Router Configuration Basics

Questions and Answers

What does the running configuration of a router determine?

• The configuration retained during a power outage.
• How the router will operate after a reload.
• How the router is currently operating. (correct)
• The backup configuration stored in flash memory.

Which command is used to view the startup configuration of a router?

• show running-config
• show startup-config (correct)
• view config-settings
• display config

In which mode can you perform detailed examination and file manipulation on a router?

• Privileged EXEC mode (correct)
• ROM Monitor
• User EXEC mode
• Setup Mode

What type of access does the auxiliary port provide on a router?

Modem access (C)

Which of the following commands is used to copy the running configuration to the startup configuration?

copy run start (B)

What command is used to enter configuration mode on the router?

router(config)# configure terminal (B)

Which of the following methods can be used to make configuration changes to a router?

Telnet, SSH, or Modem connection to the router (C)

What is the purpose of the console port on the router?

To provide a direct interactive text interface for configuration (D)

What can be done if you want to configure a router from a machine without a direct connection?

Copy TFTP files at a later time using specific commands (C)

Which of the following commands is entered after accessing the router's command line to begin configuration?

router> enable (C)

What command should be used to enable weak password encryption on a router?

service password-encryption (A)

Which command is necessary for saving the current router configuration?

router#copy running-config startup-config (B)

Which of the following is NOT a valid component of an IP route command?

network type (A)

What is the purpose of the 'no' command in router configurations?

To disable or reverse a previous command (D)

In which context is the command 'interface ethernet 0/0' used?

Entering interface configuration mode (A)

Which command would you use to configure a next hop gateway in a static route?

ip route n.n.n.n m.m.m.m g.g.g.g (B)

What is the purpose of the command 'ip classless' in router configuration?

To allow the use of classless routing protocols (D)

Which of the following is an example of a global configuration command?

service password-encryption (A)

What command would you use to enable an interface on a router?

router(config-if)#no shutdown (B)

Which command should be included in the global configuration of a Cisco router?

ip classless (B)

What does the command 'show running-configuration' display?

The current configuration of the router (A)

Which abbreviation represents the serial interface that can be used on a router?

ser0/0 (A)

What command is used to enter configuration mode on a Cisco router?

router#configure terminal (D)

Which configuration command is generally included in Cisco interface config?

no ip proxy-arp (C)

What does the command 'router#copy run tftp' achieve?

Copies the running configuration to a remote system (C)

Which command indicates that an interface is administratively disabled?

router(config-if)#shutdown (C)

What command is used to enter the terminal configuration mode on a router?

RouterA#configure terminal (D)

Which prompt indicates that you are in privileged EXEC mode on the router?

Router# (B)

What is the command to set the enable secret password on a router?

router(config)# enable secret 'your pswd' (A)

Which command is used to save the current configuration to NVRAM?

RouterA#copy running-config startup-config (D)

Which prompt is displayed when you are in interface configuration mode?

Router(config-if)# (D)

What is the purpose of the command 'RouterA#(config-line)login'?

To activate the console password prompt (B)

Which of the following commands assigns an IP address to an interface?

RouterA#(config)interface ethernet 0/0 ip address n.n.n.n m.m.m.m (A)

Which prompt indicates that you are configuring a router route-map?

Router(config-route-map)# (B)

What command should be used to initialize the router settings?

RouterA#configure terminal (D)

What is the first step in assigning access passwords for a router?

RouterA#(config)line console 0 (B)

What command is used to erase the startup configuration of a router?

Router#erase startup-config (C)

What is the purpose of Access Control Lists (ACLs) in routers?

To filter packets and implement security (A)

In what sequence are packets compared with an Access Control List?

In sequential order until a match is made (A)

Which command syntax is correct for configuring a standard IP access list?

access-list access-list-number {permit | deny} source {source-mask} (B)

Where should standard IP access lists be placed in a network?

