A Quick Look at Cisco IOS Commands
By Erik Rodriguez
This article provides a very brief introduction to the Cisco IOS. A description is provided of basic IOS commands and minimal configuration. You may also wish to see, the Cisco IOS Cheat Sheet.
Introduction
Cisco Systems is a world leader in the production of network routers. They produce many different models of routers for small to large networks. Cisco also has a large role in the development of Internet Standards (RFCs) and proprietary protocols (See Routing Protocols). Cisco Systems will continue to be both a pioneer of the Internet and a provider of cutting-edge technology. They recently celebrated their 20th year of existence in 2004.
The router used in this article is a Cisco 2514 with the following specs:
- 16MB DRAM
- 16MB Flash
- (2) AUI/Ethernet Ports @ 10 Mbps
- (2) Serial Ports
- Cisco IOS 12.0
If you are unfamiliar with the architecture of Cisco routers click here. Now, there are two main ways to connect to the router. You can connect via IP address or console port. Both can be done with Telnet. Let us take a look at the routers boot process:
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-D-L), Version 12.0(18b), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Mon 11-Feb-02 02:32 by kellythw
Image text-base: 0x03038A80, data-base: 0x00001000
cisco 2500 (68030) processor (revision L) with 14336K/2048K bytes of memory.
Processor board ID 07092223, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
2 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read ONLY)
Using a Cisco Router
There are several important aspects to understanding how a Cisco router works. Besides understanding its physical architecture, you should be familar with how the commands should be entered. There are several different configuration levels that router can reside in. The basic level, called "execute mode" or "EXEC", allows users to execute commands, but does not allow any changes to be made to the router's configuration. The output below shows the router (named antares) and the commands that can be executed.
antares>?
Exec commands:
<1-99> Session number to resume
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
clear Reset functions
connect Open a terminal connection
disable Turn off privileged commands
disconnect Disconnect an existing network connection
enable Turn on privileged commands
exit Exit from the EXEC
help Description of the interactive help system
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
mrinfo Request neighbor and version information from a multicast router
mstat Show statistics after multiple multicast traceroutes
mtrace Trace reverse multicast path from destination to source
name-connection Name an existing network connection
pad Open a X.29 PAD connection
ping Send echo messages
ppp Start IETF Point-to-Point Protocol (PPP)
resume Resume an active network connection
rlogin Open an rlogin connection
set Set system parameter (not config)
show Show running system information
slip Start Serial-line IP (SLIP)
systat Display information about terminal lines
telnet Open a telnet connection
terminal Set terminal line parameters
traceroute Trace route to destination
tunnel Open a tunnel connection
where List active connections
x28 Become an X.28 PAD
x3 Set X.3 parameters on PAD
The next level is called "Privileged Mode." This allows a user to execute all standard commands and make changes to the router's configuration. In order to enter privileged mode, use the enable command. You will be prompted for the enable password. Note that the enable password should be different than the EXEC password.
antares>enable
Password:
antares#
Notice the # sign after the router name. This is similar to being "root" on a Linux machine. Notice the output below contains more command possibilities than EXEC mode.
antares#?
Exec commands:
<1-99> Session number to resume
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
access-template Create a temporary Access-List entry
bfe For manual emergency modes setting
cd Change current directory
clear Reset functions
clock Manage the system clock
configure Enter configuration mode
connect Open a terminal connection
copy Copy from one file to another
debug Debugging functions (see also 'undebug')
delete Delete a file
dir List files on a filesystem
disable Turn off privileged commands
disconnect Disconnect an existing network connection
enable Turn on privileged commands
erase Erase a filesystem
exit Exit from the EXEC
help Description of the interactive help system
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
more Display the contents of a file
mrinfo Request neighbor and version information from a multicast router
mstat Show statistics after multiple multicast traceroutes
mtrace Trace reverse multicast path from destination to source
name-connection Name an existing network connection
no Disable debugging functions
pad Open a X.29 PAD connection
ping Send echo messages
ppp Start IETF Point-to-Point Protocol (PPP)
pwd Display current working directory
reload Halt and perform a cold restart
resume Resume an active network connection
rlogin Open an rlogin connection
rsh Execute a remote command
send Send a message to other tty lines
set Set system parameter (not config)
setup Run the SETUP command facility
show Show running system information
slip Start Serial-line IP (SLIP)
start-chat Start a chat-script on a line
systat Display information about terminal lines
telnet Open a telnet connection
terminal Set terminal line parameters
test Test subsystems, memory, and interfaces
traceroute Trace route to destination
tunnel Open a tunnel connection
undebug Disable debugging functions (see also 'debug')
verify Verify a file
where List active connections
write Write running configuration to memory, network, or terminal
x28 Become an X.28 PAD
x3 Set X.3 parameters on PAD
Using the Show Command
The show command can tell you all the information you need to analyze or make changes to the router. Note that you do not need to be in privileged mode to execute show commands. All IOS commands can be abbreviated. For instance "show version" and "sh ver" will produce the same output. See the output below:
antares#sh ver
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-D-L), Version 12.0(18b), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Mon 11-Feb-02 02:32 by kellythw
Image text-base: 0x03038A80, data-base: 0x00001000
ROM: System Bootstrap, Version 11.0(10c), SOFTWARE
BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE SOFTWARE (fc1)
antares uptime is 11 minutes
System restarted by reload
System image file is "flash:c2500-d-l.120-18b.bin"
cisco 2500 (68030) processor (revision L) with 14336K/2048K bytes of memory.
