Router I SwitchNastrojka26.1

LAN
F0/0
F0/1
F0/0
R1
R2
Lo
Lo
R1
R2
R3
Lan
F0/1
F 0/0
192.168.1.250/24
255.255.255.0
10.1.1.2/30
255.255.255.252
10.1.1.6/30
255.255.255.252
192.168.1.100
F0/1
10.1.1.1/30
255.255.255.252
10.1.1.5/30
255.255.255.252
F0/0
R3
Lo
0
Lo
10.2.1.1/30
255.255.255.252
10.2.1.5/30
255.255.255.252
10.2.1.9/30
255.255.255.252
1. .
R3>enable
Password: cisco
R3#
R3#configure terminal
2.
R3(config)#hostname Router3
3. user privilege mode
Router3(config)#enable secret class
DNS
Router3(config)# no ip domain-lookup
4. -
.
Router3(config)#line console 0
Router3(config-line)#login
Router3(config-line)#loggin synchronous
Router3(config-line)#password class
do
do write
do show
5. telnet
Router3(config-line)#line vty 0 4
Router3(config-line)#login
Router3(config-line)# password class
Router3(config-line)# exit
R#configure terminal
R(config)#enable password cisco
R(config)#enable secret class -
R(config)#service password-encryption console vty
6. :
R3(config)#interface F0/0
R3(config-if)#IP address 10.1.1.6 255.255.255.252
R3(config-if)#speed auto
R3(config-if)# duplex full
R3(config-if)#description Towa e edinswenniq interface
R3(config-if)#no shutdown
- F0/1 .
7 loopback
R3(config-if)#interface loopback 0
R3(config-if)#ip address 10.2.1.9 255.255.255.0
8. R3(config-if)#ip routing-
9. IP .
R3(config)#ip host R1 10.2.1.1 10.1.1.1 192.168.1.250
R3(config)#ip host R2 10.1.1.2 10.1.1.5 10.2.1.5
10. DNS .
Router3(config)#ip name-server 192.168.1.100
11. rip
, .
R3(config)#router rip
R3(config-router)#version 2
R3(config-router)#no auto-summary
R3(config-router)#timers basic 50 60 80 90
R3(config-router)#network 10.0.0.0
R3(config-router)#network 192.168.1.0
R3(config)#ip acces-list stndar RIP_offset
R3(config-std-nacl)#permit any
R3(config)#router rip
R3(config-router)#offset-list RIP_offset in 2 Serial.
R3(config-router)#offset-list RIP_offset out 2 Serial.
R3(config)#key chain RIP_KEY

R3(config-keychain)#key 1
R3(config-keychain-key)#key-string cisco
R3(config)#int s0/0/0
R3(config-if)#ip rip authentication mode md5
R3(config-if)#ip rip authentication key-chain RIP_KEY
12. default gateway.

R3(config-router)#ip route 0.0.0.0 0.0.0.0 10.1.1.5
rout ,
( ,

).
13. eigrp
R3(config)#router eigrp 105
R3(config-router)#network 10.1.1.4- R2 R3.
R3(config-router)#network 10.1.1.8 R3.
R1(config)#key chain EIGRP_KEY -
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string cisco
-
R1(config-if)#ip authentication mode eigrp 1 md5
R1(config-if)#ip authentication key-chain eigrp 1 EIGRP_KEY
105 ,
.
R3(config)#no router igrp 105

R3(config-router)#no network x.x.x.x
OSPF
R1(config-if)#ip ospf message-digest-key 1 md5 cisco
R1(config-if)#ip ospf authentication message-digest
R1(config)#router ospf 1
R1(config-router)#network 192.168.1.0 0.0.0.255 area 0
R1(config-router)#network 10.1.1.0 0.0.0.252
R1(config-router)#auto-cost reference-bandwidth ?
1-4294967 The reference bandwidth in terms of Mbits per second
R1(config-router)#area 0 authentication message-digest
R1(config-router)#default-information originate
Router(config-if)#ip ospf priority
{0 - 255}
Router(config-if)#ip ospf hello-interval seconds
Router(config-if)#ip ospf dead-interval seconds
show ip ospf neighbor
show ip protocols
show ip ospf interface serial 0/0/0
14. (100 - 199) 3
tcp .
R3(config)#access-list 111 deny tcp 10.1.1.1 0.0.0.255 10.1.1.5 0.0.0.255 eq
telnet
111 , deny tcp tcp ,
, 10.1.1.5 0.0.0.255
e , eq telnet telnet.
tcp udp .
ip eq telnet .
R3(config)#access-list 111 permit ip any any
Any - ip ( 0.0.0.0
255.255.255.255).
.
( F0/0
R3).
R3(config-if)#ip access-group 111 out
111 (OUT) 2.
15. ( 1-99 ) 3
1.
R3(config)#access-list 5 deny 10.1.1.1 0.0.0.0
0.0.0.0 host
:
R3(config)#access-list 5 deny host 10.1.1.1

R3(config)#access-list 5 permit any
any 0.0.0.0 255.255.255.255 ip
.
3

R3(config-if)#ip access-group 5 in .

