Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
I sometimes refer to the CLI as “Cash Line Interface” because, if you can create advanced
configurations on Cisco routers and switches using the CLI, then you’ll get the cash!
To use the CLI, press Enter after the router finishes booting up. After you do that, the
router will respond with messages that tell you all about the status of each and every one
of its interfaces and then display a banner and ask you to log in. Here’s an example:
[some output cut]
*Feb 28 16:42:00.967: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0
State changed to: Initialized
*Feb 28 16:42:00.971: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0
State changed to: Enabled
*Feb 28 16:42:01.471: %LINK-3-UPDOWN: Interface FastEthernet0/0,
changed state to up
*Feb 28 16:42:01.471: %LINK-3-UPDOWN: Interface FastEthernet0/1,
changed state to up
*Feb 28 16:42:01.471: %LINK-3-UPDOWN: Interface Serial0/0/0, changed
state to down
*Feb 28 16:42:01.471: %LINK-3-UPDOWN: Interface Serial0/0/1, changed
state to down
*Feb 28 16:42:01.471: %LINK-3-UPDOWN: Interface Serial0/1/0, changed
state to down
*Feb 28 16:42:01.471: %LINK-3-UPDOWN: Interface Serial0/2/0, changed
state to down
[some output cut]
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this
device. This feature requires the one-time use of the username
"cisco" with the password "cisco". The default username and password
have a privilege level of 15.
Please change these publicly known initial credentials using SDM or the
IOS CLI. Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you
want to use.
For more information about SDM please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
Command-Line Interface (CLI) 189
User Access Verification
Username: cisco
Password: cisco [this won’t show on your screen]
yourname#
From here, just log in using cisco/cisco as the username/password and you will be in
privileged mode—something I’ll talk about next.
Now, the reason there’s a configuration already installed on the router is so that you can
connect with the SDM via HTTPS without having to configure the router. Again, I’ll be going
through the preconfigured startup-config a bit later in this chapter.
Entering the CLI from a Non-ISR Router
After the interface status messages appear and you press Enter, the Router> prompt will
appear. This is called user exec mode (user mode), and it’s mostly used to view statistics, but
it’s also a stepping stone to logging in to privileged mode.
You can only view and change the configuration of a Cisco router in privileged exec mode
(privileged mode), which you can enter with the enable command.
Here’s how:
Router>enable
Router#
You now end up with a Router# prompt, which indicates that you’re in privileged mode, where
you can both view and change the router’s configuration. You can go back from privileged mode
into user mode by using the disable command, as seen here:
Router#disable
Router>
At this point, you can type logout from either mode to exit the console:
Router>logout
Router con0 is now available
Press RETURN to get started.
Remember, by deleting the default configuration of an ISR router and reloading,
you’ll get to these same prompts, and you won’t be prompted for a username
and password.
In the following sections, I am going to show you how to perform some basic administrative
configurations.
190 Chapter 4 Introduction to the Cisco IOS and SDM
Overview of Router Modes
To configure from a CLI, you can make global changes to the router by typing configure
terminal (or config t for short), which puts you in global configuration mode and changes
what’s known as the running-config. A global command (a command run from global config)
is set only once and affects the entire router.
You can type config from the privileged-mode prompt and then just press Enter to take
the default of terminal, as seen here:
yourname#config
Configuring from terminal, memory, or network [terminal]? [press enter]
Enter configuration commands, one per line. End with CNTL/Z.
yourname(config)#
At this point, you make changes that affect the router as a whole (globally), hence the term
global configuration mode. To change the running-config—the current configuration running in
dynamic RAM (DRAM)—you use the configure terminal command, as I just demonstrated.
To change the startup-config—the configuration stored in NVRAM—you use the
configure memory command (or config mem for short), which merges the startup-config
file into the running-config file in RAM. If you want to change a router configuration stored
on a TFTP host (which is covered in Chapter 5, “Managing a Cisco Internetwork”), you use
the configure network command (or config net for short), which also merges the file
with the running-config file in RAM.
The configure terminal, configure memory, and configure network commands
are all used to configure information into RAM on a router; however, typically only the
configure terminal command is used. It is possible, though, that the commands config
mem and config net can be useful if you screw up your running-config file and don’t want
to reboot your router.
Here are some of the other options under the configure command:
yourname(config)#exit or press cntl-z
yourname#config ?
confirm Confirm replacement of running-config with
a new config file
memory Configure from NV memory
network Configure from a TFTP network host
overwrite-network Overwrite NV memory from TFTP network host
replace Replace the running-config with a new config file
terminal Configure from the terminal
<cr>
As you can see, Cisco has added a few more commands in the 12.4 IOS. We’ll go through
these commands in Chapter 5.
Command-Line Interface (CLI) 191
CLI Prompts
It’s really important that you understand the different prompts you can find when configuring a
router. Knowing these well will help you navigate and recognize where you are at any time within
configuration mode. In this section, I’m going to demonstrate the prompts that are used on a Cisco
router and discuss the various terms used. (Always check your prompts before making any changes
to a router’s configuration!)
