CCNA Certification

CCNA, CCNP, CCIE Certification News

The 10 Cisco IOS Router file management commands you must know

Just like a Windows or Linux operating system, the Cisco IOS has its own list of commands to manipulate files, very similar to DOS/Windows commands. These files could be your IOS router operating system, configuration file, or other type of IOS file. Knowing these file commands is a critical requirement for any Cisco admin.

Let’s look at 10 Cisco IOS file management commands you must know.

#1 dir

This shows a directory list of files on a filesystem. To see the options, type dir ?

Router#dir ?

  /all             List all files
  /recursive       List files recursively
  all-filesystems  List files on all filesystems
  archive:         Directory or file name
  cns:             Directory or file name
  flash:           Directory or file name
  null:            Directory or file name
  nvram:           Directory or file name
  system:          Directory or file name
  tar:             Directory or file name
  tmpsys:          Directory or file name
  xmodem:          Directory or file name
  ymodem:          Directory or file name


You can think of each of these filesystems almost like disk drives in DOS, where you have to put a colon after the name. So, the nvram is called nvram:. The default is to show a directory of the router’s flash as your default current directory is flash:

Router# dir
Directory of flash:/

    2  -rwx    18929780  Aug 29 2006 15:49:57 +00:00  c870-advipservicesk9-mz.124-15.T5.bin
    3  -rwx        2143  Aug 29 2006 16:42:14 +00:00  running-config

23482368 bytes total (4544512 bytes free)

Every router will have at least flash memory and nvram (non-volatile random access memory).

#2 cd

Change directory: Use cd to change your current directory to a different device or subdirectory on that device. In the following, when I change my directory to the nvram: filesystem and do a dir, I get a list of nvram. I could also cd to a subdirectory after I have created a directory with mkdir.

Router#cd nvram:
Directory of nvram:/

  126  -rw-        2143                    <no date>  startup-config
  127  ----           5                    <no date>  private-config
  128  -rw-        2143                    <no date>  underlying-config
    1  ----          49                    <no date>  persistent-data
    2  -rw-           0                    <no date>  ifIndex-table
131072 bytes total (116584 bytes free)

#3 copy

This is used to copy the IOS or a config file from and to somewhere. You would use this to copy the router’s configuration off the router to a TFTP server or just make a local backup of it on the router. You would also use the copy command to upgrade the router with a new IOS from a TFTP server.

Here, I am making a local backup of the router’s running configuration:

Router#copy running-config davids-backup-before-upgrade
Destination filename [davids-backup-before-upgrade]?
2181 bytes copied in 3.052 secs (715 bytes/sec)

#4 delete and rm

Very simply, you will use delete to delete files and rm to remove folders/directories. Here, I use delete to delete the backup of my config that I just created:

Router#delete davids-backup-before-upgrade
Delete filename [davids-backup-before-upgrade]?
Delete flash:/davids-backup-before-upgrade? [confirm]

#5 show flash

This is used to show the files in your flash. The command show flash is similar to dir flash: but it provides a little more information on the size and type of flash memory in your router.

Router#show flash
24576K bytes of processor board System flash (Intel Strataflash)
Directory of flash:/
    2  -rwx    18929780  Aug 29 2006 15:49:57 +00:00  c870-advipservicesk9-mz.124-15.T5.bin
    3  -rwx        2181   Oct 4 2006 04:03:00 +00:00  mybackup-today
23482368 bytes total (4544512 bytes free)

#6 erase and format

It can be a bit confusing why you would erase one type of filesystem, but format another. What you really need to know is that you format flash devices and erase nvram. There are other types of filesystems, and you may erase or format them, depending on their type. The erase command is most used when you want to wipe out the router’s configuration and start with a default configuration. This is done with erase startup-configuration.

Router# erase ?
  /all                       Erase all files(in NVRAM)
  /no-squeeze-reserve-space  Do not reserve space for squeeze operation
  flash:                     Filesystem to be erased
  nvram:                     Filesystem to be erased
  startup-config             Erase contents of configuration memory

Router# format ?
  flash:  Filesystem to be formatted


#7 more

This shows a text / configuration file. Let’s say that you want to view a backup configuration file that you created. Just use the more command to view it:

Router# more my-backup-config
version 12.4
parser config cache interface
parser config interface
{config truncated}

#8 verify

This is used to verify the checksum or compute a MD5 signature for a file.