R3#show access-list 111- .
.

R3(config)#no access-list 111
ACL 10.1.1.0
R3(config)#access-list 11 permit 10.1.1.0 0.0.0.255
R3(config)#access-list 11 deny any
Router3(config-line)#line vty 0 4
Router3(config-line)# password class
Router3(config-line)# login
Router3(config-line)# access-class 11 in
16. R3(config)#exit
R3#copy running-config startup-config
NVRAM
Destination filename [startup-config]?
Building configuration...
[OK]
17.
.
Show arp
Clear arp
Show cdp neighbours
Show hosts
NO
privileged mode .
1. .
2. 60 sek . Ctrl+Break
.
3. :
rommon1> configreg 0x2142 - IOS.

.
4. :
rommon2> i

Would you like to enter initial configuration?
Dialog ? [yes/no] n
Enter
5. user mode
Router3 > enable
6. privileged mode .
Router# copy start run
Router# config term
Router(config)#enable secret
Router(config)#config-register 0x2102
Ctrl+Z
Router#copy run start NVRAM
IOS Flash
Consolen cabel
R
E 192.168.1.1
cross
H
O
S
T
192.168.1.9
1. TFTP . P host .
2. IOS copy flash tftp.
3.
- IOS
-
rommon1> tftpdnld
rommon2> IP_ADDRESS=192.168.1.1
rommon3>IP_SUBNET_MASK=255.255.255.0
rommon4>DEFAULT_GATEWAY=192.168.1.9
rommon5>TFTP_SERVER=192.168.1.9 DEFAULT_GATEWAY
rommon6>TFTP_FILE= IOS
rommon>tftpdnld
5-6 .
reset
ce 0x2102
PPP
192.168.1.0/24
10.10.10.0/30
10.10.11.0.30
192.1682.0/24
R1(config)#interface serial 0/0/0

R1(config-if)#encapsulation ppp
R1(config)#username R2 password cisco
R1(config-if)#ppp authentication pap
R1(config-if)#ppp pap sent-username R1 password cisco
R2(config)#interface Serial0/0/0
R2(config-if)#ppp authentication pap
R2(config-if)#ppp pap sent-username R1 password cisco

R2(config-if)#ppp authentication chap
C SSH Cisco 1841
R(config) hostname R1
R1(config)#username class password cisco
R1(config) ip domain-name Varna
R1(config) crypto key generate rsa 1024
1024
.
R1(config)line vty 0 4
R1(config - line)transport input telnet ssh
R1(config-line)login local
R1(config) ip ssh time-out 20
dwadeset secundi
R1(config)ip ssh authentication-retries 2
Frame-relay
192.168.1.0/24
R1
s0/0/1
10.1.1.1/30
DLCI 102
s0/0/0
DCE
s0/0/1
209.165.200.0/24
R2
s0/0/1
10.1.1.2/30
DCE
DLCI 201
FR sw
FR-Switch(config)#frame-relay switching
FR-Switch(config)#interface serial 0/0/0
FR-Switch(config)#clock rate 64000
FR-Switch(config-if)#encapsulation frame-relay
FR-Switch(config-if)#frame-relay intf-type dce
FR-Switch(config-if)#frame-relay route 102 interface serial 0/0/1 201
FR-Switch(config-if)#no shutdown
FR-Switch(config-if)#interface serial 0/0/1
FR-Switch(config)#clock rate 64000
FR-Switch(config-if)#encapsulation frame-relay
FR-Switch(config-if)#frame-relay intf-type dce
FR-Switch(config-if)#frame-relay route 201 interface serial 0/0/0 102
FR-Switch(config-if)#no shutdown
FR-Switch#show frame-relay pvc
FR-Switch#show frame-relay route
R1(config-if) ip address 10.1.1.1 255.255.255.252
R1(config-if)#encapsulation frame-relay
R1(config-if)#no frame-relay inverse-arp
R1(config-if)#frame-relay map ip 10.1.1.2 102 broadcast
R2(config-if)#ip address 10.1.1.2 255.255.255.252
R2(config-if)#encapsulation frame-relay
R2(config-if)#no frame-relay inverse-arp
R2(config-if)#frame-relay map ip 10.1.1.1 201 broadcast

