1、第三章Cisco IOS简介,Evan.wu,本章目标,通过本章的学习,您应该掌握以下内容:开启交换机和路由器并观察其启动过程注意交换机的出厂初始配置情况,完成路由器的初始参数配置在网络设备上进入并辨识不同的命令模式在不同的用户界面下应用各种帮助和命令行编辑功能查看并确认并于各网络设备的基本信息,IOS是运行于Cisco路由器和交换机上的操作系统,Cisco IOS 软件提供多种网络服务进而支持各种网络应用.,Internetwork Operation System (IOS)软件,网络设备的配置,基于以下各方面来配置设备: 所需功能的网络策略 与协议关联的地址和相关参数 管理方面的需要 交
2、换机将出厂缺省设置作为初始配置如果路由器中没有配置文件,会提示进入初始化安装设置过程,硬件自检定位并加载Cisco IOS映象文件定位并运行配置文件,Cisco设备的简单启动过程,设备接口,可以通过多种途径来配置配置直接在设备的内存中生效,控制端口,Aux 端口,端口,PC or Unix服务器,Web 或网络管理服务器,虚拟终端,多种途径的配置方式,Telnet,TFTP,Cisco IOS用户界面的基本特性,提供命令行界面在不同的网络设备上运行时有差别 在命令模式下可以键入或粘贴命令 键入命令后回车,设备即解析和执行所键入的命令两个主要命令模式是用户模式和特权模式不同的命令模式有不同的提示
3、符,CiscoIOS,用户模式对交换机和路由器的有限操作命令提示符为 router,主要有两个命令模式提供命令键入.,模式一:,Cisco IOS的主要命令模式,特权(或enabled)模式对交换机和路由器更深入的操作有配置和监视权力是进入其它配置模式的前提命令提示符为 router#,模式二 (也是最常用的模式):,Cisco IOS的主要命令模式,交换机的初始启动,系统启动例程会初始化交换机初始启动利用缺省配置参数,1. 启动前确认正确连接线缆和控制线2. 接入电源3. 观察启动顺序面板上的指示灯LEDsCisco IOS输出到控制台上的内容,检查交换机指示灯(LEDs),交换机自检期间的
4、端口指示灯,1. 启动时,所有端口指示灯变绿.2. 每个端口自检完毕,对应的指示灯熄灭.3. 如果端口自检失败, 对应指示灯呈黄色.4. 如果有任何自检失败情况,系统指示灯呈现黄色.5. 如果没有自检失败, 自检过程完成.6. 随着自检过程的完成, 指示灯闪亮后熄灭.,交换机初次启动时的显示信息,控制台连接,Catalyst 1900 Management ConsoleCopyright (c) Cisco Systems, Inc. 1993-1998All rights reserved.Enterprise Edition SoftwareEthernet Address: 00-50
5、-BD-73-E2-C0PCA Number: 73-3121-01PCA Serial Number: FAA0252A0QXModel Number: WS-C1924-ENSystem Serial Number: FAA0304S0U3Power Supply S/N: PHI025101F3-1 user(s) now active on Management Console. User Interface Menu M Menus K Command Line I IP ConfigurationEnter Selection:,控制台,登入交换机并键入特权模式密码, enable
6、Enter password:# disable quit,用户模式提示,特权模式提示,上下文关联帮助,错误信息提示,指出所输入交换机命令的错误所在,以便于修改或纠正.,可以重新调出一个较长或较复杂的命令或其它内容,用来再次运行、查看或修改.,之前命令保存区,交换机命令行帮助机制,提供命令清单和与特定命令相关联的参数.,Switch#show interfaces,Switch#show version,显示交换机初始启动的状态,Switch#show running-config,显示交换机的各种运行状态,CCIE#show versionCisco Catalyst 1900/2820 E
7、nterprise Edition SoftwareVersion V8.01.01 written from 171.068.229.225Copyright (c) Cisco Systems, Inc. 1993-1998Ccie uptime is 15day(s) 21hour(s) 53minute(s) 11second(s) cisco Catalyst 1900 (486sxl) processor with 2048K/1024K bytes of memoryHardware board revision is 5Upgrade Status: No upgrade cu
8、rrently in progress. Config File Status: No configuration upload/download is in progress 27 Fixed Ethernet/IEEE 802.3 interface(s)Base Ethernet Address: 00-50-BD-73-E2-C0,交换机之show version 命令,CCIE#show runBuilding configuration.Current configuration:!hostname “CCIE!ip address 10.1.1.33 255.255.255.0i
9、p default-gateway 10.3.3.3!interface Ethernet 0/1interface Ethernet 0/24!Interface Ethernet 0/25!interface FastEthernet 0/26!interface FastEthernet 0/27,交换机之show running-configuration 命令,CCIE#show runBuilding configuration.Current configuration:!hostname “CCIE!ip address 10.1.1.33 255.255.255.0ip de
10、fault-gateway 10.3.3.3!interface Ethernet 0/1interface Ethernet 0/12!Interface Ethernet 0/25!interface FastEthernet 0/26!interface FastEthernet 0/27,Catalyst 1924,Catalyst 1912,CCIE#show interfaces ethernet 0/1Ethernet 0/1 is Enabled Hardware is Built-in 10Base-TAddress is 0050.BD73.E2C1MTU 1500 byt
11、es, BW 10000 Kbits802.1d STP State: Forwarding Forward Transitions: 1Port monitoring: DisabledUnknown unicast flooding: Enabled Unregistered multicast flooding: Enabled Description: Duplex setting: Half duplex Back pressure: Disabled-More-,交换机之show interfaces命令,配置模式:全局配置模式 CCIE# configure terminal (