Processor board ID 07092223, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
2 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read ONLY)
Configuration register is 0x2102
To view all possible show commands type "sh ?" at the prompt. Note, you will be able to see more show commands when using enable mode. The possible enabled show commands are displayed in the output below:
antares#sh ?
access-expression List access expression
access-lists List access lists
accounting Accounting data for active sessions
aliases Display alias commands
appletalk AppleTalk information
arap Show Appletalk Remote Access statistics
arp ARP table
async Information on terminal lines used as router interfaces
backup Backup status
bridge Bridge Forwarding/Filtering Database [verbose]
buffers Buffer pool statistics
cdp CDP information
clock Display the system clock
compress Show compression statistics
configuration Contents of Non-Volatile memory
controllers Interface controller status
debugging State of each debugging option
decnet DECnet information
dhcp Dynamic Host Configuration Protocol status
dialer Dialer parameters and statistics
dnsix Shows Dnsix/DMDP information
dxi atm-dxi information
entry Queued terminal entries
file Show filesystem information
flash: display information about flash: file system
flh-log Flash Load Helper log buffer
frame-relay Frame-Relay information
history Display the session command history
hosts IP domain-name, lookup style, nameservers, and host table
interfaces Interface status and configuration
ip IP information
ipx Novell IPX information
key Key information
line TTY line information
llc2 IBM LLC2 circuit information
location Display the system location
logging Show the contents of logging buffers
memory Memory statistics
modemcap Show Modem Capabilities database
ntp Network time protocol
ppp PPP parameters and statistics
printers Show LPD printer information
privilege Show current privilege level
processes Active process statistics
protocols Active network routing protocols
queue Show queue contents
queueing Show queueing configuration
registry Function registry information
reload Scheduled reload information
rhosts Remote-host+user equivalences
rif RIF cache entries
rmon rmon statistics
route-map route-map information
rtr Response Time Reporter (RTR)
running-config Current operating configuration
Notice the output shows the router series, IOS version, interfaces, etc. If you are a Linux/UNIX user, you are familiar with the "w" command. For those who don't know typing the letter w at the terminal will show all the users currently logged on. Cisco IOS has a similar command. Typing "systat" will show you all the users logged on, their location, and idle time. See the output below:
antares>systat
0 con 0 idle 00:00:25
2 vty 0 idle 00:00:13 192.168.0.200
* 3 vty 1 idle 00:00:00 192.168.0.5
IOS Settings
Eventually, you will need to make some changes to the routers settings. Below I have illustrated basic commands.
After you have entered Priv mode, setup IP addresses for the interfaces using the following commands:
antares#conf t
Enter configuration commands, one per line. End with CNTL/Z.
antares(config)#int e0
antares(config-if)#
"conf t" is the abbreviation for "configure terminal." This allows you to make any change to the routers running configuration. The next command "int e0" stands for "interface ethernet0." The command works the same for interface ethernet 1 where the command is "int e1." Serial ports can be configured the same way but are called s0 and s1. In order to specify an IP address, you must use the following synax:
ip addr 1.1.1.1 2.2.2.2
where "ip addr" is the IOS command, and the next 6 values are the options. Specify your IP address in place of the 1.1.1.1 and specify your subnet in place of 2.2.2.2. The whole command looks like this:
antares(config-if)#ip addr 192.168.0.15 255.255.255.0
antares(config-if)#
If you make a mistake you will get an indication like:
antares(config-if)#ip addr 392.168.0.15 255.255.255.0
^
% Invalid input detected at '^' marker.
In the above example, 392 is not a valid IP integer.
After you have successfully entered your specified addresses and subnets, you must exit terminal mode and "write" the changes.
antares(config-if)#end
antares#write
Building configuration...
[OK]
antares#
To view the complete configuration of the router, use the "sh run" command. A sample is shown below.
antares#sh run
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname antares
!
aaa new-model
enable secret 5 $1$XDXM$Cy1xLQQp8Z/Y23426Zfmc1
enable password 7 051B012315B411B1D
!
username weaponx password 7 030235234B0A2842
ip subnet-zero
no ip routing
no ip domain-lookup
file prompt quiet
!
!
!
interface Ethernet0
ip address 192.168.0.15 255.255.255.0
no ip directed-broadcast
ip nat outside
no ip route-cache
no ip mroute-cache
no mop enabled
!
interface Ethernet1
no ip address
no ip directed-broadcast
ip nat inside
no ip route-cache
no ip mroute-cache
shutdown
!
interface Serial0
no ip address
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
shutdown
!
interface Serial1
no ip address
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
shutdown
!
ip classless
ip route profile
!
banner motd ^C
This is a private Device!
Unathorized access is prohibited!
^C
!
line con 0
password 7 140543234267B2E21
transport input none
line aux 0
line vty 0 4
password 7 044234351C36434A
!
end
|
