CCNA 1 - Managing Cisco Network

By Sheldon L

Published at 2020-05-09

Updated at 2020-05-09

---

The boot sequence

• The power on self test (POST), stored in and runs from read-only memory (ROM)
• The bootstrap in ROM locates and loads the Cisco IOS software by executing programs responsible for finding where each IOS program is located. Once they are found, it then loads the proper files. The default order of an IOS loading from a Cisco device begins with flash, then TFTP server, and finally, ROM.
• The IOS software looks for a valid configuration file stored in NVRAM. This file is called startup-config and will be present only if an administrator has copied the running-config file into NVRAM.
• If a startup-config file is found in NVRAM, the router or switch will copy it, place it in RAM, and name the file the running-config. If a startup-config file is not in NVRAM, the router will broadcast out any interface that detects carrier detect (CD) for a TFTP host looking for a configuration. When that fails, it will start the setup mode configuration process.

Backing Up and Restoring the Cisco Configuration

show version
show running-config
sh start

copy running-config startup-config

! There are now so many options you can use, check
copy running-config ?

! Make a second backup
copy running-config tftp

! Restore
copy tftp running-config
! NOTE: the interfaces are shut down by default and you must manually enable each interface

! Erase
erase startup-config
reload

Administration

Setting IP Address, DHCP and DNS

!
! Gateway Router
Router(config)# interface Ga0/0/0
Router(config-if)# ip address 192.168.1.1 255.255.255.0
Router(config-if)# no shutdown

!
! Switch
Switch(config)# ip dhcp excluded-address 192.168.1.1 192.168.1.100
Switch(config)# ip dhcp pool IT_Support
Switch(dhcp-config)# network 192.168.1.0 255.255.255.0
Switch(dhcp-config)# default-router 192.168.1.1
Switch(dhcp-config)# dns-server 192.168.1.1

Switch(config)# interface vlan 1
Switch(config-if)# ip address 192.168.1.2 255.255.255.0
Switch(config-if)# no shutdown
Switch(config-if)# exit

! OPTIONAL:
! set the lease time in days, hours, and minutes.
! Default lease time is 24h.
Switch(dhcp-config)# lease 3 12 17

! OPTIONAL:
! set option 66, which is sending a TFTP server address to a DHCP client.
! This is typically used for VoIP phones, or auto installs, and needs to be listed as a FQDN.
Switch(dhcp-config)# option 66 ascii tftp.somewhere.com

• DHCP Relay: if we want to receive a DHCP address for a client from a remote DNS server

! configure the Fa0/0 interface of the router
! to accept the DHCP client requests (broadcast)
! and forward them to the DHCP server (unicast)
Router# config t
Router(config)# interface Fa0/0
Router(config-if)# ip helper-address 10.10.10.254

• Verifying DHCP

! Lists state information about each IP address currently leased to a client.
show ip dhcp binding

! Lists the configured range of IP addresses,
! plus statistics for the number of currently leased addresses
! and the high watermark for leases from each pool.
show ip dhcp pool [poolname]

! Lists DHCP server statistics
show ip dhcp server statistics

! Check duplicate address
show ip dhcp conflict

Resolving Hostnames

• If you want to use a hostname instead of an IP address to connect to a remote device, the device that you’re using to make the connection must be able to translate the hostname to an IP address.

• There are two ways to resolve hostnames to IP addresses.
  • Building a host table on each router
  • Building a Domain Name System (DNS) server, similar to creating a dynamic host table.
• Building a Host Table

SW-1# config t

SW-1(config)# ip host SW-2 ?
<0-75537> Default telnet port number
A.B.C.D Host IP address
additional Append addresses

SW-1(config)# ip host SW-2 10.100.128.9
SW-1(config)# ip host SW-3 10.100.128.8
SW-1(config)# do sho hosts

! Try to telnet
SW-1# sw-3
SW-3> Ctrl+Shift+6
SW-1#
SW-1# sh sessions

! Remove IP host
SW-1(config)# no ip host SW-3

• Using DNS to Resolve Names, if you have a DNS server on your network

SW-1# config t

SW-1(config)# ip domain-lookup
! In case of it is turned off. It is turned on by default.

! Sets the IP address of the DNS server
SW-1(config)# ip name-server 4.4.4.4

! OPTIONAL:
! the hostname will followed by domain name.
SW-1(config)# ip domain-name lammle.com
SW-1(config)# ^Z

! Try to ping, if you added SW-3 in DNS server
SW-1#ping SW-3

Setting Accounts

enable
configure terminal

enable secret hope

line console 0
login
! This login will remind you if password is not set
password love
login
! This login means need password to login
exit

line console 0
no login
! no login means password may exist but is not needed when login
exit

line console 0
login local
! login local means login with username and secret
username sheldon secret love
no password
! no password disable plain password

! ecrypt plain password and show config
service password-encryption
show running-config

line vty ?
line vty 0 15
! the same as line console

! ssh
hostname S1
ip domain-name ccna.com
crypto key generate rsa modulus 1024
ip ssh version 2
line vty 0 15
transport input ssh
login local
exec-timeout ?
exit

