Managing a Cisco Internetwork
The Internal Components of a Cisco Router
Table below describes the major Cisco router components.
Cisco
Router Components
|
Component
|
Description
|
|
Bootstrap
|
Stored in the microcode of the ROM. It will boot the router and then
load the IOS.
|
|
POST (power-on self-test)
|
Stored in the microcode of the ROM, the POST is used to
check the functionality of the router and which interfaces are present.
|
|
ROM monitor
|
Stored in the microcode of the ROM, used for
manufacturing, testing, and troubleshooting.
|
|
Mini-IOS
|
Called the RXBOOT or bootloader by Cisco, it is a small
IOS in ROM that can be used to bring up an interface and load a Cisco IOS
into flash memory.
|
|
RAM
|
hold packet buffers, ARP cache and routing tables.
Running-config is stored in RAM.
|
|
ROM
|
Used to start and maintain the router. Holds the POST , bootstrap
and mini-IOS.
|
|
Flash memory
|
Stores the Cisco IOS by default.
|
|
NVRAM (nonvolatile RAM)
|
Used to hold the router and switch configuration. store
The configuration register .
|
|
Configuration register
|
Used to control how the router boots up. This value can
be found as the last line of the show version command output and by default is
set to 0x2102, which tells the router to load the IOS from flash memory as
well as to load the configuration from NVRAM.
|
The Router Boot Sequence
The
Router boot sequence consists of the following steps:
1. The router performs
a POST. The POST tests the hardware to verify that all components of the device
are operational and present.
2. The bootstrap then
looks for and loads the Cisco IOS software.default, the IOS software is loaded
from flash memory in all Cisco routers.
3. The IOS software
looks for a valid configuration file stored in NVRAM. This file is called
startup-config
4. If a startup-config
file is in NVRAM, the router will copy this file and place it in RAM and call the file running-config.
If
a startup-config file is not in NVRAM, the router will broadcast out any
interface that detects carrier detect (CD) for a TFTP host looking for a
configuration, and when that fails , it will start the setup mode configuration
process.
Managing Configuration Register
All
Cisco routers have a 16-bit software register that’s written into NVRAM. By
default, the configuration register is set to load the Cisco IOS from flash
memory and to look for and load the startup-config file from NVRAM.
Understanding the Configuration Register
Bits
The
16 bits (2 bytes) of the configuration register are read from 15 to 0, from
left to right. The default configuration setting on Cisco routers is 0x2102.
This means that bits 13, 8, and 1 are on, as shown in Table below . Notice that each set of 4 bits
(called a nibble) is read in binary with a value of 8, 4, 2, 1.
Checking the Current Configuration
Register Value
You
can see the current value of the configuration register by using the show
version command :
Router#
sh version
Cisco
IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version
12.4(12),
RELEASE SOFTWARE (fc1)
[output
cut]
Configuration
register is 0x2102
The
last information is the value of the configuration register. The configuration
register setting of 0x2102 tells the router to look in NVRAM for the boot
sequence.
Changing the Configuration Register
These
are the main reasons you would want to change the configuration register:
-
To force the system into the ROM monitor mode
-
To select a boot source and default boot filename
-
To enable or disable the Break function
-
To control broadcast addresses
-
To set the console terminal baud rate
-
To load operating software from ROM
-
To enable booting from TFTP server
You
can change the configuration register by using the config-register command.
The
following commands tell the router to boot a small IOS from ROM:
Router(config)#
config-register 0x2101
Router(config)#^Z
Router#
sh ver
[output
cut]
Configuration
register is 0x2102 (will be 0x2101 at next reload)
Notice
that the show version command displays the current configuration register value
and also what that value will be when the router reboots. Any change to the
configuration register won’t take effect until the router is reloaded. The
0x2101 will load the IOS from ROM the next time the router is rebooted.
Here
is our router after setting the configuration register to 0x2101 and reloading:
Router(boot)#sh
ver
[output cut]
ROM:
System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
Router
uptime is 3 minutes
System
returned to ROM by power-on
System
image file is “flash:c2800nm-advsecurityk9-mz.124-12.bin”
[output
cut]
Configuration
register is 0x2101
At
this point, if you typed show flash , you’d still see the IOS in flash
memory ready to go. But we told our router to load from ROM, which is why the
hostname shows up with (boot).
Router(boot)#
sh flash
-#-
--length-- -----date/time------ path
1
21710744 Jan 2 2007 22:41:14 +00:00 c2800nm-advsecurityk9-mz.124-12.bin
2
1823 Dec 5 2006 14:46:26 +00:00 sdmconfig-2811.cfg
3
4734464 Dec 5 2006 14:47:12 +00:00 sdm.tar
4
833024 Dec 5 2006 14:47:38 +00:00 es.tar
5
1052160 Dec 5 2006 14:48:10 +00:00 common.tar
6
1038 Dec 5 2006 14:48:32 +00:00 home.shtml
7
102400 Dec 5 2006 14:48:54 +00:00 home.tar
8
491213 Dec 5 2006 14:49:22 +00:00 128MB.sdf
9
1684577 Dec 5 2006 14:50:04 +00:00 securedesktop-ios-3.1.1.27-k9.pkg
10
398305 Dec 5 2006 14:50:34 +00:00 sslclient-win-1.1.0.154.pkg
32989184
bytes available (31027200 bytes used)
Recovering Passwords
If
you’re locked out of a router because you forgot the password, you can change
the configuration
register
to recover it. The bit 6 in the configuration register is used to tell the
router whether to use the contents of NVRAM to load a router configuration.
