Cisco IOS Cheat Sheet - ROUTER COMMANDS
TERMINAL CONTROLS:
• Config# terminal editing - allows for enhanced editing commands
• Config# terminal monitor - shows output on telnet session
• Config# terminal ip netmask-format hexadecimal|bit-count|decimal - changes the format of subnet masks
HOST NAME:
• Config# hostname ROUTER_NAME
BANNER:
• Config# banner motd # TYPE MESSAGE HERE # - # can be substituted for any character, must start and finish the message
DESCRIPTIONS:
• Config# description THIS IS THE SOUTH ROUTER - can be entered at the Config-if level
CLOCK:
• Config# clock timezone Central -6
# clock set hh:mm:ss dd month yyyy - Example: clock set 14:35:00 25 August 2003
CHANGING THE REGISTER:
• Config# config-register 0x2100 - ROM Monitor Mode
• Config# config-register 0x2101 - ROM boot
• Config# config-register 0x2102 - Boot from NVRAM
BOOT SYSTEM:
• Config# boot system tftp FILENAME SERVER_IP - Example: boot system tftp 2600_ios.bin 192.168.14.2
• Config# boot system ROM
• Config# boot system flash - Then - Config# reload
CDP:
• Config# cdp run - Turns CDP on
• Config# cdp holdtime 180 - Sets the time that a device remains. Default is 180
• Config# cdp timer 30 - Sets the update timer.The default is 60
• Config# int Ethernet 0
• Config-if# cdp enable - Enables cdp on the interface
• Config-if# no cdp enable - Disables CDP on the interface
• Config# no cdp run - Turns CDP off
HOST TABLE:
• Config# ip host ROUTER_NAME INT_Address - Example: ip host lab-a 192.168.5.1
-or-
• Config# ip host RTR_NAME INT_ADD1 INT_ADD2 INT_ADD3 - Example: ip host lab-a 192.168.5.1 205.23.4.2 199.2.3.2 - (for e0, s0, s1)
DOMAIN NAME SERVICES:
• Config# ip domain-lookup - Tell router to lookup domain names
• Config# ip name-server 122.22.2.2 - Location of DNS server
• Config# ip domain-name cisco.com - Domain to append to end of names
CLEARING COUNTERS:
• # clear interface Ethernet 0 - Clears counters on the specified interface
• # clear counters - Clears all interface counters
• # clear cdp counters - Clears CDP counters
STATIC ROUTES:
• Config# ip route Net_Add SN_Mask Next_Hop_Add - Example: ip route 192.168.15.0 255.255.255.0 205.5.5.2
• Config# ip route 0.0.0.0 0.0.0.0 Next_Hop_Add - Default route
-or-
• Config# ip default-network Net_Add - Gateway LAN network
IP ROUTING:
• Config# ip routing - Enabled by default
• Config# router rip
-or-
• Config# router igrp 100
• Config# interface Ethernet 0
• Config-if# ip address 122.2.3.2 255.255.255.0
• Config-if# no shutdown
IPX ROUTING:
• Config# ipx routing
• Config# interface Ethernet 0
• Config# ipx maximum-paths 2 - Maximum equal metric paths used
• Config-if# ipx network 222 encapsulation sap - Also Novell-Ether, SNAP, ARPA on Ethernet. Encapsulation HDLC on serial
• Config-if# no shutdown
ACCESS LISTS:
IP Standard 1-99
IP Extended 100-199
IPX Standard 800-899
IPX Extended 900-999
IPX SAP Filters 1000-1099
IP STANDARD:
• Config# access-list 10 permit 133.2.2.0 0.0.0.255 - allow all src ip’s on network 133.2.2.0
-or-
• Config# access-list 10 permit host 133.2.2.2 - specifies a specific host
-or-
• Config# access-list 10 permit any - allows any address
• Config# int Ethernet 0
• Config-if# ip access-group 10 in - also available: out
IP EXTENDED:
• Config# access-list 101 permit tcp 133.12.0.0 0.0.255.255 122.3.2.0 0.0.0.255 eq telnet
-protocols: tcp, udp, icmp, ip (no sockets then), among others
-source then destination address
-eq, gt, lt for comparison
-sockets can be numeric or name (23 or telnet, 21 or ftp, etc)
-or-
• Config# access-list 101 deny tcp any host 133.2.23.3 eq www
-or-
• Config# access-list 101 permit ip any any
• Config# interface Ethernet 0
• Config-if# ip access-group 101 out
IPX STANDARD:
• Config# access-list 801 permit 233 AA3 - source network/host then destination network/host
-or-
• Config# access-list 801 permit -1 -1 - “-1” is the same as “any” with network/host addresses
• Config# interface Ethernet 0
• Config-if# ipx access-group 801 out
