Skip to main content

ROUTER COMMANDS (CISCO)

Routing is the act of moving information across an internetwork from a source to a destination. Along
the way, at least one intermediate node typically is encountered. Routing involves two basic activities: determining optimal routing paths and transporting information groups (typically called packets) through an inter network.






Router > enable
Router # configure terminal
Router(config) #

Router # show running-config
Router # show startup-config
Router # write

1. Hostname
Router(config) # hostname {name}

2. Set Password (to access Privileged Mode ) Router(config) # enable password {password}
Router(config) # enable secret {password}  à  Password is encrypted

3. IP Address
Router(config) # interface {interface} {interface_number}
                Router(config-if) # ip address  {ip-address} { mask}         
Router(config-if) # no shutdown à Turn on the interface

4. Telnet
Router(config)# line vty 0 4
Router(config-line)# login
Router(config-line)# password {password}

5. Enable Router to act as an HTTP server
Router (config)# ip http server

6. Set clock rate on DCE Serial interface 
Router# show controller serial {interface_number} à  check to find out whether the serial               interface is DCE or DTE.
Router(config) # interface {interface} {interface_number}
Router(config-if) #clock rate {clock}

7. Routing Protocols
*     Static
Router(config)# ip route {network} [mask] {address|interface} [distance][permanent]

distance metric for this route
*     RIP – Routing Information Protocol
Router(config) # router rip à Defines IP routing protocol.
Router(config-router) # network {network-number} à  specifies a directly connected network.
*     IGRP – Interior Gateway Routing Protocol
Router(config)# router igrp  autonomous-system
Router(config-router) # network {network-number}
*     EIGRP – Enhanced Interior Gateway Routing Protocol Router(config)# router eigrp  autonomous-system
Router(config-router) # network {network-number}
*     OSPF – Open Shortest Path First Protocol Router(config)# router ospf  process-id
Router(config-router)# network {address} {wildcard-mask}  area {area-id}
*     Show command
Router# show ip route
Router# show ip route w.x.y.z
Router# show ip protocols
Router# show ip {protocol} [ interface | database | neighbors | topology ]

Route Source 
Default Distance 
Connected interface 
0
Static route 
1
EIGRP summary route 
5
External BGP 
20
Internal EIGRP 
90
IGRP 
100
OSPF 
110
IS-IS 
115
RIP 
120
EGP 
140
EIGRP external route 
170
Internal BGP 
200
Unknown 
255

8. Route Redistribute default−metric {bandwidth delay reliability loading mtu} : set metric value for all redistributed routes  (IGRP, EIGRP, OSPF, BGP, EGP).




9. Access Control Lists

Step 1 : Choose type of ACL ( Standard or Extended) and set parameters for the ACL test statements

§  Standard IP ACL
Router(config) # access-list access-list-number { permit | deny } source [mask]
Parameters
Description
access-list-number
Identifies the list that the entry belongs to; a number from 1 to 99
permit | deny
Indicates whether this entry allows or blocks traffic from the specified address
source
Identifies the source IP address
source [mask]
Identifies which bits in the address field are matched; default wildcard mask is 0.0.0.0 <host>

§  Extended IP ACL
Router(config) # access-list access-list-number { permit | deny } protocol source sourcewildcard [operator port] destination destination-wildcard [operator port] [established] [log]

Parameters
Description
access-list-number
Identifies the list using a number in the ranges of 100 to 199 or 2000 to 2699.
permit | deny
Indicates whether this entry allows or blocks traffic from the specified address
protocol
IP, TCP, UDP, ICMP, IGMP,..
source / destination
Identifies the source / destination IP addresses
source-wildcard destination-wildcard
Wildcard mask (0s : match, 1s : indicate “don’t care” positions )
operator  port
It(less than), gt (greater than), eq (equal), neq (not equal) and a port number.
established
For inbound TCP only, allows TCP traffic to pass if the packet uses an established connection. (Ex : it has ACK bits set )
log
Sends a logging message to the console

Step 2 : Enable an interface to use the specified ACL
Router(config) # ip access-group access-list-number { in | out }

Parameters
Description
access-list-number
Indicates number of ACL to be linked to this interface
in | out
Selects whether the ACL is applied as an incoming or outgoing filter; out is default.

