Chapter 2: Configuring A Network Operating System

Chapter 2:Configuring a NetworkOperating SystemIntroduction to NetworksPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential1

Chapter 2 - ObjectivesUpon completion of this chapter you will be able to: Explain the purpose of the Cisco IOS. Explain how to access and navigate Cisco IOS to configure networkdevices. Describe the command structure of the Cisco IOS software. Configure hostnames on a Cisco IOS device using the CLI. Use Cisco IOS commands to limit access to device configurations. Use Cisco IOS commands to save the running configuration. Explain how devices communicate across network media. Configure a host device with an IP address. Verify connectivity between two end devices.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential2

Chapter 22.0 Introduction2.1 IOS Bootcamp2.2 Getting Basic2.3 Addressing Schemes2.4 SummaryPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential3

2.1 IOS BootcampPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential4

Cisco IOSOperating Systems All networking equipment dependent on operating systems The operating system on home routers is usually called firmware Cisco IOS – Collection of network operating systems used on CiscodevicesPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential5

Cisco IOSOperating Systems (cont.)Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential6

Cisco IOSPurpose of OS PC operating systems (Windows 8 and OS X) perform technicalfunctions that enable: Use of a mouse View output Enter text Switch or router IOS provides options to: Configure interfaces Enable routing and switching functions All networking devices come with a default IOS Possible to upgrade the IOS version or feature set In this course, primary focus is Cisco IOS Release 15.xPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential7

Cisco IOSLocation of the Cisco IOSCisco IOS stored in Flash Non-volatile storage, not lost when power is lostCan be changed or overwritten as neededCan be used to store multiple versions of IOSIOS copied from flash to volatile RAMQuantity of flash and RAM memory determines IOS that can be usedPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential8

Cisco IOSIOS FunctionsThese are the major functions performed or enabled by Cisco routersand switches.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential9

Accessing a Cisco IOS DeviceConsole Access MethodMost common methods to access the CLI: Console Telnet or SSH AUX portPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential10

Accessing a Cisco IOS DeviceConsole Access MethodConsole Port Device is accessible even if no networking services have beenconfigured (out-of-band) Need a special console cable Allows configuration commands to be entered Should be configured with passwords to prevent unauthorized access Device should be located in a secure room so console port cannot beeasily accessedPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential11

Accessing a Cisco IOS DeviceTelnet, SSH, and AUX Access MethodsTelnet Method for remotely accessing the CLI over a network Require active networking services and one active interface that isconfiguredSecure Shell (SSH) Remote login similar to Telnet, but utilizes more security Stronger password authentication Uses encryption when transporting dataAux Port Out-of-band connection Uses telephone line Can be used like console portPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential12

Accessing a Cisco IOS DeviceTerminal Emulation ProgramsSoftware available forconnecting to a networkingdevice: PuTTY Tera Term SecureCRT HyperTerminal OS X TerminalPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential13

Navigating the IOSCisco IOS Modes of OperationPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential14

Navigating the IOSPrimary ModesPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential15

Navigating the IOSGlobal Configuration Mode and SubmodesPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential16

Navigating the IOSNavigating Between IOS ModesPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential17

Navigating the IOSNavigating Between IOS Modes (cont.)Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential18

The Command StructureIOS Command StructurePresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential19

The Command StructureCisco IOS Command ReferenceTo navigate to Cisco’s IOS Command Reference to find a command:1. Go to http://www.cisco.com.2. Click Support.3. Click Networking Software (IOS & NX-OS).4. Click 15.2M&T (for example).5. Click Reference Guides.6. Click Command References.7. Click the particular technology that encompasses the command youreference.8. Click the link on the left that alphabetically matches the commandyou referencing.9. Click the link for the command.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential20

The Command StructureContext-Sensitive HelpPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential21

The Command StructureCommand Syntax CheckPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential22

