Network devices (routers, switches, firewalls, and so on) require an operating system as well as computers. Network devices use a dedicated operating system, collectively known as iOS (Internetwork Operating system, network operating system).
(1) Common connection mode of network equipment:
There are four common ways to connect network devices:
1 . CON2. Telnet3. TFTP: The configuration information can be downloaded via the TFTP server and the TFTP server can be run on a UNIX workstation or PC workstation. 4. SNMP: Manages the configuration of a switch by running a workstation that runs network management software (such as Ciscoworks).
1) Common connection modes for switches:
Configuration example: Build a virtual scene:
The PC_A acts as a virtual terminal to connect and configure the switch via the console line and, after the configuration succeeds, telnet to the switch on the pc_b.
Configuration code for Pc_a:
enableconf thost SW int 1 192.168. 0.1 255.255. 255.0 04123456Login
End
Configure IP address for pc_b: 192.168.0.2
Telnet login test for Pc_b:
2) Common connection modes for routers:
Some network devices, such as routers, can also be connected to the modem via the AUX (Auxiliary, auxiliary) port, allowing the administrator to communicate with the network device via the telephone network for remote configuration.
3) Firewall:
In a network device, the connection configuration of the firewall has special requirements for security. In addition to using con, Telnet, and TFTP connections, firewalls can be connected via VPN and SSH.
4) SDM (Security Device Manager Safety Appliance Management)
Now more and more network devices support web-based connections, and administrators can intuitively configure network devices through a browser. The SDM is a Web device management tool based on a Cisco software router.
SDM is a new graphical router management tool provided by Cisco Corporation. The tool leverages the Web interface, Java technology, and the Interactive Configuration Wizard to make it easy for users to complete the status monitoring , security audits , and feature configuration of the iOS router without needing to know the command line interface (CLI). Even QoS, easy VPN server,IPS,DHCP server, Dynamic routing protocol Configuration tasks can also be done easily and quickly with SDM, with tight configuration and structural specifications. When using SDM for management, it is safe and reliable for users to use encrypted HTTP connection and SSH v2 protocol between routers. Currently, most of Cisco's low-and middle-end routers include 8xx, 17xx, 18xx, 26xx (XM), 28xx, 36xx, 37xx, 38xx, 72xx, 73xx and other models that can support SDM.
(2) Cisco ISO Command mode
Cisco switches and routers are running the iOS network operating system with the same command pattern:
The Cisco command pattern is described in the switch example, assuming that the host name is Myhost:1. User Mode Myhost>once connected to the network device, enter user mode B, you can only see the connection status of the switch, access to other networks and hosts, but can not see and change the configuration of the switch. 2. Privileged mode myhost# Enter the Enable or EN directive into privileged mode in user mode, not only to execute all user commands, but also to see and change the configuration of the switch. 3Global configuration mode Myhost (config) # Enter configure terminal or Conf t into global configuration mode in privileged mode, you can set global parameters. 4. Local configuration mode (config-if) (Config-vlan) (config-Line ) ... Entering local configuration parameters in global configuration mode can enter different local configuration modes. 5.> or rommon>Press CTRL within 60s after booting+Break shortcut key to enter this mode, the switch can not complete the normal function, only software upgrade and manual boot. 6. Set the dialog mode when the new router is powered on automatically, the Setup command can also be used in the Privileged command mode (enter enable in user mode). The switch can then be set up by means of a dialog. 7. MyHost (VLAN) # in privileged mode, enter VLAN database, enter VLAN configuration mode, you can configure the switch VLAN parameters. Note : You can use the Exit command to bounce back to the previous mode, either in any primary mode, using the end command or ctrl +z can return directly to privileged mode.
(3) Network device memory and ISO file management:
3.1 Description of storage devices for network devices:
Network devices such as routers and switches employ the following different types of memory, each of which assists network devices in different ways:
1 read-only memory (ROM). The function in the device is similar to the ROM in the computer, and is mainly used for functions such as system initialization. ROM is a read-only memory and cannot be modified by the code stored therein. To upgrade, replace the ROM chip. The ROM contains: the system power-on self-Test Code (POST), which detects whether the hardware parts in the device are intact. )? system boot Area code (BOOTSTRAP) for booting the device and loading the iOS operating system. Back up the iOS operating system to use when the original iOS operating system was deleted or destroyed. Typically, this ios is a little lower than the version that is currently running iOS, but it is enough to make the device start and work. 2 Flash (flash) readable writable memory that can still be saved after the system restarts or shuts down. The iOS currently in use is stored in flash. 3 -config) storage. NVRAM is faster and more expensive. 4 . Random access memory (RAM). RAM is also a readable writable memory, but the content it stores will be erased after the system restarts or shuts down, just like the RAM in the computer. RAM is accessed faster than the 3 memory mentioned earlier. During the run, the RAM contains routing table entries, ARP buffer entries, log entries, and queues queued for delivery in the queue. In addition to this,
also includes a run configuration file (Running -config), code being executed, iOS operating system programs, and some temporary data information.
