Module 5 – Managing Cisco IOS Software Overview • Identify the stages of the router boot sequence • Determine how a Cisco device locates and loads the Cisco IOS • Identify the configura
Trang 1Module 5 – Managing Cisco
IOS Software
Overview
• Identify the stages of the router boot sequence
• Determine how a Cisco device locates and loads the Cisco IOS
• Identify the configuration register values
• Briefly describe the files used by the Cisco IOS and their functions
• List the locations on the router of the different file types
• Briefly describe the parts of the IOS name
• Save and restore configuration files using TFTP and copy-and-paste
• Verify the file system using show commands
Trang 2NIIT-ICT Hanoi info@niithanoi.vn 3
Stages of the router power-on boot sequence
• Test the router hardware.
• Find and load the Cisco IOS software
• Find and apply configuration statements, including protocol
functions and interface addresses.
1 ROM
1 POST
2 Bootstrap code executed
3 Check Configuration Register value (NVRAM)
Forth Hex : 0 = ROM Monitor mode
1 = ROM IOS
2 - 15 = startup-config in NVRAM
2 Check for IOS boot system commands in startup-config file (NVRAM)
If boot system commands in startup-config
a Run boot system commands in order they appear in startup-config to locate the IOS
b If boot system commands fail, use default fallback sequence to locate the IOS (Flash, TFTP, ROM)
3 Locate and load IOS, Default fallback sequence: No IOS boot system commands in startup-config
a Flash (sequential)
b TFTP server (netboot) - The router uses the configuration register value to form a filename from
which to boot a default system image stored on a network server.
c ROM (partial IOS) or keep retrying TFTP depending upon router model
- If no IOS located, get partial IOS version from ROM
4 Locate and load startup-config
a If startup-config found, copy to running-config
b If startup-config not found, prompt for setup-mode
Router Boot Process – At a Glance
1, 2
3
4
Trang 3NIIT-ICT Hanoi info@niithanoi.vn 5
2 Check for IOS boot system commands in
startup-config file (NVRAM)
Configuration register
Check Configuration Register value (NVRAM)
0 = ROM Monitor mode
1 = ROM IOS
2 - 15 = startup-config in NVRAM
• The order in which the router looks for system bootstrap information
depends on the boot field setting in the configuration register.
• The configuration register is a 16-bit register in NVRAM
• To ensure that the upper 12 bits are not changed, first retrieve the
current values of the configuration register using the show version
command
of the last hexadecimal digit
Trang 4NIIT-ICT Hanoi info@niithanoi.vn 7
Showing the configuration register
Gateway-Router>show version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-DO3S-M), Version 12.0(5)T1, RELEASE SOFTWARE (fc
1)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Tue 17-Aug-99 13:18 by cmong
Image text-base: 0x80008088, data-base: 0x80CB67B0
ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
NoSmo-Gateway uptime is 5 weeks, 3 days, 20 hours, 33 minutes
System returned to ROM by power-on
System restarted at 13:30:22 PST Thu Mar 7 2002
System image file is "flash:c2600-do3s-mz.120-5.T1"
cisco 2621 (MPC860) processor (revision 0x102) with 39936K/9216K bytes of memory
.
Processor board ID JAB03520113 (2485375272)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
2 FastEthernet/IEEE 802.3 interface(s)
4 Serial(sync/async) network interface(s)
32K bytes of non-volatile configuration memory.
More—
Configuration register is 0x2102
Gateway-Router>
IOS source
configuration register
Modifying the configuration register
To change the boot field in the configuration register, follow these guidelines:
• To enter the ROM monitor mode, set the configuration register value to
0xnnn0, where nnn represents the previous value of the non-boot field
digits This value sets the boot field bits to 0000 binary From ROM
monitor, boot the operating system manually by using the b command at
the ROM monitor prompt
• To configure the system to boot automatically from ROM, set the
configuration register to 0xnnn1, where nnn represents the previous value
of the non-boot field digits This value sets the boot field bits to 0001
binary
• To configure the system to use the boot system commands in NVRAM,
set the configuration register to any value from 0xnnn2 to 0xnnnF, where
nnn represents the previous value of the non-boot field digits These values
set the boot field bits to a value between 0010 and 1111 binary Using boot
system commands in NVRAM is the default
Trang 5NIIT-ICT Hanoi info@niithanoi.vn 9
IOS file system overview
RAM
IOS (running)
running-config startup-config IOS ios
• Routers and switches depend on software for their operation
• The two types of software required are operating systems and configuration
– The operating system used in almost all Cisco devices is the Cisco
Internetwork Operating System (IOS).
