Routing - Initial Routing Configurartion
CISCO -800 SERIES ( CIS 851/857 )
good for lab purpose
small office use
home use
wireless
supports VPN connection
routing
has built in switch
CISCO 2800 SERIES ( examples : CIS 3800 ,CIS 7000)
Good for medium to large business network
all run on same IOS
faster and efficient
Main Interfaces
Usb port - to put encryption key or to plug in the usb key for flash and IOS images purposes etc.
Fast Ethernet - to connect Lan ,Internet like different networks
T1 Interfaces - for bigger network,to connect private Wan,Internet or other private networks etc.
WIC card - eg WIC 1T- has serial ports for networking to connect different networks,serial interface
Switch Interfaces - switch ports to connect PC's
Router Boot and Initial Configuration :
commands :
enable
disable
configure terminal
ctrl z
interface
setup
ip routing
no ip routing
?
co?
configure ?
show
Configuration Files
configure terminal
show running-config
show start-up config
copy start-up config running config
copy running-config start-up config
erase starup-config
copy tftp running-config
copy running-config tftp
Ip address configuation
enable Password
configure terminal
interface ethernet 0/1
ip address 192.168.10.1 255.255.255.0
ctrl z
Routing protocol configuration
enable
configure terminal
router rip
network 192.168.10.1
no router rip
Other useful command
specify a RIP version
ip rip send version 1
ip rip send version 2
ip rip send version 1 2
ip rip receive version 1
ip rip receive version 2
ip rip receive version 1 2
Enable or disable split horizon
ip split horizon
no ip split horizon
Open Shortest Path First (OSPF)
enable
configure terminal
router ospf process-id
show process
network 192.168.1.0 255.255.255.0 area 0.0.0.0
no router ospf
Other Useful commands
ip ospf cost cost
ip ospf retransmit-interval seconds
ip ospf transmit-delay seconds
ip ospf priority number
ip ospf hello-interval seconds
ip ospf dead-interval seconds
ip ospf authentication-key password
Interior Gateway Routing Protocol
router igrp autonomus system
network network_number
Disable holddown
no metric holddown
Enforce a Maximum Network Diameter
metric maximum-hops hops
To turn off IGRP
no router igrp
Broadway Gateway Protocol (BGP)
Enable BGP routing
router bgp autonomous system
network network number mask mask number route-map route-map-name
Configure BGP neighbours
neighbour (ip address/peer-group-name) remote-as (number)
Reset BGP connections
clear ip bgp
clear ip bgp*
To Turn Off BGP
no router bgp
SDM and DHCP Server Configuration
What is SDM?
Security Device Manager
GUI to configure and manage your router,monitor your router ,see the traffic etc
Web based -java application
works on all mainline CISCO routers
It is designed to allow IOS configuration without extensive knowledge
Configuring your router to support SDM
software download : www.cisco.com/go/sdm
get the username and password by registering with CISCO and you can install SDM on your PC or router or in both.The disadvantage of installing software on router or both pc and router is that you waste the flash memory of a router and make your router slow.
5 Steps
Generate encryption keys that are used for SSH and HTTPS
Turn on HTTP/HTTPS servers on your router
Create a privilege level 15 user account
Configure your VTY ports for user privilege level and to use the local area database
Install Java on your PC and access the router using a web browser
Commands
crypto key generate rsa general-keys
ip http server
ip http secure-server
ip http authentication local
username <username >privilege 15 password <password>
line vty 0 4
privilege level 15
login local
transpot input telnet
transport input telnet ssh
exit
logging buffered 51200 warning
open SDM launcher
enter ip address or hostname
check https enable option
DHCP server configuration
Dynamic host configuration protocol
automated way of giving ip addresses to your devices on a local area network
To assign ip addres manually :
network - properties- manage network connections-choose device- properties-ipv4-properties-choose ip address.
Thats easy for 1 pc but imagine doing manually for 100 pcs ,so we need DHCP
Automatic way : DHCP
handled out from server,router or anywhere where DHCP server is installed
DHCP ip addresses are given for a period of time for 4 days ,8 days,5 hours etc.
So DHCP let the devices burrow the ip address as long as they are active and then devices return them back.
You can go to the DHCP server (say router ) and manually allocate ip address for your server that means you don't want your server's ip address to be changed so you can go to DHCP server and ask it to set ip address (say 192.168.1.100) when you see the device with mac address 00AA.1122.3384.That way your server ip address remains the same.
DHCP server could be router based and windows based with GUI.
Router based DHCP is more stable and windows based DHCP is beneficial as it has GUI feature.
DHCP process that the client go through to get an ip address
DHCP broadcast (hello anybody,i need an ip address)
DHCP offer ( here is an ip 192.168.1.50 for you)
DHCP request ( ok ,great )
DHCP ACK (UNICAST) ( ok good i assign you ip 192.168.1.50)
SDM (GUI)
Configure - additional tasks -DHCP - DHCP Pool -
assign DHCP pool name,pool network,subnet mask-
user defined
starting ip - 192.168.1.20 - ending ip 192.168.1.100 ,days 3
DNS server - 4.2.2.2 ( or whatever internet service provider has given you)
Domain name - home.local
Default gateway - 192.168.1.1
note : cmd - ping win2003-it will automatically add on domain name (home.local)
check - import all DHCP options into the DHCP Server database.
what it does ?