RAM contains static RAM (Staticram/sram) and dynamic RAM (Ram/dram) Two classes, SRAM speed is very fast, but expensive, so only in the CPU of a buffer, level two buffer this harsh place to use; DRAM retains data for a short time, The speed is also slower than SRAM, the price is low, the computer memory and network device memory are DRAM.
3.2ISO File Management:
The network device file system ISO also has its own file management commands, which, in global configuration mode, enable iOS to easily manage the operating system and configuration files.
NVRAM is non-volatile RAM (Nonvolatile RAM), which is used to store the boot profile (startup-config) of the network device. When Startup-config is transferred into memory RAM, the configuration file running in RAM is running-config. Changes to the configuration file, in fact, only to make changes to the running-config, so after the processing is finished, you should generally save the changed configuration to Startup-config.
Example 1: Build a virtual scene to enable the TFTP service on the server (default on)
After configuring each device IP address, operate the router on the terminal device:
A similar copy TFTP flash command copies the files on the server back.
Example 2:(repeating the above test)
Test environment: dynamips, real pc, Cisco TFTP Server (dynamips Follow-up introduction to usage)
Step 1: Because the real computer acts as a TFTP server server, modify the computer IP address to 192.168.1.200, and the gateway to 192.168.1.100.
Step 2: Turn on the dynamips virtual service, turn on R1 to R1 f/0 port configuration IP address:
Test connectivity:
Step 3: Open the Cisco TFTP Server software on the computer and turn on the TFTP service:
Turn on the TFTP service and modify the file default path:
Step 4: Perform the operation on the router:
Experimental results:
Problems you may encounter:
1. NIC selection error when configuring IP address:
Some computers have multiple network cards, and Cisco TFTP Server uses the IP address of the first network card as its server IP address by default, so be sure to select the correct IP address.
First open the Cisco TFTP Server to see the IP address it is currently using:
Then, in the console, see which NIC uses this IP address:
Then modify the IP address of this network card to be static IP:
Re-open the Cisco TFTP Server:
2.TFTP server is not available:
Cause: The firewall by default does not open the TFTP service feature, the designated UDP port 69th is turned off, the firewall can be turned off to do experiments.
Example 3: Remove the router's own ISO file and restore the ISO and configuration information: (On the basis of Example 1)
Perform the following actions on the router to delete its ISO file:
Then enter the following command in turn:
a row is assigned a value that does not allow an error IP_Address=192.168. 1.100 ip_subnet_mask=255.255. 255.0 Default_gateway=192.168. 1.1 tftp_server=192.168. 1.200 tftp_file=c2800nm-advipservicesk9-mz. 124-. T1.BINTFTPDNLD
After entering y, the router re-installed in the ISO file, the following prompt appears:
(4) Simple use of SDM: (only Introduction to configure Login method)
Experimental environment: (Dynamips,cisco SDM Software)
Configure the following on the router:
enconf thost R1 int f0/0192.168. 1.100 255.255. 255.0 0 4 login localtransport input ssh telnetend
Similar to the previous configuration host IP address is 192.168.1.200, set 192.168.1.100 as the default gateway;
Install the Cisco SDM Software (confirm that there is a Java environment), enter the IP address 192.168.1.100:
Click Start, enter the following window in the browser, enter the user name and password:
Click OK to go to the configuration page:
If you start the Cisco SDM with the following reminders and IE will be caught in a wait state, it indicates that the JRE version on the computer is too high, there is a compatibility issue, you can next lower version of the JDK.
(5) Password recovery technology:
Password recovery technology is required to modify the password of the device without changing the basic configuration when the network manager changes causing the original password to be lost or forgotten.
1) Router:
Password for the logon password and privileged mode configured on the terminal for the router:
12345604123456loginend
Write
Enter the show version command on the router:
Turn off the router and power cycle, press Ctrl+break to enter Rommon mode, modify the configuration register value to 0x2142, reset the router:
The password settings are not loaded by default, and show Running-config is used to view configuration information:
Note: If your router's password is encrypted, you can set a new password at this time (configure mode to enter enable SECRET * * * * *).
Then copy the startup configuration file to the run profile and save it, and modify the configuration register value to 0x2102:
Copy startup-config running-configwriteconfig0x2102
End
Reload
2) Switch:
Because the Cisco switch on the Packet Tracer simulator does not have the mode button, the experiment is not supported, and here is just the experimental steps: (This experiment can be done on a real switch)
In general, the password recovery technique for a switch or router is to enter privileged mode by setting whether the configuration file is loaded when the device starts, and then copies the boot configuration file to the run profile implementation. If you want to modify the new password, go to global configuration mode. To save after changing the password, copy the run configuration file to the boot profile.
Download the experiment document: Http://files.cnblogs.com/files/MenAngel/NetBlog4.rar
CCNA Network Engineer Learning process (4) Basic configuration and detailed introduction of network equipment