CCNA Certification

CCNA, CCNP, CCIE Certification News

The 10 Cisco IOS Router file management commands you must know

Just like a Windows or Linux operating system, the Cisco IOS has its own list of commands to manipulate files, very similar to DOS/Windows commands. These files could be your IOS router operating system, configuration file, or other type of IOS file. Knowing these file commands is a critical requirement for any Cisco admin.

Let’s look at 10 Cisco IOS file management commands you must know.

#1 dir

This shows a directory list of files on a filesystem. To see the options, type dir ?

Router#dir ?

  /all             List all files
  /recursive       List files recursively
  all-filesystems  List files on all filesystems
  archive:         Directory or file name
  cns:             Directory or file name
  flash:           Directory or file name
  null:            Directory or file name
  nvram:           Directory or file name
  system:          Directory or file name
  tar:             Directory or file name
  tmpsys:          Directory or file name
  xmodem:          Directory or file name
  ymodem:          Directory or file name
  <cr>

Router#

You can think of each of these filesystems almost like disk drives in DOS, where you have to put a colon after the name. So, the nvram is called nvram:. The default is to show a directory of the router’s flash as your default current directory is flash:

Router# dir
Directory of flash:/

    2  -rwx    18929780  Aug 29 2006 15:49:57 +00:00  c870-advipservicesk9-mz.124-15.T5.bin
    3  -rwx        2143  Aug 29 2006 16:42:14 +00:00  running-config

23482368 bytes total (4544512 bytes free)
Router#

Every router will have at least flash memory and nvram (non-volatile random access memory).

#2 cd

Change directory: Use cd to change your current directory to a different device or subdirectory on that device. In the following, when I change my directory to the nvram: filesystem and do a dir, I get a list of nvram. I could also cd to a subdirectory after I have created a directory with mkdir.

Router#cd nvram:
Router#dir
Directory of nvram:/

  126  -rw-        2143                    <no date>  startup-config
  127  ----           5                    <no date>  private-config
  128  -rw-        2143                    <no date>  underlying-config
    1  ----          49                    <no date>  persistent-data
    2  -rw-           0                    <no date>  ifIndex-table
131072 bytes total (116584 bytes free)
Router#

#3 copy

This is used to copy the IOS or a config file from and to somewhere. You would use this to copy the router’s configuration off the router to a TFTP server or just make a local backup of it on the router. You would also use the copy command to upgrade the router with a new IOS from a TFTP server.

Here, I am making a local backup of the router’s running configuration:

Router#copy running-config davids-backup-before-upgrade
Destination filename [davids-backup-before-upgrade]?
2181 bytes copied in 3.052 secs (715 bytes/sec)
Router#

#4 delete and rm

Very simply, you will use delete to delete files and rm to remove folders/directories. Here, I use delete to delete the backup of my config that I just created:

Router#delete davids-backup-before-upgrade
Delete filename [davids-backup-before-upgrade]?
Delete flash:/davids-backup-before-upgrade? [confirm]
Router#

#5 show flash

This is used to show the files in your flash. The command show flash is similar to dir flash: but it provides a little more information on the size and type of flash memory in your router.

Router#show flash
24576K bytes of processor board System flash (Intel Strataflash)
Directory of flash:/
    2  -rwx    18929780  Aug 29 2006 15:49:57 +00:00  c870-advipservicesk9-mz.124-15.T5.bin
    3  -rwx        2181   Oct 4 2006 04:03:00 +00:00  mybackup-today
23482368 bytes total (4544512 bytes free)
Router#

#6 erase and format

It can be a bit confusing why you would erase one type of filesystem, but format another. What you really need to know is that you format flash devices and erase nvram. There are other types of filesystems, and you may erase or format them, depending on their type. The erase command is most used when you want to wipe out the router’s configuration and start with a default configuration. This is done with erase startup-configuration.

Router# erase ?
  /all                       Erase all files(in NVRAM)
  /no-squeeze-reserve-space  Do not reserve space for squeeze operation
  flash:                     Filesystem to be erased
  nvram:                     Filesystem to be erased
  startup-config             Erase contents of configuration memory

Router# format ?
  flash:  Filesystem to be formatted

Router#

#7 more

This shows a text / configuration file. Let’s say that you want to view a backup configuration file that you created. Just use the more command to view it:

Router# more my-backup-config
!
version 12.4
parser config cache interface
parser config interface
{config truncated}

#8 verify

This is used to verify the checksum or compute a MD5 signature for a file.

