Software Release 9.21
Chapters to
ci co OlE Router Products
ConfigurationGuide
Chapters to6 Software Release 9.21
Corporate Headquarters PO Box 3075
1525 OBrien Drive
Menlo Park CA 94026
415 326-1941
800 553-NETS
Customer Order Number DOC-RTCG9.21
Cisco Document Assembly Number 83-0120-01
Text Part Number 78-1241-01 The products and specifications configurations and other technical information regarding the products contained in this manual are subject to change without notice All statements technical information and recommendations contained in this manual are believed to be accurate and reliable but are
without of and take full for their of in this presented warranty any kind express or implied users must responsibility application any products specified manual
incidental or limitation how warranties so Some states do not allow limitation or exclusion of liability for consequential or damages on long implied last
and also have other that the above limitations or exclusions may not apply to you This warranty gives Customers specific legal rights you may rights vary from state to state
instruction This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the manual may cause
with the limits for device interference to radio communications This equipment has been tested and found to comply Class computing pursuant to
Subpart of Part 15 of FCC Rules which are designed to provide reasonable protection against such interference when operated in commercial
will be environment Operation of this equipment in residential area is likely to cause interference in which case the user at his own expense required to take whatever measures may be required to correct the interference
The third software be included with and will be to the software license following party may your product subject agreement
The Cisco implementation of TCP header compression is an adaptation of program developed by the University of California Berkeley UCB as part of
UCB public domain version of the UNIX operating system All rights reserved Copyright 1981 Regents of the University of Califomia
Network Time Protocol NTP Copyright 1992 David Mills The University of Delaware makes no representations about the suitability of this
software for any purpose
Point-to-Point Protocol Copyright 1989 Carnegie Mellon University All rights reserved The name of the University may not be used to endorse or
promote products derived from this software without specific prior Written permission
The Cisco of is of the and the of implementation TN3270 an adaptation tn3270 curses termcap programs developed by University California Berkeley
of domain version of the UNIX All reserved 198 of the of UCB as part UCBs public operating system rights Copyright 1-1988 Regents University
California
XRemote is trademark of Network Computing Devices Inc Copyright 1989 Network Computing Devices Inc Mountain View California N.C.D
makes no representations about the suitability of this software for any purpose
The Window System is trademark of the Massachusetts Institute of Technology Copyright 1987 by Digital Equipment Corporation Maynard
Massachusetts and the Massachusetts Institute of Technology Cambridge Massachusetts All rights reserved
THIS MANUAL CISCOS SOFTWARE AND TIlE SOFTWARE OF THE ABOVE-LISTED SUPPLIERS ARE PROVIDED AS IS WITH ALL FAULTS CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES EXPRESSED OR IMPLIED INCLUDING THOSE OF
MERCHANTABILITY AND FITNESS FOR PARTICULAR PURPOSE OR ARISING FROM COURSE OF DEALING USAGE OR TRADE PRACTICE
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANYINDIRECT SPECIAL CONSEQUENTIAL OR INCIDENTAL DAMAGES INCLUDING WITHOUT LIMITATION LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR
INABILITY TO USE THIS MANUAL EVEN IF CISCO HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES
Notice of Restricted Rights
disclosure Use duplication or by the Government is subject to restrictions as set forth in subparagraph of the Commercial Computer Software
Restricted Rights clause at FAR 52.227-19 and subparagraph 1ii of the Rights in Technical Data and Computer Software clause at DFARS 252.227-
7013 The information in this manual is subject to change without notice
Access Without Compromise CDDI CiscoWorks Cisco Intemetwork Operating System Netscape SMARTnet Tite Packet and UniverCD are trademarks
and Cisco Systems and the Cisco logo are registered trademarks of Cisco Systems Inc
All other products or services mentioned in this document are the trademarks service marks registered trademarks or registered service marks of their
respective owners
Router Products Configuration Guide
Copyright 1988-1993 Cisco Systems Inc
All rights reserved Printed in USA SOFTWARE LICENSE
READ CAREFULLY BEFORE USING ThIS SOFTWARE LICENSE AGREEMENT
PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THE SOFTWARE BY USING THE SOFTWARE YOU
AGREE TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS LICENSE IF YOU DO NOT AGREE WITH THE TERMS OF THIS LICENSE PROMPTLY RETURN THE UNUSED SOFTWARE MANUAL AND RELATED EQUIPMENT WITH PROOF OF PAYMENT TO THE PLACE OF PURCHASE FOR FULL REFUND
Cisco Inc to Customer nonexclusive and nontransferable license to use the Cisco software Systems Cisco grants Customer Software in object code form solely on single central processing unit owned or leased by Customer or otherwise embedded in equipment provide by Cisco Customer may make one archival of the software Customer affixes such all and copy provided to copy copyright confidentiality proprietary notices that appear on the original
Except as expressly authorized above CUSTOMER SHALL NOT COPY IN WHOLE OR IN PART SOFTWARE OR DOCUMENTATION MODIFY THE SOFTWARE REVERSE COMPILE OR REVERSE ASSEMBLE ALL OR ANY PORTION OF THE SOFTWARE OR RENT LEASE DISTRIBUTE SELL OR CREATE DERIVATIVE WORKS OF THE SOFTWARE
Customer that of the licensed agrees aspects materials including the specific design and structure of individual programs constitute trade secrets and/or copyrighted material of Cisco Customer not to disclose or otherwise make available such trade secrets or material in form agrees provide copyrighted any
third the to any party without prior consent of Cisco Customer agrees to implement reasonable security measures to protect such trade secrets and
material Title Software copyrighted to and documentation shall remain solely with Cisco
Cisco LIMITED WARRANTY warrants that the Software will substantially conform to the published specifications for such Software if used properly in accordance with the Documentation for of from the date of To be for Customer must all period ninety 90 days shipment eligible remedy report warranted problems within the warranty period to the party which supplied the Product to Customer or to the Cisco Service Partner if the Software was
multinational exported under the uplift program Ciscos sole and exclusive obligation and Customers exclusive remedy with respect to nonconforming
Software upon contact will be at Ciscos option and potentially through the Sales or Service Partner either to provide correction or workaround for any reproducible errors or ii to refund to Customer the license fee for the Software in the event that license fee was paid and the other remedy is not available or if the license fee was zero refund the of the hardware less calculated on basis Customer that it will price depreciation straightline agrees
with Cisco or its Sales or Service Partner in the environment in which the error occurred Customer to cooperate creating Further agrees supply any necessary equipment for such tests
This Limited does not to Software which has been as authorized has not been Warranty apply altered except by Cisco installed operated repaired or maintained in accordance with any installation handling maintenance or operating instructions supplied by Cisco has been subjected to unusual physical or electrical stress misuse negligence or accident is used in ultra hazardous activities has been used in such way that Cisco or its Sales
Partner cannot reasonably reproduce the Software error has been exported from the original country of destination without payment of an uplift or has been In no event does Cisco warrant that the Software is error free or that Customer will be able to its networks without misapplied operate problems or interruptions
THIS WARRANTY IS IN LIEU OF AND CISCO DISCLAIMS ALL OTHER WARRANTIES EITHER EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR PARTICULAR PURPOSE
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT SPECIAL CONSEQUENTIAL OR INCIDENTAL DAMAGES INCLUDING WITHOUT LIMITATION LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS CISCO SOFTWARE EVEN IF CISCO HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES SOME STATES DO NOT ALLOW LIMITATION OR EXCLUSION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES OR LIMITATION ON HOW LONG IMPLIED WARRANTIES LAST SO ThE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO CUSTOMER
Customer will with all laws and if it the This restriction shall survive comply applicable export regulations exports products termination of this Agreement
This License is effective until terminated Customer terminate this License at lime the software with may any by destroying together all copies thereof
Cisco terminate this License if the Customer fails with condition hereof may immediately to comply any term or Upon any termination of this License
Customer shall discontinue use of the Software and shall destroy all copies of the software
This License shall be and construed in accordance with the laws of the of California If hereof governed by State any portion is found to be void or
the of this License shall remain in full force and effect This License constitutes the entire License unenforceable remaining provisions between the parties with respect to the use of the Software
Restricted Rights Ciscos software and supporting documentation are provided with RESTRICTED RIGHTS Use duplication or disclosure by the
is to the restrictions set forth in of the Restricted Government subject as subparagraph Commercial Computer Software Rights clause at FAR 52.227-
19 and subparagraph clli of The Rights in Technical Data and Computer Software clause at DFARS 52.227-703 HARDWARE WARRANTY
Performance Warranty Cisco warrants to Customer for period of ninety 90 days from the shipping date that Hardware purchased under this Agreement
within the svill be free from hardware defects in material and workmanship To be eligible for remedy Customer must report all warranted problems
to the which the Product to Customer or to the Cisco Service Partner if the Hardware was under the multinational warranty period party supplied exported
uplift program
Hardware Remedies In the event of warranted problem with respect to the Hardware Customer must contact the place it acquired the Hardware or the
Cisco Service Partner if the Hardware was exported pursuant to the multinational uplift program as soon as possible after it becomes aware of the defect
Cisco or the Sales or Service Partner as appropriate will supply replacement parts for the products listed in Ciscos recommended spares list Replacement
will be within five after of Customers Cisco or its Sales or Service Partner will bear the cost for parts shipped working days receipt request shipment
Customer Customer all defective boards and assemblies to installation of the boards and of advance replacements to must return prior replacement
assemblies to Cisco or the Sales or Service Partner in accordance with the then current RMA procedures Ciscos sole snd exclusive obligation with respect
defective Hardware will Ciscos Sales Service Partner if to either advance service as to be at option and through or necessary provide replacement
described above iireplace the Product with Product that does not contain the defect or iii refund the price paid for the Hardware less depreciation
calculated on straight-line basis
The above does which has been authorized has not been installed Exclusions warranty not apply to anyProduct altered except as by Cisco operated
instructions has been to repaired or maintained in accordance with any installation handling maintenance or operating supplied by Cisco subjected
electrical is used in ultra hazardous has been used in such that Cisco unusual physical or stress misuse negligence or accident activities .5 way
from the of destination without of In no event cannot reasonably reproduce the Software error or has been exported original country payment an uplift
its networks without does Cisco warrant that Customer will be able to operate problems or interruptions
Disclaimer THIS WARRANTY IS IN LIEU OF AND CISCO DISCLAIMS ALL OTHER OF ALL OTHER WARRANTIES EXPRESSED OR IMPLIED INCLUDING THOSE OF MERCHANTABILITY NONINFRINGEMENT AND FITNESS FOR PARTICULAR PURPOSE OR ARISING FROM COURSE OF DEALING
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT SPECIAL CONSEQUENTIAL OR INCIDENTAL DAMAGES INCLUDING WITHOUT LIMITATION LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR
INABILITY TO USE THIS CISCO SOFTWARE EVEN IF CISCO HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES SOME
STATES DO NOT ALLOW LIMITATION OR EXCLUSION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES OR LIMITATION ON HOW LONG IMPLIED WARRANTIES LAST SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO CUSTOMER TABLE OF CONTENTS
About This Manual xlv
Document Objectives xlv
Audience xlv
Document Organization xlv
Document Conventions xlvi
PART Product ntroduction
Chapter Router Product Overview 1-1
Supported Network Protocols 1-1
Supported Media 1-2
Using the Router 1-2
Chapter Understanding the User Interface 2-1
User Interface Task List 2-2
Access Each Command Mode 2-2
User EXEC Mode 2-4
Privileged EXEC Mode 2-4
Global Configuration Mode 2-6
Interface Configuration Mode 2-8
Subinterface Configuration Mode 2-10
Line Configuration Mode 2-11
Router Configuration Mode 2-12
IPX-Router Configuration Mode 2-13
Route-Map Configuration Mode 2-14 ROM Monitor Mode 2-14
Get Context-Sensitive Help 2-15
Check Command Syntax 2-17
Use the Command History Features 2-18
Set the Command History Buffer Size 2-19
Recall Commands 2-19
Disable the Command History Feature 2-20
Use the Editing Features 2-20
Enable Enhanced Editing Mode 2-21
Move Around on the Command Line 2-21
Complete Partial Command Name 2-21
Paste in Buffer Entries 2-22
Edit Command Lines thatWrap 2-22
Delete Entries 2-23
Scroll Down Line or Screen 2-23
Redisplay the Current Command Line 2-24
Transpose Mistyped Characters 2-24
Table of Contents Control Capitalization 2-24
Designate Keystroke as Command Entry 2-24 Disable Enhanced Editing Mode 2-25
Set Terminal Parameters 2-25
Set Communication Speed Databits Stop Bits and Parity 2-26 Set Flow Control 2-26
Create Packet Dispatch Sequences 2-27
Specify the Terminal Type 2-27 Set the Terminal Screen Length and Width 2-27
Define Escape Character Key Sequences 2-28
Specify the International Character Display 2-28
Set Character Padding 2-28
Lock the Keyboard 2-29
Set Pending Output Notification 2-29
Prevent Errant Connection Attempts 2-29
Configure Telnet Capabilities for Session 2-29
Generate Hardware Break Signal 2-30
Suppress Telnet Remote Echo and Go Ahead Options 2-30
Negotiate Speeds 2-30
Send Telnet Synchronize Signal 2-31
Set End-of-Line Control 2-31
Use Telnet Connections 2-31
Log into Server 2-32
Connect to Remote Routers via Telnet 2-32
Switch between Telnet Connections 2-32
Execute Special Telnet Sequences 2-32
Clear Line 2-33
Exit Session 2-33
Monitor Telnet Connections 2-34
List Open Connections 2-34
Assign Logical Name to Connection 2-34
Display TCP Statistics on Open Telnet Connections 2-34
Display Current Terminal Parameters 235
Display Line Information 2-35
Enable Finger Protocol 2-35
PART System nterface Configuration Management
Chapter Loading System Images Microcode Images and Configuration Files 3-1
System Image Microcode Image and Configuration File Load Task List 3-1
Use the Autolnstall Procedure 3-2
Requirements 3-2
vi Router Products Configuration Guide How It Works 3-3
Acquire the New Routers IP Address 3-3
Resolve the IP Address to the Host Name 3-4
Download the New Routers Host Configuration File 3-5
Perform the Autolnstall Procedure 3-6
Modify the Existing Routers Configuration 3-6
Set up the TFTP Server 3-8
Set up the BOOTP or RARP Server 3-9
Connect the New Router to the Network 3-10
Enter Configuration Mode 3-11
Configure the Router from the Terminal 3-11
Configure the Router from Nonvolatile Memory 3-12
Configure the Router from File on Remote Host 3-12
Modify the Configuration Register Boot Field 3-12
Specify the System Image the Router Loads upon Restart 3-14 Loading from Flash Memory 3-14
Security Precautions 3-15
Flash Memory Configuration 3-15 Loading from Network Server 3-17 Loading from ROM 3-18
Using Fault-Tolerant Boot Strategy 3-19
Specify the Configuration File the Router Loads upon Restart 3-19
Network Configuration File 3-20
Host Configuration File 3-20
Change the Buffer Size for Loading Configuration Files 3-21
Manually Load System Image 3-22
Manually Booting from Flash 3-22
Manually Netbooting 3-23
Manually Booting from ROM 3-23
Configure Router as TFTP Server 3-24
Configure Router as RARP Server 3-24
Specify SLIP Extended BOOTP Requests 3-26
Specify MOP Server Boot Requests 3-26
Copy System Images from Network Server to Flash Memory 3-27
Verify the Image in Flash Memory 3-30
Copy System Images from Flash Memory to Network Server 3-30
Copy Configuration File from the Router to Network Server 3-31
Display System Image and Configuration Information 3-32
Clear the Contents of NVRAM 3-33
Reexecute the Configuration Commands in NVRAM 3-33
Table of Contents vii Use Flash Memory as TFTP Server 3-33
Prerequisites 3-33
Configuring the Flash Server 3-34
Configuring the Client Router 3-34
Loading Microcode Images over the Network 3-36
Display Microcode Information 3-37
Chapter Configuring Terminal Lines and Modem Support 4-1
Enter Line Configuration Mode 4-1
Create Additional Virtual Terminal Lines 4-2
Eliminate Virtual Terminal Lines 4-2
Absolute versus Relative Line Numbers 4-2
Configuration Task List 4-3
Set Communication Parameters 4-4
Configure Automatic Baud Detection 4-4
Configure Flow Control for Communications 4-4
Define Command String for Automatic Execution 4-5
Create Packet Dispatch Sequences 4-5
Specify the Transport Protocol for Specific Line 4-5
Establish Terminal Session Limits 4-6
Set up Modem Control on the Auxiliary Port 4-6
Configure Automatic Dialing 4-7
Close Modem Connections 4-8
Automatically Answer Modem 4-9
Support Dial-In Modem 4-11
Support Reverse Modem Connections/Prevent Incoming Calls 4-12
Support Dial-In and Dial-Out Modems 4-13
Configure Line Timeout Interval 4-14
Configure Support for Chat Scripts 4-15
Configure Rotary Groups 4-15
Configure Automatic Line Disconnect 4-15
Configure High-Speed Modem Support 4-15
Support Reverse TCP Connections 4-16
Define Terminal Operation Characteristics 4-16
Specify the Terminal Type 4-17 Set the Terminal Screen Length and Width 4-17
Define Escape Character and Other Key Sequences 4-18
Specify the International Character Display 4-18
Set Character Padding 4-19
Disable Enhanced Editing Mode 4-19
Set Terminal-Locking Mechanism 4-20
Dedicate Line to Particular User 4-20
Provide Line Connection Information after the Login Prompt 4-20
Enable Password Checking at Login 4-20
Act as Pipe for File Transfers 4-21
Configure Terminal Banner Messages 4-21
Configure Message-of-the-Day MOTD Banner 4-22
Configure Line Activation Message 4-22
viii Router Products Configuration Guide Configure an Incoming Message Banner 4-22
Configure an Idle Terminal Message 4-22
Enable or Disable the Display of Messages 4-23
Configure Telnet Capabilities 4-23
Generate Hardware Break Signal 4-23
Suppress Telnet Remote Echo and Go-Ahead Options 4-24
Negotiate Speed 4-24
Send Telnet Synchronize Signal 4-24
Set End-of-Line Control 4-24
Define Telnet Connection Failure and Success Messages 4-25
Record the Device Location 4-25
Set Pending Output Notification 4-25 Refuse Connection 4-25
Establish and Control the EXEC Process 4-26
Display Debug Messages on the Terminal 4-26
Configuration Examples 4-26
Line Configuration Example 4-27
Example of Creating Additional Virtual Terminal Lines 4-27
Example of Eliminating Virtual Terminal Lines 4-27
Banner Message Example 4-28
Password Checking Examples 4-28
Chapter Managing the System 5-1
Understanding System Management 5-2
Configuration Management 5-3
Set the Router Name 5-3
Set the Router Time Services 5-3
Network Time Protocol 5-4
VINES Time Service 5-5
Cisco 7000 Calendar 5-5
Configure NTP 5-5
Configure NTP Authentication 5-5
Configure NTP Associations 5-6
Configure NTP Broadcast Service 5-6
Configure NTP Access Restrictions 5-7
Configure the Source IP Address for NTP Packets 5-8
Configure the System as an Authoritative NTP Server 5-8
Configure NTP to Update the Cisco 7000 Calendar 5-8
Configure VINES Time Service 5-9
Configure Time and Date Manually 5-9
Configure the Time Zone 5-9
Configure Summer Time 5-10
Set the System Clock 5-10
Set the Cisco 7000 Calendar 5-10
Monitor Time Services 5-12
Configure Simple Network Management Protocol SNMP Support 5-12 Enable SNMP and Define Access Control 5-13
Define SNMP Trap Operations 5-13
Define the Maximum SNMP Packet Size 5-13
Table of Contents ix Enable the SNMP Server Shutdown Mechanism 5-14 5-14 Establish the Contact Location and Serial Number of the SNMP Server
Disable the SNMP Server 5-14 Monitor SNMP Status 5-14
Security Management 5-15
Establish Password Protection 5-15
Protect Access to Terminal Lines 5-15 5-16 Protect Access to Privileged EXEC Commands 5-16 Encrypt the Passwords Disable Password Protection 5-16
Recover Lost Password 5-16
Create Access Lists 5-17
Establish Terminal Access Control 5-18
Set TACACS Password Protection at the User Level 5-19
Disable Password Checking at the User Level 5-19 5-19 Set Optional Password Verification Level 5-20 Set TACACS Password Protection at the Privileged
Disable Password Checking at the Privileged Level 5-20
Set Notification of User Actions 5-21
Set Authentication of User Actions 5-21 5-21 Establish the TACACS Server Host and Response Times
Set Limits on Login Attempts 5-22
Enable the Extended TACACS Mode 5-22
Establish Username Authentication 5-22
Authentication Protocol 5-23 Enable Challenge Handshake CHAP
Fault Management 5-23
Display System Information 5-24 5-24 Receiving Automatic Warning Messages 5-25 Receiving the Automatic Shutdown Message
Test Network Connectivity 5-25
Set up TCP Keepalive Packet Service 5-25
Test Connections with the Ping Command 5-26
Trace Packet Routes 5-26
Limit TCP Transactions 5-26
Test Memory and Interfaces 5-27
Test Flash 5-27
Test System Memory 5-27
Test Interfaces 5-27
Log System Error Messages 5-27 5-28 Log Errors to UNIX Syslog Daemon Enable Message Logging 5-28
Set the Error Message Display Device 5-29 Define the Error Message Severity Level and Facilities 5-29
Define the Syslog Facility 5-30
Enable Timestamps on Log Messages 5-31
Enable Debug Operations 5-32
System Performance Management 5-32
Configure Switching and Scheduling Priorities 5-33
Establish Queuing Strategies 5-33
Router Products Configuration Guide Set Priority by Protocol Type 5-35
Assign Default Priority 5-35
Set Priority by Interface Type 5-35
Specify the Maximum Packets and Bytes in the Priority Queues 5-36
Assign Priority by STUN Address 5-36
Assign Priority Group or Custom Queue to an Interface 5-36
Monitor the Priority and Custom Queuing Lists 5-37 Modify the System Buffer Size 5-37
Delay EXEC Startup 5-38
Handle Idle Telnet Connection 5-38
Accounting Management 5-38
Display Stack Utilization 5-38
Display Memory Utilization 5-39
System Management Examples 5-39
System Configuration File Example 5-40
Clock Calendar and NTP Configuration Examples 5-40
Examples of Modifying Buffers 5-41
Username Examples 5-41
Chapter Configuring Interfaces 6-1
Interface Configuration Task List 6-1
Understand Supported Interfaces and Encapsulations 6-2
Synchronous Serial 6-2
Synchronous Serial Encapsulation Methods 6-3
Asynchronous Serial 6-3
Asynchronous Serial Encapsulation Methods 6-3
Ethernet 6-4
Ethernet Encapsulation Methods 6-4
Token Ring 6-4
Token Ring Encapsulation Methods 6-5 ISDN Basic Rate Interface BRI 6-5
ISDN Encapsulation Methods 6-5 Fiber Distributed Data Interface FDDI 6-6
FDDI Encapsulation Methods 6-6 Using Connection Management CMT Information 6-6 High-Speed Serial Interface HSSI 6-7
HSSI Encapsulation Methods 6-8 Online Insertion and Removal OIR 6-8
Understand Fast and Autonomous Switching Support 6-9
Fast Switching Support 6-9
Autonomous Switching Support 6-9
Transparent Bridging 6-9
IP over PPP and IETF Frame Relay 6-10 IPX 6-10
Configure the Interface Type 6-10
Configure an ISDN Basic Rate Interface 6-11
Configure Dialer Interface 6-11
Table of Contents xi 6-11 Configure an Ethernet Interface
Configure an FDDI Interface 6-12
Configure an HSSI Interface 6-12
Configure Loopback Interface 6-12
Configure Null Interface 6-13 6-13 Configure Synchronous Serial Interface
Configure Token Ring Interface 6-13
Configure Tunnel Interface 6-13 6-14 Configure an Asynchronous Serial Interface Establish Asynchronous Connections using PPP or SLIP 6-14 Interface 6-17 Configuring Serial 6-18 Configuring the CRC
Using the NRZI Line Coding Format 6-18 Clock 6-18 Enabling the Internal Clock 6-18 Inverting the Transmit Signal
6-19 Add Description for an Interface
Configure Subinterfaces 6-19 and 6-19 Understand Supported Interfaces Encapsulations Interfaces Frame 6-21 Configure Subinterfaces on Serial Running Relay Encapsulation and Ethernet Interfaces Configure Subinterfaces on Token Ring FDDI Running
Multiple IPX Encapsulations 6-23
Understand Tunneling 6-25
Advantages of Tunneling 6-25 6-26 Special Considerations
6-27 Configure IP Tunneling Interface 6-28 Configure the Tunnel 6-28 Configure the Tunnel Source Destination 6-28 Configure the Tunnel Mode 6-28 Configure the Tunnel 6-29 Configure End-to-End Checksumming
Identification 6-29 Configure Tunnel Key Out-of-Order 6-29 Configure Tunnel Interface to Drop Datagrams Monitor IP Tunnels 6-30
Reenable HIDLC Serial Encapsulation 6-30
Select the Ethernet Encapsulation 6-30
Module the Cisco 4000 6-31 Configure the Ethernet Network Interfac on
the Cisco 4000 6-31 Extend the lOBaseT Capability on
Configure ATM-DXI 6-31
Convert HSSI to Clock Master 6-31
Enable MOP 6-32
Enable MOP Message Support 6-32
Select the Token Ring Speed 6-32
Enable Early Token Release 6-32
xii Router Products Configuration Guide Select the ISDN BRI Switch Type 6-33
Define ISDN Service Profile Identifiers SPIDs 6-33
Define ISDN TEl Negotiation 6-34
Configure FDDI Timers and Features 6-34
Enable FDDI Bridging Encapsulation 6-34 Set Token Rotation Time 6-35
Set the Transmission Valid Timer 6-36
Control the Transmission Timer 6-36
Modify the C-Mm Timer 6-36 Modify the TB-Mm Timer 6-36 Modify the FDDI Timeout Timer 6-36
Control SMT Frame Processing 6-37
Enable Duplicate Address Checking 6-37
Set the Bit Control 6-37
Control the CMT Microcode 6-37
Start and Stop FDDI 6-38
Configure FDDI Dual-Homing 6-38 Control the FDDI SMT Message Queue Size 6-38
Configure the Point-to-Point Protocol 6-38
Enable PPP Encapsulation 6-39 Enable Challenge Handshake Authentication Protocol CHAP 6-39 Enable Link Quality Monitoring LQM 6-40
PPP Magic Number Support 6-40
Configure Dial Backup Service 6-40
Configure Loopback Detection 6-41
Set Transmit Delay 6-42
Configure DTR Signal Pulsing 6-42
Configure the Clock Rate on DCE Appliques 6-42
Specify the Serial Network Interface Module Timing 642
Control Interface Hold-Queue Limits 6-43
Set Bandwidth 6-43
Set Interface Delay 6-44
Limit Transmit Queue Size 6-44
Adjust Maximum Packet Size/MTU Size 6-44
Invert TXC Clock Signal 6-44
Prevent Phase Shifting 6-45
Monitor and Maintain the Interface 6-45
Monitor Interface Status 6-45
Monitor the Interface Port 6-46
Clear and Reset the Interface 6-46
Shut Down and Restart an Interface 6-47
Run Interface Loopback Diagnostics 6-48
Table of Contents xiii 6-48 Enable Loopback Testing on the HSSI Cards 6-51 Enable Loopback on MCI and SCI Serial Cards 6-51 Enable Loopback on MCI and MEC Ethernet Server 6-51 Configure the Ethernet Loopback 6-52 Enable Loopback on the CSC-FCI FDDI Card Enable Loopback on Token Ring Cards 6-52
6-52 Interface Configuration Examples 6-53 Examples of Enabling Interface Configuration 6-53 Example of Enabling Ethernet Encapsulation Dedicated Asynchronous Interface Example 6-53 Interface 6-53 Example of Restricting Access on the Asynchronous 6-54 Asynchronous Routing and Dynamic Addressing Example PPP Connection Example 6-54 SLIP Connection Examples 6-54
Interface Description Examples 6-55
Interface Shutdown Examples 6-55 6-56 IP Tunneling Examples Password 6-59 CHAP with an Encrypted Example Down 6-60 Examples of Dial Backup Service when Primary Line Goes Reaches Threshold 6-60 Examples of Dial Backup Service when Primary Line when Line Exceeds Threshold 6-60 Examples of Dial Backup Service Primary
PART Wide-Area Networking
LAPB 1-1 Chapter Configuring X.25 and
and X.25 7-1 Ciscos Implementation of LAPB X.25 Virtual Circuits 7-2 Facility Handling in Encapsulated X.25 Virtual Circuits 7-2 Facility Handling in Routed Standard 1984 X25 Facilities 7-2 CCITT-Specified Marker Facilities 7-4 7-5 Local Marker Facilities Specified for DDN or BFE X.25
LAPB Configuration Task List 7-5
Establish LAPB DCE or DTE Operation 7-6 7-6 Set the LAPB Retransmission Timer and Frame Parameters
Define the LAPB Hold Queue Size 7-7
X.25 Configuration Task List 7-7 7-8 Configure an X.25 Datagram Transport
Set X.25 DTE or DCE Operation 7-8
Set the X.25 Interface Address 7-9
Establish Protocol-to-X.l2l Address Map 7-9
Establish Permanent Virtual Circuit PVC 7-10
Establish Default VC Protocol 7-10
7-11 Configure X.25 Routing
Enable Local X.25 Routing 7-12
Construct the X.25 Routing Table 7-13
Translate X.25 Called and Calling Addresses 7-13
Update the X.121 Address 7-14
xiv Router Products Configuration Guide Configure Local Switched PVC 7-14
Configure Remote Tunneled PVC 7-14
Configure CMNS Routing 7-15
Enable CMNS on an Interface 7-15
Specify CMNS Static Map of Addresses 7-16
Configure DDN or BFE X.25 7-16
DDN X.25 Dynamic Mapping 7-17
Enable DDN X.25 7-18
Define IP Precedence Handling 7-18
Configure Blacker Emergency Mode 7-18
Configure X.25 Level Parameters and Special Features 7-20
Configure Virtual Circuit Ranges 7-21
Configure the Switched Virtual Circuit Idle Timer 7-22
Increase the Number of Virtual Circuits Allowed 7-23
Configure the Ignore Destination Timer 7-23
Set Default Window Sizes 7-23
Set Default Packet Sizes 7-24
Establish the Packet Acknowledgment Policy 7-24
Configure the X25 Level Retransmission Timers 7-24
Set X.25 TCP Header Compression 7-25
Define X.25 Host Names 7-25
Define the Default Encapsulation Protocol 7-25
Configure the X.25 User Facilities 7-26
Set the Packet Numbering Modulo 7-26
Suppress the Calling Address 7-27
Suppress the Called Address 7-27
Disable Packet-Level Restarts 7-27
Define the VC Packet Hold Queue Size 7-27
Configure an Interface Alias 7-28
Configure X.25 Bridging 7-28
Monitor and Maintain LAPB and X.25 7-28
LAPB and X.25 Configuration Examples 7-29
Typical LAPB Configuration Example 7-29
Typical X.25 Configuration Example 7-29
Example of Setting Virtual Circuit Ranges 7-31
Example of Switching PVC on the Same Router 7-31
X.25 Route Address Pattern Matching Example 7-31
X.25 Routing Example 7-32
Example of Using PVC to Exchange IP Traffic 7-33
Example of Establishing Connection between Two PVCs 7-33
Example of Enabling Remote Tunneling 7-34
Example of Enabling CMNS for X.121 and MAC Addresses 7-35
Example of Switching CMNS over PDN 7-35
Example of Switching CMNS over Leased Lines 7-37
DDN X.25 Configuration Example 7-39
Example of Setting BFE Emergency Mode 7-39
Example of Configuring X.25 to Allow Ping Support over Multiple Lines 7-40
Example of Netbooting over X.25 7-41
Table of Contents xv 8-1 Chapter Configuring Frame Relay
8-1 Cisco Implementation of Frame Relay 8-2 Frame Relay Hardware Requirements
List 8-3 Frame Relay Configuration Task
8-3 Enable Frame Relay on an Interface
Set Frame Relay Encapsulation 8-4
Establish Mapping 8-4
Customize Your Frame Relay Network 8-5
Configure Frame Relay Switching 8-5
Enable Frame Relay Switching 8-6 NNI 8-6 Configure Frame Relay DTE Device DCE Switch or Support
Specify the Static Route 8-7
Configure the LMI 8-7
Set the LMI Type 8-7
Set the LMI Keepalive Interval 8-7
Set the LMI Polling and Timer Intervals 8-8 8-8 Select Frame Relay Inverse ARP Define Subinterfaces 8-9
Associate DLCI with Subinterface 8-9
8-10 Configure Frame Relay in Test Environment
Set the Local DLCI 8-10
Set the DLCI for Multicasts 8-10
Monitor the Frame Relay Connections 8-11
8-11 Frame Relay Configuration Examples
Example of Configurations Using IETF Encapsulation 8-12 Example of Two Routers in Static Mode 8-12 8-12 Example of Routing DECnet Packets
Example of Routing IPX Packets 8-13 Backward 8-13 Example of Configuration Providing Compatibility
Example of Netbooting over Frame Relay 8-13 8-14 Example of Transparent Bridging Using Subinterfaces
PVC Switching Configuration Example 8-14
Example of Configuring Pure Frame Relay DCE 8-15 Example of Hybrid DTE/DCE PVC Switching 8-18
Example of Switching over an IP Tunnel 8-20
Chapter Configuring SMDS 9-1
Ciscos Implementation of SMDS 9-1 SMDS Addresses 9-2
SMDS Hardware Requirements 9-2
SMDS Configuration Task List 9-3
Set SMDS Encapsulation 9-3
Specify the SMDS Address 9-4
Establish Address Mapping 9-4
Provide Map to Multicast Address 9-5
xvi Router Products Configuration Guide Enable Address Resolution Protocol ARP 9-5 Enable Broadcast ARP Messages 9-6
Customize Your SMDS Network 9-7
Configure Specific Protocols 9-7 ARP and IP 9-7
DECnet 9-7
CLNS 9-8
XNS and IPX 9-8
AppleTalk 9-8 Banyan VINES 9-8
Enable Transparent Bridging 9-8
Configure Multiple Logical IP Subnets 9-9
Reenable the Data Exchange Interface Version 3.2 with Heartbeat Support 9-9
Configure Pseudo-broadcasting 9-9
Enable IP Fast Switching 9-10
Monitor the SMDS Connections 9-10
SMDS Configuration Examples 9-il
Typical Multiprotocol Configuration Example 9-11
Example of Configuration with Remote Peer on the Same Network 9-12
Example of Configuring MultiLIS Network 9-12
Example of Configuring Pseudo-broadcasting 9-13
Dial-on-Demand 10-1 Chapter 10 Configuring Routing
Ciscos Implementation of Dial Backup and DDR 10-1
Placing Calls using DDR 10-2
Chat Scripts on the Auxiliary Port 10-2
V.25bis over Synchronous Interfaces 10-2
Controlling Access for DDR 10-3
Dial Backup Configuration Task List 10-4 Select Backup Line 10-4
Define the Traffic Load Threshold 10-5
Define Backup Line Delays 10-5
DDR Configuration Task Overview 10-6
Configure an Interface to Place Calls 10-6
Configure Chat Scripts for Asynchronous Interfaces 10-6
Suggested Chat Script Naming Conventions 10-7
Specify Chat Scripts for Asynchronous Lines 10-7
Calls to Single Site 10-7
Calls to Multiple Sites 10-9
Calling on Single Line or Multiple Lines 10-9
Calling from Dialer Rotary Groups 10-10
Configure an Interface to Receive Calls 10-12
Calls from Single Site 10-13
Calls from Multiple Sites 10-13
Receiving on Single Line or Multiple Lines 10-13
Receiving on Dialer Rotary Group 10-13
Table of Contents xvii Configure an Interface to Place and Receive Calls 10-16
Place and Receive Calls from Single Site 10-16
Place and Receive Calls from Multiple Sites 10-17
DDRforIPX 10-19
Customize the DDR Network 10-19
Set Line Idle Time 10-20
Set Idle Time for Busy Interfaces 10-20
Set Line Downtime 10-20
Set Carrier Wait Time 10-21
Controlling Access to DDR Interface 10-21
Monitor DDR Connections 10-22
DDR Configuration Examples 10-22
Example of Dial Backup using Aux Port 10-23
Example of Dial Backup using DDR and ISDN 10-23
Example of Configuring DDR in an IP Environment 10-24
Example of Configuring DDR in an IPX Environment 10-24
Example of Configuring Multiple Destination Dial Strings 10-25 Example of Configuring Dialer Rotary Groups 10-25
Example of Dialing Single Site or Multiple Sites 10-26
Example of Using Chat Scripts 10-27
Example of Writing and Implementing Chat Scripts 10-27
Example of Chat Scripts and Dialer Mapping 10-28
Example of System Scripts and Modem Scripts 10-29
Dial-on-Demand PPP Configuration Example 10-29
PART Routing Protocols
Chapter 11 Configuring Apollo Domain 11-1
Ciscos Implementation of Apollo Domain 11-1
Apollo Domain Addresses 11-2
Apollo Domain Configuration Task List 11-2
Enable Apollo Domain Routing 11-3
Control Access to the Apollo Domain Network 11-3
Tune Apollo Domain Network Performance 11-4
Configure Static Routes 11-4
Set Routing Table Update Timers 11-4
Set the Maximum Paths 11-4
Configure Apollo Domain over WANs 11-5
Monitor the Apollo Domain Network 11-5
Apollo Domain Configuration Examples 11-5
Configuring Apollo Domain Routing Example 11-5
Access List Example 11-6
Routing Table Update Timer Example 11-6
xviii Router Products Configuration Guide Chapter 12 Configuring AppleTalk 12-1
Ciscos Implementation of AppleTalk 12-1
Standard AppleTalk Services 12-1
Enhancements to Standard AppleTalk 12-2
AppleTalk Phase and Phase 12-3
AppleTalk Addresses 12-4
Configuration Guidelines and Compatibility Rules 12-4
AppleTalk Configuration Task List 12-5
Enable AppleTalk Routing 12-5
Enable AppleTalk Routing on the Router 12-5
Manually Configure an Interface 12-6
Dynamically Configure an Interface 12-6
Dynamically Configure Nonextended Interface 12-7
Dynamically Configure an Extended Interface 12-8
Configure Transition Mode 12-8
Control Access to AppleTalk Networks 12-9
Create Access Lists 12-10
Create Filters 12-11
Create Data Packet Filters 12-12
Create Routing Table Update Filters 12-13
Create GetZoneList GZL Filters 12-15
Enable Partial Zone Filters 12-16
Configure the Name Display Facility 12-16
Set Up Special Configurations 12-16
Configure Free-Trade Zones 12-17
Configure SNMP in AppleTalk Networks 12-17
Configure AppleTalk Tunneling 12-18
Configure AppleTalk MaciP 12-19
Configure IPTalk 12-21
Configure IP Encapsulation of AppleTalk Packets 12-22 Specify the UDP Port Ranges 12-23
Tune AppleTalk Network Performance 12-24
Control Routing Updates 12-24
Disable the Processing of Routed RTMP Packets 12-24
Disable the Transmission of Routing Updates 12-25
Prevent the Advertisement of Routes to Networks with No Associated Zones 12-25
Set Routing Table Update Timers 12-25
Assign Proxy Network Numbers 12-26
Disable Checksum Generation and Verification 12-26
Control the AppleTalk ARP Table 12-27
Control the Delay between ZIP Queries 12-28
Log Significant Network Events 12-28
Disable Fast Switching 12-28
Configure AppleTalk over WANs 12-28
Table of Contents xix Monitor the AppleTalk Network 12-29
Monitor the AppleTalk Network Using Router Commands 12-29
Monitor the AppleTalk Network Using Network Monitoring Packages 12-30
AppleTalk Configuration Examples 12-31
Configuring an Extended AppleTalk Network Example 12-31
Configuring Nonextended AppleTalk Network Example 12-31
Configuring Nonextended Network in Discovery Mode Example 12-32 Transition Mode Example 12-33
AppleTalk Access List Examples 12-34
Hiding and Sharing Resources with Access List Examples 12-38
MacIP Examples 12-43 SNMP-over-DDP Example 12-44
Proxy Network Number Example 12-44 IPTaIk Example 12-45
Chapter 13 Configuring Banyan VINES 13-1
Ciscos Implementation of VINES 13-1
VINES Addresses 13-1
VINES Configuration Task List 13-2
Configure VINES Routing 13-2
Enable VINES Routing on the Router 13-3
Enable VINES Routing on an Interface 13-3 Enable VINES on Serverless Networks 13-4
Control Access to the VINES Network 13-4
Configure Other VINES Network Parameters 13-6
Select an Encapsulation Type 13-7
Control the Display of Host Addresses 13-7
Control the Base of Host Addresses 13-7
Control Routing Updates 13-8
Disable Fast Switching 13-8
Set the Time 13-9
Configure Static Routes 13-10
Configure Static Paths 13-10
Control the Forwarding of Broadcast Packets 13-10
Configure VINES over WANs 13-10
Monitor and Maintain the VINES Network 13-11
VINES Configuration Examples 13-11
Typical VINES Network Configuration Example 13-12
Serverless Network Configuration Example 13-13
Access List Example 13-16
Time-of-Day Service Example 13-17
xx Router Products Configuration Guide Chapter 14 Configuring DECnet 14-1
Ciscos Implementation of DECnet 14-1
DECnet Configuration Task List 14-3
Enable DECnet Routing 14-3
Establish DECnet Routing on Global Basis 14-3
Assign DECnet Cost to Each Interface 14-5
Specify the DECnet Node Type 14-6
Configure DECnet on Token Rings 14-6
Configure Address Translation 14-7
Make Poor Mans Routing Connection 14-7
Enable Phase IV-to-Phase Conversion 14-8
Propagate Phase IV Areas through an OSI Backbone 14-8
Establish the Routing Table Size 14-9
Configure Level Routers 14-9
Set Areas as Unreachable 14-9
Configure Level Routers 14-10
Set Areas as Unreachable 14-10
Specify Designated Routers 14-10
Control Access to DECnet Networks 14-10
Create an Access List Based on Source Addresses 14-11
Create an Access List Based on Source and Destination Addresses 14-11
Add Filters to Access Lists 14-11
Configure Access Groups 14-12
Configure Routing Filters 14-12
Enhance DECnet Performance 14-12
Set Maximum Equal-Cost Paths 14-13
Establish Selection for Paths of Equal Cost 14-13
Set Maximum Visits 14-14
Adjust the Hello Timer 14-14
Disable Fast Switching 14-14
Set the Congestion Threshold 14-15
Adjust the Broadcast Routing Timer 14-15
Configure DECnet over WANs 14-15
Monitor and Maintain the DECnet Network 14-15
DECnet Configuration Examples 14-16
Example of Enabling DECnet 14-16
Example of Configuring Phase IV Areas through an OSI Backbone 14-16
Example of Configuring Address Translation 14-18
Table of Contents xxi IP 15-1 Chapter 15 Configuring
Ciscos Implementation of IP 15-1
IP Configuration Task List 15-2
Network Interfaces 15-2 Assign IP Addresses to
Network Interfaces 15-3 Assign Multiple IF Addresses to
Allowable Internet Addresses 15-4
Enable Use of Subnet Zero 15-4
Interface 15-4 Enable IP Processing on Serial
Configure IP Addressing Options 15-5
Establish Address Resolution 15-6
Define Static ARP Cache 15-6
Set ARP Encapsulations 15-7
Disable Proxy ARP 15-7 Map Host Names to IP Addresses 15-8 Map IP Addresses to Host Names 15-8 15-9 Specify the Domain Name
Specify Name Server 15-9
Disable the DNS 15-9
15-10 Configure HP Probe Proxy Name Requests
Disable IP Routing 15-10
15-1 Routing Assistance when IP Routing Is Disabled ProxyARP 15-11 Default Gateway 15-11
The Router Discovery Mechanism 15-1
Configure Routing Process 15-13
15-13 Configure Broadcast Packet Handling
Enable Directed Broadcast-to-Physical Broadcast Translation 15-14
Forward UDP Broadcast Packets and Protocols 15-14
Establish an Internet Broadcast Address 15-15
Flood IP Broadcasts 15-16
15-17 Speed Up Flooding of UDP Datagrams
Configure IP Services 15-17
Disable ICMP Protocol Unreachable Messages 15-17
Disable ICMP Redirect Messages 15-18
Understand Path MTU Discovery 15-18
Set the MTU Packet Size 15-20
Enable ICMP Mask Reply Messages 15-20
Disable IP Source Routing 15-20
Interfaces 15-2 Configure Simplex Ethernet
Filter IF Packets 15-21
Create an Access List 15-22
Create Standard and Extended Access Lists 15-22
Apply an Access List to an Interface 15-23
xxii Router Products Configuration Guide Configure IP Security Options 15-24
Enable IPSO and Set the Security Classifications 15-24
Select the Security Levels 15-25
Default Values for Minor Keywords 15-25
Configure IP Accounting 15-26
Configure Performance Parameters 15-26
Compress TCP Packet Headers 15-27 Set the TCP Connection Attempt Time 15-27
Enable Fast Switching 15-28
Enable Fast Switching on the Same Interface 15-28
Enable IP Autonomous Switching 15-29
Control Route Cache Invalidation 15-29
Configure IP over WANs 15-30
Monitor and Maintain the IP Network 15-30
Clear Caches Tables and Databases 15-30
Display System and Network Statistics 15-30
IP Configuration Examples 15-3
Serial Interfaces Configuration Example 15-32
Example of Creating Network from Separated Subnets 15-32 Dynamic Lookup Example 15-33
Example of Establishing IP Domains 15-33
Example of Configuring HP Hosts on Network Segment 15-33 Helper Addresses Example 15-33 Broadcasting Examples 15-34 Flooded Broadcast Example 15-34
Flooding of IP Broadcasts Example 15-35 Customizing ICMP Services Example 15-35
Simplex Ethernet Interfaces Example 15-35 Access List Examples 15-36
Examples of Implicit Masks in Access Lists 15-36
Examples of Configuring Extended Access Lists 15-37
IPSO Configuration Examples 15-38 Ping Command Example 15-39
Chapter 16 Configuring IP Routing Protocols 16-1
Ciscos Implementation of IP Routing Protocols 16-1
The Interior Gateway Protocols 16-1 The Exterior Gateway Protocols 16-2
Router Discovery Protocols 16-2
Multiple Routing Protocols 16-2
IP Routing Protocols Task List 16-3
Determine Routing Process 16-3
Configure IGRP 16-4
Ciscos IGRP Implementation 16-4
IGRP Updates 16-5
IGRP Configuration Task List 16-5
Table of Contents xxiii Create the IGRP Routing Process 16-5
Allow Point-to-Point Updates for IGRP 16-6
Define Unequal-Cost Load Balancing 16-6
Adjust the IGRP Metric Weights 16-7 Disable Hoiddown 16-7
Enforce Maximum Network Diameter 16-8
Configure OSPF 16-8
Ciscos OSPF Implementation 16-8
OSPF Configuration Task List 16-9
Enable OSPF 16-9
Configure OSPF Interface Parameters 16-10 16-11 Configure OSPF over Different Physical Networks
Configure OSPF Network Type 16-11
Configure OSPF for Nonbroadcast Networks 16-11
Configure OSPF Area Parameters 16-12
Configure Route Summarization between OSPF Areas 16-12
Create Virtual Links 16-12
Generate Default Route 16-13
Configure Lookup of DNS Names 16-13 Force the Router ID Choice with Loopback Interface 16-13
Configure RIP 16-14
Running IGRP and RIP Concurrently 16-15
Allow Point-to-Point Updates for RIP 16-15
Configure IS-IS 16-15
IS-IS Configuration Task List 16-15
Enable IS-IS 16-16
Configure IS-IS Interface Parameters 16-16
Configure IS-IS Link State Metrics 16-17
Set the Advertised Hello Interval 16-17
Set the Advertised CSNP Interval 16-17
Set the Retransmission Interval 16-18
Specify Designated Router Election 16-18
Specify the Interface Circuit Type 16-18
Assign Password for an Interface 16-19
Configure Miscellaneous IS-IS Parameters 16-19 Generate Default Route 16-19
Specify Router Level Support 16-19
Configure IS-IS Authentication Passwords 16-20
Summarize Address Ranges 16-20
Configure BGP 16-20
Ciscos BGP Implementation 16-20 How BGP Selects Paths 16-21
BGP Configuration Task List 16-21
Enable BGP Routing 16-22
Configure BGP Neighbors 16-22
Reset BGP Connections 16-23
Configure BGP Route Filtering by Neighbor 16-23
Configure BGP Path Filtering by Neighbor 16-23
Disable Next-Hop Processing on BGP Updates 16-24
xxiv Router Products Configuration Guide Configure BGP Administrative Weights 16-24
Configure BGP Interactions with IGPs 16-25
Configure Miscellaneous BGP Parameters 16-26
Configure Neighbor Options 16-26 Indicate Backdoor Routes 16-26
Set Administrative Distance 16-27
Adjust BGP Timers 16-27
Configure the INTER_AS METRIC 16-27
Configure EGP 16-27
Ciscos EGP Implementation 16-28
EGP Configuration Task List 16-28
Enable EGP Routing 16-28
Configure EGP Neighbor Relationships 16-29
Adjust EGP Timers 16-29
Configure Third-Party EGP Support 16-29
Configure Backup Routers 16-30
Configure Default Routes 16-30
Define Central Routing Information Manager Core Gateway 16-30
Configure GDP 16-3
Configure IRDP 16-33
Configure Miscellaneous IRDP Parameters 16-33
Configure Routing Protocol-Independent Features 16-34
Use Variable-Length Subnet Masks 16-34
Configure Static Routes 16-34
Specify Default Routes 16-35
Specify Default Network 16-35
The Gateway of Last Resort 16-36
Redistribute Routing Information 16-36
Supported Metric Translations 16-37
Filter Routing Information 16-38
Prevent Routing Updates through an Interface 16-38
Suppress Routes from Being Advertised in Routing Updates 16-39
Suppress Routes Listed in Updates from Being Processed 16-39
Apply Offsets to Routing Metrics 16-39 Filter Sources of Routing Information 16-39
Adjust Timers 16-40
Enable or Disable Split Horizon 16-41
Monitor and Maintain the IP Network 16-42
Clear Caches Tables and Databases 16-42
Display System and Network Statistics 16-43
IP Routing Protocol Configuration Examples 16-44
Variable-Length Subnet Masks Example 16-44
Example of Overriding Static Routes with Dynamic Protocols 16-45
Example of Configuring IS-IS as an IP Routing Protocol 16-45
Static Routing Redistribution Example 16-46 IGRP Redistribution Example 16-47 RIP and IGRP Redistribution Example 16-47
OSPF Routing and Route Redistribution Examples 16-48
Table of Contents xxv BGP Route Advertisement and Redistribution Examples 16-54 Default Metric Values Redistribution Example 16-55 Route Map Examples 16-56
IGRP Feasible Successor Relationship Example 16-59
BGP Synchronization Example 16-60
BGP Basic Neighbor Specification Examples 16-60
Third-Party EGP Support Example 16-62
Backup EGP Router Example 16-62 EGP Core Gateway Example 16-62 Example of Autonomous System within EGP 16-63 Passive Interface Examples 16-64 Administrative Distance Examples 16-65
Split Horizon Examples 16-66
Chapter 17 Configuring ISO CLNS 17-1
Ciscos Implementation of ISO CLNS 17-1
Configuring ISO CLNS 17-1
ISO CLNS Configuration Task List 17-2
Assign Domain Boundaries NSAP Addresses and Area Addresses 17-2
ISO CLNS Addressing Background 17-2
Addressing Rules 17-4
Entering Routes 17-5
Configure NETs for Domains and Areas 17-5
Multihoming in IS-IS Areas 17-6
Configure Static NET Address for the Router 17-7 Map NSAP Addresses to Media Addresses 17-7
Specify Shortcut NSAP Addresses 17-9
Use the IP Domain Name System to Discover ISO CLNS Addresses 17-9
Configure Routing Process 17-10
Static Routing Overview 17-10
Dynamic Routing Overview 17-10
End Systems and Intermediate Systems 17-10
Configure CLNS Static Routing for the Router 17-11
Configure CLNS on the Router 17-11
Assign Static NET Address for the Router 17-11
Enable ISO CLNS for an Interface 17-12
Enter Specific Static Route 17-12
Configure ISO-IGRP Dynamic Routing 17-13
Configure ISO-IGRP Parameters 17-13
Adjust ISO-IGRP Metrics 17-14
Adjust ISO-IGRP Timers 17-14
Enable or Disable Split Horizon 17-15
Redistribute Routes into an ISO-IGRP Domain 17-15
Specify Preferred Routes 17-16
Configure IS-IS Dynamic Routing 17-16
Configure IS-IS Interface Parameters 17-17
Configure IS-IS Link State Metrics 17-17
Set the Advertised Hello Interval 17-17
xxvi Router Products Configuration Guide Set the Advertised CSNP Interval 17-18
Set the Retransmission Interval 17-18
Specify Designated Router Election 17-18
Specify the Interface Circuit Type 17-19
Configure IS-IS Password Authentication 17-19
Configure IS-IS Parameters 17-19
Redistribute Routes into an IS-IS Domain 17-20
Specify Preferred Routes 17-20
Specify Router Level Support 17-21
Configure IS-IS Authentication Passwords 17-21
Configure ES-IS Parameters 17-21
Specify Hello Packets 17-22
Filter Packet Forwarding and Establish Adjacencies 17-22
Configure CLNS over WANs 17-23
Configure CLNS over X.25 17-23
Configure Miscellaneous Features 17-24
Header Options 17-24
Assign Static NSAP Addresses for an Interface 17-24
Configure DECnet OSI or Phase Cluster Aliases 17-24
Configure DEC-Compatible Mode 17-25
Allow Security-Option Packets to Pass 17-25
Enhance ISO CLNS Performance 17-25
Specify the MTU Size 17-26
Disable Checksums 17-26
Disable Fast Switching 17-26
Set the Congestion Threshold 17-27
Transmit Error PDUs 17-27
Control Redirect PDUs 17-27
Configure Parameters for Locally Sourced Packets 17-28
Monitor and Maintain the ISO CLNS Network 17-29
ISO CLNS Configuration Examples 17-30
Examples of Configuring NETs 17-30
Basic Static Routing Examples 17-31
Static Intradomain Routing Example 17-33
Static Interdomain Routing Example 17-34
Example of Routing within the Same Area 17-35
Example of Dynamic Routing in More Than One Area 17-36
Example of Dynamic Routing in Overlapping Areas 17-37
Dynamic Interdomain Routing Example 17-37
IS-IS Routing Configuration Examples 17-39
Examples of Configuring Router in Two Areas 17-41
Example of Configuring ISO CLNS over X.25 17-42
Example of Customizing Performance Parameters 17-43
Example of Configuring DECnet Cluster Aliases 17-43 Route Map Examples 17-43 CLNS Filters Examples 17-44
Table of Contents xxvii Chapter 18 Configuring Novell IPX 18-1
Ciscos Implementation of Novell IPX 18-1
IPX Addresses 18-1
IPX Configuration Task List 18-2
Enable IPX Routing 18-2
Enable IPX Routing on the Router 18-2
Assign Network Numbers to Individual Interfaces 18-2
Assign Network Numbers to Interfaces that Support Single Network 18-3
Assign Network Numbers to Interfaces that Support Multiple Networks 18-3
Control Access to IPX Networks 18-4
Create Access Lists 18-6
Create Generic Filters 18-6
Create Filters for Updating the Routing Table 18-7
Create Service Advertisement Protocol SAP Filters 18-8 Create Get Nearest Server GNS Response Filters 18-9
Create IPX NetBIOS Filters 18-9
Create Broadcast Message Filters 18-10
Tune IPX Network Performance 18-11
Control Novell IPX Compliance 18-12
Configure Static Routes 18-13
Adjust Routing Table Update Timers 18-13
Configure Static SAP Table Entries 18-14
Configure the Queue Length for SAP Requests 18-14
Adjust SAP Update Timers 18-14 Set Maximum Paths 18-15
Control Responses to GNS Requests 18-15
Use Helper Addresses to Forward Broadcast Messages 18-15 Control the Forwarding of Type 20 Packets 18-16 Enable the Forwarding of Type 20 Packets 18-17 Restrict the Acceptance of Incoming Type 20 Packets 18-17 Restrict the Forwarding of Outgoing Type 20 Packets 18-17
Disable IPX Fast Switching 18-18
Enable Autonomous Switching 18-18