R2(config-if)#no shutdown
R2# show frame-relay pvc
R2# show frame-relay map
IP v6
R2(config)#ipv6 unicast-routing
R2(config)#ipv6 router rip cisco
R2(config)#interf fast 0/0
R2(config)#ipv6 address
R2(config-if)#ipv6 rip cisco enable
IPv6
RIPng cisco

f0/0 cisco
DHCP
R(config)#ip dhcp excluded-address 192.168.10.1 192.168.10.9
R(config)#ip dhcp excluded-address 192.168.10.254
R(config)#ip dhcp pool LAN-POOL-1
R(dhcp-config)#network 192.168.10.0 255.255.255.0
R(dhcp-config)#default-router 192.168.10.1
R(dhcp-config)#dns-server 88.88.88.88
R(dhcp-config)# domain-name ventsi.com
R(dhcp-config)# lease {days [hours] [minutes] | infinite}
R(dhcp-config)# netbios-name-server address [address2...address8]
DHCP Relay
R3(config-if)#ip helper-address 192.168.2.3
show ip dhcp conflict
show ip dhcp binding
show ip dhcp server statistics
show ip dhcp pool
10.1.1.2
Static NAT
F0/0
F0/1
20.20.20.23
Router(config)#ip nat inside source static local-ip 10.1.1.2 global-ip

20.20.20.23
Router(config)#interface type number F0/0
Router(config-if)#ip nat inside
Router(config-if)#ip nat outside
Configuring Dynamic NAT

192.168.1.0
192.168.2.0
F0/0
192.168.30.0
inside
F0/1
outside
Router(config)#ip nat pool name[Ventsi] start-ip[1.1.1.1] end-ip 1.1.1.14

{netmask netmask 255.255.255.240 |prefix-length prefix-length}
Router(config)#access-list access-list-number 1 permit source 192.168.0.0
0.0.255.255 [source-wildcard]
Router(config)#ip nat inside source list access-list-number 1 pool name Ventsi
Configuring NAT Overload for a Single Public IP Address

192.168.0.0
F0/0
F0/1
Inside
outside
Router(config)#access-list acl-number 1 permit source 192.168.0.0

0.0.255.255 [source-wildcard]
Router(config)#ip nat inside source list acl-number 1 interface interface F0/1
overload
Router(config-if)#interface type number F0/1
Configuring NAT Overload for a Pool of Public IP Addresses

192.168.0.0 /16
F0/0
Inside
F0/1
outside
Router(config)#access-list acl-number 1 permit source [source-wildcard]

192.168.0.0 0.0.255.255
Router(config)#ip nat pool name Ventsi start-ip 209.167.1.1 end-ip
209.167.1.14 netmask netmask
Router {config}#ip nat inside source list acl-number 1 pool name Ventsi
overload
Router(config-if)#interface type number F0/1
show ip nat translations
show ip nat translations verbose
show ip nat statistics
debug ip nat
debug ip nat detailed
CDM Cisco
Router(config)#ip http server
Router(config)#ip http secure-server
Router(config)#ip http authentication local
Router(config)#username Student privilege 15 secret Cisco
Router(config)#line vty 0 4
Router(config-line)#privilege level 15
Router(config-line)#login local
Router(config-line)#transport input telnet ssh
/ switch /
switch#terminal history size 50
switch#terminal no history
50 . 10 .

S1#configure terminal
S1(config)#interface vlan 99
S1(config-if)#ip address 172.17.99.11 255.255.255.0
S1(config-if)#no shutdown
S1(config-if)#end
S1(config)#interface fastethernet 0/18
S1(config-if)#switchport mode access
S1(config-if)#switchport acces vlan 99
S1(config-if)# mdix auto automatic medium-dependent interface crossover
auto-MDIX Cisco IOS Release 12.2(25)FX.
S1(config-if)#duplex auto
S1(config-if)#speed auto
S1(config-if)#end
S1#copy running-config startup-config
S1(config)#ip default-gateway 172.17.99.1
S1(config)#ip http authentication enable
S1(config)#ip http server

S1(config)# mac-address-table static <MAC address> vlan <1-4096, ALL> interface
interface-id
S1(config)#mac-address-table static 1111.2222.3333. vlan 5 interface fastehrnet 0/22
8192 .

