Friday, December 11, 2009

cisco command CLI

Cisco official CLI command reference.

router>enable
router#config terminal
router(config)#hostname myhost
router(config)#enable secret mypassword
router(config)#service password-encryption
router(config)#security passwords min-length 10
router(config)#service timestamps [debug datetime msec]
router#terminal monitor
-> display debug output on current vty session
router(config)#no ip domain-lookup
router(config)#interface s0/0/0
router(config-if)#ip address myip mymask
router(config-if)#ip hostname myhostname myip
router(config-if)#clock rate 9600
router(config-if)#description my description
router(config-if)#no shutdown
--> after interface config, always needs no shutdown
router(config-if)#exit
router(config)#ip route network_to_connect mask gateway
router(config)#banner motd # my_banner #

router(config)#line console 0
router(config-line)#password my_console_pw
router(config-line)#login
router(config-line)#logging synchronous
-> system output won't be mangled with your input
router(config-line)#exec-timeout 15 30
--> set timeout 15 minutes 30 seconds
router(config-line)#history size 100
-> history buffer
router(config)#line vty 0 4
router(config-line)#password my_telnet_pw
router(config-line)#login
--> after password reset, always need login.
router(config)#end
router#copy running-config startup-config
router#write mem
->(same as above)
router#copy startup-config tftp://172.16.2.155/tokyo-config
-> backup startup-config over the network.
router#copy startup-config flash:config.bak1
-> backup startup-config to another file.
router#reload
-> restart using the current startup-config

switch#erase nvram:
switch#erase startup-config
switch#delete flash:filename
switch#boot system ROM
-> boots a mini version of IOS
switch#copy tftp flash
-> to upgrade IOS from a network location.
swtich#copy run tftp:10.1.1.100
-> save running-config to network server.
switch#erase nvram
switch#reload
switch#dir flash:/

switch#terminal monitor
-> if using other than console, all messages will be displayed just as in console mode
switch#clock set 13:00:00 12 october 1993
switch#clock timezone EST -5
switch#logging buffered
-> save in ROM, rather than output to screen.
switch#show log
-> now read this log

(config)#ip http authentication enable
-> configure HTTP server interface to enable password, other options are: local (local user database), tacacs
(config)#ip http server
-> enable the HTTP server

switch#show interface status
-> nice brief table
switch#show ip {interface | http | arp}
-> nice brief table
Router>show control s0/0/0
-> shows cable used, clock rate, ...
Router>show interfaces
-> all serial and ethernet connections.
Router>show ip route
Router>show ip interface brief

Router(config-router#)default-information originate
-> Redistributes Default gateway (QZR) to others
Router(config-router)#passive-interface fa0/0
Router(config-router)#redistribute static

(config)#ipv6 host name [port] ipv6addr
(config)#ipv6 unicast-routing
(config)#ipv6 router rip MYNAME
(config-if)#ipv6 address ipv6_prefix/prefix-length [eui-64]
(config-if)#ipv6 rip MYNAME enable
#show ipv6 interface [brief]
#show ipv6 neighbors
#show ipv6 protocols
#show ipv6 rip
#show ipv6 route [summary]
#show ipv6 routers
#show ipv6 static [detail] [interface s0/0]
#show ipv6 traffic
#clear ipv6 rip
#clear ipv6 route *
#clear ipv6 traffic
#debug ipv6 rip
#debug ipv6 routing
#debug ipv6 packet
Posted by at No comments:

router

A router is a device that sends packets from one network to another network. The routing table typically contains the address of all known networks and routing information about that network such as:
  • Interface
  • Routing Path
  • Next Hop
  • Route Metric (Cost, # hops)
  • Route Timeout

Routers build and maintain their routing database by periodically sharing information with other routers. The exact format of these exchanges is based on the routing protocol. The routing protocol determines:
  • The information contained in the routing table
  • How messages are routed from one network to another
  • How topology changes (i.e. updates to the routing table) are communicated between routers

Regardless of the method used, changes in routing information take some time to be propagated to all routers on the network. The term convergence is used to describe the condition when all routers have the same (or correct) routing information.

Message Routing process:
  • The sender uses its own IP for the source Network layer address, and the IP of the final receiving device as the destination Network layer address.

