Cisco has introduced PoE into the exam syllabus. You may actually need to know this in quite some detail for the exam. The rest of the chapter covers router interface fundamentals.

Back to book index.

Router Interfaces and Connectors

There are many varieties of connectors that can be used with computers and networks. Cisco devices use different types of connectors depending on which interface is used and which device is connected to the router. Next, we will look at the most commonly used connector and interface types.

RJ-45 Connectors

Also known as a registered jack, RJ-45 connectors look similar to the type of cable associated with telephone connectors; however, there is a small plastic tab on the bottom to prevent it from being pulled out of the interface. There is also a connector used in some countries that can be plugged into a phone jack; this is known as an RJ-11 connector. The RJ-45 connector has eight pins, while the RJ-11 connector has only four pins.

RJ-45 connectors are used for LAN connectivity, console connections, and AUX connections. Modern CAT 5e cable is used to allow speeds of around 1 Gbps to be achieved over LANs.

Aux Connectors

Short for auxiliary, the AUX port on a router is used to dial in from a remote location. Rather than driving to the router’s location, a network administrator can connect remotely using a modem and then configure the router. AUX ports use an RJ-45 connector; they can also be used for dial backup to the router via a modem.

Console Connectors

When a router is first used, the only way to configure it is to connect to the console port using a rollover cable. The console port will also be used if there is ever a problem with the router, and it cannot be reached over the network. The only way to perform any sort of disaster recovery is to connect to the router via the console port.

The rollover cable connects directly into the console port; the other end of the cable connects to your COM port on your PC or laptop. If your cable end is RJ-45, you will need an adapter to allow it to interface with your nine-pin COM port (we will cover this in detail later).

WAN Connectors

It would be well worth you taking the time to visit Cisco.com to review some of the network products available, in particular, the interfaces and modules.

FIG 4.1 – Visit Cisco.com for product research

Part of your research will be to find out which IOS versions support which model of router and switch and which cards fit in which device.

Cisco offers a wide range of router and switch models to suit home workers, small offices, and enterprise networks and beyond. Most models come in several variations to suit your budget and requirements, much the same way as cars do. The 2900 series router, for example, is available in the following models: 2901, 2911, 2921, and 2951.

The front of the router houses the power socket, the on/off switch, and various status lights, depending on the model.

FIG 4.2 – Cisco 2900 Series router

The 2911 model (shown above) features four Enhanced High-Speed WAN Interface Card (EHWIC) slots. The far-right slot is numbered 0, followed by 1, 2, and 3, from right to left. You need to understand this because when you insert cards into these slots, you need to ensure that you are configuring the correct interface. You can Google “EHWIC” to see the specifications and IOS requirements; however, Cisco has stated that they support up to 800 Mbps bidirectionally.

The bottom left side of the router features a large blank slot called a service module slot. Service module slots are used for router modules that run specific services, such as voice, security, Power over Ethernet, and many others.

In Figure 4.3 below, on the right rear of the router, you can see three Gigabit Ethernet ports, two USB interfaces, a console and an AUX port, and a USB Serial console port. These ports give you the option of connecting the router to the USB interface on your laptop using an RJ-45 connector or a USB 5-pin mini Type-B connector. This particular router has a voice card inserted into slot 0.

Each of the ports has one or more LED ports to indicate an active interface. Check your documentation to establish the meaning of the LEDs and colors they might display.

FIG 4.3 – Different port options

Router Interfaces and Slots

Quite possibly one of the most frustrating concepts for new Cisco engineers is understanding the nomenclature for interfaces. Why on one device do you configure Serial 0/1 but on another Serial 0/0/0? And how do you know what is attached to your device? The format has actually changed over the years, possibly because none of us, including Cisco, could see where networking would be 10 years or more into the future when they first devised the nomenclature.

Earlier models of the Cisco router featured interfaces burned onto the motherboard. They were fixed, so the numbering was easy—Serial 0, Serial 1, and so on. Cisco then updated its models to include blank slots in which you could insert modules of your choice. For example, if you had slot 0 and put two Serial interfaces into this, your interface names would be Serial 0/0 and Serial 0/1, with the first number indicating the slot and the second number indicating the Serial interface numbering.

Next came the numbering system of slot/subslot/port. This was adopted for all devices so that the interface numbering system was universal, even if your device didn’t offer slots in this configuration.

Figure 4.4 below shows a Cisco 1841 router. It is end-of-life but it would make an ideal budget router for a CCNA home lab. I removed the card from slot 0 and issued a show ip interface brief command, or sh ip int brief for short.

FIG 4.4 – Cisco 1841 router

Router#sh ip int brief

Interface   IP-Address    OK?    Method  Status            Protocol

Fa0/0       unassigned    YES    unset   administratively down down

Fa0/1       unassigned    YES    unset   administratively down down

Vlan1       unassigned    YES    unset   administratively down down

When I insert a two-port WAN card (WIC-2T) into slot 0 and a one-port WAN card (WIC-1T) into slot 1, I can see which numbers have been allocated. All the slots are set to 0, but the subslots are numbered 0 and 1, and in subslot 0, the Serial interfaces are 0 and 1. Some cards for routers and switches are hot-swappable, which means that you can insert them into a live device, but unless you have confirmed this, presume that you must power down the device before inserting or removing any cards.

Router#sh ip int brief

Interface   IP-Address      OK?   Method Status            Protocol

Fa0/0       unassigned      YES   unset  administratively down down

Fa0/1       unassigned      YES   unset  administratively down down

Se0/0/0     unassigned      YES   unset  administratively down down

Se0/0/1     unassigned      YES   unset  administratively down down

Se0/1/0     unassigned      YES   unset  administratively down down

Vlan1       unassigned      YES   unset  administratively down down

Router#

To see what hardware you have installed on your router, you can issue the show diag command. Bear in mind that you must have the correct IOS to support the cards installed in order for them to show and be configurable. I’ve truncated the output below to save space. Your output may differ slightly from mine due to the IOS and platform differences, but the important thing is to correlate your show ip interface brief command with your show diag output.

