Routing and Switching Essentials CHPT 10
Some common syslog message facilities reported on Cisco IOS routers include:
IP OSPF protocol SYS operating system IP security (IPsec) Interface IP (IF) By default, the format of syslog messages on the Cisco IOS Software is as follows: seq no: timestamp: %facility-severity-MNEMONIC: description
Informational Level 6:
A normal information message that does not affect device functionality. For example, when a Cisco device is booting, you might see the following informational message: %LICENSE-6-EULA_ACCEPT_ALL: The Right to Use End User License Agreement is accepted.
Restoring Text Configurations
When using Tera Term, the steps are: Step 1. On the File menu, click Send file. Step 2. Locate the file to be copied into the device and click Open. Step 3. Tera Term will paste the file into the device. The text in the file will be applied as commands in the CLI and become the running configuration on the device. This is a convenient method for manually configuring a router.
The most common designation for memory location and compression format is mz. The first letter indicates the location where the image is executed on the router. The locations can include:
f - flash m - RAM r - ROM l - relocatable
Syslog Operation
popular destinations for syslog messages include: Logging buffer (RAM inside a router or switch) Console line Terminal line Syslog server It is possible to remotely monitor system messages by viewing the logs on a syslog server, or by accessing the device through Telnet, SSH, or through the console port.
Console access to the device through a terminal or terminal emulator software on a PC is required for password recovery. The terminal settings to access the device are:
9600 baud rate No parity 8 data bits 1 stop bit No flow control
NTP Operation Stratum 0
An NTP network gets the time from authoritative time sources. These authoritative time sources, also referred to as stratum 0 devices, are high-precision timekeeping devices assumed to be accurate and with little or no delay associated with them. Stratum 0 devices are represented by the clock in the figure.
Configure and Verify NTP
Before NTP is configured on the network, the show clock command displays the current time on the software clock. With the detail option, the time source is also displayed. The software clock has been manually configured. Use the ntp server ip-address command in global configuration mode to configure 209.165.200.225 as the NTP server for R1. To verify the time source is set to NTP, use the show clock detail command again.
Default Logging
By default, Cisco routers and switches send log messages for all severity levels to the console. On some IOS versions, the device also buffers log messages by default. To enable these two settings, use the logging console and logging buffered global configuration commands, respectively. The show logging command displays the default logging service settings on a Cisco router, as shown in the figure. The first lines of output list information about the logging process, with the end of the output listing log messages.
CDP Overview
Cisco Discovery Protocol (CDP) is a Cisco proprietary Layer 2 protocol that is used to gather information about Cisco devices which share the same data link. CDP is media and protocol independent and runs on all Cisco devices, such as routers, switches, and access servers. The device sends periodic CDP advertisements to connected devices, as shown in the figure. These advertisements share information about the type of device that is discovered, the name of the devices, and the number and type of the interfaces.
IOS 15 System Image Packaging
Cisco Integrated Services Routers Generation Two (ISR G2) 1900, 2900, and 3900 Series support services on demand through the use of software licensing. The Services on Demand process enables customers to realize operational savings through ease of software ordering and management. When an order is placed for a new ISR G2 platform, the router is shipped with a single universal Cisco IOS Software image and a license is used to enable the specific feature set packages,
LLDP Overview
Cisco devices also support Link Layer Discovery Protocol (LLDP), which is a vendor-neutral neighbor discovery protocol similar to CDP. LLDP works with network devices, such as routers, switches, and wireless LAN access points. This protocol advertises its identity and capabilities to other devices and receives the information from a physically connected Layer 2 device.
Backup Configurations with Text Capture (Tera Term)
Configuration files can be saved/archived to a text file using Tera Term. As shown in the figure, the steps are: Step 1. On the File menu, click Log. Step 2. Choose the location to save the file. Tera Term will begin capturing text. Step 3. After capture has been started, execute the show running-config or show startup-config command at the privileged EXEC prompt. Text displayed in the terminal window will be directed to the chosen file. Step 4. When the capture is complete, select Close in the Tera Term: Log window. Step 5. View the file to verify that it was not corrupted.