  • The sender creates a frame by adding its own MAC address as the source Physical layer address. For the destination Physical layer address, it uses the MAC address of the default gateway router.

  • The next hop router reads the destination MAC address in the frame. Because the frame is addressed to that router, it processes the frame.

  • The router strips off the frame header and examines the packet destination address. It uses a routing protocol to identify the next hop router in the path.
    The router repackages the packet into a new frame. It uses its own MAC address as the source Physical address, the MAC address of the next hop router for the destination Physical address.

  • The last router in the path receives the frame and because the destination device is on a directly connected network, the router creates a frame using its own MAC address as the source address, and the MAC address of the destination device as the destination physical address.

  • The destination device receives the frame. Inside the packet it finds the destination address matching its own IP address, with the source IP address being that of the original sending device.

Be aware of the following:
  • On an Ethernet network, the Data Link layer address is the MAC address. On an IP network, the Network layer address is the IP address.

  • Both Data Link physical addresses and Network logical addresses are used to send packets between hosts.

  • The Data Link address identifies the physical interface. The Network address contains both a logical network address and a logical device address.

  • IP (Network layer) addresses are contained in the IP header; MAC (Data Link) addresses are contained in the Ethernet frame header.

  • Both the source and destination Network and Data Link addresses are typically contained in the packet.

  • Data Link addresses in the packet change as the packet is delivered from hop to hop. At any point in the process, the Data Link destination address indicates the physical address of the next hop on the route. The Data Link source address is the physical address of the device sending the frame.

  • Network addresses remain constant as the packet is delivered from hop to hop. The Network addresses indicate the logical address of the original sending device and the address of the final destination device.

  • A router uses the logical network address specified at the Network layer to forward messages to the appropriate network segment.
Posted by at No comments:

switch

A switch is a multiport bridge. It provides the same functionality, but with a higher port density. In addition, switches provide features that cannot be found in bridges.
  • Switches are associated with the Data Link layer of the OSI Model.

  • Switches build a forwarding database in a manner similar to bridges. Switches examine the source and destination Data Link address in each packet to build the database and make forwarding decisions.

  • Switches connect multiple segments or devices and forward packets to only one specific port.

  • You can connect a single device to a switch port or multiple devices to a switch port by using a hub.

Switches offer the following advantages over a non-switched network.
  • Switches create separate collision domains.

  • Switches provide guaranteed bandwidth between devices, if dedicated ports are used.

  • Switches can be used to provide collision-free networking, if only one device is connected to each switch port.

  • Switches enable full-duplex communication.

  • Switches induce less latency than other segmentation solutions.

  • Switches can simultaneously switch multiple messages.

  • Switches can mix 10 Mbps- and 100 Mbps-capable devices, if the switch is a 100 Mbps switch.

  • Ethernet switches can be implemented without re-cabling.

Switches have replaced bridges in most network applications.
Posted by at No comments:

bridge

A bridge is a data forwarding device that provides data transfer. You should understand the following concepts relating to the operation of bridges.
  • Bridges connect two media segments that use the same protocol.
    Bridges examine the source address to determine the media segment of network devices.

  • Bridges operate at the Data Link layer of the OSI model.

  • Bridges maintain a table of device addresses and their corresponding segments.

  • Each segment connected by a bridge can have the same network address.

  • Messages within a media segment are prevented from crossing over to another segment.

Bridges' advantages:
  • Bridges prevent wasted bandwidth by eliminating unnecessary traffic between segments.

  • Bridges increase the maximum network length.

  • Bridges forward packets for multiple upper-layer protocols.

  • Bridges can link segments with dissimilar transmission media and media access methods.

Bridges' limitations:
  • Bridges cannot link multiple architectures because different frame types are used.

  • Bridges cannot translate upper-layer protocols.

  • Bridges cannot forward packets to different networks based on the network address.

  • Bridges do not filter broadcast packets.

Use bridges to isolate traffic to a segment, or to prevent unwanted traffic from crossing over to other segments, or to slow WAN links. When designing the placement of bridges on the network, follow the 80/20 rule.
  • At least 80% of network traffic should stay within a segment.

  • No more than 20% of network traffic should pass through the bridge to another segment.
Posted by at No comments:
Subscribe to: Posts (Atom)