S1#show interfaces [interface-id]
S1#show interfaces trunk
S1# show startup-config
S1# show flash:
S1# show ip {interface | http | arp}
S1# show mac-address-table
Back up
S1#copy system:running-config flash:startup-config
S1#copy running-config startup-config
S1#copy startup-config flash:config.bak1
Flash
S1#copy flash:config.bak1 startup-config
S1#reload
Back up Configuration Files to a TFTP Server

S1#copy system:running-config tftp://172.18.4.28/directory/running-config
S1# #copy nvram:startup-config tftp:[[[//location]/directory]/filename]
NVRAM
S1#erase nvram:
S1# erase startup-config

S1#delete flash:filename
S1(config)#line con 0
S1(config-line)#password cisco
S1(config-line)#login
S1(config)#line vty 0 4
S1(config-line)#password cisco
S1(config-line)#login
S1(config)#enable password password
S1(config)#enable secret password
S1(config)#service password-encryption

S:flash_init
S: load_helper
S:dir flash
Rename S:rename flash:config.text flash:config.text.old
S: boot
You are prompted to start the setup program. Enter N at the prompt, and then when the system
prompts whether to continue with the configuration dialog, enter N.
S>enable
S# rename flash:config.text.old flash:config.text
S# copy flash:config.text system:running-config
Change the password using the enable secret password command.
Write the running configuration to the startup configuration file using the copy runningconfig startup-config
Reload the switch using the reload command.
Configure a Login Banner
S1(config)#banner login "Authorized Personnel Only!"
S1(config)#no banner login.
Configure a MOTD Banner
S1(config)#banner motd "Device maintenance will be occurring on Friday!"
S1(config)#no banner motd.
Secure MAC Address Types

S(CONFIG-IF)switchport port-security mac-address 1111.2222.3333
Configure Port Security
S1(config)#interface fastEthernet 0/18
S1(config-if)#switchport mode access
S1(config-if)#switchport port-security
S1(config-if)#switchport port-security maximum 50
S1(config-if)#switchport port-security mac-address sticky
S1(config-if)#switchport port-security mac-address sticky 0080.6433.xxxx
When you use sticky MAC addresses you'll want to make sure that the MAC addresses are
cleared off of a switch when a device is moved. We had a laptop that was moved from one
client location to another and one of the distribution switches was thinking the device was
plugged into the old switch and the other distribution switch thought it was plugged ito the
new switch. This created a situation where some network traffic was reaching the laptop and
some was going into a black hole. After clearing the the sticky MAC addresses on the old
switch the problem was resolved.
S1(config-if)# clear port-security sticky interface fa0/1
clears the learned sticky MAC
addresses, must be done prior to a shut/no shut to re-enable a port disabled due to port
security
S1(config-if)#
S1(config-if)#
Verify Port Security Settings
S1#show port-security interface fastEth0/5
Verify Secure MAC Addresses
S1#show port-security ADDRESS
Voice VLAN
S1#CONF TERM
S1(CONFIG)#INTERF FAST 0/12
S1(config-if)#mls qos trust cos
S1(config-if)#switchport voice vlan 111
S1(config-if)3switchport mode access
S1(config-if)#switchport access vlan 10
S1#show interf fast 0/12 switchport
Native VLANs and 802.1Q Trunking

S1(config)#interface F0/11
S1(config-if)#switchport mode trunk
S1(config-if)#switchport trunk native vlan 99
S1(config-if)#end
S1#show interf fast 0/11 switchport
rDynamic Trunking Protocol (DTP) is a Cisco proprietary protocol.