The different parts of an IOS 15 system image file on an ISR G2 device:
Image Name (c1900) - Identifies the platform on which the image runs. In this example, the platform is a Cisco 1900 router. universalk9 - Specifies the image designation. The two designations for an ISR G2 are universalk9 and universalk9_npe. Universalk9_npe does not contain strong encryption and is meant for countries with encryption restrictions. Features are controlled by licensing and can be divided into four technology packages. These are IP Base, Security, Unified Communications, and Data. mz - Indicates where the image runs and if the file is compressed. In this example, mz indicates that the file runs from RAM and is compressed. SPA - Designates that file is digitally signed by Cisco. 152-4.M3 - Specifies the filename format for the image 15.2(4)M3. This is the version of IOS, which includes the major release, minor release, maintenance release, and maintenance rebuild numbers. The M indicates this is an extended maintenance release. bin - The file extension. This extension indicates that this file is a binary executable file.
Restore Configurations with a USB Flash Drive
In order to copy the file back, it will be necessary to edit the USB R1-Config file with a text editor. Assuming the file name is R1-Config, use the command copy usbflash0:/R1-Config running-config to restore a running configuration.
NTP Operation
NTP networks use a hierarchical system of time sources. Each level in this hierarchical system is called a stratum. The stratum level is defined as the number of hop counts from the authoritative source. The synchronized time is distributed across the network using NTP.
Password Recovery
Passwords on devices are used to prevent unauthorized access. For encrypted passwords, such as the enable secret passwords, the passwords must be replaced after recovery.
Depending on the device, the detailed procedure for password recovery varies; however, all the password recovery procedures follow the same principle:
Step 1. Enter the ROMMON mode. Step 2. Change the configuration register to 0x2142 to ignore the startup config file. Step 3. Make necessary changes to the original startup config file. Step 4. Save the new configuration.
To create a backup of the Cisco IOS image to a TFTP server, perform the following three steps:
Step 1. Ensure that there is access to the network TFTP server. Ping the TFTP server to test connectivity, as shown in Figure 2. Step 2. Verify that the TFTP server has sufficient disk space to accommodate the Cisco IOS Software image. Use the show flash0: command on the router to determine the size of the Cisco IOS image file. The file in the example is 68831808 bytes long. Step 3. Copy the image to the TFTP server using the copy source-url destination-url command.
Router and Switch Commands for Syslog Clients
Step 1. In global configuration mode, use the logging command toconfigure the destination hostname or IPv4 address of the syslog. Step 2. Control the messages that will be sent to the syslog server with the logging trap level global configuration mode command. For example, to limit the messages to levels 4 and lower (0 to 4), use one of the two equivalent commands. Step 3. Optionally, configure the source interface with the logging source-interface interface-type interface-number global configuration mode command. This specifies that syslog packets contain the IPv4 or IPv6 address of a specific interface, regardless of which interface the packet uses to exit the router.
Follow these steps to upgrade the software on the Cisco router:
Step 1. Select a Cisco IOS image file that meets the requirements in terms of platform, features, and software. Download the file from cisco.com and transfer it to the TFTP server. Step 2. Verify connectivity to the TFTP server. Ping the TFTP server from the router. The output in Figure 2 shows the TFTP server is accessible from the router. Step 3. Ensure that there is sufficient flash space on the router that is being upgraded. The amount of free flash can be verified using the show flash0: command. Compare the free flash space with the new image file size. The show flash0: command in Figure 3 is used to verify free flash size. Free flash space in the example is 182,394,880 bytes. Step 4. Copy the IOS image file from the TFTP server to the router using the copy command shown in Figure 4. After issuing this command with specified source and destination URLs, the user will be prompted for IP address of the remote host, source file name, and destination file name. The transfer of the file will begin
Router File Systems
The Cisco IOS File System (IFS) allows the administrator to navigate to different directories and list the files in a directory, and to create subdirectories in flash memory or on a disk. The directories available depend on the device.