Router#verify flash:c870-advipservicesk9-mz.124-15.T5.bin
Verifying file integrity of flash:c870-advipservicesk9-mz.124-15.T5.bin.......{truncated}............ Done!
Embedded Hash   MD5 : CA8AEC573B197AEC6BD5892DE23C4754
Computed Hash   MD5 : CA8AEC573B197AEC6BD5892DE23C4754
CCO Hash        MD5 : 9D39672246853C0F31533B6BCB21DFE5
Embedded hash verification successful.
File system hash verification failed for file flash:c870-advipservicesk9-mz.124-15.T5.bin(No such file or directory).

#9 mkdir

Just like in DOS, you use mkdir to create a directory/folder. I would do this to perhaps create an archive folder for backup configurations or old IOS files.

Router# mkdir backup-configs
Create directory filename [backup-configs]?
Created dir flash:backup-configs

#10 fsck

FAT filesystem check is typically used to check your flash filesystem integrity. You may do this if you have experienced some corruption of your IOS files in flash.

Router# fsck
Fsck operation may take a while. Continue? [confirm]
Fsck of flash: complete

While there are so many reasons to use file system commands like these, if I had to select three of the most practical uses for some of the commands listed above, here is my list:

  1. Navigating the Cisco IOS filesystems — knowing what configuration files and what IOS files are on the router, perhaps before performing an upgrade.
  2. Back up your configuration to the local router or off to a TFTP server, again, perhaps before a backup
  3. Performing an upgrade of the Cisco IOS by copying the IOS from a TFTP server to the router.

It’s very important to understand IOS file management commands, what those commands are, and how you can use them in the real world. You don’t want to be stumbling to restore your IOS when the primary IOS is corrupt!

Technorati Tags: ,

April 1, 2009 Posted by | BCMSN, CCNA, CCNP, CCSP, Tech, Technology | 1 Comment

Subnetting: Beyond CCNA?

Question:At my work, we have multiple networks set up across the world and I was looking over a listing of how our networks are subnetted. Here’s an example of how we’re set up on one of our networks:

Subnet id of
Range of .97 – .110
Broadcast of .111 on a subnet mask of /28 and the next subnet is /27

It does work, but it seems contradictory to what’s taught in the basic CCNA courses. Is this typical advanced subnetting that I just haven’t learned or read about?


Based on your IP subnets there, it looks like you’re running into the logical dilemma of mixing different types of subnets all next to each other.

If we used only /28s, we would expect: (Giving hosts from .1 through .14 with a broadcast of .15.) (Giving hosts from .17 through .30 with a broadcast of .31.) (You get the point, so I won’t list them all!)

Now, if we had /27s, we would expect: (Giving hosts from .1 through .30 with a broadcast of .31.) (Giving hosts from .33 through .62 with a broadcast of .63.) (Again, you get the point.)

I believe that’s the way we try to learn things in the CCNA/CCENT training. Mostly, we do that in order to be able to grasp the concepts of binary and how the router looks at things without running the risk of our heads exploding. What the router really looks at is pure binary groups, and as long as there’s no overlap, we’re good to go.

So notice the groupings we can have in the two lists. We all should’ve learned why we cannot have as an example. While it makes perfect sense from a counting standpoint that this would allow from .81 to .110 as host addresses, it doesn’t work because of “crossing a bit boundary” (of .96) in the middle of it.

As long as we don’t cross any bit boundaries, though, we’re able to mix and match however we’d like to see things done and in any particular order (get ready for a little headache).

On a single router, or anywhere within my network, I could have: (Gives us from .1 to .62 as hosts and .63 as broadcast.) (Gives us from .65 to .78 as hosts and .79 as broadcast. (Gives us from .81 to .86 as hosts and .87 as broadcast.) (Gives us from .89 to .90 as hosts and .91 as broadcast.) (Gives us a point to point link with .92 and .93 usable.) (Gives us a point to point link with .94 and .95 usable.) (Gives us from .97 to .126 as hosts and .127 as broadcast.) (Gives us from .129 to .254 as hosts and .255 as broadcast.)

We could have interfaces/networks with all of those subnets, all at the same time, because each and every one of them is contained within a bit boundary based on its netmask.

The router works in a purely binary world. So as long as each separate thing doesn’t violate any rule (like overlap another interface, or cross a bit boundary), then life is good!

CCNA/CCENT training gives us the building blocks by which we can make everything possible, but it’s often not the only way that we have to do things. I know that some people get very irritated by that, but think about it a different way.When you were first learning the concepts of multiplication and division, would it have been nice for your teacher to make you divide two fractions? Or give some long, heinous math problem involving parentheses and stuff? We certainly know now that it’s possible, but at that point in time, our heads would have exploded!