IPX EXTENDED:
• Config# access-list 901 permit sap 4AA all 4BB all
- Permit protocol src_add socket dest_add socket
-“all” includes all sockets, or can use socket numbers
-or-
• Config# access-list 901 permit any any all any all
-Permits any protocol with any address on any socket to go anywhere
• Config# interface Ethernet 0
• Config-if# ipx access-group 901 in
IPX SAP FILTER:
• Config# access-list 1000 permit 4aa 3 - “3” is the service type
-or-
• Config# access-list 1000 permit 4aa 0 - service type of “0” matches all services
• Config# interface Ethernet 0
• Config-if# ipx input-sap-filter 1000 - filter applied to incoming packets
-or-
• Config-if# ipx output-sap-filter 1000 - filter applied to outgoing packets
NAMED ACCESS LISTS:
• Config# ip access-list standard LISTNAME
-can be ip or ipx, standard or extended
-followed by the permit or deny list
• Config# permit any
• Config-if# ip access-group LISTNAME in
-use the list name instead of a list number
-allows for a larger amount of access-lists
PPP SETUP:
• Config-if# encapsulation ppp
• Config-if# ppp authentication chap pap
-order in which they will be used
-only attempted with the authentification listed
-if one fails, then connection is terminated
• Config-if# exit
• Config# username Lab-b password 123456
-username is the router that will be connecting to this one
-only specified routers can connect
-or-
• Config-if# ppp chap hostname ROUTER
• Config-if# ppp chap password 123456
-if this is set on all routers, then any of them can connect to any other
-set same on all for easy configuration
ISDN SETUP:
• Config# isdn switch-type basic-5ess - determined by telecom
• Config# interface serial 0
• Config-if# isdn spid1 2705554564 - isdn “phonenumber” of line 1
• Config-if# isdn spid2 2705554565 - isdn “phonenumber” of line 2
• Config-if# encapsulation PPP - or HDLC, LAPD
DDR - 4 Steps to setting up ISDN with DDR
1. Configure switch type
Config# isdn switch-type basic-5ess - can be done at interface config
2. Configure static routes
Config# ip route 123.4.35.0 255.255.255.0 192.3.5.5 - sends traffic destined for 123.4.35.0 to 192.3.5.5
Config# ip route 192.3.5.5 255.255.255.255 bri0 - specifies how to get to network 192.3.5.5 (through bri0)
3. Configure Interface
Config-if# ip address 192.3.5.5 255.255.255.0
Config-if# no shutdown
Config-if# encapsulation ppp
Config-if# dialer-group 1 - applies dialer-list to this interface
Config-if# dialer map ip 192.3.5.6 name Lab-b 5551212
connect to lab-b at 5551212 with ip 192.3.5.6 if there is interesting traffic
can also use “dialer string 5551212” instead if there is only one router to connect to
4. Specify interesting traffic
Config# dialer-list 1 ip permit any
-or-
Config# dialer-list 1 ip list 101 - use the access-list 101 as the dialer list
5. Other Options
Config-if# hold-queue 75 - queue 75 packets before dialing
Config-if# dialer load-threshold 125 either
-load needed before second line is brought up
-“125” is any number 1-255, where % load is x/255 (ie 125/255 is about 50%)
-can check by in, out, or either
Config-if# dialer idle-timeout 180
-determines how long to stay idle before terminating the session
-default is 120
FRAME RELAY SETUP:
• Config# interface serial 0
• Config-if# encapsulation frame-relay - cisco by default, can change to ietf
• Config-if# frame-relay lmi-type cisco - cisco by default, also ansi, q933a
• Config-if# bandwidth 56
• Config-if# interface serial 0.100 point-to-point - subinterface
• Config-if# ip address 122.1.1.1 255.255.255.0
• Config-if# frame-relay interface-dlci 100
-maps the dlci to the interface
-can add BROADCAST and/or IETF at the end
• Config-if# interface serial 1.100 multipoint
• Config-if# no inverse-arp - turns IARP off; good to do
• Config-if# frame-relay map ip 122.1.1.2 48 ietf broadcast
-maps an IP to a dlci (48 in this case)
-required if IARP is turned off
-ietf and broadcast are optional
• Config-if# frame-relay map ip 122.1.1.3 54 broadcast