Router#show diag

WIC Slot 0:

Serial 2T (12in1)

Hardware revision 18.1             Board revision A0

Serial number     16777216  Part number    00-0000-00

Version Identifier                FRU Part Number

Test history      0x0              RMA number     00-00-80

Connector type    PCI

WIC Slot 1:

Serial 1T WAN daughter card

Hardware revision 2.1              Board revision A0

Serial number     16777216  Part number    00-0000-00

Version Identifier                FRU Part Number

Test history      0x0              RMA number     00-00-80

Connector type    PCI

 

show inventory is also a very useful command to verify that the hardware is installed.

Power Over Ethernet

Ethernet has become the de facto standard in modern networking. You can read the PoE standards here.

Power over Ethernet (PoE) is a technology that allows switches to pass electrical power along with data on Ethernet cables. This is usually done on the four extra wires in UTP cables, the ones that are not used for data transmission.

PoE is generally used to power up non-critical network devices in order to reduce cabling necessities in the office. Such devices include:

• IP phones
• Video conferencing cameras
• Surveillance cameras
• Wireless access points

PoE is supported only on special switch models, which are usually more expensive. On a Cisco switch, PoE can be configured in Interface Configuration mode by using the power inline command (this is on by default, but it can be disabled using the no power inline command).

Switch(config)#interface FastEthernet4/1

Switch(config-if)#power inline auto

PoE is defined as a standard in IEEE 802.3af.

Understanding Power over Ethernet (PoE)

In converged internetworks, Cisco Catalyst switches interact with Cisco IP phones in the following three different ways:

• VLAN tagging
• Extended trust settings
• Inline power delivery

VLAN tagging is based on the switchport voice vlan interface configuration command, which is described in detail in the voice VLANs section of this book. Extended trust settings are based on the switchport priority extend interface configuration command. This section describes inline power (ILP).

Cisco IP phones can use an external power cube to draw their power, or they can draw their power from the switch to which they are connected. This power is sent within the Ethernet cable connecting the switch and the IP phone. The following are two methods for providing ILP:

• IEEE 802.3af-2003
• Cisco Inline Power

IEEE 802.3af-2003 and Cisco Inline Power Overview

IEEE 802.3af-2003 is a ratified version of the original IEEE 802.3af standard. This was ratified in 2003, hence the name 802.3af-2003. The IEEE 802.3af-2003 Power over Ethernet (PoE) standard defines terminology to describe a port that acts as a power source (PSE) to a powered device (PD), defines how a powered device is detected, and defines two (2) methods of PoE to the discovered powered device.

IEEE 802.3af-2003 power may be delivered using a PoE-capable Ethernet port, which is referred to as an End-Point PSE, or by a mid-span PSE that can be used to deliver PoE in the event an existing non-PoE-capable Ethernet switch is used. The mid-span PSE is described later in this section.

IEEE 802.3af-2003 is an open standard that describes five power classes to which a device can belong. The default power classification within IEEE 802.3af-2003 delivers 15.4 W per power device. The five 802.3af-2003 power classes are listed below in Table 4-1:

Table 4-1:  IEEE 802.3af-2003 Power Classes

Class	Min. Power Levels Output at PSE	Max. Power Levels at the PD	Usage
0	15.4 W	0.44 to 12.95 W	Default
1	4.0 W	0.44 to 3.84 W	Optional
2	7.0 W	3.84 to 6.49 W	Optional
3	15.4 W	6.49 to 12.95 W	Optional
4	N/A	N/A	Reserved

Cisco ILP is a proprietary approach. The IEEE 802.3af standard is actually based on this method of PoE, which was available before PoE was standardized. To further optimize PSE power management, Cisco has also extended power management extensions using CDP negotiation to Cisco IEEE 802.3af-2003-compliant devices. Cisco Catalyst switches support both ILP and IEEE 802.3af-2003.

Discovering Powered Devices

Before providing power, the switch needs to determine whether the port is connected to a power-capable device. Cisco ILP and the IEEE 802.3af-2003 standard use different power detection methods, both of which are supported by the switch.

IEEE 802.3af-2003 uses a Direct Current (DC)-powered device detection method. The DC detection method applies a DC current and detects the presence of a PD by measuring the load applied by the PD. The switch (PSE) will expect to see a 25 kΩ (Kilo Ohm) resistance between the pairs in order for the device to be considered a valid PD. If the PSE does not detect a valid 25 kΩ resistor, power is not applied to the port.

Unlike the IEEE 802.3af-2003 standard, Cisco ILP uses Alternating Current (AC) for PD detection in conjunction with a low-pass filter that allows the phone discovery signal to loop back to the switch but prevents 10/100 or 1000 Mbps frames from passing between the receive and transmit pairs. PD discovery operates in the following manner for Cisco ILP:

1. The switch (PSE) sends a special tone, called a Fast Link Pulse (FLP), out of the port.
2. The FLP goes to the PD, such as the Cisco IP phone.
3. The PD connects the transmit line to the receive line using a low-pass filter.
4. The FLP is looped back to the switch, indicating it is ILP-capable.
5. When the switch receives the returning FLP, it applies power to the line.
6. The switch port comes up within 5 seconds and the PD boots.

NOTE: The FLP will only be looped back when the PD is unpowered (i.e. has not received power). This allows the switch (PSE) to know that the device requires power.