S1(config)#interface fast 0/12
S1(config-if)# switchport mode dynamic auto
S1(config-if)# switchport mode dynamic desirable
S1(config-if)# switchport nonegotiate Turn off DTP
S1#show VTP status
S1#show VTP counters
S1(config # vtp mode {server} client transparent
S1(config # vtp domain domain-name
S1(config # vtp version 1 ili 2
S1(config #vtp password cisco
S1(config # vtp pruning enable pruning on only one VTP server switch in the domain
Spanning Tree Algorithm The switch with the lowest BID automatically becomes the root
bridge for the STA calculations.
Method 1
S1(config #spanning-tree vlan vlan-id root primary
S1(config #spanning-tree vlan vlan-id root secondary
Method 2
S1(config)# spanning-tree vlan 1 priority 24576 The priority value is configured in
increments of 4096 between 0 and 65536. the default 32768 priority
S1(config)#int fast 0/5
S1(config-if)# spanning-tree port-priority value The port priority values range from 0 - 240,
in increments of 16. default port priority value is 128.
S1(config-if)# spanning-tree portfast
S1(config)#
Rapid-PVST+
S1(config)# spanning-tree mode rapid-pvst
S1(config)#
S1(config)#
Show spanning-tree
Limit bandwidth on a Cisco Catalyst 2960 switch port
http://blogs.techrepublic.com.com/networking/?p=404
shape round-robin queue bandwidth
This command has been around since IOS 12.2(25).
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# srr-queue bandwidth ?
limit
Configure bandwidth-limit for this interface
shape
Configure shaping on transmit queues
share
Configure shared bandwidth
For example, lets say you have a 100-Mb Ethernet port on a Catalyst switch. Youre
selling the bandwidth on the port, and a customer has bought 10 Mb of bandwidth. Obviously,
you want to limit the outbound bandwidth on the port to 10 Mb instead of the full 100 Mb.
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# srr-queue bandwidth limit 90
The 90 sets the outbound bandwidth limit on the port to 90 percent of the port speed. Since
this is a 100-Mb port, this should limit the outbound traffic from the port to 10 Mb.
For example, on a Cisco router when in Interface Mode, you could limit outbound
bandwidth to 1 Mb using the following command:
Router(config-if)# rate-limit output 10000000 2000 2000 conform-action continue exceedaction drop
TDR can troubleshoot:
Open wires
Cut wires
Broken wires
Shorted wires

Sw# test cable-diagnostics tdr interface GigabitEthernet 0/1

Sw# show cable-diagnostics tdr interface GigabitEthernet 0/1
Debug is a troubleshooting command that is available from the privileged exec mode (of Cisco IOS). This command can be
used to display information about various router operations and the related traffic generated or received by the router, as well
as any error messages. This tool is very useful and informative, but you must be aware of the following facts regarding its
use: Debug is treated as a very high priority task. It can consume a significant amount of resources, and the router is forced to
process-switch the packets being debugged. Debug must not be used as a monitoring toolit is meant to be used for a short
period of time and as a troubleshooting tool. By using it you discover significant facts about the working and faulty software
and/or hardware components. The following is a list of recommendations on proper usage of the debug command:
If you are interested to see a timestamp with each line of the debug output, you must load the timestamp service
using this command:
router(config)#service timestamps debug [datetime | uptime]
If you plan to see the debug output from within a Telnet session, you need to enter the terminal monitor
command.
Usually, the debug command is used to diagnose a specific facility, task, or protocol. Sometimes a protocol suite
has a specific member (e.g., TCP from among the TCP/IP protocol suite members) that you may want to focus on.
When you choose the protocol you want to debug, then you usually have a choice to use the events option or the
packets option of the debug command for that specific protocol. Event debugging is less resource intensive than
packet debugging, but packet debugging produces more information.
Turning debugging on for everything (using the debug all command) is seriously discouraged in production
networks. You get a tremendous amount of information, very fast, but it can severely diminish the router's
performance or even render it unusable. The debug all command is also quite useless since it presents overlapping
information that is difficult if not impossible to interpret.
Before using the debug command, see the CPU utilization of your router (using the show processes cpu
command). If your router's CPU utilization is consistently at 50% or more, you are advised to debug events instead
of packets.
If possible, use the debug command during periods when network traffic is not at its peak and fewer critical
business applications are active. Cisco routers give the debug command higher priority (with respect to CPU
cycles) than network traffic.
Always remember to undo debug as soon as possible. You can use the no debug {argument} to turn off a specific
debugging type. The no debug all or undebug all commands can be used to turn off all types of debugging that
may be on.
For troubleshooting, also consider using protocol analyzers to capture and display network traffic. These have little
or no impact on your network performance, yet they provide valuable information. I also recommend capturing
debug info to a file for offline perusal and training.
Using an access list with your debug command helps you focus the debug output on the task you are
troubleshooting. See the next section for more information on this technique.
access-enable Enables the router to create a temporary access list entry in a dynamic access list.
access-template Manually places a temporary access list entry on a router to which you are connected.
appn Sends a command to the APPN subsystem.
atmsig Executes ATM signaling commands.
b Boots the operating system manually.
bandwidth Sets a bandwidth value for an interface.
banner motd
Specifies a message-of-the-day banner.
bfe Sets manual emergency modes.

