Router Configuration Basics

Questions and Answers

What does the running configuration of a router determine?

The configuration retained during a power outage.

How the router will operate after a reload.

How the router is currently operating. (correct)

The backup configuration stored in flash memory.

Which command is used to view the startup configuration of a router?

show running-config

show startup-config (correct)

view config-settings

display config

In which mode can you perform detailed examination and file manipulation on a router?

Privileged EXEC mode (correct)

ROM Monitor

User EXEC mode

Setup Mode

What type of access does the auxiliary port provide on a router?

Modem access

Which of the following commands is used to copy the running configuration to the startup configuration?

copy run start

What command is used to enter configuration mode on the router?

router(config)# configure terminal

Which of the following methods can be used to make configuration changes to a router?

Telnet, SSH, or Modem connection to the router

What is the purpose of the console port on the router?

To provide a direct interactive text interface for configuration

What can be done if you want to configure a router from a machine without a direct connection?

Copy TFTP files at a later time using specific commands

Which of the following commands is entered after accessing the router's command line to begin configuration?

router> enable

What command should be used to enable weak password encryption on a router?

service password-encryption

Which command is necessary for saving the current router configuration?

router#copy running-config startup-config

Which of the following is NOT a valid component of an IP route command?

network type

What is the purpose of the 'no' command in router configurations?

To disable or reverse a previous command

In which context is the command 'interface ethernet 0/0' used?

Entering interface configuration mode

Which command would you use to configure a next hop gateway in a static route?

ip route n.n.n.n m.m.m.m g.g.g.g

What is the purpose of the command 'ip classless' in router configuration?

To allow the use of classless routing protocols

Which of the following is an example of a global configuration command?

service password-encryption

What command would you use to enable an interface on a router?

router(config-if)#no shutdown

Which command should be included in the global configuration of a Cisco router?

ip classless

What does the command 'show running-configuration' display?

The current configuration of the router

Which abbreviation represents the serial interface that can be used on a router?

ser0/0

What command is used to enter configuration mode on a Cisco router?

router#configure terminal

Which configuration command is generally included in Cisco interface config?

no ip proxy-arp

What does the command 'router#copy run tftp' achieve?

Copies the running configuration to a remote system

Which command indicates that an interface is administratively disabled?

router(config-if)#shutdown

What command is used to enter the terminal configuration mode on a router?

RouterA#configure terminal

Which prompt indicates that you are in privileged EXEC mode on the router?

Router#

What is the command to set the enable secret password on a router?

router(config)# enable secret 'your pswd'

Which command is used to save the current configuration to NVRAM?

RouterA#copy running-config startup-config

Which prompt is displayed when you are in interface configuration mode?

Router(config-if)#

What is the purpose of the command 'RouterA#(config-line)login'?

To activate the console password prompt

Which of the following commands assigns an IP address to an interface?

RouterA#(config)interface ethernet 0/0 ip address n.n.n.n m.m.m.m

Which prompt indicates that you are configuring a router route-map?

Router(config-route-map)#

What command should be used to initialize the router settings?

RouterA#configure terminal

What is the first step in assigning access passwords for a router?

RouterA#(config)line console 0

What command is used to erase the startup configuration of a router?

Router#erase startup-config

What is the purpose of Access Control Lists (ACLs) in routers?

To filter packets and implement security

In what sequence are packets compared with an Access Control List?

In sequential order until a match is made

Which command syntax is correct for configuring a standard IP access list?

access-list access-list-number {permit | deny} source {source-mask}

Where should standard IP access lists be placed in a network?

Close to the destination

What keyboard shortcut is used to recall the previous command in router command line interface?

up-arrow or ‘^p’

Which command allows you to configure an IP address on an interface?

router(config-if)#ip address n.n.n.n m.m.m.m

What does an implicit deny at the end of an access list indicate?

Unmatched packets will be discarded

What range of numbers is assigned to Extended IP Access Lists?

100 - 199

What does the command 'Ctrl-a' do in a command line interface?

Moves the cursor to the start of the line

What is a characteristic of Extended IP Access Lists compared to Standard IP Access Lists?

Allows for more complex address specifications

What would happen if a packet does not match any entry in an access list?

It is discarded

What does the command 'Router#reload' do after erasing the startup configuration?

Starts the router in setup mode

How does one add a second IP address to the configuration of a router interface?

By entering 'ip addr n.n.n.n m.m.m.m'

Study Notes

Week 14 (Initial Routing Configuration)

• Learning Outcomes: Explain router configuration in a network, understand configuring and setting routing in a network, and be familiar with commands used for routing.