Using USB Ports on a Cisco Router
The Universal Serial Bus (USB) storage feature enables certain models of Cisco routers to support USB flash drives. The USB flash feature provides an optional secondary storage capability and an additional boot device. Images, configurations, and other files can be copied to or from the Cisco USB flash memory with the same reliability as storing and retrieving files using the Compact Flash card. In addition, modular integrated services routers can boot any Cisco IOS Software image saved on USB flash memory. Ideally, USB flash can hold multiple copies of the Cisco IOS and multiple router configurations.
The show license command
The following is a brief description of the output: Feature - Name of the feature License Type - Type of license; such as Permanent or Evaluation License State - Status of the license; such as Active or In Use License Count - Number of licenses available and in use, if counted. If non-counted is indicated, the license is unrestricted. License Priority - Priority of the license; such as high or low
Back up the License
The license save command is used to copy all licenses in a device and store them in a format required by the specified storage location. Saved licenses are restored by using the license install command. The command to back up a copy of the licenses on a device is: Router# license save file-sys://lic-location Use the show flash0: command to verify that the licenses have been saved (Figure 1).
Notification Level 5:
The notifications level is for normal, but significant events. For example, interface up or down transitions, and system restart messages are displayed at the notifications level.
Discover Devices Using CDP
The show cdp neighbors command provides helpful information about each CDP neighbor device, including the following: Device identifiers - The host name of the neighbor device (S1) Port identifier - The name of the local and remote port (Gig 0/1 and Fas 0/5, respectively) Capabilities list - Whether the device is a router or a switch (S for switch; I for IGMP is beyond scope for this course) Platform - The hardware platform of the device (WS-C2960 for Cisco 2960 switch)
NTP Operation Stratum 1
The stratum 1 devices are directly connected to the authoritative time sources. They act as the primary network time standard.
NTP Operation Stratum 2
The stratum 2 servers are connected to stratum 1 devices through network connections. Stratum 2 devices, such as NTP clients, synchronize their time using the NTP packets from stratum 1 servers. They could also act as servers for stratum 3 devices. Smaller stratum numbers indicate that the server is closer to the authorized time source than larger stratum numbers. The larger the stratum number, the lower the stratum level. The max hop count is 15. Stratum 16, the lowest stratum level, indicates that a device is unsynchronized. Time servers on the same stratum level can be configured to act as a peer with other time servers on the same stratum level for backup or verification of time.
Universal images with the "universalk9_npe" designation in the image name
The strong enforcement of encryption capabilities provided by Cisco Software Activation satisfies requirements for the export of encryption capabilities. However, some countries have import requirements that require that the platform does not support any strong cryptography functionality, such as payload cryptography. To satisfy the import requirements of those countries, the npe universal image does not support any strong payload encryption.
Introduction to Syslog
The syslog logging service provides three primary functions: The ability to gather logging information for monitoring and troubleshooting The ability to select the type of logging information that is captured The ability to specify the destinations of captured syslog messages
Warning Level 4 - Emergency Level 0:
These messages are error messages about software or hardware malfunctions; these types of messages mean that the functionality of the device is affected. The severity of the issue determines the actual syslog level applied.
Obtain a License
This UDI can be displayed using the show license udi command shown in Figure 1. This information is also available on a pull-out label tray found on the device.
Debugging Level 7:
This level indicates that the messages are output generated from issuing various debug commands.
Universal images with the "universalk9" designation in the image name
This universal image offers all of the Cisco IOS Software features, including strong payload cryptography features, such as IPsec VPN, SSL VPN, and Secure Unified Communications.