boot system Specifies the system image that the router loads at startup.
calendar Manages the hardware calendar.
cd Changes the current device.
cdp enable Enables Cisco Discovery Protocol on an interface.
clear Resets functions.
clear counters Clears the interface counters.
clockrate Configures the clock rate for the hardware connections on serial interfaces, such as network
interface modules and interface processors to an acceptable bit rate.
cmt Starts or stops FDDI connection management functions.
configure Allows you to enter changes to an existing configuration and maintain and store configuration
information at a central site.
configure memory Loads configuration information from nonvolatile random-access memory.

config register - Changes the configuration register settings.
configure terminal Configures the terminal manually from the console terminal.
connect Opens a terminal connection.
copy Copies configuration or image data.
copy flash tftp Copies the system image from Flash memory to a tftp server.
copy running-config tftp Stores the current configuration in RAM on a network TFTP server.
copy running-config startup-config Stores the current configuration in RAM into NVRAM.
copy tftp flash Downloads a new image from tftp server to Flash memory.
copy tftp runnig-config Loads configuration information from a network TFTP server.
debug Uses debugging functions.
debug ip rip Displays RIP routing updates as they are sent and received.
delete Deletes a file.
dir Lists the files on a given device.
disable Turns off privileged commands.
disconnect Disconnects an existing network connection.
enable Turns on privileged commands.
enable password Sets a local password to control access to various privilege levels.
enable secret Specifies an additional layer of security over the enable password command.
erase Erases Flash or configuration memory.
erase startup-config Erases the content of NVRAM.
exit Exits any configuration mode, or closes an active terminal session and terminates the EXEC.
format Formats a device.
help Gets a description of the interactive help system.
history Enables the command history function.
interface Configures an interface type and enters interface configuration mode.
ip address Assigns an address and a subnet mask and starts IP processing on an interface.
ip default-network Establishes a default route.
ip domain-lookup Enables name-to-address translation in the router.
ip host Makes a static name-to-address entry in the router's configuration file.
ip name-server Specifies the addresses for up to six name servers to use for name and address resolution.
ip route Establishes static routes.
lat Opens a LAT connection.
line Identifies a specific line for configuration and starts the line configuration command collection mode.
lock Locks the terminal.
login Logs in as a particular user. Enables password checking at login.
logout Exits from EXEC mode.
mbranch Traces down a branch of a multicast tree for a specific group.
media-type Specifies the physical connection.
mrbranch Traces up a branch of a multicast tree for a specific group.
mrinfo Requests neighbor and version information from a multicast router.
mstat Shows statistics after multiple multicast traceroutes.
mtrace Traces the path from a source to a destination branch for a multicast distribution tree.
name-connection Names an existing network connection.
ncia Starts/stops the NCIA server.
network Assigns a Network Information Center-based address to which the router is directly connected.
no shutdown Restarts a disabled interface.
pad Opens an X.29 PAD connection.
ppp Starts the IETF Point-to-Point Protocol.
pwd Displays current device.
reload Halts and performs a cold return; reloads the operating system.
rlogin Opens an rlogin connection.
router Starts a routing process by first defining an IP routing protocol. For example, router rip selects RIP as
the routing protocol.
rsh Executes a remote command.
sdlc Sends SDLC test frames.
send Sends a message over tty lines.
service password-encryption Enables the password encryption function.
setup Enters the setup command facility.
show buffers Provides statistics for the buffer pools on the network server.
show cdp entry Displays information about a neighbor device listed in the CDP table.
show cdp interface Displays information about the interfaces on which CDP is enabled.
show cdp neighbors Displays the results of the CDP discovery process.
show flash Displays the layout and content of Flash memory.
show hosts Displays a cached list of host names and addresses.
show interfaces Displays statistics for all interfaces configured on the router.
show ip interface Displays the status and global parameters associated with an interface.
show ip protocols Displays the parameters and current state of the active routing protocol process.
show ip route Displays the contents of the IP routing table.
show memory Shows statistics about the router's memory, including memory-free pool statistics.
show processes Displays information about the active processes.
show protocols Displays the configured protocols. This command shows the status of any configured Layer 3
protocol.
show running-config Displays the current configuration in RAM.
show stacks Monitors the stack use of processes and interrupt routines and displays the reason for the last
system reboot.
show startup-config Displays the saved configuration, which is the contents of NVRAM.
show version Displays the configuration of the system hardware, the software version, the names and sources
of configuration files, and the boot images.
shutdown Disables an interface.
telnet Logs into a host that supports telnet.
term ip Specifies the format of network masks for the current session.
trace Determines a path that packets will take when traveling to their destination.
verify Verifies the checksum of a Flash file.
where Lists active connections.
which-route Does OSI route table lookup and displays results.
write Writes the running configuration to memory, a network, or a terminal.
write erase The erase startup-config command replaces this command.
write memory The copy running-config startup-config command replaces this command.
x3 Sets X.3 parameters on PAD.
xremote Enters XRemote mode.
ip address Sets the logical network address of the interface.