• Config# terminal editing - allows for enhanced editing commands
• Config# terminal monitor - shows output on telnet session
• Config# terminal ip netmask-format hexadecimal|bit-count|decimal - changes the format of subnet masks
HOST NAME:
• Config# hostname ROUTER_NAME
BANNER:
• Config# banner motd # TYPE MESSAGE HERE # - # can be substituted for any character, must start and finish the message
DESCRIPTIONS:
• Config# description THIS IS THE SOUTH ROUTER - can be entered at the Config-if level
CLOCK:
• Config# clock timezone Central -6
# clock set hh:mm:ss dd month yyyy - Example: clock set 14:35:00 25 August 2003
CHANGING THE REGISTER:
• Config# config-register 0x2100 - ROM Monitor Mode
• Config# config-register 0x2101 - ROM boot
• Config# config-register 0x2102 - Boot from NVRAM
BOOT SYSTEM:
• Config# boot system tftp FILENAME SERVER_IP - Example: boot system tftp 2600_ios.bin 192.168.14.2
• Config# boot system ROM
• Config# boot system flash - Then - Config# reload
CDP:
• Config# cdp run - Turns CDP on
• Config# cdp holdtime 180 - Sets the time that a device remains. Default is 180
• Config# cdp timer 30 - Sets the update timer.The default is 60
• Config# int Ethernet 0
• Config-if# cdp enable - Enables cdp on the interface
• Config-if# no cdp enable - Disables CDP on the interface
• Config# no cdp run - Turns CDP off
HOST TABLE:
• Config# ip host ROUTER_NAME INT_Address - Example: ip host lab-a 192.168.5.1
-or-
• Config# ip host RTR_NAME INT_ADD1 INT_ADD2 INT_ADD3 - Example: ip host lab-a 192.168.5.1 205.23.4.2 199.2.3.2 - (for e0, s0, s1)
DOMAIN NAME SERVICES:
• Config# ip domain-lookup - Tell router to lookup domain names
• Config# ip name-server 122.22.2.2 - Location of DNS server
• Config# ip domain-name cisco.com - Domain to append to end of names
CLEARING COUNTERS:
• # clear interface Ethernet 0 - Clears counters on the specified interface
• # clear counters - Clears all interface counters
• # clear cdp counters - Clears CDP counters
STATIC ROUTES:
• Config# ip route Net_Add SN_Mask Next_Hop_Add - Example: ip route 192.168.15.0 255.255.255.0 205.5.5.2
• Config# ip route 0.0.0.0 0.0.0.0 Next_Hop_Add - Default route
-or-
• Config# ip default-network Net_Add - Gateway LAN network
IP ROUTING:
• Config# ip routing - Enabled by default
• Config# router rip
-or-
• Config# router igrp 100
• Config# interface Ethernet 0
• Config-if# ip address 122.2.3.2 255.255.255.0
• Config-if# no shutdown
IPX ROUTING:
• Config# ipx routing
• Config# interface Ethernet 0
• Config# ipx maximum-paths 2 - Maximum equal metric paths used
• Config-if# ipx network 222 encapsulation sap - Also Novell-Ether, SNAP, ARPA on Ethernet. Encapsulation HDLC on serial
• Config-if# no shutdown
ACCESS LISTS:
IP Standard 1-99
IP Extended 100-199
IPX Standard 800-899
IPX Extended 900-999
IPX SAP Filters 1000-1099
IP STANDARD:
• Config# access-list 10 permit 133.2.2.0 0.0.0.255 - allow all src ip’s on network 133.2.2.0
-or-
• Config# access-list 10 permit host 133.2.2.2 - specifies a specific host
-or-
• Config# access-list 10 permit any - allows any address
• Config# int Ethernet 0
• Config-if# ip access-group 10 in - also available: out
IP EXTENDED:
• Config# access-list 101 permit tcp 133.12.0.0 0.0.255.255 122.3.2.0 0.0.0.255 eq telnet
-protocols: tcp, udp, icmp, ip (no sockets then), among others
-source then destination address
-eq, gt, lt for comparison
-sockets can be numeric or name (23 or telnet, 21 or ftp, etc)
-or-
• Config# access-list 101 deny tcp any host 133.2.23.3 eq www
-or-
• Config# access-list 101 permit ip any any
• Config# interface Ethernet 0
• Config-if# ip access-group 101 out
IPX STANDARD:
• Config# access-list 801 permit 233 AA3 - source network/host then destination network/host
-or-
• Config# access-list 801 permit -1 -1 - “-1” is the same as “any” with network/host addresses
• Config# interface Ethernet 0
• Config-if# ipx access-group 801 out
IPX EXTENDED:
