Configuring and testing your network - Chapter 11: Network fundamentals

1Configuring and Testing Your Network Network Fundamentals – Chapter 11 Học viện mạng Bách Khoa - Website: www.bkacad.com 2 Học viện mạng Bách Khoa - Website: www.bkacad.com 3 Objectives • Define the role of the Internetwork Operating System (IOS) • Use Cisco CLI commands to perform basic router and switch configuration and verification • Given a network addressing scheme, select, apply, and verify appropriate addressing parameters to a host • Use common utilities to verify network connectivity between hosts • Use common utilities to establish a relative performance baseline for the network Học viện mạng Bách Khoa - Website: www.bkacad.com 4 Configuring Cisco Devices – IOS Basic Học viện mạng Bách Khoa - Website: www.bkacad.com 5 Cisco IOS • Similar to a PC, a router or switch cannot function without an operating system. • The Cisco Internetwork Operating System (IOS) is the system software in Cisco devices. It is the core technology that extends across most of the Cisco product line. 10.1.1 Học viện mạng Bách Khoa - Website: www.bkacad.com 6 Cisco IOS • The Cisco IOS provides devices with the following network services: – Basic routing and switching functions – Reliable and secure access to networked resources – Network scalability • The IOS operational details vary on different internetworking devices, depending on the device's purpose and feature set. • The services provided by the Cisco IOS are generally accessed using a command line interface (CLI). Học viện mạng Bách Khoa - Website: www.bkacad.com 7 Cisco IOS • The IOS file: – several megabytes, is stored in a semi- permanent memory area called flash. – Flash memory provides non-volatile storage. • Using flash memory allows the IOS to be upgraded to newer versions or to have new features added. • The IOS may be copied into RAM when the device is powered on and the IOS runs from RAM when the device is operating. This function increases the performance of the device. Học viện mạng Bách Khoa - Website: www.bkacad.com 8 Cisco IOS Học viện mạng Bách Khoa - Website: www.bkacad.com 9 Access Methods 1.Console 2.Telnet or SSH or HTTP , HTTPS 3.AUX port Học viện mạng Bách Khoa - Website: www.bkacad.com 10 Access Methods • Use the CLI to access various IOS configuration modes on a device Học viện mạng Bách Khoa - Website: www.bkacad.com 11 Console • Low speed serial connection to directly connect a computer or terminal to the console port on the router or switch. • Provides out-of-band access to a router • Often used to access a device when the networking services have not been started or have failed. Học viện mạng Bách Khoa - Website: www.bkacad.com 12 Console • Examples of console use are: – The initial configuration of the network device – Disaster recovery procedures and troubleshooting where remote access is not possible – Password recovery procedures • By default: console access does not require any form of securit. However, the console should be configured with passwords to prevent unauthorized device access. • The device should be located in a locked room or equipment rack to prevent physical access. Học viện mạng Bách Khoa - Website: www.bkacad.com 13 Telnet and SSH • Telnet –Require active networking services on the device. –Run on layer 7 in OSI model • Secure Shell (SSH) protocol –Like telnet but more secure access –Stronger password –Uses encryption when transporting session data • As a best practice, always use SSH in place of Telnet whenever possible. Học viện mạng Bách Khoa - Website: www.bkacad.com 14 Telnet and SSH Học viện mạng Bách Khoa - Website: www.bkacad.com 15 AUX • Can used locally, like console port • Console port is also preferred over the auxiliary port for troubleshooting because it displays router startup, debugging, and error messages by default. Học viện mạng Bách Khoa - Website: www.bkacad.com 16 Configuration file startup-config running-config 11.1.2 Học viện mạng Bách Khoa - Website: www.bkacad.com 17 Configuration files • A Cisco network device contains 2 configuration files: –The running configuration file - used during the current operation of the device –The startup configuration file - used as the backup configuration and is loaded when the device is started Học viện mạng Bách Khoa - Website: www.bkacad.com 18 Types of Configuration Files • The running