network Assigns a NIC-based address to which the router is directly connected. Associates networks with an
IGRP routing process. Enables Enhanced IGRP on a network in IPX router configuration mode.
network-number Specifies a directly connected network.
protocol Defines an IP routing protocol, which can be either RIP, Interior Gateway Routing Protocol (IGRP),
Open Shortest Path First (OSPF), or Enhanced IGRP.
router rip Selects RIP as the routing protocol
term ip netmask-format Specifies the format in which network masks are displayed in show command
output.
show spantree Displays spanning-tree information for a virtual local-area network (VLAN).
metric holddown Keeps new IGRP routing information from being used for a certain period of time.
network Assigns a NIC-based address to which the router is directly connected. Associates networks with an
IGRP routing process. Enables Enhanced IGRP on a network in IPX router configuration mode.
router igrp Enables an IGRP routing process.
timers basic Controls how often IGRP sends updates.
access-group Applies access control lists (ACLs) to an interface.
access-list Defines a standard IP ACL.
deny Sets the conditions for a named IP ACL.
interface Configures an interface type and enters interface configuration mode.
ip access-group Controls access to an interface.
Permit Sets conditions for a named IP ACL.
show access-lists Displays the contents of all current ACLs.
show ip interface Lists a summary of an interface's IP information and status.
debug ipx routing activity Displays information about Routing Information Protocol (RIP) update packets.
debug ipx sap Displays information about Service Advertising Protocol (SAP) update packets.
encapsulation novell-ether Specifies that Novell's unique frame format is used on a network segment.
encapsulation sap Specifies that Ethernet 802.2 frame format is used on a network segment. Cisco's
keyword is sap.
Interface Configures an interface type and enters interface configuration mode.
ipx delay Sets the tick count.
ipx ipxwan Enables the IPXWAN protocol on a serial interface.
ipx maximum-paths Sets the number of equal-cost paths the Cisco IOS software uses when forwarding
packets.
ipx network Enables Internetwork Packet Exchange (IPX) routing on a particular interface and optionally
selects the type of encapsulation (framing).
ipx router Specifies the routing protocol to use.
ipx routing Enables IPX routing.
ipx sap-interval Configures less frequent SAP updates over slow links.
ipx type-20-input-checks Restricts the acceptance of IPX type 20 propagation packet broadcasts.
Network Assigns a NIC-based address to which the router is directly connected. Associates networks with
an IGRP routing process. Enables Enhanced IGRP on a network in IPX router configuration mode.
Ping Sends ICMP echo request packets to another node on the network. Checks host reachability and
network connectivity. Diagnoses basic network
connectivity.
show ipx interface Displays the status of the IPX interfaces configured in the Cisco IOS software and the
parameters configured on each interface.
show ipx route Displays the content of the IPX routing table.
show ipx servers Displays the IPX server list.
show ipx traffic Displays the number and type of packets.
show protocols Displays the configured protocols.
SEM4
debug ppp Displays information on traffic and exchanges in an internetwork implementing Point-to-Point
Protocol (PPP).
encapsulation ppp Sets PPP as the encapsulation method used by a serial or ISDN interface.
show interfaces Displays statistics for all interfaces configured on the router
ppp authentication Enables Challenge Handshake Authentication Protocol (CHAP) or Password
Authentication Protocol (PAP) or both, and specifies the order in which CHAP and PAP authentication are
selected on the interface.
ppp chap hostname Creates a pool of dialup routers that all appear to be the same host when authenticating
with CHAP.
ppp chap password Configures a password that will be sent to hosts that want to authenticate the router. This
command limits the number of username/password entries in the router
ppp pap sent-username Enables remote PAP support for an interface and uses sent-username and password
in the PAP authentication request packet to the peer
show interfaces Displays statistics for all interfaces configured on the router or access server. username
password Specifies the password to be used in CHAP caller identification and PAP.
clear interface Resets the hardware logic on an interface.
debug dialer Shows such information as what number the interface is dialing.
debug isdn q921 Displays data link-layer (Layer 2) access procedures that are taking place at the router on
the D channel (LAPD) of its Integrated Services Digital Network (ISDN) interface.
dialer idle-timeout Specifies the idle time before the line is disconnected.
dialer map Configures a serial interface to call one or multiple sites.
dialer wait-for-carrier-time Specifies how long to wait for a carrier.
dialer-group Controls access by configuring an interface to belong to a specific dialing group
dialer-list protocol Defines a DDR dialer list to control dialing by protocol or by a combination of protocol
and ACL.
isdn spid1 Defines at the router the service profile identifier (SPID) number that has been assigned by the
ISDN service provider for the B1 channel.
isdn spid2 Defines at the router the SPID number that has been assigned by the ISDN service provider for the
B2 channel.
isdn switch-type Specifies the central office switch type on the ISDN interface.
ppp authentication Enables Challenge Handshake Authentication Protocol (CHAP) or Password
Authentication Protocol (PAP) or both, and specifies the order in which CHAP and PAP authentication are
selected on the interface.
show dialer Displays general diagnostics for serial interfaces configured for DDR.
show interfaces Displays statistics for all interfaces configured on the router or access server.
show ip route Displays the current state of the routing table.
show isdn active Displays current call information, including called number, the time until the call is
disconnected, AOC charging units used during the call, and whether the AOC information is provided during
calls or at the end of calls.
show isdn status Displays the status of all ISDN interfaces or, optionally, a specific digital signal link (DSL)
or a specific ISDN interface.
show status Displays the current status of the ISDN line and both B channels.
enable password Specifies a password to prevent unauthorized access to the router.
encapsulation frame-relay Enables Frame Relay encapsulation.
end Exits configuration mode.
exec-timeout Sets the interval that the EXEC command interpreter waits until user input is detected.
exit Exits any configuration mode or closes an active terminal session and terminates the EXEC.
frame-relay local-dlci Enables the Local Management Interface (LMI) mechanism for serial lines using
Frame Relay encapsulation.
hostname Configures the router with a host name, which is used in prompts and default configuration
filenames.
interface serial Selects the interface and enters interface configuration mode.
ip unnumbered Enables Internet Protocol (IP) processing on a serial interface without assigning an explicit
IP address to the interface.
ipx network Enables Internetwork Packet Exchange (IPX) routing on a particular interface and optionally
selects the type of encapsulation (framing).
Keepalive Enables the LMI mechanism for serial lines using Frame Relay encapsulation.
line console Configures a console port line.
line vty Specifies a virtual terminal for remote console access.
login Enables password checking at terminal session login.
show frame-relay lmi Displays statistics about the LMI.
show frame-relay map Displays the current map entries and information about the connections.
show frame-relay pvc Displays statistics about PVCs for Frame Relay interfaces.
show interfaces serial Displays information about a serial interface.
? -
Ctrl A
Ctrl B
Ctrl E
Ctrl F
Ctrl P
Ctrl N
Ctrl Z privilege mode
Ctrl C 60 IOS
Ctrl Break
Ctrl SHIFT ^ X ping
Tab
Esc B
Esc F