Pad Odd-Length Packets 18-18
Repair Corrupted Network Numbers 18-19
Configure IPX over WANs 18-19
Monitor the IPX Network 18-19
Configuration Examples 18-20
Enabling IPX Routing Example 18-20
Enabling IPX Routing on Multiple Networks Example 18-20
Enabling IPX over WAN Interface Example 18-21
IPX Network Access Example 18-21
SAP Input Filter Example 18-22
SAP Output Filter Example 18-23
xxviii Router Products Configuration Guide Helper Facilities to Control Broadcasts Examples 18-24
Forwarding to an Address Example 18-24
Forwarding to All Networks Example 18-26 All-Networks Flooded Broadcast Example 18-27 IPX over DDR Example 18-27
Chapter 19 Configuring XNS 19-1
Ciscos Implementation of XNS 19-1
Ungermann-Bass Net/One Environments 19-1
XNS Addresses 19-2
Configuration Task List 19-3
Enable XNS Routing 19-3
Enable Standard XNS Routing 19-3
Enable Ungermann-Bass Net/One Routing 19-4
Control Access to the XNS Network 19-4
Create Access Lists 19-6
Create Generic Filters 19-6
Create Filters for Updating the Routing Table 19-7
Tune XNS Network Performance 19-7
Configure Static Routes 19-8
Set Routing Table Update Timers 19-8
Set Maximum Paths 19-8
Control Broadcast Messages 19-9
Forward Broadcast Messages to Specified Hosts 19-10 Specify XNS Protocol Types for Forwarding Broadcast Messages 19-10
Configure Flooding 19-11
Disable XNS Fast Switching 19-12
Configure XNS over WANs 19-12
Monitor the XNS Network 19-12
XNS Configuration Examples 19-12
Enabling XNS Routing Configuration Example 19-13
Enabling and Configuring Net/One Routing Configuration Example 19-13 Routing Update Timers Example 19-14
3Com Access List Example 19-14
Helpering Example 19-15
PART Bridging
Chapter 20 Configuring Transparent Bridging 20-1
Cisco Implementation of Transparent and Source-Route Transparent Bridging 20-1
Transparent Bridging Features 20-1
Source-Route Transparent Bridging Features 20-2
Table of Contents xxix Transparent and SRT Bridging Configuration Task List 20-3
Configure Transparent Bridging and SRT Bridging 20-3
Assign Bridge Group Number and Define the Spanning-Tree Protocol 20-3
Assign Each Network Interface to Bridge Group 20-4
Choose the OUT for Ethernet Type II Frames 20-5
Configure Transparent Bridging over WANs 20-5
Configure X.25 Transparent Bridging 20-5
Configure Frame Relay Transparent Bridging 20-5
Bridging in Frame Relay Network with no Multicasts 20-6
Bridging in Frame Relay Network with Multicasts 20-6
Configure SMDS Transparent Bridging 20-6
Configure Transparent Bridging Options 20-7
Disable IP Routing 20-7
Enable Autonomous Bridging 20-7
Configure LAT Compression 20-8
Establish Multiple Spanning-Tree Domains 20-8
Prevent the Forwarding of Dynamically Determined Stations 20-9 Forward the Multicast Addresses 20-10
Filter Transparently Bridged Packets 20-10
Filter by MAC-Level Address 20-11
Filter by Specific MAC Address 20-11 Filter by Vendor Code 20-li Filter by Protocol Type 20-12
Define and Apply Extended Access Lists 20-14
Filter LAT Service Announcements 20-15
Enable LAT Group Code Service Filtering 20-16
Specify Deny Conditions for LAT Group Codes on Input 20-16
Specify Permit Conditions for LAT Group Codes on Input 20-16
Specify Deny Conditions for LAT Group Codes on Output 20-17
Specify Permit Conditions for LAT Group Codes on Output 20-17
Adjust Spanning-Tree Parameters 20-17
Set the Bridge Priority 20-18
Set an Interface Priority 20-18
Assign Path Costs 20-18
Adjust BPDU Intervals 20-18
Adjust the Interval between Hello BPDUs 20-19
Define the Forward Delay Interval 20-19
Define the Maximum Idle Interval 20-19
Disable the Spanning Tree on an Interface 20-19
Tune the Transparently Bridged Network 20-20
Monitor and Maintain the Transparent Bridge Network 20-21
Transparent Bridging Configuration Examples 20-21
Basic Bridging Example 20-22
Transparent Bridging Example 20-23
Ethernet Bridging Example 20-23
xxx Router Products Configuration Guide Source-Route Transparent SRT Bridging Example 20-25
Configuration for the New York City router 20-25
Configuration for the Thule Greenland router 20-25 Multicast or Broadcast Packets Bridging Example 20-26 X.25 Transparent Bridging Example 20-27
Frame-Relay Transparent Bridging Examples 20-28
Bridging in Frame Relay Network with No Multicasts 20-28
Bridging in Frame Relay Network with Multicasts 20-29
Example of Complex Transparent Bridging Network Topology 20-30
Chapter 21 Configuring Source-Route Bridging 21-1
Source-Route Bridging Overview 21-1
Ciscos Implementation of Source-Route Bridging 21-2
SRB Configuration Task List 21-3
Configure Source-Route Bridging 21-3
Configure Dual-Port Bridge 21-5
Enable SRB on the Appropriate Token Ring Interface 21-5
Configure Multiport Bridge using Virtual Ring 21-6
Define Ring Group in SRB Context 21-6
Enable SRB and Assign Ring Group to an Interface 21-6
Enable the and Forwarding Blocking of Spanning Tree Explorers 21-7 Limit the Maximum SRB Hops 21-8
Configure Remote Source-Route Bridging 21-8
Configure RSRB Using Direct Encapsulation 21-9
Define Ring Group in RSRB Context 21-10 the Identify Remote Peers Direct Encapsulation 21-10
Enable SRB on the Appropriate Interfaces 1-10
Configure RSRB Using IP Encapsulation over an FST Connection 1-11
Set Up an FST Peer Name and Assign an IP Address 21-11 Identify the Remote Peers FST Connection 21-11
Enable SRB on the Appropriate Interfaces 1-12
Performance Considerations when Using FST in Redundant Network Topology 21-12
Configure RSRB Using IP Encapsulation over TCP Connection 1-12 Identify the Remote Peer TCP Connection 21-13
Enable SRB on the Appropriate Interfaces 1-13
Configure RSRB Using TCP and LLC2 Local Acknowledgment 21-13 Enable LLC2 Local Acknowledgment between Two Remote Peer Bridges 21-15
Enable SRB on the Appropriate Interfaces 21-16
Notes on Using LLC2 Local Acknowledgment 1-16
Configure Bridging Routed Protocols 21-17
EnableUseoftheRlF 21-18
Configure Static RFEntry 21-18
Configure the RIF Timeout Interval 21-19
Configure Translation between SRB and TB Environments 21-19
Overview of SR/TLB 21-19
Enable Bridging between Transparent Bridging and SRB 21-2
Table of Contents xxxi Enable Translation Compatibility with IBM 8209 Bridges 21-21
Enable Token Ring LLC2 to Ethernet Conversion 21-22
Configure NetBIOS Support 1-23
Ensure that Proxy Explorers Is Enabled on the Appropriate Interface 21-24
Specify Timeout and Enable NetBIOS Name Caching 21-25
Create Static Entries in the NetBIOS Name Cache 1-25
Specify Dead Time Intervals for NetBIOS Packets 1-25
Configure LAN Network Manager Support 21-26
How the Router Works with LNM 1-28
Configure LNM Software on the Management Stations to Communicate with the Router 1-29
Prevent LNM Stations from Modifying Router Parameters 21-29
Enable Other LRMs to Change Router/Bridge Parameters 21-30
Apply Password to an LNM Reporting Link 1-30 Enable LNM Servers 21-30
Change Reporting Thresholds 21-3 Change an LNM Reporting Interval 21-3
Monitor LNM Operation 21-3
Secure the SRB Network 21-32
Configure NetBIOS Access Filters 21-32
Configure NetBIOS Access Filters Using Station Names 21-32
Configure Access Filters Using Byte Offset 21-33
Configure Administrative Filters for Token Ring Traffic 21-34
Filter Frames by Protocol Type 21-35 Filter Frames by VendorCode 1-36
Filter Input by Source Addresses 21-36
Filter Output by Source Addresses 21-36
Configure Access Expressions that Combine Administrative Filters 1-36
Configure Access Expressions 21-37
Optimize Access Expressions 1-38
Alter Access Lists Used in Access Expressions 21-39
Tune the SRB Network 21-39
Prioritize Traffic Based on SNA Local LU Addresses 21-39
Enable Class of Service 21-40
Assign Priority Group to an Input Interface 1-41
Enable or Disable the Source-Route Fast-Switching Cache 21-41
Enable or Disable the Source-Route Autonomous-Switching Cache 21-41
Configure Proxy Explorers 21-42
Configure the Largest Frame Size 21-43
Establish SRB Interoperability with Specific Token Ring Implementations 21-43
Establish SRB Interoperability with IBM PC/3270 Emulation Software 21-43
Establish SRB Interoperability with TI MAC Firmware 21-44
Reporting Spurious Frame-Copied Errors 21-44
Monitor and Maintain the SRB Network 21-44
SRB Configuration Examples 21-46
Example of Basic SRB with Spanning Explorers 21-47 Example of SRB Only 21-47
Example of SRB and Routing Certain Protocols 1-48
xxxii Router Products Configuration Guide Example of Multiport SRB 21-48
Example of Source-Route Bridging with Multiple Virtual Ring Groups 21-49
Example of RSRB Using IP Encapsulation over TCP Connection 21-50
Example of RSRB Using IP Encapsulation Over an FST Connection 21-5
Example of RSRB Using All Types of Transport Methods 21-53 Example of RSRB with Local Acknowledgment 21-54
Example of RSRB with Local Acknowledgment and Passthrough 1-58
Example of Local Acknowledgment for LLC2 1-61
Example of IP for Load Sharing Over RSRB 21-63
Example of Adding Static RIF Cache Entry 21-65
Example of Adding Static RIF Cache Entry for Two-Hop Path 21-65 Example of SRITLB for Simple Network 1-66
Example of SRITLB with Access Filtering 1-68
Example of NetBIOS Support with Static NetBIOS Cache Entry 21-69 Example of LNM for Simple Network 21-69 Example of LNM for More Complex Network 21-70
Example of NetBIOS Access Filters 21-7
Example of Filtering Bridged Token Ring Packets to IBM Machines 21-72
Example of Administrative Access FiltersFiltering SNAP Frames on Output 21-73
Example of Creating Access Expressions 21-75
Example of Access Expressions 21-76
Example of Configuring Priority for Locally Terminated Token Ring Interfaces in RSRB 21-76
Example of Fast Switching 21-78
Example of Autonomous Switching 21-78
Example of SNA Traffic Prioritization by LU Address 21-78
PART BM Networking
Chapter 22 Configuring STUN and SUIC Local Acknowledgment 22-1
Configuration Task List 22-2
Set Up STUN Network 22-2 Enable STUN on Global Basis 22-2
Configure the STUN Protocol Groups 22-3
SDLC Protocol 22-3
SDLC Transmission Groups 22-3
Non-SDLC Protocols 22-4
Enable STUN Interfaces and Place in STUN Group 22-4
Establish the SDLC Frame Encapsulation Method 22-5
Configure TCP Encapsulation with SDLC Local Acknowledgment and Priority Queuing 22-5
Assign the Router an SDLC Primary or Secondary Role 22-6 Enable the SDLC Local Acknowledgment Feature 22-6
Establish Priority Queuing Levels 22-7
Configure TCP Encapsulation without Local Acknowledgment 22-7
Configure HDLC Encapsulation 22-8
Set up Traffic Priorities 22-8 Enable Class of Service 22-8
Assign Queuing Priorities 22-9
Table of Contents xxxiii Prioritize by Serial Interface Address 22-9
Prioritize by Logical Unit Address 22-10
Prioritize STUN Traffic over All Other Traffic 22-10
Configure Proxy Polling 22-11
Enable Proxy Polling 22-12
Set the Proxy Polling Intervals 22-12
Monitor STUN Network Activity 22-13
STUN Configuration Examples 22-13
Example of Configuring STUN Priorities 22-14
Example of Configuring Serial Link Address Prioritization Using STUN TCP/IP Encapsulation 22-15
Example of Configuring STUN Multipoint Implementation Using Line-Sharing Device 22-18
Example of Configuring Local Acknowledgment on Per-STUN-Peer Basis 22-20
Example of Configuring Local Acknowledgment for STUN Packets 22-20
Configuring LOCADDR Priority GroupsSimple Example 22-2
Example of Configuring LOCADDR Priority Groups for STUN 22-22
Example of Configuring Transmission Groups 22-23
Example of Configuring Proxy Polling for STUN 22-24
Chapter 23 Configuring LLC2 and SDLC Parameters 23-1
LLC2 23-2
LLC2 Configuration Task List 23-2
Control Transmission of Information Frames 23-2
Set the Maximum Number of Information Frames Received before Sending an Acknowledgment 23-3 Set the Maximum Delay for Acknowledgments 23-3
Set the Number of Retries Allowed 23-3
Set the Time for Resending Information Frames 23-4
Set the Time for Resending Rejected Frames 23-4
Establish Polling Level 23-4
Set the Polling Frequency 23-5
Set the Polling Interval 23-5
Set the Transmit-Poll-Frame Timer 23-5
Set Up XID Transmissions 23-6
Set the Time for XID Retries 23-6
Monitor LLC2 Stations 23-6
SDLC 23-6
SDLC Configuration Task List 23-7
Enable Router as Primary or Secondary SDLC Station 23-7
Determine Use of Frame Rejects 23-8
Set SDLC Timer and Retry Counts 23-8
Set SDLC Frame and Window Sizes 23-9
Control the Buffer Size 23-9
Control Polling of Secondary Stations 23-9
Monitor SDLC Stations 23-10
xxxiv Router Products Configuration Guide Configuration Examples 23-10 LLC2 Example 23-10 SDLC Example 23-11
Chapter 24 Configuring SDLLC Media Translation 24-1
Cisco Implementation of SDLLC Media Translation 24-1
Virtual Token Ring Concept Implementation 24-2
Resolving Differences in LLC2 and SDLC Frame Size 24-2
Maintaining Dynamic RIF Cache 24-3
Other Implementation Considerations 24-3
SDLLC Configuration Task List 24-3
Configure SDLLC with Direct Connection 24-3
Enable SDLLC Media Translation 24-4
Specify the XID Value 24-4
Initiate Connection to Token Ring Host 24-4
Configure SDLLC with RSRB 24-5
RSRB using Direct Encapsulation 24-5
RSRB over FST Connection 24-5
RSRB over TCP Connection 24-6
Configure SDLLC with RSRB and Local Acknowledgment 24-6
Configure SDLLC with Ethernet and Translational Bridging 24-7
Customize SDLLC Media Translation 24-7
Set the Largest LLC2 I-Frame Size 24-7
Set the Largest SDLC I-Frame Size 24-8
Increase the SDLC Line Speed 24-8
Other Customizing Considerations 24-8
Monitor SDLLC Media Translation 24-9
SDLLC Configuration Examples 24-9 Example of SDLLC with Direct Connection 24-9
Example of SDLLC with Single Router using RSRB 24-10 Example of SDLLC with RSRB Single 3x74 24-11
Example of SDLLC with RSRB Multiple 3x74s 24-12
Configuring SDLLC with RSRB and Local Acknowledgment 24-14 NCP and VTAM Sysgen Parameters 24-15
Index
Table of Contents xxxv xxxvi Router Products Configuration Guide OF FGURES
Figure 31 Using SLARP to Acquire the New Routers IP Address 3-3
Figure 3-2 Using BOOTP/RARP to Acquire the New Routers IP Address 3-4
Figure 3-3 Dynamically Resolving the New Routers IP Address-to-Host Name Mapping 3-5
Figure 3-4 Configuring Router as RARP Server 3-25
Figure 4-1 EXEC and Daemon Creation on Line with No Modem Control 4-7
Figure 4-2 EXEC and Daemon Creation on Line Configured for Continuous CTS 4-9
Figure 4-3 EXEC Creation on Line Configured for High-Speed Dial-up Modem 4-10
Figure 4-4 EXEC Creation on Line Configured for Modem Callin 4-11
Figure 4-5 Daemon Creation on Line Configured for Modem Callout 4-13
Figure 4-6 EXEC and Daemon Creation on Line Configured for Incoming and Outgoing Calls 4-14
Figure 6-1 Using Subinterfaces to Provide Full Connectivity on Partially Meshed Frame Relay Network 6-22
Figure 6-2 Novell Network with and without Subinterfaces 6-24
Figure 6-3 IP Tunneling Terminology and Concepts 6-25
Figure 6-4 Providing Workarounds for Networks with Limited Hop Counts 6-26
Figure 6-5 Tunnel Precautions Hop Counts 6-27
Figure 6-6 HSSI Loopback Testing 6-49
Figure 6-7 HSSI External Loopback Request 6-50
Figure 6-8 Using the PPP EXEC Command 6-54
Figure 6-9 Connecting Multiprotocol Subnetworks across Single-Protocol Backbone 6-57
Figure 6-10 Creating Virtual Private Networks across WANs 6-58
Figure 7-1 Transporting LAN Protocols across an X.25 PDN 7-8
Figure 7-2 Establishing an IP Encapsulation PVC through an X.25 Network 7-33
Figure 7-3 X.25 Tunneling Connection 7-33
Figure 7-4 Local Switching and Remote Tunneling PVCs 7-34
Figure 7-5 Example Network Topology for Switching CMNS over PDN 7-36
Figure 7-6 Example Network Topology for Switching CMNS over Leased Line 7-38
Figure 7-7 Parallel Serial Lines to X.25 Network 7-40
Figure 8-1 Typical Frame Relay Configuration 8-3
Figure 8-2 Frame Relay Switched Network 8-5
Figure 8-3 PVC Switching Configuration 8-14
Figure 8-4 Frame Relay DCE Configuration 8-15
Figure 8-5 Hybrid DTE/DCE PVC Switching 8-18
Figure 8-6 Frame Relay Switch over IP Tunnel 8-20
Figure 9-1 Typical SMDS Configuration 9-3
List of Figures xxxvii Figure 9-2 Multiple Logical IP Subnet Configuration 9-12
Figure 10-1 Dial-on-Demand Routing Interconnection 10-2
Figure 10-2 Sample Dialer Interface Configuration 10-12
Figure 10-3 Hub-and-Spoke Configuration Using Dial-on-Demand Routing 10-18
Figure 10-4 Sample Dialer String or Dialer Map Configuration 10-26
Figure 10-5 Chat Script Configuration and Function 10-27
Figure 10-6 Dial-On Demand Routing Configuration 10-30
Figure 11-1 Apollo Domain Addresses 11-2
Figure 12-1 IPTalk Configuration Example 12-22
Figure 12-2 InteroPoll Output 12-30
Figure 12-3 Nonextended AppleTalk Routing between Two Ethernet Networks 12-31
Figure 12-4 Routing in Discovery Mode 12-32
Figure 12-5 Transition Mode Topology and Configuration 12-33
Figure 12-6 Example Topology of Partially Obscured Zone 12-37
Figure 12-1 Controlling Access to Common AppleTalk Network 12-39
Figure 12-8 Controlling Resource Access among Multiple AppleTalk Zones 12-40
Figure 12-9 Example Network Topology 12-44
Figure 13-1 VINES Logical Network 13-2
Figure 13-2 VINES Simple Configuration 13-12
Figure 13-3 VINES Serverless Configuration 13-13
Figure 13-4 VINES Serverless X.25 Configuration 13-14
Figure 13-5 VINES Complex Serverless Configuration 13-15
Figure 13-6 VINES Access List Configuration 13-16
Figure 14-1 DECnet Nodes and Areas 14-4
Figure 14-2 DECnet Cost Values 14-5
Figure 14-3 Sample Phase IV/Phase Network 14-17
Figure 14-4 ATG Configuration Example 14-18
Figure 15-1 Path MTU Discovery 15-19
Figure 15-2 IP Fast Switching on the Same Interface 15-28
15-3 Figure Creating Network from Separated Subnets 15-32
Figure 15-4 IP Helper Addresses 15-34
Figure 15-5 IP Flooded Broadcast 15-34
Figure 15-6 Simplex Ethernet Connections 15-35
Figure 15-7 IPSO Security Levels 15-38
xxxviii Router Products Configuration Guide Figure 16-1 Interior System and Exterior Routes 16-4
Figure 16-2 GDP Report Message Packet Format 16-32
Figure 16-3 Overriding Static Routes 16-45
Figure 16-11 Illustration of IS-IS Routing 16-45
Figure 16-5 Sample OSPF Autonomous System Network Map 16-50
Figure 16-6 Interface and Area Specifications for OSPF Example Configuration 16-52
Figure 16-1 Assigning Metrics for Redistribution 16-56
Figure 16-0 Assigning Metrics for IGRP Path Feasibility 16-59
Figure 16-9 Illustration of Synchronization 16-60
16-6 Figure 16-10 Assigning Internal and External BGP Neighbors
16-63 Figure 1611 Core EGP Third-Party Update Configuration Example
Figure 16-12 Router in AS 164 Peers with Router in AS 109 16-64
Figure 16-13 Filtering IGRP Updates 16-64
Figure 16-14 Disabled Split Horizon Example for Frame Relay Network 16-67
Figure 11-1 ISO-IGRP NSAP Addressing Structure 17-3
Figure 17-2 IS-IS NSAP Addressing Structure 17-4
Figure 17-3 Static Routing Illustration 17-32
Figure 11-4 CLNS X.25 Intradomain Routing 17-33
Figure 11-5 CLNS Interdomain Static Routing 17-34
Figure 17-6 CLNS Dynamic Routing within Single Area 17-35
Figure 17-7 CLNS Dynamic Routing within Two Areas 17-36
Figure 17-0 CLNS Dynamic Interdomain Routing 17-37
Figure 17-9 ISO-IGRP Configuration 17-41
Figure 17-10 Routers Acting as DTEs and DCEs 17-42
Figure 10-1 Novell IPX Servers Requiring Access Control 18-21
Figure 10-2 SAP Input Filter 18-22
Figure 10-3 SAP Output Filter 18-24
Figure 10-4 IPX Clients Requiring Server Access through Router 18-25
Figure 10-5 Type Broadcast Flooding 18-26
Figure 10-6 IPX over DDR Configuration 18-28
Figure 19-1 Helper Addresses 19-15
Figure 20-1 Example of Basic Bridging 20-22
Figure 20-2 Ethernet Bridging Configuration Example 20-24
Figure 20-3 Example Network Configuration 20-25
List of Figures xxxix 20-26 Figure 204 Network Demonstrating Output Address List Filtering
Figure 20-5 X.25 Bridging Example 20-27
Figure 20-6 Frame-Relay Bridging Example 20-28
Figure 20-7 Bridged Subnetworks with Domains 20-30
Figure 21-1 IEEE 802.5 Token Ring Frame Format 21-1
Figure 21-2 Dual-Port Bridge 21-4
Figure 21-3 Multiple Dual-Port Bridges 21-4
Figure 21-4 Multiport Bridge using Virtual Ring 21-5
Figure 21-5 Remote Source-Route Bridged Topology 21-8
Figure 21-6 LLC2 Session Without Local Acknowledgment 21-14
Figure 21-7 LLC2 Session with Local Acknowledgment 21-14
Figure 21-8 Topology for Bridging Routed Protocols across Source-Route Bridged Network 21-17
Figure 21-9 Example of Simple SRITLB Topology 21-20
Figure 21-10 LNM Linking to Source-Route Bridge on Each Local Ring 21-27
Figure 21-11 LAN Network Manager Monitoring and Translating 21-28
Figure 21-12 Access Expression Example 21-37
Figure 21-13 SNA Local Address Prioritization 21-40
Figure 21-14 Dual Port Source-Route Bridge Configuration 21-47
Figure 21-15 Four-Port Source-Route Bridge 21-48
Figure 21-16 Two Virtual Rings Connected by an Actual Token Ring 21-49
Figure 21-17 Remote Source-Route Bridging Using TCP as Transport 21-50
Figure 21-18 Remote Source-Route Bridging Using FST as Transport 21-51
Figure 21-19 Remote Source-Route Bridge Using All Types of Transport Methods 21-53
Figure 21-20 RSRB with Local AcknowledgmentLess Complex Configuration 21-54
Figure 21-21 Network Topology for RSRB with Local Acknowledgment and Passthrough 21-58
Figure 21-22 Remote Source-Route Bridging Using Local AcknowledgmentMore Complex Example 21-61
Figure 21-23 RSRBSimple Reliability 21-63
Figure 21-24 Assigning RIP to Source-Route Bridge 21-65
Figure 21-25 Assigning RIF to Two-Hop Path 21-65
Figure 21-26 Example of Simple SR/TLB Configuration 21-66
Figure 21-27 Example of Bit-Swapped Address 21-68
Figure 21-28 Specifying Static Entry 21-69
Figure 21-29 Router with Two Token Rings Configured as Local Source-Route Bridge 21-69
Figure 21-30 Router with Three Token Rings Configured as Multiport Bridge 21-70
xl Router Products Configuration Guide Figure 21-31 Router Filtering Bridged Token Ring Packets to IBM Machines 21-72
Figure 21-32 Router Filtering SNAP Frames on Output 21-73
Figure 21-33 Network Configuration Using NetBIOS Access Filters 21-76
Figure 21-34 RSRB Configuration Example 21-76
Figure 22-1 SDLC Session without Local Acknowledgment 22-5
Figure 22-2 SDLC Session with Local Acknowledgment 22-6
Figure 22-3 Serial Link Address Prioritization 22-9
Figure 22-4 SNA Logical Unit LU Address Prioritization 22-10
Figure 22-5 IBM SDLC Configuration without Proxy Polling 22-11
Figure 22-6 IBM SDLC Configuration with Proxy Polling 22-12
Figure 22-1 STUN Simple Serial Transport 22-14
Figure 22-B STUN TCP/IP Encapsulation 22-15
Figure 22-9 STUN Communication Involving Line-Sharing Device 22-18
Figure 23-1 Two SDLC Secondary Stations Attached to Single Serial Interface through an MSD 23-11
Figure 24-1 SNA Link-Level Support 24-1
Figure 24-2 SDLLC with Ethernet and Translational Bridging 24-7
Figure 24-3 SDLLC Communication between 37x5 and 3x74 Connected to the Same Router Direct Connection 24-10
Figure 24-4 SDLLC with Single Router using RSRB 24-10
Figure 24-5 SDLLC with RSRB with Single 3x74 24-11
Figure 24-6 SDLLC with RSRB Multiple 3x74s 24-12
Figure 24-1 SDLLC with RSRB and Local Acknowledgment 24-14
List of Figures xli xlii Router Products Configuration Guide 0F TABLES
Table 2-1 Summary of Command Modes 2-3
Table 2-2 Editing Keys and Functions for Software Release 9.1 and Earlier 2-25
Table 2-3 Special Telnet Commands 2-33
Table 5-2 Protocols that have Access Lists Specified by Names 5-17
Table 5-1 Factory Diagnostic Mode Settings for the Configuration Register 5-17
Table 5-3 Protocols that have Access Lists Specified by Numbers 5-18
Table 5-4 Error Message Logging Keywords 5-30
Table 5-5 Logging Facility Types 5-31
Table 6-1 Subinterface Configuration Commands 6-19
Table 6-2 Commands that Allow Subinterfaces as Parameters 6-20
Table 6-3 Show Commands that Allow Subinterfaces as Parameters 6-21
Table 6-4 ISDN Office Switch Types 6-33
Table 7-1 LAPB Parameters 7-7
Table 7-2 Protocols and Initial Byte of Call User Data 7-11
Table 7-3 DDN IntemetlX 121 Address Conventions 7-17
Table 7-4 X.25 Virtual Circuits 7-22
Table 7-5 X.25 Retransmission Timers 7-25
Table 9-1 Protocol Families and Types of Multicasts Needed 9-7
Table 10-1 CCITT V.25bis Options 10-3
Table 10-2 Modem Script Execution 10-28
Table 10-3 System Script Execution 10-28
Table 12-1 AppleTalk Phase and Phase 12-3
Table 12-2 Zone and Interface Associations for Partial Zone Advertisement Example 12-38
Table 12-3 Partial Zone Advertisement Control on Network 30 12-38
Table 14-1 Packet Exchange between Nodes and 14-19
Table 15-1 Reserved and Available Internet Addresses 15-4
Table 15-2 Configuration Register Settings for Broadcast Address Destination 15-16
Table 15-3 Default Security Keyword Values 15-25
Table 16-1 Default Administrative Distances 16-35
Table 16-2 Default Administrative Distances 16-40
Table 17-1 Sample Routing Table Entries 17-5
Table 17-2 Hierarchical Routing Examples 17-5
Table 18-1 Novell IPX Encapsulation Types on IEEE Interfaces 18-4
List of Tables xliii Table 182 IPX Filters 18-5
Table 19-1 XNS Filters 19-5
xliv Router Products Configuration Guide AboutThis Manual
This section discusses the objectives audience organization and conventions of the Router
Products Configuration Guide publication
Document Objectves
maintain includes task This publication describes the tasks necessary to configure and your router It does overviews expanded descriptions of tasks and comprehensive configuration examples It not with the provide complete command syntax descriptions and therefore must be used in conjunction
Router Products Command Reference
Audence
This publication is intended primarily for network administrators who will be configuring and
maintaining routers but are not necessarily familiarwith the tasks involved the relationship between tasks them or the commands necessary to perform particular
Document Organzaton
Each related tasks This publication is divided into five main parts part comprises chapters describing
in this matches the of or functions The organization of parts and chapters publication organization
that this document does not parts and chapters in the Router Products Command Reference except follows contain appendixes The parts in this publication are as
Part One Product Introduction contains an overview of the router and task descriptions for the
with this system user interface and command parser Begin your system configuration process
part of the manual
Part Two System and Interface Configuration and Management describes the tasks pertaining and and also describes to system interfaces system booting terminal session asynchronous lines EXEC commands
Part Three Wide-Area Networking describes the tasks pertaining to X.25 Frame Relay
SMDS and dial-on-demand routing
Part Four Routing Protocols contains chapters that describe how to configure each network
protocol that we support These protocols include Apollo Domain AppleTalk Banyan VINES DECnet Internet Protocol IP ISO Connectionless Network Services CLNS Novell IPX and in Xerox XNS including Ungermann-Bass and 3Com The chapters are arranged alphabetical
order for ease of use The routing protocols including IGRP BGP RIP OSPF
IS-IS and ISO-IGRP also are discussed
About This Manual xlv Document Conventions
Part Five Bridging contains chapters that describe how to configure transparent bridging
source-route bridging source-route transparent SRT bridging and source-route transparent
translational bridging SRJTLB on our routers/bridges
Part Six IBM Networking contains chapters that describe how to configure the SDLC
network Included also transport and serial tunneling mechanisms in an IBM local-area are the
commands for the Local Acknowledgment feature managing your source-route bridges with
LAN Network Manager and SDLLC our solution to translating between IBMs SDLC data link
protocol for serial lines and ISOs LLC2 data link protocol for Token Ring networks
Document Conventions
Software and hardware documentation uses the following conventions
The symbol or Ctrl represent the key labeled Control For example the key combination AD or
Ctrl-D means hold down the Control key while you press the key Keys are indicated in
capitals but are not case sensitive
string is defined as nonquoted set of characters For example when setting up community
around the the will include the string for SNMP to public do not use quotes string or string
quotation marks
Command descriptions use these conventions
Commands and keywords are in boldface font
Arguments for which you supply values are in italic font
Elements in square brackets are optional
vertical bars Alternative but required keywords are grouped in braces and separated by
Examples use these conventions
Examples that contain system prompts denote interactive sessions indicating that the user enters
commands at the prompt The system prompt indicates the current command mode For example
the prompt router conf ig indicates global configuration mode
Terminal sessions and information the system displays are in screen font
in font Information you enter is boldface ecreen
Nonprinting characters such as passwords are in angle brackets
in brackets Default responses to system prompts are square
Exclamation points at the beginning of line indicate comment line They are also displayed
by the router for certain processes
Caution Means reader be careful You are capable of doing something that might result in
equipment damage or loss of data
Note Means reader take note Notes contain helpful suggestions or references to materials not
contained in this manual
xlvi Router Products Configuration Guide Product
Dntroduct�on CHAPTER
Router Product Overview
Complex intemetworks have grown past the point where they can depend on equipment from single
vendor At the same time small independent networks are finding it necessary to interconnect and
interoperate Virtually all organizations creating and connecting local-area networks LANs and
wide-area networks WAN5 today have major commitments to hardware and software from many
different vendors Therefore current and future internetworking requires products that support
multiprotocol and multimedia networks with multivendor products
Our routers connect LANs and WANs and allow them to interoperate with equipment from most
vendors over most available media This chapter describes the protocols and media that our routers
support
Supported Network Protocos
Our routers support many networking protocols as well as several routing protocols These protocols
are based on both open standards and proprietary protocols from variety of vendors Our routers
also support wide set of bridging and IBM connectivity solutions
Our routers can forward packets concurrently from any combination of the following
WAN protocols
X.25 and its derivatives including LAPB and DDN X.25
Frame Relay
Switched Multimegabit Data Service SMDS
Dial-on-Demand Routing DDR
Integrated Services Digital Networks ISDN
Point-to-Point Protocol PPP
High-level Data Link Control HDLC
SLIP for asynchronous lines
LAN protocols
Apollo Domain
AppleTalk Phase and Phase
Banyan VINES
DBCnet Phase IVfPhase
Internet Protocol IP
Router Product Overview 1-1 Supported Media
ISO Connectionless Network Services CLNS and Connection Mode Network Services CMNS
Novell IPX
XNS and Ungermann-Bass
Bridging types
Source-route transparent SRT bridging
Transparent bridging TB
Source-route bridging SRB
Remote source-route bridging RSRB
Source-route translational bridging SRJTLB
Support for IBM networking
Serial tunneling STUN
Synchronous Data Link Control SDLC
LLC2
SDLLC
Supported Meda
Our routers support the following industry-standard networking media
EthernetIEEE 802.3 and Type II
Token RingIEEE 802.5
FDDIsingle and dual mode
Synchronous serialV.35 RS-232 RS-449 RS-530 and X.21
High-Speed Serial Interface HSSIsupports T3 E3 and SONIET rates
Usng the Router
Your router comes with its software already installed You normally connect an ASCII terminal to
the routers console port and it is from this terminal that you configure and manage the router For
hardware installation procedures refer to the hardware manual for your router platform
When you boot the router it loads system image that contains specific version of system
software It also loads configuration files which contain commands that customize the operation of
your router.You also can use TFTP to retrieve these configuration files from remote network
device These files can be stored on the local router on remote router that has been configured as
TFTP server or on host running TFTP For information about booting the router refer to the
discussion of loading system images microcode images and configuration files in Chapter of this manual
You can build most straightforward configurations of the router and create configuration file using
the setup facility This facility is described in the Router Products Getting Started Guide To
enhance the configuration use the protocol-specific commands described in Chapters through 24
of this manual
1-2 Router Products Configuration Guide Using the Router
that lets The router software provides user interface called command interpreter or EXEC you
the This interface also context-sensitive The configure and manage router user provides help which of command interpreter has several different command modes each of provides group commands related commands that you can use to configure the router and display its status Some been are available to all users while others can be executed after an enabling password has given by information about command The command the operator Context-sensitive help gives syntax
in of this manual interpreter and its help feature are described Chapter
terminal and You use the command-line parser to configure interfaces sessions asynchronous
communications lines Interfaces are connections to network media such as Ethernet Token Ring
and serial media You configure them to run different routing protocols and other networking
and modems connected to the router that other network protocols You configure terminal sessions so
is described in of this the users can log in to the router Configuring interfaces Chapter manual
these interfaces described in routing bridging and IBM protocols you can configure on are Chapters
and communications lines through 24 of this manual Configuring terminal sessions asynchronous
is discussed in Chapter of this manual
such tasks the You also can configure and manage the router itself performing as naming router
tasks described in setting the routers time configuring SNMP and setting security These are
Chapter of this manual
about router Refer to the Documentation for We provide various documentation your Roadmap
the various For the latest information information about the interrelationship among documents
about the software including new features added since the documentation was printed and
additional caveats about using the software refer to the release notes that accompany it
Router Product Overview 1-3 Using the Router
1-4 Router Products Configuration Guide CH APTE1
Understanding the User Hnterlace
The interface router user provides several different command modes Each command mode provides of related This group commands chapter describes how to access and list the commands available
in each command mode It also discusses the user interface to Telnet which you might use to connect
to another router
Entering at the system prompt allows you to obtain list of commands available for each command mode
The command is called the The the commands interpreter EXEC EXEC interprets you type and carries out the corresponding operations You must log into the router before you can enter an EXEC
command For security purposes the EXIEC has two levels of access to commands user and
privileged The EXEC commands available at the user level are subset of the EXEC commands
available at the privileged level From the privileged level you can also access global configuration
mode and six specific configuration modes interface subinterface line router ipx-router and route- map configuration
Almost every system configuration command also has no form In general use the no form to
disable feature or function Use the command without the keyword no to reenable disabled feature
enable feature that is disabled default For IP or by example routing is enabled by default Specify
the command no ip routing to disable IP routing and specify ip routing to reenable it The Router Products Command Reference publication provides the complete syntax for every command and describes what the no form of command does
If does find valid your router not system image or if its configuration file is corrupted at startup the system may enter read-only memory ROM monitor mode brief description of the ROM
monitor mode is included in this chapter
The interface user also provides context-sensitive help on command syntax This chapter describes how the to use help system It also describes the command editing and command history features that enable you to recall previous command entries and easily edit command entries
For complete description of the commands mentioned in this chapter refer to Chapter of the
Router Products Command Reference publication
Understanding the User Interface 2-1 User Interface Task List
User nterface Task List
You can perform the following tasks to become familiarwith the routers user interface to configure
various aspects of the user interface and to use Telnet connections
Access each command mode page 2-2
Get context-sensitive help page 2-15
Check command syntax page 2-17
Use the command history features page 2-18
Use the editing features page 2-20
Set terminal parameters page 2-25
Lock the keyboard page 2-29
Set pending output notification page 2-29
Prevent errant connection attempts page 2-29
Configure Telnet capabilities for session page 2-29
Use Telnet connections page 2-3
Monitor Telnet connections page 2-34
Access Each Command Mode
This section describes how to access each of the routers command modes
User EXEC mode
Privileged EXEC mode
Global configuration mode
Interface configuration mode
Subinterface configuration mode
Line configuration mode
Router configuration mode
IPX-router configuration mode
Route-map configuration mode
ROM monitor mode
Table 2-1 lists the command modes how to access each mode the prompt you will see while you
are in that mode and the method to exit that mode The prompts listed assume the default router name Router
2-2 Router Products Configuration Guide Access Each Command Mode
Table 2-1 Summary of Command Modes
Command
Mode Access Method Prompt Exit Method
User EXEC Log into router Router Use the logout command
From EXEC Routera Privileged user mode use the To exit back to user EXEC mode use the disable EXEC enable EXEC command command
To exit into global configuration mode use the
configure privileged EXEC command
Global use the Router To exit From privileged EXEC mode config to privileged EXEC mode use the exit or
configuration configure privileged EXEC end command or press Ctrl-Z command To exit to interface configuration mode enter an
interface configuration command
Interface Routerconfig-if From global configuration mode To exit to global configuration mode use the exit
configuration enter by specifying an interface with command
an interface command To exit to privileged EXEC mode press Ctrl-Z
To exit to subinterface configuration mode specify
subinterface with the interface command
Subinterface From To exit global configuration mode Routerconfig-subif to global configuration mode use the exit
configuration specify subinterface with an command interface command To exit to privileged EXEC mode press Ctrl-Z
Line Router To From global configuration mode config1ine exit to global configuration mode use the exit
configuration enter by specifying line with an line command command To exit to privileged EXEC mode press Ctrl-Z
Router Routerconfig-router From global configuration mode To exit to global configuration mode use exit
configuration enter by specifying router with command router command To exit to privileged EXEC mode press Ctrl-Z
router Router IPX From global configuration mode configipx-router To exit to global configuration mode use the exit
configuration enter by specifying the ipx router command command
Route From Routerconfig-route-rnapa To exit to map global configuration mode global configuration mode use the exit configuration enter by specifying the route-map command command To exit to privileged EXEC mode press Ctrl-Z
ROM From EXEC use the To exit privileged mode to user EXEC mode press to continue monitor reload EXEC command Press Break
during the first 60 seconds while the
system is booting
The preceding table might not include all of the possible ways to access or exit each command mode
Understanding the User Interface 2-3 Access Each Command Mode
User EXEC Mode
After you log into the router you are automatically in user EXEC command mode The EX1EC
commands available at the user level are subset of those available at the privileged level In
general the user EXEC commands allow you to connect to remote routers change terminal settings
on temporary basis perform basic tests and list system information
To list the user EXEC commands complete the following task
Task Command
List the user EXEC commands
The user-level prompt consists of the routers host name followed by the angle bracket
Router
The default host name is Router unless it has been changed during initial configuration using the
setup command Refer to the Router Products Getting Started Guide for information on the setup
facility You can also change the router name using the hostname global configuration command
as described in Chapter
Example
To list the commands available in user EXEC mode enter as shown in the following example
Router Exec commands connect Open terminal connection disconnect Disconnect an existing telnet session enable Turn on privileged commands exit Exit from the EXEC help Description of the interactive help system lock Lock the terminal
login Log in as particular user logout Exit from the EXEC name-connection Name an existing telnet connection ping Send echo messages resume Resume an active telnet connection show Show running system information
systat Display information about terminal lines telnet Open telnet connection terminal Set terminal line parameters where List active telnet connections Router
this how router has The list of commands may vary slightly from example depending upon your
been configured
The user EXEC commands that set terminal parameters are shown in the section Configure Telnet
Capabilities for Session later in this chapter
Privileged EXEC Mode
Because many of the privileged commands set operating parameters privileged access should be
password-protected to prevent unauthorized use The command set includes those commands
contained in user EXEC mode as well as the configure command through which you can access the
2-4 Router Products Configuration Guide Access Each Command Mode
also includes remaining command modes Privileged EXEC mode high-level testing commands
such as debug For details on the debug command see the Debug Command Reference publication
For details on the setup command see the Router Products Getting Started Guide
To access and list the privileged EXEC commands complete the following tasks
Task Command
Step Enter the privileged EXEC mode enable
asswordl
Step List privileged EXEC commands
If the system administrator has set password you are prompted to enter it before being allowed
access to privileged EXEC mode The password is not displayed on the screen and is case-sensitive
The system administrator uses the enable password global configuration command to set the
password that restricts access to privileged mode This command is described in Chapter
The privileged-level prompt consists of the routers host name followed by the pound sign If
the router named with the hostname that would the was command name appear as prompt instead of Router
Router
Understanding the User Interface 2-5 Access Each Command Mode
Example
The following example shows how to access privileged EXEC mode and list privileged EXEC commands
Router enable Pas sword Router Exec commands bfe For manual emergency modes setting clear Reset functions clock Manage the system clock configure Enter configuration mode connect Open terminal connection copy Copy config file to or from tftp server debug Debugging functions disable Turn off privileged commands disconnect Disconnect an existing telnet session enable Turn on privileged commands exit Exit from the EXEC
help Description of the interactive help system llc2 Execute llc2 tests lock Lock the terminal
login Log in as particular user logout Exit from the EXEC nameconnection Name an existing telnet connection ping Send echo messages reload Halt and perform cold restart resume Resume an active telnet connection
send Send message to other tty lines setup Run the SETUP command facility show Show running system information systat Display information about terminal lines telnet Open telnet connection terminal Set terminal line parameters test Test subsystems memory and interfaces trace Trace route to destination where List active telnet connections
whichroute Do route table lookup and display results write Write running configuration to memory network or terminal Router
list of this router has The commands may vary slightly from example depending upon how your
been configured
From the privileged level you can access global configuration mode For instructions see Global
Configuration Command Mode which follows this section
To return from privileged EXEC mode to user EXEC mode perform the following task
Task Command
Move from privileged EXEC mode to user EXEC mode disable
GobaI Configuration Mode
Global configuration commands apply to features that affect the system as whole Use the
configure privileged EXEC command to enter global configuration mode When you enter this
command the EXEC prompts you for the source of the configuration commands
Configuring from terminal memory or network
2-6 Router Products Configuration Guide Access Each Command Mode
You then either the can specify terminal nonvolatile memory NVRAM or file stored on network server as the source of commands The default configuration see Chapter is to type in commands from the terminal console Pressing the Return key begins this configuration method
Commands to enable particular routing or bridging function are also global configuration commands For information on protocol-specific global configuration commands see the
appropriate chapter in this guide
To and list access the global configuration commands complete the following tasks
Task Command
At the from the Step terminal privileged EXEC mode enter configure
configuration mode CR
Step List the global configuration commands
Example
The shows how following example to access global configuration mode and list global configuration commands
Router configure Configuring from terminal memory or network CR Enter configuration commands one per line End with CNTL/Z Routerconfig Configure commands
accesslist Add an access list entry apollo Apollo global configuration commands appl eta 1k Appletalk global configuration commands arp Set static ARP entry asyncbootp Modify system bootp parameters autonomous system Specify local AS number to which we belong banner Define login banner boot Modify system boot parameters bridge Transparent bridging buffers Adjust system buffer pool parameters busy-message Display message when connection to host fails chat-script Define modem chat script clns Global CLNS configuration subcommands
clock Configure time-of-day clock decnet Global DECnet configuration subcommands default -value Default character-bits values
dialerlist Create dialer list entry enable Modify enable password parameters end Exit from configure mode exit Exit from configure mode
frame-relay Global frame relay configuration commands help Description of the interactive help system hostname Set systems network name interface Select an interface to configure ip Global IP configuration subcommands ipx Novell/IPX global configuration commands line Configure terminal line lnm IBM Lan Manager locaddr-priority-list Establish queueing priorities based on LU address logging Modify message logging facilities login-string Define host-specific login string mop The DEC MOP Server netbios NETBIOS access control filtering no Negate command or set its defaults ntp Configure NTP
Understanding the User Interface 2-1 Access Each Command Mode
priority-list Build priority list
queue-list Build custom queue list rif Source-route RIF cache routemap Create route-map or enter routemap command mode router Enable routing process scheduler-interval Maximum interval before running lowest priority process service Modify use of network based services smt-queue-threshold Set the max number of unprocessed SMT frames snmpserver Modify SNMP parameters source-bridge Source-route bridging ring groups stun STUN global configuration commands
tacacs-server Modify TACACS query parameters tftp-server Provide TFTP service for netload requests tn3270 tn3270 configuration command username Establish User Name Authentication
vines Vines global configuration commands x25 X.25 Level
xns XNS global configuration commands Router config
The list of commands may vary slightly from this example depending upon how your router has
been configured
To exit global configuration command mode and return to privileged EXEC mode use one of the
following commands
Task Command
Exit global configuration mode exit
end CtrlZ
From global configuration mode you can access six configuration sublevels interface subinterface
line router ipx-router and route-map configuration commands These command modes are
described in the following sections
Onterface Configuraton Mode
Many features are enabled on per-interface basis Interface configuration commands modify the operation
of an interface such as an Ethernet FDDI or serial port Interface subcommands always follow an interface
command which defines the interface type
For details on interface configuration commands that affect general interface parameters such as
bandwidth clock rate and so on see Chapter For protocol-specific commands see the appropriate
chapter in this guide
To access and list the interface configuration commands complete the following tasks
Task Command
Step From global configuration mode enter interface inteiface-type interface-number
interface configuration mode
Step List the interface configuration commands
2-8 Router Products Configuration Guide Access Each Command Mode
Example
In the following example serial interface is about to be configured The new prompt
indicates interface config-if configuration mode In this example the user asks for help by requesting list of commands
Routerconfig interface serial CR Router config-if Interface configuration commands access-expression Build bridge boolean access expression apollo Apollo interface subcommands appletalk Appletalk interface subcornmands
arp Set arp type arpa probe snap or timeout backup Modify dial-backup parameters bandwidth Set bandwidth informational parameter bridge-group Transparent bridging interface parameters clns CLNS interface subcommands
clockrate Configure serial interface clock speed custom-queue-list Assign custom queue list to an interface decnet Interface DECnet config commands delay Specify interface throughput delay description Interface specific description dialer Dial-on-demand routing DDR commands dialer-group Assign interface to dialer-list down-when-looped Force looped serial interface down
encapsulation Set encapsulation type for an interface ethernet-transit-oui Token-ring to Ethernet OUI handling exit Exit from interface configuration mode frame-relay Set frame relay parameters hdh Set HDH mode
help Description of the interactive help system hold-queue Set hold queue depth ip Interface Internet Protocol config commands ipx Novell interface subcomrnands isis IS-IS commands iso-igrp ISO-IGRP interface subcommands keepalive Enable keepalive lapb X.25 Level parameters Link Access Procedure Balanced llc2 LLC2 Interface Subcommands 1mm IBM Lan Manager
locaddrpriority Assign priority group loopback Configure internal loopback on an interface mac-address Manually set interface MAC address mop DEC MOP server commands mtu Set the interface Maximum Transmission Unit MTU netbios Use defined NETBIOS access list or enable name-caching no Negate command or set its defaults ntp Configure NTP ppp Point-to-point protocol
priority-group Assign priority group to an interface pulse-time Enables pulsing of DTR during resets pup PUP interface subcommands sdlc SDLC commands sdllc Configure SDLC to LLC2 translation shutdown Shutdown the selected interface smds Modify SMDS parameters source-bridge Configure interface for source-route bridging stun STUN interface subcommands
transmit-interface Assign transmit interface to receive-only interface transmitter-delay Set dead-time after transmitting datagram tunnel protocol-over-protocol tunneling tx-queue-limit Configure card level transmit queue limit vines Vines interface subcoxnmands xns XNS interface subcommands
Understanding the User Interface 2-9 Access Each Command Mode
list of this router has The conmiands may vary slightly from example depending upon how your
been configured
To exit interface configuration mode and return to global configuration mode enter the exit
command Or press Ctrl-Z to exit configuration mode and return to privileged EXEC mode
Subnterface Configiration Mode
You can configure multiple virtual interfaces called subinterfaces on single physical interfaëe
This feature is supported on the following interfaces
Serial interfaces with Frame Relay encapsulation
Token Ring interfaces IPX only
FDDI interfaces IPX only
Ethernet interfaces IPX only
Subinterfaces appear to be distinct physical interfaces to the various protocols For example Frame
Relay networks provide multiple point-to-point links called permanent virtual circuits PVCs
PVCs can be grouped under separate subinterfaces that in turn are configured on single physical