ILP device discovery is illustrated below in Figure 4.5:

FIG 4.5 – Inline power device discovery

Using either the Cisco ILP or IEEE 802.3af-2003 method, if the PD is a Cisco IP phone, it uses CDP to tell the switch (PSE) how much power it wants. The CDP message contains an ILP Type/Length/Value (TLV) field that informs the Cisco Catalyst switch (PSE) of the actual power required by the device.

If the power is less than the default 15.4 W, the PSE acknowledges the request with its available power and modifies the PSE’s power budget. If the requesting PD exceeds the power budget for the line card or switch, the port either is powered down or remains in low-power mode.

DC detection differs from AC detection in that AC detection transmits a low-frequency AC signal (a low-pass filter) and expects the same signal to be received back on the receive pair. DC detection applies a DC and detects the presence of a PD by measuring the load applied by the PD.

Supplying Power to Power-Capable Devices

Once the powered device has been detected, the PSE needs to supply power. The IEEE 802.3af-2003 standard states that power may be delivered by an end-point PSE, using either the active data wires of an Ethernet port or the spare wires, to a PD. An end-point PSE, such as a PoE-capable switch, may implement either scheme. It should be noted that even if a device supports both methods of providing power, only one mechanism may be used to deliver power to a PD.

With the IEEE 802.3af-2003 standard, there are two modes that can be used: mode A and mode B. In mode A, pins 1 and 2 form one side of the 48 VDC and pins 3 and 6 form the other side. These are the same pairs used for data transmission. In mode B, pins 4 and 5 form one side of the DC supply and pins 7 and 8 provide the return. These are the unused pairs.

Cisco ILP is provided over the data pairs, as is the case with IEEE 802.3af-2003 mode A. The default ILP allocation is 10 W. However, once the inline device is enabled, it will use CDP to adjust its power to the actual requirement. This enables the PD and PSE to negotiate their respective capabilities in order to explicitly manage how much power is required for the device and how the PSE-capable switch manages the allocation of power to individual PDs.

Disconnecting Power

The PSE is required to detect when the PD has been disconnected in order to ensure that power is withdrawn from a port before a non-powered device, such as a workstation or laptop, is connected to the switch port.

The IEEE 802.3af-2003 standard defines two mechanisms for disconnecting power once a device has failed: DC disconnect and AC disconnect. The DC disconnect method detects when PD current falls below a given threshold (5 to 10 mA) for a given time (300 msec to 400 msec). The AC Disconnect superimposes a small AC voltage on the power and measures the resulting AC current. If the impedance is above 26.25 kΩ (Kilo Ohms), power is shut off. With Cisco ILP, the PoE ports have a power disconnect mechanism that will remove power from the port if the Ethernet link status is down.

While Cisco Catalyst switches support both the IEEE 802.3af-2003 and ILP PoE methods, it is important to remember the differences between these two in order to differentiate between them. These differences, which are described in the previous section, include the following:

• The amount of power that is available to the connected device
• The method used for device discovery
• The way that power is removed from the wire when a PD is removed

Configuring Power over Ethernet

Cisco PoE-capable Catalyst switches are configured to supply power on a per-interface or per-port basis using the power inline [auto [max <max-wattage>] | never | static [max <max-wattage>]] interface configuration command. By default, in PoE-capable switches, the default is auto (enabled) and the maximum wattage is 15400 milliwatts.

The [max <max-wattage>] allows the administrator to limit the power allowed on the port. The range is 4000 to 15400 milliwatts. If no value is specified, the maximum is allowed. The [never] keyword is used to disable device detection and disable power to the port.

The [static] keyword is used to enable PD detection and to pre-allocate or reserve power for a switch port before the switch discovers the PD. This is used when connecting to PDs that cannot communicate with the PSE using any of the discovery methods that are described earlier in this section. These advanced PoE configuration options are beyond the scope of the exam requirements and will not be described or illustrated in this chapter.

Verifying Power over Ethernet

The show power inline [interface | consumption default | module switch-number] command is used to display the PoE status for the specified PoE port or for all PoE ports.

The [consumption default] option is used to display the power allocated to devices connected to PoE ports. The [module switch-number] keywords are applicable when the switches are stacked together. These keywords can be used to limit the display of ports on the specified stack member. This is beyond the scope of the exam requirements. The following output illustrates how to verify PoE status using the show power inline command:

Switch#show power inline

Module   Available     Used     Remaining

(Watts)     (Watts)    (Watts)

——   ———   ——–   ———

1        370.0       114.9      255.1

2        370.0        34.3      335.0

Interface Admin  Oper       Power   Device              Class Max

(Watts)

——— —— ———- ——- ——————- —– —-

Fa1/0/1   auto   on         6.3     IP Phone 7910       n/a   15.4

Fa1/0/2   auto   on         6.3     IP Phone 7910       n/a   15.4

…

[Truncated Output]

Connecting to a Router

When you buy a router, it normally comes with no configuration, so the network administrator must configure it from scratch according to the particular requirements of his or her network. Because there is no IP address configured on it, you won’t be able to telnet to the router, so the only option left is to use the console port. You would also use the console port if there was a fault on the router and you couldn’t reach it via Telnet or if you needed to perform a password recovery.

The traditional way of connecting to a router or switch console port involved using a rollover cable that had an RJ-45 connector for the console port and a DB9 connector for the PC or laptop. DB9 interfaces were eventually phased out and replaced with a DB9-to-USB cable to connect the rollover cable to the PC. We will cover these connections below, as well as the modern USB console ports available on routers.

A terminal emulation program allows you to configure the command line interface. This was traditionally HyperTerminal and came bundled with Microsoft Windows until Windows Vista was released. HyperTerminal has now been discontinued, and beginning with Internet Explorer version 6.0, Telnet is disabled by default. You can still find it and enable it in Windows but far superior programs are available now, such as PuTTY.