configuration file – Changes to the running configuration will immediately affect the operation of the Cisco device • The startup configuration file – The startup configuration file or startup-config file is stored in non- volatile RAM (NVRAM) Học viện mạng Bách Khoa - Website: www.bkacad.com 19 Cisco IOS Modes 11.1.3 Học viện mạng Bách Khoa - Website: www.bkacad.com 20 Cisco IOS Modes Học viện mạng Bách Khoa - Website: www.bkacad.com 21 Cisco IOS Modes Học viện mạng Bách Khoa - Website: www.bkacad.com 22 Cisco IOS Modes Học viện mạng Bách Khoa - Website: www.bkacad.com 23 Cisco IOS Modes Học viện mạng Bách Khoa - Website: www.bkacad.com 24 Basic IOS Command Structure 11.1.4 The commands are not case- sensitive Basic IOS Command Structure • The keywords describe specific parameters to the command interpreter • Switch#show running-config Học viện mạng Bách Khoa - Website: www.bkacad.com 25 Basic IOS Command Structure • An argument is generally not a predefined word (defined by the user) • Switch(config-if)#description MainHQ Office Switch Học viện mạng Bách Khoa - Website: www.bkacad.com 26 Học viện mạng Bách Khoa - Website: www.bkacad.com 27 IOS command Conventions 11.1.4.2 Học viện mạng Bách Khoa - Website: www.bkacad.com 28 IOS command Conventions • Example Học viện mạng Bách Khoa - Website: www.bkacad.com 29 Using CLI Help • The IOS has several forms of help available: 1.Context-sensitive help 2.Command Syntax Check 3.Hot Keys and Shortcuts 11.1.5 Học viện mạng Bách Khoa - Website: www.bkacad.com 30 Using CLI Help • Typing “?” Học viện mạng Bách Khoa - Website: www.bkacad.com 31 Using CLI Help Học viện mạng Bách Khoa - Website: www.bkacad.com 32 Using CLI Help Học viện mạng Bách Khoa - Website: www.bkacad.com 33 Using CLI Help • Tab - Completes the remainder of the command or keyword • Ctrl-R - Redisplays a line • Ctrl-Z - Exits configuration mode and returns to the EXEC • Down Arrow - Allows user to scroll forward through former commands • Up Arrow - Allows user to scroll backward through former commands • Ctrl-Shift-6 - Allows the user to interrupt an IOS process such as ping or traceroute • Ctrl-C or Ctrl-Z - Aborts the current command and exits the configuration mode Học viện mạng Bách Khoa - Website: www.bkacad.com 34 Using CLI Help Học viện mạng Bách Khoa - Website: www.bkacad.com 35 Examination Commands 11.1.6 Học viện mạng Bách Khoa - Website: www.bkacad.com 36 Examination Commands Học viện mạng Bách Khoa - Website: www.bkacad.com 37 Examination Commands Học viện mạng Bách Khoa - Website: www.bkacad.com 38 show version • Displays information about the currently loaded software version, along with hardware and device information. Some of the information shown from this command are: – Software Version - IOS software version (stored in flash) – Bootstrap Version - Bootstrap version (stored in Boot ROM) – System up-time - Time since last reboot – System restart info - Method of restart (e.g., power cycle, crash) – Software image name - IOS filename stored in flash – Router Type and Processor type - Model number and processor type – Memory type and allocation (Shared/Main) - Main Processor RAM and Shared Packet I/O buffering – Software Features - Supported protocols / feature sets – Hardware Interfaces - Interfaces available on router – Configuration Register - Sets bootup specifications, console speed setting, and related parameters. Học viện mạng Bách Khoa - Website: www.bkacad.com 39 Học viện mạng Bách Khoa - Website: www.bkacad.com 40 Other show commands • show arp - Displays the ARP table of the device. • show mac-address-table - (switch only) Displays the MAC table of a switch. • show startup-config - Displays the saved configuration located in NVRAM. • show running-config - Displays the contents of the currently running configuration file or the configuration for a specific interface, or map class information. • show ip interfaces - Displays IPv4 statistics for all interfaces on a router. • show ip interfaces [slot/port_number] - To view the statistics for a specific interface • show ip interface brief - To get a quick summary of the interfaces and their operational state. Học viện mạng Bách Khoa - Website: www.bkacad.com 41 show ip interface brief This is useful to get a quick summary of the interfaces and their operational state Layer 1 status Layer 2 status show interface Học viện mạng