Note : WILDCARD MASK
Address filtering occurs when you use ACL address wildcard masking to identify how to check or ignore corresponding IP address bits. Wildcard mask for IP address bits uses the number 1 and 0 to identify how to treat the corresponding IP address bits.
§  Wildcard mask bit 0 : Check the corresponding bit value in the address.
§  Wildcard mask bit 1 : Ignore (do not check) the corresponding bit value in the address.
Ex :  Host  : 172.30.16.29  à   Wildcard Mask : 0.0.0.0 ( host ) Subnet : 172.16.1.0   à   Wildcard Mask : 0.255.255.255.
All traffic : 0.0.0.0     à   Wildcard Mark : 255.255.255.255 ( any )

10. Network Address Translation

Private Addresses
Class
RFC 1918 Internal Address Range
CIDR Prefix
A
10.0.0.0 à 10.255.255.255
10.0.0.0/8
B
172.16.0.0 à 172.31.255.255
172.16.0.0/12
C
192.168.0.0 à 192.168.255.255
192.168.0.0/16
*   Step 1 : Configuring NAT
§  Static NAT - One Private to One Permanent Public Address Translation Router(config)#ip nat inside source static {local-ip} {global-ip}

§  Dynamic NAT - One Private to One Public Address Translation
Create an ACL that will identify which private IP addresses
Router(config) # access-list access-list-number  permit  source {mask}
Define a pool of usable public IP addresses
Router(config)#ip nat pool name {start-ip} {end-ip}  netmask { prefix-length} Link ACL to the pool of addresses.
Router(config)#ip nat inside source list {access-list-number | name} pool {name}

§  PAT - Many Private to One Public Address Translation Create an ACL that will identify which private IP addresses
Router(config) # access-list access-list-number { permit | deny } source [mask] Define a pool of usable public IP addresses
Router(config)# ip nat pool {name} {start-ip  end-ip}  netmask { prefix-length} Router(config)# ip nat pool {name} interface {interface-number} netmask { prefixlength}
Link ACL to the pool of addresses
Router(config)#ip nat inside source list {access-list-number | name} pool {name} overload

*   Step 2 :  Apply NAT on interface
§  Define the inside interface
Router(config)# interface {interface-number}
Router(config-if)# ip nat inside
§  Define the outside interface
Router(config)# int {interface-number}
Router(config-if)# ip nat outside

* Verifying - Troubleshooting NAT and PAT Configuration
Router#show ip nat translations   à Displays translation table
Router#show ip nat statistics   à Displays NAT statistics
Router#clear ip nat translations inside a.b.c.d outside e.f.g.h  à Clears a specific translation from the table before it times out
Router#clear ip nat translations *
Router#debug ip nat  Ã  Displays information about every packet that is translated
Router#debug ip nat detailed

11. Enable SNMP (Simple Network Management Protocol)
Router(config) # snmp-server community snmp-community-string [acl | acl_name | ipv6 | ro | rw | view ]

<1-99>
Standard IP access list allowing access with this community string
<1300-1999>
Expanded IP access list allowing access with this community string
WORD
Access-list name
ipv6
Specify IPv6 Named Access-List
ro
Read-only access with this community string
rw
Read-write access with this community string
view
Restrict this community to a named MIB view

12. Netflow
 
§  Step 1 : Enabling NetFlow Export on interface
Router(config) # interface {interface} {interface_number}
Router(config-if) # ip route-cache flow
Router(config-if) # bandwidth <kbps>
§  Step 2 : Exporting NetFlow Data
Router(config) # ip flow-export source {interface} {interface_number}
Router(config) # ip flow-export destination {hostname| ip_address} {port}
Router(config) # ip flow-export version {netflow-version}
§  Step 3 : Verifying Device Configuration Router # show ip flow export
Router # show ip cache flow
Router # show ip cache verbose flow 

 




Reference : Commands Guide of Cisco  
Labels:

Comments

Post a Comment

Popular posts from this blog

Run command

"Use Run Command make life easy" Sometime we use many run command in our windows base computer. Run command is very useful for easy work. There are some "run command",
3 comments
Read more

Cloud computing

  Cloud computing is a technology model that enables access to a shared pool of computing resources and services over the Internet. Instead of owning and maintaining physical servers and data centers, organizations can use cloud computing services provided by cloud service providers. These services include computing power, storage, databases, networking, software, and more. Cloud computing services can be categorized into several main models: Infrastructure as a Service (IaaS): IaaS provides virtualized computing resources over the Internet. Users can rent virtual machines, storage, and networking components, allowing them to run and manage their operating systems and applications. Platform as a Service (PaaS): PaaS offers a platform that includes the underlying infrastructure, development tools, and services to build, deploy, and manage applications. Users focus on coding and application development while the platform handles the underlying infrastructure. Software as a Service ...
2 comments
Read more

AWS Free Tier

The AWS Free Tier is designed to give you hands-on experience with a range of Amazon Web Services (AWS) products and services without charging you for usage up to a specific limit. This tier primarily benefits new AWS customers, allowing them to try different AWS services and gain practical experience before committing to more extensive usage. The Free Tier includes offers that are available for 12 months following your AWS sign-up date, as well as offers that are always free. Here are the main components of the AWS Free Tier: 12-Months Free: These offers are available to new AWS customers and are valid for 12 months following your AWS sign-up date. After the 12-month free usage term, you pay standard, pay-as-you-go service rates. Always Free: These offers do not expire and are available to all AWS customers. They provide limited access to a range of AWS services for free forever. However, the usage limits reset monthly. Trials: Short-term trial offers start when you activate a part...
Post a Comment
Read more