FIG 4.6 – Connecting one end of the rollover cable to the router’s console port

Once you are connected to the console port on your router, you can start the terminal emulator. These programs allow you to connect to network devices using Telnet or SSH, or via the console port. I’ll demonstrate this action using PuTTY, which is free.

PuTTY actually defaults to the correct settings but just so you are aware, to connect to Cisco devices you need to have the terminal session settings below. You may well be asked about these in the exam so it’s worth making a note of them:

• Bits per second – 9600
• Data bits – 8 is the default
• Parity – None is the default
• Stop bits – 1 is the default
• Flow control – must be set to None

FIG 4.7 – PuTTY settings

Power on the router. It should then boot, and you should see (after a few seconds) the boot-up text appear on the screen. If nothing appears, then press the Enter key a few times; double-check that you have the correct COM port and that the cable is securely attached at both ends.

System Bootstrap, Version 15.1(4)M4, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 2010 by Cisco Systems, Inc.

When the router first begins to boot, it runs a diagnostic test known as power-on self-test (POST). If no problems are found, the router will then look for its operating system, which is stored in flash memory, also known as electrically erasable programmable read-only memory (EEPROM). We will cover router architecture in this study guide. The router also checks an internal setting called the configuration register, which tells the router or switch how to boot (this will also be covered later).

You should eventually see the Router> prompt. If the configuration register is set to 0x2142 or there is no startup configuration present, then you will be asked if you want to enter setup mode with the configuration dialogue. You should always type no because setup mode displays a series of questions issued by the router, after which it attempts to self-configure and this seldom gives you the desired results.

Cisco CISCO2911/K9 (rev 1.0) with 491520K/32768K bytes of memory.

Processor board ID FTX152400KS

3 Gigabit Ethernet interfaces

DRAM configuration is 64 bits wide with parity disabled.

255K bytes of non-volatile configuration memory.

249856K bytes of ATA System CompactFlash 0 (Read/Write)

— System Configuration Dialog —

Continue with configuration dialog? [yes/no]: no

You can download PuTTY for free at ww.putty.org.

USB Console Connection

Most personal computers and laptops are built without a DB9 port. When this port is used, it is usually allocated COM Port 1 (see CompTIA A+ for more information if you need it). It is still possible to make a console connection to the router using a special type of USB cable that connects to a console cable. The USB cable ends in a 9-pin connector and should come with driver software to allow it to be accessed via the Device Manager.

FIG 4.8 – USB to DB9 cable	FIG 4.9 – USB cable connects to the rollover cable

After the software is installed, you should go to the Device Manager on your Windows PC and check which COM port the USB cable has been allocated. You can then go into PuTTY and choose that COM port.

FIG 4.10 – The USB cable has been allocated to COM Port 6

On modern routers, you can also connect to a mini-USB console port on your router.

FIG 4.11 – Mini-USB console port

For this type of connection, you will need the USB 5-pin mini Type-B to USB Type-A console cable.

FIG 4.12 – USB mini-cable

You will also need to download the correct USB driver from Cisco.com to match your operating system, for example, cisco_usbconsole.zip.

FIG 4.13 – Cisco console driver download page

For some reason, Cisco seems to bury its driver software deep in its website, so you can either Google “Cisco USB console cable drivers 1911” if that is your router model, for example, or go to Cisco’s download page and drill down to all the software available for your model. Here is where I obtained it from Cisco’s download page (you will need to create a free Cisco.com account): Downloads > Home > Products > Routers > Branch Routers > 1900 Series Integrated Services > Routers 1921 Integrated Services Router > Software on Chassis > USB Console Software-3.1.

There is a timeout setting by default on the console connections. The command below may not be available for you depending on your model and IOS:

Router#configure terminal

Router#(config)#line console 0

Router#(config-line)#usb-inactivity-timeout 30

Or you can turn the timeout off:

Switch#(config-line)#no usb-inactivity-timeout

The range for timeout is 1 to 240 minutes. It may be worth checking your network security policies before configuring this value. If the timeout value is reached, you will need to reseat (unplug and plug in) the USB cable.

Just as with the DB9-to-USB cable, the driver will create a COM port for you to reference in your terminal session.

Router Modes

In order to pass the CCNA exam, you will need to understand which prompt you should be at to configure various router parameters. You need to be in the correct mode to perform a specific router function. A common mistake novice network engineers make is trying to type the correct command but from the wrong mode.

For all intents and purposes, Cisco routers won’t prompt you to tell you that you are in the wrong mode. It just won’t accept your command until you are in the correct mode. This is part of what makes it hard to configure the equipment. If you find yourself stuck, you can always type the question mark (?) and hit the Enter key to see the options available. The question mark does work in the CCNA exam simulator, but if you have completed all the labs in this guide several times you won’t need to rely on it.

User Mode

When you log in to a router for the first time, the mode you are presented with is known as the user mode or user exec mode. There is a limited set of commands that can be run from this mode, which can be useful for looking at basic router elements. The default name of the router is Router but this can be changed, as you will see later.

Router>

Privileged Mode

Typing enable at the user prompt (or en for short) takes you into the next mode known as privileged or privileged exec mode. To get back to user mode, you simply type disable, or to quit the session altogether type logout or exit (or ex for short).

Router>enable

Router#disable

Router>

The privileged mode gives you access to view the entire router configuration, inventory, and operation state of the router. In fact, it is a good idea to set a privileged mode password (also known as an enable password) to ensure that only authorized users get access to this mode.

Global Configuration Mode

To make configuration changes on the router, you have to be in global configuration mode. To get to global configuration mode, you simply type configure terminal (or conf t for short) at the privileged exec prompt. Alternatively, you can just type configure and the router will ask you which configuration mode you would like to enter. The default is terminal (the default option is shown inside squareed brackets []). If you press Enter, the command inside the brackets will be accepted.