As you progress in networking, and certainly as you get into the world of CCIE, you’ll get to discover all sorts of things that make you go “hmm.” But I hope this at least helps give you a better understanding of the way routers think about things!

March 27, 2008 Posted by | CCNA, CCNP, Education, Tech, Technology | | 1 Comment


With all the changes and advances in IP telephony, Cisco announced that it’s “enhancing” its Cisco Certified Voice Professional (CCVP) certification.

This certification requires five exams beyond the Cisco Certified Network Associate (CCNA) and focuses on integrating IP telephony solutions into underlying network architectures, as well as the ability to implement, configure and troubleshoot. Those who earn the certification are expected to know PSTN, VoIP, signaling protocols, voice gateways, gatekeepers and the Cisco Unified Border Element (CUBE).

Read the full article here.

March 27, 2008 Posted by | CCNA, CCNP, CCSP, Education, News, Tech, Technology | , , | Leave a comment

How to pass your CCNA exam

Ambition without knowledge is like a boat on dry land. If you truly want to set sail and reach your goal of Cisco certification, you will need several keys to help you reach it. In order to gain the knowledge required to pass the Cisco Certified Network Associate (CCNA) exam, you have to familiarize yourself with various mediums of information.Before I discuss those mediums, however, I want to mention what is most important for success. What is truly required to obtain any Cisco certification is not a tangible item (such as the plethora of books, manuals, PDF documents, Web sites and countless other commercial tools that are out there). It is the psychological fuel that motivates you to follow through with those tools and implement them into your understanding of the exam.

How to pass your CCNA exam

August 22, 2007 Posted by | CCNA, CCNP, Education | 1 Comment

CCNA certification: When to study, what to read

A few years ago, I had lost my driver’s license and with it my job. After a few months of searching, I eventually found a new job, but getting there and back meant an hour and a half each day on the train and a two mile walk to the office from the station.

I quickly realized I needed a way of killing time until I got to work — there was no way I was going to spend 3+ hours of my day staring out of a train window at a blur and having no choice but to listen to someone else’s music blaring out of their earphones.

My network manager at the time had mentioned studying for my CCNA, as there were only a few people there with any real routing/switching knowledge. So I decided that day to go out and buy one of the many CCNA books that were available.

Read the full CCNA certification: When to study, what to read article.

August 22, 2007 Posted by | CCNA, Education | Leave a comment

EIGRP And Split Horizon

EIGRP is a major topic for your CCNA and CCNP studies, and one basic skill you’ll need to pass your Cisco certification exams is to identify situations where you need to enable or disable split horizon.

EIGRP commands tend to be a little different than those used with other protocols, so let’s take a look at how EIGRP and split horizon interoperate.

R1 is our hub router, with R2 and R3 as the spokes. There are no subinterfaces, and each router is advertising a single loopback network using its router number for each octet. R1 will see both R2 and R3’s loopback network, but the spokes will not have a route to the other spoke’s loopback. “show ip route eigrp” verifies this.


EIGRP runs split horizon by default, making it impossible for R1 to forward an advertisement to R2 regarding R3’s loopback. Likewise, R1 cannot advertise R2’s loopback address to R3. We could configure two subinterfaces on R1 to resolve this issue, but here we’re going to disable split horizon instead.


Note that disabling split horizon resulted in the EIGRP adjacencies being torn down. They came back up 20 – 35 seconds after being torn down according to the timestamps, but that’s a good detail to keep in mind!

The routing tables of each spoke should now show the loopback network configured on the remote spoke.


Be careful when disabling split horizon. In this scenario, R1 can and will advertise routes out Serial0 that were learned about on that interface in the first place, and that’s not always desirable. Split horizon is enabled by default for a reason, so be careful when disabling it!

April 2, 2007 Posted by | CCNA, CCNP, Education, EIGRP, Technology | Leave a comment

Cisco CCNA Exam: Five ISDN Details To Remember

CCNA exam success depends on mastering many technologies that are new to you, and few exam topics have more details than ISDN.

ISDN isn’t just for your CCNA exam studies, though. While ISDN is dismissed by many, the fact is that there are many small and mid-size networks out there that use ISDN as their backup to frame relay. Some of these companies have spoke networks that use ISDN to connect to their hub as well, so it’s a great idea to know ISDN configuration and troubleshooting for your real-world career as well as passing the CCNA. With that in mind, let’s take a look at five common ISDN errors and how to avoid them.

With dialer map statements, remember that the phone number you put in the dialer map is the phone number of the remote router, not the local one. Look at it this way – if you want to call a friend on your cell, you don’t pick up your cell and dial your own number!