Router Components

• Bootstrap: Stored in ROM microcode, initializes the router, boots it, and loads the IOS.
• POST (Power On Self Test): Stored in ROM microcode, checks basic router hardware functionality and identifies present interfaces.
• ROM Monitor: Used for manufacturing, testing, and troubleshooting; also stored in ROM microcode.
• Mini-IOS (RXBOOT/boot loader): A small IOS ROM used by Cisco to boot an interface and load Cisco IOS into flash memory from a TFTP server. It also performs other operations.

Config-Register

• Controls how the router boots.
• Value (0x2102) tells the router to load IOS from flash memory and startup configuration from NVRAM.
• Shown using the "show version" command.

Purpose of Config Register

• Reasons for modification include forcing the router into ROM Monitor Mode, selecting a boot source and default boot filename, enabling/disabling the break function, controlling broadcast addresses, setting console terminal baud rate, loading operating software from ROM, and enabling booting from a TFTP server.

System Startup

• POST: Initializes and runs diagnostics on all router hardware.
• Bootstrap: Locates and loads the IOS image; defaults to loading from flash memory.
• IOS: Locates and loads valid configurations from NVRAM (startup-config file). Exists only when running-config is copied to NVRAM.
• Startup-config: If found, router loads it and runs embedded configuration; otherwise, router enters setup mode.

Overview

• Router configuration controls: interface IP address and netmask, routing information (static, dynamic, or default), boot and startup information, and security (passwords and authentication).

Where is the Configuration?

• Running configuration: Located in RAM; determines current router operation. Modified using the configure command. Viewed with the "show running-config" command.
• Startup configuration: Located in NVRAM; determines how the router operates after a reload. Modified using the copy command. Viewed with the "show startup-config" command.
• External Storage: Stored on external hosts (using TFTP) and flash memory. Moved around using the copy command (e.g., copy run start, copy run tftp, copy start tftp, copy flash start, copy start flash, copy tftp start).

Router Access Modes

• User EXEC mode (Router>): Limited examination of router.
• Privileged EXEC mode (Router#): Detailed examination, debugging, and file manipulation.
• ROM Monitor: Useful for password recovery and new IOS uploads.
• Setup Mode: Available when the router has no startup-config file.

External Configuration Sources

• Console: Direct PC serial access
• Auxiliary port: Used for external access
• Modem access
• Virtual Terminals: Telnet/SSH access
• TFTP Server: Copies configuration files into router RAM.
• Network Management Software: CiscoWorks

Changing the Configuration

• Configuration statements can be entered interactively, often almost immediately to running configuration.
• Methods include direct serial connection to console port, Telnet/SSH to virtual terminals, modem connection to auxiliary port or editing in text files and uploading to router via tftp (copy tftp start or config net).

Logging into the Router

• Connect to a console port or use telnet.
• Enter enable command.
• Enter password.
• Use config terminal for entering commands directly or Router# for privileged mode.

Connecting FreeBSD Machine to Router Console Port

• Connect your machine to the console port using the correct cable.
• Check /etc/remote for the device configuration (will usually be a com1 or similar connection line).
• Use the tip command to connect.

Address Assignments (Switch)

• A list of assigned IP addresses and subnet masks for various network devices (A-J).

New Router Configuration Process

• Load configuration parameters into RAM.
• Personalize router identification (hostname RouterA).
• Assign access passwords (e.g., RouterA#(config)line console 0, RouterA#(config-line)password cisco, RouterA#(config-line)login).

New Router Configuration Process - Configure Interfaces

• Configure ethernet 0/0 interface.
• Assign an IP address to the interface.
• Disable shutdown.
• Configure routing or routed protocols.
• Save the configuration.

Router Prompts

• Various prompts indicate the current configuration mode (e.g., Router>, Router#, router(config), router(config-if), router(config-subif), router(config-route-map), router(config-router), router(config-line)). These help identify which configuration area you are in.

Configuring Your Router

• Set the enable secret password (using MD5 encryption) for security.
• Configure interface settings (e.g. enable secret, interface ethernet 0/0, ip address, no shutdown).
• Configure the router (e.g. router ospf 1, network n.n.n.n w.w.w.w area 0).
• Configure lines (e.g., line vty 0 4).
• Save the entire router configuration to startup-config.

Global Configuration

• Global configuration statements apply system-wide (not to specific interfaces). Examples include hostname, enable secret, service password-encryption, logging, and ip specific commands (like classless, name-server, static route creation).

The NO Command

• Used to reverse or disable commands (e.g., ip domain-lookup, router ospf 1, no ip address).

Interface Configuration

• Administrate interface enable or disable. Set a description for the interface configuration. Interface names use slot/type (e.g., ethernet0, serial0/0).