Router#config

Configuring from terminal, memory, or network [terminal]? – Press Enter

Router(config)#

Global configuration commands affect the entire router as opposed to more specific modes such as interface or routing modes, which only affect specific aspects of the router (as you will see).

Interface Configuration Mode

When you need to configure attributes specific to a particular part of the router, such as an interface, the router takes you to the specific configuration mode for that aspect. The interface configuration mode allows you to enter commands to modify attributes for individual router interfaces, such as Gigabit Ethernet, Serial, etc. On a new router, all of the interfaces will be shut down by default and no configuration will be present. You will find out how to determine which interfaces you have available shortly.

Router>enable

Router#config t

Router(config)#interface Serial0/0/0

Router(config-if)#

Line Configuration Mode

Line configuration mode is used to make changes to terminal and console lines on a router. These changes affect how a terminal of the router can be accessed to make configuration changes. You can make changes to the console, VTY (for Telnet and SSH), and AUX ports. You can also control who has access to the router via these ports, as well as set passwords or a security feature called “access lists” on the router, which will be covered in detail later.

Router#config t

Router(config)#line console 0

Router(config-line)#

You can also configure baud rates, exec levels, and a lot more in line configuration mode.

Router Configuration Mode

Just like for interface and line configuration modes, the router configuration mode allows you to configure parameters that are specific to routing protocols.

Router#config t

Router(config)#router eigrp 10

Router(config-router)#

Reloading the Router

You can consider reloading the router to be the same thing as a reboot. You will not have to do this due to any configuration changes because these take effect as soon as they are applied. You might need to reload the router to recover it in the event that you need to perform password recovery, or you have replaced the IOS and it needs the router to be loaded.

When the router reloads, it will automatically load configurations from NVRAM, so any changes you have made to the running configuration (DRAM) won’t take effect unless you copy the running configuration to NVRAM with the copy running-configuration startup-configuration command (or copy run start for short). If you forget to do this, the router will prompt you to save any changes to the configuration.

R1#reload

System configuration has been modified. Save? [yes/no]:

You can also set a timer so that the router reloads in the specified number of minutes or hours.

R1#reload in ?

Delay before reload (mm or hh:mm)

If you want to prevent this from happening, you can type reload cancel at the privileged prompt (not in configuration mode). You will usually want to reload the router and NOT save any configuration commands when using this guide because you want to become adept at configuring the router from scratch.

Abbreviating the Commands

The router will permit you to type just the first few letters of the command if you would rather abbreviate it. The proviso is that it must be the only command available that starts with those letters in that particular mode.

If you are at the Router# command prompt, you can type the command conf t instead of configure terminal because there is no other command that starts with the letters conf. You should get used to abbreviating commands to save time, but bear in mind that some abbreviations may not work in the exam since you are configuring an emulator, not an actual router or switch.

Configuring a Router

Router configuration is accomplished via the command line interface (CLI). Remembering all the commands might seem a bit tedious but there is some help in the form of a question mark (?). If you type ? at the router prompt, you will be presented with a list of all the commands available:

Router#?

Exec commands:

access-enable    Create a temporary Access-List entry

access-profile   Apply user-profile to interface

access-template  Create a temporary Access-List entry

alps             ALPS exec commands

archive          manage archive files

bfe              For manual emergency modes setting

cd               Change current directory

clear            Reset functions

clock            Manage the system clock

cns              CNS subsystem

configure        Enter configuration mode

connect          Open a terminal connection

copy             Copy from one file to another

debug            Debugging functions (see also “undebug”)

delete           Delete a file

dir              List files on a

disable          Turn off privileged commands

disconnect       Disconnect an existing network connection

enable           Turn on privileged commands

erase            Erase a

exit             Exit from the EXEC

help             Description of the interactive help system

— More —

If there is too much information to display on the screen, you will see the — More — tag. If you want to display the next line, press Enter, and if you want to display the next page, press the space bar. If you want to exit the list of commands, hold down the CTRL+Z keys together or press any other letter to get back to the router prompt.

There are many thousands of IOS commands available, but in your day-to-day role as a network engineer you will use only a small percentage of these. Also, if you need help completing a command, you can use the question mark (?) to display a list of the options available.

Router#cl?

clear clock

If you type out enough characters of a command, such that there is only one possible completion of that syntax, you can automatically complete the command using the Tab key (just like in UNIX).

Router#copy ru – Press the Tab key here

Router#copy running-config

Loopback Interfaces

Loopback interfaces are not normally covered in the CCNA syllabus (apart from the context of the OSPF Router ID, which will be discussed later) but they are very useful, both in the real world and for practice labs. A Loopback interface is a virtual or logical interface that exists only in software (it can be configured but it does not physically exist). You can assign an IP address and even test reachability to a Loopback address using pings. This is very useful when simulating networks in a lab.

An advantage of using Loopback interfaces is that they always remain up/up (physically up and logically up), unless an administrator shuts them down. They are not affected by cabling or clocking issues like Ethernet and Serial interfaces.

Router#config t

Router(config)#interface Loopback0

Router(config-if)#ip address 192.168.20.1 255.255.255.0

Router(config-if)#^z – Press Ctrl+Z

Router#show ip interface brief

Interface     IP-Address      OK? Method Status     Protocol

Loopback0     192.168.20.1    YES manual up         up

Your output for this command will show all of the interfaces available on your router. If you need to, you can shut down a Loopback interface with the shutdown command in the interface configuration mode. Loopback interfaces have to be given a valid IP address. You can then use them for routing protocols or testing your router to ensure that it is permitting certain traffic. We will be using Loopback interfaces a lot throughout this manual.

Editing Commands

It is possible to navigate your way around a line you have typed rather than deleting the whole line. Certain keystrokes will move the cursor to various places around the line. These keystrokes are quite similar to the UNIX keystrokes. Please try out these shortcuts when you are configuring labs.