Speaking of dialer map statements, don’t forget the all-important broadcast option at the end of the command:

R1(config-if)#dialer map ip name R2 broadcast 5555555

The router will accept that command without the “broadcast” option, but routing protocol updates and hellos would not be able to travel across the line. (This command is also needed in frame relay map statements to allow broadcasts and multicasts to be transmitted.)

PAP is PPP’s clear-text authentication scheme, and clear text is a really bad idea. But if you do have to configure it, don’t forget that PAP requires additional configuration -the ppp pap sent-username command.

R1(config-if)#ppp pap sent-username R1 password CISCO
Must set encapsulation to PPP before using PPP subcommands

The error message we got while configuring the sent-username command is another important reminder – by default, a BRI line is running HDLC, not PPP. Since HDLC doesn’t allow us to use either PAP or CHAP, we’ll need to set the link to PPP with the encapsulation ppp command.

R1(config-if)#encapsulation ppp
R1(config-if)#ppp authentication pap
R1(config-if)#ppp pap sent-username R1 password CISCO

But before we configure any of this information, we should configure the ISDN switch-type. Why? Because without the switch-type configuration, it doesn’t matter that we avoid the other four errors – the line will not come up. Configure the switch-type with the “isdn switch-type” command, and then verify it with “show isdn status”.

R1(config)#isdn switch-type basic-ni
R1#show isdn status
Global ISDN Switchtype = basic-ni (output of this command cut here for clarity)

If you forget this part of the configuration, the output of show isdn status wastes no time in reminding you!

R1#show isdn status
**** No Global ISDN Switchtype currently defined ****

ISDN is an important part of your CCNA studies, and this knowledge still comes in handy in production networks as well. Keep studying, notice the details, run those debugs, and you’ll be a CCNA before you know it

February 4, 2007 Posted by | CCNA, Education, ISDN, Technology | Leave a comment

Cisco CCNP Exam: Defining Collision Domains

CCNA exam success depends on mastering the fundamentals, and two important fundamentals are knowing exactly what the terms “collision domain” and  “broadcast domain” mean.

In this free Cisco tutorial, we’ll take a look at the term “collision domain” and how a collision domain is defined.

A collision domain is an area in which a collision can occur. Fair enough, but what “collision” are we talking about here?

We’re talking about collisions that occur on CSMA/CD segments, or Carrier Sense Multiple Access with Collision Detection.

If two hosts on an Ethernet segment transmit data at exactly the same time, the data from the two hosts will collide on the shared segment.

CSMA/CD exists to lessen the chances of this happening, but collisions can still occur. To lessen the chances of collisions occurring, we may decide to create multiple, smaller collision domains.

Lets say we have four hosts on a single Ethernet segment. The entire segment is a collision domain; any data sent by one of the hosts can collide with data sent by any of the other hosts. We have one collision domain containing four devices.

To create smaller collision domains, we’ll need to introduce some type of networking device into this example.

Hubs and repeaters have their place as far as extending the reach of a network segment and cutting down on attenuation, but these OSI Layer One devices do nothing to define collision domains. We could connect each host into a separate port on a hub (a hub is basically a multiport repeater) and we’d still have one single collision domain with four hosts in it.

The most common and most effective way to create multiple collision domains is to use a switch.

If we connect each of these four hosts to their own separate switch port, we would now have four separate collision domains, each with one host; each switch port actually acts as a single collision domain, making collisions between these four hosts impossible.

Passing the CCNA is all about knowing the details of how things work, and knowing CSMA/CD theory and how to define collision domains is one of the many details youve got to master.

In the next part of this CCNA tutorial, we’ll take a look at broadcast domains, and how defining broadcast domains in the right places can dramatically cut down on unnecessary traffic on your network.

January 19, 2007 Posted by | CCNA, CCNP, Education, Tech, Technology | Leave a comment

Cisco CCNA: Password Recovery Procedures

It might happen on your CCNA exam, it might happen on your production network – but sooner or later, you´re going to have to perform password recovery on a Cisco router or switch.

This involves manipulating the router´s configuration register, and that is enough to make some CCNA candidates and network administrators really nervous!

It´s true that setting the configuration register to the wrong value can damage the router, but if you do the proper research before starting the password recovery process, you´ll be fine.

Despite what some books say, there is no “one size fits all” approach to Cisco password recovery. What works on a 2500 router may not work on other routers and switches. There is a great master Cisco document out on the Web that you should bookmark today. Just put “cisco password recovery” in your favorite search engine and you should find it quickly.

