1、第六章 操作与配置 Cisco IOS,本章目标,通过本章的学习,您应该掌握以下内容: 完成路由器的初始参数配置 在网络设备上进入并辨识不同的命令模式 在不同的用户界面下应用各种帮助和命令行编辑功能 查看并确认各网络设备的基本信息,Cisco IOS 软件提供多种网络服务进而支持各种网络应用.,Cisco 互连网操作系统(IOS)软件,硬件自检 定位并加载Cisco IOS映象文件 定位并运行配置文件,Cisco设备的简单启动过程,提供命令行界面 在不同的网络设备上运行时有差别 在命令模式下可以键入或粘贴命令 键入命令后回车,设备即解析和执行所键入的命令 两个主要命令模式是用户模式和特权模式
2、不同的命令模式有不同的提示符,Cisco IOS,Cisco IOS用户界面的基本特性,特权(或enabled)模式 对交换机和路由器更深入的操作 有配置和监视权力 是进入其它配置模式的前提 命令提示符为 主机名#,模式二 (也是最常用的模式):,Cisco IOS的主要命令模式(续),系统启动例程会初始化路由器 如果需要,路由器可以有选择性地回退启动,Check hardware,Find and load Cisco IOS software image,Find and apply router configuration information,Load Bootstrap,1. 启动
3、前确认正确连接线缆和控制线 2. 按下电源开关 3. 观察启动顺序Cisco IOS输出到控制台上的内容,Cisco路由器的初始启动,没有配置文件与有配置文件的路由器启动对比,- System Configuration Dialog -Continue with configuration dialog? yes/no:yesAt any point you may enter a question mark ? for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in
4、square brackets .,Setup模式,wg_ro_c con0 is now availablePress RETURN to get started.,wg_ro_c,路由器启动时在控制台上的输出内容,控制台,Setup: 初始配置对话框,Router#setup- System Configuration Dialog -Continue with configuration dialog? yes/no: yAt any point you may enter a question mark ? for help. Use ctrl-c to abort configura
5、tion dialog at any prompt. Default settings are in square brackets .Basic management setup configures only enough connectivity for management of the system, extended setup will ask you to configure each interface on the systemWould you like to enter basic management setup? yes/no: n,设置全局参数,初始化全局参数,C
6、onfiguring global parameters:Enter host name Router:wg_ro_cThe enable secret is a password used to protect access toprivileged EXEC and configuration modes. This password, afterentered, becomes encrypted in the configuration.Enter enable secret: ciscoThe enable password is used when you do not speci
7、fy anenable secret password, with some older software versions, andsome boot images.Enter enable password: sanfranThe virtual terminal password is used to protectaccess to the router over a network interface.Enter virtual terminal password: sanjoseConfigure SNMP Network Management? no:,设置脚本的确认与应用,Th
8、e following configuration command script was created:hostname Router enable secret 5 $1$/CCk$4r7zDwDNeqkxFO.kJxC3G0 enable password sanfran line vty 0 4 password sanjose no snmp-server ! no appletalk routing no decnet routing ip routing no clns routing no ipx routing no vines routing no xns routing
9、no apollo routing isdn switch-type basic-5ess,interface BRI0 shutdown no ip address ! interface Ethernet0 no shutdown ip address 10.1.1.31 255.255.255.0 no mop enabled ! interface Serial0 shutdown no ip addressend0 Go to the IOS command prompt without saving this config. 1 Return back to the setup w
10、ithout saving this config. 2 Save this configuration to nvram and exit.Enter your selection 2:,Console,wg_ro_c wg_ro_cenable wg_ro_c# wg_ro_c#disable wg_ro_c wg_ro_clogout,wg_ro_c con0 is now available Press RETURN to get started.,用户模式提示,特权模式提示,登入路由器,只要所输命令串在全部命令中是唯一的,可以将一个命令尽可能地简写,,路由器在用户模式下的命令清单,w
11、g_ro_c? Exec commands:access-enable Create a temporary Access-List entry atmsig Execute Atm Signalling Commands cd Change current device clear Reset functions connect Open a terminal connection dir List files on given device disable Turn off privileged commands disconnect Disconnect an existing netw
12、ork connection enable Turn on privileged commands exit Exit from the EXEC help Description of the interactive help system lat Open a lat connection lock Lock the terminal login Log in as a particular user logout Exit from the EXEC - More -,wg_ro_c#? Exec commands:access-enable Create a temporary Acc