I’m not going into every different command prompt offered, because doing that would be
reaching beyond the scope of this book. Instead, I’m going to describe all the different prompts
you’ll see throughout this chapter and the rest of the book. These command prompts really are the
ones you’ll use most in real life anyway; plus, they’re the ones you’ll need to know for the exam.
Don’t freak! It’s not important that you understand what each of these command
prompts accomplishes yet because I’m going to completely fill you in
on all of them really soon. So right now, just relax and focus on becoming
familiar with the different prompts available and all will be well!
Interfaces
To make changes to an interface, you use the interface command from global configuration
mode:
yourname(config)#interface ?
Async Async interface
BVI Bridge-Group Virtual Interface
CDMA-Ix CDMA Ix interface
CTunnel CTunnel interface
Dialer Dialer interface
FastEthernet FastEthernet IEEE 802.3
Group-Async Async Group interface
Lex Lex interface
Loopback Loopback interface
MFR Multilink Frame Relay bundle interface
Multilink Multilink-group interface
Null Null interface
Port-channel Ethernet Channel of interfaces
Serial Serial
Tunnel Tunnel interface
Vif PGM Multicast Host interface
Virtual-PPP Virtual PPP interface
Virtual-Template Virtual Template interface
Virtual-TokenRing Virtual TokenRing
192 Chapter 4 Introduction to the Cisco IOS and SDM
range interface range command
yourname(config)#interface fastEthernet 0/0
yourname(config-if)#
Did you notice that the prompt changed to yourname(config-if)#? This tells you that
you’re in interface configuration mode. And wouldn’t it be nice if the prompt also gave you
an indication of what interface you were configuring? Well, at least for now we’ll have to live
without the prompt information, because it doesn’t. One thing is for sure: You really have to
pay attention when configuring a router!
Subinterfaces
Subinterfaces allow you to create logical interfaces within the router. The prompt then changes
to yourname(config-subif)#:
yourname(config-if)#interface f0/0.1
yourname(config-subif)#
You can read more about subinterfaces in CCNA Study Guide Exam 640-802,
Sixth Edition (Sybex, 2007).
Line Commands
To configure user-mode passwords, use the line command. The prompt then becomes
yourname(config-line)#:
yourname#config t
Enter configuration commands, one per line. End with CNTL/Z.
yourname(config)#line ?
<0-337> First Line number
aux Auxiliary line
console Primary terminal line
tty Terminal controller
vty Virtual terminal
x/y Slot/Port for Modems
x/y/z Slot/Subslot/Port for Modems
The line console 0 command is known as a major command (also called a global
command), and any command typed from the (config-line) prompt is known as a
subcommand.
Command-Line Interface (CLI) 193
Routing Protocol Configurations
To configure routing protocols such as RIP and EIGRP, you’ll use the prompt
yourname(config-router#):
yourname#config t
Enter configuration commands, one per line. End with CNTL/Z.
yourname(config)#router rip
yourname(config-router)#version 2
yourname(config-router)#
Defining Router Terms
Table 4.1 defines some of the terms we’ve used so far.
Editing and Help Features
You can use the Cisco advanced editing features to help you configure your router. If you type
in a question mark (?) at any prompt, you’ll be given a list of all the commands available from
that prompt:
yourname#?
Exec commands:
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
access-template Create a temporary Access-List entry
archive manage archive files
auto Exec level Automation
bfe For manual emergency modes setting
TABLE 4 . 1 Router Terms
Mode Definition
User EXEC mode Limited to basic monitoring commands
Privileged EXEC mode Provides access to all other router commands
Global configuration mode Commands that affect the entire system
Specific configuration modes Commands that affect interfaces/processes only
Setup mode Interactive configuration dialog
194 Chapter 4 Introduction to the Cisco IOS and SDM
calendar Manage the hardware calendar
cd Change current directory
clear Reset functions
clock Manage the system clock
cns CNS agents
configure Enter configuration mode
connect Open a terminal connection
copy Copy from one file to another
crypto Encryption related commands.
ct-isdn Run an ISDN component test command
debug Debugging functions (see also 'undebug')
delete Delete a file
dir List files on a filesystem
disable Turn off privileged commands
disconnect Disconnect an existing network connection
--More--
Plus, at this point you can press the spacebar to get another page of information, or you can
press Enter to go one command at a time. You can also press Q (or any other key, for that matter)
to quit and return to the prompt.
Here’s a shortcut: To find commands that start with a certain letter, use the letter and the
question mark with no space between them:
yourname#c?
calendar cd clear clock
cns configure connect copy
crypto ct-isdn
yourname#c
By typing c?, we received a response listing all the commands that start with c. Also notice that
the yourname#c prompt reappears after the list of commands is displayed. This can be helpful
when you have long commands and need the next possible command. It would be pretty lame
if you had to retype the entire command every time you used a question mark!
