Section 1.4: The Cisco IOS Software

Cisco routers run the Cisco Internetworking Operating System (IOS) with a command-line interface (CLI). The IOS also runs on some Cisco switch models, and it uses CLI. However, in some cases, the IOS CLI on a switch is slightly different than on a router. Furthermore, the IOS on the 1900 series switches is slightly different than on some other Cisco IOS-based switches.

1.4.1: The Cisco IOS Software Command-Line Interface

The majority of Cisco routers run Cisco IOS Software with the command-line interface (CLI). The CLI is used to interface with the device and send commands to the device. This is achieved through the use of a terminal, a terminal emulator, or a Telnet connection. Some routing cards, such as the Multilayer Switch Feature Card (MSFC) daughter card for the Catalyst 6000 series LAN switches, also run Cisco IOS Software. Understanding the Cisco IOS Software CLI is as fundamental to supporting routers.

There are three ways in which you can access the CLI: you access the router through the console; through a dialup device through a modem attached to the auxiliary port; or by using a Telnet connection. Which ever method you use, you enter user exec mode first. User exec mode is one of three command exec modes in the IOS user interface. Enable mode, also known as privileged mode or Privileged exec mode, and command mode are the others. Enable mode is so named because the enable command is used to reach this mode. User mode allows commands that are not disruptive to be issued, with some information being displayed to the user. Privileged mode supports a superset of commands compared to user mode. However, none of the commands in user mode or privileged mode changes the configuration of the router.

Passwords are required for Telnet and auxiliary access as of Cisco IOS Release 12.x and later. However, there are no preconfigured passwords; therefore, you must configure passwords for Telnet and auxiliary access from the console first.

All Cisco routers have a console port, and most have an auxiliary port. The console port is intended for local administrative access from an ASCII terminal or a computer using a terminal emulator. The auxiliary port is intended for asynchronous dial access from an ASCII terminal or terminal emulator; the auxiliary port is often used for dial backup. The CLI Help Features

Typing ? in the console displays help for all commands supported by the CLI mode. In other words, the information supplied by using help depends on the CLI mode. If ? is typed in user mode, the commands allowed only in privileged exec mode are not displayed. Also, help is available in configuration mode; only configuration commands are displayed in that mode of operation. IOS stores the commands that you type in a history buffer. The last ten commands are stored by default. You can change the history size with the terminal history size size command, where size is the number of IOS commands for the CLI to store; this can be set to a value between 0 and 256. You can then retrieve commands so that you do not have to retype the commands. Syslog Messages and the debug Command

IOS creates messages, which are called syslog messages, when different events occur and, by default, sends them to the console. The router also generates messages that are treated like syslog messages in response to some troubleshooting tasks that you might perform. The debug command is one of the key diagnostic tools for troubleshooting problems on a Cisco router. It enables monitoring points in the IOS and generates messages that describe what the IOS is doing and seeing. When any debug command option is enabled, the router processes the messages with the same logic as other syslog messages.

The console port always receives syslog messages; however, when you Telnet to the router no syslog messages are seen unless you issue the terminal monitor command. Another alternative for viewing syslog messages is to have the IOS record the syslog messages in a buffer in RAM and then use the show logging command to display the messages. For Telnet users, having the messages buffered using the global config command logging buffered is particularly useful. Finally, the logging synchronous line-configuration subcommand can be used for the console and vtys to tell the router to wait until the last command output is displayed before showing any syslog messages onscreen.

Syslog messages also can be sent to another device. Two alternatives exist: sending the messages to a syslog server, and sending the messages as SNMP traps to a management station. The logging host command, where host is the IP address or host name of the syslog server, is used to enable sending messages to the external server. After SNMP is configured, the snmp-server enable traps command tells the IOS to forward traps, including syslog messages.

1.4.2: Configuring Cisco IOS Software

Configuration mode is one of the modes for the Cisco CLI. It is similar to user mode and privileged mode. User mode allows commands that are not disruptive to be issued, with some information being displayed to the user. Privileged mode supports a superset of commands compared to user mode. However, none of the commands in user or privileged mode changes the configuration of the router. Configuration mode is another mode in which configuration commands are typed.

Commands typed in configuration mode update the active configuration file. These changes to the configuration occur immediately each time you press the Enter key at the end of a command. Configuration mode itself contains a multitude of subcommand modes. The type of command you enter moves you from one configuration subcommand mode to which ever subcommand mode is appropriate. For example, the interface command, which is the most commonly used configuration command, would move you to interface configuration mode.

Generally, when multiple instances of a parameter can be set on a single router, the command used to set the parameter is likely a configuration subcommand. Items that are set once for the entire router are likely global commands. For example, the hostname command is a global command because there is only one host name per router.

You can use CTRL + Z from any part of configuration mode, or use the exit command from global configuration mode, to exit configuration mode and return to privileged exec mode. The configuration mode end command also exits from any point in the configuration mode back to privileged exec mode. The exit commands from subcommand modes back up one level toward global configuration mode. Managing Configuration Files

Your configuration commands, as well as some default configuration commands are stored in the configuration file. No hard disk or diskette storage exists on Cisco routers therefore; the configuration file is stored in memory. The configuration files can also be stored as ASCII text files anywhere exterior to the router using TFTP or FTP. Cisco routers support a number of types of memory. This includes:

  • RAM, which is sometimes called DRAM for dynamic random-access memory, is used by the router in the same way it is used by any other computer: for storing data being used by the processor. The active configuration file, running-config, which is the configuration file that the router uses during operation, is stored in RAM.
  • ROM, or read-only memory, stores a bootable IOS image, which is not typically used for normal operation. It contains the code that is used to boot the router and allows the router to access the IOS image.
  • Flash memory, which can be either an EEPROM or a PCMCIA card, stores fully functional IOS images and is the default location where the router accesses its IOS at boot time. Flash memory also can be used to store configuration files on some Cisco routers.
  • NVRAM, which is nonvolatile RAM, stores the initial or startup configuration file, startup-config.