Router#verify flash:c870-advipservicesk9-mz.124-15.T5.bin
Verifying file integrity of flash:c870-advipservicesk9-mz.124-15.T5.bin.......{truncated}............ Done!
Embedded Hash   MD5 : CA8AEC573B197AEC6BD5892DE23C4754
Computed Hash   MD5 : CA8AEC573B197AEC6BD5892DE23C4754
CCO Hash        MD5 : 9D39672246853C0F31533B6BCB21DFE5
Embedded hash verification successful.
File system hash verification failed for file flash:c870-advipservicesk9-mz.124-15.T5.bin(No such file or directory).
Router#

#9 mkdir

Just like in DOS, you use mkdir to create a directory/folder. I would do this to perhaps create an archive folder for backup configurations or old IOS files.

Router# mkdir backup-configs
Create directory filename [backup-configs]?
Created dir flash:backup-configs
Router#

#10 fsck

FAT filesystem check is typically used to check your flash filesystem integrity. You may do this if you have experienced some corruption of your IOS files in flash.

Router# fsck
Fsck operation may take a while. Continue? [confirm]
.....{truncated}.......
Fsck of flash: complete
Router#

While there are so many reasons to use file system commands like these, if I had to select three of the most practical uses for some of the commands listed above, here is my list:

  1. Navigating the Cisco IOS filesystems — knowing what configuration files and what IOS files are on the router, perhaps before performing an upgrade.
  2. Back up your configuration to the local router or off to a TFTP server, again, perhaps before a backup
  3. Performing an upgrade of the Cisco IOS by copying the IOS from a TFTP server to the router.

It’s very important to understand IOS file management commands, what those commands are, and how you can use them in the real world. You don’t want to be stumbling to restore your IOS when the primary IOS is corrupt!

Technorati Tags: ,

April 1, 2009 Posted by | BCMSN, CCNA, CCNP, CCSP, Tech, Technology | 1 Comment

Viva IPv6

It’s alive, but not quite ready. And it might be slowing down network response. You have some options for disabling IPv6 for now.

IPv6 is coming, yet at what appears to be a glacial pace. The problem, though, is that IPv6’s prevalence in Windows Vista and Windows Server 2008 means that these OSs at times tend to give an IPv6 response to a network request instead of the IPv4 answer we’re used to seeing.

When this happens, it can be cumbersome to troubleshoot what problem is affecting the server or desktop, doubly so when you’re not familiar with IPv6’s addressing scheme or nomenclature.

Among others, there are two things you can do that can assist with keeping IPv6 out of the picture for now, at least until global warming speeds IPv6’s glacial melt-off. The first is the “-4” switch used with the ping command. IPv6 responses to ping requests can be confusing, so this switch forces ping to use IPv4 for the query. To use this switch, simply enter it before the hostname you want to ping, as in:

ping -4 {hostname}

Another option is to disable IPv6 functionality entirely. This can be done by editing the registry. In the location HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\ create a registry DWORD value titled DisabledComponents. Set the data for this value to 0xffffffff to disable all IPv6 components except for the IPv6 loopback interface. This setting also configures the computer to prefer IPv4 over IPv6. Restart the computer for the setting to take effect.

Later on, when you implement IPv6 in your network, simply reset this value’s data to 0 and reboot again and you’re merrily on your way to the networking of tomorrow.

May 28, 2008 Posted by | Tech, Technology | | Leave a comment

Subnetting: Beyond CCNA?

Question:At my work, we have multiple networks set up across the world and I was looking over a listing of how our networks are subnetted. Here’s an example of how we’re set up on one of our networks:

Subnet id of 150.100.204.96
Range of .97 – .110
Broadcast of .111 on a subnet mask of /28 and the next subnet is
150.100.204.112-143 /27

It does work, but it seems contradictory to what’s taught in the basic CCNA courses. Is this typical advanced subnetting that I just haven’t learned or read about?

Answer:

Based on your IP subnets there, it looks like you’re running into the logical dilemma of mixing different types of subnets all next to each other.

