Comenzi / Exemplu:

Configuratii de baza pe router:

R1>enable R1#configure terminal R1(config)#hostname <name> //naming the router R1(config)#enable password <password> //setting passwords R1(config)#enable secret <password> R1(config)#no ip domain-lookup //opreste cautarea dupa nume R1(config)#banner motd # message # //configuring a message-of-the-day R1(config)#service password-encryption //cripteaza toate parolele Comenzi de afisare Rx#show running-config //afiseaza configuratia curenta Rx#show ip route //afiseaza tabela de rutare Rx#show ip protocols //afiseaza protocoalele de rutare Rx#show controllers //verifying DTE/DCE cabling inputs Rx#show interfaces //interface configuration information Rx#show ip interface brief Salvare fisier de configurare in NVRAM copy running-config startup-config write Stergere fisier de configurare erase startup-config reload //restart router Line configuration mode R1 (config)#line console 0 //configurare consola R1 (config)#line vty 0 4 //configurare telnet R1 (config-line)#password password R1 (config-line)#login R1 (config-line)#logging synchronous //keep unsolicited out. separate from in.

R1 (config-line)#no exec-timeout //timpul de timeout al consolei Configuring an Ethernet Interface R1 (config)#interface fastethernet 0/0 R1 (config-if)#ip address 172.16.3.1 255.255.255.0 R1 (config-if)#no shutdown R1 (config-if)#description R1 to LAN1 Configuring a Serial Interface R1#show controllers serial 0/0/0 Interface Serial0/0/0 Hardware is PowerQUICC MPC860 DCE V.35, no clock <output omitted> R1 (config)#interface serial 0/0/0 R1 (config-if)#ip address 172.16.2.1 255.255.255.0 R1 (config-if)#no shutdown R1 (config-if)#description R1 to R2 R1 (config-if)#clock rate 64000 //seteaza semnalul de ceas pe interfata seriala Configuring Static Routes with Serial Interfaces R1#debug ip routing //optional, pt afisarea mesajelor cand o ruta e adaugata in RT R1(config)#ip route 172.16.1.0 255.255.255.0 172.16.2.2 //foloseste next-hop IP R1(config)#no ip route 192.168.2.0 255.255.255.0 172.16.2.2 //se sterge ruta R1(config)#ip route 192.168.2.0 255.255.255.0 serial 0/0/0 //foloseste exit interface with Ethernet Interfaces R1(config)#ip route 192.168.2.0 255.255.255.0 fastethernet 0/1 172.16.2.2 //foloseste atat exit interface cat si next-hop pt evitarea recursive-lookup Display interface configuration information show interfaces show interfaces fastethernet 0/0 show ip interface brief show running-config Connectivity Troubleshooting Tools ping traceroute show ip route show ip interface brief show cdp neighbors detail Debugging debug ip routing //Ip routing debugging is on

 Rx#debug ip ? icmp //ICMP transactions nat // NAT events ospf //OSPF information packet //Packet information rip //RIP protocol transactions routing //Routing table events undebug all //All possible debugging has been turned off CDP R1>show cdp neighbors R1>show cdp entry R2 R1>show cdp interface serial 0/0/0 R1(config)#cdp run R1(config)#no cdp run R1(config-if)#cdp enable R1(config-if)#no cdp enable Summarize static routes R3(config)#no ip route 172.16.1.0 255.255.255.0 s0/0/1 R3(config)#no ip route 172.16.2.0 255.255.255.0 s0/0/1 R3(config)#no ip route 172.16.3.0 255.255.255.0 s0/0/1 R3(config)#ip route 172.16.0.0 255.255.252.0 s0/0/1 Replace existing static routes with a default static route R1(config)#no ip route 172.16.1.0 255.255.255.0 s0/0/0 R1(config)#no ip route 192.168.1.0 255.255.255.0 s0/0/0 R1(config)#no ip route 192.168.2.0 255.255.255.0 s0/0/0 R1(config)#ip route 0.0.0.0 0.0.0.0 s0/0/0 //ruta default Configuring a default route, or gateway of last resort Rx (config)#ip default-gateway <IP address>
//its used when ip routing is disabled

Rx (config)#ip default-network <network>

//if a router has a route to that network, the route is flagged as a candidate default route //the default route anounced using this cmd is not propagated by OSPF and IS-IS

Rx (config)#ip route 0.0.0.0 0.0.0.0

//The way in which routing protocols propagate the default route information varies for each protocol //EIGRP propagates a route to network 0.0.0.0, but the static route must be redistributed //the default route anounced using this cmd is not propagated by OSPF and IS-IS //If you use multiple commands to configure a default route, traffic is load-balanced over the multiple routes.

Rx (config-router)#redistribute static //RIP,EIGRP Rx (config-router)#default-information originate //RIP,OSPF,IS-IS

Administrative distance

 Routing protocols classification

RIPv1 Rx(config)#router rip //enabling RIP Rx(config-router)#network <adresa_retea_classful_direct_conectata>

//porneste RIP pe toate interfetele care apartin adresei de retea (send & receive) //avertizeaza reteaua specificata in toate update-urile RIP trimise la 30 sec.