The Command StructureHot Keys and Shortcuts Tab – Completes the remainder of a partially typed command orkeyword. Ctrl-R – Redisplays a line. Ctrl-A – Moves to the beginning of the line. Ctrl-Z – Exits the configuration mode and returns to user EXEC. Down Arrow – Allows the user to scroll forward through formercommands. Up Arrow – Allows the user to scroll backward through formercommands. Ctrl-shift-6 – Allows the user to interrupt an IOS process suchas ping or traceroute. Ctrl-C – Exits the current configuration or aborts the currentcommand.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential23

The Command StructureIOS Examination CommandsPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential24

The Command StructureThe show version CommandPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential25

2.2 Getting BasicPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential26

HostnamesWhy the SwitchLet’s focus on: Creating a two PC network connected via a switchSetting a name for the switchLimiting access to the device configurationConfiguring banner messagesSaving the configurationPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential27

HostnamesDevice NamesSome guidelines for naming conventions: Start with a letter Contains no spaces Ends with a letter or digit Uses only letters, digits, and dashes Be less than 64 characters in lengthWithout names, networkdevices are difficult toidentify for configurationpurposes.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential28

HostnamesConfiguring Device NamesHostnames allowdevices to beidentified by networkadministrators overa network or theInternet.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential29

HostnamesConfiguring HostnamesPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential30

Limiting Access to Device ConfigurationsSecuring Device AccessThese are device access passwords: enable password – Limits access to the privileged EXEC mode enable secret – Encrypted, limits access to the privileged EXECmode console password – Limits device access using the consoleconnection VTY password – Limits device access over TelnetNote: In most of the labs in this course, we will be using simplepasswords such as cisco or class.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential31

Limiting Access to Device ConfigurationsSecuring Privileged EXEC Access Mode Use the enable secret command, not the older enablepassword command. The enable secret command provides greater security becausethe password is encrypted.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential32

Limiting Access to Device ConfigurationsSecuring User EXEC Access Console port must be secured; it reduces the chance ofunauthorized personnel physically plugging a cable into thedevice and gaining device access. VTY lines allow access to a Cisco device via Telnet. The numberof VTY lines supported varies with the type of device and theIOS version.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential33

Limiting Access to Device ConfigurationsEncrypting Password Displayservice passwordencryption Preventspasswords fromshowing up asplain text whenviewing theconfiguration Keepsunauthorizedindividuals fromviewing passwordsin the configurationfile Once applied,removing theencryption servicedoes not reversethe encryptionPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential34

Limiting Access to Device ConfigurationsBanner Messages Important part ofthe legal process inthe event thatsomeone isprosecuted forbreaking into adevice Wording thatimplies that a loginis "welcome" or"invited" is notappropriate Often used forlegal notificationbecause it isdisplayed to allconnectedterminalsPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential35

Saving ConfigurationsConfiguration Files Switch# reloadSystem configuration hasbeen modified. Save?[yes/no]: nProceed with reload?[confirm] Startup configuration isremoved by usingthe erase startupconfigSwitch# erase startupconfig On a switch, you must alsoissue the deletevlan.datSwitch# deletevlan.datDelete filename[vlan.dat]?Delete flash:vlan.dat?[confirm]Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential36

Saving ConfigurationsCapturing TextPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential37

2.3 Addressing SchemesPresentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential38

Ports and AddressesIP Addressing of Devices Each end device on anetwork must beconfigured with an IPaddress. Structure of an IPv4address is called dotteddecimal. IP address displayed indecimal notation, withfour decimal numbersbetween 0 and 255. With the IP address, asubnet mask is alsonecessary. IP addresses can beassigned to bothphysical ports and virtualinterfaces.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential39

Ports and AddressesInterfaces and Ports Network communications depend on end user device interfaces,networking device interfaces, and the cables that connect them. Types of network media include twisted-pair copper cables, fiberoptic cables, coaxial cables, or wireless. Different types of network media have different features and benefits. Ethernet is the most common local area network (LAN) technology. Ethernet ports are found on end user devices, switch devices, andother networking devices. Cisco IOS switches have physical ports for devices to connect to, butalso have one or more switch virtual interfaces (SVIs; no physicalhardware on the device associated with it; created in software). SVI provides a means to remotely manage a switch over a network.Presentation ID 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential40