"Table of Contents • Index • Reviews • Reader Reviews • Errata • Cisco IOS in a Nutshell By James Boney Publisher: Pub Date: ISBN: Pages: Slots: O'Reilly December 2001 1-56592-942-X 606 1
This two-part reference covers IOS configuration for the TCP/IP protocol family. The first part includes chapters on the user interface, configuring lines and interfaces, access lists, routing protocols, and dial-on-demand routing and security. The second part is a classic O'Reilly-style quick reference to all the commands you need to work with TCP/IP and the lower-level protocols on which it relies, with lots of examples of the most common configuration steps for the routers themselves.
�Table of Contents • Index • Reviews • Reader Reviews • Errata • Cisco IOS in a Nutshell By James Boney Publisher: Pub Date: ISBN: Pages: Slots: O'Reilly December 2001 1-56592-942-X 606 1
Copyright Preface Organization Conventions We'd Like to Hear from You Acknowledgments Chapter 1. Getting Started Section 1.1. Introduction Section 1.2. IOS User Modes Section 1.3. Command-Line Completion Section 1.4. Get to Know the Question Mark Section 1.5. Command-Line Editing Keys Section 1.6. Pausing Output Section 1.7. show Commands Chapter 2. IOS Images and Configuration Files Section 2.1. IOS Images Section 2.2. Using the IOS Filesystem for Images Section 2.3. The Router's Configuration Section 2.4. Loading Configuration Files Chapter 3. Basic Router Configuration Section 3.1. Configuration Soapbox Section 3.2. Setting the Router Name Section 3.3. Setting the System Prompt Section 3.4. Configuration Comments Section 3.5. The Enable Password Section 3.6. Mapping Hostnames to IP Addresses Section 3.7. Setting the Router's Time
�Section 3.8. Enabling SNMP Section 3.9. Cisco Discovery Protocol Section 3.10. System Banners Chapter 4. Line Commands Section 4.1. What Is a Line? Section 4.2. The line Command Section 4.3. The Console Port Section 4.4. Virtual Terminals (VTYs) Section 4.5. Asynchronous Ports (TTYs) Section 4.6. The Auxiliary (AUX) Port Section 4.7. show line Chapter 5. Interface Commands Section 5.1. Naming and Numbering Interfaces Section 5.2. Basic Interface Configuration Commands Section 5.3. The Loopback Interface Section 5.4. The Null Interface Section 5.5. Ethernet and Fast Ethernet Interfaces Section 5.6. Token Ring Interfaces Section 5.7. ISDN Interfaces Section 5.8. Serial Interfaces Section 5.9. Asynchronous Interfaces Section 5.10. Interface show Commands Chapter 6. Frame Relay and ATM Section 6.1. Frame Relay Section 6.2. ATM Chapter 7. Lists and Queues Section 7.1. Access Lists Section 7.2. Specific Topics Section 7.3. Managing Priorities with Queues Chapter 8. IP Routing Topics Section 8.1. Routing Protocol Topics Section 8.2. Static Routes Section 8.3. Split Horizon Section 8.4. Passive Interfaces Section 8.5. Fast Switching and Process Switching Chapter 9. Interior Routing Protocols Section 9.1. RIP Section 9.2. IGRP Section 9.3. EIGRP Section 9.4. OSPF Chapter 10. Border Gateway Protocol Section 10.1. Introduction to BGP Section 10.2. A Simple BGP Configuration Section 10.3. Route Filtering Section 10.4. An Advanced BGP Configuration Section 10.5. Neighbor Authentication Section 10.6. Peer Groups Section 10.7. Route Reflectors
�Section 10.8. BGP Confederacies Chapter 11. Dial-on-Demand Routing Section 11.1. Configuring a Simple DDR Connection Section 11.2. Sample Legacy DDR Configurations Section 11.3. Dialer Interfaces (Dialer Profiles) Section 11.4. Multilink PPP Section 11.5. Snapshot DDR Chapter 12. Special Topics Section 12.1. Bridging Section 12.2. Hot Standby Routing Protocol (HSRP) Section 12.3. Network Address Translation (NAT) Section 12.4. Tunnels Section 12.5. Encrypted Tunnels Chapter 13. Router Security Section 13.1. The enable Password Section 13.2. Features to Disable on Your Gateway Routers Section 13.3. Use a Warning Banner Section 13.4. Protect VTYs with an Access List Chapter 14. Troubleshooting and Logging Section 14.1. ping Section 14.2. trace Section 14.3. Debugging Section 14.4. Logging Chapter 15a. Quick Reference A-H aaa accounting aaa authentication enable default aaa authentication local-override aaa authentication login aaa authentication password-prompt aaa authentication ppp aaa authentication username-prompt aaa authorization aaa authorization config-commands aaa authorization reverse-access aaa new-model absolute-timeout access-class access-enable access-list access-list rate-limit access-template activation-character aggregate-address alias area authentication area default-cost area nssa area-password
�area range area stub area virtual-link arp arp arp timeout async-bootp async default ip address async default routing async dynamic address async dynamic routing async mode atm address atm arp-server atm esi-address atm lecs-address atm lecs-address-default atm nsap-address atm pvc atm-vc autobaud autocommand autodetect encapsulation autohangup autoselect auto-summary backup bandwidth banner exec banner incoming banner login banner motd bgp always-compare-med bgp bestpath as-path ignore bgp bestpath med-confed bgp bestpath missing-as-worst bgp client-to-client reflection bgp cluster-id bgp confederation identifier bgp confederation peers bgp dampening bgp default local-preference bgp deterministic med bgp fast-external-fallover bgp log-neighbor-changes bgp-policy bridge acquire bridge address
�bridge cmf bridge crb bridge forward-time bridge-group bridge-group aging-time bridge-group circuit-group bridge-group input-address-list bridge-group input-lsap-list bridge-group input-pattern bridge-group input-type-list bridge-group output-address-list bridge-group output-lsap-list bridge-group output-pattern bridge-group output-type-list bridge-group path-cost bridge-group priority bridge-group spanning-disabled bridge hello-time bridge irb bridge max-age bridge multicast-source bridge priority bridge protocol bridge route busy-message calendar set callback forced-wait cd cdp advertise-v2 cdp enable cdp holdtime cdp run cdp timer channel-group channel-group chat-script class clear client-atm-address name clock calendar-valid clock rate clock read-calendar clock set clock summer-time clock timezone clock update-calendar compress config-register
�configure controller copy crc custom-queue-list databits data-character-bits dce-terminal-timing enable debug default-information default-information originate default-metric default-name delay delete description dialer aaa dialer callback-secure dialer callback-server dialer caller dialer dtr dialer enable-timeout dialer fast-idle dialer-group dialer hold-queue dialer idle-timeout dialer in-band dialer isdn dialer-list dialer load-threshold dialer map dialer map snapshot dialer max-link dialer pool dialer pool-member dialer priority dialer remote-name dialer rotary-group dialer rotor dialer string dialer wait-for-carrier-time dialer watch-disable dialer watch-group dialer watch-list dir disable disconnect disconnect-character
�dispatch-character distance distance bgp distance eigrp distribute-list in distribute-list out domain-password downward-compatible-config down-when-looped dte-invert-txc early-token-release editing eigrp log-neighbor-changes enable enable last-resort enable password enable secret enable use-tacacs encapsulation end erase escape-character exception core-file exception dump exception memory exception protocol exception spurious-interrupt exec exec-timeout exit fair-queue fair-queue aggregate-limit fair-queue individual-limit fair-queue limit fair-queue qos-group fair-queue tos fair-queue weight fddi burst-count fddi c-min fddi cmt-signal-bits fddi duplicate-address-check fddi encapsulate fddi frames-per-token fddi smt-frames fddi tb-min fddi tl-min-time fddi token-rotation-time fddi t-out
�fddi valid-transmission-time flowcontrol format frame-relay adaptive-shaping frame-relay [ bc | be] frame-relay becn-response-enable frame-relay broadcast-queue frame-relay cir frame-relay class frame-relay custom-queue-list frame-relay de-group frame-relay de-list frame-relay idle-timer frame-relay interface-dlci frame-relay intf-type frame-relay inverse-arp frame-relay ip rtp header-compression frame-relay ip tcp header-compression frame-relay lmi-type frame-relay local-dlci frame-relay map frame-relay map bridge frame-relay map clns frame-relay map ip compress frame-relay map ip rtp header-compression frame-relay map ip tcp header-compression frame-relay mincir frame-relay multicast-dlci frame-relay payload-compress packet-by-packet frame-relay priority-dlci-group frame-relay priority-group frame-relay route frame-relay svc frame-relay switching frame-relay traffic-rate frame-relay traffic-shaping fsck ftp-server enable ftp-server topdir full-duplex full-help group-range half-duplex half-duplex controlled-carrier help history hold-character hold-queue
�hostname hssi external-loop-request hssi internal-clock hub Chapter 15b. Quick Reference I-M ignore-dcd interface interface bvi interface dialer interface group-async ip access-group ip access-list ip accounting ip accounting-list ip accounting-threshold ip accounting-transits ip address ip address negotiated ip address-pool ip alias ip as-path access-list ip authentication ip bandwidth-percent eigrp ip bgp-community new-format ip bootp server ip broadcast-address ip cef ip cef traffic-statistics ip classless ip community-list ip default-gateway ip default-network ip dhcp-server ip directed-broadcast ip domain-list ip domain-lookup ip domain-name ip dvmrp accept-filter ip dvmrp auto-summary ip dvmrp default-information ip dvmrp metric ip dvmrp metric-offset ip dvmrp output-report-delay ip dvmrp reject-non-pruners ip dvmrp routehog-notification ip dvmrp route-limit ip dvmrp summary-address ip dvmrp unicast-routing
�ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip
forward-protocol ftp passive ftp password ftp source-interface ftp username hello-interval eigrp helper-address hold-time eigrp host http identd igmp access-group igmp helper-address igmp join-group igmp query-interval igmp query-max-response-time igmp query-timeout igmp static-group igmp version irdp load-sharing local policy route-map local pool mask-reply mroute mroute-cache mtu multicast boundary multicast cache-headers multicast helper-map multicast rate-limit multicast-routing multicast ttl-threshold name-server nat nat inside destination nat inside source nat outside source nat pool nat translation netmask-format nhrp authentication nhrp holdtime nhrp interest nhrp map nhrp map multicast nhrp max-send nhrp network-id
�ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip
nhrp nhs nhrp record nhrp responder nhrp server-only nhrp trigger-svc nhrp use ospf authentication ospf authentication-key ospf cost ospf dead-interval ospf demand-circuit ospf hello-interval ospf message-digest-key ospf name-lookup ospf network ospf priority ospf retransmit-interval ospf transmit-delay pim pim accept-rp pim message-interval pim minimum-vc-rate pim multipoint-signalling pim nbma-mode pim neighbor-filter pim query-interval pim rp-address pim rp-announce-filter pim send-rp-announce pim send-rp-discovery pim vc-count pim version policy route-map proxy-arp rarp-server rcmd rcp-enable rcmd remote-host rcmd remote-username rcmd rsh-enable redirects rip authentication rip receive version rip send version route route-cache router isis routing source-route
�ip split-horizon ip subnet-zero ip summary-address eigrp ip tcp chunk-size ip tcp compression-connections ip tcp header-compression ip tcp mtu-path-discovery ip tcp queuemax ip tcp synwait-time ip tcp window-size ip telnet source-interface ip tftp source-interface ip unnumbered ip unreachables isdn answer1, isdn answer2 isdn autodetect isdn bchan-number-order isdn busy isdn caller isdn call interface isdn calling-number isdn conference-code isdn disconnect interface isdn fast-rollover-delay isdn incoming-voice isdn leased-line bri 128 isdn not-end-to-end isdn nsf-service isdn outgoing-voice isdn overlap-receiving isdn send-alerting isdn sending-complete isdn service isdn spid1 (spid2) isdn switch-type isdn tei isdn tei-negotiation isdn transfer-code isdn twait-disable isdn voice-priority isis circuit-type isis csnp-interval isis hello-interval isis hello-multiplier isis lsp-interval isis metric isis password isis priority
�isis retransmit-interval isis retransmit-throttle-interval is-type keepalive key key chain key config-key key-string lane auto-config-atm-address lane bus-atm-address lane client lane client-atm-address lane config-atm-address lane config database lane database lane fixed-config-atm-address lane global-lecs-address lane le-arp lane server-atm-address lane server-bus line linecode link-test location logging logging buffered logging console logging facility logging history logging history size logging monitor logging on logging source-interface logging synchronous logging trap login login authentication logout-warning loopback map-class dialer map-class frame-relay map-group map-list match as-path match community-list match interface match ip address match ip next-hop
�match ip route-source match length match metric match route-type match tag maximum-paths metric holddown metric maximum-hops metric weights media-type member menu menu command menu text menu title mkdir modem motd-banner mrinfo mstat mtrace mtu Chapter 15c. Quick Reference N-Z name elan-id name local-seg-id name preempt name server-atm-address neighbor neighbor advertisement-interval neighbor database-filter neighbor default-originate neighbor description neighbor distribute-list neighbor filter-list neighbor maximum-prefix neighbor next-hop-self neighbor password neighbor peer-group neighbor prefix-list neighbor remote-as neighbor route-map neighbor route-reflector-client neighbor send-community neighbor shutdown neighbor soft-reconfiguration inbound neighbor timers neighbor update-source neighbor version
�neighbor weight net network network backdoor network weight nrzi-encoding ntp access-group ntp authenticate ntp authentication-key ntp broadcast ntp broadcast client ntp broadcastdelay ntp disable ntp master ntp peer ntp server ntp source ntp trusted-key ntp update-calendar offset-list ospf auto-cost reference-bandwidth ospf log-adj-changes output-delay padding parity passive-interface password peer default ip address peer neighbor-route physical-layer ping ppp ppp authentication ppp bridge ip ppp chap ppp compress ppp multilink ppp quality ppp reliable-link ppp use-tacacs priority-group priority-list privilege level (line) privilege level (global) prompt pulse-time pvc queue-list