12、conf t)CCIE(config)#端口配置模式CCIE(config)# interface fa0/1CCIE(config-if)#,配置交换机,配置交换机的各种标识,为交换机设置本地标识,Cisco路由器的初始启动,系统启动例程会初始化路由器如果需要,路由器可以有选择性地回退启动,Check hardware,Find and load Cisco IOSsoftware image,Find and apply routerconfiguration information,Load Bootstrap,1.启动前确认正确连接线缆和控制线2.按下电源开关3.观察启动顺序 Cisc
13、o IOS输出到控制台上的内容,路由器启动时在控制台上的输出内容,没有配置文件与有配置文件的路由器启动对比,- System Configuration Dialog -Continue with configuration dialog? yes/no:yes or no At any point you may enter a question mark ? for help.Use ctrl-c to abort configuration dialog at any prompt.Default settings are in square brackets .,Setup模式,rou
14、ter con0 is now availablePress RETURN to get started.,router,控制台,Setup: 初始配置对话框,Router#setup - System Configuration Dialog -Continue with configuration dialog? yes/no: yAt any point you may enter a question mark ? for help.Use ctrl-c to abort configuration dialog at any prompt.Default settings are i
15、n square brackets .Basic management setup configures only enough connectivityfor management of the system, extended setup will ask youto configure each interface on the systemWould you like to enter basic management setup? yes/no: n,预先浏览端口配置情况,First, would you like to see the current interface summa
16、ry? yes:Interface IP-Address OK? Method Status ProtocolBRI0 unassigned YES unset administratively down downBRI0:1 unassigned YES unset administratively down downBRI0:2 unassigned YES unset administratively down downEthernet0 unassigned YES unset administratively down downSerial0 unassigned YES unset
17、 administratively down down,自检过程中所找到的端口,设置全局参数,初始化全局参数,Configuring global parameters: Enter host name Router:router_a The enable secret is a password used to protect access to privileged EXEC and configuration modes. This password, after entered, becomes encrypted in the configuration. Enter enable
18、secret: cisco The enable password is used when you do not specify an enable secret password, with some older software versions, and some boot images. Enter enable password: ccie The virtual terminal password is used to protect access to the router over a network interface. Enter virtual terminal pas
19、sword: cisco_ccie Configure SNMP Network Management? no:,设置全局参数(续),初始化协议配置,Configure LAT? yes: n Configure AppleTalk? no: Configure DECnet? no: Configure IP? yes: Configure IGRP routing? yes: n Configure RIP routing? no: Configure CLNS? no: Configure IPX? no: Configure Vines? no: Configure XNS? no:
20、Configure Apollo? no:,设置端口参数,BRI interface needs isdn switch-type to be configured Valid switch types are : 0 none.Only if you dont want to configure BRI. 1 basic-1tr6.1TR6 switch type for Germany 2 basic-5ess.AT mask is /24Do you want to configure Serial0 interface? no:,设置脚本的确认与应用,The following con
21、figuration command script was created:hostname Routerenable secret 5 $1$/CCk$4r7zDwDNeqkxFO.kJxC3G0enable password sanfranline vty 0 4password sanjoseno snmp-server!no appletalk routingno decnet routingip routingno clns routingno ipx routingno vines routingno xns routingno apollo routingisdn switch-
22、type basic-5ess,interface BRI0shutdownno ip address!interface Ethernet0no shutdownip address 10.1.1.31 255.255.255.0no mop enabled!interface Serial0shutdownno ip address0 Go to the IOS command prompt without saving this config.1 Return back to the setup without saving this config.2 Save this configu