Close to the destination (C)

What keyboard shortcut is used to recall the previous command in router command line interface?

up-arrow or ‘^p’ (D)

Which command allows you to configure an IP address on an interface?

router(config-if)#ip address n.n.n.n m.m.m.m (A)

What does an implicit deny at the end of an access list indicate?

Unmatched packets will be discarded (D)

What range of numbers is assigned to Extended IP Access Lists?

100 - 199 (B)

What does the command 'Ctrl-a' do in a command line interface?

Moves the cursor to the start of the line (A)

What is a characteristic of Extended IP Access Lists compared to Standard IP Access Lists?

Allows for more complex address specifications (A)

What would happen if a packet does not match any entry in an access list?

It is discarded (B)

What does the command 'Router#reload' do after erasing the startup configuration?

Starts the router in setup mode (A)

How does one add a second IP address to the configuration of a router interface?

By entering 'ip addr n.n.n.n m.m.m.m' (C)

Flashcards

Router Running configuration

The configuration that controls how the router currently operates. Stored in RAM. Modified using the configure command.

Router Startup configuration

The configuration that determines how the router will operate after a reload. Stored in NVRAM. Modified using the copy command.

Router User EXEC mode

Limited access mode for examining a router. The router prompt is 'Router>'

Router Privileged EXEC mode

Detailed examination, debugging & file manipulation mode. Uses '#' as a prompt.

Router Setup mode

Router access mode used when there's no startup-config to configure router permanently.

Router Configuration

Modifying router settings, often done directly via console, Telnet/SSH, or text-file upload (TFTP).

Router Login

Accessing router commands via console connection, Telnet, SSH, or modem.

Router Prompt

The command-line interface present after logging in—often shown as "router>", "router#", or "router(config)#"

Console Port Connection

Direct physical connection to a router using a serial cable.

TFTP config upload

Using TFTP to upload a configuration file to the router.

Global Configuration

Commands that apply to the entire router, affecting all interfaces and protocols.

Interface Configuration

Commands that configure specific router interfaces, like Ethernet ports.

Router OSPF Configuration

Configuring the Open Shortest Path First (OSPF) routing protocol, which determines how the router shares network information with other routers.

Service Password Encryption

A command that encrypts passwords stored on the router, making it harder for unauthorized individuals to access them.

IP Address Assignment

Assigning an IP address to a router interface. This allows the router to communicate with other devices on the network.

Static Route Creation

Manually setting up a route for the router to follow, specifying the destination network, netmask, and next hop gateway.

NO Command

Used to reverse or disable previously entered commands, effectively undoing their effects.

Copy Running-config Startup-config

A command that saves the currently running configuration to the non-volatile RAM (NVRAM), making it the new startup configuration.

RouterA

A router that is configured using the commands provided. It represents a typical router used for demonstrating configuration steps.

com1

A command used to access the console of a router. The command is entered on the computer terminal.

configure terminal

Command for entering the 'terminal configuration mode' on a router. This mode allows us to change the router's settings and configuration.

hostname

A command to set a specific name for the router as it's identified on the network. It replaces the default router name.

line console 0

Command to access and configure the console port of the router, which is a direct connection.

password

A command to set a password for a specific line or port on the router. This enhances security.

interface ethernet 0/0

Command for accessing and configuring a specific Ethernet interface on the router. Each interface represents a separate network connection.

ip address n.n.n.n m.m.m.m

Command used to assign an IP address and subnet mask to a specific interface on the router.

no shutdown

A command to activate and bring up a specific interface on the router, enabling network connectivity.

Administratively Enable Interface

Activating a network interface, allowing it to participate in network traffic.

Administratively Disable Interface

Deactivating a network interface, preventing it from participating in network traffic.

Interface Description

Adding a textual label to an interface, providing a meaningful name for identification.

Global Configuration Commands

Settings applied to the entire router, affecting all interfaces and functionality.

IP Classless Command

A global configuration setting that allows routers to efficiently handle various network address sizes.