– The software a router or switch uses is referred to as the configuration
file or the config, running-config and startup-config
Cisco IOS File System (IFS)
• Beginning with version 12.0 of the IOS, a single interface to all the file systems
that a router uses is provided, Cisco IOS File System (IFS).
• The IFS provides a single method to perform all the file system management
that a router uses, including
– the flash memory file systems,
– the network file systems (TFTP, rcp, and FTP)
– reading or writing data (such as NVRAM, the running configuration, ROM)
RAM
IOS (running)
running-config startup-config IOS ios
Trang 6NIIT-ICT Hanoi info@niithanoi.vn 11
Preparing for TFTP
Be sure you can
communicate with the TFTP server
Know the name
of the IOS file you are going
to copy from on the router
Cisco Traditional Copy Commands
RAM
IOS (running)
running-config
startup-config IOS ios
copy tftp running-config
copy tftp startup-config
copy running-config tftp
copy startup-config tftp
copy from-file to-file
copy flash tftp copy tftp flash
Trang 7NIIT-ICT Hanoi info@niithanoi.vn 13
IOS naming conventions
Examples of feature-set categories are:
• Basic – A basic feature set for the hardware platform, for example IP and IP/FW
• Plus – A basic feature set plus additional features such as IP Plus, IP/FW Plus, and Enterprise Plus
• Encryption – The addition of the 56-bit data encryption feature sets, such as Plus 56, to either a
basic or plus feature set Examples include IP/ATM PLUS IPSEC 56 or Enterprise Plus 56 From
Cisco IOS Release 12.2 onwards, the encryption designators are k8/k9:
• k8 – Less than or equal to 64-bit encryption in IOS version 12.2 and up
• k9 – Greater than 64-bit encryption (on 12.2 and up)
A relocatable image is copied from flash into RAM to run A non-relocatable image is run directly from flash
Example
Trang 8NIIT-ICT Hanoi info@niithanoi.vn 15
Managing configuration files using TFTP
Managing configuration files using copy
and paste
Perform the following to capture the configuration using the text displayed on the HyperTerminal screen to a text file:
1. Select Transfer
2. Select Capture Text
3. Specify the name for the text file to capture the configuration
4. Select Start to start capturing text
5. Display the configuration to the
screen by entering show running-config
6. Press the space bar when each
"-More -" prompt appears
7. When the complete configuration has been displayed, stop the capture by:
8. Select Transfer
9. Select Capture Text
10.
Trang 9NIIT-ICT Hanoi info@niithanoi.vn 17
Managing IOS images using TFTP
Restoring the IOS image from Flash
• If the IOS image in flash has been erased or corrupted, the IOS may
need to be restored from the ROM monitor mode (ROMmon)
1 ROM
1 POST
2 Bootstrap code executed
3 Check Configuration Register value (NVRAM)
0 = ROM Monitor mode
1 = ROM IOS
2 - 15 = startup-config in NVRAM
• In many of the Cisco hardware architectures, the ROMmon mode is
identified from the rommon 1 > prompt.
• The flash should be examined with the rommon 1 > dir flash:
command.
• If an image is located that appears to be valid, an attempt should be
made to boot from that image
rommon 1>boot flash:c2600-is-mz.121-5
Trang 10NIIT-ICT Hanoi info@niithanoi.vn 19
Restoring the IOS image from Flash
RAM IOS (running)
running-config
startup-config IOS ios
• If the router properly boots, determine why the router booted to the ROMmon
instead of using IOS from flash
– show version- to check the configuration register to ensure that it is
configured for the default boot sequence
– show startup-config- to see if there is a boot system command
instructing the router to use the IOS for ROM monitor
• If the router will not properly boot from the image or there is no IOS image, a
new IOS will need to be downloaded
– The IOS file may be recovered using either:
• Xmodem to restore the image through the console
• Downloading the image using TFTP from the ROMmon mode.