Router I SwitchNastrojka26.1

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Router I SwitchNastrojka26.1

Enviado por

Direitos autorais:

Formatos disponíveis

LAN

R3(config)#key chain RIP_KEY

12. default gateway.

rommon1> configreg 0x2142 - IOS.

R1(config)#interface serial 0/0/0

R2(config)#username R3 password cisco

R1(config)ip ssh authentication-retries 2

R2(config-if)#frame-relay map ip 10.1.1.1 201 broadcast

Router(config)#ip nat inside source static local-ip 10.1.1.2 global-ip

Router(config-if)#ip nat outside

Configuring Dynamic NAT

Router(config)#ip nat pool name[Ventsi] start-ip[1.1.1.1] end-ip 1.1.1.14

Configuring NAT Overload for a Single Public IP Address

Router(config)#access-list acl-number 1 permit source 192.168.0.0

Configuring NAT Overload for a Pool of Public IP Addresses

Router(config)#access-list acl-number 1 permit source [source-wildcard]

Back up Configuration Files to a TFTP Server

Secure MAC Address Types

Native VLANs and 802.1Q Trunking

rDynamic Trunking Protocol (DTP) is a Cisco proprietary protocol.

router(config)#service timestamps debug [datetime | uptime]

Specifies a message-of-the-day banner.

bfe Sets manual emergency modes.

configure memory Loads configuration information from nonvolatile random-access memory.

ip address Sets the logical network address of the interface.

Você também pode gostar