23、ration to nvram and exit.Enter your selection 2:,Console,routerrouterenablerouter#router#disablerouterrouterlogout,router con0 is now availablePress RETURN to get started.,用户模式提示,特权模式提示,登入路由器,路由器在用户模式下的命令清单,只要所输命令串在全部命令中是唯一的,可以将一个命令尽可能地简写,,router?Exec commands: access-enable Create a temporary Acces
24、s-List entry atmsig Execute Atm Signalling Commands cd Change current device clear Reset functions connect Open a terminal connection dir List files on given device disable Turn off privileged commands disconnect Disconnect an existing network connection enable Turn on privileged commands exit Exit
25、from the EXEC help Description of the interactive help system lat Open a lat connection lock Lock the terminal login Log in as a particular user logout Exit from the EXEC- More -,router#?Exec commands: access-enable Create a temporary Access-List entry access-profile Apply user-profile to interface
26、access-template Create a temporary Access-List entry bfe For manual emergency modes setting cd Change current directory clear Reset functions clock Manage the system clock configure Enter configuration mode connect Open a terminal connection copy Copy from one file to another debug Debugging functio
27、ns (see also undebug) delete Delete a file dir List files on a filesystem disable Turn off privileged commands disconnect Disconnect an existing network connection enable Turn on privileged commands erase Erase a filesystem exit Exit from the EXEC help Description of the interactive help system- Mor
28、e -,路由器在特权模式下的命令清单,只要输入部分命令串(唯一表示某个命令),紧接着按tab键就可以完整地补全一个命令,路由器命令行帮助机制,上下文关联帮助,错误信息提示,指出所输入交换机命令的错误所在,以便于修改或纠正.,可以重新调出一个较长或较复杂的命令或其它内容,用来再次运行、查看或修改.,之前命令保存区,提供命令清单和与特定命令相关联的参数.,路由器的上下文相关联帮助,Router#,clok,Translating CLOK,% Unknown command or computer name, or unable to find computer address,Router#,c
29、l?,clear clock,Router#,clock,% Incomplete command.,Router#,clock ?,set Set the time and date,Router#,clock set,% Incomplete command.,Router#,clock set ?,hh:mm:ss Current Time,符号解析命令提示调出最近用过的内容,Router$ future of internetworking by creating unprecedented op,使用增强的编辑命令,(一行中长字串会自动滚卷).,RouterShape the val
30、ue of internetworking by creating unpreced,使用增强的编辑命令,(一行中长字串会自动滚卷).,光标移动到命令行的开始位置.,Router$ value for customers, employees, and partners.,使用增强的编辑命令,(一行中长字串会自动滚卷).,光标移动到命令行的开始位置.,光标移动到命令行的结束位置.,使用增强的编辑命令,(一行中长字串会自动滚卷).,光标移动到命令行的开始位置.,光标移动到命令行的结束位置.,回移一个单词,Router$ value for customers, employees, and pa
31、rtners.,使用增强的编辑命令,(一行中长字串会自动滚卷).,光标移动到命令行的开始位置.,光标移动到命令行的结束位置.,回移一个单词.,下移一个字符.,Router$ value for customers, employees, and partners.,使用增强的编辑命令,(一行中长字串会自动滚卷).,光标移动到命令行的开始位置.,光标移动到命令行的结束位置.,回移一个单词,下移一个字符.,回移一个字符.,Router$ value for customers, employees, and partners.,使用增强的编辑命令,(一行中长字串会自动滚卷).,光标移动到命令行的开
32、始位置.,光标移动到命令行的结束位置.,回移一个单词,下移一个字符.,回移一个字符.,下移一个单词,Router$ value for customers, employees, and partners.,(一行中长字串会自动滚卷).,光标移动到命令行的开始位置.,光标移动到命令行的结束位置.,回移一个单词,下移一个字符.,回移一个字符.,下移一个单词,使用增强的编辑命令,删除当前字符,Router$ value for customers, employees, and partners.,Ctrl-P or Up arrow,调出最近(前一)使用过的命令,Ctrl-N or Down a