13、ess-List entryaccess-profile Apply user-profile to interfaceaccess-template Create a temporary Access-List entrybfe For manual emergency modes settingcd Change current directoryclear Reset functionsclock Manage the system clockconfigure Enter configuration modeconnect Open a terminal connectioncopy
14、Copy from one file to anotherdebug Debugging functions (see also undebug)delete Delete a filedir List files on a filesystemdisable Turn off privileged commandsdisconnect Disconnect an existing network connectionenable Turn on privileged commandserase Erase a filesystemexit Exit from the EXEChelp Des
15、cription of the interactive help system - More -,路由器在特权模式下的命令清单,只要输入部分命令串(唯一表示某个命令),紧接着按tab键就可以完整地输入一个命令,show version 命令,wg_ro_a#show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-JS-L), Version 12.0(3), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1999 by cisco Sys
16、tems, Inc. Compiled Mon 08-Feb-99 18:18 by phanguye Image text-base: 0x03050C84, data-base: 0x00001000ROM: System Bootstrap, Version 11.0(10c), SOFTWARE BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE SOFTWARE(fc1)wg_ro_a uptime is 20 minutes System restarted by reload Sy
17、stem image file is “flash:c2500-js-l_120-3.bin“ (output omitted) -More-Configuration register is 0x2102,查看配置情况,控制台,IOS,Setup utility,show startup-config,show running-config,将配置参数保存到NVRAM中,Config,Config,RAM,NVRAM,show running 和 show startup 命令,wg_ro_c#show startup-config Using 1359 out of 32762 bytes
18、 ! version 12.0 !- More -,wg_ro_c#show running-config Building configuration. Current configuration: ! version 12.0 !- More -,保存在NVRAM中,保存在RAM中,显示当前运行的和保存的配置情况,路由器模式一览,Router(config)#,Routerenable,Router#config term,Exit,Ctrl-Z (end),用户模式 特权模式 全局配置模式,配置模式,模式提示,Interface Router(config-if)# Subinterfa
19、ce Router(config-subif)# Controller Router(config-controller)# Line Router(config-line)# Router Router(config-router)# IPX router Router(config-ipx-router)#,保存配置,wg_ro_c# wg_ro_c#copy running-config startup-config Destination filename startup-config? Building configurationwg_ro_c#,将当前运行的配置复制到NVRAM中,
20、配置路由器的各种标识,为路由器或其端口设置标识或信息,路由器名,Router(config)#hostname wg_ro_c wg_ro_c(config)#,开机时的固定显示信息,wg_ro_c(config)#banner motd #Accounting DepartmentYou have entered a secured system. Authorized accessonly! #,配置路由器的各种标识,为路由器或其端口设置标识或信息,路由器名,Router(config)#hostname wg_ro_c wg_ro_c(config)#,开机时的固定显示信息,wg_ro_
21、c(config)#banner motd #Accounting DepartmentYou have entered a secured system. Authorized accessonly! #,端口描述,wg_ro_c(config)#interface ethernet 0 wg_ro_c(config-if)#description Engineering LAN, Bldg. 18,Router(config)#line console 0 Router(config-line)#login Router(config-line)#password cisco,控制台密码,
22、虚拟终端密码,Router(config)#line vty 0 4 Router(config-line)#login Router(config-line)#password sanjose,路由器密码配置,Router(config)#line console 0 Router(config-line)#login Router(config-line)#password cisco,控制台密码,虚拟终端密码,Router(config)#line vty 0 4 Router(config-line)#login Router(config-line)#password sanjose
23、,特权模式明文密码,Router(config)#enable password cisco,特权模式加密密码,Router(config)#enable secret sanfran,路由器密码配置,其它控制台命令,Router(config)#line console 0 Router(config-line)#exec-timeout 0 0,Router(config)#line console 0 Router(config-line)#logging synchronous,禁止控制台会话自动退出,重显被打乱的控制台输入,Router(config)#interface type
