-router# 

The hostname command immediately supersedes the previous configuration. The running-config shows only one hostname command:

 ! hostname Sing-router ! 

Remember this IOS issue when adding configuration commands to an existing configuration.

Summary

Now that you understand the basic configuration commands and steps, the next chapter turns to the configuration of interfaces. Keep in mind the following key points about basic device configuration:

  • It is recommended that you use the enable secret category of password in defining a privileged password for the IOS.

  • The Help system, which is available in EXEC mode, provides information on what EXEC commands are available, what they do, and what their completion options are (see Table 2-1). The Help system is also available while you are configuring a device.

  • In nonprivileged mode, you can examine the status of an IOS device but not change its parameters. In privileged mode, you can set and change device parameters.

  • The two types of memory that hold IOS configuration commands are RAM and NVRAM. The running configuration is held in RAM. It is erased if the device loses power. The configuration held in NVRAM is not erased when the device is powered off; it is the one that the device reverts to after powering back on.

  • You can configure a device from the terminal in real time, from memory (NVRAM), or from the network.

  • Add the keyword no to the beginning of a configuration command if you want to remove it from the device configuration.

  • When added to an existing device configuration, some configuration commands merge with existing commands, while others supersede existing commands (see Table 2-2).

    Table 2-1. Summary of EXEC Commands for Basic Device Configuration
    Command Description
    configure Configures the IOS device from terminal, network, or memory
    copy flash ftp Copies IOS image file from Flash memory to an FTP server
    copy flash tftp Copies IOS image file from Flash memory to a TFTP server
    copy ftp flash Copies IOS image file from an FTP server to Flash memory
    copy running-config startup-config Saves running configuration to NVRAM
    copy startup-config running-config Makes startup configuration from NVRAM the running configuration
    copy tftp flash Copies IOS image file from TFTP server to Flash memory
    delete IOS image Deletes specified IOS image from Flash memory
    disable Exits privileged mode and enters nonprivileged mode
    enable Enters privileged mode
    erase flash Deletes entire contents of Flash memory
    erase startup-config Erases startup configuration
    lock Locks current terminal session
    session module Establishes a session to the specified module
    show flash Displays contents of Flash memory
    show running-config Displays the configuration running on the device
    show sessions Displays current user sessions
    how startup-config Displays the configuration saved in NVRAM that the device will use at next startup
    squeeze Erases file marked for deletion on Flash memory
    Table 2-2. Summary of Configuration Commands for Basic Device Configuration
    Command Description
    default command Sets the command to its default value
    enable password password Sets a password for entry to privileged mode
    enable secret secret Sets a one-way cryptographic password for entry to privileged mode
    hostname Sets the host name of the device
    interface type Specifies the interface to configure
    ip ftp password Specifies the password to use for authentication when using FTP for transferring IOS images and other functions
    ip ftp username Specifies the username to use for identification when using FTP for transferring IOS images and other functions
    no command Removes the configuration command


Cisco Router Configuration
Cisco Router Configuration (2nd Edition)
ISBN: 1578702410
EAN: 2147483647
Year: 1999
Pages: 116

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net