! before login from remote
Router(config)#interface Ga0/0/0
Router(config-if)#ip address 192.168.1.1 255.255.255.0

Switch(config)# ip dhcp excluded-address 192.168.1.1 192.168.1.100
Switch(config)# ip dhcp pool IT_Support
Switch(dhcp-config)# network 192.168.1.0 255.255.255.0
Switch(dhcp-config)# default-router 192.168.1.1
Switch(dhcp-config)# dns-server 192.168.1.1

Switch(config)# interface vlan 1
Switch(config-if)# ip address 192.168.1.2 255.255.255.0
Switch(config-if)# no shutdown
Switch(config-if)# exit

! login from PC (DHCP set)
ssh -l [username] [secret]

Modes and Interfaces

S1>
S1#
S1(config)#

! Entering different interfaces in config mode
interface [type] [number]
interface vlan 1
ip dhcp pool [name]
ip access-list standard [name]

exit
end
disable
logout

History, Showing, and Saving

! history
show history
show terminal
terminal history size

! do show in configuration mode
do show run  # to view the configuration and statistics from within configuration mode

! Viewing, Saving
show startup-config
show running-config
copy running-config ?
copy running-config startup-config

! Cisco Discovery Protocol (CDP)
! get the Network layer addresses you need for pinging
show cdp entry *

show interfaces [interface]
clear counters [interface]

show interfaces
show interfaces status
show interfaces description

show protocols # Layer 1 and layer 2

! Add interfaces to a new VLAN, enable both data and voic
vlan 2
name USERs
exit
interface range Fa 0/11-24
switchport access vlan 2
switchport mode trunk
switchport voice vlan 2
no shutdown
end
show interfaces switchport

! connect channel-group to another switch, using F0/21-24
interface range Fa 0/21-24
channel-group [number] mode on
! do the same on the other switch

show interfaces switchport
show interfaces Fa 0/11 switchport
show interfaces trunk
show interfaces Fa 0/11 trunk

! If a trunk (or access) port, all trunk (or access), it's trunk (or access) VLAN
! If a trunc VLAN, the native VLAN
interface range Fa 0/21-24
switchport trunk allowed vlan 2

! STP interface settings
pvst
rapid-pvst
mst

Connections and Disconnection

! Connecting to multiple devices
SW-3> Ctrl+Shift+6
! then press X

! Check sessions
SW-1# sh sessions
! Asterisk (*)  means that was the last session connected to,
! you can return to your last session by pressing Enter twice

! Check users
SW-1# sh users

! Disconnect
SW-3>exit
SW-1# disconnect ?
SW-1# disconnect 2

Banner

! Message of the day (MOTD)
banner motd #
! Enter TEXT message. End with the character '#'
$ Acme.com network, then you must disconnect immediately.#
! This MOTD banner essentially tells anyone connecting to the device
! to get lost if they’re not on the guest list
banner motd x Unauthorized access prohibited! x

Checking Network Connectivity and Troubleshooting

• Show IP infomation

ping  # Uses ICMP echo request and replies to test if a node IP stack is initialized and alive on the network.
! If you want to use a different diagnostic port,
! you can create a logical interface called a loopback
interface loopback ?
ip address 20.20.20.1 255.255.255.0
ping  # Source address or interface: 20.20.20.1

telnet
terminal monitor  # To allow console messages to be sent to your Telnet session

traceroute | tracert # Displays the list of routers on a path to a network destination by using TTL time-outs and ICMP error messages.
arp -a | show ip arp # Displays IP-to-MAC-address mappings

ipconfig /all # shows you the PC network configuration.
ipconfig getifaddr en0 # Used to find your IP address

ifconfig # Used to get the IP address details

curl ifconfig.me # display your global Internet IP address
curl ipecho.net/plain ; echo # display your global Internet IP address

• Trouble shooting step by step

ping 127.0.0.1         # local host, IP stack is considered initialized
ping [self-address]    # local host IP, NIC is functioning, but cable is not considered
ping [default-gateway] # Local physical link is OK
ping [remote-server]   # Remote server is working

# If above woks, but still can't communicate with remote server, check DNS
host
dig
nslookup

traceroute
ifconfig    # work on PC
arp -a      # work on PC
show ip arp # work on Cisco IOS

• Debugging:
  • Debug is regarded as a very high-overhead task because it can consume a huge amount of resources and the router is forced to process-switch the packets being debugged.
  • So you don’t just use debug as a monitoring tool—it’s meant to be used for a short period of time and only as a troubleshooting tool.
  • Because the debug all can severely diminish the router’s performance—even render it unusable! Always best to use more specific debug commands.

SW-1> en
SW-1# debug ?

SW-1# no debug all
! OR
SW-1# undebug all

! Open IP ICMP debugging mode
SW-1# debug ip icmp
! Try
SW-1# ping 192.168.10.17

• Using the show processes Command

SW-1# sh processes

• Veryfying configuration

show ip interface
show ip interface brief
show protocols [type] [number]
show interfaces [type] [number]

show interfaces
show ip route

show interfaces trunk
show interfaces [type] [number] trunk
show interfaces switchport
show interfaces [type] [number] switchport

show controllers  # DCE/DTC cable