To find the next command in a string, type the first command and then a question mark:
yourname#clock ?
read-calendar Read the hardware calendar into the clock
set Set the time and date
update-calendar Update the hardware calendar from the clock
yourname#clock set ?
hh:mm:ss Current Time
yourname#clock set 11:15:11 ?
<1-31> Day of the month
Command-Line Interface (CLI) 195
MONTH Month of the year
yourname#clock set 11:15:11 25 aug ?
<1993-2035> Year
yourname#clock set 11:15:11 25 aug 2007 ?
<cr>
yourname#clock set 11:15:11 25 aug 2007
*Aug 25 11:15:11.000: %SYS-6-CLOCKUPDATE: System clock has
been updated from 18:52:53 UTC Wed Feb 28 2007 to 11:15:11
UTC Sat Aug 25 2007, configured from console by cisco on console.
By typing the clock ? command, you’ll get a list of the next possible parameters and what
they do. Notice that you should just keep typing a command, a space, and then a question
mark until <cr> (carriage return) is your only option.
If you’re typing commands and receive
yourname#clock set 11:15:11
% Incomplete command.
you’ll know that the command string isn’t done yet. Just press the up arrow key to redisplay
the last command entered, and then continue with the command by using your question mark.
And if you receive the error
yourname(config)#access-list 110 permit host 1.1.1.1
^
% Invalid input detected at '^' marker.
you’ve entered a command incorrectly. See that little caret—the ^? It’s a very helpful tool that
marks the exact point where you blew it and entered the command incorrectly. Here’s another
example of when you’ll see the caret:
yourname#sh serial 0/0/0
^
% Invalid input detected at '^' marker.
This command looks right, but be careful! The problem is that the full command is show
interface serial 0/0/0.
Now if you receive the error
yourname#sh ru
% Ambiguous command: "sh ru"
it means there are multiple commands that begin with the string you entered and it’s not
unique. Use the question mark to find the command you need:
yourname#sh ru?
rudpv1 running-config
As you can see, there are two commands that start with show ru.
196 Chapter 4 Introduction to the Cisco IOS and SDM
Table 4.2 lists the enhanced editing commands available on a Cisco router.
Another cool editing feature I want to show you is the automatic scrolling of long lines.
In the following example, the command typed had reached the right margin and automatically
moved 11 spaces to the left (the dollar sign [$] indicates that the line has been scrolled
to the left):
yourname#config t
Enter configuration commands, one per line. End with CNTL/Z.
yourname(config)#$110 permit host 171.10.10.10 0.0.0.0 eq 23
You can review the router command history with the commands shown in Table 4.3.
TABLE 4 . 2 Enhanced Editing Commands
Command Meaning
Ctrl+A Moves your cursor to the beginning of the line
Ctrl+E Moves your cursor to the end of the line
Esc+B Moves back one word
Ctrl+B Moves back one character
Ctrl+F Moves forward one character
Esc+F Moves forward one word
Ctrl+D Deletes a single character
Backspace Deletes a single character
Ctrl+R Redisplays a line
Ctrl+U Erases a line
Ctrl+W Erases a word
Ctrl+Z Ends configuration mode and returns to EXEC
Tab Finishes typing a command for you
Command-Line Interface (CLI) 197
The following example demonstrates the show history command and how to change the
history size, as well as how to verify it with the show terminal command. First, use the show
history command to see the last 20 commands that were entered on the router:
yourname#show history
en
sh history
show terminal
sh cdp neig
sh ver
sh flash
sh int fa0
sh history
sh int s0/0
sh int s0/1
Now use the show terminal command to verify the terminal history size:
yourname#show terminal
Line 0, Location: "", Type: ""
[output cut]just codesnippet
Modem type is unknown.
Session limit is not set.
Time since activation: 00:21:41
Editing is enabled.
History is enabled, history size is 20.
DNS resolution in show commands is enabled
Full user help is disabled
Allowed input transports are none.
TABLE 4 . 3 Router Command History
Command Meaning
Ctrl+P or up arrow Shows last command entered
Ctrl+N or down arrow Shows previous commands entered
show history Shows last 10 commands entered by default
show terminal Shows terminal configurations and history buffer size
terminal history size Changes buffer size (max 256)
198 Chapter 4 Introduction to the Cisco IOS and SDM
Allowed output transports are pad telnet rlogin lapb-ta mop v120 ssh.
Preferred transport is telnet.
No output characters are padded
No special data dispatching characters
The terminal history size command, used from privileged mode, can change the size
of the history buffer:
yourname#terminal history size ?
<0-256> Size of history buffer
yourname#terminal history size 25
You verify the change with the show terminal command:
yourname#show terminal
Line 0, Location: "", Type: ""
[output cut]
Editing is enabled.
History is enabled, history size is 25.
Full user help is disabled
Allowed transports are lat pad v120 telnet mop rlogin
nasi. Preferred is lat.
No output characters are padded
No special data dispatching characters
Group codes: 0
No comments:
Post a Comment