Table 4-2: Keyboard shortcuts

Keystroke	Meaning
Ctrl+A	Moves to the beginning of the command line
Ctrl+E	Moves to the end of the line
Ctrl+B	Moves back one character
Ctrl+F	Moves forward one character
Esc+F	Moves forward one word
Esc+B	Moves back one word
Ctrl+P or up arrow	Recalls the previous command
Ctrl+N or down arrow	Recalls the next command
Ctrl+U	Deletes a line
Ctrl+W	Deletes a word
Tab	Finishes typing a command for you
Show history	Shows the last 10 commands entered by default
Backspace	Deletes a single character

Mini-lab – Putting an IP Address on an Interface

Router interfaces must be assigned an IP address for them to be able to communicate with other devices that are connected to them. To assign an IP address to an interface, first, you need to go into the interface configuration mode. You have already seen how to discover which interfaces you have available with the show ip interface brief command. Mine says Serial 0/0/0 so that’s the one I’ll be configuring; yours may be different.

Router>enable – Takes you from user to privileged mode

Router#config t – From privileged to config mode

Router(config)#interface Serial0/0/0 – And then into interface config mode

Router(config-if)#ip address 192.168.1.1 255.255.255.0

Router(config-if)#no shutdown – Open the interface for traffic

Router(config-if)#exit – You could also hold down Ctrl and Z keys to exit

Router(config)#exit

Router#

A description can also be added to the interface:

Router(config)#interface Serial0/0/0

Router(config-if)#description To_Headquarters

Router(config-if)#^Z –  Press Ctrl+Z to exit

Router#show interface Serial 0/0/0

Serial0/0/0 is up, line protocol is up

Hardware is HD64570

Description: To_Headquarters

Internet address is 192.168.1.1/24

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation HDLC, Loopback not set

Keepalive set (10 sec)

Last input 00:00:02, output 00:00:03, output hang never

[output truncated] [END OF MINI-LAB]

Show Commands

You can verify the settings on the router by simply using the show X command in privileged mode, with X being the next command:

Router#show ?

access-expression  List access expression

access-lists       List access lists

accounting         Accounting data for active sessions

adjacency          Adjacent nodes

aliases            Display alias commands

alps               Alps information

apollo             Apollo network information

appletalk          AppleTalk information

–More—

Some of the more common show commands and their meanings are listed below in Table 4-3. Please do try them out and note what information they provide.

Table 4-3: Common show commands

Show Command	Result
show running-configuration	Shows configuration in DRAM
show startup-configuration	Shows configuration in NVRAM
show flash:	Shows which IOS is in flash
show ip interface brief	Shows brief summary of all interfaces
show interface Serial0	Shows Serial interface statistics
show history	Shows last 10 commands entered

Try some out for yourself, and type a question mark (?) at the end to see if there are more options available.

Examples

Router#show ip interface brief

Interface       IP-Address    OK? Method Status             Protocol

FastEthernet0/0 unassigned    YES unset  administratively down down

FastEthernet0/1 unassigned    YES unset  up                    up

Loopback0       172.16.1.1    YES manual up                    up

Serial0/0       192.168.1.1   YES unset  administratively down down

Serial0/2       unassigned    YES unset  administratively down down

The method column indicates how the address was assigned. It can be unset, manual, NVRAM, IPCP, or via DHCP.

Routers can recall commands that were previously entered at the router prompt—the default number of commands is 10. The commands can be recalled by using the up arrow. Using this feature can save a lot of time and effort when reentering a long line. The show history command shows the buffer of the last 10 commands issued on the router:

Router#show history

show ip interface brief

show history

show version

show flash:

conf t

show access-lists

show process cpu

show buffers

show logging

show memory

You can increase the history buffer with the terminal history size command:

Router#terminal history ?

size  Set history buffer size

[cr]

Router#terminal history size ?

[0-256]  Size of history buffer

Router#terminal history size 20

The show commands are very powerful and are an essential part of your troubleshooting tool bag. Ninety percent of all troubleshooting can be done without ever looking at the running configuration of the router. Learn the show commands well.

Debug Commands

A large part of the new-style CCNA exam covers troubleshooting skills. This can be thought of as your theoretical knowledge as well as your hands-on experience with the Cisco IOS. Part of your troubleshooting will be knowing which show commands to use in which circumstances. A telltale sign of a novice Cisco engineer is resorting to the show run command, which is rarely used by an experienced network engineer.

Some issues cannot be investigated using the show commands because you need to see a real-time exchange of information between network devices. Learning how to use a network sniffer is a hugely important part of your role as a network engineer, and although it is outside the CCNA syllabus, we do include some sniffer outputs to explain learning points.

But before that, you will need to understand the relevant debug commands to issue to either confirm that the network is working as expected or to troubleshoot an issue. We will cover these as we progress through the book; however, it’s important to understand a few points:

• Debug output will not show on your screen if you have telnetted to a router or switch. You need to add the terminal monitor command to see it.
• Some types of debugs will generate a huge amount of output, which will quickly overload your router CPU and cause it to hang or crash. I’ve known of network engineers being sacked after doing this. The debug ip packet command is a major cause of router crashes.
• Issue debug commands with extreme caution on a live network, and always check with an experienced engineer first. There are ways to restrict the output somewhat.
• You can turn off the debug command by typing it out again but with the word no in front, or you can turn off all debugs with the undebug all command (or un all for short).
• Debug commands will probably not work in the CCNA exam because you are working on an emulator, which doesn’t actually produce live traffic.

Here is a debug command that you might use during an OSPF lab. Note that the router tells you that the debug is active and then begins printing the output on the screen. The output will differ from debug to debug; however, it should include a timestamp and date.