It automatically import ip address,DNS Server,Win Server,Domain name etc ( that has been given from your internet service provider) and assign all of these to clients.
Command
To see the command generated by GUI you can go to edit-preferences-(check) preview commands before generating to router.
commands generated in this case are
ip dhcp pool LAN-addresses
network 192.168.1.0 255.255.255.0
domain-name home.local
dns-server 4.2.2.2
default router 192.168.1.1
import all
lease 3
exit
ip dhcp excluded-address 192.168.1.1 192.168.1.19
ip dhcp excluded-address 192.168.1.101 192.168.1.254
Finally save in SDM i.e. copy running-config start-up config
further command for learning
ipconfig /renew - get a new ip address for any interfaces that are set up for DHCP
show clock - show you the time
show ip dhcp binding
Thats how you configure the DHCP
Next Topic : Implementing Static Routing
Till now routers are configured,telnet,ip address SDM set up now we need to real routing.
The purpose of routers is to stop broadcast and help sending the packets from one network to another.Till now they only know the network they are connected to.
Routing table is list of networks that the router knows how to reach.
Before this lets understand how we do we setup connection and assign ip address in lab
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname Router0
Router0(config)#enable secret cisco
Router0(config)#line console 0
Router0(config-line)#password cisco
Router0(config-line)#line vty 0 4
Router0(config-line)#password cisco
Router0(config-line)#login
Router0(config-line)#exit
Router0(config)#interface fastethernet0/0
Router0(config-if)#ip address 192.168.1.1 255.255.255.0
Router0(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router0(config-if)#
Router0(config-if)#exit
Router0(config)#interface fastethernet0/1
Router0(config-if)#ip address 192.168.2.1 255.255.255.0
Router0(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Router0(config-if)#exit
Router0(config)#exit
Router0#
%SYS-5-CONFIG_I: Configured from console by console
Router0#show running-config
Building configuration...
Current configuration : 582 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router0
!
!
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.2.1 255.255.255.0
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
!
!
!
line con 0
password cisco
line vty 0 4
password cisco
login
!
!
!
end
Router0#
Router0#
Router0#
Router0#
Router0#
Router0#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
Router0#
Now after we set up the router,lets set the ip address,subnet mask and default gateway for pc0 and pc1
Double click pc0 and go to desktop and then ip configuration and set the configuration as follows :
For pc0
ip address : 192.168.1.2
subnet mask : 255.255.255.0
default gateway : 192.168.1.1
For pc 1
ip address : 192.168.2.2
subnet mask : 255.255.255.0
default gateway :192.168.2.1
Now you should be able to ping from pc0 to pc1 to check this open command prompt of pc0 and
ping 192.168.2.2 this should work.
To see this in GUI mode: click the simulation tab on your left hand side of packet tracer.Then click edit filter and uncheck show all and check only ICMP.
put the yellow envelop on pc0 and pc1 and click autocapture/play.This will show you the packet routing in GUI.
Ok ,now lets go back to the previous topic : Implementing Static Routing
PC3 192.168.1.0 network
router2-router3 192.168.2.0 network
PC4-192.168.3.0 network
Now draw this network in packet tracer
Now in this network,the router only know the network that it is directly connected to and don't know how to reach to the network that is connected via another router.To facilitate communication between both PC's here, both routers should know the network that it is not directly connected to.
that means we should tell 192.168.1.0/24 router to go to the network 192.168.3.0/24 via default gateway network 192.168.2.0.
commands:
ip route 192.168.3.0 255.255.255.0 192.168.2.2
(this means to get to the network 192.168.3.0 255.255.255.0 the router1 should use default gateway 192.168.2.2)
similarly on router2
ip route 192.168.1.0 255.255.255.0 192.168.2.1
(this means to get to the network 192.168.1.0 255.255.255.0 the router2 should use default gateway 192.168.2.1)
This way both way communication is enabled.
show ip route (in previledge mode) shows all the networks that the router knows.
In figure below
Default route: Routers have default route to reach the internet network.Though router is directly connected to ISP ( lets say : 68.110.117.97) it only knows the network but it can't reach network.To make it work, you need to type a command
ip route 0.0.0.0 0.0.0.0 68.110.117.97
The command says reach any ip with any subnet mask via network 68.110.117.97
and you need to do this extra step to make it work.
Now you will be able to ping to the 4.2.2.2 or 72.14.207.99 (www.google.com)
To ping www.yahoo.com, www.apple.com directly. you should use type a command
ip name-server 4.2.2.2 ( this command use DNS server 4.2.2.2 to resolve names) Now you can ping any websites.
ping www.google.com
ping www.hotmail.com
ping www.apple.com etc
Lets try another example :
In this case to do the ip route if the first router wants to reach the server network than in this case the network and subnet mask of ip route would be the same but the next hop address would be the first router that this router is connected to.
The End ,in next lesson we will learn about Dynamic routing implementation with RIP.
Thanks and enjoy your learning..good luck