All these types of memory, except RAM, are permanent memory.

When the router first comes up, the router copies the stored configuration file from NVRAM into RAM, so the active and startup configuration files are identical at that point. The show running-config and show startup-config commands are used to verify the active and startup configuration files respectively. You can use the copy running-config startup-config command to overwrite the current startup configuration file with the current active configuration file. The copy command can be used to copy files in a router, most typically a configuration file, or a new version of the IOS Software. The most basic method for moving configuration files in and out of a router is by using a TFTP server. The copy command is used to copy configuration files among RAM, NVRAM, and a TFTP server. The syntax for copy command used to copy configuration files among RAM, NVRAM, and a TFTP server specifies the source location and the destination of the configuration file as in:

copy source destination

The source and the destination parameters can be running-config, startup-config, or tftp for RAM, NVRAM, and a TFTP server respectively. However, the source and the destination parameters cannot be the same. Thus, the following syntax copies the configuration from RAM to NVRAM, overwriting the current startup configuration file with the active configuration file:

copy running-config startup-config

The copy command does not always replace the existing file that it is copying. Any copy command option moving a file into NVRAM or a TFTP server replaces the existing file, however, any copy into RAM works by adding the commands to the active configuration file. Thus, if you change the active configuration file and then want to revert to the startup configuration file, you must use the reload command, which reboots the router.

Two commands can be used to erase the contents of NVRAM. These are the write erase command, which is the older command, and the erase startup-config command, which is the newer command. Upgrading Cisco IOS Software

Typically, a router has one IOS image and that is the IOS that is used. This IOS image is typically stored in Flash memory, which is a rewriteable, permanent form of storage. The IOS image can also be placed on an external TFTP server, but this is typically done for testing. In the IOS upgrade process you first must obtain the IOS image from Cisco. Then you must place the IOS image into the default directory of a TFTP server. Finally, you must use the copy tftp flash command from the router to copy the files into Flash memory. During this process, the router will need to discover the IP address or host name of the TFTP server; the name of the file; the space available in Flash memory for this file; and whether you want to erase the old files. The router will prompt you for answers, as necessary. Afterward, the router erases Flash memory as needed, copies the file, and then verifies that the checksum for the file shows that no errors occurred in transmission. The show flash command then can be used to verify the contents of Flash memory. Before the new IOS is used, however, the router must be reloaded. The Cisco IOS Software Boot Sequence

The basic boot sequence for a Cisco router is:

Step 1: The router performs a power-on self-test (POST) to discover and verify the hardware.

Step 2: The router loads and runs bootstrap code from ROM.

Step 3: The router finds the IOS or other software and loads it.

Step 4: The router finds the configuration file and loads it into running config.

All routers attempt all four steps each time that the router is powered on or reloaded. The POST code and functions cannot be changed by the router administrator. The location of the bootstrap code, the IOS to load, and the configuration file can be changed by the administrator-but you almost always use the default location for the bootstrap code (ROM) and for the initial configuration (NVRAM). So, the location of IOS or other software is the only part that typically is changed.

Three categories of operating systems can be loaded into the router:

  • The full-function IOS image, which is typically located in Flash memory but can also be located on a TFTP server. This is the normal, full-feature IOS used in production;
  • A limited-function IOS that resides in ROM; and provides basic IP connectivity when Flash memory is faulty and you need IP connectivity to copy a new IOS into Flash memory. This limited-function IOS is called RXBOOT mode.
  • A different non-IOS operating system that is also stored in ROM. This operating system, called ROM Monitor (ROMMON) mode, is used for low-level debugging and for password recovery. Unless you are performing password recovery, you would seldom use ROMMON mode.

The configuration register tells the router whether to use a full-featured IOS, ROMMON, RXBOOT mode. The configuration register is a 16-bit software register in the router, and its value is set using the config-register global configuration command. The boot field is the name of the low-order 4 bits of the configuration register. This field can be considered a 4-bit value, represented as a single hexadecimal digit. If the boot field is hex 0, ROMMON is loaded. If the boot field is hex 1, RXBOOT mode is used. For anything else, it loads a full-featured IOS.

The second method used to determine where the router tries to obtain an IOS image is through the use of the boot system configuration command. If the configuration register calls for a full-featured IOS, the router reads the configuration file for boot system commands.

If there are no boot system commands, the router takes the default action, which is to load the first file in Flash memory. Table 1.7 lists the configuration register and the boot system command.

Table 1.7: The boot system Commands

Boot Filed Value Function
0x0 Loads ROMMON and ignores boot system commands.
0x1 Loads IOS from ROM and ignores boot system commands. This is also known as RXBOOT mode.
0x2-0xF If used with the no boot command, the first IOS file in Flash memory is loaded; if that fails, the router broadcasts looking for an IOS on a TFTP server. If that fails, IOS from ROM is loaded.
0x2-0xF If used with the boot system ROM command, IOS from ROM is loaded.
0x2-0xF If used with the boot system flash command, the first file from Flash memory is loaded.
0x2-0xF If used with the boot system flash file_name command, IOS with the specified file_name is loaded from Flash memory.
0x2-0xF If used with the boot system tftp file_name command, IOS with the specified file_name is loaded from the TFTP server.
0x2-0xF If used with multiple boot system commands, an attempt occurs to load IOS based on the first boot command in configuration. If that fails, the second boot command is used, etc., until an IOS is loaded successfully.