24、number Router(config-if)#,端口配置,type 包括 serial, ethernet, token ring, fddi, hssi, loopback, dialer, null, async, atm, bri, and tunnel number 用来识别具体的单个端口,从当前端口配置模式退出,Router(config)#interface type slot/port Router(config-if)#,模块化端口的表示法,配置串口,进入全局配置模式,Router(config)#interface serial 0 Router(config-if)#,
25、Router#configure term Router(config)#,指定某个端口,配置串口,进入全局配置模式,Router(config-if)#clock rate 64000 Router(config-if)#,Router(config)#interface serial 0 Router(config-if)#,Router#configure term Router(config)#,指定某个端口,设置时钟频率 (只在DCE端),Router#show interface serial 0 Serial0 is up, line protocol is up Hardwar
26、e is HD64570Internet address is 10.140.4.2/24MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255, load 1/255Encapsulation HDLC, loopback not set, keepalive set (10 sec)Last input 00:00:09, output 00:00:04, output hang neverLast clearing of “show interface“ counters neverInput queue: 0/75/0 (siz
27、e/max/drops); Total output drops: 0Queueing strategy: weighted fairOutput queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total)Reserved Conversations 0/0 (allocated/max allocated)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bit
28、s/sec, 0 packets/sec (output omitted),确认参数修改情况,开启或关闭端口,Router#configure term Router(config)#interface serial 0 Router(config-if)#no shutdown %LINK-3-UPDOWN: Interface Seria0, changed state to up %LINEPROTO-5-UPDOWN: Line Protocol on Interface Serial0, changed state to up,开启已经关闭的端口,Router#configure t
29、erm Router(config)#interface serial 0 Router(config-if)#shutdown %LINK-5-CHANGED: Interface Serial0, changed state to administratively down %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down,人工关闭端口,路由器的 show interfaces 命令,Router#show interfaces Ethernet0 is up, line proto
30、col is up Hardware is Lance, address is 00e0.1e5d.ae2f (bia 00e0.1e5d.ae2f)Internet address is 10.1.1.11/24MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255Encapsulation ARPA, loopback not set, keepalive set (10 sec)ARP type: ARPA, ARP Timeout 04:00:00Last input 00:00:07, output
31、 00:00:08, output hang neverLast clearing of “show interface“ counters neverQueueing strategy: fifoOutput queue 0/40, 0 drops; input queue 0/75, 0 drops5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec81833 packets input, 27556491 bytes, 0 no bufferReceived
32、42308 broadcasts, 0 runts, 0 giants, 0 throttles1 input errors, 0 CRC, 0 frame, 0 overrun, 1 ignored, 0 abort0 input packets with dribble condition detected55794 packets output, 3929696 bytes, 0 underruns0 output errors, 0 collisions, 1 interface resets0 babbles, 0 late collision, 4 deferred0 lost c
33、arrier, 0 no carrier0 output buffer failures, 0 output buffers swapped out,Router#show interfaces serial 1Serial1 is up, line protocol is upHardware is HD64570 Description: 64Kb Line to San Jose : : : : : : : : :,Operational Connection problem. Interface problem Disabled ,Serial1 is up, line protoco
34、l is up Serial1 is up, line protocol is down Serial1 is down, line protocol is down Serial1 is administratively down, line protocol is down,存活信息,载波监测,解读端口状态,串口上用 show controller 命令,Router#show controller serial 0 HD unit 0, idb = 0x121C04, driver structure at 0x127078 buffer size 1524 HD unit 0, V.35 DTE cable.,显示串口线的线缆类型,通过本章的学习,您应该掌握以下内容: 开启交换机和路由器并观察其启动过程 注意交换机的出厂初始配置情况,完成路由器的初始参数配置 在网络设备上进入并辨识不同的命令模式 在不同的用户界面下应用各种帮助和命令行编辑功能 查看并确认并于各网络设备的基本信息,本章总结,问题回顾,1. 交换机开机自检时出现什么现象? 通过什么办法来确定出现了什么问题? 2. 路由器在什么情况下和怎样用到Setup配置模式? 3. 运行Cisco IOS软件的设备在特权模式下提示符是怎样的? 4. 列出在交换机和路由器上的Cisco IOS软件的所能提供的帮助机制内容.,