Rx(config-router)#no network < > //disable RIP routing for network Rx(config-router)#passive-interface <nume_interfata> //interfata pasiva
//prevents the transmission of routing updates out that interface, but still allows to be advertised //it applies when no RIP neighbors exists on the interface(LAN)

Rx(config-router)#default-information originate
//propagating a Default route

Rx(config)#no router rip //remove the RIP routing process Verifying RIP Rx#show ip route R 192.168.5.0/24 [120/2] via 192.168.2.2, 00:00:23, Serial0/0/0

 Rx#show ip rip database //all ip routes learned by Rx Rx#show ip protocols //shows which routing processes are enabled Rx#debug ip rip // Rx#debug ip rip packets // RIPv2 Rx(config)#router rip Rx(config-router)#version 2 Rx(config-router)#no auto-summary //dezactivare sumarizare Rx(config-router)#redistribute static //propagare ruta statica Rx(config-router)#redistribute connected //propagare ruta direct conectata Configuration for Authentication (Autentificare interfete) Rx(config)#key chain MYRIP
!--- Name a key chain. A key chain may contain more than one key for added security. !--- It need not be identical on the remote router.

Rx(config-keychain)#key 1
!--- This is the Identification number of an authentication key on a key chain. !--- It need not be identical on the remote router. (Yes for MD5 authentication)

Rx(config-keychain-key)#key-string cisco
!--- The actual password or key-string. !--- It needs to be identical to the key-string on the remote router.

Rx(config-if)#ip rip authentication mode md5

!--- Specifies the type of authentication used in RIPv2 packets. !--- It needs to be identical on remote router. !--- To restore clear text authentication, use the no form of this command.

Rx(config-if)#ip rip authentication key-chain MYRIP

!--- Enables authentication on the interface and configures the key chain that will be used.

 EIGRP

Router(config)#router eigrp autonomous-system //process ID number [1 - 65535]. Router(config-router)#network network-address Router(config-router)#network network-address [wildcard-mask]
!--- wildcard mask is the inverse of a subnet mask. To calculate the inverse of the subnet mask, subtract the subnet mask from 255.255.255.255 !---To configure EIGRP to advertise specific subnets only !---Some IOS versions will also let you simply enter the subnet mask:

R2(config-router)#network 192.168.10.8 255.255.255.252 Router(config-if)#bandwidth kilobits //modifica bandwidth-ul unei interfete

!---The bandwidth command only modifies the bandwidth metric used by routing protocols, not the physical bandwidth of the link.

Router#show ip Router#show ip table/database Router#show ip entry Router#show ip

eigrp neighbors eigrp topology eigrp topology [network] eigrp topology all-links

//view the neighbor table //topology //pentru un anumit

!---shows all possible paths to a network including successors, feasible successors, and even those routes that are not feasible successors

Router#clear ip eigrp neighbors [ip-address | interface-type interface-number] Router#debug eigrp fsm //turns on DUAL FSM debugging Router(config-router)#no auto-summary //dezactivare sumarizare Router(config-if)#ip summary-address eigrp as-number networkaddress subnet-mask
!--- establish EIGRP manual summarization on all interfaces that send EIGRP packets

Rx(config-router)#redistribute static //propagare ruta statica & default Router(config-if)#ip bandwidth-percent eigrp as-number percent
!---used to configure the percentage of bandwidth that may be used by EIGRP on an

interface.

Configuring Hello Intervals and Hold Times Router(config-if)#ip hello-interval eigrp as-number seconds Router(config-if)#ip hold-time eigrp as-number seconds
!---The seconds value for both hello and hold time intervals can range from 1 to 65,535

Examining the metric values Rx#show interface serial 0/0/0 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255
Bandwidth metric=1544 Kbit (kilobits) or 1,544,000 bps (1.544 Mbps) T1 Usec = microsecond or 1 millionth of a second Delay is a measure of the time it takes for a packet to traverse a route. Reliability is a measure of the probability that the link will fail or how often the link has experienced errors (0=0% - 255=100%) Load (load) reflects the amount of traffic utilizing the link. (1-minimally loaded, 40/25516% capacity, 255/255-100% saturated); txload=outbound/transmit; rxload=inbound/receive.