R1#debug ip ospf hello

OSPF Hello events debugging is on

*Mar  1 02:09:12.719: OSPF: Send Hello to 224.0.0.5 area 0 on FastEthernet0/0 from 192.168.1.1

You can disable a debug by typing it out again but with the word no in front:

R1#no debug ip ospf hello

OSPF Hello events debugging is off

R1#debug ip ospf Hello

If you have multiple debugs or just want to use a shorter command, you can use undebug all (or un all for short).

R1#un all

All possible debugging has been turned off

A major bugbear for Cisco engineers is router output appearing as you type commands. Although you can continue typing, seeing the output appear on the screen where you are typing can cause you to lose track of where you were in the configuration.

The logging synchronous command is very useful if you want to prevent logging information from appearing while you are entering commands on the router from a console connection. If this command is not on and a console message appears half-way through typing a command, you can simply hold down the Ctrl+L or Ctrl+R keys or hit the up arrow to redisplay the line you were typing.

RouterA(config)#line console 0

RouterA(config-line)#logging synchronous

You may find that this command is on by default depending on your IOS release. Type show run to find out which commands are turned on by default.

You will use more debug commands in the lab part of this book. The commands make far more sense when you can see them working on a real network.

Pipes

As you’ve seen above, the command line interface for configuring Cisco devices using Cisco IOS has some features used by the UNIX command line. A sure sign of a confident and experienced Cisco engineer is familiarity with the keyboard and command shortcuts. Part of getting quick answers to router show commands is the use of pipes, which help you cut out all extraneous output.

A pipe (shown as | on the keyboard) can be used on the Cisco command line to give you some granularity when searching for certain commands or entries in the router’s configuration. Using pipes can save you time and effort and possessing this knowledge shows professionalism in the field.

You can use several commands with pipes, such as:

show [command] [begin | include | exclude] [regular expression]

Example

Router#show run ?

interface  Show interface configuration

|          Output modifiers

[cr]

Router#show run | ?

begin    Begin with the line that matches

exclude  Exclude lines that match

include  Include lines that match

Router#show run | include ?

LINE  Regular Expression

Router#show run | include login

aaa authentication login default group tacacs+ line

timeout login response 120

timeout login response 120

Router#show run | begin interface

interface FastEthernet0/0

no ip address

shutdown

!

interface Serial0/0

no ip address

shutdown

!

interface Serial1/0

no ip address

shutdown

!

ip classless

no ip http server

!

line con 0

line aux 0

line vty 0 4

!

end

Don’t expect any of the above commands to work on Packet Tracer.

The Configuration Register

How does the router know where to find the configuration file when it boots up? The router checks the config-register field upon booting to determine which booting option to use. You can see which option has been set when you issue the show version command. The output below is truncated to save space:

Router#sh ver

Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc2)

ROM: System Bootstrap, Version 15.1(4)M4, RELEASE SOFTWARE (fc1)

cisco2911 uptime is 1 minutes, 35 seconds

System returned to ROM by power-on

System image file is “flash0:c2900-universalk9-mz.SPA.151-1.M4.bin”

Configuration register is 0x2102

When using routers to practice labs, you do not want the configuration changes you make to stay there every time you boot up the routers. In order to pass the practical tests in the lab, you must practice over and over again. If you change the configuration register setting, you can prevent the router from looking at the startup configuration file when it boots. This will boot the router with no configuration file, giving you a blank configuration to begin working on.

Having the router configuration register set to 0x2102 tells it to look at the startup configuration file when it boots, which pulls it into NVRAM. Changing it to 0x2142 tells the router to ignore it so that it will boot with a blank configuration. This setting has to be entered if you ever forget the router password because the password sits in the startup configuration. The router will boot without any of the configurations, including any passwords.

The configuration register setting isn’t a part of the startup configuration or running configuration, so there is no need to save the change. However, you will be prompted to save it because you went to the configuration mode and out again.

You need to change the default router config-register settings for all the labs (if you are using live equipment), which is why we are covering it now.

Mini-lab – Changing the Configuration Register

This mini-lab was performed on a Cisco 2911 model. If you are using a different model, you may need to follow slightly different steps. Search Google for “Cisco changing configuration register” to check for your specific model.

In user exec mode, go into privileged exec mode:

Router>enable

Router#

Check the configuration register settings (your output will be slightly different from the one below if you are using a different model of router and IOS). You will need to press the space bar once to get to the bottom of the show version output:

Router#show version

Cisco CISCO2911/K9 (rev 1.0) with 491520K/32768K bytes of memory.

Processor board ID FTX152400KS

3 Gigabit Ethernet interfaces

DRAM configuration is 64 bits wide with parity disabled.

255K bytes of non-volatile configuration memory.

249856K bytes of ATA System CompactFlash 0 (Read/Write)

Configuration register is 0x2102

Enter configuration mode:

Router#configure terminal – Or config t for short

Router(config)#

Change the configuration register setting:

Router(config)#config-register 0x2142 – Tells router to ignore the startup config

Router(config)#exit

Check the configuration register setting:

Router#show version

Cisco CISCO2911/K9 (revision 1.0) with 491520K/32768K bytes of memory.

Processor board ID FTX152400KS

3 Gigabit Ethernet interfaces

DRAM configuration is 64 bits wide with parity disabled.

255K bytes of non-volatile configuration memory.

249856K bytes of ATA System CompactFlash 0 (Read/Write)

Configuration register is 0x2102 (will be 0x2142 at next reload)

Reload the router:

Router#reload

System configuration has been modified.

Save? [yes/no]: n – Enter no or n here

Proceed with reload? [confirm] – Press Enter here

00:14:47: %SYS-5-RELOAD: Reload requested

System Bootstrap, Version 11.0(10c)XB2, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1)

The reload may take a few minutes, so be patient. Press Enter every few seconds to see if you have a prompt.

You will be asked if you want to enter configuration dialog. Enter n for no.