interface From bridging spanning tree viewpoint each subinterface is separate bridge port and
frame arriving on one subinterface can be sent out on another subinterface
Subinterfaces also allow multiple encapsulations for protocol on single interface For example
router can receive an ARPA-framed IPX packet and forward the packet back out the same physical
interface as SNAP-framed IPX packet
For detailed information on how to configure subinterfaces see Chapter For information on how
to configure Frame Relay bridging IPX and IF subinterfaces see the appropriate chapters in this guide
To access and list the subinterface configuration commands complete the following tasks
Task Command
Step From interface configuration mode configure virtual See the example that follows For list of all
interface interface commands that allow subinterface
implementation see Chapter
Step List the subinterface configuration commands
Example
In the following example subinterface is configured for serial line which is configured for Frame
Relay encapsulation The subinterface is called 2.1 to indicate that it is subinterface of serial
interface The new prompt configsubif indicates subinterface configuration mode The
subinterface can be configured to support one or more Frame Relay PVCs To list the commands
available in subinterface configuration mode enter question mark
Routerconfig interface serial Router config-if encapsulation frame-relay Routerconfig-if interface serial 2.1 Router config-subif Interface configuration commands apollo Apollo interface subcommands appletalk Appletalk interface subcommands bandwidth Set bandwidth informational parameter bridge-group Transparent bridging interface parameters
2-10 Router Products Configuration Guide Access Each Command Mode
clns CLNS interface subcommands
decnet Interface DECnet config commands delay Specify interface throughput delay description Interface specific description exit Exit from interface configuration mode framerelay Set frame relay parameters ip Interface Internet Protocol config commands ipx Novell interface subcommands isis ISIS commands
isoigrp ISO-IGRP interface subcommands no Negate command or set its defaults ntp Configure NTP shutdown Shutdown the selected interface
The list of commands from this how may vary slightly example depending upon your router has been configured
To exit subinterface configuration mode and return to global configuration mode enter the exit
command Or press Ctrl-Z to exit configuration mode and return to privileged EXEC mode
Line Configuration Mode
Line commands the configuration modify operation of serial terminal line Line configuration
commands always follow line command which defines line number These commands are
used to connect to generally remote routers change terminal parameter settings on line-by-line
and set the modem basis up auxiliary port configuration to support Dial-on-Demand Routing DDR see Chapter 10
To and list the access auxiliary port console port and virtual terminal line configuration commands
complete the following tasks
Task Command
Step From global configuration mode configure an line aux con vty line-n umber
auxiliary console or virtual terminal line number
Step List the line configuration commands
Example The following example shows how to enter line configuration mode for virtual terminal line and
list the line configuration commands
Routerconfig line vty CR Router config-line Line configuration commands
access-class Filter connections based on an IP access list activationcharacter Define the activation character autobaud Set line to autobaud autocommand Automatically execute an EXEC command autohangup Automatically hangup when last connection closes autohost Automatically connect to host cts-required Require CTS on line data-character-bits Size of characters being handled databits Set number of data bits per character disconnect-character Define the disconnect character dispatch-character Define the dispatch character dispatch-timeout Set the dispatch timer editing Enable command line editing escape-character Change the current lines escape character
Understanding the User Interface 2-11 Access Each Command Mode
exec Start an EXEC process exec-banner Enable the display of the EXEC banner exec-character-bits Size of characters to the command exec exec-timeout Set the EXEC timeout exit Exit from line configuration mode flowcontrol Set the flow control help Description of the interactive help system history Set the size of the command history buffer holdcharacter Define the hold character
length Set number of lines on screen location Enter terminal location description lockable Allow users to lock line
login Enable password checking modem Configure the Modem Control Lines monitor Copy debug output to the current terminal line no Negate command or set its defaults notify Inform users of output from concurrent sessions padding Set padding for specified output character parity Set terminal parity password Set password private Configuration options that user can set will remain in effect between terminal sessions refusemessage Define refuse banner rotary Add line to rotary group rxspeed Set the receive speed sessionlimit Set maximum number of sessions sessiontimeout Set interval for closing connection when there is no input traffic
specialcharacter-bits Size of the escape and other special characters speed Set the transmit and receive speeds start-character Define the start character
stop-character Define the stop character stopbits Set async line stop bits telnet Telnet protocol-specific configuration telnet-transparent Send CR as CR followed by NULL instead of CR followed by LF terminal-type Set the terminal type transport Define transport protocols for line txspeed Set the transmit speeds vacantmessage Define vacant banner width Set width of the display terminal Router config-line
The list of commands may vary from this example depending upon how your router has been
configured
To exit line configuration mode and return to global configuration mode use the exit command To
exit configuration mode and return to privileged EXEC mode press Ctrl-Z
Router Configuration Mode
Router configuration commands configure routing protocol and always follow router command
To access and list the router configuration commands complete the following tasks
Task Command
Step From global configuration mode enter router router
configuration mode See the list in the example for keywords
Step List the router configuration commands
2-12 Router Products Configuration Guide Access Each Command Mode
Examples
To list the available the router router configuration keywords enter command followed by space
and question mark at the global configuration prompt
Routerconfig router bgp Border Gateway Protocol BGP egp Exterior Gateway Protocol EGP igrp Interior Gateway Routing Protocol IGRP isis ISO ISIS
iso-igrp IGRP for OSI networks ospf Open Shortest Path First OSPF rip Routing Information Protocol RIP static Static CLNS Routing
In the following example the router is configured to support the routing information protocol RIP The new prompt is config-router
Routerconfig router rip Router config-router Router configuration commands default-information Control distribution of default information default-metric Set metric of redistributed routes distance Define an administrative distance distribute-list Filter networks in routing updates exit Exit from routing protocol configuration mode
help Description of the interactive help system neighhor Specify neighbor router network Enable routing on an IP network no Negate or set default values of command offset-list Add or subtract offset from IGRP RIP or HELLO metrics passive-interface Suppress routing updates on an interface redistribute Redistribute information from another routing protocol timers Adjust routing timers Router config
list of this router has The commands may vary slightly from example depending upon how your
been configured
To exit router configuration mode and return to global configuration mode enter the exit command
Or press Ctrl-Z to exit configuration mode and return to privileged EXEC mode
PXRouter Configuration Mode
Internet Packet Exchange IPX is Novell network-layer protocol To access and list the IPX
routing configuration commands complete the following tasks
Task Command
Step From global configuration mode enter ipx- ipx router
router configuration mode See the appropriate IPX chapter for keywords
Step List the ipx-router configuration commands
In the following example IPX RIP routing is configured The new prompt is config- ipx-router
Routerconfig ipx router ripCR Routerconfig-ipx-router
To exit IPX router configuration mode and return to global configuration mode enter the exit
command Or press Ctrl-Z to exit configuration mode and return to privileged EXEC mode
Understanding the User Interface 2-13 Access Each Command Mode
RouteMap Configuration Mode
The route-map command set is used to configure routing table and source and destination
information To access and list the route-map configuration commands complete the following
tasks
Task Command
Step From global configuration mode enter route-map configuration route-map map tagi mode
Step List the route-map configuration commands
In the following example route map named arizonal is configured The new prompt is
config-route-rnap Enter question mark to list route-map configuration commands
Routerconfig route-map WORD Route map tag Routerconfig route-map arizonal CR Router config-route-map Route Map configuration commands exit Exit from route-map configuration mode help Description of the interactive help system match Match values from routing table no Negate or set default values of command set Set values in destination routing protocol Router config-route-map
To exit route-map configuration mode and return to global configuration mode enter the exit
command Ctrl-Z to exit mode and return to mode Or press configuration privileged EXEC
ROM Monitor Mode
If your router does not find valid system image or if its configuration file is corrupted at startup the system may enter read-only memory ROM monitor mode From ROM monitor mode you can
boot the router or perform diagnostic tests
From the Cisco 2000 Cisco 3000 and Cisco 4000 you can also enter ROM monitor mode by
entering the reload EXEC command and then pressing the Break key during the first 60 seconds of
startup To save changes to the configuration file use the write memory command before issuing the reload command
To access and list the ROM monitor configuration commands complete the following tasks
Task Command
Enter RUM monitor mode from privileged EXEC reload
mode Press Break during the first 60 seconds while the
system is booting
List the RUM monitor commands
2-14 Router Products Configuration Guide Get Context-Sensitive Help
The ROM monitor prompt is the angle bracket
state Toggle cache state for help Server IF address TFTP Server Name Load and execute system image from ROB or from TFTP server Continue execution address /5 Deposit value of size into location with modifier /S Examine location with size with modifier Begin execution Help for commands Initialize Stack trace
Server IF address TFTP Server Name Load system image from RON or from TFTP server but do not begin execution Show configuration register option settings Set the break point
Single step next instruction function Test device for help
Deposit and Examine sizes maybe byte long or short Modifiers may be register or byte swap Register names are DOD7 AOA6 SS US SR and PC
To return to user EXEC mode enter to continue To boot the system image file use the command
see Chapter For details on other ROM monitor mode commands refer to the appropriate hardware installation guide
Get ContextSenstve Hp
The previous sections described the first level of help available with the user interface Entering
question mark at the system prompt displays list of commands available for each command
mode You can also get list of any commands associated keywords and arguments with the
context-sensitive help feature
To get help specific to command mode command keyword or arguments perform one of the
following tasks
Task Command
Obtain brief description of the help system in any command mode help
Obtain list of commands that begin with particular character string abbreviated-command-entry
Complete partial command name abbreviated-command-entryTab
List all commands available for particular command mode
List commands associated keywords command
List keywords associated arguments command keyword
When context-sensitive using help the space or lack of space before the is significant To obtain
list of commands that begin with particular character sequence type in those characters followed
immediately by the Do not include space This form of help is called word help because it completes word for you
Understanding the User Interface 2-15 Get Context-Sensitive Help
To list keywords or arguments enter in place of keyword or argument Include space before
the This form of help is called command syntax help because it reminds you which keywords or
arguments are applicable based on the command keywords and arguments you already have entered
You can abbreviate commands and keywords to the number of characters that allow unique
abbreviation For abbreviate the show to example you can command sh
Example
is available in command for brief of the Enter the help command which any mode description
help system
Router help
Help may be requested at any point in command by entering question mark If nothing matches the help list will be empty and you must back up until entering shows the available options Two styles of help are provided Full help is available when you are ready to enter command argument e.g show and describes each possible argument Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e.g showpr
obtain As described in the help command output you can enter partial command name and to
list of commands beginning with particular character set See Complete Partial Command
Name later in this chapter for more detail
The following example illustrates how the context-sensitive help feature enables you to create an
access list from configuration mode First enter the letters co at the system prompt followed by
mark leave between the last letter and the The the question Do not space system provides
commands that begin with Co
Router co
configure connect copy
lists the commands and Enter the configure command followed by space and to keywords
brief explanation
Router configure memory Configure from NV memory network Configure from TFTP network host terminal Configure from the terminal cr
Enter the terminal keyword to enter configuration mode from the terminal
Router configure terminal Enter configuration commands one per line End with CNTL/Z Router config
2-16 Router Products Configuration Guide Check Command Syntax
Enter the accesslist command followed by space and to list the commands keywords
Routerconfig access-list 1-99 IP standard access list 100-199 IP extended access list 10001099 IPX SAP access list 1100-1199 Extended 48-bit MAC address access list 200-299 Protocol type-code access list 300-399 DECnet access list 400-499 XNS standard access list 500-599 XNS extended access list 600699 Appletalk access list 700-799 48bit MAC address access list 800899 IPX standard access list 900999 IPX extended access list
Enter the access list number 99 and then enter another to see the arguments that apply to the
keyword and brief explanations
Routerconfig access-list 99 deny Specify packets to reject permit Specify packets to forward
Enter the deny argument followed by to list additional options
Routerconfig access-list 99 deny A.B.C.D Address to match
Enter the IP address followed by to list additional options
Routerconfig accesslist 99 deny 131.108.134.0
A.B.C.D Mask of bits to ignore cr
The cr symbol appears in the list indicating that one of your options is to press Return to execute
the command The other option is to add wild-card mask Enter the wild-card mask followed by
to list further options
Routerconfig accesslist 99 deny 131.108.134.0 0.0.0.255 cr
Routerconfig accesslist 99 deny 131.108.134.0 0.0.0.255
The cr symbol by itself indicates there are no more keywords or arguments Press Return to
execute the command The system adds an entry to access list 99 that denies access to all hosts on subnet 131.108.134.0
Check Command Syntax
The user interface provides syntax checking in the form of an error location indicator The
character the in the command where have entered incorrect appears at point string you an command The location indicator and interactive allow keyword or argument error help system you to easily
find and correct syntax errors
the the clock In following example suppose you want to set router First use context-sensitive help
to check the syntax for setting the clock
Router clock set Set the time and date Router clock
Understanding the User Interface 211 Use the Command History Features
The help output shows that the set keyword is required Next check the syntax for entering the time
Router clock Set hhrrimss Current time Router clock set
Enter the current time
Router clock Set 133200 Incomplete command
The system indicates that you need to provide additional arguments to complete the command Press
Ctrl-P see the next sectionUse the Command History Features to automatically repeat the
previous command entry Then add space and question mark to reveal the additional arguments
Router clock Set 133200 1-31 Day of the month
January Month of the year February March
April
May June July August September October November December
Now you can complete the command entry
Router clock Set 133200 23 February 93
Invalid input detected at marker
The caret symbol and help response indicate an error at 93 To list the correct syntax enter the
command up to the point where the error occurred and then enter question mark
Router clock Set 133200 23 February 19932035 Year
Router4t clock set 133200 23 February
Enter the year using the correct syntax and press Return to execute the command
Router clock Set 133200 23 February 1993
Use the Command Hstory Features
With the current software release the user interface provides history or record of commands you
have entered This feature is particularly useful for recalling long or complex commands or entries
including access lists With the command history feature you can complete the following tasks
Set the command history buffer size
Recall commands
Disable the command history feature
2-18 Router Products Configuration Guide Use the Command History Features
Set the Command History Buffer Size
number of command By default the system records 10 command lines in its history buffer To set the the terminal the task in lines the system will record during current session complete following EXEC mode
Task Command
Enable the command history feature for the current terminal history size number of lines
terminal session
the task in To configure the number of command lines the system will record complete following
line configuration mode
Task Command
Enable the command history feature history size number of lines
Recall Commands
To recall commands from the history buffer perform one of the following tasks
Task Key Sequence/Command
Arrow.1 Recall commands in the history buffer beginning Press Ctrl-P or the Up
with the most recent command Repeat the key commands sequence to recall successively older
Arrow.1 Return to more recent commands in the history Press Ctil-N or the Down
buffer after recalling commands with Ctrl-P or the
Up Arrow Repeat the key sequence to recall
successively more recent commands
While in EXEC mode list the commands you have show history
just entered
The arrow keys function only on ANSI-compatible terminals such as VT100s
As mentioned this feature is particularly useful when you are entering long complex commands the Arrow such as access lists.To create several access lists with minor variations use Ctrl-P or Up
to recall previous access list then use the line editing feature to modify it
Understanding the User Interface 2-19 Use the Editing Features
Disabe the Command Hstory Feature
The command history feature is automatically enabled To disable it during the current terminal
session complete the following task in EXEC mode
Task Command
Disable the command history feature for the current session no terminal history size
To configure the line with the command history feature disabled complete the following task in line
configuration mode
Task Command
Configure the line so that the command history feature is disabled no history size
Use the Ed�ng Features
The current software release includes an enhanced editing mode that provides set of editing key
functions similar to those of the Emacs editor
You enter commands in can uppercase lowercase or mix of both Only passwords are case-
sensitive You can abbreviate commands and keywords to the number of characters that allow abbreviation unique For example you can abbreviate the show command to sh After entering the command line at the system prompt press the Return key to execute the command
The following tasks are described in this section
Enable enhanced editing mode
Move around on the command line
Complete partial command name
Paste in buffer entries
Edit command lines that wrap
Delete entries
Scroll down line or screen
Redisplay the current command line
Transpose mistyped characters
Control capitalization
Designate keystroke as command entry
Disable enhanced editing mode
2-20 Router Products Configuration Guide Use the Editing Features
Enable Enhanced Edi�ng Mode
Although enhanced editing mode is automatically enabled with the current software release you can
disable it and revert to the editing mode of previous software releases See the section Disable
Enhanced Editing Mode later in this chapter
To reenable the enhanced editing mode for the current terminal session complete the following task in EXEC mode
Task Command
Enable the enhanced editing features for the current terminal session terminal editing
To reconfigure the line to have enhanced editing mode complete the following task in line
configuration mode
Task Command
Enable the enhanced editing features editing
Move Around on the Command Line
Perform the following tasks to move the cursor around on the command line for corrections or
changes
Task Keystrokes
Move the cursor back one character Press Ctrl-B or
press the left arrow key.1
Move the cursor forward one character Press Ctrl-F or
press the right arrow key.1
Move the cursor to the beginning of the command line Press Ctrl-A
Move the cursor to the end of the command line Press Ctrl-E
Move the cursor back one word Press Esc-B
Move the cursor forward one word Press Esc-F
The arrow keys function only on ANSI-compatible terminals such as VT100s
Complete Partial Command Name
If you cannot remember complete command name you can use the Tab key to allow the system to
complete partial entry To do so perform the following task
Task Keystrokes
Recall complete command name Enter the first few letters and
press the Tab key
If your keyboard does not have Tab key press Ctrl-I instead
Understanding the User Interface 2-21 Use the Editing Features
Example
In the when the letters conf and Tab the following example you enter press the key system provides
the complete command
Router confTab Router configure
If of characters you enter set that could indicate more than one command the system beeps to
indicate an error Enter question mark to obtain list of commands that begin with that set of characters Do not leave space between the last letter and the question mark
For example there are three commands in privileged mode that start with co To see what they are
type co at the privileged EXEC prompt
Router co
configure connect copy Router4 co
Paste Buffer Entres
The system provides buffer that contains the last ten items you deleted You can recall these items
and paste them in the command line by performing the following task
Task Keystrokes
Step Recall the most recent entry in the buffer Press Ctrl-Y
Step Recall the next buffer entry Press Bsc-Y
The buffer contains only the last ten items you have deleted or cut If you press Esc-Y more than ten
times you will cycle back to the first buffer entry
Edit Command Lines that Wrap
The new editing command set provides wraparound feature for commands that extend beyond
single line on the screen When the cursor reaches the right margin the command line shifts ten
spaces to the left You cannot see the first ten characters of the line but you can scroll back and check
the syntax at the beginning of the command To scroll back perform the following task
Task Keystrokes
Return to the beginning of command line to Press Ctrl-B or the left arrow key repeatedly until
verify that you have entered lengthy command you scroll back to the beginning of the command
correctly entry or press Ctrl-A to return directly to the
beginning of the line The arrow keys function only
on ANSI-compatible terminals such as VT100s
2-22 Router Products Configuration Guide Use the Editing Features
In the following example the access-list command entry extends beyond one line When the cursor
first reaches the end of the the line is shifted the left and line ten spaces to redisplayed The
indicates that the line has been scrolled to the left Each time the cursor reaches the end of the line
the line is shifted the left again ten spaces to
Routerconfig accesslist 101 permit tcp 131.108.2.5 255.255.255.0 131.108.1 Routerconfig 101 permit tcp 131.108.2.5 255.255.255.0 131.108.1.20 255.25 Routerconfig $t tcp 131.108.2.5 255.255.255.0 131.108.1.20 255.255.255.0 eq Routerconfig $108.25 255.255.255.0 131.108.1.20 255.255.255.0 eq45
When you have completed the entry press Ctrl-A to check the complete syntax before pressing the
Return key to execute the command The appears at the end of the line to indicate that the line has
been scrolled to the right
Routerconfig access-list 101 permit tcp 131.108.2.5 255.255.255.0 131.108.l$
The router assumes you have terminal screen 80 columns wide If you have width other than that
use the terminal width command to tell the router the correct width of your terminal
Use line wrapping in conjunction with the command history feature to recall and modify previous
complex command entries See Recall Commands earlier in this chapter for information about
recalling previous command entries
Delete Entries
Perform of the entries any following tasks to delete command if you make mistake or change your mind
Task Keystrokes
Erase the character to the left of the cursor Press the Delete or Backspace key
Delete the character at the cursor Press Ctrl-D
Delete all characters from the cursor to the end of the command line Press Ctrl-K
Delete all characters from the cursor to the beginning of the command line Press Ctrl-U or Ctrl-X
Delete the word to the left of the cursor Press Ctrl-W
Delete from the cursor to the end of the word Press Esc-D
Scroll Down Line or Screen
the list commands available in When you use help facility to the particular mode the list is often
longer than the terminal screen can display In such cases ---More--- prompt is displayed at the
bottom of the screen To view the next line or screen complete the following tasks
Task Keystrokes
Scroll down one line Press the Return key
Scroll down one screen Press the Space bar
Understanding the User Interface 2-23 Use the Editing Features
Note The ---More--- prompt is used for any output that has more lines than can be displayed on
the terminal screen including show command output You can use the keystrokes listed above
whenever you see the ---More--- prompt
Redispay the Current Command Line
If you are entering command and the system suddenly sends message to your screen you can
easily recall your current cormnand line entry To do so perform the following task
Task Keystrokes
Redisplay the current command line Press Ctrl-L or Ctrl-R
Transpose Mistyped Characters
If you have mistyped command entry you can transpose the mistyped characters by performing
the following task
Task Keystrokes
Transpose the character to the left of the cursor with the Press Ctrl-T
character located at the cursor
Contr Capitalization
You can capitalize or lowercase words or capitalize set of letters with simple keystroke sequences
To do so perform the following task
Task Keystrokes
Capitalize the word at the cursor Press Esc-C
Change the word at the cursor to lowercase Press Esc-L
Capitalize letters from the cursor to the end of the word Press Esc-U
Designate Keystroke as Command Entry
executable Sometimes you may want to use particular keystroke as an command perhaps as
shortcut Complete the following task to insert system code for this purpose
Task Keystrokes
Insert code to indicate to the system that the keystroke Press Ctrl-V or Esc-Q
immediately following should be treated as command entry
not an editing key
2-24 Router Products Configuration Guide Set Terminal Parameters
Disable Enhanced Editing Mode
To disable enhanced editing mode and revert to the editing mode of previous software releases
perform the following task in EXEC mode
Task Command
Disable the enhanced editing features for the local no terminal editing
line
You might want to disable enhanced editing if you have prebuilt scripts for example scripts that do
not interact well when enhanced editing is enabled You can reenable enhanced editing mode with
the terminal editing command
The editing keys and functions of previous software releases are listed in Table 2-2
Table 2-2 Editing Keys and Functions for Software Release 9.1 and Earlier
Key Function
Delete or Backspace Erases the character to the left of the cursor
Ctrl-W Erases word
Ctrl-U Erases line
Ctrl-R Redisplays line
Ctrl-Z Ends configuration mode and returns to the EXEC
prompt
Return Executes single-line commands
Set TermnaO Parameters
The router supplies default serial communication parameters for terminal and other serial device
operation You can change these parameters as necessary to meet the requirements of the terminal
or host to which you are attached Use these commands during an EXEC session while you are using
device connected to the auxiliary port The local settings temporarily override those configured by
the system administrator remaining in effect only until you exit the system To configure terminal
parameters on more permanent basis use the commands provided in Chapter
You can define the following terminal operation characteristics
Communication speed databits stop bits and parity
Flow control
Packet dispatch sequences
Terminal type
Terminal screen length and width
character Escape key sequences
International character display
Character padding
Understanding the User Interface 2-25 Set Terminal Parameters
Set Communication Speed Databits Stop Bits and Parity
To change the following parameters for the duration of your session only perform the appropriate
tasks in EXEC mode
Task Command
Set the line speed for the current terminal terminal speed bps
session Choose from line speed transmit terminal txspeed bps
speed or receive speed Applies to aux port terminal rxspeed bps
only
Set the number of data bits per character that terminal databits
are interpreted and generated by hardware
for the current terminal session
Set the stop bits transmitted per byte by the terminal stopbits 1.5 21
current terminal session
Set the parity bit for the current terminal terminal parity none even odd space mark session
Set How ControO
On the aux port you can set both hardware and software flow control between the router and devices
attached to it Both types of flow control are bidirectional When you specify software flow control
an additional keyword specifies the direction in causes the router to listen to flow control from the
attached device and out causes the router to send flow control information to the attached device
If you do not specify direction the router enables software flow control in both directions
For software flow control the default stop and start characters are Ctrl-S and Ctrl-Q XOFF and
XON respectively However you can define characters or character sequences that signal the start
and end of data transmission when software flow control is in effect This capability is useful for
providing control of data over the serial line
The keyword hardware sets hardware flow control For information about setting up the RS-232 line see the hardware installation and maintenance manual for your product
Use these commands during an EXEC session while you are using device connected to the
auxiliary port These commands temporarily override the configured flow control parameters If
you want to configure terminal parameters on more permanent basis use the flow control
commands provided in Chapter
To set temporary flow control parameters for the current session perform one or more of the
following tasks in EXEC mode
Task Command
Set the terminal flow control terminal flowcontrol none software outi hardware
Set the flow control start character terminal start-character ASCII-number
Set the flow control stop character terminal stop-character ASCII-number
2-26 Router Products Configuration Guide Set Terminal Parameters
Create Packet Dispatch Sequences
The router supports configuration of dispatch sequences You can set up dispatch characters that
allow packets to be buffered then transmitted upon receipt of character These characters are useful
on an aux port only and then only if you have some special-purpose device hooked up
Use these commands during an EXEC session while you are using device connected to the auxiliary port These commands temporarily override the configured parameters If you watit to
configure terminal parameters on more permanent basis use the commands provided in
Chapter
Perform the following tasks in EXEC mode as needed for your particular system needs
Task Command
Define one or more characters that trigger packet terminal dispatch-character
transmission for the current terminal session ASCII-numberl umber2
ASCII-numberl
Set the dispatch timer for the current terminal session terminal dispatch-timeout milliseconds
Specify the Termina Type
You can specify the type of terminal connected to line This feature has two benefits it provides
record of the type of terminal attached to line and it can be used in Telnet terminal negotiations to
inform the remote host of the terminal type for display management
To specify the terminal type for the current session perform the following task in EXEC mode
Task Command
Specify the terminal type for the current terminal line terminal terminal-type terminal-name
Set the TerminaO Screen Length and Width
By default the router provides screen display of 24 lines by 80 characters You can reset these
values if they do not meet the needs of your terminal To set the terminal length or width for the
current session perform the following tasks in EXEC mode
Task Command
Set the screen length for the current terminal line terminal length screen-length
Set the screen width for the current terminal line terminal width characters
The values set can be learned by some host systems that use this type of information in terminal
negotiation Set value of zero for the screen length to disable pausing between screens of output
Understanding the User Interface 2-27 Set Terminal Parameters
Define Escape Character Key Sequences
You the default functions such terminal can modify key sequences to execute as system escape or
To the character hold character for the pause modify system escape or current terminal session
perform the following task in EXEC mode
Task Command
Change the system escape sequence for the current line terminal escape-character ASCII-number
Define the local hold sequence or character that pauses terminal hold-character ASCII-number
output to the terminal screen
Specify the International Character Display
You can use 7-bit character set such as ASCII or you can enable full 8-bit international character
set such as ISO 8859 to allow special graphical and international characters for use in banners and
prompts To change the various character sets perform the following tasks in EXEC mode
Task Command
Change the number of databits per character that are terminal databits
generated and interpreted by hardware for the local line
Default is
Change the number of databits per character that are terminal data-character-bits
generated and interpreted by software for the local line
Default is
Locally set the character set used in EXEC and terminal exec-character-bits
configuration command characters Default is
Specify the character set used in special characters such terminal special-character-bits
as software flow control hold escape and disconnect
characters for the current line Default is
Setting the EXEC character width to eight bits can cause failures For example if user on
terminal that is sending parity enters the command help an unrecognized command message
appears because the system is reading all eight bits although the eighth bit is not needed for the help command
Set Character Padthng
You can change the character padding on specific output character Character padding adds
number of null bytes to the end of the string and can be used to make string an expected length for
conformity To set the padding for the current terminal session perform the following task in EXEC mode
Task Command
Set padding on specific output character for the current terminal padding ASCII-number count
line
2-28 Router Products Configuration Guide Lock the Keyboard
Lock the Keyboard
If you have enabled terminal-locking mechanism by using the lockable line configuration command you can perform the following task in EXEC mode to lock the keyboard
Task Command
Lock the keyboard Doing so prevents access to your session while lock
keeping your connection open
When the terminal-locking mechanism is set and you enter the lock EXEC command you are
prompted for password You must enter this password before you can use the terminal This allows
you to leave terminal unattended without concern about unauthorized access The lock EXEC
command remains in effect until you execute the clear line privileged EXEC command
Set Pendng Output Notficaton
You can set up line to inform user who has multiple concurrent Telnet connections when output
is pending on connection other than the current one To do so perform the following task in EXEC mode
Task Command
Enable the current terminal line to notify user of pending output terminal notify
Prevent Errant Connecton Attempts
The system accepts host name entry at the EXEC system prompt as Telnet command If you
mistype the hostname the system interprets the entry as an incorrect Telnet command and provides
an error message indicating that the host does not exist You can disable this option by specifying
terminal transport none In this case if you mistype command at the EXIEC prompt the system
will not attempt to make Telnet connection
To specify the preferred method of transport perform the following task in EXEC mode
Task Command
Define which protocol can be used to connect to the current line terminal transport telnet none
Configure Tefinet Capabfltes for Sesson
allows for connections Telnet virtual terminal protocol that is part of the TCP/IP protocol suite to
hosts You can set connection between the router and connected device to support the following
Telnet capabilities for the duration of session
Generate hardware Break signal
Suppress Telnet remote echo and go ahead options
Negotiate speeds
Understanding the User Interface 2-28 Configure Telnet Capabilities for Session
Send Telnet synchronize signal
Set end-of-line control
Each item is described in section If these following you want to configure capabilities on more
permanent basis use the corresponding telnet commands provided in Chapter
Generate Hardware Break SgnaO
hardware Break signal is generated when Telnet Break command is received You can configure
the router to also generate Break on Interrupt Process To enable the system to generate hardware
Break signal on the RS-232 line that is associated with reverse Telnet connection complete the
following task in EXEC mode
Task Command
Set the system to generate hardware Break signal terminal telnet break-on-ip
This capability is useful because several user Telnet programs can send an Interrupt Process command but cannot send Telnet break while other signal programs implement Break signal that
sends an Interrupt-Process command RS-232 devices use the hardware Break signal for various
purposes
Suppress Tehiet Remote Echo and Go Ahead Options
You can cause Telnet to refuse to negotiate full-duplex remote echo options on incoming connections Doing so suppresses negotiation of the Telnet Remote Echo and Suppress Go Ahead
options Perform the following task in EXEC mode on reverse Telnet connection to allow the
router to refuse these requests from the other end
Task Command
Set line to refuse to negotiate full duplex remote echo options terminal telnet refuse-negotiations
Negothite Speeds
To allow the line to negotiate bit rate on an incoming connection for the duration of session
perform the following task in EXEC mode
Task Command
Set the line to negotiate speeds on incoming connections terminal telnet speed default-speed
maximum-speed
The router uses default-speed if the connected device does not specify speed The argument
maximum-speed is the highest speed the router will use during the session
2-3D Router Products Configuration Guide Use Telnet Connections
Send Telnet Synchronize Signal
To cause an incoming connection to send Telnet synchronize signal when it receives Telnet Break
signal during the session complete the following task in EXEC mode
Task Command
Cause an incoming connection to send Telnet synchronize signal terminal telnet sync-on-break
when it receives Telnet Break signal
This capability is used very rarely to ensure the ordering of Break reception with respect to data
characters sent after the Break signal
Set End-of-Line Control
To cause the router to send carriage return CR as CR followed by NULL instead of CR
followed by line feed LF during session complete the following task in EXEC mode
Task Command
Send CR followed by NULL instead of LF terminal telnet transparent
This capability is useful for coping with different interpretations of endof-line handling in the Telnet
protocol specification
Use Tenet Connectons
Using Telnet involves connecting to remote routers switching between Telnet connections and
executing special Telnet sequences.This section includes the telnet EXEC command which is used
to connect to other routers for remote configuration or to connect to local systems that might need
configuration or setup changes
Using Telnet you can accomplish the following
Log in to server
Connect to remote routers
Switch between Telnet connections
Execute special Telnet sequences
Clear line
Exit session
Understanding the User Interface 2-31 Use Telnet Connections
Log into Server
into To log server enter the EXEC command login at the system prompt Specify your username
and optionally TACACs server by name or IP address
Task Command
Log into server login
Connect to Remote Routers via Telnet
To open new Telnet connection exit out of the urrent connection by typing the escape sequence
which by default is Ctrl press the Ctrl Shift and keys simultaneously let go then press the
key to return to the system command prompt then open new connection
Perform the following tasks in EXEC mode as necessary to connect to remote host using Telnet
Task Command
Make Telnet connection telnet host
Escape out of the current connection and return to the EXEC Ctrl
prompt to make another connection
With our implementation of TCP/IP you are not required to enter the command connect or telnet to
establish Telnet connection If you prefer you can just enter the learned host name You can disable
the ability of the system to interpret host name as Telnet command see the section Prevent
Errant Connection Attempts earlier in this chapter
Switch between Telnet Connections
You can switch between connections by escaping out of one connection and resuming previously
opened connection To do so perform the following steps
Task Command
Step Escape from the current connection and return to Ctrl
the EXEC prompt
Step Display the connection name or number where
Step Resume previous connection resume
You can also resume the previous connection by pressing the Return key at the EXEC prompt
Execute Special Telnet Sequences
The Telnet software supports special Telnet commands in the form of Telnet sequences that map
generic terminal control functions to operating system-specific functions
To issue special Telnet command type the escape sequence usually CtrI and then command
character You can type the command character as you hold down Ctrl or with Ctrl released and you
can type either uppercase or lowercase letters Table 2-3 lists the special Telnet commands
2-32 Router Products Configuration Guide Use Telnet Connections
Table 2-3 Special Telnet Commands
Task Key Sequence
Break CtrlB
Process Interrupt IP Ctrl
Erase Character EC Ctrl
Abort Output AO Ctrl
Are You There AYT Ctrl
Erase Line EL Ctrl
At any time during an active Telnet session you can list the Telnet commands by typing this
command at the system prompt
Ctrl
this To execute command type the escape sequence followed by question mark It displays an
online table of the special Telnet commands for quick reference
sample of this list follows the Ctrl key is represented by the first character
telnet escape help sends telnet BREAK AC sends telnet IP sends telnet EC sends telnet AO sends telnet AYT sends telnet EL
Clear Line
You can reset terminal line to idle state by performing the following task in EXIEC mode
Task Command
Reset terminal line clear line line-number
Exit Session
The router EXEC provides two ways for you to terminate an active terminal session To do so use one of the commands in Step that follows Perform Step if you also want to disconnect the line
Task Command
Step End an active session use either command exit
logout
Step Disconnect session disconnect
Do not disconnect session merely to end it Instead log off the host thus allowing the host to
initiate the disconnect and then end the session If you cannot gracefully end an active session then disconnect the line
Understanding the User Interface 2-33 Monitor Telnet Connections
Monitor Tenet Connectons
The router supports the following connection activities
List open connections
Assign logical name to connection
Display TCP statistics on open Telnet connections
Display current terminal parameters
Display line information
Enable Finger protocol
Each activity is described in following section
List Open Connec�ons
You can display information about all open Telnet connections associated with the current terminal
line by using one of the following commands The information displayed includes the host name
address number of characters waiting to be sent to the terminal idle time and connection name To
display the connection information perform the following task in EXEC mode
Task Command
Display connection information where show sessions
Assign Logica Name to Connection
You can assign logical name to connection by performing the following task in EXEC mode This
function can be useful for keeping track of multiple connections
Task Command
Rename connection name.connection
You are prompted for the connection number and name to assign when you enter this command The
where command displays list of the assigned logical connection names
DspIay TCP Statistics on Opei Telnet Connections
You can display TCP statistics on open Telnet connections by performing the following task in EXEC mode
Display status of all Telnet connections show tcp
2-34 Router Products Configuration Guide Monitor Telnet Connections
Display Current Terminal Parameters
You can display comprehensive report about the settings in effect on the current terminal line
including information such as the line number line status modem state special characters set and
preferred transport protocol This information can be useful for changing lines to match expected
settings using the local terminal parameter-setting tasks described in the section Set Terminal
Parameters earlier in this chapter
To show the current terminal parameters perform the following task in EXEC mode
Task Command
Display local terminal settings show terminal
Display Line hiformation
You can display information about the active lines on the router by using one of the following EXEC commands
Task Command
Display information about line show users
systat
show line
Enable Finger Protoco
You can enable the Finger protocol so that people throughout the network can get list of the users
on the router The information displayed includes the processes running on the system the line
number connection name idle time and terminal location To enable the Finger protocol perform
the following task in global configuration mode
Task Command
Enable the Finger protocol requests service finger
Understanding the User Interface 2-35 Nionitor Telnet Connections
2-36 Router Products Configuration Guide System nter1ace
Configuration Management Loading System Hmages Microcode images
and Configuration FUes
This chapter describes how to load system images microcode images and configuration flies The
system images contain the system software and the configuration files contain commands entered to
customize the function of the router Microcode images contain microcode to be downloaded to
various hardware devices The instructions in this describe chapter how to copy system images from
routers to network vice and servers and versa display compare different configuration files and list
the system software version running on the router
This also describes the Autolnstall chapter procedure which you can use to automatically configure
and enable new router upon startup
For of the complete description commands mentioned in this chapter refer to Chapter of the
Router Products Command Reference publication
Note You also can use the setup command and its interactive prompts to create basic configuration
file See the Router Products Getting Started Guide for more information
System mage Mcrocode mage and Configuraton File Load Task Ust
The following list contains tasks you can do to load system images microcode images and
configuration files
Use the Autolnstall procedure page 3-2
Enter configuration mode page 3-11
Modify the configuration register boot field page 3-12
Specify the system image the router loads upon restart page 3-14
Specify the configuration file the router loads upon restart page 3-19
Change the buffer size for loading configuration files page 3-21
Manually load system image page 3-22
Configure router as Trivial File Transfer Protocol TFTP server page 3-24
Configure router as Reverse Address Resolution Protocol RARP server page 3-24
Specify MOP server boot requests page 3-26
Copy system images from network server to Flash memory page 3-27
Verify the image in Flash memory page 3-30
Loading System Images Microcode Images and Configuration Files 3-1 Use the Autoinstall Procedure
Copy system images from Flash memory to network server page 3-30
Copy configuration file from the router to network server page 3-3
Display system image and configuration information page 3-32
Clear the contents of NVRAM page 3-33
Reexecute the configuration commands in NVRAM page 3-33
Use Flash Memory as TFTP server page 3-33
Load microcode images over the network page 3-36
Display microcode information page 3-37
Use the AutonstaU Procedure
This section provides information about Autolnstall procedure that enables you to configure new
router automatically and dynamically The Autolnstall procedure involves connecting new router
to network on which there is an existing preconfigured router turning on the new router and
having it immediately enabled with configuration file that is automatically downloaded from
TFTP server
The following sections provide the requirements for Autolnstall and present an overview of how the
works To the Perform the Autolnstall Procedure later in this procedure start procedure go to
chapter
Req rements
For the Autolnstall procedure to work your system must meet the following requirements
The existing preconfigured router must be running Software Release 8.3 or later
The new router must be running Software Release 9.1 or later
Both routers must be physically attached to the network by means of one or more of the following
interface types Ethernet Token Ring FDDI or serial with HDLC encapsulation the default
encapsulation
Procedures and either must be completed
configuration file for the new router must reside on Trivial File Transfer Protocol
TFTP server This file can contain the new routers full configuration or the minimum
needed for the administrator to Telnet into the new router for configuration
file named network-confg also must reside on the server The file must have an IP host
name entry for the new router The server must be reachable from the existing router
or
An IP address-to-host name mapping for the new router must be added to Domain Name
System DNS database file
If the existing router is to help autoinstall the new router via an HDLC-encapsulated serial
interface using Serial Line Address Resolution Protocol SLARP that interface must be
configured with an IP address whose host portion has the value or Subnet masks of any size
are supported
3-2 Router Products Configuration Guide Use the Autoinstall Procedure
If the existing router is to help autoinstall the new router via an Ethernet Token Ring or FDDI
interface using BOOTP or Reverse Address Resolution Protocol RARP BOOTP or RARP
server also must be set up to map the new routers MAC address to its IP address
IP helper addresses may need to be configured in order to forward the TFTP and DNS broadcast