• Config# access-list 901 permit sap 4AA all 4BB all
- Permit protocol src_add socket dest_add socket
-“all” includes all sockets, or can use socket numbers
-or-
• Config# access-list 901 permit any any all any all
-Permits any protocol with any address on any socket to go anywhere
• Config# interface Ethernet 0
• Config-if# ipx access-group 901 in
IPX SAP FILTER:
• Config# access-list 1000 permit 4aa 3 - “3” is the service type
-or-
• Config# access-list 1000 permit 4aa 0 - service type of “0” matches all services
• Config# interface Ethernet 0
• Config-if# ipx input-sap-filter 1000 - filter applied to incoming packets
-or-
• Config-if# ipx output-sap-filter 1000 - filter applied to outgoing packets
NAMED ACCESS LISTS:
• Config# ip access-list standard LISTNAME
-can be ip or ipx, standard or extended
-followed by the permit or deny list
• Config# permit any
• Config-if# ip access-group LISTNAME in
-use the list name instead of a list number
-allows for a larger amount of access-lists
PPP SETUP:
• Config-if# encapsulation ppp
• Config-if# ppp authentication chap pap
-order in which they will be used
-only attempted with the authentification listed
-if one fails, then connection is terminated
• Config-if# exit
• Config# username Lab-b password 123456
-username is the router that will be connecting to this one
-only specified routers can connect
-or-
• Config-if# ppp chap hostname ROUTER
• Config-if# ppp chap password 123456
-if this is set on all routers, then any of them can connect to any other
-set same on all for easy configuration
ISDN SETUP:
• Config# isdn switch-type basic-5ess - determined by telecom
• Config# interface serial 0
• Config-if# isdn spid1 2705554564 - isdn “phonenumber” of line 1
• Config-if# isdn spid2 2705554565 - isdn “phonenumber” of line 2
• Config-if# encapsulation PPP - or HDLC, LAPD
DDR - 4 Steps to setting up ISDN with DDR
1. Configure switch type
Config# isdn switch-type basic-5ess - can be done at interface config
2. Configure static routes
Config# ip route 123.4.35.0 255.255.255.0 192.3.5.5 - sends traffic destined for 123.4.35.0 to 192.3.5.5
Config# ip route 192.3.5.5 255.255.255.255 bri0 - specifies how to get to network 192.3.5.5 (through bri0)
3. Configure Interface
Config-if# ip address 192.3.5.5 255.255.255.0
Config-if# no shutdown
Config-if# encapsulation ppp
Config-if# dialer-group 1 - applies dialer-list to this interface
Config-if# dialer map ip 192.3.5.6 name Lab-b 5551212
connect to lab-b at 5551212 with ip 192.3.5.6 if there is interesting traffic
can also use “dialer string 5551212” instead if there is only one router to connect to
4. Specify interesting traffic
Config# dialer-list 1 ip permit any
-or-
Config# dialer-list 1 ip list 101 - use the access-list 101 as the dialer list
5. Other Options
Config-if# hold-queue 75 - queue 75 packets before dialing
Config-if# dialer load-threshold 125 either
-load needed before second line is brought up
-“125” is any number 1-255, where % load is x/255 (ie 125/255 is about 50%)
-can check by in, out, or either
Config-if# dialer idle-timeout 180
-determines how long to stay idle before terminating the session
-default is 120
FRAME RELAY SETUP:
• Config# interface serial 0
• Config-if# encapsulation frame-relay - cisco by default, can change to ietf
• Config-if# frame-relay lmi-type cisco - cisco by default, also ansi, q933a
• Config-if# bandwidth 56
• Config-if# interface serial 0.100 point-to-point - subinterface
• Config-if# ip address 122.1.1.1 255.255.255.0
• Config-if# frame-relay interface-dlci 100
-maps the dlci to the interface
-can add BROADCAST and/or IETF at the end
• Config-if# interface serial 1.100 multipoint
• Config-if# no inverse-arp - turns IARP off; good to do
• Config-if# frame-relay map ip 122.1.1.2 48 ietf broadcast
-maps an IP to a dlci (48 in this case)
-required if IARP is turned off
-ietf and broadcast are optional
• Config-if# frame-relay map ip 122.1.1.3 54 broadcast
No comments:
Post a Comment