IP Subnet Zero Command

A global configuration setting that permits routers to handle the network address itself, even if it's not explicitly configured.

No IP Domain Lookup Command

A global configuration setting that instructs routers to avoid resolving domain names into IP addresses, optimizing performance for routing.

Looking at the Configuration

Viewing the current configuration settings of a router.

Show Running Configuration

Displays the current configuration settings in the router's RAM, showing the live settings.

Show Startup Configuration

Displays the configuration saved in NVRAM, which will be applied when the router starts up.

Interactive Configuration Mode

The mode on a router where you can directly modify configuration settings.

Storing Configuration on a Remote System

Backing up the router's configuration to a remote server, typically using the TFTP protocol.

Copy Run TFTP

Command used to copy the running configuration from the router to a remote TFTP server.

Secondary IP address

An additional IP address assigned to an interface on a router, allowing it to communicate on a different network segment.

IP Address Configuration

The process of assigning an IP address to a router interface, enabling communication with other devices on the network.

Startup Configuration

The configuration stored in non-volatile RAM (NVRAM), which is loaded when the router boots up, determining its initial configuration.

Running Configuration

The configuration currently active on the router, stored in RAM. It's modified through the configure command.

Write Erase Command

Deletes the startup configuration, effectively resetting the router to factory defaults upon reboot.

Access Control Lists (ACLs)

A set of rules used to control network traffic by permitting or denying packets based on their source, destination, and other criteria.

Standard IP Access List

A simple type of ACL that allows or denies entire protocol suites based on source IP addresses only.

Extended IP Access List

A more complex ACL that permits or denies specific protocols based on source, destination, and other criteria.

Named IP Access List

An ACL with a user-defined name, providing greater organization and clarity in access control.

Placement of ACLs

Standard ACLs should be placed close to the destination, while extended ACLs should be placed closer to the traffic source.

Wild Card Mask

A specialized mask used to represent network addresses in a different way, often used in ACLs.

Access List Ordering

ACL rules are evaluated sequentially, and the first rule that matches a packet determines its fate. No further comparisons are made.

Implicit Deny

Every access list has an implicit deny at the end, meaning any packets that don't match any of the rules will be discarded.

Complete Command

Using the TAB key to complete partially typed commands in the router CLI.

Study Notes

Week 14 (Initial Routing Configuration)

• Learning Outcomes: Explain router configuration in a network, understand configuring and setting routing in a network, and be familiar with commands used for routing.

Router Components

• Bootstrap: Stored in ROM microcode, initializes the router, boots it, and loads the IOS.
• POST (Power On Self Test): Stored in ROM microcode, checks basic router hardware functionality and identifies present interfaces.
• ROM Monitor: Used for manufacturing, testing, and troubleshooting; also stored in ROM microcode.
• Mini-IOS (RXBOOT/boot loader): A small IOS ROM used by Cisco to boot an interface and load Cisco IOS into flash memory from a TFTP server. It also performs other operations.

Config-Register

• Controls how the router boots.
• Value (0x2102) tells the router to load IOS from flash memory and startup configuration from NVRAM.
• Shown using the "show version" command.

Purpose of Config Register

• Reasons for modification include forcing the router into ROM Monitor Mode, selecting a boot source and default boot filename, enabling/disabling the break function, controlling broadcast addresses, setting console terminal baud rate, loading operating software from ROM, and enabling booting from a TFTP server.

System Startup

• POST: Initializes and runs diagnostics on all router hardware.
• Bootstrap: Locates and loads the IOS image; defaults to loading from flash memory.
• IOS: Locates and loads valid configurations from NVRAM (startup-config file). Exists only when running-config is copied to NVRAM.
• Startup-config: If found, router loads it and runs embedded configuration; otherwise, router enters setup mode.

Overview

• Router configuration controls: interface IP address and netmask, routing information (static, dynamic, or default), boot and startup information, and security (passwords and authentication).