If we used only /28s, we would expect:

150.100.0.0 (Giving hosts from .1 through .14 with a broadcast of .15.)
150.100.0.16 (Giving hosts from .17 through .30 with a broadcast of .31.)
150.100.0.32 (You get the point, so I won’t list them all!)
150.100.0.48
150.100.0.64
150.100.0.80
150.100.0.96
150.100.0.112
150.100.0.128
150.100.0.144
150.100.0.160
150.100.0.176
150.100.0.192
150.100.0.208
150.100.0.224
150.100.0.240

Now, if we had /27s, we would expect:

150.100.0.0 (Giving hosts from .1 through .30 with a broadcast of .31.)
150.100.0.32 (Giving hosts from .33 through .62 with a broadcast of .63.)
150.100.0.64 (Again, you get the point.)
150.100.0.96
150.100.0.128
150.100.0.160
150.100.0.192
150.100.0.224

I believe that’s the way we try to learn things in the CCNA/CCENT training. Mostly, we do that in order to be able to grasp the concepts of binary and how the router looks at things without running the risk of our heads exploding. What the router really looks at is pure binary groups, and as long as there’s no overlap, we’re good to go.

So notice the groupings we can have in the two lists. We all should’ve learned why we cannot have 150.100.0.80/27 as an example. While it makes perfect sense from a counting standpoint that this would allow from .81 to .110 as host addresses, it doesn’t work because of “crossing a bit boundary” (of .96) in the middle of it.

As long as we don’t cross any bit boundaries, though, we’re able to mix and match however we’d like to see things done and in any particular order (get ready for a little headache).

On a single router, or anywhere within my network, I could have:

150.100.0.0/26 (Gives us from .1 to .62 as hosts and .63 as broadcast.)
150.100.0.64/28 (Gives us from .65 to .78 as hosts and .79 as broadcast.
150.100.0.80/29 (Gives us from .81 to .86 as hosts and .87 as broadcast.)
150.100.0.88/30 (Gives us from .89 to .90 as hosts and .91 as broadcast.)
150.100.0.92/31 (Gives us a point to point link with .92 and .93 usable.)
150.100.0.94/31 (Gives us a point to point link with .94 and .95 usable.)
150.100.0.96/27 (Gives us from .97 to .126 as hosts and .127 as broadcast.)
150.100.0.128/25 (Gives us from .129 to .254 as hosts and .255 as broadcast.)

We could have interfaces/networks with all of those subnets, all at the same time, because each and every one of them is contained within a bit boundary based on its netmask.

The router works in a purely binary world. So as long as each separate thing doesn’t violate any rule (like overlap another interface, or cross a bit boundary), then life is good!

CCNA/CCENT training gives us the building blocks by which we can make everything possible, but it’s often not the only way that we have to do things. I know that some people get very irritated by that, but think about it a different way.When you were first learning the concepts of multiplication and division, would it have been nice for your teacher to make you divide two fractions? Or give some long, heinous math problem involving parentheses and stuff? We certainly know now that it’s possible, but at that point in time, our heads would have exploded!

As you progress in networking, and certainly as you get into the world of CCIE, you’ll get to discover all sorts of things that make you go “hmm.” But I hope this at least helps give you a better understanding of the way routers think about things!

March 27, 2008 Posted by | CCNA, CCNP, Education, Tech, Technology | | 1 Comment

CCVP GETS A FACELIFT

With all the changes and advances in IP telephony, Cisco announced that it’s “enhancing” its Cisco Certified Voice Professional (CCVP) certification.

This certification requires five exams beyond the Cisco Certified Network Associate (CCNA) and focuses on integrating IP telephony solutions into underlying network architectures, as well as the ability to implement, configure and troubleshoot. Those who earn the certification are expected to know PSTN, VoIP, signaling protocols, voice gateways, gatekeepers and the Cisco Unified Border Element (CUBE).

Read the full article here.

March 27, 2008 Posted by | CCNA, CCNP, CCSP, Education, News, Tech, Technology | , , | Leave a comment

BOOK OF THE WEEK: CCNP ONT OFFICIAL EXAM CERTIFICATION GUIDE

CCNP certification continues to hold its value in the marketplace,and Cisco Press continues to put out high-quality study guides for the exams.

One of the newest entries in the line is Amir Ranjbar’s “CCNP ONT Official Exam Certification Guide.” Targeted at exam 642-845, this book walks through the objectives in an understandable manner and condenses what you need to know into a manageable package.