requests from the new router to the host that is providing those services
How Ut Works
Once the requirements described in the preceding section are met the dynamic configuration of the
new router occurs in the following order
The new router acquires its IP address
Depending upon the interface connection between the two routers the new routers IP address is
dynamically resolved by either SLARP requests or BOOTPIRARP requests
The new router resolves its IP address-to-host name mapping
The new router automatically requests and downloads its configuration file from TFTP server
Acquire the New Routers IP Address
The new router newrouter resolves its interfaces IP addresses by one of the following means
If newrouter is connected by an HDLC-encapsulated serial line to the existing router
existing newrouter sends SLARP request to existing
If newrouter is connected to an Ethernet Token Ring or FDDI interface it broadcasts
BOOTP and RARP requests
The existing router existing responds in one of the following ways depending upon the request type
In response to SLARP request existing sends SLARP reply packet to newrouter The
reply packet contains the IP address and netmask of existing If the host portion of the
IP address in the SLARP response is newrouter will configure its interface using the
value as the host portion of its IP address and vice versa See Figure 3-1
Newrouter Existing
08.10
SLARP request
SLARP reply
The address of existing is 131.108.101 The network mask of
existings interface is 255.255.255.0 Therefore newrouter
learns that its lP address is 131.108.10.2
Figure 3-1 Using SLARP to Acquire the New Routers IP Address
Microcode and Loading System Images Images Configuration Files 3-3 Use the Autoinstall Procedure
the In response to BOOTPIRARP requests an IP address is sent from BOOTP or RARP
server to newrouter
ABOOTP or RARP server must have already been set up to map the newrouters MAC
address to its IP address If the BOOTP server does not reside on the directly attached
network segment routers between newrouter and the BOOTP server can be configured
using the ip helper-address command to allow the request and response to be
forwarded between segments as shown in Figure 3-2
Newrouter
O9TIfRARP ee
131.108.205
BOOTP/RARP Broadcast
Helper address of 131.108.20.5 is configured on existing
BOOTP/RARP Reply
The newrouters address is sent to newrouter
Figure 3-2 Using BOOTP/RARP to Acquire the New Routeis IP Address
As of the current software release routers can be configured to act as RARP servers
As soon as one interface resolves its IP address the router will move on to resolve its host name
Therefore only one IF address needs to be set up using either SLARP or BOOTP/RARP
Resolve the IP Address to the Host Name
The new router resolves its IP address-to-host name mapping by sending TFTP broadcast
requesting the file network-confg as shown in Figure 3-3
The network-confg file is configuration file generally shared by several routers In this case it is
obtained to the of the new router used to map the IP address the new router just dynamically name
The file network-confg must reside on reachable TFTP server and must be globally readable
The following is an xample of minimal network-confg file that maps the IF address of the new router 131.108.10.2 to the name newrouter The address of the new router was learned via SLARP
and is based on existings IF address of 131.108.10.1
ip host newrouter 131.108.10.2
If newrouter does not receive network-confg file or if the IP address-to-host name mapping does
not match the newly acquired IF address newrouter sends Domain Name Service DNS newrouters broadcast If DNS is configured and has an entry that maps SLARP or BOOTPIRARP
acquired IF address to its name newrouter successfully resolves its name
address to If DNS does not have an entry mapping newrouters SLARP or BOOTPIRARP-acquired
its name the new router cannot resolve its host name The new router attempts to download default
configuration file as described in the next section and failing that enters setup mode
3-4 Router Products Configuration Guide Use the Autoinstall Procedure
Newrouter
131.10820.1
131.108.20.5
TFTP broadcast
network-confg Helper address of 131.108.20.5
is configured on existing
TFTP reply network-confg
DNS_Request
Helper address of 131.1 08.20.5
is configured on existing
DNS request is sent if network-confg is
not present or if the IP address-to-host name mapping is incorrect
DNS Reply
reply is sent if mapping for newrouter exists on the DNS
Note If the DNS does not have an entry newrouter cannot resolve its host name and
will enter setup mode
Figure 3-3 Dynamically Resolving the New Routers IP Address-to-Host Name Mapping
Download the New Routers Host Configuration File
After the router successfully resolves its host name newrouter sends TFTP broadcast requesting
the file newrouter-confg The name newrouter-confg must be in all lowercase even if the true host
name is not If newrouter cannot resolve its host name it sends TFTP broadcast requesting the
default host configuration file router-confg The file is downloaded to newrouter where the
configuration commands take effect immediately
If the host configuration file contains only the minimal information the administrator must Telnet
into existing from there Telnet to newrouter arid then run the setup command to configure
newrouter Refer to the Router Products Getting Started Guide for details on the setup command
If the host configuration file is complete newrouter should be fully operational The administrator
can enter the enable command with the system administrator password at the system prompt on
newrouter and then issue the write memory command to save the information in the recently
obtained configuration file into NVRAM If reload occurs newrouter simply loads its
configuration file from NVRAM
Loading System Images Microcode Images and Configuration Files 3-5 Use the Autoinstall Procedure
If the TFTP request fails or if newrouter still has not obtained the IP addresses of all its interfaces
and those addresses are not contained in the host configuration file then newrouter enters setup
mode automatically Setup mode prompts for manual configuration of the router via the console The
new router continues to issue broadcasts to attempt to learn its host name and obtain any unresolved
interface addresses The broadcast frequency will dwindle to every ten minutes after several
attempts Refer to the Router Products Getting Started Guide for details on the setup command
The following sections describe the steps to perform the Autolnstall procedure
Perform the AutonstaU Procedure
To dynamically configure new router using Autolnstall complete the following tasks Steps
and are completed by the central administrator Step is completed by the person at the remote
site
Modify the existing routers configuration to support the Autolnstall procedure
Set up the TFTP server to support the Autolnstall procedure
Set up BOOTP or RARP server if needed required for Autolnstall using an Ethernet Token
Ring or FDDI interface not required for Autolnstall using an HDLC-encapsulated serial
interface
Connect the new router to the network
Modify the Existing Routers Configuration
The interface used to set up Autolnstall can be either of the following types
An HDLC-encapsulated serial line
HDLC encapsulation is the default configuration for serial line
An Ethernet Token Ring or FDDI interface
Use Serial Interface HDLC Encapsulation Connection
To set up Autolnstall via serial line with HDLC encapsulation the default complete the following
tasks to configure the existing router
Task Command
Step Enter configuration mode configure terminal
Step Configure the serial interface that connects to newrouter with HDLC interface serial interface-number
encapsulation the default
Step Enter an IP address for the interface The host portion of the address ip address address mask
must have value of or
Step Configure helper address for the serial interface to forward ip helper-address address
broadcasts associated with the TFTP BOOTP and DNS requests
Step Optionally configure DCE clock rate for the serial line unless an clockrate bits per second
external clock is being used This step is needed only for DCE appliques
Step Exit configuration mode Ctrl-Z
Save the write Step configuration changes to NYRAM memory
3-6 Router Products Configuration Guide Use the Autoinstall Procedure
interface be DTE must used on the new router because there is no default clock rate for DCE interface
Example
In the following example the existing routers configuration file contains the commands needed to
configure the router for Autolnstall on serial line
Routerl configure terminal Routerlconfigt interface serial Routerlconfig ip address 131.108.10.1 255.255.255.0 Routerlconfig ip helper-address 131.108.20.5
Routerl write memory
Use an Ethernet Token Ring or FDDI Interface Connection
To set up Autolnstall using an Ethernet Token Ring or FDDI interface complete the following tasks needed as to modify the configuration of the existing router Typically the LAN interface and IP address are already configured on the existing router You might need to configure an IP helper address if the TFTP server is not on the same network as the new router
Task Command
Step Enter configuration mode configure terminal
Step Configure LAN interface interface ethernet tokenring fddi interface-number
Step Enter an IP address for the interface ip address address mask
Step Optionally configure helper address to ip helper-address address
forward broadcasts associated with the
TFTP BOOTP and DNS requests
Step Exit configuration mode Ctrl-Z
Step Save the configuration changes to write memory VRAM
Example
In the following example the existing routers configuration file contains the commands needed to configure the router for Autolnstall on an Ethernet interface
Routerl4$ configure terminal Routerlconfig interface Ethernet Routerlcontigif ip address 131.108.10.1 255.255.255.0 Routerlconfigif ip helper-address 131.108.20.5
Routerit write memory
Loading System Images Microcode Images and Configuration Files 31 Use the Autoinstall Procedure
Set up the TFTP Server
For Autolnstall to work correctly the new router must be able to resolve its host name and then
download name-confg file from TFTP server The new router can resolve its host name by
the Domain Name Service using network-confg file downloaded from TFTP server or by using DNS
and To set up TFTP server to support Autolnstall complete the following tasks Steps are
if network different ways to resolve the new routers host name Perform step you want to use the config file to resolve the new routers host name Perform step if you want to use DNS to resolve the new routers host name
Task Command
Consult host vendors Step Enable TFTP on server your TFTP Server documentation
and RFCs 906 and 783
Step If you want to use network-confg file to resolve the new routers name ip host hostnane address
create the file network-confg containing an IP address-to-host name
mapping for the new router Enter the ip host command into the TFTP
config file not into the router The IP address must match the IP address
that is to be dynamically obtained by the new router
Step If you want to use the DNS to resolve the new routers name create an Contact the DNS administrator
address-to-name mapping entry for the new router in the DNS database or refer to RFCs 1101 and 1183
The IP address must match the IP address that is to be dynamically
obtained by the new router
in See the in Step Create the file name-confg which should reside the tftpboot appropriate chapter
this for directory on the tftp server The name part of name-confg must guide specific
in commands match the host name you assigned for the new router the previous for step Enter into this file configuration commands the new router
The name-confg file can contain either the new routers full configuration or minimal
configuration
The minimal configuration file consists of virtual terminal password and an enable password It
allows an administrator to Telnet into the new router to configure it If you are using BOOTP or
RARP to resolve the address of the new router the minimal configuration file must also include the
IP address to be obtained dynamically using BOOTP or RARP
You can use the write network command to help you generate the configuration file that you will
download during the Autoinstall process
Note The existing router may need to forward TFTP requests and response packets if the TFTP server is not on the same network segment as the new router When you modified the existing
routers IP address for this configuration you specified an helper purpose
You can save minimal configuration under generic newrouter-confg file Use the ip host
command in the network.confg file to specify newrouter as the host name with the address you will
be dynamically resolving The new router should then resolve its IP address host name and minimal
3-8 Router Products Configuration Guide Use the Autoinstall Procedure
configuration automatically Telnet into the new router from the existing router and use the setup
facility to configure the rest of the interfaces For example the line in the network-confg file could
be similar to the following
ip host newrouter 131.108.170.1
Example
The following host configuration file contains the minimal set of commands needed for Autolnstall
using SLARP or BOOTP
enable-password letmein
line vty password letmein
end
The preceding example shows minimal configuration for connecting from router one hop away
From this configuration use the setup facility to configure the rest of the interfaces If the router is
more than one hop away you also must include routing information in the minimal configuration
Example
The following minimal network configuration file maps the new routers IP address 13 1.108.10.2
to the host name newrouter The new routers address was learned via SLARP and is based on
existings IP address of 131.108.10.1
ip host newrouter 131.108.10.2
Set up the OOTP or RARP Server
If the new router is connected to the existing router using an Ethernet Token Ring or FDDI
interface you must configure BOOTP or RARP server to map the new routers MAC address to
its IP address If the new router is connected to the existing router using serial line with HDLC
encapsulation the steps in this section are not required
To configure BOOTP or RARP server complete one of the following tasks
Task Command
If BOOTP is to be used to resolve the new routers IF address Refer to your host vendors
configure your BOOTP server manual pages and to RFCs 951 and 1395
If RARP is to be used to resolve the new routers IP address configure Refer to your host vendors
your RARP server manual pages and to RFC 903
Note If the RARP server is not on the same subnet as the new router use the ip rarp-server
command to configure the existing router to act as RARP server See the section Configure
Router as RARP Server later in this chapter
Loading System Images Microcode Images and Configuration Files 3-9 Use the Autoinstall Procedure
Example
of commands needed for Autolnstall The following host configuration file contains the minimal set via using RARP It includes the IP address that will be obtained dynamically BOOTP or RARP
information is needed the during the Autolnstall process When RARP is used this extra to specify
proper netmask for the interface
interface ethernet ipaddress 131.108.10.2 255.255.255.0 enable-password letmein
line vty password letmein
end
Connect the New Router to the Network
Connect the new router to the network using either an HDLC-encapsulated serial interface or an
Ethernet Token Ring or FDDI interface After the router successfully resolves its host name
router in newrouter sends TFTP broadcast requesting the file name-confg The name must be
all lowercase even if the true host name is not The file is downloaded to the new router where the
configuration commands take effect immediately If the configuration file is complete the new router
should be fully operational To save the complete configuration to NVRAM complete the following
steps
Task Command
Step Enter privileged mode at the system prompt on the new router enable
password
Step Save the information from the name-config file into NVRAM write memory
Caution Verify that the existing and new routers are connected before entering the write memory
EXEC command to save these configuration changes Use the ping EXEC command to verify
connectivity If an incorrect configuration file is downloaded the new router will load NVRAM
configuration information before it can enter Autolnstall mode
the but with one If the configuration file is minimal configuration file new router comes up only
the router and it interface operational Complete the following steps to Telnet to new configure
Task Command
Step Establish Telnet connection to the existing telnet existing
router
Step From the existing router establish Telnet telnet newrouter
connection to the new router
Step Enter privileged EXEC mode enable
password
Step Enter setup mode to configure the new router setup
Refer to the Router Products Getting Started Guide
3-10 Router Products Configuration Guide Enter Configuration Mode
Enter Confguraton Mode
To enter configuration mode enter the EXEC command configure at the privileged-level EXEC
prompt The router responds with the following prompt asking you to specify the terminal
nonvolatile or file stored network memory VRAM on server as the source of configuration commands
Configuring from terminal memory or network
Each of these three methods is described in the next three sections
The router accepts one configuration command per line You can enter as many configuration commands as you want
You add can comments to configuration file describing the commands you have entered Precede comment with an exclamation Comments stored in in point are not NVRAM or the active copy
of the file In other comments do show configuration words not up when you list the active
configuration with the write terminal EXEC command or list the configuration in NVRAM with
the show configuration EXEC command Comments are stripped out of the configuration file when
it is loaded to the router However you can list the comments in configuration files stored on TFTP
or MOP server
Configure the Router from the Terminal
To configure the router from the terminal complete the following tasks
Task Command
Step Enter configuration mode selecting the terminal option configure terminal
Enter the Step necessary configuration commands See the appropriate chapter for specific
configuration commands
Step Quit configuration mode Ctrl-Z
Save the file Step configuration modifications to NVRAM write memory
Example
In the the router is from following example configured the terminal The comment The following
command the router host identifies provides name the purpose of the next command line The hostname command changes the router name from routerl to router2 By pressing Ctrl-Z the user mode The command write quits configuration memory loads the configuration changes into NVRAM
Routerl configure terminal Routerlconfig IThe following command provides the router host name Routerlconfig hoatname router2
Router2 write memory
Nonvolatile memory stores the current configuration information in text format as configuration
commands recording only nondefault settings The memory is checksummed to guard against
corrupted data
As part of its startup sequence the router startup software always checks for configuration
information in NVRAM If NVRAM holds valid configuration commands the router executes the
commands automatically at startup If the router detects problem with the nonvolatile memory or
the configuration it contains it enters setup mode and prompts for configuration Problems can
Loading System Images Microcode Images and Configuration Files 3-11 Modify the Configuration Register Boot Field
include bad checksum for the information in NVRAM or the absence of critical configuration
information See the publication Troubleshooting Intern etworking Systems for troubleshooting
procedures See the Router Products Getting Started Guide for details on setup information
Configure the Router from NonvWatile Memory
You can configure the router from NVRAM by reexecuting the configuration commands stored in
NVRAM To do so enter the following EXEC command
configure memory
Configure the Router from File on Remote Host
You can configure the router by retrieving and adding to the configuration file stored on one of your
network servers To do so complete the following tasks
Task Command
Step Enter configuration mode with the network option configure network
Step At the system prompt select host or network configuration file host or network
The network configuration file contains commands that apply to all
network servers and terminal servers on the network The host
configuration file contains commands that apply to one network
server in particular
At the address Step system prompt enter the optional IP address of the remote ip
host from which you are retrieving the configuration file
Step At the system prompt enter the name of the configuration file or filename
accept the default name
Step Confirm the configuration filename that the system supplies
Example
In the following example the router is configured from the file tokyo-config at IP address 131.108.2.155
Routerl configure network Host or network configuration file IP address of remote host 131.108.2.155 Name of configuration file tokyoconfg Configure using tokyoconfg from 131108.2.155 Booting tokyo--confg from 131.108.2.155 874/16000 bytes
Modfy the Configuration Register Boot Fed
The order in which the router looks for configuration information depends upon the boot field setting
in the configuration register The configuration register is 6-bit register The lowest four bits of
the configuration register bits and form the boot field To change the boot field and leave
all other bits set to their default values follow these guidelines
Set the configuration register value to Ox 100 to boot the operating system manually using the command at the ROM monitor prompt This value sets the boot field to binary 0000
3-12 Router Products Configuration Guide Modify the Configuration Register Boot Field
Set the configuration register to OxiOl to configure the system to automatically boot from ROM
This value sets the boot field to binary 0001
Set the configuration register to any value from Ox 102 to OxlOF to configure the system to use
the boot system commands in NYRAM These values set the boot field to binary 0010-111 If
there are no boot system commands in NVRAM the system uses the configuration register value
to form filename from which to netboot default system image stored on network server See
the appropriate hardware guide for details on default filenames
For the Cisco 2000 Cisco 3000 Cisco 4000 or any lOS model running Software Release 9.1 or
later you can change the configuration register by completing the following tasks
Task Command
Step Enter configuration mode selecting the terminal option configure terminal
Step Modify the default configuration register setting configregister value
Step Exit configuration mode Ctrl-Z
For routers other than the Cisco 2000 Cisco 3000 Cisco 4000 or IGS models running Software
the Release 9.1 or later configuration register can only be changed on the processor card or with DIP
switches located at the back of the router See the appropriate hardware installation guide for details
Use the show version EXEC command to list the current configuration register setting and the new
configuration register setting if any that will be used the next time the router is reloaded In ROM
monitor mode use the command to list the value of the boot field in the configuration register
Example
In the following example the configuration register is set so that the router will boot automatically
from the Flash memory default file The last line of the output of the show version command
indicates that new configuration register setting OxlOF will be used the next time the router is
reloaded
Routerl4t configure terminal Routerl config config-register OxlOF
Routerl show version
GS Software Version 9.01 Copyright 1986-1992 by cisco Systems Inc Compiled Fri 14-Feb-92 1237
System Bootstrap Version 4.3
Routerl uptime is days 10 hours minutes System restarted by reload System image file is unknown booted via tftp from 131.108.13.111 Host configuration file is thor-boots booted via tftp from 131.108.13.111 Network configuration file is network-confg booted via tftp from 131.108.13.111
Loading System Images Microcode Images and Configuration Files 3-13 Specify the System Image the Router Loads upon Restart
CSC3 68020 processor with 4096K bytes of memory X.25 software Pridging software MCI controller Ethernet Serial Ethernet/IEEE 802.3 interface Serial network interface 32K bytes of non-volatile configuration memory Configuration register is OxO will be OxlOF at next reload
Routerl reload
Specify the System mage the Router Loads upon Restart
You can enter multiple boot commands in NVRAM configuration to provide backup methods for
loading system image onto the router There are three ways to load system image
From Flash memory
Flash allows you to copy new system images without changing EPROMs Information stored in
Flash is not vulnerable to network failures that may occur when loading system images from servers
From network server
In case Flash memory becomes corrupted specifying system image to be loaded from TFTP
or MOP server provides backup boot method for the router
From ROM
In case of both network failure and Flash memory corruption specifying system image to be
loaded from ROM provides final backup boot method System images stored in ROM may not
always be as complete as those stored in Flash memory or on network servers
You the different commands in order in If can enter types of boot any NVRAM configuration you
enter multiple boot commands the router tries them in the order they are entered
Loading from Flash Memory
Flash memory is available for the AGS AGS MGS CGS Cisco 2000 Cisco 3000 Cisco 4000 Cisco 7000 and IGS/TR platforms Depending on the hardware platform Flash memory might be available as EPROMs SIMMs or memory cards Check the appropriate hardware installation and
maintenance guide for information about types of Flash memory available on specific platform
Flash memory is located on the Route Processor RP in the Cisco 7000 Software images can be
stored booted and rewritten into Flash memory as necessary Flash memory can reduce the effects of network failure by reducing dependency on files that can only be accessed over the network
Flash memory allows you to
Copy the TFTP image to Flash memory
Boot router from Flash memory either automatically or manually
Copy the Flash memory image to TFTP server
Note Use of Flash memory is subject to the terms and conditions of the software license agreement
that accompanies your product
3-14 Router Products Configuration Guide Specify the System Image the Router Loads upon Restart
Flash memory features include the following
It can be remotely loaded with multiple system software images through TFTP transfers one
transfer for each file loaded
On the Cisco 7000 it provides MB Flash memory storage
It allows router to be booted manually or automatically from system software image stored
in Flash memory Booting directly from ROM or netbooting from TFTP file server are still
available options
It provides write protection against accidental erasing or reprogramming
Note from is faster than from Booting ROM booting Flash However if you are netbooting Flash
is faster and reliable than more bootingover your network
Security Precautions
Flash memory provides write protection against accidental erasing or reprogramming The write-
protect jumper located next to the Flash components on the RP can be removed to prevent
reprogramming of the Flash memory but must be installed when programming is required
The system image stored in Flash memory can be changed only from privileged EXEC
command session on the console terminal This feature offers systemwide security
Flash Memory Configuration
The following list is an overview of how to configure your 7000 system to boot from Flash memory
It is not step-by-step set of instructions rather it is an overview of the process of using the Flash
capability Refer to the Cisco 7000 Hardware Installation and Maintenance publication for
complete instructions for installing the hardware and netbooting and in particular for the jumper
settings required for your configuration
Step Set your system to boot from ROM software
Step Restore the system configuration if necessary
Step Copy the TFTP image to Flash memory
from the terminal boot Step Configure to automatically from the desired file in Flash memory
boot from file in Step Set your system to Flash memory requires jumper setting change
and reboot is Step Power-cycle your system to ensure that all working as expected
Flash Once you have successfully configured memory you might want to configure the system with
the no boot system flash command to revert back to booting from ROM
Loading System Images Microcode Images and Configuration Files 3-15 Specify the System Image the Router Loads upon Restart
Configure the router to automatically boot from an image in Flash memory by completing the
following tasks
Task Command
Step Enter configuration mode from the terminal configure terminal
Step Enter the filename of an image stored in Flash memory boot system flash
Step Set the configuration register to enable loading of the system config-register value image from Flash memory or use the hardware
configuration register
Step Exit configuration mode Ctrl-Z
Step Save the configuration information to NVRAM write memory
Automatically booting from Flash memory requires changing the processors configuration register
See the section entitled Modify the Configuration Register Boot Field earlier in this chapter Use
the show version command to list the current configuration register setting
The boot system flash command boots the first valid file in Flash memory The boot system flash
filename command boots the system image file specified by filename If you enter more than one
boot system flash filename command the router tries them in the order entered
The If only one file is present in Flash memory the filename argument is not necessary command boot system flash will boot that file
If filename already appears in the configuration file and you want to specify new filename
remove the existing filename with the no boot system flash filename command
Note The no boot system configuration command disables all boot system configuration
commands regardless of argument Specifying the flash keyword or the filename argument with the
no boot system command disables only the commands specified by these arguments
To actually boot the system perform the following task in EXEC mode
Task Command
Boot the system reload
Example
The following example shows how to configure the router to automatically boot from an image in Flash memory
Routert configure terminal Router config boot system flash ganew-image
Routert write memory
Router reload
3-16 Router Products Configuration Guide the Specify System Image the Router Loads upon Restart
%SYS-5--RELOAD Reload requested System Bootstrap Version 460.16 BETA SOFTWARE Copyright 1986-1994 by cisco Systems RP1 processor with 16384 Kbytes of memory F3 187140445476-167028 at 0x1000
Booting gsnewimage from flash memory RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRJRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR 1916912/13767448 bytes F3 187140445476167028 at Oxl000
Restricted Rights Legend
Use duplication or disclosure by the Government is subject to restrictions as set forth in subparagraph of the Commercial Computer Software Restricted Rights clause at FAR Sec 52.227-19 and subparagraph ii of the Rights in Technical Data and Computer Software clause at DFARS sec 252.227-7013
cisco Systems Inc 1525 OBrien Drive Menlo Park California 94025
OS Software GS7 Version 9.170.3 BETA SOFTWARE Copyright 1986-1992 by cisco Systems Inc Compiled Thu 05-Nov-92 1416 by mlw
Loading from Network Server
Complete the following tasks to specify the loading of system image from network server This
process is called nethooting
Task Command
Stop Enter configuration mode from the configure terminal terminal
Step Specify the system image file to be boot system filename lip-address
netbooted from TFTP or MOP server boot system mop filename address
Step Set the configuration register to enable config-register value
loading of the system image from or use the hardware configuration register
network server
Step Exit configuration mode Ctrl-Z
Step Write the configuration information to write memory VRAM
The configuration register boot field must be set to the correct value See Modify the Configuration
Register Boot Field earlier in this chapter Use the show version command to list the current
configuration register setting
Loading System Images Microcode Images and Configuration Files 3-17 Specify the System Image the Router Loads upon Restart
You can also netboot from compressed image One reason to use compressed image is to ensure
available the On routers that do not contain run from that there is enough memory to boot router ROM image in EPROM when the router netboots software the image being booted and the running
is there not be in image both must fit into memory If the running image large might room memory
for the image being netbooted
If there is not enough room in memory to netboot regular image you can produce compressed software image on any UNIX platform using the compress program Refer to your UNIX platforms
documentation for the exact usage of the compress program
Note If you are using Sun workstation as TFTP server set up the workstation to enable
verification and generation of UDP checksums See the Sun documentation for details
Example
In the following example the router is configured to netboot from the testme5.tester system image
file at IP address 131108.13.111
Routerl configure terminal Routerlconfig boot system testme5.tester 131.108.13.111
Routerl write memory
Loading from ROM
To specify the use of the ROM system image as backup to other boot instructions in the
configuration file complete the following tasks
Task Command
Step Enter configuration mode from the terminal configure terminal
Step Specify use of the ROM system image as backup image boot system rom
Step Set the configuration register to enable loading of the system config-register hex-value
image from ROM or use the hardware configuration
register
Step Exit configuration mode Ctrl-Z
Step Save the configuration information to NVRAM write memory
Example
In the following example the router is configured to boot Flash image called image first Should
that image fail the router will boot the configuration file backup from network server If that
method should fail then the system will boot from ROM
Routerit configure terminal Routerlconfig boot system flash imagel Routerlconfig boot system backupl 131.108.20.4 Routerlconfig boot system rom
Router1 write memory
3-18 Router Products Configuration Guide the Specify Configuration File the Router Loads upon Restart
Using FauIt-Toerant Boot Strategy
Occasionally network failures make netbooting impossible To lessen the effects of network failure
consider the boot following strategy After Flash is installed and configured you may want to
configure the router to boot in the following order
Boot an image from Flash
Boot an image from system filename netboot
Boot from RUM image
This boot order provides the most fault-tolerant alternative in the netbooting environment Use the
commands in to allow boot first from following your configuration you to Flash then from system
file and finally from RUM
Task Command
Step Enter configuration mode from the terminal configure terminal
Step Configure the router to boot from Flash memory boot system flash
Step Configure the router to boot from system boot system filename filename
Step Configure the router to boot from ROM boot system rom
Step Set the configuration register to enable loading of config-register value
the system image from network server or Flash or set the hardware configuration register
Step Exit configuration mode Ctrl-Z
Save the information Step configuration to NVRAM write memory
Example
The order of the commands needed to implement this strategy is shown in the following example
Router configure terminal boot system flash gsoc boot system gsoc 131.131.101.101 boot system ron
Routert write nemory
Router
Using this strategy router used primarily in netbooting environment would have three alternative
sources from which to boot These alternative sources would help cushion the negative effects of
failure with the TFTP file server and of the network in general
Specify the Configuration File the Router Loads upon Restart
Configuration files can be stored on network servers You can configure the router to automatically
request and receive two configuration files from the network server
The net-work configuration file
The host configuration file
Loading System Images Microcode Images and Configuration Files 3-19 Specify the Configuration File the Router Loads upon Restart
The first file the server attempts to load is the network configuration file The network configuration
For it be used file contains information that is shared among several routers example can to provide mapping between IP addresses and host names
The second file is the host configuration file which contains commands that apply to one router in
particular Both the network and host configuration files must reside on reachable TFTP server and
be readable
You can specify an ordered list of network configuration filenames and host configuration filenames
The router scans this list until it successfully loads the appropriate network or host configuration file
Network Configuration File
To configure the router to download network configuration file from server upon restart complete
the following tasks Step is optional If you do not specify network configuration filename the router uses the default filename network-confg
You can specify more than one network configuration file The router tries them in order until it loads
one successfully This procedure can be useful for keeping files with different configuration
information loaded on network server
Task Command
Step Enter configuration mode from the terminal configure terminal
boot network Step Optionally enter the network configuration mop filename address
filename boot network filename
Step Enable the router to automatically load the service config
network file upon restart
Step Exit configuration mode Ctrl-Z
Step Save the configuration information to NVRAM write memory
Host Configuration File
To configure the router to download host configuration file from server upon restart complete
the following tasks Step is optional If you do not specify host configuration filename the router
uses its own name to form host configuration filename by converting the router name to all
lowercase letters removing all domain information and appending -confg If no host name
information is available the router uses the default host configuration filename router-confg
You can specify more than one host configuration file The router tries them in order until it loads
one successfully This procedure can be useful for keeping files with different configuration
information loaded on network server
Task Command
Step Enter configuration mode from the terminal configure terminal
enter the host filename boot host Step Optionally configuration mop filename address boot host filename
Step Enable the router to automatically load the host file service config
upon restart
3-20 Router Products Configuration Guide Change the Bufter Size for Loading Configuration Files
Task Command
Step Exit configuration mode Ctrl-Z
Save the information Step configuration to NVRAM write memory
Step Reset the router with the new configuration reload information
Example
In the following example the router is configured to boot from the host configuration file hostfilel
and from the network configuration file networkfile
Routerlt configure terminal Routerlconfigt boot host hostfilel Routericonfigt boot network networkfilel Routericonfigfl service config
Routerlt write memory
If the network fails to load file server configuration during startup it tries again every ten minutes
until host the files With default setting provides requested each failed attempt the network server
the console terminal If the displays message on network server is unable to load the specified file
it displays the following message
Booting host-confg out
Refer to the Troubleshooting Intern etworking Systems publication for troubleshooting procedures
If there are any problems with the configuration file pointed to in NVRAM or the configuration
register is set to ignore NVRAM the router will enter the setup command facility See the Router
Products Getting Started Guide for details on the setup command
Change the Bufter Size for Loading Confguraton Files
The buffer that holds the configuration commands is generally the size of nonvolatile memory need Complex configurations may larger configuration file buffer size To change the buffer size
complete the following tasks
Task Command
Step Enter configuration mode from the terminal configure terminal
Step Change the buffer size to use for netbooting host or network boot buffersize bytes
configuration file
Step Exit configuration mode Ctrl-Z
Save the information Step configuration to NVRAM write memory
Example
In the following example the buffer size is set to 50000 bytes
Routerl configure terminal Routericonfig boot bufferaize 50000
Routerl write memory
Loading System Images Microcode Images and Configuration Files 3-21 Manually Load System Image
Manually Load System mage
If if its file is your router does not find valid system image or configuration corrupted at startup
and the configuration register is set to enter RUM monitor mode the system may enter read-only memory RUM monitor mode From this mode you can manually load system image from Flash
from network server file or from RUM
You can also enter RUM monitor mode by restarting the router and then pressing the Break key
during the first 60 seconds of startup
Manually Booting from Flash
To manually boot from Flash memory complete the following tasks
Task Command
Step Restart the router reload
Step Press the Break key during the first 60 Break
seconds while the system is starting up
Step Manually boot the router flash
Examples
In the following example the router is manually booted from Flash memory Since the optional
lenane is the first file in Flash will be loaded fi argument absent memory
flash
F3 185865645204166896 at 0x1000
Booting gs7-k from flash memory RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR 1903912/13765276 bytes F3 185867645204166896 at Oxl000
Restricted Rights Legend
Use duplication or disclosure by the Government is subject to restrictions as set forth in subparagraph of the Commercial Computer Software Restricted
3-22 Router Products Configuration Guide Manually Load System Image
In the following example the boot flash command is used with the filename gs7-k That is the file
that will be loaded
flash gs7-k F3 185865645204166896 at Oxl000
Booting gs7-k from flash memory RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRRRRRRR 1903912/13765276 bytes F3 185867645204166896 at Oxl000
Restricted Rights Legend
Use duplication or disclosure by the Government is subject to restrictions as set forth in subparagraph of the Commercial Computer Software Restricted
System Bootstrap Version 4.61012 99 INTERIM SOFTWARE Copyright 1986-4992 by cisco Systems RP1 processor with 16384 Kbytes of memory
Manually Netbooting
To manually boot from network file complete the following tasks in EXEC mode
Task Command
Step Restart the router reload
Step Press the Break key during the first 60 Break
seconds while the system is starting up
Step Manually boot the router bfilenaine
Example
In the following example the router is manually booted from the network file networki
ne6workl
Manually Booting from ROM
in mode To manually boot the router from ROM complete the following steps EXEC
Task Command
Step Restart the router reload
Step Press the Break key during the first 60 Break
seconds while the system is starting up
Step Manually boot the router from ROM
Loading System Images Microcode Images and Configuration Files 323 Configure Router as TFTP Server
Example
In the following example the router is manually booted from ROM
Configure Router as TFTP Server
As TFTP server host the router responds to TFTP Read Request messages by sending copy of
the system image contained in ROM or one of the system images contained in Flash to the requesting host The TFTP Read Request message must use one of the filenames that are specified in the
routers configuration
The following algorithm is used when deciding whether to send the ROM or Flash image
If the specifiedfllename is not stored in Flash memory the ROM image is sent
If the exists in Flash the Flash is specified filename memory copy of image sent
To specify TFTP server operation for router complete the following tasks
Task Command
Step Enter configuration mode from the configure terminal
terminal
Step Specify TFTP server operation tftp-server system filename lIP-access-list
Step Exit configuration mode Ctrl-Z
Save the Step configuration information to write memory VRAM
The TFTP session can sometimes fail To help determine why TFTP session failed TFTP
generates an character if it receives an erroneous packet and an character if it receives an
out-of-sequence packet period indicates timeout The transfer session may still succeed even
if TFTP generates these characters but the output is useful for diagnosing the transfer failure For
troubleshooting procedures refer to the Troubleshooting Intern etworking Systems publication
Example
In the following example the router is configured to send via TFTP copy of the ROM software
when it receives TFTP read request for the file version 9.0 The requesting host is checked against
access list 22
tftpserver system version9O 22
Configure Router as RARP Server
You can configure the router as Reverse Address Resolution Protocol RARP server With this
feature RARP requests can be answered by the router thereby allowing the router to make possible
diskless booting of various systems such as Sun workstations or PCs on networks where the client
and server are on separate subnets
3-24 Router Products Configuration Guide Configure Router as RARP Server
To configure the router as RARP server perform the following task in interface configuration mode
Task Command
Configure the router as RARP server ip rarp-server address
In the following example the router is configured to act as RARP server Figure 3-4 illustrates the network configuration
Sun server 128.105 100
05.3.4
128.105.2.4
.4 Sun workstation
128.105.2.5 MAC address
0800.2002.ff5b
Figure 3-4 Configuring Router as RARP Server
Allow the router to forward broadcast portmapper requests ip forward-protocol udp 111 Provide the router with the IF address of the diskiess sun
arp 128.105.2.5 0800.2002.ff5barpa interface ethernet Configure the router to act as RARP server using the Sun Servers IP
address in the RARP response packet ip rarpserver 128.105.3.100 Portmapper broadcasts from this interface are sent to the Sun Server ip helper-address 128.105.3.100
The Sun client and server machiness IP addresses must use the same major network number due to
limitation of the current SunOS rpc.BOOTParamd daemon
Loading System Images Microcode Images and Configuration Files 3-25 Specify SLIP Extended BOOTP Requests
Specfy SUP Extended BOOTP Requests
The Boot Protocol BOOTP server for SLIP supports the extended BOOTP requests specified in
RFC 1084 The following command is useful in conjunction with using the auxiliary port as an
asynchronous interface To configure extended BOOTP requests for SLIP perform the following
task in global configuration mode
Task Command
Configure extended BOOTP requests for SLIP async-bootp tag data
You can display the extended BOOTP requests by performing the following task in EXEC mode
Task Command
Show parameters for BOOTP requests show async..bootp
Specfy MOP Server Boot Requests
To change the routers parameters for retransmitting boot requests to MOP server complete the
following tasks
Task Command
Step Enter configuration mode from the configure terminal terminal
Step Change MOP server parameters mop device-code mop retransmit-timer mop retries
Step Exit configuration mode Ctrl-Z
Step Save the configuration information to write memory VRAM
when By default the router transmits request that requires response from MOP boot server and
the server does not respond the message will be retransmitted after four seconds If the MOP boot
server and router are separated by slow serial link it may take longer than four seconds for the
router to receive response to its message Therefore you might want to configure the router to wait longer than four seconds before retransmitting the message if you are using such link
Example
In the following example if the MOP boot server does not respond within 10 seconds after the router
sends message the router will retransmit the message
mop reLransmittimer 10
3-26 Router Products Configuration Guide Copy System Images from Network Server to Flash Memory
Copy System mages from Network Server to Hash Memory
You can copy system image from TFTP server to Flash memory by completing the following tasks
Task Command
of the See the instructions in the Step Make backup copy current section Copy System
system software image Images from Flash Memory to Network Server
later in this chapter
Step Copy system image to Flash memory copy tftp flash
Step When prompted enter the IP address or /p address or name
domain name of the server
Step When prompted enter the filename of filename
the server system image
Note Be there is available before file Flash Use the sure ample space copying to show flash command and compare the size of the file you want to copy to the amount of available Flash memory
available is less than the file shown If the space space required by the you want to copy the copy
the entire file will process will continue but not be copied into Flash failure message buffer
overflow xxxx/xxxx will appear where xxxxixxxx is the number of bytes read ia/number of
bytes available
The server system image copied to the Flash memories for the AGS AGS MGS and CGS must
be at least Software Version 9.0 or above For the IGS/TR Cisco 2000 Cisco 3000 Cisco 4000 and
Cisco 7000 the server system image must be at least Software Version 9.1 or above
the flash the for the IP address Once you give copy tftp command system prompts you or domain
name of the TFTP server This can be another router serving ROM or Flash system software images
You are then prompted for the filename of the software image and when there is free space available
in Flash memory you are given the option of erasing the existing Flash memory before writing onto
it If no free Flash memory space is available or if the Flash memory has never been written to the
erase routine is required before new files can be copied The system will inform you of these
conditions and prompt you for response Note that the Flash memory is erased at the factory before shipment
If you attempt to copy file into Flash memory that is already ther prompt will tell you that file
with the same name already exists This file is deleted when you copy the new file into Flash The
first copy of the file still resides within Flash memory but is rendered unusable in favor of the newest version and will be listed with the tag when you use the show flash command If you abort
the copy process the newer file will be marked because the entire file was not copied and
is therefore not valid In this case the original file in Flash memory is valid and available to the system
Loading System Images Microcode Images and Configuration Files 3-27 Copy System Images from Network Server to Flash Memory
Example
Following is sample output copying system image named gs7-k of the prompt you will see when
the flash command when Flash is using copy tftp memory too full to copy the file The filename
gs7-k can be in either lower- or uppercase the system will see GS7-K as gs7-k If more than one file
of the same name is copied to Flash regardless of case the last file copied will become the valid file
envchassis copy tftp flash IC address or name of remote host dirt Translating DIRT. domain server 255.255.255.255
Name of file to copy gs7-k Copy gs7-k from 131.108.13.111 into flash memory Flash is filled to capacity Erasure is needed before flash may be written Erase flash before writing Erasing flash EPRON5 bank
Zeroing bank. .zzzzzzzzzzzzzzzz
Verify zeroed .vvvvvvvvvvvvvvvv Erasing bank eeeeeeeeeeeeeeee
Erasing flash EPROMs bank
Zeroing bank. .zzzzzzzzzzzzzzzz Verify zeroed vvvvvvvvvvvvvvvv Erasing bank eeeeeeeeeeeeeeee
Erasing flash EPROMs bank
Zeroing bank. .zzzzzzzzzzzzzzzz
Verify zeroed vvvvvvvvvvvvvvv-v Erasing bank eeeeeeeeeeeeeeee
Erasing flash EPROMs bank
Zeroing bank. .zzzzzzzzzzzzzzzz Verify zeroed vvvvvvvvvvvvvvvv Erasing bank eeeeeeeeeeeeeeee
Loading from 131.108.1.111
11111111 liii liii 11111 11111 ii 11111 lii ii lit it Iii iii 1111111111111111111111111111111111111111111111111111111111 11111111111111111111111111111 111111111111111111111111111111111111111111111111111111111111111 111111111111111111111111
111111111111111111111111111111111111111111111111111111111 11111111111111111 liii 11111111 111111111111111111111111
1906676/4194240 bytes Verifying via checksum..
vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv-vvvvvvvvvvvvv-vvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv-vvvvvvvvvvvvvvvvvvvv-vv-vvvvvvvvvv-vvvv-vvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv-vv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv-vvvvvvvvvvvvvvvvvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvv
Flash verification successful Length 1906676 checksum Ox12AD
Note If you enter after the Erase flash before writing prompt the copy process continues If
enter the erase routine Make certain have Flash before you begins you ample memory space entering at the erasure prompt
3-28 Router Products Configuration Guide Copy System Images from Network Server to Flash Memory
Example
Following is sample output from copying system image named gs7-k into the current Flash configuration in which file of the name gs7-k already exists
env-chassis copy tftp flash IF address or name of remote host Name of file to copy gs7-k File gs7k already exists it will be invalidated
Copy gs7-k from 131.108.13.111 into flash memory 2287500 bytes available for writing without erasure Erase flash before writing confirmn
Loading from 131.108.1.111
III II II II 1111 II II
II III II II II II II
II III III II 11111111 III 11111111 111111 III ii II II
II II II II Ii III II II II III II II II
1111 III II III
1906676/2287500 bytes Verifying via checksum vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvyvvvvvvvvvvvvvvvv\-p vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv-vv-vvv-vvvvvvvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv-vvvvvvv-vvv-vvv-v-vv-v-v-vvvvvv vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv-v-vv-Jv\7- vvvvvvvvvvvvvvvvvvvvvvvvv Flash verification successful Length 1902192 checksum Oxl2AD
Example
In the following example the Flash security jumper is not installed so you cannot write files to Flash memory
Everest copy tftp flash Flash embedded flash security juinperl2V must be strapped to modify flash memory
Note To abort this copy process press CtrV the Ctrl Shift and keys on standard keyboard simultaneously Although the process will abort the partial file copied before the abort was issued will remain until the entire Flash memory is erased Refer to the Troubleshooting Intern eiworking
Systems publication for procedures on how to resolve Flash memory problems
You can copy normal or compressed images to Flash memory You can produce compressed system image on any UNIX platform using the compress program Refer to your UNIX platforms documentation for the exact usage of the compress program
Loading System Images Microcode Images and Configuration Files 3-29 Verify the Image in Flash Memory
Example
The following example shows sample output from copying system image named 1J09140Z into
the current Flash configuration
Router copy tftp flash IP address or name of remote host serverl
Name of tftp filename to copy into flash IJO914OZ copy 1J09140Z from l31.13l.lOl.lOl into flash memory Return xxxxxxxx bytes available for writing without erasure erase flesh before writing Return
Clearing and initializing flash memory please wait4 toading from 101.2.13.110 324572/524212 bytes Verifying cheFksum VVVVVVVV\VVVVVVVVVV\OJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV.. Flash verification successful Length 1204637 checksum 0x95D9
The series of pound signs indicates that each Flash device is being cleared and initialized one
per device Different router platforms use different ways of indicating that Flash is being cleared
The exclamation points indicate the copy process The series of Vs indicates that checksum is
calculated An would have indicated an out-of-order packet period would have indicated
timeout The last line in the sample configuration indicates that the copy is successful
Verfy the mage �n Hash Memory
Before from Flash that the checksum of the in Flash matches booting memory verify image memory
the checksum listed in the README file that was distributed with the system software image The
checksum of the in Flash image memory is displayed at the bottom of the screen when you issue the
copy tftp flash command The README file was copied to the TFTP server automatically when
installed you the system software image on the TFTP server
Caution If the checksum value is not correct according to the value in the README file do not
reboot the router Issue the copy tftp flash command and compare the checksums again If the
is the software into Flash checksum repeatedly wrong copy original system image back memory
reboot the router from Flash If have bad in Flash and before you memory you image memory try
to boot from Flash the router will start the system image contained in RUM assuming netbooting
is not configured If RUM does not contain fully functional system image the router will not
function and will have to be reconfigured through direct console port connection
Copy System mages from Hash Memory to Network Server
You can copy system image back to network server This copy of the system image can serve as
backup copy and also can be used to verify that the copy in Flash is the same as on the original file
on disk To copy the system image to network server perform the following task
Task Command
Step Learn the exact spelling of the system image in Flash memory show flash all
in Flash Step Copy the system image memory to TFTP server copy flash tftp
Step When prompted enter the IP address or domain name of the TFTP server ip address or name
Step When prompted enter the filename of the system image in Flash filename memory
3-30 Router Products Configuration Guide Copy Configuration File from the Router to Network Server
Example
The following example uses the show flash all command to learn the name of the system image file
and the copy flash tftp command to copy the system image to TFTP server The name of the
system image file xkO9l4Oz is listed near the end of the show flash all output
Routert show flash all
2048K bytes of flash memory on embedded flash in XX ROM socket code bytes name 042 89BD 0x40000 INTEL 28F020 044 89BD 0x40000 INTEL 28F020 046 89B0 0x40000 INTEL 28F020
048 89B1J 0x40000 INTEL 28E020 041 89B0 0x40000 INTEL 28F020 043 89BD 0x40000 INTEL 28F020 045 89BD 0x40000 INTEL 28F020 U47 89BD 0x40000 INTEL 28F020
security jumperl2V is installed flash memory is programmable
file offset length name 0x40 1204637 xkO9l4Oz
bytes free
Routert copy flash tftp Ip address of remote host 101.2.13.110
filename to Write Ofl tftp host xkOOl4Oz vixiting xkO9l4Oz II .1 successful tftp write Routert
the Ctrl- Refer the To stop copy process press to Tmubleshooting Internetworking Systems publication for procedures on how to resolve Flash memory problems
Once you have configured Flash memory you may want to configure the system using the
configure terminal command with the no boot system flash configuration command to revert to
booting from ROM for example if you do not yet need this functionality if you choose to netboot
or if you do not have the proper image in Flash memory After you enter the no boot system flash command use the write memory command to save the new configuration command to NVRAM
This procedure on the Cisco 7000 also requires changing the jumper on the processors configuration
register Refer to the appropriate hardware installation and maintenance manual for instructions
Copy Configuraton File from the Router to Network Server
You can copy configuration file from the router to network server The configuration file that you
copy to usually must already exist on the TFTP server and be globally writable before the TFTP
server allows you to write to it
To store configuration information on network server complete the following tasks
Task Command
Step Specify that the router configuration file in NVRAM should be stored write network
on network server
Step Enter the IP address of the network server ip address
Step Enter the name of the configuration file to store on the server filename
Step Confirm the entry
Loading System Images Mi�rocode Imagas and Configuration Files 3-31 Display System Image and Configuration Information
The command prompts you for the destination hosts address and filename as the following example illustrates
Example
The following example copies configuration file from router to server
Tokyo write network Remote host Name of configuration file to write Write file tokyo-confg on host 131.108.2.155
Writing tokyoconfg
Display System Image arid Configuration Information
Use the following EXEC commands to display information about system software system image
files and configuration files
Task Command
List the system software release version configuration register setting show version
and so on
List the configuration information stored in NVRAM show configuration
List the configuration information in running memory write terminal
List information about Flash memory including system image show flash
filenames and amounts of memory used and remaining
List information about Flash memory including all the information show flash all
displayed by the show flash command plus information about vendor
location individual ROM devices in Flash memory and invalidated system image files
You can also use the command in ROM monitor mode to list the configuration register settings on some models
The Flash content listing does not include the checksum of individual files To recompute and verify
the image checksum after the image is copied into Flash memory complete the following task in EXEC mode
Task Command
and the checksum Recompute verify image after the image is copied copy verify into Flash memory
enter this the for the When you command screen prompts you filename to verify By default it
prompts for the last most recent file in Flash Press Return to recompute the default file checksum
or enter the filename of different file at the prompt Note that the checksum for microcode images
is always Ox0000
3-32 Router Products Configuration Guide Clear the Contents of NVRAM
Cear the Contents of NVRAM
To clear the contents of nonvolatile memory perform the following task in EXEC mode
Task Command
Clear the contents of NVRAM write erase
Reexecute the Conf�guraton Commands NVRAM
To reexecute the commands in configuration nonvolatile memory perform the following task in EXEC mode
Task Command
Reexecute the configuration commands in NVRAM configure memory
Use Hash Memory as TFTP Server
Flash memory can be used as Trivial File Transfer Protocol TFTP file server for other routers on
the network This feature allows you to boot remote router with an image that resides in the Flash server memory
In the description that follows one Cisco 7000 router is referred to as the Flash server and all other
routers are referred to as client routers Example configurations for the Flash server and client routers
include commands as necessary
Prereqv�sites
The Flash server and client router must be able to reach one another before the TFTP function can
be implemented Verify this connection by pinging between the Flash server and client router in
either direction using the ping command
An example use of the ping command is as follows
Router ping 131.131.101.101 Return
In this the example Internet Protocol IF address of 131.131.101.101 belongs to the client router
is indicated while ConneCtivity by .. out or Ifai1ed indicates no connection If the
connection fails reconfigure the interface check the physical connection between the Flash server
and client router and ping again
After the you verify connection ensure that TFTP-bootable image is present in Flash memory This
is the software system image the client router will boot Note the name of this software image so you
can verify it after the first client boot
Note The filename used must represent software image that is present in Flash memory If no
resides in Flash the client image memory router will boot the servers ROM image as default
Loading System Images Microcode Images and Configuration Files 3-33 Use Flash Memory as TFTP Server
Caution For full functionality the software residing in the Flash memory must be the same type as
the RUM software installed on the client router For example if the server has X.25 software and
the client does not have X.25 software in RUM the client will not have X.25 capabilities after booting from the servers Flash memory
Configuring the Flash Server
Use the following privileged EXEC command to configure the Flash server by adding both the
tftp-server system command and the access-list command to the configuration memory
configure terminal
Example
The following example shows the use of configure terminal command to get into configuration
mode and configure the Flash server
Server configure terminal Enter configuration commands one per line Edit with DELETE CRTL/W and CRTL/U end with CTRLIZ tftpserver system gs7k.9.17 accesslist permit 131.131.101.0 0.0.0.255
Server write memory Return
Server
This example gives the filename of the software image in the Flash server and one access list
labeled The access list must include the network where the client router resides Thus in the the network 131.13 example 1101.0 and any client routers on it are permitted access to the Flash
server filename gs7-k.9.17
Configuring the Client Router
Caution Using the no boot system command in the following example will invalidate all other boot
system commands currently in the client router system configuration Before proceeding determine
whether the system configuration stored in the client router should first be saved uploaded to
TFTP file server so you have backup copy
Configure the client router using the no boot system command the boot system command and the
boot system rom command Use the configure terminal command to enter these commands into
the client routers memory configuration Using these commands on the Cisco 7000 requires the the changing jumper on configuration register of the processor to the pattern 0-0-1-0
Position For this exercise the IP address of the Flash server is 131.131.111.111
3-34 Router Products Configuration Guide Use Flash Memory as TFTP Server
Example
Following is an example of the use of these commands
Client configure terminal
Enter configuration commands one per line Edit with DELETE CRTL/W and CRTL/U end with CTRL/Z
no boot system boot system gs7-k9.17 131.131111.111 boot system rom
Client8 write memory Return ok Server reload
In this example the no boot system command invalidates all other boot system commands currently in the configuration memory and any boot system commands entered after this command will be executed first The second command boot systemfilename address tells the client router to look for the file gs7-k.9.17 in the Flash server with an IP address of 131.131.111.111 Failing this the client router will boot from its system ROM upon the boot system rom command which is included as backup in case of network problem The write memory command copies the configuration to memory and the reload command boots the system
Caution The system software gs7-k.9 17 to be booted from the Flash server 131.131 111.111 must reside in Flash memory on the server If it is not in Flash memory the client router will boot the Flash servers system ROM
Use the show version command on the client router to verify that the software image booted from the Flash server is the image present in Flash memory
Following is sample output of the show version command
env-�hassis show version CS Software 0S7 Version 9.1.17 Copyright 1986-1992 by cisco Systems Inc Compiled Wed 21-Oct-92 2249
System Bootstrap Version 4.60.15
Current date and time is Thu 10-22-1992 131503 Boot date and time is Thu 10-22-1992 130655 any-chassis uptime is minutes System restarted by power-on System image file is gs7-k.9.17 booted via tftp from 131.131.111.111
RP1 68040 processor with 16384K bytes of memory X.25 software Bridging software Switch Processor EIP controller Ethernet Ethernet/IEEE 802.3 interface 128K bytes of non-volatile configuration memory 4096K bytes of flash memory on embedded flash in RP1 Configuration register is OxO
The important information in this example is contained in the first line GS Software.. and in the line that begins with System image file... The two software types and versions shown indicate the software currently running in RAM in the client router first line and the software booted from the
Flash server last line These two types and versions must be the same
Loading System Images Microcode Images and Configuration Files 3-35 Loading Microcode Images over the Network
Note If no bootable image was present in the Flash server memory when the client server was
booted the version currently running first line of the preceding example will be the system ROM
version of the Flash server by default
Verify that the software shown in the first line of the previous example is the software residing in the Flash server memory
Loading Microcode mages over the Network
Cisco interface 7000 processors and the Switch Processor SP each have writable control store WCS The WCS stores microcode You can load updated microcode onto the WCS from the onboard ROM or from Flash memory on the Route Processor RP card With this feature you can update microcode without having physical access to the router and you can load new microcode without rebooting the system
By default microcode is loaded from the ROM on each interface card This onboard ROM
microcode is not the same as the eight ROMs on the RP that contain the system image
To load microcode from Flash complete the following task
Task Command
microcode Step Copy files into Flash copy tftp flash
See the section Copy System Images from
Network Server to Flash Memory earlier in this
chapter for more information about how to copy TFTP images to Flash memory
Step Load microcode from Flash memory into microcode interface-type rom the WCS
Step Retain new configuration information write memory
when the system is rebooted
If an error occurs when you are attempting to download microcode the onboard ROM microcode
will be loaded and the interface will remain operational
Note Microcode images cannot be compressed
These configuration commands are implemented following one of three events
The system is booted
card is inserted or removed
The configuration command microcode reload is issued
After you have entered microcode configuration command and one of these events has taken place
all of the cards are reset loaded with microcode from the appropriate sources tested and enabled
for operation
3-36 Router Products Configuration Guide Display Microcode Information
To signal to the system that all microcode configuration commands have been entered and the
processor cards should be reloaded complete the following task in interface configuration mode
Task Command
Notify the system that all microcode configuration microcode reload
commands have been entered and the processor
cards should be reloaded
If Flash memory is busy because card is being removed or inserted or microcode reload
command is executed while Flash is locked the files will not be available and the onboard ROM
microcode will be loaded Issue another microcode reload command when Flash memory is
available and the proper microcode will be loaded The show flash command will show if another
user or process has locked Flash memory The microcode reload command should not be used while
Flash is in use for example do not use this command when copy tftp flash or show flash
command is active
The microcode reload command is automatically added to your running configuration when you
issue microcode command that changes the systems default behavior of loading all processors from ROM
Dispay M�crocode nformat�on
To display microcode information perform the following task in EXEC mode
Task Command
Display microcode information show microcode
Loading System Images Microcode Images and Configuration Files 3-37 Display Microcode Information
3-38 Router Products Configuration Guide CHAPTER
Configuring Terminal Lines and Modem Support
This chapter explains how to configure terminal lines The router has three types of terminal lines
one console line one auxiliary line and five virtual network lines Most line setup is the same
regardless of type but certain commands particularly those having to do with modem control and
SLIPIPPP support apply to the auxiliary aux port only
For complete description of the commands mentioned in this chapter refer to Chapter of the
Router Products Command Reference publication To set terminal line characteristics for the
duration of session only see the terminal EXEC commands in Chapter To conduct your Telnet
session use the commands in Chapter
There are two general steps to configure terminal lines and modem support
Enter line configuration mode
Configure the line
Enter Line Configurat�on Mode
Line configuration mode is used to set the terminal-specific parameters From line configuration
mode you can enter special commands called line configuration commands that affect the auxiliary
console port or virtual terminal line you have specified To enter line configuration mode complete
the following task
Task Command
Step At the privileged EXEC prompt enter configure mode from configuration the terminal CR
Step From global configuration mode line aux con vty line-number
begin to configure an auxiliary
console or virtual terminal line
For example to configure line parameters for the auxiliary port at Step in the preceding task you
would enter the following
line aux
The auxiliary relative line number must be See the modem line configuration commands in the
section Setup Modem Control on the Auxiliary Port later in this chapter to set up modem support
on the auxiliary port
Configuring Terminal Lines and Modem Support 4-1 Enter Line Configuration Mode
The terminal from which you locally configure the router is attached to the console port To would the configure line parameters for the console port at Step in the preceding task you enter
following
line con
The console relative line number must be
Virtual terminal lines are used to allow remote access to the router virtual terminal line is not
associated with either the auxiliary or console port You can address either single line or
consecutive range of lines The router has five virtual terminal lines by default However you can
create additional virtual terminal lines as described in the next section
To configure virtual terminal line parameters at Step in the preceding task you would enter the
following
line vty line-number
such tasks Configuring the console port or virtual terminal lines allows you to perform as setting terminal communication parameters specifying autobaud connections and configuring operating
parameters for the terminal you are using These tasks are described later in this chapter
Create Additional Virtual Termihal Lines
line line-number than to the allowed that The vty command accepts larger up maximum on
router with its current configuration The router dynamically creates all of the new virtual terminal
lines between the current highest-numbered line and the number you specify You can then configure
those lines with additional line configuration commands
See the section Example of Creating Additional Virtual Terminal Lines at the end of this chapter
for an example of how to add virtual terminal lines
Eliminate Virtual Terminal Lines
To delete virtual terminal lines perform the following task
Task Command
Step At the privileged EXEC prompt enter configuration mode from configure the terminal CR
Step From global configuration mode delete virtual terminal lines no line vty line-number
The router deletes the line-number and all virtual terminal line numbers above that number
You cannot delete virtual terminal lines that are in use attempting to do so results in warning
message Vritual terminal lines should be deleted on an idle system only See the section Example
of Eliminating Virtual Terminal Lines at the end of this chapter for an example of how to eliminate
virtual terminal lines
Absolute versus Relative Line Numbers
Entering the line command with the optional type keyword aux con or vty designates the line
number as relative line number You also can enter the line command without the optional type
keyword In this case the line number is treated as an absolute line number Absolute line numbers
4-2 Router Products Configuration Guide Configuration Task List
increment consecutively and can be difficult to manage on large systems Relative line numbers are
shorthand process used in configuration Internally the router uses absolute line numbers You
cannot use relative line numbers everywhere but you can use absolute line numbers everywhere
The software keeps table of absolute and relative line numbers that you can display with the EXEC
command show users all sample display follows
Line User Hosts Idle Location con aux vty incoming SERVER.COMPANY.COM vty
vty vby vty
Absolute line numbers are listed at the far left in the preceding example Relative line numbers are
in the third column after the line type In this example the second virtual terminal line line vty
is absolute line number
To leave line configuration mode enter another global configuration command or Ctrl-Z
Confguraton Task List
Now that you have entered line configuration mode and specified line in the previous section
perform the following tasks to configure the terminal line
Task Command
Step Enter commands listed in this chapter to configure Use the commands listed in this chapter
the line
Step Exit line configuration mode and return to EXEC Ctrl-Z mode
Step Save the configuration changes to NVRAM write memory
You can perform one or more of the following tasks to configure your line
Set communication parameters page 4-4
Configure automatic baud detection page 4-4
Configure flow control for communications page 4-4
Define command string for automatic execution page 4-5
Create packet dispatch sequences page 4-5
Specify the transport protocol for specific line page 4-5
Establish terminal session limits page 4-6
Set up modem control on the auxiliary port page 4-6
Support reverse TCP connections page 4-16
Define terminal operation characteristics page 4-16
Configure terminal banner messages page 4-21
Telnet Configure capabilities page 4-23
Configuring Terminal Lines and Modem Support 4-3 Configuration Task List
Set Communication Parameters
The router supplies default serial communication parameters for terminal and other serial device these the the terminal operation You can change parameters as necessary to meet requirements of
host attached do of the tasks in line or to which you are To so perform one or more following
configuration mode
Task Command
Set the line speed Choose from line speed transmit speed bps
speed or receive speed Speed applies to aux port only txspeed bps
rxspeed bps
Set the data bits databits
Set the stop bits stopbits .5
Set the parity bit parity none even odd space mark
Configure Automatic Baud Detection
You can configure terminal to automatically detect the baud rate being used over an asynchronous
serial line This command applies to the aux port only To set up automatic baud detection perform
the following task in line configuration mode
Task Command
Set the terminal to automatically detect the baud rate autobaud
To start communications using automatic baud detection type multiple Returns at the terminal
600- 1800- or 19200-baud line requires three Returns to detect the baud rate line at any other
baud rate requires only two Returns If you type extra Returns after the baud rate is detected the EXEC simply displays another system prompt
Configure How Contro for Communications
On the aux port you can set both hardware and software flow control between the router and devices
attached to it Both types of flow control are bidirectional When you specify software flow control
an additional keyword specifies the direction in causes the router to listen to flow control from the
attached device and out causes the router to send flow control information to the attached device If
you do not specify direction the router enables software flow control in both directions
For software flow control the default stop and start characters are Ctrl-S and Ctrl-Q XOFF and
characters character that the XON respectively However you can define or sequences signal start
and end of data transmission when software flow control is in effect This capability is useful for
providing control of data over the serial line
The keyword hardware sets hardware flow control For information about setting up the RS-232 the hardware line see installation and maintenance manual for your product
4-4 Router Products Configuration Guide Configuration Task List
To configure flow control between the router and attached device perform one or more of the
following tasks in line configuration mode
Task Command
Set the terminal flow control ffowcontrol none software in out hardware out
Set the flow control start character start-character ASCII-number
Set the flow control stop character stop-character ASCII-number
Define Command String for Automatic Execution
You can set up command or string of commands that will automatically execute upon connection
to another host Any appropriate EXEC command and any switch or host name that occurs with the
EXEC command are allowed To do so perform the following task in line configuration mode
Task Command
Define command or string of autocomniand command
commands to be automatically
executed
Create Packet Dispatch Sequences
The router supports configuration of dispatch sequences You can set up dispatch characters that
allow packets to be buffered then transmitted upon receipt of character These characters are useful on an auxiliary port only and then only if you have some special-purpose device hooked up
To configure dispatch sequence perform one or both of the following tasks as needed for your
particular system in line configuration mode
Task Command
Define one or more characters that dispatch-character ASCII-number
trigger packet transmission for ASCII-number
particular line
Set the dispatch timer dispatch-timeout milliseconds
Specify the Transport Protoco for Specific Line
You can selectively specify the protocols allowed on individual lines You can set the protocol for
incoming and outgoing connections and change the default preferred protocol for line The
default transport protocol is Telnet
Selecting which command to use is determined by whether it is for incoming or outgoing
connections or is being used as default preferred selection
Configuring Terminal Lines and Modem Support 4-5 Configuration Task List
Perform one or more of the following tasks in line configuration mode to specify transport protocols
Task Command
Define which protocols can be used to connect to specific transport input mop telnet none
line of the router
Determine the protocols that can be used for outgoing transport output telnet none
connections from line
Specify the protocol for the router to use if the user did not transport preferred telnet none
specify protocol
Prevent errant connection attempts transport preferred none
The system accepts host name entry at the EXEC system prompt as Telnet command If you incorrect Telnet mistype the host name the system interprets the entry as an command and provides
an error message indicating that the host does not exist The transport preferred none command disables this option so that if you mistype command at the EXEC prompt the system will not
attempt to make Telnet connection
Establish Terminal Session Limits
You can control terminal sessions in high traffic areas to provide resources for all users To do so
perform one or both of the following tasks in line configuration mode
Task Command
Set the maximum number of sessions session-limit session-number
Set the idle session timeout interval session-timeout minutes
Set np Modem ContrW on the Auxiliary Port
The auxiliary port is standard RS-232-C DB-25 connector Its output signals are Transmit Data
TXDATA Data Terminal Ready DTR and Request To Send RTS The input signals are Receive Data RXDATA Clear to Send CTS RING and Carrier Detect CD
You can perform the following modem control procedures on the router
Configure automatic dialing
Close modem connections
Automatically answer modem
Support dial-in modem
Support reverse modem connections/prevent incoming calls
Support both dial-in and dial-out modems
Configure line timeout interval
Configure support for chat scripts
Configure rotary groups
4-6 Router Products Configuration Guide Configuration Task List
disconnect Configure automatic line
Configure high-speed modem support
sections illustrate how the modem State diagrams accompany some of the tasks in the following to
control works The diagrams show two processes
the network The create daemon process creates TTY daemon that handles incoming connection
The create EXEC process creates the process that interprets user commands Refer to
Figures 4-1 through 4-6
box In the diagrams the current signal state and the signal the line is watching are listed inside each
The state of the line as displayed by the EXEC command show line is listed next to the box Events
that change that state appear in italics along the event path with actions that the software takes
described within the ovals
modem control is The is Figure 4-1 illustrates line behavior when no set DTR output always high
and CTS and RING are completely ignored The router creates an EXEC when the user types the
activation character Incoming TCP connections occur instantly if the line is not in use and can be
closed only by the remote host
Ringing
Create Create daemonJ EXEC cJ Ready and Active Ready and Active
Figure 4-1 EXEC and Daemon Creation on Line with No Modem Control
Configure Automatic Dialing
dial the number of remote With the dial-up capability you can set modem to automatically phone
router This feature offers cost savings because phone line connections are made as needed You only
line for pay for using the phone line when there is data to be received or sent To configure automatic dialing perform the following task in line configuration mode
Task Command
Configure line to initiate automatic dialing modem dtr-active
Configuring Terminal Lines and Modem Support 4-7 Configuration Task List
Close Modem Connections
You can configure line to close connections from users terminal when the terminal is turned off
and prevent inbound connections to devices that are out of service To do so perform the following
task in line configuration mode
Task Command
Configure line to close connections modem cts-required
Figure 4-2 illustrates the modem cts-required process This form of modem control requires that
CTS be high throughout the use of the line If CTS is not high the users typed input is ignored and connections refused incoming are or step to the next line in rotary group
Note In order for router to reliably detect CTS signal change the signal must remain in the new
state for at least one full second
4-8 Router Products Configuration Guide Configuration Task List
Idle state
Hang up
Figure 4-2 EXEC and Daemon Creation on Line Configured for Continuous CTS
Automatically Answer Modem
You can configure line to automatically answer modem You would also configure the modem to and answer the telephone on its own as long as DTR is high drop connections when DTR is low
to reflect the of carrier the use its Carrier Detect CD signal accurately presence configuring
modem is modem-dependent process Wire the modems CD signal generally pin-8 to the
routers RING input pin-22 and perform the following task in line configuration mode
Task Command
Configure line to automatically answer modem modem ri-is-cd
You can tum on the modems hardware flow control independently to act on the status of the routers
for hardware flow control If the modem CTS input Wire CTS to whatever signal the modem uses
also need wire the flow expects to control hardware flow in both directions you might to modems
control input to some other signal that the router always has high such as DTR
Configuring Terminal Lines and Modem Support 4-9 Configuration Task List
4-3 illustrates the ri-is-cd the the Figure modem process When router detects signal on RING
of idle it starts input an line an EXEC or autobaud process on that line If the RING signal disappears
on an active line the router closes any open network connections and terminates the EXEC If the
exits the the line user EXEC or router terminates it because of no user input the hangs up the modem
by lowering the DTR signal for five seconds After five seconds the modem is ready to accept another call
Idle State
Close connection DTR
for secondsJ Create EXEC
Hang up Ringing
RING lowered
or exit
Figure 4-3 EXEC Creation on Line Configured for Uigh-Speed Dial-up Modem
4-10 Router Products Configuration Guide Configuration Task List
Support Dial-In Modem
The router supports dial-in modems that use DTR to control the off-hook status of the telephone line
Perform the following task in line configuration mode to configure the line to support this feature
Task Command
Configure line for dial-in modem modem callin
Figure 4-4 illustrates the modem cahill process When modem dialing line is idle it has DTR in
low state and waits for transition to occur on the RING input This transition causes the line to raise
DTR and start watching the CTS signal from the modem After the modem raises CTS the router
creates an EXEC on the line If the timeout interval set with the modem answer-timeout
the idle command passes before the modem raises CTS the line lowers DTR and returns to state
Idle state
Hang up
Ready and active
Figure 4-4 EXEC Creation on Line Configured for Modem Callin
Configuring Terminal Lines and Modem Support 4-11 Configuration Task List
Note The modem callin and modem cts-required line configuration commands are useful for
SLIP operation These commands ensure that when the line is hung up or CTS drops the line reverts from SLIP mode to normal interactive mode These commands do not work if you use the async
dedicated command to put the line in network mode permanently
Although you can use the modem callin line configuration command with newer modems the
modem ri-is-cd line configuration command described earlier in this section is more appropriate
The modem ri-is-cd command frees up CTS for hardware flow control Modem modems do not
require the assertion of DTR to take phone line off-hook
Support Reverse Modem Connections/Prevent Incoming Calls
The router supports ports connected to computers that are to be connected to modems You can
configure the router to behave somewhat like modem by performing the following task in line
configuration mode This command also prevents incoming calls
Task Command
Configure line for reverse connections and modem callout
prevent incoming calls
Figure 4-5 illustrates the modem callout process When the router receives an incoming connection
it raises DTR and waits to see if the CTS becomes high as an indication that the host has noticed its
signal If the host does not respond within the interval set with the modem answer-timeout
subcommand the router lowers DTR and drops the connection
4-12 Router Products Configuration Guide Configuration Task List
Idle State
Ready and Active
Figure 4-5 Daemon Creation on Line Configured for Modem Callout
Support Dial-In and Dial-Out Modems
You can configure line for both incoming and outgoing calls by performing the following task in
line configuration mode
Task Command
Configure line for both incoming and outgoing calls modem inout
in-out If line is activated it behaves Figure 4-6 illustrates the modem process the by raising RING
exactly as line configured with the modem ri-is-cd subcommand described earlier If the line is
activated by an incoming TCP connection the line behaves similarly to nonmodem line
Configuring Terminal Lines and Modem Support 4-13 Configuration Task List
Idle State
Close DTR connection ______for jw secon Create EXEC
Ready and Hang Up Active
RING lowered or exit
Figure 4-6 EXEC and Daemon Creation on Line Configured for Incoming and Outgoing Calls
Note If your system incorporates dial-out modems consider using access lists to prevent unauthorized use
Configure Line Timeout Interval
You can change the interval that the router waits for CTS after raising DTR in response to RING
from the default of 15 seconds To do so perform the following task in line configuration mode The
timeout applies to the modem callin command only
Task Command
Configure modem line timing modem answer-timeout seconds
4-14 Router Products Configuration Guide Configuration Task List
Configure Support for Chat Scripts
modem commands and You can configure chat scripts which are strings of text that provide dialing
for Dial-on-Demand commands for logging into remote systems Chat scripts are used Routing
the task in line DDR as described in Chapter 10 To configure such support perform following
configuration mode
Task Command
Specify chat script for line modem chat-script regular expression
Configure Rotary Groups
Connections can be made to the next free line in group of lines also called rotary or hunt group
line can be in only one rotary group rotary group can consist of single line or several
line be in contiguous lines The console line cannot rotary group
because the is not You might want to assign the rotary with the single auxiliary port line aux port
it in do not have necessarily the same line number on all hardware By putting rotary group you
is that if the device to track the actual line number Another reason to use rotary group supports LAT an inbound service can only be bound to rotary group it cannot be bound to port number
mode To configure rotary group perform the following task in line configuration
Task Command
Add line to the specified rotary group rotary group
Configure Automatic Line Disconnect
You can configure automatic line disconnect by performing the following task in line configuration mode
Task Command
Configure automatic line disconnect autohangup
The command causes the EXEC to issue the exit command when the last connection closes This
feature is useful for UNIX UUCP applications that require this behavior because UUCP scripts
cannot issue the command that hangs up the telephone
Configure High-Speed Modem Support
of 9600 bits second Dial-up modems that operate over normal dial-up telephone lines at speeds per
and higher are now available These modems do not operate at guaranteed throughput instead of data they operate at speed dependent on the quality of the line the effectiveness compression hardware flow algorithms on the data being transmitted and other variables These modems use
control to stop the data from reaching the host by toggling an RS-232 signal when they cannot accept
any more
Configuring Terminal Lines and Modem Support 4-15 Configuration Task List
In addition to hardware flow control dial-up modems require special software handling For
example they must be configured to create an EXEC when user dials in and to hang up when the
user exits the EXEC These modems must also be configured to close any existing network
in middle of session connections if the telephone line hangs up the
Your router supports hardware flow control on its CTS input which is also used by the normal modem handshake
Perform the following tasks to configure and use high-speed modem
Task Command
Step In line configuration mode enable outgoing hardware flow flowcontrol hardware
control based on the CTS input
Step In EXEC mode display informational messages about debug modem
modem control events such as signal transitions and See Chapter and the Debug
autobaud progress on the console terminal Command Reference
Step In EXEC mode display the status of line In the detailed show line
command output Status line with Idle identifies inactive
modem ri-is-cd lines and all other modem lines Status
line with Ready identifies lines in use
Step In EXEC mode close all the connections on line and hang clear line
up the modem
Support Reverse TCP Connections
In addition to initiating connections the router can receive incoming connections on the auxiliary
and other shared to the port This capability allows you to attach serial printers modems peripherals
router and drive them remotely from other systems The router supports reverse TCP connections
device determines the of The specific TCP port or socket to which you attach the peripheral type
service the router provides on that line When you attach the serial lines of computer system or
network front end for data terminal switch to the auxiliary port of the router the router acts as
host that does not support the TCP/IP protocols This arrangement is sometimes calledfro nt-ending
or reverse connection mode
To connect the auxiliary port the remote host or terminal must specify particular TCP port on the
router If Telnet protocols are required that port is 2000 decimal plus the decimal value of the line number
If raw TCP stream is required the port is 4000 decimal plus the decimal line number The raw
TCP stream is usually the required mode for sending data to printer
The Telnet protocol requires that carriage return characters be translated into carriage return and
linefeed character pairs You can turn this translation off by specifying the Telnet binary mode
option To specify this option connect to port 6000 decimal plus the decimal line number
Define Terminal Operation Characteristics
With line configuration commands you can set terminal operation characteristics that will be in operation for that line until the next time you change the line parameters
terminal commands Alternatively you can temporarily change the line settings with the EXEC
provided in Chapter
4-16 Router Products Configuration Guide Configuration Task List
You can define the following terminal operation characteristics
Terminal type
Terminal screen length and width
Escape character and other key sequences
International character display
Character padding
Editing mode
Terminal-locking mechanism
Dedicated sessions
Line connection information after the login prompt
Password checking at login
Pipe for file transfers
Each item is described in section that follows
Specify the Terminal Type
This has benefits it You can specify the type of terminal connected to line feature two provides
in Telnet terminal to record of the type of terminal attached to line and it can be used negotiations the terminal inform the remote host of the terminal type for display management To specify type
perform the following task in line configuration mode
Task Command
Specify the terminal type terminal-type terminal-name
Set the Terminal Screen Length and Width
By default the router provides screen display of 24 lines by 80 characters You can reconfigure
these values if they do not meet the needs of your terminal by performing the following tasks in line
configuration mode
Task Command
Set the screen length length screen-length
Set the screen width width characters
The values set can be learned by some host systems that use this type of information in terminal disable between of negotiation Set value of zero for the screen length to pausing screens output
Configuring Terminal Lines and Modem Support 4-11 Configuration Task List
Define Escape Character and Other Key Sequences
You can define or modify the default key sequences to execute functions for system escape terminal
activation disconnect and terminal pause To define or change the default sequence perform one or
more of the following tasks in line configuration mode
Task Command
Change the system escape sequence The escape sequence escape-character ASCII-number
indicates that the codes that follow have special meaning
Default sequence is Ctrl-\
Define session activation sequence or character Typing this activation-character ASCII-number
sequence at vacant terminal begins terminal session The
default key is Return
Define the session disconnect sequence or character Typing disconnect-character ASCII-number
this sequence at terminal ends the session with the router
There is no default sequence
hold-character ASCII-n umber Define the hold sequence or character that causes output to the
terminal screen to pause There is no default sequence To
continue the output type any character after the hold
character To use the hold character in normal
communications precede it with the escape character
reinstate the default value for the character activation character the You can escape or by using no
form of the command For example issuing the no escape-character line configuration command
returns the escape character to Ctrl-
Specify the International Character Display
You can use 7-bit character set such as ASCII or you can enable full 8-bit international character
set such as ISO 8859 to allow special graphical and international characters for use in banners and
prompts To specify character set on global basis perform one or both of the following tasks in
global configuration mode
Task Command
Specify the character set used in EXEC and default-value exec-character-bits
configuration command characters
Specify the character set used in special default-value special-character-bits
characters such as software flow control hold
escape and disconnect characters
4-10 Router Products Configuration Guide Configuration Task List
To specify character set based on hardware software or on per-line basis perform the follows appropriate task in line configuration mode as
Task Command
Set the number of databits per character that are databits 61 71
generated and interpreted by hardware
Set the number of databits per character that are data-character-bits
generated and interpreted by software
Specify the character set used in EXEC and exec-character-bits
configuration command characters on per-line basis
Specify the character set used in special characters special-character-bits
such as software flow control hold escape and
disconnect characters on per-line basis
Setting the EXEC character width to eight bits can cause failures For example if user on terminal
that is sending parity enters the command help an unrecognized command message appears
all the bit is not needed for the because the system is reading eight bits although eighth help command
Set Character Padding
Character adds You can change the character padding on specific output character padding
number of null bytes to the end of the string and can be used to make string an expected length for
in line mode conformity To set character padding perform the following task configuration
Task Command
Set padding on specific output character for the padding ASCII-number count
specified line
Disable Enhanced Editing Mode
To disable enhanced editing mode and revert to the editing mode of previous software releases
perform the following task in line configuration mode
Task Command
Disable the enhanced editing features for particular no editing
line
You might disable enhanced editing if you have prebuilt scripts for example that do not interact
well when enhanced editing is enabled You can reenable enhanced editing mode with the editing command
Configuring Terminal Lines and Modem Support 4-19 Configuration Task List
Set Terminal-Locking Mechanism
be locked You can enable terminal-locking mechanism that allows terminal to temporarily by
performing the following task in global configuration mode
Task Command
lockable Enable temporary terminal locking mechanism
After you configure the line as lockable you must still issue the lock EXEC command to lock the keyboard
Dedicate Line to Particular User
By default user-set terminal parameters are cleared with the EXEC command exit or when the
interval set with the exec-timeout line configuration command has passed However you can saved between sessions the configure line so that user-set terminal parameters are by performing
following task in line configuration mode
Task Command
Configure line so that the terminal parameters the user sets private
remain in effect between terminal sessions
Provide Line Connection Information after the Login Prompt
line and location With the service linenumber command you can provide the host name number number banner each time an EXEC is started or an incoming connection is made The line appears with inmiediately after the EXEC banner or incoming banner It is useful for tracking problems
modems because it lists the host and line for the modem connection Modem type information is also
included if applicable
To provide service line number information perform the following task in global configuration mode
Task Command
Provide service line number information after the EXEC or service linenumber
incoming banner
Enable Password Checking at Login
You can enable password checking on particular line so that the user is prompted to enter the password at the system login screen You must then also specify password by performing
following tasks in line configuration mode
Task Command
Step Enable password checking on per-line basis using the login
password specified with the password command
Step Assign password to particular line password password
4-20 Router Products Configuration Guide Configuration Task List
You can enable password checking on per-user basis in which case authentication is based on the
username specified with the username global configuration command as described in Chapter To
enable this type of password checking perform one of the following tasks in line configuration mode
Task Command
Enable password checking on per-user basis using the login local
username and password specified with the username global
configuration command
Select the TACACS-style user ID and password-checking login tacacs mechanism
By default virtual terminals require passwords If you do not set password for virtual terminal
it will respond to attempted connections by displaying an error message and closing the connection Use the no login command to disable this behavior and allow connections without password
For examples of password checking see the configuration examples at the end of this chapter