Where is the Configuration?

• Running configuration: Located in RAM; determines current router operation. Modified using the configure command. Viewed with the "show running-config" command.
• Startup configuration: Located in NVRAM; determines how the router operates after a reload. Modified using the copy command. Viewed with the "show startup-config" command.
• External Storage: Stored on external hosts (using TFTP) and flash memory. Moved around using the copy command (e.g., copy run start, copy run tftp, copy start tftp, copy flash start, copy start flash, copy tftp start).

Router Access Modes

• User EXEC mode (Router>): Limited examination of router.
• Privileged EXEC mode (Router#): Detailed examination, debugging, and file manipulation.
• ROM Monitor: Useful for password recovery and new IOS uploads.
• Setup Mode: Available when the router has no startup-config file.

External Configuration Sources

• Console: Direct PC serial access
• Auxiliary port: Used for external access
• Modem access
• Virtual Terminals: Telnet/SSH access
• TFTP Server: Copies configuration files into router RAM.
• Network Management Software: CiscoWorks

Changing the Configuration

• Configuration statements can be entered interactively, often almost immediately to running configuration.
• Methods include direct serial connection to console port, Telnet/SSH to virtual terminals, modem connection to auxiliary port or editing in text files and uploading to router via tftp (copy tftp start or config net).

Logging into the Router

• Connect to a console port or use telnet.
• Enter enable command.
• Enter password.
• Use config terminal for entering commands directly or Router# for privileged mode.

Connecting FreeBSD Machine to Router Console Port

• Connect your machine to the console port using the correct cable.
• Check /etc/remote for the device configuration (will usually be a com1 or similar connection line).
• Use the tip command to connect.

Address Assignments (Switch)

• A list of assigned IP addresses and subnet masks for various network devices (A-J).

New Router Configuration Process

• Load configuration parameters into RAM.
• Personalize router identification (hostname RouterA).
• Assign access passwords (e.g., RouterA#(config)line console 0, RouterA#(config-line)password cisco, RouterA#(config-line)login).

New Router Configuration Process - Configure Interfaces

• Configure ethernet 0/0 interface.
• Assign an IP address to the interface.
• Disable shutdown.
• Configure routing or routed protocols.
• Save the configuration.

Router Prompts

• Various prompts indicate the current configuration mode (e.g., Router>, Router#, router(config), router(config-if), router(config-subif), router(config-route-map), router(config-router), router(config-line)). These help identify which configuration area you are in.

Configuring Your Router

• Set the enable secret password (using MD5 encryption) for security.
• Configure interface settings (e.g. enable secret, interface ethernet 0/0, ip address, no shutdown).
• Configure the router (e.g. router ospf 1, network n.n.n.n w.w.w.w area 0).
• Configure lines (e.g., line vty 0 4).
• Save the entire router configuration to startup-config.

Global Configuration

• Global configuration statements apply system-wide (not to specific interfaces). Examples include hostname, enable secret, service password-encryption, logging, and ip specific commands (like classless, name-server, static route creation).

The NO Command

• Used to reverse or disable commands (e.g., ip domain-lookup, router ospf 1, no ip address).

Interface Configuration

• Administrate interface enable or disable. Set a description for the interface configuration. Interface names use slot/type (e.g., ethernet0, serial0/0).

Global Configuration Commands

• Cisco global configuration instructions (e.g., ip classless, ip subnet-zero, no ip domain-lookup, etc). Interface configuration also includes commands (e.g., no shutdown, no ip proxy-arp, no ip redirects).

Looking at the Configuration

• Access the running configuration with "show running-configuration".
• Access the startup configuration with "show startup-configuration".

Interactive Configuration

• Enter global configuration mode using "configure terminal" (often abbreviated as "conf t").
• Prompts provide clues about the current configuration mode.

Storing the Configuration on a Remote System

• Configure "tftp" for transferring the configuration from a server to your router.