The following procedure describes the process in recovering from a lost password on a Cisco 2500 router. As always, don´t practice this at home. It is a good idea to get some practice with this technique in your CCNA / CCNP home lab, though!

The password recovery method examined here is for 2500 routers.

An engineer who finds themselves locked out of a router can view and change the password by changing the configuration register.

The router must first be rebooted and a “break” performed within the first 60 seconds of the boot process. This break sequence can also vary depending on what program is used to access the router, but is the usual key combination.

The router will now be in ROM Monitor mode. From the rom monitor prompt, change the default configuration register of 0x2102 to 0x2142 with the o/r 0x2142 command. Reload the router with the letter i. (As you can see, ROM Monitor mode is a lot different than working with the IOS!)

This particular config register setting will cause the router to ignore the contents of NVRAM. Your startup configuration is still there, but it will be ignored on reload.

When the router reloads, you’ll be prompted to enter Setup mode. Answer “N”, and type enable at the router> prompt.

Be careful here. Type configure memory or copy start run. Do NOT type write memory or copy run start!

Enter the command show running-config. You’ll see the passwords in either their encrypted or unencrypted format.

Type config t, then use the appropriate command to set a new enable secret or enable password.

Don’t forget to change the configuration register setting back to the original value! The command config-register 0x2102 will do the job. Save this change with write memory or copy run start, and then run reload one more time to restart the router.

This process sounds hard, but it´s really not. You just have to be careful, particularly when you´re copying the startup config over the running config. You don´t want to get that backwards! So take your time, check the online Cisco documentation before starting, get some practice with this procedure with lab equipment, and you´ll be ready for success on the CCNA exam and in your production network.

Tag: Cisco, CCNA, password recovery

October 23, 2006 Posted by | CCNA, Password Recovery | Leave a comment

Cisco CCNA Exam: Connected Serial Interfaces

To pass the CCNA exam, you’ve got to master quite a few services and routing protocols that may be new to you.

Between RIP, IGRP, EIGRP, OSPF, and switching, there are hundreds of details you’ve got to absorb! It’s easy to spend all your time on those topics and not pay proper attention to “easier” technologies, and then all of a sudden on exam day you can’t quite remember the details of those particular services.

One setup you’ve got to be more than familiar with is directly connecting serial interfaces on Cisco routers. This is also a valuable skill to have in your home lab, since it allows you to add segments to your network setup.

A Cisco serial interface is operating as a DTE by default. The problem is that when you take a cable and connect two routers directly by their serial interfaces (with a DTE/DCE cable, that is!), they’re both waiting for the other to send them a clock rate. One of the interfaces must act as the DCE and that interface must send the clock rate.

If you can see the DTE/DCE cable, you can tell by looking which router has the DCE interface connected to it – the letters “DTE” or “DCE” will either be molded into the connector itself, or if it’s an older cable there should be a little piece of tape on the cable that tells you what the interface type is. But what if you have no access to the cable, or there are other cables all around it and you can’t see what type it is?

Run the command “show controller serial x”, with x representing the interface number the cable’s connected to. There will be quite a bit of output from this command, but the information you need is right at the top:

R1#show controller serial 1

HD unit 1, idb = 0x1DBFEC, driver structure at 0x1E35D0

buffer size 1524 HD unit 1, V.35 DTE cable

I left off the 16 or so rows of information that comes after this, but this is the information we need right now. If R1’s got the DTE cable end, the other router should have the DCE end:

R3#show controller serial 1

HD unit 1, idb = 0x1C44E8, driver structure at 0x1CBAC8

buffer size 1524 HD unit 1, V.35 DCE cable

We know now that R3 needs to supply a clock rate to R1. There’s a hint of a problem in just that little bit of command output – do you see what it is? Let’s run show interface serial1 to get more information.

R3#show int s1

Serial1 is up, line protocol is down

The line protocol is down because there is no clockrate being supplied by R3. If there has been, we would have seen that in the output of show controllers serial 1.

This is simple enough to fix, though! We’ll use the command clockrate 56000 on R3’s serial1 interface, and the line protocol will soon come up.

R3(config)#int s1

R3(config-if)#clockrate 56000

1w2d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to up

This is a simple concept, but there are a few details you must keep in mind! For a home lab configuration, you’ll need a DTE/DCE cable to make this work. If you cannot see the cable connectors, run show controllers serial x to see if the router has the DTE or DCE end of the cable attached. On the interface with the DCE attached, use the clockrate command to bring the line protocol up. It’s just that simple!


October 23, 2006 Posted by | CCNA | Leave a comment