For other access control tasks and password restrictions including the enable password global
configuration command that restricts access to privileged mode see Chapter
Act as Pipe for File Transfers
You can set line to act as transparent pipe so that programs such as Kermit XMODEM or
CrossTalk can download file across router line To do so perform the following task in EXEC mode
Task Command
Temporarily set the ability of line to act as transparent pipe for terminal download
file transfers
Confgre Termiual Barnier Messages
You can configure the following types of messages that will be displayed to users of terminals
connected to the router
message-of-the-day banner
line activation message
An incoming message banner
An idle terminal message
You can also turn on or off message display
The following sections explain how to configure these messages and how to suppress display of
message-of-the-day and line activation banners
Configuring Terminal Lines and Modem Support 4-21 Configuration Task List
Configure Message-of-the-Day MOlD Banner
You can configure message of the day to be displayed on all connected terminals This message is
displayed at login and is useful for sending messages that affect all network users such as impending
system shutdowns To do so perform the following task in global configuration mode
Task Command
Configure message-of-the-day banner banner motd message
Configure Line Activation Message
You can configure line activation message to be displayed when an EXEC process such as line
activation or incoming connection to virtual terminal is created To do so perform the following
task in global configuration mode
Task Command
Configure message to be displayed on banner exec message terminals with an interactive EXEC
Configure an Incoming Message Banner
You can configure message to be displayed on terminals connected to reverse Telnet lines This
message is useful for providing instructions to users of these types of connections The portion of
the argument that appears in the subsequent commands is delimiting character that you configure
Reverse Telnet connections are described in more detail in the section Support Reverse TCP
Connections earlier in this chapter
To configure the message that will be sent on incoming connections perform the following task in
global configuration mode
Task Command
Configure messages to display on terminals banner incoming message
connected to reverse Telnet lines
Configure an Idle Terminal Message
You can configure messages to be displayed on console or terminal not in use Also called vacant
message this message is different from the banner message displayed when an EXEC process is activated To configure an idle terminal message perform the following task in line configuration mode
Task Command
Display an idle terminal message vacant-message message
4-22 Router Products Configuration Guide Configuration Task List
Enable or Disable the Display of Messages
You can control display of the message-of-the-day and line activation banners By default the
messages defined with the banner motd and banner exec commands are displayed on all lines To
such of the tasks in line suppress or reinstate the display of messages perform one following
configuration mode
Task Command
Suppress banner display no exec-banner
Reinstate the display of the EXEC or MOTD banners exec-banner
Configure Tehrnt CapabUites
connections Telnet virtual terminal protocol that is part of the TCP/IP protocol suite allows for to
hosts You can configure line to support the following Telnet capabilities
Generate hardware Break signal
Suppress Telnet remote echo and go-ahead options
Negotiate speed
Send Telnet synchronize signal
Set end-of-line control
Define Telnet connection failure and success messages
Record the device location
Set pending output notification
Refuse connection
Establish and control the EXEC process
Display debug messages on the terminals
Each item is described in following section
Generate Hardware Break Signal
hardware Break signal is generated when Telnet Break command is received You can configure
enable the to hardware the router to also generate Break on Interrupt Process To system generate associated with Telnet the Break signal on the RS-232 line that is reverse connection complete mode following task in line configuration
Task Command
Set the system to generate hardware Break signal telnet break-on-ip
send Process This capability is useful because several user Telnet programs can an Interrupt command but cannot send Telnet Break signal while other programs implement Break signal
Break for various that sends an Interrupt Process command RS-232 devices use the hardware signal
purposes
Configuring Terminal Lines and Modem Support 4-23 Configuration Task List
Suppress Telnet Remote Echo and Go-Ahead Options
You can cause Telnet to refuse to negotiate full-duplex remote echo options on incoming
connections Use the following command on reverse Telnet connections to allow the router to refuse command of the Telnet Remote Echo these requests from the other end This suppresses negotiation
task in line mode and Suppress Go-Ahead options Perform the following configuration
Task Command
Set line to refuse to negotiate full-duplex remote echo telnet refuse-negotiations
options
Negotiate Speed
the task in line To allow the line to negotiate bit rate on incoming connections perform following
configuration mode
Task Command
Set the line to negotiate speeds on incoming connections telnet speed default-speed maximum-speed
The router uses the default-speed if the connected device does not specify speed The argument
maximum-speed is the highest speed the router will use
Send Telnet Synchronize Signal
To cause an incoming connection to send Telnet synchronize signal when it receives Telnet Break
signal complete the following task in line configuration mode
Task Command
Cause incoming connection to send Telnet telnet syncon-break Break synchronize signal when it receives Telnet signal
used the of Break with to data This capability is very rarely to ensure ordering reception respect
characters sent after the Break signal
Set End-of-Line Control
To configure the router to send carriage return CR as CR followed by NULL instead of CR followed by linefeed LF complete the following task in line configuration mode
Task Command
Send CR followed by NULL instead of LF telnet transparent
end-of-line in the Telnet This capability is useful for coping with different interpretations of handling
protocol specification
4-24 Router Products Configuration Guide Configuration Task List
Define Telnet Connection Failure and Success Messages
when Telnet connection to host fails or You can define message that is displayed specified tasks in mode succeeds To do so perform one or both of the following global configuration
Task Command
whenever hostriame Define message that the router displays an busy-message message host fails attempt to connect to the specified
hostname Define message that the router displays whenever an login-string message %secp
attempt to connect to the specified host succeeds
With the login-string options you can set pause prevent user from issuing commands during pause send Break character and use percent sign in the login string
Record the Device Location
You can record the location of serial device by performing the following task in line configuration
in of the commands mode The text provided for the location appears the output EXEC monitoring
Task Command
Record the location of serial device location text
Set Pending Output Notification
connections when You can set up line to inform user who has multiple concurrent Telnet output
other than the current To do the task in line is pending on connection one so perform following
configuration mode
Task Command
of Set up line to notify user pending output notify
Refuse Connection
You can define line-in-use message to indicate that the line is currently busy by performing the
following task in line configuration mode
Task Command
Define line-in-use message refuse-message message
Configuring Terminal Lines and Modem Support 4-25 Configuration Examples
Establish and Control the EXEC Process
By default the router starts an EXEC process on all lines however commands are available to
control EXEC processes as follows
Turn the EXEC on or off
When you want to allow an outgoing connection only for line use the no exec command When
tries to line with the the will when the user use EXEC off user get no response pressing
Return key at the login screen
Set the idle terminal timeout interval
The EXEC command interpreter waits for specified interval of time until the user starts input
If no input is detected the EXEC resumes the current connection or if no connections exist it
returns the terminal to the idle state and disconnects the incoming session
To control the EXEC as stated above perform the following tasks in line configuration mode
Task Command
Turn the EXEC on or off exec or no exec
Set the idle terminal timeout interval exec-timeout minutes
Display Debug Messages on the Terminal
The EXEC provides the ability to display debug command output and system error messages on the
current terminal To enable this feature perform the following task in EXEC mode
Task Command
Display debug command output and system error terminal monitor
messages on the current terminal
Refer to the Debug Command Reference publication for details on debug commands and output
Configuraton ExampHes
This section provides the following configuration examples
Line configuration example page 4-27
Example of creating additional virtual terminal lines page 4-27
Example of eliminating virtual terminal lines page 4-27
Banner message example page 4-28
Password checking examples page 4-28
4-26 Router Products Configuration Guide Configuration Examples
Line Configuration Example
In the following example the user configures console line auxiliary line and virtual terminal
lines through
line vty login line con password poPPee line aux password Nypassword no exec access-class in
speed 19200 line vty exectimeout password Mypassword line vty exec-timeout password Mypassword line vty exec-tirneout password Mypassword line vty password Mypassword
line vty password Mypassword
Example of Creating Additional Virtual Terminal Lines
In the following example the user creates and configures the maximum 100 virtual terminal lines with the no login feature
line vty 99 no login
Example of Eliminating Virtual Terminal Lines
In the following example the user eliminates virtual terminal line number and all higher-numbered
virtual terminal lines Only virtual terminal lines to will remain
no line vty
Configuring Terminal Lines and Modem Support 4-27 Configuration Examples
Banner Message ExampDe
reloaded with Suppose you want message explaining that the server is going to be new software
The following example shows how to use the banner global configuration command and
no exec-banner line configuration command to notify your users
Both messages are inappropriate for the VTYs line vty no exec-banner
banner exec
This is Cisco Systems training group router
Unauthorized access prohibited
banner incoming You are connected to Hayes-compatible modem
Enter the appropriate AT commands Remember to reset anything to change before disconnecting
banner motd
The router will go down at 6pm for software upgrade
Password Checking Exampes
The following example shows password checking enabled for virtual terminal line
line vty login password letmein
The following example shows password checking enabled on user basis
usernarne jksmith password letmein username lmjones password littlerock
line vty login local
4-28 Router Products Configuration Guide CHAPTER
Managing the System
the This chapter describes the basic tasks that you can do to manage general system or nonprotocol
via the Network specific features Our system management features are supported Simple needed to SNMP Management Protocol SNMP This chapter describes the tasks configure support
is the Information MIBs variables on the router part of SNMP Management Base MIB provide network devices and that can be set or read to change parameters or provide information on
and also interfaces Cisco supports several MIBs including the Internet standard MIB II provides Base its own Cisco MIB For information on the Cisco MIB see the Cisco Management Information MIB User Quick Reference
that Cisco Systems also provides CiscoWorks feature-rich network management software product on Sun SPARCstation is integrated with Sun Microsystems SunNet Manager product running
interface that is menu driven and platform CiscoWorks provides graphical user provides support the next for all five areas of network management See section Understanding System automated Management for details With CiscoWorks you can create network maps and set up such Test network performance monitors and fault tests as pinpointing connectivity problems the Cisco Works User results can be displayed in several graph formats For more information see Guide
MS-Windows user The Cisco Configuration Builder application based on an graphical interface
Cisco Builder offers also streamlines the process of configuring Cisco routers The Configuration
guided configuration capability so that as you complete the first configuration step you are
needed to of automatically led through the correct order of remaining steps complete configuration Builder on-line each feature or protocol In addition the Cisco Configuration provides an help system See the Cisco Builder Started Guide for more for easy access to information Configuration Getting information
in the Router For list of recommended books on network management refer to Appendix
Products Command Reference publication
commands mentioned in this refer to of the For complete description of the chapter Chapter
Router Products Command Reference publication
Managing the System 5-1 Understanding System Management
Understanthng System Management
its the This chapter describes the tasks you can perform to manage the router and performance on The network In general system or network management falls into the following categories
categories are described in this chapter unless specified otherwise
Configuration management page 5-3
The configuration of network devices determines the networks behavior To manage device
configurations you need to list and compare configuration files on running devices store
configuration files on network servers for shared access and perform software installations and
upgrades These configuration management tasks are described in Chapter
Other configuration management tasks include naming the router setting router time services
and configuring SNMP support These tasks are described in this chapter
Security management page 5-15
To manage security on the network you need to restrict access to the system You can do so on
several different levels
You can assign passwords and encrypt them to restrict access to router terminal lines login
connections or privileged EXEC mode
You can establish Terminal Access Controller Access Control System TACACS protection
for network servers that have shared access
You can restrict login connections to specific users with username authentication system
You can control access on serial interfaces with Challenge Handshake Authentication Protocol CHAP
You can create access lists to filter traffic to and from specific destinations Subsequent This section chapters that describe the routing protocols in detail define access lists provides
general guidelines for creating access lists
You can create security labels for Internet Protocol IP datagrams using the Internet
Protocol Security Option IPSO as described in Chapter 15
Fault management page 5-23
To manage network faults you need to discover isolate and fix the problems You can discover
problems with the systems monitoring commands isolate problems with the systems test
commands and resolve problems with other commands including debug
This section introduces basic fault management commands For detailed troubleshooting
procedures and variety of scenarios see the Troubleshooting Intern etworking Systems
publication For complete details on all debug commands see the Debug Command Reference
publication
System performance management page 5-32
determine To manage system performance you need to monitor and response time error rates load and and availability Once these factors are determined you can perform balancing modify
allows to system parameters to enhance performance For example priority queuing you
prioritize traffic order You can configure fast and autonomous switching to improve network
throughput as described in Chapter of this manual
See the Internetwork Design Guide for additional information
5-2 Router Products Configuration Guide Configuration Management
Accounting management page 5-38
Accounting management allows you to track both individual and group usage of network
resources You can then reallocate resources as needed For example you can change the system
timers and configure TCP keepalives See also the IP accounting feature in Chapter 15 of this manual
Configuraton Management
You can complete any of the following tasks to perform configuration management functions
Set the router name
Set the router time services
Monitor time services
Configure SNMP support
The following sections summarize these tasks Other configuration management tasks are described
in Chapter
Set the Router Name
is considered host One of the first basic tasks is to name your router The name of the router the name
and is the name that is displayed by the system prompt If no name is configured the system default
router name is Router You can name the router while in global configuration mode as follows
Task Command
Set the host name hostname name
Set the Router Time Services
All of our router and communication server products provide an array of time-of-day services These
services allow the products to keep track of the current time and date to high degree of accuracy
to synchronize multiple products to the same time and to provide time services to other systems
The heart of the time service is the system clock This clock runs from the moment the system starts
up and keeps track of the current date and time The system clock can be set from number of
sources and in turn can be used to distribute the current time through various mechanisms to other
systems When the system is initialized the system clock is set based on the time in the Cisco 7000
hardware on other router models the system clock it is set to midnight on March 1993 The
system clock can then be set from the following sources
Network Time Protocol NTP
VINES Time Service
Manual configuration
Managing the System 5-3 Configuration Management
The system clock can provide time to the following services
Network Time Protocol
VINES Time Service
User show commands
logging and debugging messages
clock track of time based Coordinated Universal also The system internally keeps on Time UTC known as Greenwich Mean Time GMT You can configure information about the local time zone
and summer time daylight savings time so that the time is displayed correctly relative to the local
time zone
The system clock keeps track of whether the time is authoritative or not that is whether it has
been set by time source considered to be authoritative If it is not authoritative the time will be redistributed available only for display purposes and will not be
Network lime Protocol
network of The Network Time Protocol NTP is protocol designed to time-synchronize
machines NTP runs over UDP which in turn runs over IP NTP is documented in RFC 1305
radio clock An NTP network usually gets its time from an authoritative time source such as or an
atomic clock attached to time server NTP then distributes this time across the network NTP is
extremely efficient no more than one packet per minute is necessary to synchronize two machines
to within millisecond of one another
NTP uses the concept of stratum to describe how many NTP hops away machine is from an
authoritative time source stratum time server has radio or atomic clock directly attached
stratum time server receives its time via NTP from stratum time server and so on
machine running NTP will automatically choose as its time source the machine with the lowest
stratum number that it is configured to communicate with via NTP This strategy effectively builds
self-organizing tree of NTP speakers
be accurate It avoids NTP is careful to avoid synchronizing to machine whose time may not doing
that is in turn so in two ways First of all NTP will never synchronize to machine not synchronized itself Secondly NTP will compare the time reported by several machines and will not synchronize
to machine whose time is significantly different than the others even if its stratum is lower
The communications between machines running NTP known as associations are usually
statically configured each machine is given the IF address of all machines with which it should form
associations Accurate timekeeping is made possible by exchanging NTP messages between each
of with association in to pair machines an However LAN environment NTP may be configured use IF broadcast messages instead This alternative reduces configuration complexity because each
machine can simply be configured to send or receive broadcast messages However the accuracy of
timekeeping is marginally reduced because the information flow is one-way only
The time kept on machine is critical resource so we strongly recommend that you use the security
features of NTP to avoid the accidental or malicious setting of incorrect time Two mechanisms are
available an access list-based restriction scheme and an encrypted authentication mechanism
Our implementation of NTP does not support stratum service in other words it is not possible to
connect radio or atomic clock to this router It is recommended that time service for your network
be derived from the public NTP servers available in the IF Internet If the network is isolated from
the Internet our implementation of NTP allows machine to be configured so that it acts as though
it is synchronized via NTP when in fact it has determined the time using other means Other
machines will then synchronize to that machine via NTP
5-4 Router Products Configuration Guide Configuration Management
When multiple sources of time VINES Cisco 7000 calendar manual configuration are available
NTP is always considered to be more authoritative NTP time will override the time set by any other method
number of manufacturers include NTP software for their host systems and publicly available
version for systems running UNIX and its various derivatives is also available This software allows
host systems to be time-synchronized as well
VINES lime Service
Time is available when VINES is This is service also Banyan configured protocol standard part of
allows the time service VINES Our implementation VINES to be used in two ways First if the time system has learned the from some other source it can act as VINES time server and provide
time to other machines running VINES It also can use the VINES time service to set the system
clock if no other form of time service is available
Cisco 7000 Calendar
The Cisco 7000 contains battery-powered calendar system that tracks the date and time across
system restarts and power outages This calendar system is always used to initialize the system clock
when the system is restarted It can also be considered to be an authoritative source of time and be
redistributed via NTP or VINES time service if no other source is available Furthermore if NTP is
running the Cisco 7000 calendar can be periodically updated from NTP compensating for the
inherent drift in the calendar time
Configure NIP
NTP services are enabled on all interfaces by default There are number of optional subtasks you could perform
Configure NTP authentication
Configure NTP associations
Configure NTP broadcast service
Configure NTP access restrictions
Configure the source IP address for NTP packets
Configure the system as an authoritative NTP server
Configure NTP to update the Cisco 7000 calendar
Configure NIP Authentication
If you want to authenticate the associations with other systems for security purposes perform the
tasks that follow The first task enables the NTP authentication feature The second task defines each
of the authentication keys Each key has key number type and value Currently the only key
type supported is md5 Third list of trusted authentication keys is defined If key is trusted
then this system will be willing to synchronize to system that uses this key in its NTP packets
Managing the System 5-5 Configuration Management
To configure NTP authentication perform the following tasks in global configuration mode
Task Command
Step Enable the NTP authentication feature ntp authenticate
Step Define the authentication keys ntp authentication-key number md5 value
Step Define trusted authentication keys ntp trusted-key number
Configure NIP Associations
If you want to form an NTP association with another system perform the task in global configuration mode
Task Command
Form an NTP association with ntp peer ip address numnberl keyid interface another system or
ntp server ip address numberl keyid interface
either The association can be peer association meaning that this system is willing to synchronize be association to the other system or to allow the other system to synchronize to it or it can server other meaning that this system will only synchronize to the other system and not the way around
Note that only one end of an association needs to be configured the other system will automatically
establish the association
See an example of the ntp server command at the end of this chapter
Configure NIP Broadcast Service
The system can either send broadcast packets or listen to them on an interface-by-interface basis
The estimated round-trip delay for broadcast packets can also be configured Perform one or more
of these tasks in global configuration mode if you want to use NTPs broadcast feature
Task Command
Send NTP broadcast packets ntp broadcast number nn
Receive NTP broadcast packets ntp broadcast client
Adjust estimated delay ntp broadcastdelay delay
See an example of the ntp broadcast command at the end of this chapter
5-6 Router Products Configuration Guide Configuration Management
Configure NIP Access Restrictions
You can control NTP access on two levels by completing the following tasks
Create an access group and assign basic IP access list to it
Disable NTP services on specific interfaces
Create an Access Group and Assign Basic IP Access List to It
To control access to NTP services you can create an NTP access group and apply basic IP access
list to it To do so perform the following task in global configuration mode
Task Command
Create an access group and apply basic IP ntp access-group lquery-only serve-only serve peer number
access list to it
The access group options are scanned in the following order from least restrictive to most restrictive
Peer
Allows time requests and NTP control queries and allows the system to synchronize itself to
system whose address passes the access list criteria
Serve
Allows time requests and NTP control queries but does not allow the system to synchronize
itself to system whose address passes the access list criteria
Serve-only
Allows only time requests from system whose address passes the access list criteria
Query-only
Allows only NTP control queries from system whose address passes the access list criteria
If the source IP address matches the access lists for more than one access type the first type is
granted If no access groups are specified all access types are granted to all systems If any access
the will be groups are specified oPly specified access types granted
For details on NTP control queries see RFC 1305 NTP version
Disable NIP Services on Specific Interface
NTP services are enabled on all interfaces by default You can disable NTP packets from being
received through an interface by performing the following task in interface configuration mode
Task Command
Disable NTP services on specific interface ntp disable
Managing the System 5-1 Configuration Management
Configure the Source IP Address for NIP Packets
When the system sends an NTP packet the source IP address is normally set to the address of the
interface through which the NTP packet is sent Perform the following task in global configuration
interface from which the IP address will be taken mode if you want to configure specific source
Task Command
Configure an interface from which the IP source address will be taken ntp source interface
This interface will be used for the source address for all packets sent to all destinations If source
address is to be used for specific association use the source parameter on the ntp peer or ntp
server command shown earlier in this chapter
Configure the System as an Authoritative NIP Server
be Perform the following task in global configuration mode if you want the system to an
authoritative NTP server even if the system is not synchronized to an outside time source
Task Command
Make the system an authoritative NTP server ntp master
See an example of the ntp master command at the end of this chapter
Caution Use this command with extreme caution It is very easy to override valid time sources
using this command especially if low stratum number is configured Configuring multiple
machines in the same network with the ntp master command can cause instability in timekeeping
if the machines do not agree on the time
See an example of the ntp master command at the end of this chapter
Configure NTP to Update the Cisco 7000 Calendar
Perform the following task in global configuration mode if thesystem is synchronized to an outside
time source via NTP and you want the Cisco 7000 calendar to be periodically synchronized to NTP time
Task Command
Configure NTP to update the Cisco 7000 calendar ntp update-calendar
See an example of the ntp update-calendar command at the end of this chapter
5-8 Router Products Configuration Guide Configuration Management
Configure VNES Time Service
Perform the following task in global configuration mode if you want to distribute the system clock
to other VINES systems
Task Command
VINES vines time Distribute the system clock to other systems use-system
To receive VINES time service to control the system clock perform the following task in global
configuration mode
Task Command
Receive VINES time service vines time set-system
Command The two preceding commands are described in Chapter 13 of the Router Products
Reference publication
Configure Time and Date Manuafly
If no other source of time is available you can manually configure the current time and date after
is restarted The time will remain accurate until the next restart recommend the system system We
that you use manual configuration only as last resort
To set up time services complete the following tasks If you have an outside source to which the router can synchronize you do not need to manually set the system clock
Configure the time zone
Configure summer time daylight savings time if applicable
Set the system clock if no other time source is available
Set the calendar on Cisco 7000
Configure the Time Zone
Complete the following task in global configuration mode to manually configure the time zone used by the router
Task Command
Set the router time zone clock timezone name hours
See an example of the clock timezone command at the end of this chapter
Managing the System 5-9 Configuration Management
Configure Summer Time
To configure summer time daylight savings time in areas where it starts and ends on particular
day of the week each year use the following form of the command in global configuration mode
Task Command
Configure summer time clock summer-time name recurring day month hh.nm weeknumber day nonth hhmm
If summer time in your area does not follow this pattern you can configure the exact date and time
of the next summer time events using one of the following commands in global configuration mode
Task Command
Configure summer time clock summer-time name date month day year hhmm month day year hhnm
or
clock summer-time name date day month year hhmm day month year hhmm
See an example of the clock summer-time command at the end of this chapter
Set the System Clock
If you have an outside source on the network that provides time services such as an NTP server or
VINES time service you do not need to manually set the system clock
However if you have do not have any time service source complete the following task in EXEC
mode to set the system clock
Task Command
Set the system clock clock set hhmm.ss day month year
or
clock set hh.mmss month day year
Set the Cisco 1000 Calendar
In addition to system clock the Cisco 7000 hardware provides system calendar that can set the
system time and control the system clock as well as enable the Cisco 7000 to act as time service
for the network
You can complete the following tasks to enable the Cisco 7000 calendar capabilities
Set the system calendar
Set the Cisco 7000 as network time source
Set the system clock from the calendar
Set the calendar from the system clock
5-10 Router Products Configuration Guide Configuration Management
Set the System Calendar
clock It continues to when The Cisco 7000 calendar maintains time separately from the system run
is turned off it will need to be set the system is restarted or power Typically only manually once
installed If time is available from an external source the calendar when the system is first using NTP clock instead can be updated from the system
the task in EXEC mode to set the If you do not have an external time source complete following calendar system
Task Command
Set the Cisco 7000 calendar calendar set hhnn.ss day month year
or
calendar set hhmmss month day year
Set theCisco 7000 as Network Time Source
initialized from the Cisco 7000 calendar when the is Although the system clock is always system
considered be authoritative and so will not be redistributed with NTP restarted by default it is not to
or VINES Time Service To make the Cisco 7000 calendar be authoritative complete this task
Task Command
Enable the Cisco 7000 to act as valid time source to clock calendar-valid
which network peers can synchronize
end of this See an example of the clock calendar-valid command at the chapter
Set the System Clock from the Cisco 7000 Calendar
task in You can set the system clock to the new calendar setting by completing the following global
configuration mode
Task Command
Set the system clock from the calendar clock read-calendar
Set the Cisco 7000 Calendar from the System Clock
the task in EXEC You can update the calendar with the new clock setting by performing following mode
Task Command
Set the calendar from the system clock clock update-calendar
Managing the System 5-11 Configuration Management
Mon itor Time Services
You can monitor clock calendar and NTP EXEC services by completing the following tasks in EXEC mode
Task Command
Display the current 7000 calendar time show calendar
Display the current system clock time show clock
List NTP statistics show ntp associations
or
show ntp status
Configure Simple Network Management Protocol SNMP Support
The Simple Network Management Protocol SNMP provides way for network management client
and server applications to communicate It does this by providing message format for sending
information between an SNMP manager and an SNMP agent
The SNMP agent contains Management Information Base MIB variables that the SNMP manager
can or The also send request change SNMP agent can traps or messages alerting the SNMP
manager to condition on the network Traps can indicate improper user authentication restarts link
status up or down closing of TCP connection or loss of connection to neighbor router
Our implementation of SNMP supports all MIB II variables as described in RFC 1213 and SNMP
described in RFC Cisco also traps as 1215 supports the definition of management information described in RFCs and 1155 1157 1213 and supports some or all variables in the MIBs described
in the following RFCs 1156 1212 1231 1285 1286 1315 1381 and 1382
Cisco also its provides own MIB with every system With the current software release the Cisco MIB chassis provides new MIB variable that enables the SNMP manager to gather data on system
card descriptions serial numbers hardware and software revision levels and slot locations
See the Cisco Management Information Base MIB User Quick Reference for detailed description of each Cisco MIB variable and SNMP trap
You can perform the following tasks to configure SNMP support on the router
Enable SNMP and define access control
Define SNMP trap operations
Define the maximum SNMP packet size
Enable the SNMP server shutdown mechanism
Establish the contact location and serial number for the SNMP server
Disable the SNMP server
Monitor SNMP status
These tasks are described in the following sections
5-12 Router Products Configuration Guide Configuration Management
Enable SNMP and Define Access Control
You can enable SNMP server operation and specify which hosts can send requests to the router by
performing the following tasks in global configuration mode
Task Command
the SNMP and define the Step Enable server snmp-server community RW1 community accessstring
Step Specify the access list that determines snmp-server access-list list
which hosts can send requests to the
network server
Define SNMP Trap Operations
The SNMP trap operations allow system administrator to configure the router to send information
to network management application when particular event occurs You can specify the following
features for SNMP server trap operations
Source interface
Recipient
Trap operation authentication
Retransmission interval
Message packet queue length for each trap host
Perform these tasks in global configuration mode as needed to define traps for your system
configuration
Task Command
Specify the source interface and hence IP snmp-server trap-source Intel face
address of the trap message
Specify the recipient of the trap message snmp-server host address conununity-string
Establish trap message authentication snmp-server trap-authentication
often to Define how resend trap messages on snmp-server trap-timeout seconds
the retransmission queue
Establish the message queue length for each snmp-server queue-length length
trap host
Define the Maximum SNMP Packet Size
You can set the maximum packet size permitted when the SNMP server is receiving request or
generating reply To do so perform the following task in global configuration mode
Task Command
Establish the maximum packet size snmp-server packetsize bytes
Managing the System 5-13 Configuration Management
Enable the SNMP Server Shutdown Mechanism
Using SNMP packets network management tool can send messages to users on virtual terminals
and the console This facility operates in similar fashion to the EXEC send command however
the SNMP request that causes the message to be issued to the users also specifies the action to be
taken after the message is delivered One possible action is shutdown request Because the ability
to cause reload from the network is powerful feature it is protected by this global configuration command
Task Command
Use this SNMP message reload feature and snmp-server system-shutdown
request system shutdown message
To understand how to use this feature with SNMP requests read the document mib.txt available by
anonymous ftp from ftp.cisco.com See the beginning of this chapter for more information
Establish the Contact Location and Serial Number of the SNMP Server
You can set the system contact location and serial number of the SNMP server so that these
descriptions can be accessed via the configuration file To do so perform the following tasks in
global configuration mode
Task Command
Set the system contact string snmp-server contact text
Set the system location string snmp-server location text
Set the system serial number snmp-server chassis-id text
Disable the SNMP Server
Once the SNMP server has been enabled with the sump-server community command you can
specifically disable it by performing the following task in global configuration mode
Task Command
Disable SNMP server operation no snmp-server
Monitor SNMP Status
To monitor SNMP input and output statistics including number of illegal community string entries
errors requested variables and so on complete the following task in EXEC mode
Task Command
Monitor SNMP status show snmp
5-14 Router Products Configuration Guide Security Management
Secur�ty Management
To set features need to sensitive up security you identify information find the network access points
to that information secure these access points and maintain the secure access points
This section describes the following optional tasks used to control access to the system
Establish password protection
Disable password protection
Recover lost password
Create access lists
Establish Terminal Access Controller Access Control System TACACS protection schemes
Establish usemame authentication
Enable Challenge Handshake Authentication Protocol CHAP
Other in this information chapters guide provide on protocol-specific security features Chapter information on an additional authentication provides CHAP feature Another example is the IP
feature described in Security Option IPSO Chapter 15 Finally see the separate protocol chapters for information about how to create access lists
Establish Password Protection
Complete the following tasks to establish password protection
Protect access to terminals on individual lines
Protect access to privileged EXEC commands and thus to the system configuration file
Encrypt passwords so that they cannot be read in the configuration file with the
show configuration EXEC command or with protocol analyzer
Protect Access to Terminal Lines
You control terminal line can provide access on by entering the password and establishing
password checking To do so perform the following tasks in line configuration mode
Task Command
Step Assign password to terminal or other device on line password text
Step Enable password checking login
The password checker is case sensitive The password Secret is different than the password secret
for example and the password two words is an acceptable password
For complete description of the password command see Chapter of the Router Products
Command Reference publication
Managing the System 5-15 Security Management
Protect Access to Privileged EXEC Commands
You can control access to the system by setting password that must be entered to gain access to the
privileged-level prompt and therefore to the system configuration Perform the following task in
global configuration mode
Task Command
Establish password for the privileged command level enable password password
Encrypt the Passwords
You can increase access security to your router by configuring it to encrypt passwords because
protocol analyzers can examine packets Encryption prevents the password from being visible in the
configuration file
Configure the router to encrypt passwords by performing the following task in global configuration mode
Task Command
Encrypt password service password-encryption
It is not possible to recover lost encrypted password
Disable Password Protection
You can disable line password verification by disabling password checking To do so perform the
following task in line configuration mode
Task Command
Disable password checking or allow access to line without password verification no login
Recover Lost Password
if If your server has the nonvolatile memory option you can accidentally lock yourself out you
enable password checking on the console terminal line and then forget the line password To recover
lost password force the server into factory diagnostic mode and then follow these steps
Step You will be asked if you want to set the manufacturers addresses Respond by typing Yes You will then see the following prompt
TEST-SYSTEM
Step Type the enable command to get the privileged prompt
TEST-SYSTEM enable
Step Type the show configuration command to review the system configuration and find the
password Do not change anything in the factory diagnostic mode
TEST-SYSTEM show configuration
Step To resume normal operation restart the server and/or reset the configuration register
Step Log into the server with the password that was shown in the configuration file
5-16 Router Products Configuration Guide Security Management
Note All debugging capabilities are turned on during diagnostic mode
See the hardware installation and maintenance for for publication your product specific information
about configuring the processor configuration register for factory diagnostic mode Table 5-1
summarizes the hardware or software settings required by the various products to set factory
diagnostic mode
Table 5-1 Factory Diagnostic Mode Settings for the Configuration Register
Platform Setting
Modular products Set jumper in bit 15 of the processor configuration register then
restart remove jumper when finished
Older IGS Set jumper in bit of the processor configuration register then
restart remove jumper when finished
Later IGS Cisco 3000 Cisco 4000 Use the config register command to set the processor
configuration register to 0x8000 then initialize and boot the
system Use the reload command to restart and set the processor
configuration register to 0x2 102 when finished
Create Access Lists
This section summarizes the for lists The protocols access general guidelines for access lists vary
from protocol to protocol See the appropriate chapter in this guide for detailed task information on
each protocol-specific access list To control SNMP access see Enable SNMP and Define Access
Control earlier in this chapter Also refer to the appropriate protocol-specific chapters of the Router
Products Command Reference publication
Table 5-2 provides the protocols that have access lists specified by names
Table 5-2 Protocols that have Access Lists Specified by Names
Protocol
Apollo Domain
ISO CLNS
Source-Route Bridging NetBIOS
NetBIOS IPX
Managing the System 5-17 Security Management
Table 5-3 provides the protocols that have access lists specified by numbers and provides the
corresponding numerical ranges
Table 5-3 Protocols that have Access Lists Specified by Numbers
Protocol Range
IP 199
Extended IP 100199
Transparent Bridging protocol type 200299
Transparent Bridging vendor code 700799
11001 199 Extended Transparent Bridging
DECnet and Extended DECnet 300399
XNS 400-499
Extended XNS 500599
AppleTalk 600699
Source-Route Bridging protocol type 200299
Source-Route Bridging vendor code 700799
IPX 800899
Extended IPX 900999
IPX SAP 10001099
Standard VINES 1100
Extended VINES 10 1200
Simple VINES 20 1300
Estabhsh Termna Access Contro
You can configure the router to use special TCP/IP protocol called Terminal Access Controller
Access Control System TACACS TACACS provides an additional level of control over servers TACACS control running on timesharing system The Defense Data Network DDN developed to
access to its TAC servers Cisco patterned its TACACS support after the DDN application
The TACACS security program allows you to set these features
Set TACACS password protection and login authentication at both the user and privileged EXEC
levels with last resort and optional password options
Set separate TACACS server host names with custom retransmit and timeout intervals
Establish limit on login attempts
Enable an extended TACACS mode that supports system accounting and logging applications
The following sections describe these tasks
Note If you require additional protection using TCP/IP access lists see Chapter 16 for more information
5-18 Router Products Configuration Guide Security Management
You can establish TACACS password protection on both user and privileged levels of the system
EXEC The following features are available with TACACS login and password protection feature
Set TACACS user ID and password checking at the user level
Disable checking at the user level and guarantee last resort login
Set optional password verification
Set TACACS user ID and password checking at the privileged level
Disable checking at the privileged level and guarantee last resort login
Set notification messages when the user makes connection accesses the privileged EXEC level
or logs out
Set authentication when the user makes connection or accesses the privileged EXEC level
Set TACACS Password Protection at the User Level
You can enable password checking at login by performing the following task in line configuration mode
Task Command
Set the TACACS-style user ID and password- login tacacs
checking mechanism
Disable Password Checking at the User Level
If TACACS server does not respond to login request the router will deny the request by default
However you can prevent that login failure in one of two ways You can allow user to access privileged EXEC mode if that user enters the password set by the enable command To do so
specify tacacs-server last-resort password
Alternatively you can ensure successful login by configuring tacacs-server last-resort succeed
In this case the user can access the privileged EXEC mode without further question
To specify one of these features perform the following task in global configuration mode
Task Command
Set last resort options for logins tacacs-server last-resort password succeed
Set Optional Password Verification
You can specify that the first TACACS request to TACACS server is made without password
verification To do so perform the following task in global configuration mode
Task Command
Set TACACS password as optional tacacs-server optional-passwords
Managing the System 5-19 Security Management
When the user types in the login name the login request is transmitted with the name and zero-
length password If accepted the login procedure completes If the TACACS server refuses this
when the request the terminal server prompts for password and tries again user supplies
password The TACACS server must support authentication for users without passwords to make
use of this feature This feature supports all TACACS requests such as login SLIP and enable
Set TACACS Password Protection at the Privileged Level
You can set the TACACS protocol to determine whether user can access the privileged EXEC
level To do so perform the following task in global configuration mode
Task Command
Set the TACACS-style user ID and password-checking enable use-tacacs
mechanism at the privileged command level
When you use this command the EXEC enable command will ask for both new user name and
password This information is then passed to the TACACS server for authentication If you are using
identification code to the the extended TACACS it will also pass.any existing UNIX user server
Caution If you use the enable use-tacacs command you must also specify tacacs-server authenticate enable or else you will be locked out of the router
Note When used without extended TACACS this command allows anyone with valid user name
This is and password to access the privileged command level creating potential security problem
is from because the TACACS query resulting from entering the enable command indistinguishable
an attempt to log in without extended TACACS
Disable Password Checking at the Privileged Level
You can specify what happens if the TACACS servers used by the enable command do not respond
To invoke this last resort login feature perform the following task in global configuration mode
Task Command
Set last resort options for logins at the privileged prompt enable last-resort password succeed
The default action is that the enable command fails By specifying enable last-resort password
you are allowed to enable by entering the privileged command level password Alternatively by
specifying enable last-resort succeed you are allowed to enable without further question
5-20 Router Products Configuration Guide Security Management
Set Notification of User Actions
when either makes TCP You can cause message to be transmitted to the TACACS server user task in connection enters the enable command or logs out To do so perform the following global
configuration mode
Task Command
enable Set server notification of user actions tacacs-server notify connect logout
minutes The The retransmission of the message is performed by background process for up to five
to the terminal terminal user however receives an immediate response allowing access
Set Authentication of User Actions
tries make TCP connection or enters the enable command the You can specify that if user to network communication server whether the user router requires response from the or indicating
authentication of either one action or the other To do so can perform the action You can specify mode perform the following task in global configuration
Task Command
Set server authentication of user actions tacacs-server authenticate connect enable
Establish the TACACS Server Host and Response Times
IP host hosts TACACS server The software You can specify the names of the or maintaining
useful for list of searches for the hosts in the order specified so this feature can be setting up
preferred servers
software searches the list of TACACS servers You can also modify the number of times the system
waits for the default of seconds from the default of two times and the interval it reply from
for Perform the following tasks in global configuration mode as needed your system configuration
Task Command
tacacs-server host name Specify TACACS host
of times the server will search the list of tacacs-server retransmit retries Specify the number TACACS server hosts before giving up
Set the interval the server waits for TACACS server host tacacs-server timeout seconds
to reply
Managing the System 5-21 Security Management
Set Limits on Login Attempts
You can set controls on the number of login attempts that can be made on line set up for TACACS