�radius-server redistribute refuse-message reload rename ring-speed rlogin rmdir route-map router rsh rxspeed send service service compress-config service linenumber service-module 56k service-module t1 service timestamps session-limit session-timeout set as-path set automatic-tag set community set default interface set interface set ip default next-hop set ip precedence set ip next-hop set level set local-preference set metric set metric-type set metric-type internal set origin set-overload-bit set tag setup set weight show shutdown smt-queue-threshold snapshot snmp-server snmp-server chassis-id snmp-server community snmp-server contact snmp-server enable traps
�snmp-server engine-id snmp-server group snmp-server host snmp-server location snmp-server packetsize snmp-server queue-length snmp-server system-shutdown snmp-server tftp-server-list snmp-server trap-source snmp-server trap-timeout snmp-server user snmp-server view snmp trap link-status source-address speed squeeze squelch sscop cc-timer sscop keepalive-timer sscop max-cc sscop poll-timer sscop rcv-window sscop send-window standby authentication standby ip standby preempt standby priority standby timers standby track stopbits summary-address synchronization table-map tacacs-server attempts tacacs-server authenticate tacacs-server directed-request tacacs-server extended tacacs-server host tacacs-server key tacacs-server last-resort tacacs-server notify tacacs-server optional-passwords tacacs-server retransmit tacacs-server timeout terminal editing terminal escape-character terminal history terminal length
�terminal monitor tftp-server timers basic timers bgp timers spf trace traffic-shape adaptive traffic-shape group traffic-shape rate traffic-share transport tunnel checksum tunnel destination tunnel key tunnel mode tunnel sequence-datagrams tunnel source txspeed undebug undelete username vacant-message validate-update-source variance verify version vty-async vty-async dynamic-routing vty-async header-compression vty-async keepalive vty-async mtu vty-async ppp authentication vty-async ppp use-tacacs width write Colophon Index
�Copyright © 2001 O'Reilly & Associates, Inc. All rights reserved. Printed in the United States of America. Published by O'Reilly & Associates, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O'Reilly & Associates books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://safari.oreilly.com). For more information contact our corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com. Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'Reilly & Associates, Inc. The association of the image of a donkey and the topic of Cisco IOS is a trademark of O'Reilly & Associates, Inc. Cisco IOS and and all Cisco-based trademarks are registered trademarks of Cisco Systems, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O'Reilly & Associates, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
�Preface
This is a book for everybody who has to deal with Cisco's routers. As you well know, Cisco Systems has created an extremely diverse line of routers and other network products. One unifying thread runs through the product line: virtually all of Cisco's products run the Internetwork Operating System (IOS). This is both a great advantage and a great disadvantage. On the one hand, when you're familiar with one Cisco router, you're reasonably familiar with them all. Someone using a small ISDN router in a home office could look at a configuration file for a high-end router at an ISP and not be lost. He might not understand how to configure the more esoteric routing protocols or high-speed network interfaces, but he'd be looking at a language that was recognizably the same. On the other hand, this uniformity means that just about everything has been crammed into IOS at one time or another. IOS is massive—there's no other way to say it. And it has evolved over many years. The command-line interface isn't graceful, and is often non-uniform: many commands don't do what you think they should, and the same command verbs can mean completely different things in different contexts. This inconsistency is probably a natural result of evolution at an extremely large company with an extremely large number of developers, but it doesn't make life any easier. So, where do you find out what commands you need to know? There's the almost mythical "green wall" of Cisco documentation, but it's difficult to find what you need in tens of thousands of pages. Of course, even getting to Cisco's online documentation may be impossible if your router doesn't work. And the volume of documentation ..."
|
You need to upgrade your Flash Player , or try to enable javascript in order see this document properly.
|
|
Comments