33、rrow,调出更近使用过的命令,Router show history,显示命令保存区内容,Router terminal history size lines,设置命令保存区大小,回览之前用过的命令,show version 命令,router#show versionCisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-JS-L), Version 12.0(3), RELEASE SOFTWARE (fc1)Copyright (c) 1986-1999 by cisco Systems, I
34、nc.Compiled Mon 08-Feb-99 18:18 by phanguyeImage text-base: 0x03050C84, data-base: 0x00001000ROM: System Bootstrap, Version 11.0(10c), SOFTWAREBOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE SOFTWARE(fc1)wg_ro_a uptime is 20 minutesSystem restarted by reloadSystem image f
35、ile is flash:c2500-js-l_120-3.bin(output omitted)-More-Configuration register is 0x2102,查看配置情况,控制台,IOS,Setup utility,showstartup-config,showrunning-config,将配置参数保存到NVRAM中,Config,Config,RAM,NVRAM,show running 和 show startup 命令,wg_ro_c#show startup-configUsing 1359 out of 32762 bytes!version 12.0!- Mor
36、e -,wg_ro_c#show running-configBuilding configuration.Current configuration:!version 12.0!- More -,保存在NVRAM中,保存在RAM中,显示当前运行的和保存的配置情况,路由器模式一览,用户模式特权模式全局配置模式,Router(config)#,Routerenable,Router#config term,Exit,Ctrl-Z (end),配置模式,模式提示,InterfaceRouter(config-if)#Subinterface Router(config-subif)#Control
37、ler Router(config-controller)#LineRouter(config-line)#RouterRouter(config-router)#IPX router Router(config-ipx-router)#,保存配置,router#router#copy running-config startup-configDestination filename startup-config?Building configurationrouter#router#wr(等同于copy run start),将当前运行的配置复制到NVRAM中,配置路由器的各种标识,为路由器
38、或其端口设置标识或信息,路由器名,Router(config)#hostname CCIECCIE(config)#,开机时的固定显示信息,router(config)#banner motd # welcome to china! #,Router(config)#line console 0Router(config-line)#loginRouter(config-line)#password cisco,控制台密码,虚拟终端密码,Router(config)#line vty 0 4Router(config-line)#login Router(config-line)#passwo
39、rd sanjose,特权模式明文密码,Router(config)#enable password cisco,特权模式加密密码,Router(config)#enable secret sanfran,路由器密码配置,其它控制台命令,Router(config)#line console 0Router(config-line)#exec-timeout 0 0,Router(config)#line console 0Router(config-line)#logging synchronous,禁止控制台会话自动退出,重显被打乱的控制台输入,Router(config)#interfa
40、ce type numberRouter(config-if)#,端口配置,type 包括 serial, ethernet, token ring, fddi, hssi, loopback, dialer, null, async, atm, bri, and tunnelnumber 用来识别具体的单个端口,从当前端口配置模式退出,Router(config)#interface type slot/portRouter(config-if)#,模块化端口的表示法,配置串口,进入全局配置模式,Router(config-if)#clock rate 64000Router(config-
41、if)#,Router(config)#interface serial 0 Router(config-if)#,Router#configure termRouter(config)#,Router(config-if)#bandwidth 64Router(config-if)#exitRouter(config)#exitRouter#,指定某个端口,设置时钟频率 (只在DCE端),调协波特率 (建议),Router#show interface serial 0Serial0 is up, line protocol is up Hardware is HD64570 Interne
42、t address is 10.140.4.2/24 MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 00:00:09, output 00:00:04, output hang never Last clearing of show interface counters never Input queue: 0/75/0 (size/max/drops); To
43、tal output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 pa
44、ckets/sec(output omitted),确认参数修改情况,以太网的 media-type 命令,Router(config)#interface gi0/1Router(config-if)#media-type rj45,为以太网端口选择适当的介质类型,开启或关闭端口,Router#configure termRouter(config)#interface serial 0 Router(config-if)#no shutdown%LINK-3-UPDOWN: Interface Seria0, changed state to up%LINEPROTO-5-UPDOWN: Line Protocol on Interface Serial0, changed state to up,