by performing the following task in global configuration mode
Task Command
Control the number of login attempts that can be tacacsserver attempts count
made on line set for TACACS verification
Enable the Extended TACACS Mode
Extended TACACS mode provides information about the terminal requests to help set up UNIX
auditing trails and accounting files for tracking use of protocol translators communication servers
and routers The information includes responses from these network devices and validation of user
requests
An unsupported extended TACACS server is available from Cisco Systems using ftp for UNIX
users who want to create the auditing programs see the README file in the ftp.cisco.com
directory
Extended TACACS differs from standard TACACS in that standard TACACS provides only
username and password information
To enable extended TACACS mode perform the following task in global configuration mode
Task Command
Enable an extended TACACS mode tacacs-server extended
Establish Username Authentication
You can create username-based authentication system which is useful for the following reasons
provide TACACS-like username and encrypted password authentication system for those
networks that cannot support TACACS
To provide special case logins for example access list verification no password verification
autocommand execution at login and no escape situation
Perform the following tasks in global configuration mode as needed for your system configuration
Task Command
Establish username authentication with username name password password encryptiontype
encrypted passwords passwordl
or
by access list username name numbed
Specify command to automatically username name autocommand commandl execute
Set no escape login environment username name
The keyword noescape prevents users from using escape characters on the hosts to which they are connected
5-22 Router Products Configuration Guide Fault Management
Enable Challenge Handshake Authentication Protocol CHAP
Access control using Challenge Handshake Authentication Protocol CHAP is available on all
serial interfaces The authentication feature reduces the risk of security violations on your router
Note CHAP is supported only on lines that use PPP encapsulation
When CHAP is enabled remote device PC workstation router or communication server The attempting to connect to the local router is requested or challenged to respond challenge
consists of random number and the host name of the local router This challenge is transmitted to version of the remote device The required response is an encrypted secret password or secret the host plus the host name of the remote device The remote device verifies the secret by looking up
name that was received in the challenge When the local router receives the challenge response it The verifies the secret by looking up the name of the remote device given in the response secret
passwords must be identical on the remote device and the local router
is thus other devices from By transmitting this response the secret never transmitted preventing the Without the the remote device stealing it and gaining illegal access to system proper response
cannot connect to the local router
established local router does not CHAP transactions occur only when link is The request
to such from password during the rest of the call The local router can however respond requests
other devices during call
mode To use CHAP perform the following task in interface configuration
Task Command
Enable CHAP on the interface ppp authentication chap
Control CHAP is specified in RFC 1334 It is an additional authentication phase of the PPP Link
Protocol
Once you have enabled CHAP the local router requires password from remote devices If the
that device remote device does not support CHAP no traffic is passed to
Fault Management
To perform general fault management complete the following tasks
Display system information
Test network connectivity
Limit TCP transactions
Trace packet routes
Test interfaces and memory
Log system error messages
Enable debug operations
Managing the System 5-23 Fault Management
Most chapters in this guide include fault management tasks in monitoring and maintaining section
For example Chapter provides section on interface loopback testing Another example is the
information on Internet Control Messages Protocol ICMP support described in Chapter 15
Display System Information
To provide information about system processes the software includes an extensive list of EXEC
commands that begin with the word show which when executed display detailed tables of system
information Following is list of the more common system management show commands Perform
these tasks in EXEC mode to display the information described
Task Command
environment On the AGS display temperature and voltage information show
On the 7000 display message indicating whether an
environmental warning condition currently exists
Display the temperature and voltage information on the console show environment all
for the Cisco 7000 only
Display the last measured value from each of the six test points show environment last
stored in nonvolatile memory
Display environmental specifications for the Cisco 7000 only show environment table
Display information about atl active processes show processes
Display the configured protocols show protocols
Look for specific show commands in the tables of configuration tasks found throughout the chapters
in this guide See the Router Products Command Reference publication for detailed descriptions of
the commands
The following sections describe th EXEC commands you can use to monitor and troubleshoot the
voltage and temperature of your system environment
Receiving Automatic Warning Messages
On the Cisco 7000 only the environmental monitor is built into the route processor RP If exceeds the console The measurement acceptable margins warning message is printed to system software the RP but for system queries for measurements once every 60 seconds warnings given of test point are printed at most once every four hours If the temperature measurements are out
specification more than the shutdown margin the software will shut the router down but the fan will
the stay on The router has to be manually turned off and on after such shutdown You can query
RP is using the show environment command at any time to determine whether measurement out of tolerance
Refer to the System Error Messages publication for description of environmental monitor warning
messages
5-24 Router Products Configuration Guide Fault Management
Receiving the Automatic Shutdown Message
If the RP detects that any of its temperature test points have exceeded maximum margins it performs
the following steps in this order
Step Saves the last measured values from each of the six test points to internal nonvolatile memory
Step Interrupts the system software and causes shutdown message to be printed on the system console
Step Shuts off the power supplies after few milliseconds of delay
Example
The following is the message the system displays if temperatures exceed maximum margins along
with message indicating the reason for the shutdown
Rout er4 %ENVM-l-SHUTDOWN Environmental Monitor initiated shutdown
%ENVM2--TEMP Inlet temperature has reached SHUTDOWN level at 64C
Refer the hardware installation and maintenance for for information to publication your router more
about environmental specifications
Test Network Connectivity
Complete the following tasks to test basic network connectivity
Set up TCP keepalive packet service
Test connections with the ping command
Trace packet routes
Set up TCP Keepalive Packet Service
The TCP keepalive capability allows router to detect when the host with which it is communicating
experiences system failure even if data stops being transmitted in either direction This is most
useful on incoming connections For example if host failure occurs while talking to printer the
since the does traffic in the direction If router may never notice printer not generate any opposite
minute otherwise idle connections If five keepalives are enabled they are sent once every on
minutes and the connection is closed The connection will also be pass no keepalives are detected
closed if the host replies to keepalive packet with reset packet This will happen if the host crashes
and comes back up again
To set up the TCP keepalive packet service perform the following task in global configuration mode
Task Command
Generate TCP keepalive packets on idle network service tcp-keepalives in out
connections either incoming connections initiated by
remote host or outgoing connections initiated by user
Managing the System 5-25 Fault Management
Test Connections with the Ping Command
As aid basic network an to diagnosing connectivity many network protocols support an echo
protocol The protocol involves sending special datagram to the destination host then waiting for
reply datagram from that host Results from this echo protocol can help in evaluating the path-to-
host reliability delays over the path and whether the host can be reached or is functioning
To use the echo protocol perform the following task in either user EXEC or privileged EXEC mode
Task Command
Invoke diagnostic tool for testing connectivity ping liost address
Look for specific ping commands in the tables of configuration tasks found throughout the chapters
in this guide See the Router Products Command Reference publication for detailed descriptions of
the command
Trace Packet Routes
You can discover the routes that packets will actually take when traveling to their destinations To
do so perform one of the following tasks in EXEC mode
Trace packet routes through the network privileged level trace
Trace packet routes through the network user level trace
Limit TCP Transactions
When using standard TCP implementation to send keystrokes between machines TCP tends to
send one packet for each keystroke typed On larger networks many small packets use up bandwidth
and contribute to congestion
John Nagles algorithm RFC-896 helps alleviate the small-packet problem in TCP In general it
works this way The first character typed after connection establishment is sent in single packet
but TCP holds any additional characters typed until the receiver acknowledges the previous packet
Then the second larger packet is sent and additional typed characters are saved until the
back The effect is acknowledgement comes to accumulate characters into larger chunks and pace
them out to the network at rate matching the round-trip time of the given connection This method
is usually good for all TCP-based traffic However do not use the service nagle command if you have XRemote users on Window sessions
By default the Nagle algorithm is not enabled To invoke the Nagle algorithm and thereby reduce
TCP transactions perform the following task in global configuration mode
Task Command
Enable the Nagle slow packet avoidance algorithm service nagle
5-26 Router Products Configuration Guide Fault Management
Test Memory and nterfaces
You can test the status of the following items
Flash memory
System memory
Interfaces
Note We do not recommend using these commands they are intended to aid manufacturing
personnel in checking system functionality
Test Flash
To test the status of Flash memory perform the following task in privileged EXEC mode
Task Command
Test Flash memory on MCI and envm Flash EPROM interfaces test flash
Test System Memory
To test the status of system memory perform the following task in privileged EXEC mode
Task Command
Multibus nonvolatile Diagnose memory including memory test memory
Test Interfaces
To test the status of the interfaces perform the following task in privileged EXEC mode
Task Command
Check network interfaces This test is not intended for test interfaces
diagnosing problems with an operational server
Log System Error Messages
By default the network servers send the output from the EXEC command debug and system error messages to the console terminal You can redirect these messages as well as output from
asynchronous events such as interface transition to other destinations These destinations include
virtual terminals internal buffers and UNIX hosts running syslog server the syslog format is
compatible with 4.3 BSD UNIX
Additionally you can set the severity level of the messages to control the type of messages
displayed You can also have log messages timestamped to enhance real-time debugging and management
Managing the System 5-21 Fault Management
With the current software release there are three new syslog messages at LOG_NOTICE syslog resolution An level that make it easier to check the status of how the system provides address
example follows
%LINK5--BOOTP Etherneto address 131.108.160.24 resolved by 131.108.1.111 %LINK5--RARP EthernetO address 131.108.160.24 resolved by 131.108.1.111 %LINK5-SLARP EthernetO address 131.108.160.24 resolved by 131.108.1.111
There are also new startup messages that help you identify NVRAM problems
Warning NVRAM device not found Warning NVRAM invalid possibly due to write erase
The following level LOG_WARNING message has been added for FDDI status information
%FDDISTAT-4-STATUS FDDI state indication detected on interface variable
The possible values for indication are listed in the next paragraph The variable will be replaced with
something like fddiO for example
Changes in status reflect interface connectivity or cabling problems or fixes The possible status
reports include the following indications
isolated
wrap wrap wrap aB thru thru thru A-B
Log Errors to UNIX Syslog Daemon
To set up the syslog daemon on 4.3 BSD UNIX system include line such as the following in the
file /etc/svslog conf
local7 .debugging /usr/adm/logs/cisco.log
The local7 keyword specifies the logging facility to be used see Table 5-5 for list of other
keywords The debugging keyword specifies the syslog level see Table 5-4 for list of other keywords
The syslog daemon sends messages at this level or more severe level to the file specified in the next
field The file must already exist and the syslog daemon must have permission to write to it
Enable Message Logging
To enable message logging perform the following task in global configuration mode
Task Command
Enable message logging logging on
5-28 Router Products Configuration Guide Fault Management
Set the Error Message Display Device
directed the console To direct other By default error messages are to system messages to devices
perform one of the following tasks in global configuration mode
Task Command
Log messages to an internal buffer logging buffered
Log messages to UNIX syslog server host logging host
Redirect messages to the system console no logging on
The logging buffered command copies logging messages to an internal buffer instead of writing
them to the console terminal The buffer is circular so newer messages overwrite older messages
To display the messages that are logged in the buffer use the show logging EXEC command The
first message displayed is the oldest message in the buffer
The EXEC command terminal monitor locally accomplishes the task of displaying the system error
messages to nonconsole terminal
The logging command identifies syslog server host to receive logging messages The argument
host is the name or Internet address of the host By issuing this command more than once you build
list of syslog servers that receive logging messages The no logging command deletes the syslog
server with the specified address from the list of syslogs
Define the Error Message Severity Level and Facilities
You can limit messages displayed to the seleèted device by specifying the severity level of the error
message To do so perform one of the following tasks in global configuration mode
Task Command
Limit messages logged to the console logging console level
Limit messages logged to the terminal lines logging monitor level
Limit messages logged to the syslog servers logging trap level
terminal The logging console command limits the logging messages displayed on the console to
messages with level number at or below the specified severity level which is specified by the level
argument Table 5-4 lists the error message level keywords and corresponding UNIX syslog
definitions in order from the most severe level to the least severe level
Managing the System 5-29 Fault Management
Table 5-4 Error Message Logging Keywords
Level Keyword Level Description Syslog Definition
emergencies System unusable LOG_EMERG
alerts Immediate action needed LOG ALERT
critical Critical conditions LOG CRIT
errors Error conditions LOG_ERR
warnings Warning conditions LOG_WARNING
notifications Normal but significant condition LOG_NOTICE
informational Informational messages only LOG_INFO
debugging Debugging messages LOG_DEBUG
The no logging console command disables logging to the console terminal
The default is to log messages to the console at the debugging level and those level numbers that
are lower which means all levels The logging monitor command defaults to debugging also The
logging trap command defaults to informational
To display logging messages on terminal use the terminal monitor EXEC command
Current software generates four categories of error messages
Error messages about software or hardware malfunctions displayed at levels warnings through emergencies
Output from the debug commands displayed at the debugging level
Interface up/down transitions and system restart messages displayed at the notifications level
Reload requests and low-process stack messages displayed at the informational level
Define the Syslog Facility
You also can configure the syslog facility in which error messages are sent by performing the
following task in global configuration mode
Task Command
Configure system log facilities logging facility facility-type
5-30 Router Products Configuration Guide Fault Management
Table 5-5 lists the logging facility types and their descriptions
Table 5-5 Logging Facility Types
Facility Type Description
auth Indicates the authorization system
cron Indicates the cron facility
daemon Indicates the system daemon
kern Indicates the Kernel
ocaO7 Reserved for locally defined messages
lpr Indicates line printer system
mail Indicates mail system
news Indicates USENET news
sys9 Indicates system use
syslO Indicates system use
sysil Indicates system use
sysl2 Indicates system use
sysl3 Indicates system use
5514 Indicates system use
syslog Indicates the system log
user Indicates user process
Indicates uucp UNIX-to-UNIX copy system
Refer also to your syslog manual pages
The EXEC command show logging displays the addresses and levels associated with the current
logging setup as well as any other logging statistics To display this information perform the
following task in EXEC mode
Task Command
Display the state of syslog error and show logging
event logging including host addresses
and whether console logging is enabled
Enable limestamps on Log Messages
By default log messages are not timestamped You can enable timestamping of log messages by
performing the following task in global configuration mode
Task Command
Enable log timestamps service timestamps log uptime
or
service timestamps log datetime
Managing the System 5-31 System Performance Management
Enable Debug Operations
Your router includes hardware and software to aid in tracking down problems with the router or with
other hosts on the network The privileged debug EXEC commands start the console display of
several classes of network events The following tasks describe in general the system debug message
feature Refer to the Debug Command Reference publication for all information regarding debug
commands Also refer to the Troubleshooting Internetworking Systems publication
Task Command
Display the state of each debugging option show debugging
list and brief of all the Display description debug command options debug
Begin message logging for the specified debug command debug command
Turn message logging off for the specified debug command no debug command
You can configure timestamping of system debug messages Timestamping enhances real-time
debugging by providing the relative timing of logged events This information is especially useful
when customers send debugging output to your technical support personnel for assistance To enable
timestamping of system debug messages perform the following task in global configuration mode
Task Command
Enable timestamping of system debug messages service timestamps debug uptime
or
service timestamps debug datetime
Emseci
Normally the messages are displayed only on the console terminal See the section Set the Error
Message Display Device earlier in this chapter to change the output device
Note The system gives high priority to debugging output For this reason debugging commands
should be turned on only for troubleshooting specific problems or during troubleshooting sessions
with technical support personnel Excessive debugging output can render the system inoperable
System Performance Management
This section describes how to manage general system performance by completing the following tasks
Configure switching and scheduling priorities
Establish queuing strategies
Modify the system buffer size
Delay EXEC startup
Handle idle Telnet connection
5-32 Router Products Configuration Guide System Performance Management
In addition most chapters in this guide include performance tasks specific to the chapter content
and the Intern etworking Design Guide includes detailed information on performance issues that
arise when designing network
Configure Switching and ScheduUng Priorities
The normal operation of the network server allows the switching operations to use as much of the
central processor as is required If the network is running unusually heavy loads that do not allow
the the time handle the processor to routing protocols you may need to give priority to the system scheduler To do the process so perform following task in global configuration mode
Task Command
Define the maximum amount of time that can elapse schedu1erinterva1 milliseconds
without running the lowest-priority system processes
Establish Queuing Strategies
We provide two types of queuing strategies for prioritizing network traffic
Priority queuing
Custom queuing
You both can configure priority queuing and custom queuing but you can only assign either
priority group or custom queue to an interface
Priority Queuing
Priority output queuing is mechanism that allows the administrator to set priorities on the type of
traffic passing through the network Packets are classified according to various criteria including
protocol and subprotocol type and then queued on one of four output queues high medium normal and low
When the server is ready to transmit packet it scans the priority queues in order from highest to
lowest to find the highest-priority packet After that packet is completely transmitted the server
the If fills will be scans priority queues again priority output queue up packets dropped and for
IP quench indications will be sent to the original transmitter
enable for the intended Although you can priority output queuing any interface application was for
low-bandwidth congested serial interfaces Our priority output queuing mechanism allows traffic
control based on protocol or interface type You can also set the size of the queue and defaults for
what that defined happens to packets are not by priority output queue rules
The mechanism be used priority output queuing can to manage traffic from all networking protocols
Additional fine-tuning is available for IP and for setting boundaries on the packet size
Note Priority queuing introduces extra overhead that is acceptable for slow interfaces but may not
be acceptable for higher-speed interfaces such as Ethernet
Managing the System 5-33 System Performance Management
Note Priority queuing does not operate over X.25
The four priority queueshigh medium normal and loware listed in order from highest to
lowest priority Keepalives sourced by the network server are always assigned to the high-priority
queue all other management traffic such as IGRP updates must be configured Packets that are not
classified by the priority list mechanism are assigned to the normal queue
priority list is set of rules that describes how packets should be assigned to priority queues
priority list might also describe default priority or the queue size lithits of the various priority queues
Custom Queuing
Priority queuing introduces fairness problem in that packets classified to lower-priority queues
may not get serviced in timely manner or at all depending upon the bandwidth used by packets
sent from the higher-priority output queues
With custom output queuing weighted fair queuing strategy is implemented for the processing
of interface output queues You can control the percentage of an interfaces available bandwidth that
is used by particular kind of traffic When custom queuing is enabled on an interface the system
maintains 11 output queues for that interface that can be used to modify queuing behavior
For numbers the queue through 10 system cycles through the queues sequentially delivering
packets in the current queue before moving on to the next Associated with each output queue is which should deliver configurable byte count specifies how many bytes of data the system from the
before it is current queue moves on to the next queue When particular queue being processed
packets are sent until the number of bytes sent exceed the queue byte count or the queue is empty Bandwidth used by particular queue can only be indirectly specified in terms of byte count and queue length
Queue number is system queue it is emptied before any of the queues numbered through 10 ae processed The system enqueues high-priority packets such as keepalive packets to this queue Other traffic cannot be configured to use this queue
Note With custom or priority queueing enabled the system takes longer to switch packets because
the classified the packets are by processor card
Queuing Task List
You both can set up priority queuing and custom queuing on your network but you can assign only
one or the other to an interface
Following is list of the priority-setting tasks that you can choose from depending upon the needs
of your network
Set priority by protocol type
Assign default priority
Set priority by interface type
Specify the maximum packets and bytes in the priority queues
5-34 Router Products Configuration Guide System Peiiormance Management
Assign priority by STUN address
Assign priority list or custom queue to an interface
Monitor the priority and custom queue lists
See the following sections for more information about these tasks
Set Priority by Protocol Type
You establish can queuing priorities based upon the protocol type by using one of the following
commands in global configuration mode All Cisco-supported protocols are allowed
Task Command
Establish queuing priorities based upon priority-list list protocol protocol-name thigh medium normal
the protocol type low queue-keyword keyworq-value
or
queue-list list protocol protocol-name queue-number queue-keyword keyword-value
additional Queue keywords provide options including byte-count TCP service and port number and assignments AppleTalk IP IPX VINES or XNS access list assignments See the priority-list and queue-list command syntax descriptions in Chapter of the Router Products Command
Reference publication
Assign Default Priority
You can for those that did assign queue packets not match any other rule in the list To do so
perform one of the following tasks in global configuration mode
Task Command
Assign priority queue for those packets that priority-list list default high medium normal low
do not match any other rule in the priority
list
number for Assign queue those packets that queue-list list default queue-number do not match any other rule in the custom
queue list
Set Priority by Interface Type
You establish can queuing priorities on packets entering from specific interface by performing one
of the following tasks in global configuration mode
Task Command
Establish queuing priorities on packets priority-list list interface interface-type interface-number
entering from given interface high medium normal low
Establish custom based queuing on packets queue-list list interface interface-type interface-number queue
entering from given interface number
Managing the System 5-35 System Performance Management
Specify the Maximum Packets and Bytes in the Priority Queues
You can specify the maximum number of packets that may be waiting in each of the priority queues
To do so perform one of the following tasks in global configuration mode
Task Command
medium-limit normal- Specify the maximum number of packets that priority-list list queue-limit high-limit
can be waiting in each of the priority queues limit low-limit
or
queuelist list queue queue-number limit limitnumber
Designate the byte size allowed per queue queue-list list queue queue-number byte-count byte-count number
Both limit and byte-count keywords may appear as arguments to the queue-list list queue command
Assign Priority by STUN Address
You can establish queuing priorities based on the address of serial link on STUN connection To
do so perform one of the following tasks in global configuration mode
Task Command
normal address Establish queuing priorities based on the priority-list list stun high medium low
address of the serial link on STUN group-number address-number
connection or
queue-list list stun queue-number address group-number
address-n umber
Assign Priority Group or Custom Queue to an Interface
interface To You can assign priority list number to an interface Only one list can be assigned per
tasks in assign an priority group or custom queue to an interface perform one of the following
interface configuration mode
Task Command
Assign priority list number to the interface priority-group list
Assign custom queue list number to the custom-queue-list list
interface
See Chapter of the Router Products Command Reference for syntax descriptions of the
priority-group and custom-queue-list interface configuration commands
5-36 Router Products Configuration Guide System Performance Management
Monitor the Priority and Custom Queuing Lists
You information about the and can display input output queues when priority queuing is enabled on
an interface To do so perform one of the following tasks in EXEC mode
Task Command
Show the status of the priority queuing lists show queueing priority
Show the status of the custom queuing lists show queueing custom
If you enter the show queueing command without any keywords the router displays status on both
custom and priority queue lists See Chapter of the Router Products Command Reference for the
syntax description on the show queueing command
Modify the System Buffer Size
You can adjust initial buffer pool settings and the limits at which temporary buffers are created and
destroyed To do so perform the following tasks in global configuration mode
Task Command
the buffer sizes buffers middle Adjust system small big large huge
permanent max-free mm-free initial number
Dynamically resize all huge buffers to the value buffers huge size number
that you supply
During normal system operation there are several pools of different sized buffers These pools grow
and shrink based upon demand Some buffers are temporary and are created and destroyed as
needed Other buffers are permanently allocated and cannot be destroyed For examples of the
buffers command see the examples at the end of this chapter
Note It is normally not necessary to adjust these parameters do so only after consulting with
technical suppot personnel Improper settings could adversely impact system performance
To display statistics about the buffer pool on the system perform the following task in EXEC mode
Task Command
List statistics for the buffer poois The server show buffers
has one pool of queuing elements and five
pools of packet buffers of different sizes For
each pool the server keeps count of the number
of buffers outstanding the number of buffers in
the free list and the maximum number of
buffers allowed in the free list
Managing the System 5-31 Accounting Management
Delay EXEC Startup
lines until the line has been idle for seconds To You can delay the startup of the EXEC on noisy mode do so perform the following task in global configuration
Task Command
exec-wait Delay startup of the EXEC service
This command is useful on noisy modem lines or when modem attached to the line is configured
in In these to ignore MNP or V.42 negotiations and MNP or V.42 modems may be dialing cases
noise or MNPIV.42 packets might be interpreted as usernames and passwords causing
is useful authentication failure before the user can type username/password The command not on
non-modem lines or lines without some kind of login configured
Handle dle Telnet Connection
You can configure the router to set the TCP window to zero when the Telnet connection is idle
To do so perform the following task in global configuration mode
Task Command
Set the TCP window to when the Telnet connection is idle service telnet-zero-idle
and discarded service Normally data sent to non-current Telnet connections is accepted When
telnet-zero-idle is enabled if session is suspended that is some other connection is made active This action the or the EXIEC is sitting in command mode the TCP window is set to zero prevents
resumed Use this command when remote host from sending any more data until the connection is
and the to it is important that all messages sent by the host be seen by the users users are likely use time and out TCP multiple sessions Do not use this command if your host will eventually out log
user whose window is zero
Accounting Management
Accounting management allows you to track individual and group usage of network resources You
can then reallocate resources as needed
Additional tasks for measuring system resources are covered in other chapters for example IP
accounting tasks are described in Chapter 15
Display Stack Utilization
the for the last You can display stack utilization of processes and interrupt routines including reason To stack system reboot This feature is useful for analyzing system crashes display utilization
perform the following task in EXEC mode
Task Command
Display stack utilization of processes and interrupt routines show stacks
5-38 Router Products Configuration Guide System Management Examples
Display Memory Utilization
To display memory usage information perform the following tasks in EXEC mode
Task Command
Display memory pool statistics including summary information show memory about the activities of the system memory allocator and block-
of by-block listing memory use
Display information about memory utilization show processes memory
System Management Examples
The following is list of the examples in this section
System configuration file example page 5-40
Clock calendar and NTP examples page 5-40
Examples of modifying buffers page 5-4
Username example page 5-41
Managing the System 5-39 System Management Examples
System Configuration File Example
The following is an example of typical system configuration file
Define line password line password secret login
Define privileged-level password enable-password Secret Word
Define system hostname hostname TIP Define host filenames boot host hostl-confg 131.108.1.111 boot host host2-confg 131.108.1.111 Define system filenames boot system syslsystem 131.108.13.111
boot system sys2system 131.108.1.111
Enable SNMP
snmp-server community snmp-server trap-authentication snmp-server host 131.108.1.27 public snmp-server host 131108.1.111 public snmp-server host 131.108.2.63 public
Define TACACS server hosts tacacs-server host 131.108.1.27 tacacsserver host 131.108.13.33 tacacs-server host 131.108.1.33
Define message-of-the-day banner banner motd
The Information Place welcomes you
Please call 1-800-555-2222 for login account or enter your password at the prompt
Clock Calendar and NIP Configuration Examples
In the following example Cisco 7000 has server associations with two other systems transmits
broadcast NTP packets periodically updates the Cisco 7000 calendar and redistributes time into VINES
clock timezone PST -8 clock summertime PDT recurring ntp update-calendar
ntp server 131.108.13.57 ntp server 131.108.11.58 interface Ethernet 0/0 ntp broadcast vines time use-system
5-40 Router Products Configuration Guide System Management Examples
In the following example Cisco 7000 has no outside time source so it uses the calendar as an
authoritative time source and distributes the time via NTP broadcast packets
clock timezone MET clock calendar-valid
flOp master
interface fddi 0/0
ntp broadcast
Exampes of Modifying Buffers
In the following example the system will try to keep at least 50 small buffers free
buffers small mm-free 50
In the following example the system will try to keep no more than 200 medium buffers free
buffers middle max-free 200
In the following example the system will try to create one large temporary extra buffer just after reload
buffers large initial
In the following example the system will try to create one permanent huge buffer
buffers huge permanent
Username ExampUes
The following sample configuration sets up secret passwords on routers and thus enabling
the three routers to connect to each other
To authenticate connections between routers and enter the following commands
On router
username password a-b secret
On router
username password a-b secret
To authenticate connections between routers and enter the following commands
On router
username password a-c_secret
On router
username password a-c_secret
To authenticate connections between routers and enter the following commands
On router
username password b-c secret
On router
username password b-c_secret
Managing the System 5-41 System Management Examples
When you specify an encryption type of to enter an unencrypted password the system displays the
encrypted version of the password For example suppose you enter the following command
username bill password westward
The system would display this command like this
username bill password 21398211
The encrypted version of the password is 21398211 The password was encrypted by the Cisco
defined encryption algorithm as indicated by the
If you were to enter the following command the system would assume that the password is already and would do would encrypted no encryption It display the command exactly as you typed it
username bill password 21398211 username bill password 21398211
5-42 Router Products Configuration Guide EH
Configuring nterfaces
Use the information in this chapter to understand the types of interfaces supported on our routers
Our routers two of interfaces and virtual interfaces support types physical The physical types of
interfaces have On the interface you depend appliques or processors IPs you have The virtual
interfaces our routers support include subinterfaces and IP tunnels
For hardware technical descriptions and information about installing the router interfaces refer to
the hardware installation and maintenance publication for your product For command descriptions
and refer usage information to Chapter of the Router Products Command Reference publication
For conversion table of the modular products and Cisco 7000 processors refer to Appendix of
the Router Products Command Reference publication
nterface Configuration Task List
This section lists the possible tasks you might perform to configure and maintain the interfaces
supported on our routers The first two sections introduce material that you may need to know in advance of the other tasks
Understand supported interfaces and encapsulations page 6-2
Understand fast and autotomous switching support page 6-9
Configure the interface type page 6-10
Add description for an interface page 6-19
Configure subinterfaces page 6-19
Understand tunneling page 6-25
Configure IP tunneling page 6-27
Reenable HDLC serial encapsulation page 6-30
Select the Ethernet encapsulation page 6-30
Configure the Ethernet Network Interface module on the Cisco 4000 page 6-31
Extend the lOBaseT capability on the Cisco 4000 page 6-31
Configure ATM-DXI page 6-3
Convert HSSI to clock master page 6-3
Enable MOP page 6-32
Enable MOP message support page 6-32
Select the Token Ring speed page 6-32
Configuring Interfaces 6-1 Understand Supported Interfaces and Encapsulations
Enable early token release page 6-32
Select the ISDN BRI switch type page 6-33
Define ISDN Service Profile Identifiers SPIDs page 6-33
Define ISDN TEl negotiation page 6-34
Configure FDDI timers and special configurations page 6-34
Configure the Point-to-Point protocol including the Challenge Handshake Authentication
Protocol CHAP Link Quality Monitoring LQM and PPP Magic Number Support page 6-38
Configure dial backup service page 6-40
Set transmit delay synchronous serial interfaces only page 6-42
Configure DTR signal pulsing synchronous serial interfaces only page 6-42
Configure the clock rate on DCE appliques synchronous serial interfaces only page 6-42
Specify the serial Network Interface Module timing page 6-42
Control interface hold queue limits page 6-43
Set bandwidth page 6-43
Set interface delay page 6-44
Limit transmit queue size page 6-44
Adjust maximum packetlMaximum Transmission Unit MTU size page 6-44
Invert TXC clock signal page 6-44
Prevent phase shifting page 6-45
Monitor and maintain the interfaces page 6-45
This chapter describes how to perform these tasks and includes configuration examples at the end of
the chapter
Understand Supported llnterfaces and EncapsuHatons
The following sections describe the interfaces and encapsulations that our routers support
SyDchronous Serial
Support for the synchronous serial interface is supplied on the following serial network interface
cards or systems
The Multiport Communications Interface CSC-MCI single card that provides up to two
high-speed synchronous serini port connectors that support RS-232 V.35 RS-449 and X.21 connections
The Serial Port Communications Interface CSC-SCI single card that provides up to four
high-speed serial ports that support RS-232 V.35 RS-449 and X.21 connections
The high-speed synchronous serial interface on the IGS and Cisco 3000 network servers
6-2 Router Products Configuration Guide Understand Supported Interfaces and Encapsulations
On the Cisco the fast serial interface for four channel- 7000 processor FSIP or eight
independent synchronous serial ports that support full-duplex operation at DS-l 1.544 Mbps Each available and E- 2.048 Mbps speeds port supports any of the interface types RS-232
RS-449 V.35 X.2 and RS-530 and each can be configured individually to operate with either
internal or external timing signals
The MCI and SCI cards can query the appliques to determine their types for use in reports displayed
by the EXEC show commands However they do so only at system startup so the appliques must
be attached when the system is started Use the show interfaces and show controllers mci EXEC
commands to display the serial port numbers These commands provide report for each interface
the router supports
Synchronous Serial Encapsulation Methods
By default synchronous serial lines use the High-level Data Link Control HDLC serial
encapsulation method which provides the synchronous framing and error detection functions of
HDLC without windowing or retransmission The synchronous serial interfaces support the
following serial encapsulation methods
Asynchronous Transfer Mode-Data Exchange Interface ATM-DXI
High-level Data Link Control HDLC
Frame Relay
Point-to-Point Protocol PPP
Synchronous Data Link Control SDLC
Switched Multimegabit Data Services SMDS
Cisco Serial Tunnel STUN
X.25-based encapsulations
methods Encapsulation are set according to the type of protocol or application you configure on your
router ATM-DXI is described later in this chapter in the section Configure ATM-DXI HDLC is
described later in this chapter in the section Reenable HDLC Serial Encapsulation PPP is
described later in this chapter in the section Configure the Point-to-Point Protocol The remaining
methods are described in their respective chapters describing the protocols or applications Serial
encapsulation methods are also discussed in the Router Products Command Reference publication
in Chapter under the encapsulation command
Asynchrouous Serial
All of our router platforms configured with an auxiliary port support the asynchronous serial interface
Asynchronous Serial Encapsulation Methods
There are two asynchronous serial encapsulation methods
SLIP
Asynchronous PPP
See the section Configure PPP or SLIP Encapsulation later in this chapter for more information
about these encapsulation methods
Configuring Interfaces 6-3 Understand Supported Interfaces and Encapsulations
Ethernet
Support for the Ethernet interface is supplied on one of the following Ethernet network interface
cards or systems
The Multiport Communications Interface MCI card in the modular routers which provides one
Ethernet connector compatible with Ethernet Versions and and the IEEE 802.3 protocol
The Multiport Ethernet Controller CSC-MEC interface card in the modular routers which
provides two four or six high-speed Ethernet connectors compatible with Ethernet Versions
and and the IEEE 802.3 protocol
An integrated Ethernet controller on the IGS and Cisco 3000 models
On the Cisco 7000 the high-speed Ethernet Interface Processor EIP for two four or six AUI
ports The EIP ports are in compliance with Ethernet versions and and the IEEE 802.3
specifications
Use the show interfaces show controllers mci and show controllers cbus EXEC commands to
display the Ethernet port numbers These commands provide report for each interface supported
by the router
Ethernet Encapsulation Methods
Currently there are three common Ethernet encapsulation methods
The standard Ethernet Version 2.0 encapsulation which uses 16-bit protocol type code
the frame for the The IEEE 802.3 encapsulation in which the type code becomes length
IEEE 8022 LLC encapsulation destination and source Service Access Points and control
byte
The SNAP method as specified in RFC 1042 which allows Ethernet protocols to run on
IEEE 802.2 media
The encapsulation method you use depends upon the type of Ethernet media connected to the router
and the routing or bridging application you configure Further detail is provided in the sections
Select the Ethernet Encapsulation and Example of Enabling Ethernet Encapsulation later in this
chapter See also the chapters describing specific protocols or applications
Token Ring
Support for the Token Ring interface is supplied on one of our Token Ring network interface cards
The 4/16-Mbps Token Ring cards which interconnect network servers to IEEE 802.5 and
IBM-compatible Token Ring media at speeds of or 16Mbps The 4/16-Mbps cards are the CSC-C2CTRCSC-Rl6 or CSC-R16M CSC-1R and CSC-2R dual Token Ring card
On the Cisco 7000 the high-speed Token Ring Interface Processor TRIP that has four DB-9
ports and interconnects network servers to IEEE 802.5 and IBM-compatible Token Ring media
The Token Ring interface supports both routing Level switching and source-route bridging
Level switching The use of routing and bridging is on per-protocol basis For example IP
traffic could be routed while SNA traffic is bridged The routing support interacts correctly with
source-route bridges
Support for the Token Ring MIB variables is provided as described in RFC 1231 IEEE 802.5 Token Ring MIB by McCloghrie Fox and Decker May 1991 The mandatory
Interface Table and Statistics Table are implemented but the optional Timer Table of the Token
Ring MIB is not The Token Ring MIB has been implemented for the TRIP
6-4 Router Products Configuration Guide Understand Supported Interfaces and Encapsulations
Use the show interfaces show controllers token and show controllers cbus EXEC commands to
display the Token Ring numbers These commands provide report for each ring supported by the
router
Note If the receives an indication of from Token system cabling problem Ring interface it puts
that interface into reset state and does not attempt to restart it It functions this way because
periodic attempts to restart the Token Ring interface have drastic impact on the stability of protocol
routing tables Once you have replugged the cable into the MAU restart the interface by typing the
command clear interface tokenring numbe where number is the interface number
Token Ring Encapsulation Methods
The Token Ring interface by default uses the SNAP encapsulation format defined in RFC 1042 It
is not necessary to define an encapsulation method for this interface
USDN Basic Rate Interface BRI
The Integrated Services Digital Network ISDN Basic Rate Interface BRI is currently supported
only on the Cisco 3000 To place calls on the ISDN interface you must configure it with dial-on-
demand routing DDR For configuration information about ISDN using dial-on-demand routing DDR see Chapter 10 of this document for command information refer to Chapter 10 of the
Router Products Command Reference publication
The BRI interface includes one ISDN Basic Rate connection The Basic Rate connection consists of
channel and two channels both of which are full-duplex 64-kbps channels
The channel is used for call and setup network connection teardown Call setup involves the data
link and network connection D-channel communication is from the router to the ISDN switch
transmit data The channels user The channels are treated as serial lines and support HDLC and
PPP encapsulation The interface configuration is propagated to each of the channels Although
each channel is treated as separate line you cannot configure the channels separately single
switch type must be configured for the router as whole because channels are in permanent
rotary group
The ISDN data link layer interface provided by the router conforms to the specification defined by
the CCITT recommendation Q.921 The ISDN network layer interface provided by the router
conforms to the specification defined by the CCITT recommendation Q.93
For list of ISDN switch types that the ISDN interface supports see the section Configure an ISDN
Basic Rate Interface later in this chapter
Use the show controllers bri EXEC command to display the and channel information
ISDN Encapsulation Methods
Each of the channels is treated as serial line and supports HDLC and PPP encapsulation The
default serial encapsulation is HDLC
Configuring Interfaces 65 Understand Supported Interfaces and Encapsulations
Fiber Distrbuted Data kiterface FDDD
FDDI is an ANSI-defined standard for timed O0-Mbps token passing over fiber-optic cable An
FDDI network consists of two counter token-passing fiber-optic rings On most networks the
primary ring is used for data communication and the secondary ring is used as hot standby The
FDDI standard sets total fiber lengths of kilometers for multimode fiber and 10 kilometers for
single-mode fiber both of which are supported by our FDDI interface controller The maximum
circumference of the FDDI network is only half the specified kilometers because of the wrapping or
looping back of the signal that occurs during fault isolation
The FDDI standard allows maximum Of 500 stations with maximum distance between active
stations of two kilometers The FDDI frame can contain minimum of 22 bytes and maximum of
4500 bytes Our implementation of FDDI complies with Version 6.1 of the X3T9.5 FDDI
specification offering Class dual-attach interface that supports the fault-recovery methods of the Dual-Attach Stations DASs
of FDDI interface Support for the Fiber Distributed Data Interface FDDI is supplied on one our
cards as follows
The CSC-FCI interface card which operates with the standard modular router controller
complex
The CSC-C2IFCIT interface card which operates with the ciscoBus II controller complex
On the Cisco 7000 the high-speed multimode-to-multimode single mode-to-single mode
multimode-to-single mode or single mode-to-multimode FDDI Interface Processor FTP
We also provide support for some of the FDDI MIB variables as described in RFC 1285 FDDI
Management Information Base published in January 1992 by Jeffrey Case of the University of
Tennessee and SNMP Research Inc One such variable that we support is snmpFddiSMTCFState
FDDI Encapsulation Methods
Our FDDI interface by default uses the SNAP encapsulation format defined in RFC 1042 It is not
the CSC-FCI interface necessary to define an encapsulation method for this interface when using
card or FIP
for the The CSC-C2IFCIT interface card and FTP fully support transparent and translational bridging
following configurations
FDDI to FDDI
FDDI to Ethernet
FDDT to Token Ring
When using the CSC-C2IFCTT interface card or FTP you can specify the encapsulation method See
the section Enable FDDI Bridging Encapsulation later in this chapter
Using Connection Management CMI Information
is FDDI handles the transition of the Connection Management CMT an process that ring through and defined the its various states off on active connect so on as by X3T9.5 specification The FTP
provides CMT functions in microcode Information about CMT bits that is received as result of the
FDDI monitoring commands discussed in this section can be helpful if your network server is not
successfully establishing connection to the remote physical connections
6-6 Router Products Configuration Guide Understand Supported Interlaces and Encapsulations
The show interfaces fddi display shows that Physical Phy-A completed CMT with its neighbor
The is active and the state display indicates Physical B-type neighbor The neighbor is determined
from the received signal bits as follows
Bit Positions 9876543210 cO Value Received 1000001100
The received value Ox2OC Bit equals positions and indicate Physical B-type connection
The transition indicate states displayed that the CMT process is running and actively trying to
establish connection the to remote physical connection The CMT process requires state transition