Bách Khoa - Website: www.bkacad.com 42 Lab 11.1.6.3 Học viện mạng Bách Khoa - Website: www.bkacad.com 43 Học viện mạng Bách Khoa - Website: www.bkacad.com 44 IOS Configuration modes 11.1.7 Học viện mạng Bách Khoa - Website: www.bkacad.com 45 IOS Configuration modes • Interface mode - to configure one of the network interfaces (Fa0/0, S0/0/0,..) • Line mode - to configure one of the lines (physical or virtual) (console, AUX, VTY,..) • Router mode - to configure the parameters for one of the routing protocols • Remember, as configuration changes are made within an interface or process, the changes only affect that interface or process. • Once a change has been made from the global mode, it is good practice to save it to the startup configuration file stored in NVRAM. – Router#copy running-config startup-config Lab 11.1.7.2 Học viện mạng Bách Khoa - Website: www.bkacad.com 46 Học viện mạng Bách Khoa - Website: www.bkacad.com 47 Applying a Basic Configuration Using Cisco IOS Học viện mạng Bách Khoa - Website: www.bkacad.com 48 Naming a device • Start with a letter • Not contain a space • End with a letter or digit • Have characters of only letters, digits, and dashes • Be 63 characters or fewer 11.2.1 Học viện mạng Bách Khoa - Website: www.bkacad.com 49 Naming a device • Two common approaches to establishing naming conventions: the location and the purpose • AtlantaHQ(config)# no hostname • Router(config)# Lab 11.2.1.3 Học viện mạng Bách Khoa - Website: www.bkacad.com 50 Học viện mạng Bách Khoa - Website: www.bkacad.com 51 Configuring Passwords and Using Banners 1. Console password - limits device access using the console connection 2. Enable password - limits access to the privileged EXEC mode 3. Enable secret password - encrypted, limits access to the privileged EXEC mode 4. VTY password - limits device access using Telnet 11.2.2 Q/A Strong Passwords ? • Consider these key points when choosing passwords: – Use passwords that are more than 8 characters in length. – Use a combination of upper and lowercase and/or numeric sequences in passwords. – Avoid using the same password for all devices. – Avoid using common words such as password or administrator, because these are easily guessed. Học viện mạng Bách Khoa - Website: www.bkacad.com 52 Học viện mạng Bách Khoa - Website: www.bkacad.com 53 Console password Học viện mạng Bách Khoa - Website: www.bkacad.com 54 VTY and Enable password Học viện mạng Bách Khoa - Website: www.bkacad.com 55 Using Banners It is often used for legal notification because it is displayed to all connected terminals. Học viện mạng Bách Khoa - Website: www.bkacad.com 56 Set Banner • For examples: –"Use of the device is specifically for authorized personnel." –"Activity may be monitored." –"Legal action will be pursued for any unauthorized use." Lab 11.2.2.4 Học viện mạng Bách Khoa - Website: www.bkacad.com 57 Học viện mạng Bách Khoa - Website: www.bkacad.com 58 Managing configuration files • After making changes to a configuration, consider these options for the next step: • Make the changed configuration the new startup configuration. • Return the device to its original configuration. • Remove all configuration from the device. 11.2.3 Học viện mạng Bách Khoa - Website: www.bkacad.com 59 Managing configuration files Học viện mạng Bách Khoa - Website: www.bkacad.com 60 Backup Configuration on TFTP Server Học viện mạng Bách Khoa - Website: www.bkacad.com 61 Removing All Configurations • Router# erase startup-config • Router# reload Học viện mạng Bách Khoa - Website: www.bkacad.com 62 Use a text file to backup and restore config settings Học viện mạng Bách Khoa - Website: www.bkacad.com 63 Backup Configurations with Text Capture (TeraTerm) Học viện mạng Bách Khoa - Website: www.bkacad.com 64 Restoring Text Configurations • When using HyperTerminal, the steps are: 1. Locate the file to be copied into the device and open the text document. 