— System Configuration Dialog —

Would you like to enter the initial configuration dialog? [yes/no]: n

The router has no configuration; hence, the Router> prompt. Check the configuration register setting now (you will need to use the space bar again):

Router>enable

Router#show version

Cisco CISCO2911/K9 (revision 1.0) with 491520K/32768K bytes of memory.

Processor board ID FTX152400KS

3 Gigabit Ethernet interfaces

DRAM configuration is 64 bits wide with parity disabled.

255K bytes of non-volatile configuration memory.

249856K bytes of ATA System CompactFlash 0 (Read/Write)

Configuration register is 0x2142

If you reload the router now, it will continue to skip the startup configuration file until you reset the configuration register back to 0x2102.

[END OF MINI-LAB]

Host IP Addressing

Cisco certifications have never been concerned with the host-based configuration or issues. This changed with the latest CCNA exam syllabus. Specifically, you need to be able to ‘Verify IP parameters for Client OS (Windows, Mac OS, Linux).’

Most of us will be familiar with only one operating system and even then, we may not be acquainted with the IP settings (and how to change them). The syllabus doesn’t mention knowing the command line or GUI formats, so you should learn both. Windows, Linux, and Mac OS can all be run in a virtual machine using VirtualBox. You may be able to find websites that allow you to try out commands and also the GUI.

Windows

Each version of Windows has a different GUI, the command-line has remained the same. We’ll stick to Windows 10 because it’s the latest version. Please bear-in-mind that there are several ways to access IP information (including via the GUI and keyboard shortcuts), so you may want to spend some time looking into these.

Windows offers a Control Panel where you can view and configure many settings including sound, graphics, power management, and, of course, your network settings for Ethernet and wireless.

1. Access the Control Panel by typing control panel into the Search bar. As I stated earlier, there are other ways to get there.

FIG 4.14 – Windows Control Panel

2. Click Network and Internet.

FIG 4.15 – Network and Internet

3. Click View network status and tasks.

FIG 4.16 – Network and Sharing Center

Here you will see information including your network connections.

FIG 4.17 – Network connections

4. Click on Your Desired Connection > Properties > IPv4 > Properties.

FIG 4.18 – IPv4 properties

Here, you can change the IP properties manually or leave them to use DHCP to allocate IP information.

FIG 4.19 – IP address settings

If you want to check the current IP information, you can click the Details button.

FIG 4.20 – Network Connection Details

If you prefer to use the command-line interface (CLI), you can use the Search bar and type cmd. This will bring up a command prompt allowing you to check and change various parameters.

FIG 4.21 – Windows command

The command to view basic IP information is ipconfig but if you want to display more detailed information such as DNS servers, default gateway, then the command is ipconfig /all.

FIG 4.22 – Output for ipconfig /all

There are other sub-commands using ipconfig, and you can search for these using the question mark ipconfig /?. These permit you to request new IP information using DHCP, flush your DNS cache, and more.

On Windows machines, if you type the route command, you will see all available options. To view the routing table (both for IPv4 and IPv6), you can issue the route print command, as shown in the Figure 4.23 below:

FIG 4.23 – Routing table in Windows

Some of the most important information that you can see in the route print output include:

• Network destinations and network mask
• Gateway for each destination
• Outgoing interface
• Metric for each route

If you need to add a route in the routing table, issue the route add <destination> mask <mask> <gateway> metric <metric> command. If you need to delete a route in the routing table, issue the route delete <prefix> command.

Linux

Linux comes in a variety of distributions (distros). All distros rely on the Linux kernel but may offer different GUI, package installers, and other tools. The command-line experience should be similar across all distros. For the GUI, we will use Ubuntu which is the most widely adopted distro.

If you want to use the Ubuntu GUI to check your IP information, you use the Settings icon which will be accessed via the Show Applications icon on the bottom left (where you find the Windows logo on Windows systems).

FIG 4.24 – Apps in Linux

You will see several options here. Under the Network tag, you will see any interfaces present on your system. Clicking on the gear icon will bring up a tabbed window showing your IP information.

FIG 4.25 – IP information in Ubuntu

The command line can be found via your desktop or the Show Applications icon.

FIG 4.26 – Ubuntu command line for Linux

The command to display your IP information was ifconfig for many years. This command has been depreciated, and the new command is ip addr show.

FIG 4.27 – ip addr show output

If you need help with command options and switches, you can type h or help after the command.

FIG 4.28 – Getting help in Linux

It’s also well worth checking the routing table. Linux has retired some commands and currently uses ip route for this purpose. The output from my Ubuntu virtual machine is below.

FIG 4.29 – ip route output

You need to be familiar with this output for the exam, so please do try it on your own VM.

In this output:

• default via 10.0.2.1 is the next-hop IP address; our default gateway for traffic
• enp0s3 is the interface; any traffic destined for network 10.0.2.0/24 will be sent with the source address of enps03, which is 10.0.2.10

 Mac OS

Apple developed Mac OS to run on its devices in 2001, and it has undergone many updates since this time. You can easily check your current IP information via the GUI. If you don’t have access to a device running Mac OS, you may need to search for an online rental service or emulator. I found one at the below URL but I have no associations with this company, and it may not be available by the time you read this.

https://www.onworks.net/os-distributions/special-os/pear-os-online-mac-emulator

The GUI shows several options by default, choose the System Settings gear icon and then Network.

FIG 4.30 – Settings in Mac OS

Here, you will be able to see the basic IP information. If you choose Options, you can see more information, manually set your IP address, and change security.

End of Chapter Questions

Please visit www.howtonetwork.com/ccnasimplified to take the free Chapter 4 exam.

Further Reading

Read Ethernet: The Definitive Guide by Charles E. Spurgeon if you want to dig into the origins of Ethernet in more detail.