Calculating the EIGRP metric

Loopback: BW 8000 Mbit, DLY 5000 usec FastEthernet: BW 100 Mbit, DLY 100 usec Serial: BW 1544 Kbit, DLY 20000 usec DUAL Concepts Succesor = path to a destination; neighbor; the least-cost route. Feasible distance (FD) = lowest calculated metric. Feasible succesor (FS) = router vecin care detine o alta cale catre destinatia succesorului si satisface conditia de fezibilitate. Feasibility condition (FC) = Conditia e indeplinita atunci cand RD a unui vecin catre o retea este mai mica decat FD locala catre aceeasi destinatie. Reported distance (RD) sau advertised distance = distanta fezibila (FD) a unui vecin catre aceeasi retea destinatie. By example, R1 is reporting to R2 that its feasible distance to 192.168.1.0/24 is 2172416. From R2's perspective, 2172416 is R1's reported distance. From R1's perspective, 2172416 is its feasible distance. R2 examines the reported distance (RD) of 2172416 from R1. Because the reported distance (RD) of R1 is less than R2's own feasible distance (FD) of 3014400, R1 meets the feasibility condition. R1 is now a feasible successor for R2 to the 192.168.1.0/24 network. Why isn't R1 the successor if its reported distance (RD) is less than R2's feasible distance (FD) to 192.168.1.0/24? Because the total cost for R2, its

feasible distance (FD), to reach 192.168.1.0/24 is greater through R1 than it is through R3.

Router#show ip eigrp topology Router#show ip eigrp topology [network] Router#show ip eigrp topology all-links

//topology table/database //pentru un anumit entry

!---shows all possible paths to a network including successors, feasible successors, and even those routes that are not feasible successors

The first line displays:

P - This route is in the passive state. When DUAL is not performing its diffusing computations to determine a path for a network, the route will be in a stable mode, known as the passive state. If DUAL is recalculating or searching for a new path, the route will be in an active state. All routes in the topology table should be in the passive state for a stable routing domain. DUAL will display an A if the route is "Active," which is a CCNP-level troubleshooting issue. 192.168.1.0/24 - This is the destination network that is also found in the routing table. 1 successors - This shows the number of successors for this network. If there are multiple equal cost paths to this network, there will be multiple successors. FD is 3014400 - This is the feasible distance, the EIGRP metric to reach the destination network. The first entry shows the successor: via 192.168.10.10 - This is the next-hop address of the successor, R3. This address is shown in the routing table. 3014400 - This is the feasible distance to 192.168.1.0/24. It is the metric shown in the routing table. 28160 - This is the reported distance of the successor and is R3's cost to reach this network. Serial0/0/1 - This is the outbound interface used to reach this network, also shown in the routing table. The second entry shows the feasible successor, R1 (if there is not a second entry, then there are no feasible successors): via 172.16.3.1 - This is the next-hop address of the feasible successor, R1. 41026560 - This would be R2's new feasible distance to 192.168.1.0/24 if R1 became the new successor. 2172416 - This is the reported distance of the feasible successor or R1's metric to reach this network. This value, RD, must be less than the current FD of 3014400 to meet the feasibility condition.

Serial0/0/0 - This is the outbound interface used to reach feasible successor, if this router becomes the successor.

D*EX 0.0.0.0/0 [170/3651840] via 192.168.10.6, 00:01:08, Serial0/1

D - This static route was learned from an EIGRP routing update. * - The route is a candidate for a default route. EX - The route is an external EIGRP route, in this case a static route outside of the EIGRP routing domain. 170 - This is the administrative distance of an external EIGRP route.

Authentication of EIGRP Rx(config)#key chain name-of-chain // Enables authentication of routing protocols. Rx(config-keychain)#key key -id // Identifies an authentication key on a key chain. Rx(config-keychain-key)#key-string text //Specifies the authentication string for
a key.

Rx(config-if)#ip authentication key-chain eigrp as-number key-chain Rx(config-if)#no ip authentication key-chain eigrp as-number keychain Rx(config-if)#ip authentication mode eigrp as-number md5

OSPF (Open Shortest Path First) Rx(config)#router ospf <process-id> Rx(config-router)#network <address><wildcard-mask> area <areaid> Rx(config-if)#ip ospf cost <cost_nou> Rx(config-if)#bandwidth <bandwidth_nou_Kb> Rx(config-if)#auto-cost reference-bandwidth <bandwidth_nou_Mb> Rx(config-if)# ip ospf hello-interval <time> Rx(config-if)# ip ospf dead-interval <time> Rx(config-if)#ip ospf priority <prioritate> Rx(config-router)#router-id <router-id> Rx#clear ip ospf processes Rx(config-router)#default-information originate Rx(config-router)#default-information originate always Rx(config-router)#area 1 range 10.0.0.0 255.255.252.0 //ruta sumarizata Rx#show ip ospf //router id, timere, statistici Rx#show ip ospf neighbors //verificarea adiacentelor ospf Rx#show ip ospf interface fa0/0 //verificare configurare interfata Rx#show ip route ospf //afiseaza rutele ospf Rx#show ip protocols //afiseaza info despre toate protocoalele de rutare active

Authentication of OSPF Rx(config-if)#ip ospf authentication null //nula Rx(config-if)#ip ospf authentication-key key //The Key value is set as key. It is the password that is sent across the network. Rx(config-router)#area 0 authentication //Plain text authentication is enabled for all interfaces in Area 0. MD5 Authentication of OSPF Rx(config-if)#ip ospf message-digest-key 1 md5 text
!--- Message digest key with ID "1" and Key (password) value is set as "text".

Rx(config-router)#area 0 authentication message-digest

!--- MD5 authentication is enabled for all interfaces in Area 0.