Uninstall the License
To clear an active permanent license from the Cisco 1900 series, 2900 series, and 3900 series routers, perform the following steps: Step 1. Disable the technology package. Disable the active license with the command: Router(config)# license boot module module-name technology-package package-name disable Reload the router using the reload command. A reload is required to make the software package inactive. Step 2. Clear the license. Clear the technology package license from license storage. Router# license clear feature-name Clear the license boot module command used for disabling the active license: Router(config)# no license boot module module-name technology-package package-name disable.
Disable CDP
To disable CDP on a specific interface, such as the interface facing an ISP, enter no cdp enable in the interface configuration mode. CDP is still enabled on the device; however, no more CDP advertisements will be sent out that interface. To enable CDP on the specific interface again, enter cdp enable,
Configure and Verify LLDP
To enable LLDP globally on a Cisco network device, enter the lldp run command in the global configuration mode. To disable LLDP, enter the no lldp run command in the global configuration mode. To verify LLDP has been enabled on the device, enter the show lldp command in the privileged EXEC mode
Restoring Configurations with TFTP
To restore the running configuration or the startup configuration from a TFTP server, use either the copy tftp running-config or copy tftp startup-config command. Use these steps to restore the running configuration from a TFTP server: Step 1. Enter the copy tftp running-config command. Step 2. Enter the IP address of the host where the configuration file is stored. Step 3. Enter the name to assign to the configuration file. Step 4. Press Enter to confirm each choice.
Backup Configurations with TFTP
To save the running configuration or the startup configuration to a TFTP server, use either the copy running-config tftp or copy startup-config tftp command as shown in the figure. Follow these steps to backup the running configuration to a TFTP server: Step 1. Enter the copy running-config tftp command. Step 2. Enter the IP address of the host where the configuration file will be stored. Step 3. Enter the name to assign to the configuration file. Step 4. Press Enter to confirm each choice.
The boot system Command
To upgrade to the copied IOS image after that image is saved on the router's flash memory, configure the router to load the new image during bootup using the boot system command. After the router has booted, to verify the new image has loaded, use the show version command.
CDP Show
To verify the status of CDP and display a list of neighbors, use the show cdp neighbors command in the privileged EXEC mode. The show cdp neighbors command displays important information about the CDP neighbors. Use the show cdp interface command to display the interfaces that are CDP enabled on a device. The status of each interface is also displayed.
Configure and Verify CDP
To verify the status of CDP and display information about CDP, enter the show cdp command, as displayed in Example 1. To enable CDP globally for all the supported interfaces on the device, enter cdp run in the global configuration mode. CDP can be disabled for all the interfaces on the device with the no cdp run command in the global configuration mode.
Setting the System Clock
Typically, the date and time settings on a router or switch can be set using one of two methods: Manually configure the date and time, as shown in the figure Configure the Network Time Protocol (NTP) When NTP is implemented in the network, it can be set up to synchronize to a private master clock or it can synchronize to a publicly available NTP server on the Internet. NTP uses UDP port 123 and is documented in RFC 1305.
Service Timestamp
Use the command service timestamps log datetime to force logged events to display the date and time. As shown in the figure, when the R1 GigabitEthernet 0/0 interface is reactivated, the log messages now contain the date and time. Note: When using the datetime keyword, the clock on the networking device must be set, either manually or through NTP, as previously discussed.
Backup Configurations with a USB Flash Drive
When backing up to a USB port, it is a good idea to issue the show file systems command to verify that the USB drive is there and confirm the name, as shown in Figure 1. Next, use the copy run usbflash0:/ command to copy the configuration file to the USB flash drive. Be sure to use the name of the flash drive, as indicated in the file system. The slash is optional but indicates the root directory of the USB flash drive.
Discover Devices Using LLDP
With LLDP enabled, device neighbors can be discovered using the show lldp neighbors command. When more details about the neighbors are needed, the show lldp neighbors detail command can provide information, such as the neighbors' IOS version, IP address, and device capability.