Tags: CCNP, CCNP Certification

July 13, 2007 Posted by | CCNP, Education, Tech, Technology | Leave a comment

Cisco CCNP Exam: Defining Collision Domains

CCNA exam success depends on mastering the fundamentals, and two important fundamentals are knowing exactly what the terms “collision domain” and  “broadcast domain” mean.

In this free Cisco tutorial, we’ll take a look at the term “collision domain” and how a collision domain is defined.

A collision domain is an area in which a collision can occur. Fair enough, but what “collision” are we talking about here?

We’re talking about collisions that occur on CSMA/CD segments, or Carrier Sense Multiple Access with Collision Detection.

If two hosts on an Ethernet segment transmit data at exactly the same time, the data from the two hosts will collide on the shared segment.

CSMA/CD exists to lessen the chances of this happening, but collisions can still occur. To lessen the chances of collisions occurring, we may decide to create multiple, smaller collision domains.

Lets say we have four hosts on a single Ethernet segment. The entire segment is a collision domain; any data sent by one of the hosts can collide with data sent by any of the other hosts. We have one collision domain containing four devices.

To create smaller collision domains, we’ll need to introduce some type of networking device into this example.

Hubs and repeaters have their place as far as extending the reach of a network segment and cutting down on attenuation, but these OSI Layer One devices do nothing to define collision domains. We could connect each host into a separate port on a hub (a hub is basically a multiport repeater) and we’d still have one single collision domain with four hosts in it.

The most common and most effective way to create multiple collision domains is to use a switch.

If we connect each of these four hosts to their own separate switch port, we would now have four separate collision domains, each with one host; each switch port actually acts as a single collision domain, making collisions between these four hosts impossible.

Passing the CCNA is all about knowing the details of how things work, and knowing CSMA/CD theory and how to define collision domains is one of the many details youve got to master.

In the next part of this CCNA tutorial, we’ll take a look at broadcast domains, and how defining broadcast domains in the right places can dramatically cut down on unnecessary traffic on your network.

January 19, 2007 Posted by | CCNA, CCNP, Education, Tech, Technology | Leave a comment

Cisco CCNA Certification: Port-Based Authentication

To pass your CCNA exam and earn this coveted certification, you must understand the details of port-based authentication.

This knowledge has a great deal of value in production networks as well, since this authentication scheme is regularly implemented. Let’s take a look at this particular CCNA skill.

Consider a situation where you have a server that will be connected to your switch, and you want the port to shut down if a device with a different MAC address that that of the switch attempts to connect to that port. You could also have a situation where you have someone who has a connection to a switch port in his office, and he wants to make sure that only his laptop can use that port.

Both of these examples are real-world situations, and there are two solutions for each. First, we could create a static MAC entry for that particular switch port. I don’t recommend this, mainly because both you and I have better things to do than manage static MAC entries. The better solution is to configure port-based authentication on the switch.

The Cisco switch uses MAC addresses to enforce port security. With port
security, only devices with certain MAC addresses can connect to the port successfully. This is another reason source MACs are looked at before the destination MAC is examined. If the source MAC is non-secure and port-based authentication is in effect, the destination does not matter, as the frame will not be forwarded. In essence, the source MAC address serves as the password.

MAC addresses that are allowed to successfully communicate with the switch port are secure MAC addresses. The default number of secure MAC addresses is 1, but a maximum of 132 secure MACs can be configured.

When a non-secure MAC address attempts to communicate with the switch port, one of three actions will occur, depending on the port security mode. In Protect mode, frames with non-secure MAC addresses are dropped. There is no notification that a violation has occurred. The port will continue to switch frames for the secure MAC address.

In Restrict mode, the same action is taken, but a syslog message is logged via SNMP, which is a messaging protocol used by Cisco routers.

In Shutdown mode, the interface goes into error-disabled state, the port LED will go out, and a syslog message is logged. The port has to be manually reopened. Shutdown mode is the default port-security mode.

Port-based authentication is just one of the many switching skills you’ll have to demonstrate to earn your CCNA certification. Make sure you know the basics shown here, including the action of each particular mode, and you’re on your way to CCNA exam success!

CCNA Home

June 9, 2006 Posted by | CCNA, Education, Tech | Leave a comment