The
default configuration register value is 0x2102, meaning that bit 6 is off. With
the default setting, the router will look for and load a router configuration
stored in NVRAM (startup-config).
To
recover a password, you need to turn on bit 6. Doing this will tell the router
to ignore the NVRAM contents. The configuration register value to turn on bit 6
is 0x2142.
Here are the main steps to password recovery:
1. Boot the router and
interrupt the boot sequence (break), which will take into ROM monitor mode.
2. Change the
configuration register to turn on bit 6 (with the value 0x2142).
3. Reload the router.
4. Enter privileged
mode.
5. Copy the
startup-config file to running-config.
6. Change the
password.
7. Reset the
configuration register to the default value.
8. Save the router
configuration.
9. Reload the router
(optional).
Interrupting the Router Boot Sequence
perform
a break by pressing the Ctrl+Break key while the router first reboots. After
you’ve performed a break, you should see some lines then the prompt:
rommon
1 >
At
this point, you will be at the rommon 1> prompt, which is called ROM monitor
mode.
Changing the Configuration Register
you
can change the configuration register by using the config-register command. To
turn on bit 6, use the configuration register value 0x2142.
Cisco ISR/2600 Series Commands
To
change the bit value on a Cisco ISR/2600 series router, you just enter the
command at the
rommon
1> prompt:
rommon
1 >confreg 0x2142
You
must reset or power cycle for new config to take effect
rommon
2 >reset
Cisco 2500 Series Commands
To
change the configuration register on a 2500 series router, type o after
creating a break sequence on the router. This brings up a menu of configuration
register option settings. To change the configuration register, enter the
command o/r, followed by the new register value.
>o
Configuration
register = 0x2102 at last boot
Bit#
Configuration register option
settings:
15
Diagnostic mode disabled
14
IP broadcasts do not have network
numbers
13
Boot default ROM software if
network boot fails
12-11
Console speed is 9600 baud
10
IP broadcasts with ones
08
Break disabled
07
OEM disabled
06
Ignore configuration disabled
03-00
Boot file is cisco2-2500 (or ‘boot
system’ command)
>o/r
0x2142
Reloading the Router and Entering
Privileged Mode
At
this point, you need to reset the router like this:
-
From the ISR/2600 series router, type I (for initialize) or reset.
-
From the 2500 series router, type I.
The
router will reload and ask if you want to use setup mode. Answer no to entering
setup mode, press Enter to go into user mode, and then type enable to go
into privileged mode.
Viewing and Changing the Configuration
Copy
the startup-config file to the running-config file:
copy startup-config running-config
Or
use the shortcut:
copy start run
The
configuration is now running in random access memory (RAM), and you’re
in privileged mode, meaning that you can now view and change the configuration.
But you can’t view the enable secret setting for the password since it
is encrypted. To change the password, do this:
config t
enable secret todd
Resetting the Configuration Register and
Reloading the Router
After
you’re finished changing passwords, set the configuration register back to the
default value with the config-register command:
config t
config-register 0x2102
Finally,
save the new configuration with a copy running-config startup-config and reload
the router.
Boot System Commands
You
can configure router to boot another IOS if the flash is corrupted.
There
are some boot commands you can play with that will help you manage the way your
router boots the Cisco IOS—but remember, we’re talking about the router’s IOS
here, not the router’s configuration!
Router>en
Router#config t
Router(config)#boot ?
bootstrap Bootstrap
image file
config Configuration
file
host Router-specific
config file
network Network-wide
config file
system System
image file
the
boot system command will allow you to tell the router which file to boot from
flash memory. Remember that the router, by default, boots the first file found
in flash. You can change that with the following commands:
Router(config)#boot system ?
WORD TFTP
filename or URL
flash Boot
from flash memory
ftp Boot
from a server via ftp
mop Boot
from a Decnet MOP server
rcp Boot
from a server via rcp
rom Boot
from rom
tftp Boot
from a tftp server
Router(config)#boot system flash
c2800nm-advsecurityk9-mz.124-12.bin
The
next command makes your Router boot from
a TFTP host:
Router(config)#boot system tftp ?
WORD System
image filename
Router(config)#boot system tftp
c2800nm-advsecurityk9-mz.124-12.bin ?
Hostname or A.B.C.D Address from which to download the file
Router(config)#boot system tftp c2800nm-advsecurityk9-mz.124-12.bin
1.1.1.2
Router(config)#
As
your last recommended : if the IOS in flash doesn’t load and the TFTP host does
not produce the IOS, load the mini-IOS from ROM like this:
Router(config)#boot
system rom
No comments:
Post a Comment