Download using Xmodem from ROMmon
• Optional – Modifying the console baud rate to speed-up upload.
• Requires rebooting of the router and the terminal session (at 9600)
should be terminated and a new session started at 115200 bps to
match the console speed.
console
Trang 11NIIT-ICT Hanoi info@niithanoi.vn 21
Download using Xmodem from ROMmon
restore the IOS software image from the PC
• The -c instructs the Xmodem process to use Cyclic Redundancy
Check (CRC) for error checking during the download.
console
Download using Xmodem from ROMmon
• The router will prompt not to begin the transfer and present a warning message
• The warning message informs that the bootflash will be erased and asks to
confirm continuing
• Now the Xmodem transfer needs to be started from the terminal emulator
• In HyperTerminal, select Transfer > Send File
• Then in the Send File popup specify the image name/location, select Xmodem
as the protocol, and start the transfer
console
Trang 12NIIT-ICT Hanoi info@niithanoi.vn 23
Download using Xmodem from ROMmon
• Once the transfer is complete a message appears that flash is being erased
• This is followed by the “Download Complete!” message
• Before restarting the router, the console speed needs to be set back to 9600
and the config register back to 0x2102
• Enter the command config-register 0x2102 at the privileged EXEC
prompt
• While the router is rebooting, the 115200 bps terminal session needs to be
ended and a 9600 bps session begun
console Router(config)#config-register 0x2102
Router(config)#line con 0
Router(config-line)#speed 9600
Download using TFTP from ROMmon
• The IOS can also be restored from a TFTP session using the
tftpdnld command.
• The environmental variables provide a minimal configuration to allow
for the TFTP of the IOS
rommon>IP_ADDRESS=10.0.0.1
Trang 13NIIT-ICT Hanoi info@niithanoi.vn 25
Download using TFTP from ROMmon
• Once the variables are set for the IOS download, the
tftpdnld command is entered with no arguments
File system verification
Trang 14NIIT-ICT Hanoi info@niithanoi.vn 27
Password Recovery
Step 1 config-register - At the router type the show version command
Record the configuration register setting, which is usually 0x2102 In a
real world scenario, If for some reason you cannot log into the router,
i.e someone changed the password, then of course you will not be
able to perform this step.
Step 2 – Entering rommon
Within 60 seconds press the Break key (control-break on a PC) You may
need to press this more than once You will then see the following
prompt:
System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE
Copyright (c) 1986-1995 by cisco Systems
2600 processor with 8192 Kbytes of main memory
Abort at 0x10EA82C (PC)
rommon>
Password Recovery
Step 3 Breaking in - For the 2600 Series routers, after the “rommon>”
prompt type confreg 0x2142 and press return Then type “boot” and
press return.
Abort at 0x10EA82C (PC)
rommon> confreg 0x2142
rommon> boot
• confreg 0x2142 – This will change the configuration register on the
router to ignore the startup-config file during boot-up.
• boot – This will reboot (reload) the router.
The router will reboot and ask you if you want to go into setup mode
Type no
Trang 15NIIT-ICT Hanoi info@niithanoi.vn 29
Password Recovery
Step 4 – Recovering the password
Router> enable
Router# config t
To recover your previous startup-config file so you do not lose your previous
configuration (if needed):
Router# copy startup-config running-config
Set your enable secret password class is what we always use!
Router(config)# enable secret class
Change the configuration-register back to its proper value
Question: What happens the next time you reboot the router if you do not do this?
Router(config)# config-register 0x2102
Router(config)# exit
Copy the running-config with the current privileged password to the startup-config
Router# copy running-config startup-config
Password Recovery
Step 5 – Verify
• At the router type the show version command
• The configuration register setting should be 0x2102.
Trang 16NIIT-ICT Hanoi info@niithanoi.vn 31
Summary