Global Configuration Commands

• Cisco global configuration instructions (e.g., ip classless, ip subnet-zero, no ip domain-lookup, etc). Interface configuration also includes commands (e.g., no shutdown, no ip proxy-arp, no ip redirects).

Looking at the Configuration

• Access the running configuration with "show running-configuration".
• Access the startup configuration with "show startup-configuration".

Interactive Configuration

• Enter global configuration mode using "configure terminal" (often abbreviated as "conf t").
• Prompts provide clues about the current configuration mode.

Storing the Configuration on a Remote System

• Configure "tftp" for transferring the configuration from a server to your router.

Restoring Configuration from Remote System

• Use "tftp" to download the config file to your router. Provide information needed in prompts.

Getting Online Help

• Use "?" after a command to get a list of all possible configuration statements. Use to help explore possible commands. You can often use parts of commands or abbreviation to get similar options.
• IOS commands include parts or all of previous commands in the command history, making it easier to quickly revisit previous commands.

Connecting Your FreeBSD Machine to the Router Console Port

• Follow instructions on the webpage to determine a router console port connection.

Deleting Configuration

• Use "erase startup-config" or "write erase" to remove current configurations.
• Router will reload itself to setup mode.

Using Access Control Lists (ACLs)

• Use ACLs for network controls (e.g., security). ACLs filter packets flowing in/out of router interfaces; limit network use by users; control network traffic (allowing/disallowing packets).

Rules Followed When Comparing Traffic with ACL

• Rules to follow for comparing network traffic with Access Control Lists (sequentially): Comparing traffic (line by line), matching directions (e.g. 'in' or 'out'), and implicit deny at end of list.

Using ACLs (Standard/Extended)

• Standard ACLs: Simple address specifications; permit or deny entire protocol suites. Ranges are from 1-99 and 1300-1999.
• Extended ACLs: More complex address specifications (e.g., permitting/denying specific protocols). Ranges are from 100-199 or 2000-2699.

ACL Syntax

• Basic syntax to create access lists (standard, extended). Access list numbers are provided for identification, and other information (e.g., source, destination, permit/deny).

Where to Place ACLs

• Put standard IP access lists close to the destination; put extended IP access lists close to the source of network traffic you want to configure.

What are Wild Card Masks?

• Use wildcard masks to define a range of addresses in access lists. Choose the next-largest subnet block to cover the number of hosts (e.g., use /64 to specify 34 IP hosts).

What are Wild Card Masks? (Examples)

• Use wildcard masks with host/network address to define ranges and filtering protocols. An example given is a /29 with block size of 8. This uses 196.200.220.8 to 196.200.220.15 and a mask of 0.0.0.7. Another example given is to define all addresses on a /24 subnet, using an address of 196.200.220.0 and wildcard of 0.0.0.255

ACL Example (Check subnet ranges)

• Shows how to check certain address ranges/subnets for access lists.

ACL Example (Wildcard Bits)

• How to check wildcard bits and match/ignore, using example numbers. 0 and 1, as well as matching any/specific host example using 0.0.0.0 255.255.255.255 or 196.200.220.8 0.0.0.0.

Permit telnet access

• Example of permitting telnet access to a network.

Standard IP ACL (Permit Only My Network)

• How to set up a standard IP access list only allowing access to my network.

Extended IP ACL (Deny FTP Access)

• Example of a configuration to deny FTP access via a specific interface (E1). Example uses 196.200.220.0 with specific protocol range of 20 or 21. Provide source and destination ranges, match, or deny certain protocols.

Prefix Lists

• A more advanced configuration method to replace/improve Access Control Lists. Cisco introduced prefix lists for route filtering and other manipulations. Provide higher performance.

Prefix List Configuration Syntax

• Syntax for configuring prefix lists. Shows command format including necessary info such as lists name, range of values (from/le) for use in the access list.

Disaster Recovery (ROM Monitor)

• Explains what ROM Monitor can do in cases of emergency network failures (e.g., recover password, upload new IOS, select/configure boot source, set console, etc).

How to Recover a Lost Password

• Steps to recover a forgotten password (e.g., configuring PC serial port for 9600 baud rate, no parity, 8 data bits, 1 stop bit). Provides instructions and configuration commands on how to recover a lost password when using a ROM monitor. Shows common commands to use (e.g., Rommon 1>confreg 0x2142, Rommon 2>reset).

Description

Test your knowledge on router configurations and commands. This quiz covers essential commands for accessing and modifying a router's configuration, including modes of operation and port functionalities. Perfect for anyone studying networking fundamentals.