Router components & configuration Lecture 2
Lecture outlook Functions of the router Router IOS and configuration file Router components Router interfaces Bootup process Cisco IOS modes Building basic configuration Limiting device access – Configuring passwords Configuration review and modification 2
Router (Маршрутизатор) is a primary internetwork device, which possesses the following features: operates at Layer 3 (Network) of OSI model 3
Routers interconnect networks Routers are used to interconnect networks that use different technologies. Each port on a router connects to a different network and routes packets between the networks. They can have both LAN and WAN interfaces. Each router interface belongs to a different IP network and needs an IP address to be configured. Routers break up broadcast and collision domains. 4
Router is a gateway The default gateway (шлюз за замовчуванням) is needed to send a packet out of the local network. 5
Router is a gateway The default gateway is configured on a host. 6
Routers determine the best path to send packets The router uses its routing table to determine the best path to forward the packet. 7
Routers switch packets The switching function is the process used by a router to accept a packet on one interface and forward it out another interface. 8
Routers filter traffic Security between networks is implemented in an intermediary device. Router performing the firewall functions permits only known, trusted data to access the network. 9
Cisco IOS and configuration file The Cisco Internetwork Operating System (IOS) provides devices with the following network services: Basic routing and switching functions Reliable and secure access to networked resources Network scalability Configuration files contain the commands used to customize the functionality of a Cisco device. Types of Configuration Files: The running configuration file - used during the current operation of the device The startup configuration file - used as the backup configuration and is loaded when the device is started 10
Router Components CPU RAM NVRAM Flash memory ROM Interfaces 11
Router components and their functions CPU (Central Processing Unit, ЦП) executes operating system instructions such as system initialization, routing functions, and switching functions. RAM (Random Access Memory, ОЗП) is used to store : the instructions and data needed to be executed by the CPU. Operating System: The Cisco IOS (Internetwork Operating System) is copied into RAM during bootup. Running Configuration File (running-config): This is the configuration file that stores the configuration commands that the router IOS is currently using. IP Routing Table: This file stores information about directly connected and remote networks. It is used to determine the best path to forward the packet. ARP Cache: This cache contains the IPv 4 address to MAC address mappings. Packet Buffer: Packets are temporarily stored in a buffer when received on an interface or before they exit an interface. RAM is volatile memory and loses its content when the router is powered down or restarted. 12
Router components and their functions NVRAM (Nonvolatile RAM, Енергонезалежна пам’ять) is used as permanent storage for the startup configuration file (startup-config). NVRAM retains its contents even when the router reloads or is powered off. Flash Memory (Флеш пам’ять) is nonvolatile computer memory that can be electrically stored and erased. Flash is used as permanent storage for the operating system, Cisco IOS. ROM (Read-Only Memory, ПЗП) is used to store: The bootstrap instructions Basic diagnostic software (POST) Scaled-down version of IOS 13
Router interfaces: network and management Network interfaces are used to carry traffic, each belongs to a separate network, need an IP address to be configured. There are two kinds of network interfaces: - LAN interfaces (Ethernet) - WAN interfaces (serial) Management interfaces are not used to pass packets, provide a text-based connection for configuration and troubleshooting of the router or other device. There are two kinds of management interfaces: -Console - Auxiliary (AUX) 14
Router LAN interfaces (Ethernet) The Ethernet interface is used for connecting cables that terminate with LAN devices such as computers and switches. Color: yellow Cable: UTP Connector: RJ-45 Naming: Ethernet, e 0, Fast. Ethernet, Fa 0/0, fe 0/1. f 0. 15
Router WAN interfaces (serial) Serial WAN interfaces are used for physical connection between data network and Internet Service Provider’s circuit. Typically a modem or CSU/DSU device is needed to provide signal clocking. Color: blue Cable: V. 35 Connector: Smart serial Naming: serial, se 0/0, s 0/3/0 16
Router WAN interfaces (serial) There are two types of devices needed to maintain the WAN link : Data Communications Equipment (DCE) - A device that supplies the clocking services to another device. Typically, this device is at the WAN access provider end of the link. Data Terminal Equipment (DTE) - A device that receives clocking services from another device and adjusts accordingly. Typically, this device is at the WAN customer or user end of the link. 17
Making WAN serial connection When making WAN connections between two routers in a lab environment, connect two routers with a serial cable to simulate a point-to-point WAN link. 18
Management interfaces Console and Auxiliary ports: EIA-232 asynchronous serial ports. They are connected to a communications port on a computer. Console Interface is the primary interface for initial configuration of a Cisco router or switch. It is also an important means of troubleshooting. Color: light blue Cable: rollover Connector: RJ-45 / DB-9 Naming: con 0, console 0 Auxiliary (AUX) Interface is used for remote management of the router. Typically, a modem is connected to the AUX interface for dial -in access. 19
Making the device console connection A computer is connected to the console port of a router using the console cable. The console cable is a rollover cable with a DB-9 connector on one end an RJ-45 connector on the other end. The connection to the console is made by plugging the DB-9 connector into an available EIA/TIA 232 serial (COM) port on the computer. Once the serial connection to the computer is made, connect the RJ-45 end of the cable directly into the console interface on the router. Configure a terminal emulator Hyper Terminal with the proper settings. 20
Router bootup process 21
Cisco IOS Modes User executive mode Privileged executive mode Global configuration mode Other specific configuration modes 22
Cisco IOS Modes User Executive Mode (user EXEC) is a viewonly mode, which allows only a limited number of basic monitoring commands. This mode is the first entrance into the CLI of an IOS router. The user EXEC level does not allow the execution of any commands that might change the configuration of the device. Router> 23
Cisco IOS modes Privileged EXEC Mode allows the execution of configuration and management commands. In order to access the privileged EXEC mode, use the enable command. Router# To exit global mode, use the exit or disable command. 24
The show commands 25
Cisco IOS Modes Global configuration mode can only be reached from the privileged EXEC mode. From global config, CLI configuration changes are made that affect the operation of the device as a whole. Router#configure terminal Router(config)# To exit global mode, use the exit command. Specific Configuration Modes are entered from global configuration mode. Interface mode - to configure one of the network interfaces (Fa 0/0, S 0/0/0, . . ) Line mode - to configure one of the lines (physical or virtual) (console, AUX, VTY, . . ) Router mode - to configure the parameters for one of the routing protocols. 26
Configuring Router Name 27
Configuring Router Ethernet Interfaces 1. Enter global configuration mode. 2. Enter interface configuration mode. 3. Specify the interface address and subnet mask. 4. Enable the interface. 28
Configuring Router Serial Interfaces 1. Enter global configuration mode. 2. Enter interface mode. 3. Specify the interface address and subnet mask. 4. Set the clock rate if a DCE cable is connected. Skip this step if a DTE cable is connected. 5. Turn on the interface. 29
Limiting device access – Configuring passwords The passwords introduced here are: Console password - limits device access using the console connection Enable password - limits access to the privileged EXEC mode Enable secret password - encrypted, limits access to the privileged EXEC mode VTY password - limits device access using Telnet 30
Console Password Console password reduces the chance of unauthorized personnel physically plugging a console cable into the device and gaining device access. 31
Enable and Enable Secret Passwords provide additional security and establish authentication before accessing privileged EXEC mode. 32
VTY Password The vty lines allow access to a router via Telnet. By default, many Cisco devices support five VTY lines that are numbered 0 to 4. A password needs to be set for all available vty lines. The same password can be set for all connections. 33
Configuration review & modifications Check the performed configurations Make the changed configuration the new startup configuration. Remove all configuration from the device. 34
Questions ? ? ? 35