Restoring Configuration from Remote System

• Use "tftp" to download the config file to your router. Provide information needed in prompts.

Getting Online Help

• Use "?" after a command to get a list of all possible configuration statements. Use to help explore possible commands. You can often use parts of commands or abbreviation to get similar options.
• IOS commands include parts or all of previous commands in the command history, making it easier to quickly revisit previous commands.

Connecting Your FreeBSD Machine to the Router Console Port

• Follow instructions on the webpage to determine a router console port connection.

Deleting Configuration

• Use "erase startup-config" or "write erase" to remove current configurations.
• Router will reload itself to setup mode.

Using Access Control Lists (ACLs)

• Use ACLs for network controls (e.g., security). ACLs filter packets flowing in/out of router interfaces; limit network use by users; control network traffic (allowing/disallowing packets).

Rules Followed When Comparing Traffic with ACL

• Rules to follow for comparing network traffic with Access Control Lists (sequentially): Comparing traffic (line by line), matching directions (e.g. 'in' or 'out'), and implicit deny at end of list.

Using ACLs (Standard/Extended)

• Standard ACLs: Simple address specifications; permit or deny entire protocol suites. Ranges are from 1-99 and 1300-1999.
• Extended ACLs: More complex address specifications (e.g., permitting/denying specific protocols). Ranges are from 100-199 or 2000-2699.

ACL Syntax

• Basic syntax to create access lists (standard, extended). Access list numbers are provided for identification, and other information (e.g., source, destination, permit/deny).

Where to Place ACLs

• Put standard IP access lists close to the destination; put extended IP access lists close to the source of network traffic you want to configure.

What are Wild Card Masks?

• Use wildcard masks to define a range of addresses in access lists. Choose the next-largest subnet block to cover the number of hosts (e.g., use /64 to specify 34 IP hosts).

What are Wild Card Masks? (Examples)

• Use wildcard masks with host/network address to define ranges and filtering protocols. An example given is a /29 with block size of 8. This uses 196.200.220.8 to 196.200.220.15 and a mask of 0.0.0.7. Another example given is to define all addresses on a /24 subnet, using an address of 196.200.220.0 and wildcard of 0.0.0.255

ACL Example (Check subnet ranges)

• Shows how to check certain address ranges/subnets for access lists.

ACL Example (Wildcard Bits)

• How to check wildcard bits and match/ignore, using example numbers. 0 and 1, as well as matching any/specific host example using 0.0.0.0 255.255.255.255 or 196.200.220.8 0.0.0.0.

Permit telnet access

• Example of permitting telnet access to a network.

Standard IP ACL (Permit Only My Network)

• How to set up a standard IP access list only allowing access to my network.

Extended IP ACL (Deny FTP Access)

• Example of a configuration to deny FTP access via a specific interface (E1). Example uses 196.200.220.0 with specific protocol range of 20 or 21. Provide source and destination ranges, match, or deny certain protocols.

Prefix Lists

• A more advanced configuration method to replace/improve Access Control Lists. Cisco introduced prefix lists for route filtering and other manipulations. Provide higher performance.

Prefix List Configuration Syntax

• Syntax for configuring prefix lists. Shows command format including necessary info such as lists name, range of values (from/le) for use in the access list.

Disaster Recovery (ROM Monitor)

• Explains what ROM Monitor can do in cases of emergency network failures (e.g., recover password, upload new IOS, select/configure boot source, set console, etc).

How to Recover a Lost Password

• Steps to recover a forgotten password (e.g., configuring PC serial port for 9600 baud rate, no parity, 8 data bits, 1 stop bit). Provides instructions and configuration commands on how to recover a lost password when using a ROM monitor. Shows common commands to use (e.g., Rommon 1>confreg 0x2142, Rommon 2>reset).

Description

Test your knowledge on router configurations and commands. This quiz covers essential commands for accessing and modifying a router's configuration, including modes of operation and port functionalities. Perfect for anyone studying networking fundamentals.