2. Copy all of the text. 3. On the Edit menu, click paste to host. • When using TeraTerm, the steps are: 1. On the File menu, click Send file. 2. Locate the file to be copied into the device and click Open. 3. TeraTerm will paste the file into the device. Lab 11.2.3.5 Học viện mạng Bách Khoa - Website: www.bkacad.com 65 Học viện mạng Bách Khoa - Website: www.bkacad.com 66 Configuring interfaces 11.2.4 Học viện mạng Bách Khoa - Website: www.bkacad.com 67 Configuring LAN interfaces Học viện mạng Bách Khoa - Website: www.bkacad.com 68 Configuring WAN interfaces Học viện mạng Bách Khoa - Website: www.bkacad.com 69 Configuring interfaces Do not affect to router operation Học viện mạng Bách Khoa - Website: www.bkacad.com 70 Configuring interfaces Học viện mạng Bách Khoa - Website: www.bkacad.com 71 Configuring loopback interfaces Lab 11.2.4.5 Học viện mạng Bách Khoa - Website: www.bkacad.com 72 Học viện mạng Bách Khoa - Website: www.bkacad.com 73 Verifying Connectivity Học viện mạng Bách Khoa - Website: www.bkacad.com 74 Select, Apply, and Verify Appropriate Addressing Parameters to a Host 11.3.1 Học viện mạng Bách Khoa - Website: www.bkacad.com 75 Testing the Stack Lab 11.3.1.2 Học viện mạng Bách Khoa - Website: www.bkacad.com 76 Học viện mạng Bách Khoa - Website: www.bkacad.com 77 Testing the Interface Assignment 11.3.2 Học viện mạng Bách Khoa - Website: www.bkacad.com 78 Testing the Interface Assignment Lab 11.3.2.3 Học viện mạng Bách Khoa - Website: www.bkacad.com 79 Học viện mạng Bách Khoa - Website: www.bkacad.com 80 Testing the local NIC Assignment • Use the ping command to determine if the IP protocol is properly bound to an NIC 11.3.3 Học viện mạng Bách Khoa - Website: www.bkacad.com 81 Testing Local Network • Use the ping, extended ping command to determine if a host can actively communicate across the local network Lab 11.3.3.2 Học viện mạng Bách Khoa - Website: www.bkacad.com 82 Học viện mạng Bách Khoa - Website: www.bkacad.com 83 Testing Gateway and Remote Connectivity • Use the ping command in the CLI to determine if the IP protocol is operational on a local host 11.3.4 Học viện mạng Bách Khoa - Website: www.bkacad.com 84 Testing Gateway and Remote Connectivity Lab 11.3.4.3 Học viện mạng Bách Khoa - Website: www.bkacad.com 85 Học viện mạng Bách Khoa - Website: www.bkacad.com 86 Tracing and Interpreting Trace Results 11.3.5 Học viện mạng Bách Khoa - Website: www.bkacad.com 87 Tracing and Interpreting Trace Results • Identify several conditions that might cause the test to fail Lab 11.3.5.3-4 Học viện mạng Bách Khoa - Website: www.bkacad.com 88 Học viện mạng Bách Khoa - Website: www.bkacad.com 89 Monitoring and Documenting of Networks Học viện mạng Bách Khoa - Website: www.bkacad.com 90 Basic Network Baselines • One of the most effective tools for monitoring and troubleshooting network performance is to establish a network baseline. • A baseline is a process for studying the network at regular intervals to ensure that the network is working as designed. • Use the output of the ping command, saved into logs, and repeated over time, to establish relative network performance 11.4 Học viện mạng Bách Khoa - Website: www.bkacad.com 91 Basic Network Baselines Học viện mạng Bách Khoa - Website: www.bkacad.com 92 Basic Network Baselines Host capture 1. Right-click the command prompt window, then click Select All. 2. Press Ctrl-C to copy the output. 3. Open a text editor. 4. Press Ctrl-V to paste the text. 5. Save the text file with the date and time as part of the name. IOS capture 1. On the Transfer menu, click Capture Text. 2. Choose Browse to locate or type the name of the saving the file. 3. Click Start to begin capturing text 4. Execute the ping command in the user EXEC mode or at the privileged EXEC prompt. The router will place the text displayed on the terminal in the location chosen. 5. View the output to verify that it was not corrupted. 6. On the Transfer menu, click Capture Text, and then click Stop Capture. Học viện mạng Bách Khoa - Website: www.bkacad.com 93 Capturing and Interpreting Trace Information Học viện mạng Bách Khoa - Website: www.bkacad.com 94 Learning About the Nodes on the Network Học viện mạng Bách Khoa - Website: www.bkacad.com 95 Learning About the Nodes on the Network Học viện mạng Bách Khoa - Website: www.bkacad.com 96 Summary Học viện mạng Bách Khoa - Website: www.bkacad.com 97 Học viện mạng Bách Khoa - Website: www.bkacad.com 98 Router# show ip interface brief show ip interface show interface show flash: show ip route dir nvram: show arp Router# ping {destination IP Address} traceroute {destination IP Address} telnet {IP address} show cdp neighbors [detail] Học viện mạng Bách Khoa - Website: www.bkacad.com 99 System Configuration Dialog --- Continue with configuration dialog? [yes/no]: no {enter} Yes. Press the Ctrl+C for interupting