with different signals being transmitted and received before moving on to the next state The ten bits of information CMT are transmitted and received in the Signal State Each state displays the number of times it was entered In the preceding display the Next State Nxt was entered 11 times
Note The display line showing transition states is not generated if the FDDI interface has been shut
down or if the cmt disconnect command has been issued or if the fddi if-crnt command has been
issued The fddi if-cmt command applies to the AGS and Cisco 7000 only
The CFM state is wrap in the sample output because the network server has not completed CMT
with its neighbor to connect to Physical
The display or nondisplay of the upstream and downstream neighbor does not affect the ability to
route data The determination of the and downstream is upstream neighbors dependent upon all
stations on the the same version of station Since ring running management SMT the upstream
neighbor is also its downstream neighbor in the sample there are only two stations in the ring the
network server and the router at address 0800.2008.C52E
High-Speed Serial kiterface HSSO
The High-Speed Serial Interface HSSI consists of the following components
The CSC-HSCI controller card which is CiscoBus-resident
The CSC-HSA which is back-panel applique
The controller card provides single full-duplex synchronous serial interface capable of and data transmitting receiving at up to 52 megabits per second Mbps The HSSI is de facto industry standard providing connectivity to T3 DS-3 E3 SMDS at DS-3 route and other
high-speed w1de-area services through DSU or Line Termination Unit
The high-speed full-duplex synchronous serial interface is supported only on our modular
network server products
This ciscoBus card can query the appliques to determine their types However it does so
only at system startup so the appliques must be attached when the system is started Issue
show controllers cbus command to determine how the HSSI card has identified them The
command also will show the capabilities of the card and report controller-related failures
Configuring Interfaces 6-1 Understand Supported Interfaces and Encapsulations
interface which HSSI network On the Cisco 7000 the HSSI processor HIP provides single
interface for the Cisco 7000 The network interface resides on modular interface processor IP
that provides direct connection between the high-speed Cisco Extended Bus CxBus and an
external network
HSSI Encapsulation Methods
Serial The HSSI supports the serial encapsulation methods listed in the section Synchronous
Encapsulation Methods earlier in this chapter except for X.25-based encapsulations
Online Insertion and Removal OIR
The Cisco 7000s Online Insertion and Removal OIR feature allows you to remove and replace
while the is line With minimal of CxBus interface processors IPs system on disruption service
you can shut down the IP before removal and restart it after insertion without causing other software
or interfaces to shut down
Note Do not remove or install more that one interface processor at one time After removal or
installation observe the LEDs before continuing
You do not need to notify the software that you are going to remove or install an interface processor has been removed When the route processor is notified by the system that an interface processor or
All interface installed it stops routing and scans the system for configuration change processors
then the are initialized and each interface type is verified against the system configuration system normal runs diagnostics on the new interface There is 3- to 5-second disruption to operation during
interface interface processor removal There is an 11- to 15-second disruption during processor insertion
Note Only the Cisco 7000 supports OIR
others Only an interface of type that has been configured previously will be brought on line require the configuration If newly installed interface processor does not match the system configuration the interface is left in an administratively down state until the system operator configures system
with the new interfaces
Hardware MAC-level addresses for all interfaces on the Cisco 7000 are stored on an electronically
erasable programmable read-only memory EEPROM component in the route processor RP instead of on the individual interface boards An address allocator in the EEPROM contains
sequential block of 40 addresses interface slots times maximum of possible ports per slot
Each address is assigned to specific slot and port address in the chassis regardless of how the
interfaces are configured This allows interfaces to be replaced online without requiring the system
to update routing tables and data structures Regardless of the types of interfaces installed the
hardware addresses do not change unless you replace the system RP If you do replace the RP the
hardware addresses of all ports change to those specified in the address allocator on the new RP
6-8 Router Products Configuration Guide Understand Fast and Autonomous Switching Support
Understand Fast and Autonomous Swtchng Support
This section discusses fast switching and autonomous switching
Fast Switching Support
Fast switching allows higher throughput by switching packet using cache created by previous
packets Fast switching is enabled by default on all interfaces that support fast switching The router
supports fast switching of the following protocols
AppleTalk
DECnet
Jp
Ipx
ISO CLNS
Source-route bridging
VINES
XNS
See the separate protocol-specific chapters for more information about fast switching
Autonomous Switching Support
This section discusses the routers autonomous switching support Autonomous switching is
feature that provides faster packet switching by allowing the CiscoBus controller to switch packets
independently without having to interrupt the system processor It is available only in Cisco 7000
systems and in AGS systems with high-speed network controller cards Autonomous switching is
disabled by default on all interfaces
The router supports autonomous switching of the following protocols
Ipx
Source-route bridging
Transparent bridging
See the separate protocol-specific chapters for more information about autonomous switching
Transparent Bridging
The router supports the following types of transparent bridging
Ethernet MEC to Ethernet MEC
Ethernet MEC to FDDI FCIT
FDDI FCIT to Ethernet MEC
FDDI FCIT to FDDI FCIT
Configuring Interfaces 6-9 Configure the Interface Type
IP over PPP and IETF Frame Relay
The router supports autonomous switching of IP over PPP and IETF Frame Relay-encapsulated
traffic
IPX
You can autonomously switch to and from any of the encapsulations listed below
Ethernet ARPA Novell Ethernet_IT
Ethernet NOVELL-ETHER Novell Ethernet_802.3
Ethernet SAP Novell IEEE 802.2
Ethernet SNAP Novell IEEE 802.2/SNAP
Token Ring SAP Novell IEEE 802.2
Token Ring SNAP Novell IEEE 802.2/SNAP
FDDI SAP Novell IEEE 802.2
FDDI SNAP Novell IEEE 802.2/SNAP
SeriaIHDLC
See the ipx route-cache cbus command in Chapter 8of the Router Products Command Reference
publication for more information
Configure the nterface Type
follow these Begin interface configuration in global configuration mode To configure an interface
steps
Step Enter the configure EXEC command at the privileged EXEC prompt
Step2 Once in the global configuration mode start configuring the interface by entering the
interface command Identify the interface type followed by the number of the connector or
interface card These numbers are assigned at the factory at the time of installation or when interfaces command added to system and can be displayed with the show EXEC
in the report is provided for each interface the router supports as seen following partial
sample display
Serial is administratively down line protocol is down
Hardware is MCI Serial MTU 1500 bytes BW 1544 Kbt DLY 20000 usec rely 255/255 load 1/255 Encapsulation HDLC loopback not set keepalive set 10 eec
Use the show hardware EXEC command to see list of the system software and hardware
For example to begin configuring interface Serial you would add the following line to
the configuration file
interface serial
Note add between the interface and interface number For It is not necessary to space type
example in the preceding line you can specify either serial or serialO
6-10 Router Products Configuration Guide Configure the Interface Type
interface commands Step Follow each interface command with the configuration your
and that will particular interface requires These command define the protocols applications
run on this interface The commands are collected and applied to the interface command
is interface until you enter another interface command command that not an
configuration command or you type the Ctrl-Z sequence to get out of configuration mode
and return to privileged EXEC mode
Step Once an interface is configured you can check its status by entering the EXEC show
commands described after the task tables that follow
The following sections show how to begin to configure each interface type as separate task See
the section Examples of Enabling Interface Configuration at the end of this chapter
Configure an ISDN Basic Rate Interface
the task in To configure an ISDN Basic Rate Interface BRI perform following global configuration mode
Task Command
Begin interface configuration interface bri interface-n umber
You must also specify an ISDN switch type See the sections Select the ISDN BRI Switch Type
and Define ISDN Service Profile Identifiers SPIDs later in this chapter for additional
information
Configure Dialer Interface mode To begin to configure dialer interface perform the following task in global configuration
Task Command
Begin interface configuration interface dialer interface-number
Configure an Ethernet nterface
task in mode To begin to configure an Ethernet interface perform the following global configuration
Task Command
Begin interface configuration interface ethernet interface-number
For the Cisco 7000 interface ethernet slot/port
Configuring Interfaces 6-11 Configure the Interface Type
Configure an FDD Interface
To begin to configure an FDDI interface perform the following task in global configuration mode
Task Command
Begin interface configuration interface fddi intejace-n umber
For the Cisco 7000 interface fddi slot/port
Configure an HSSI Interface
To begin to configure High-Speed Serial Interface perform the following task in global
configuration mode
Task Command
Begin interface configuration interface hssi interface-n umber
Configure Loopback Interface
You can specify software-only interface called loopback interface that emulates an interface that
is always up It is supported on all platforms loopback interface is virtual interface that is always
up and allows BGP and RSRB sessions to stay up even if the outbound interface is down
You can use the loopback interface as the termination address for BGP sessions for RSRB
connections or for establishing Telnet session from the routers console to its auxiliary port when
all other interfaces are down In applications where other routers will attempt to reach this loopback
interface you should configure routing protocol to distribute the subnet assigned to the loopback
address
Packets routed to the loopback interface are rerouted back to the router and processed locally IP
packets routed out the loopback interface but not destined to the loopback interface are dropped
This means that the loopback interface does double duty as the NullO interface
Note Loopback does not work on an X.2l DTE because the X.21 interface definition does not
include loopback definition The loopback tests do not work on the Ethernet interface of the IGS
router product
To configure loopback interface perform the following task in global configuration mode
Task Command
Begin interface configuration interface loopback interface-number
See also the section Run Interface Loopback Diagnostics later in this chapter
6-12 Router Products Configuration Guide Configure the Interface Type
Configure Null Interface
The router supports null interface This pseudo-interface functions similarly to the null devices
available on most operating systems This interface is always up and can never forward or receive traffic encapsulation always fails The only interface configuration command that you can specify
for the null interface is no ip redirects
The null interface provides an alternative method of filtering traffic The overhead involved with
using access lists can be avoided by directing undesired network traffic to the null interface
To specify the null interface perform the following task in global configuration mode
Task Command
Begin interface configuration interface null
null the interface and unit The Specify or nullO as name null interface can be used in any
command that has an interface type as an argument The following example configures null
interface for IP route 127.0.0.0
ip route 127.0.0.0 255.0.0.0 null
Configure Synchronous Serial Interface
To begin to configure synchronous serial interface perform the following task in global
configuration mode
Task Command
Begin interface configuration interface serial interface-number
For the Cisco 7000 interface serial slot/port
Configure Token Ring Interface
To begin to configure Token Ring interface perform the following task in global configuration mode
Task Command
Begin interface configuration interface tokenring interface-n umber
For the Cisco 7000 interface tokenring slot/port
Configure Tunnel Interface
To configure tunnel interface use the interface tunnel command in global configuration mode
Before you configure tunnel interface see the sections in this chapter entitled Understand Tunneling and Configure IPTunneling
Task Command
Begin interface configuration interface tunnel interface-number
Configuring Interfaces 6-13 Configure the Interface Type
Configure an Asynchronous SeraI Onterface
Only the auxiliary port on router can be configured as an asynchronous serial interface To
configure an asynchronous serial interface on the router you must establish asynchronous serial line
connections using PPP or SLIP as described in the next section
Establish Asynchronous Connections using PPP or SLIP
PPP and SLIP define methods of sending Internet packets over standard RS-232 asynchronous
serial line PPP also defines methods for sending IPX packets The router contains one such port the
auxiliary port To use the asynchronous device as network interface via PPP or SLIP complete
the following tasks
Configure asynchronous interface
Configure PPP or SLIP encapsulation on the asynchronous interface
Configure the addressing method
Configure dedicated or interactive mode
Enable asynchronous routing
Connect to remote routers via PPP or SLIP
Note You can also configure support for SLIP and PPP using extended BOOTP requests See
Chapter
Configure Asynchronous Interface
The auxiliary ports absolute line number is When you configure an asynchronous interface with
the interface async command you enable asynchronous routing over the auxiliary port to support
PPP and SLIP connections to remote routers The interface number is the same as the absolute line number
The router automatically associates the interface number with the absolute line number of the
auxiliary port and treats the interface as an asynchronous line However to configure the auxiliary
port as an asynchronous interface you must also configure it as an auxiliary line with the line aux
command as described in Chapter Follow the line command with the appropriate line
configuration commands for modem control such as speed Perform the following task in global
configuration mode to specify the auxiliary port line as an asynchronous interface
Task Command
Specify an asynchronous interface interface async
Only IP packets can be sent across lines configured for SLIP PPP supports transmission of both IF
and IPX packets
6-14 Router Products Configuration Guide Configure the Interface Type
Configure PPP or SLIP Encapsulation
SLIP and PPP methods of are encapsulating datagrams and other network-layer protocol information over point-to-point links SLIP is the default method Use the following command in
interface mode configuration to configure PPP or SLIP encapsulation on the asynchronous interface
Task Command
Configure PPP or SLIP encapsulation on an asynchronous line encapsulation ppp slip
The configured SLIP or PPP encapsulation method applies to an interface configured for dedicated
mode or dial-on-demand On asynchronous routing DDR an asynchronous interface configured for
interactive the is the mode encapsulation type specified by user with the slip or ppp EXEC
command See Configure Dedicated or Interactive Mode later in this chapter
Configure the Addressing Method
The default and async async dynamic commands control whether you can specify an address at the
level the and EXEC using slip ppp commands or whether an address is forced by the system
It is common to configure an asynchronous interface both to have default address and to allow dynamic addressing In this case you must choose between the default address or dynamic addressing when you enter the slip ppp default or slip ppp client EXEC command
This section describes how to
Assign default asynchronous address
Allow an asynchronous address to be assigned dynamically
You can assign permanent default asynchronous address to line by performing the following task in interface configuration mode
Task Command
default IP address Assign to the asynchronous interface async default ip address ip-address
Use the form of this command disable no to the default address If the server has been configured to authenticate asynchronous connections you are prompted for password after entering the slip client or ppp client EXEC command before the line is placed into asynchronous mode
The default address is assigned used when the user enters the slip default or ppp default EXEC command The TACACS validates server the transaction when enabled and the line is put into network mode using the address that is in the configuration file This feature is useful when the user is know not required to the IF address to gain access to system for example users of server that is available students to many on campus Instead of requiring each user to know an IP address they need only enter the slip default or ppp default EXEC command and let the server select the address to use
When line is configured for dynamic assignment of asynchronous addresses the user enters the
or and is for address host slip ppp EXEC command prompted an or logical name TheTACACS validates the when and the line is the address address enabled assigned given and put into asynchronous mode Assigning asynchronous addresses dynamically is also useful when you want
Configuring Interfaces 6-15 Configure the Interface Type
to assign set addresses to users For example an application on personal computer that
in automatically dials in using SLIP and polls for electronic mail messages can be set up to dial
periodically and enter the required IP address and password
To configure asynchronous dynamic addressing perform the following task in interface
configuration mode
Task Command
Allow the IP address to be assigned at login async dynamic address
The dynamic addressing features of the internetwork allow packets to get to their destinations and
back regardless of the router or network they are sent from For example if host such as laptop
computer moves from place to place it can keep the same address no matter where it is dialing in
from For an example of this command see the section Asynchronous Routing and Dynamic
Addressing Example at the end of this chapter
Configure Dedicated or Interactive Mode
You can configure the asynchronous interface to be indedicated network or interactive mode
In dedicated mode there is no user prompt or EXEC level so no end-user commands are required
to place the line into interface mode When the interface is configured for dedicated mode the user
cannot change the encapsulation method address or other parameters
To configure an asynchronous interface to be in dedicated network mode perform the following task
in interface configuration mode
Task Command
Place the asynchronous line into dedicated network mode async mode dedicated
For an example of the preceding command see the section Dedicated Asynchronous Interface
Example at the end of this chapter
Alternatively you can configure an asynchronous line for interactive mode In interactive mode the
line can be used to make any type of connection depending on the EXEC command entered by the
user For example depending on its configuration the line could be used for Telnet connections or
SLIP or PPP encapsulation Perform the following task in interface configuration mode to configure
an asynchronous line for interactive mode
Task Command
Place the asynchronous line in interactive mode async mode interactive
6-16 Router Products Configuration Guide Configure the Interface Type
Enable Asynchronous Routing
You can enable use of dynamic routing protocols on the asynchronous interface by performing the
following task in interface configuration mode
Task Command
Configure an asynchronous interface for routing async dynamic routing
Connect to Remote Routers via PPP or SLIP
You can use an asynchronous device as network interface connection to remote router via the
auxiliary port using the PPP or SLIP protocols To do so perform the following task in EXEC mode
Task Command
Use the asynchronous device as ppp slip client
network interface from the auxiliary
port using the PPP or SLIP protocol
To use the device as network interface PPP asynchronous using or SLIP the auxiliary port on the
remote router must be configured to act as an asynchronous interface This is done on the remote
router with the interface async command You must also use the async mode interactive command
With the default default keyword you can specify IP address for asynchronous routing For this
option to be effective the asynchronous interface on the remote router must have default IP address
with the default specified async ip address command Or you can enter an address if the
asynchronous interface on the remote router is configured with the async dynamic address command
The client and TACACs server can be specified either by IP address or by name Any names used be in domain must the name service DNS and must be resolvable to an IP address The address
specified for tacacs-server must be an address of TACACS server configured with the tacacs
server host command as described in Chapter
The/routing keyword enables dynamic routing To use it the asynchronous interface on the remote
router must be configured for asynchronous routing with the async dynamic routing command
the the Using /compressed keyword you can set asynchronous interface to compress packets for
more efficient use of the line To use it the asynchronous interface on the remote router must have
TCP/IP parameters set with the ip tcp header-compression command
For of the and examples ppp slip commands see the examples at the end of this chapter
You also the can use ip access-group command to apply access restrictions to the asynchronous
interface and the unnumbered ip command See the chapter pertaining to IP commands
Configuring Serial Interface
serial interface To specify on the Cisco 7000 use this configuration command
interface serial slot/port
Specify the serial interface slot number with the argument slot Specify the port number with the argument port
Configuring Interfaces 6-17 Configure the Interface Type
The slot argument is the backplane slot number and can be in the range through The port
number of the fast serial interface and be in the argument is the port processor FSIP can range
through
Follow this command with the routing or bridging interface configuration commands for your
particular protocol or application as described in subsequent chapters
Configuring the CRC
The cyclic redundancy check CRC on serial interface defaults to length of 16 bits To change
the length of the CRC to 32 bits complete the following task in interface configuration mode
Task Command
Set the length of the CRC crc size
Using the NRZI Line Coding Format
inverted All FSIP interface types support nonreturn to zero NRZ and nonreturn to zero NRZI
format.This is line coding format that is required for serial connections in some environments
in IBM NRZ encoding is most common NRZI encoding is used primarily with RS-232 connections environments
The default configuration for all serial interfaces is NRZ format The default is no nrzi-encoding
To enable NRZI format complete the following task in interface configuration mode
Task Command
Enable NRZI encoding format nrzi-encoding
Enabling the Internal Clock
When DTE does not return transmit clock use the following interface configuration command
on the Cisco 7000 to enable the internally generated clock on serial interface
Task Command
Enable the internally generated clock on serial transmit-clock-internal
interface
Inverting the Transmit Clock Signal
Delays between the SCTE clock and data transmission indicate that the transmit clock signal might
not be appropriate for the interface rate and length of cable being used Different ends of the wire
for these may have variances that differ slightly Invert the clock signal to compensate factors by
completing the following task in interface configuration mode on Cisco 7000
Task Command
invert the clock signal on an interface invert-transmit-clock
6-18 Router Products Configuration Guide Add Description for an Interface
Add Description for an nterface
about interface is You can add description an to help you remember what attached to it This entry
is meant solely as comment to help identify what the interface is being used for The description
will appear in the output of the following commands show configuration write terminal and
show interfaces To add the description complete the following task in interface configuration mode
Task Command
Add description for an interface description String
For examples of this command see the examples at the end of this chapter
Configure Subnterf aces
Configuring multiple virtual interfaces or subinterfaces on single physical interface allows greater
flexibility and connectivity on the network With subinterfaces you can provide full connectivity on
partially meshed Frame Relay networks.You can also configure subinterfaces on LANs to support
multiple IPX encapsulations on the same physical interface
You can perform the following subinterface configuration tasks
Understand which interface types and encapsulations the subinterfaces support
Configure subinterfaces on serial interfaces running Frame Relay encapsulation
Configure subinterfaces on Token Ring FDDI and Ethernet interfaces to support multiple IPX
encapsulations
Understand Supported Unterfaces and EncapsuUations
Subinterfaces can be used in the following situations
To support partially meshed multiprotocol Frame Relay networks over serial interface
To support multiple simultaneous IPX encapsulations on Token Ring FDDI and Ethernet
interfaces
Table 6-1 lists the commands that are supported on subinterfaces
Table 6-1 Subinterface Configuration Commands
Command Interlace Type Supported
apollo Serial only
appletalk Serial only
bandwidth Serial Ethernet FDDI Token Ring
bridge-group Serial only
clns Serial only
decnet Serial only
delay Serial Ethernet FDDI Token Ring
description Serial Ethernet FDDI Token Ring
exit Serial Ethernet FDDI Token Ring
Configuring Interfaces 6-19 Configure Subinterfaces
Command Interface Type Supported
frame-relay Serial only
ip Serial only
ipx Serial Ethernet FDDI Token Ring
isis Serial only
iso-igrp Serial only
ntp Serial only
shutdown Serial Ethernet FDDI Token Ring
Example
In the following example interface serial 0.1 is configured to support bridging on Frame Relay DLCI 42
interface serial
encapsulation frame-relay interface serial 0.1 bridge-group framerelay interface-dlci 42 broadcast
The commands listed in Table 6-2 support subinterfaces as parameters
Table 6-2 Commands that Allow Subinterfaces as Parameters
Command Command Type
bridge group address Global configuration
ems route Global configuration
ip unnumbered Interface configuration
tunnel source Interface configuration
interface Global configuration
ip route Global configuration
routemap match interface Route-map configuration
distribute-list Router configuration
neighbor address update-source Router configuration
passive-interface Router configuration
Example
In the following example the route to IP network 100.0.0 is configured to exit the router via
subinterface serial 0.1
ip route 10.0.0.0 255.0.0.0 serial 0.1
6-20 Router Products Configuration Guide Configure Subinterfaces
The show commands listed in Table 6-3 support subinterfaces as parameters
Table 6-3 Show Commands that Allow Subinterfaces as Parameters
Command Command Type
show apple EXEC
show buffers EXEC
show clns EXEC
show decnet EXEC
show interfaces EXEC
show ip igrp2 neighbors EXEC
show ip ospf neighbor EXEC
show ip ospf interface EXEC
show ip irdp EXEC
show ip interface EXEC
show novell EXEC
show protocols EXEC
Configure Subinterfaces on Serial Interfaces Running Frame Relay Encapsulation
Frame Relay networks provide multiple point-to-point links or PVCs permanent virtual circuits
through the same physical serial interface Subinterfaces allow blocks of one or more Frame Relay
PVCs to be treated as separate subnetworks Protocols such as IP IPX and bridging view each
subinterface as separate interface with its own address and protocol assignments
subinterface with single Frame Relay PVC is modeled as point-to-point link subinterface
with multiple Frame Relay PVCs is modeled as LAN
Subinterfaces for provide mechanism supporting partially meshed Frame Relay networks In the
past single network number such as an IP subnet or an IPX network number was assigned to an
entire Frame Relay network Most protocols assume transitivity on logical network that is if
station can talk to station and station can talk to station then station should be able to
talk to station directly This is true on LANs but is not true on Frame Relay networks unless they
meshed certain are fully Additionally protocols such as AppleTalk and transparent bridging could
not be supported on partially meshed networks because they require split horizon in which
packet received on an interface cannot be transmitted out the same interface even if the packet is
received and transmitted on different virtual circuits
Subinterfaces address these limitations by providing way to subdivide partially meshed Frame
Relay network into number of smaller fully meshed or point-to-point subnetworks Each
subnetwork is assigned its own network number and appears to the protocols as if it is reachable
through separate interface Note that point-to-point subinterfaces can be unnumbered for use with
IP reducing the addressing burden that might otherwise result
For example suppose you have five-node Frame Relay network see Figure 6-la that is partially
meshed If the entire network is viewed as single subnetwork with single network number
assigned most protocols assume that node can transmit packet directly to node when in fact
it must be relayed through nodes and This can be made to work with certain protocols for
example IP but will not work at all with other protocols for example AppleTalk because nodes
and will not relay the packet out the same interface on which it was received The only way to
make this work fully is to create fully meshed network see Figure 6-ib but that requires large
number of PVCs which may not be economically feasible
Configuring Interfaces 6-21 Configure Subinterfaces
Using subinterfaces the Frame Relay network can be subdivided into three smaller networks see
Figure 6-ic with separate network numbers Nodes and are connected to fully meshed
network and nodes and as well as nodes and are connected via point-to-point networks
In this configuration nodes and would see two subinterfaces allowing them to forward packets
without violating split horizon rules If transparent bridging is being used each subinterface is
viewed as separate bridge port
6-1 Partially Meshed Frame Relay 6-lb Fully Meshed Frame Relay
Network without Full Connectivity Network with Full Connectivity
6-1 Partially Meshed Frame Relay Network with Full Connectivity
configuring subinterfaces
Figure 6-1 Using Subinterfaces to Provide Full Connectivity on Partially Meshed Frame Relay Network
6-22 Router Products Configuration Guide Configure Subinterfaces
To subinterfaces configure on Frame Relay network perform the following tasks
Task Task
Step Configure serial interface interface serial interface-number
Step Configure Frame Relay encapsulation encapsulation frame-relay
on the serial interface
Step Configure subinterface interface serial inteiface-numbe.subinteiface-number
point-to-pointi
the Step Configure feature you want the See the examples that follow
subinterface to support
Example
In the following example subinterface models point-to-point subnet and subinterface models broadcast subnet
interface serial encapsulation framerelay interface serial 0.1 point-to-point ip address 10.0.1.1 255 .255.255.0 frame-relay interface-did 42
interface serial 0.2 multipoint ipaddress 10.0.2.1 255.255.2550
frame-relay map 10.0.2.1 255.255.255.0 17 broadcast
frame-relay map 10.0.2.2 255.255255.0 18
Example
To use Frame DLCIs and Relay 42 64 73 as separate point-to-point links and run transparent the bridging over them configuration might look like the following example
interface serialO encapsulation framerelay interface serial 0.1 point-to-point bridge-group frame-relay interface-dlci 42 broadcast interface serial 0.2 point-to-point bridge-group frame-relay interface-dlci 64 broadcast interface serial 0.3 point-to-point bridge-group frame-relay interface-dlci 73 broadcast
From the tree of bridging spanning algorithms point view each PVC is separate bridge port and frame arriving on PVC can be relayed back out separate PVC
Configure Suhinterfaces on Token Ring FDD and Ethernet nterfaces Running MuUtiple PX Encapsulations
Another use for subinterfaces is to support the use of multiple IPX encapsulations on LAN media
There are number of ways to encapsulate IPX packets on each LAN medium and hosts that use
different encapsulation techniques cannot communicate with each other Logically they are on
different networks and separate IPX network numbers are assigned accordingly The left side of
Figure 6-2 illustrates this situation
Configuring Interfaces 6-23 Configure Subinterfaces
However router can be placed on the LAN and separate subinterface can be created for each
encapsulation type with distinct IPX network numbers The router will then switch packets
between the two logical networks converting the encapsulations as necessary Since separate
subinterfaces are used split horizon rules are not violated
The right side of Figure 6-2 illustrates the use of subinterfaces on LAN interfaces that use multiple
IPX encapsulation methods
Novell Network
Without Subinterfaces With Subinterfaces
Router SNAP 3E 4E ARPA 4.C 3.AL SN ARPA SNAP ARPA Physical Physical SNAiL JRPA SNA JRPA
3.A cannot communicate with 4.D With subintertaces running the appropriate
encapsulation on each network 3.E and
4.D can now directly communicate with each other on different networks and interfaces
Configuration File Example
interface ethernetO ipx network ipx encapsulation snap
interface ethernet 0.2 ipx network ipx encapsulation arpa
3.A 4.0 3.A 4.0
3.E 4.E Logical Logical
3.B 4.D 3.B 4.D
Figure 6-2 Novell Network with and without Subinterfaces
6-24 Router Products Configuration Guide Understand Tunneling
Understand Tunneing
Tunneling provides way to encapsulate arbitrary packets inside of transport protocol This feature
is implemented as virtual interface to provide simple interface for configuration The tunnel
interface is not tied to specific passenger or transport protocols but rather it is an architecture
that is designed to provide the services necessary to implement any standard point-to-point
encapsulation scheme
Tunneling has three primary components
Passenger protocol which is the protocol you are encapsulating IPX IP DECnet CLNP or AppleTalk
Carrier protocol which is one of the following encapsulation protocols
Generic Router Encapsulation GRE Ciscos multiprotocol carrier protocol
Cayman proprietary protocol for AppleTalk over IP
EON standard for carrying CLNP over IP networks
NOS IP over IP compatible with the popular KA9Q program
Transport protocol which is the protocol used to carry the encapsulated protocol IP only
Figure 6-3 illustrates IP tunneling terminology and concepts
Normal Packet
802.3 802.2 CLNP TP4 VT
Tunnel Packet
Ethernet IP GRE CLNP TP4 VT
Passenger protocol
Encapsulation protocol
Transport protocol
Figure 6-3 IP Tunneling Terminology and Concepts
Advantages of Tunneling
There several situations where are encapsulating traffic in another protocol is useful
To provide multiprotocol local networks over single-protocol backbone
To workarounds for provide networks containing protocols that have limited hop counts for
example AppleTalk see Figure 6-4
To connect discontinuous subnetworks
To allow virtual private networks across Wide Area Networks WANs
Configuring Interlaces 6-25 Understand Tunneling
Tunnel
II
If the path between two computers has more than 15 hops they cannot talk to each other
but it is possible to hide some of the hops inside the network with tunnel
Figure 6-4 Providing Workarounds for Networks with Limited Hop Counts
Special Considerations
The following are considerations and precautions to observe when configuring tunneling
Encapsulation and decapsulation at the tunnel endpoints are slow operations currentlyonly
processor switching is supported
Be cautious in your configuration and take into account security and topology issues Be careful
not to violate access control lists You can configure tunnel with source and destination that
is not restricted by firewall access routers
Tunneling may create problems with transport protocols with limited timers for example
DECnet due to increased latency
Be aware of the environments across which you create tunnels You may be tunneling across fast
in FDDI rings or through slow 9600-bps phone lines some passenger protocols behave poorly mixed media networks
Multiple point-to-point tunnels can saturate the physical link with routing information
Routing protocols that make their decisions based solely on hop count will often prefer tunnel
over multipoint real link tunnel may appear to be one-hop point-to-point link and have the
lowest-cost path but may actually cost more For example in the topology shown in Figure 6-5
packets from Host will travel across networks and to get to Host instead of taking the
path because it appears shorter
6-26 Router Products Configuration Guide Configure IP Tunneling
Figure 6-5 Tunnel Precautions Hop Counts
An even worse problem will occur if routing information from the tunneled network mixes with
the transport networks information In this case the best path to the tunnel destination is via
the tunnel itself This is called recursive route and will cause the tunnel interface to temporarily shut down To avoid recursive routing problems keep passenger and transport network routing
information disjointed
Use different AS number or tag
Use different routing protocol
static Use routes to override the first hop but watch for routing loops
If you see line protocol down as in the following example it may be because of recursive route
%TUNRECURDOWN Interface Tunnel temporarily disabld due to recursive routing
Configire Tunrehng
If you want to configure IP tunneling you must perform at least the first three tasks in the list that
follows The remaining tunnel configuration tasks are optional
Configure the tunnel interface required
Configure the tunnel source required
Configure the tunnel destination required
Configure the tunnel mode
Configure end-to-end checksumming
Configure tunnel identification key
Configure tunnel interface to drop out-of-order datagrams
Monitor IP tunnels
For these examples using commands see the tunnel examples at the end of this chapter To configure
AppleTalk tunneling see Chapter 12 in the section Configure AppleTalk Tunneling
Configuring Interfaces 6-21 Configure Tunneling
Configure the Tunnel Interface
In order to configure tunneling you must configure the tunnel interface by performing the following
task in global configuration mode
Task Command
Configure the tunnel interface interface tunnel
Configure the Tunnel Source
In order to configure tunneling you must specify the tunnel interfaces source address by performing
the following task in interface configuration mode
Task Command
Configure the tunnel source tunnel source ip address inteiface type inteiface-nunber
Note You cannot have two tunnels using the same encapsulation mode with exactly the same source
and destination address The workaround is to create loophack interface and source packets off of
the loopback interface
Configure the Tunnel Destination
In order to configure tunneling you must specify the tunnel interfaces destination by performing
the following task in interface configuration mode
Task Command
the tunnel destination tunnel destination Configure host name ip address
Configure the Tunnel Mode
this The encapsulation mode for the tunnel interface defaults to generic route encapsulation gre so
task is consideredoptional However if you want mode other than gre you must configure it by
performing the following task in interface configuration mode
Task Command
Configure the tunnel mode tunnel mode cayman eon gre nos
6-28 Router Products Configuration Guide Configure IP Tunneling
Configure End-toEnd Checksumming
Some passenger protocols rely on media checksums to provide data integrity By default the tunnel
does not guarantee packet integrity By enabling end-to-end checksums the routers will drop To enable corrupted packets such checksums on tunnel interface perform the following task in
interface configuration mode
Task Command
Configure end-to-end checksumming tunnel checksum
Configure Tunne dentification Key
You can optionally enable an ID key for tunnel interface This key must be set to the same value
on the tunnel endpoints Tunnel ID keys can be used as form of weak security to prevent
misconfiguration or injection of packets from foreign source
The tunnel ID key is available with generic router encapsulation GRE only
Note When using GRE the ID key is carried in each packet We do not recommend relying on this
key for security purposes
To configure tunnel 1D key perform the following task in interface configuration mode
Task Command
Configure tunnel identification key tunnel key key-number
Configure Tunn nterface to Drop Out-ofOrder Datagrams
You can optionally configure tunnel interface to drop datagrams that arrive out of order This is
useful when carrying passenger protocols that behave poorly when they receive packets out of order
for example LLC2-based protocols This option is available with generic router encapsulation GRE only
To use this option perform the following task in interface configuration mode
Task Command
Configure tunnel interface to drop out-of-order datagrams tunnel sequence-datagrams
Configuring Interfaces 6-29 Reenable HDLC Serial Encapsulation
Monitor Tunnes
in mode monitor the IF tunnels have Complete any of the following tasks EXEC to you configured
Task Command
List tunnel interface information show interface tunnel unit
List the routes that go through the tunnel show protocol route
List the route to the tunnel destination show ip route
Reenabe HDLC SeraH Encapsuaton
The router provides High-level Data Link Control HDLC encapsulation for serial lines by default
This encapsulation method provides the synchronous framing and error detection functions of
HDLC without windowing or retransmission Although it is the default it can be reenabled as the
encapsulation method if necessary by performing the following task in interface configuration mode
Task Command
Reenable HDLC encapsulation encapsulation hdlc
Sehect the Ethernet Encapsuiaton
Ethernet interfaces on the router support several encapsulation methods depending upon the
application type code and media type as follows
Standard ARPA Ethernet Version 2.0 encapsulation default
SAP IEEE 802.3 encapsulation
The SNAP method as specified in RFC 1042
Establish Ethernet encapsulation by selecting one of the Ethernet encapsulation methods using the
appropriate command in interface configuration mode as follows
Task Command
Select ARPA Ethernet encapsulation encapsulation arpa
Select SAP Ethernet encapsulation encapsulation sap
Select SNAP Ethernet encapsulation encapsulation snap
For an example of the encapsulation command see the section Example of Enabling Ethernet
Encapsulation at the end of this chapter
6-30 Router Products Configuration Guide Configure the Ethernet Network Interface Module on the Cisco 4000
Configure the Ethernet Network nterface ModuOe on the Cisco 4000
You can specify the type of Ethernet Network Interface Module configuration on the Cisco 4000
model To do so perform the following task in interface configuration mode
Task Command
Select 15-pin Ethernet connector media-type aui
Select an RJ4S Ethernet conneëtor media-type lObaset
Extend the lOBaseT Capability on the Cisco 4000
You can extend the twisted-pair OBaseT capability beyond the standard 100 meters by reducing the
squelch signal cutoff time To do so perform the first task that follows in interface configuration
mode You can later restore the squelch by performing the second task
Task Command
Reduce the squelch squelch reduced
Return squelch to normal squelch normal
Configure ATMDX
You Virtual Path Identifier can map VPI and Virtual Circuit Identifier VCI to Frame Relay DLCI the by performing following tasks in interface configuration mode
Task Command
Step Specify the encapsulation method encapsulation atm-dxi
VP1 and VCI Step Map given to Frame atm-dxi map protocol address VP VG Relay DLCI
Convert HSS to CHock Master
You can convert the HSSI interface into 45 MHz clock master by performing the following task in
interface configuration mode
Task Command
Convert the HSSI interface into 45 MHz clock master hssi internal-clock
Configuring Interfaces 6-31 Enable MOP
Enabe MOP
You can enable the Maintenance Operation Protocol MOP on an interface by performing the
following task in interface configuration mode
Task Command
Enable MOP mop enabled
Enabe MOP Message Support
You can enable an interface to send out periodic MOP system identification messages on an interface
by performing the following task in interface configuration mode
Task Command
Enable MOP message support mop sysid
Seect the Token Ring Speed
The Token Ring interface on the CSC-1R CSC-2R and IGS/TR can run at either or 16Mbps
These Token Ring interfaces do not default to any particular ring speed you must select the speed
the first time you use them
Caution Configuring ring speed that is wrong or incompatible with the connected Token Ring
causes the ring to beacon which effectively takes the ring down and makes it nonoperational
Configure the ring speed on the CSC-1R or CSC-2R and IGSITR Token Ring interfaces by
performing the following task in interface configuration mode
Task Command
Select the ring speed ring-speed speed
Enabe Eady Token ReHease
Our Token Ring interfaces support early token release method whereby the interface releases the
token back onto the ring immediately after transmitting rather than waiting for the frame to return
This feature can help to increase the total bandwidth of the Token Ring To configure the interface
for early token release perform the following task in interface configuration mode
Task Command
Enable early token release early-token-release
6-32 Router Products Configuration Guide Select the ISDN BRI Switch Type
Select the OSDN BR Switch Type
The Integrated Services Digital Network Basic Rate Interface ISDN BRI supports variety of
central office switches Table 6-4 lists the ISDN switch types supported by the ISDN interface If
you are going to configure an interface with the interface bri command you must also select
switch using the following command in global configuration mode
Task Command
Select the central office switch type isdn switch-type snilch-tpe
Table 6-4 ISDN Office Switch Types
Keyword Switch Type
basic-ltr6 German ITR6 ISDN switches
basic-5ess ATT basic rate switches
basic-dmslOO NT DMS-100 basic rate switches
basic-net3 NET3 ISDN switches UK and others
ntt Japanese Nil ISDN switches
vn2 French VN2 ISDN switches
vn3 French VN3 ISDN switches
Define HSDN Service Profile ldentfiers SPIDs
All ISDN devices subscribe to services provided by an ISDN service provider usually telephone
company However only some service providers use Service Profile Identifiers SPIDs to define the
services subscribed to by the ISDN device that is accessing the ISDN service provider The service
provider assigns the ISDN device one or more SPIDs when you first subscribe to the service If you
are using service provider that requires SPIDs your ISDN device cannot place or receive calls until
it sends valid assigned SPID to the service provider when accessing the switch to initialize the
connection
Currently only the DMS-100 switch type requires SPIDs The ATT 5ESS switch may support
SPID but it is recommended that you set up that ISDN service without SPIDs In addition SPIDs
only have significance at the local access ISDN interface Remote routers are never sent the SPID
SPID is usually ten-digit telephone number with some optional numbers However service
providers may use different numbering schemes For the DMS-lOO switch type two SPIDs are
assigned one for each B-channel On�e your service provider has assigned you SPIDs you must
define these SPIDs on the router so that when access to the switch is attempted the router has the
valid information available
To define the SPIDs and the local directory number ldn on the router perform the following tasks
in interface configuration mode after specifying interface bri
Task Command
Define SPID and ldn for the I-channel isdn spidi spid-number
Define SPID and ida for the B2-channel isdn spid2 spid-number
Configuring Interfaces 6-33 Define ISDN TEl Negotiation
See for Chapter 10 information about configuring dial-on-demand routing DDR and Chapter 10 of the Products Router Command Reference publication for specific DDR commands
Define SDN TE Negotaton
You can determine when ISDN Terminal Endpoint Identifier TEl negotiation occurs The default
is for negotiation to occur when the router is powered on Use this command with care
To define when TEl negotiation will occur perform the following task in global configuration mode
Task Command
Determine when ISDN TEl negotiation occurs isdn tei powerupi
Configure FDW Tmers and Features
FDDI interface Using special configuration commands you can perform the following tasks
Enable FDDI bridging encapsulation
Set the token rotation time
Set the transmission valid timer
Control the transmission timer
Modify the C-Mm timer
Modify the TB-Mm timer
Modify the timeOut timer
Control SMT frame processing
Enable duplicate address checking
Set the bit control
Control the connection management CMT microcode
Start and stop FDDI
Configure FDDI dual homing built-in configuration capability of the EDDI software
Control the FDDI station management SMT message queue size
The following sections describe these tasks
Errnbe FDW Brdgng Encapsulat�on
The CSC-C2IFCIT interface card and FTP fully support transparent and translational bridging for the
following configurations
FDDI to FDDI
FDDI to Ethernet
FDDI to Token Ring
6-34 Router Products Configuration Guide Configure FDDI Timers and Features
This task the CSC-C2IFCIT interface places or FIP into encapsulation mode when doing bridging
In transparent mode the FCIT interface or FIP interoperates with earlier versions of the CSC-FCI
interfaces when encapsulating performing bridging functions on the same ring When using the
CSC-C2/FCIT interface card or FIP you can specify the encapsulation method by performing the
following task in interface configuration mode
Task Command
Specify the encapsulation method for the CSC-C2/FCJT fddi encapsulate
interface card or FIP
Turn off encapsulation bridging and return the FCIT interface no fddi encapsulate
or FIP to its translational nonencapsulating mode
When you are translationally bridging you have to route routable protocols and translationally
bridge the rest such as LAT
The CSC-FCI interfaces in are always encapsulating bridge mode so disabling applies only to CSC-C2IFCIT interfaces
Note between dissimilar media Bridging presents several problems that can prevent communications These include problems bit-order translation or use of MAC addresses as data maximum transfer unit MTU differences frame status differences and multicast address usage
Some all of these or problems may be present in multimedia-bridged LAN and may prevent communication These problems are most prevalent when bridging between Token Rings and
Ethernets or between Token Rings and FDDI nets This is because of the different way Token Ring
is implemented by the end nodes
We are currently aware of problems with the following protocols when bridged between Token Ring
and other media AppleTalk DECnet IP Novell IPX Phase IV VINES and XNS Further the
following protocols may have problems when bridged between FDDI and other medias Novell IPX
and XNS We recommend that these protocols be routed whenever possible
Set Token Rotation lime
You can set the FDDI token rotation time to control ring scheduling during normal operation and to
detect and recover from serious ring error situations To do so perform the following task in
interface configuration mode
Task Command
Set the FDDI token rotation time fddi token-rotation4ime microseconds
The FDDI standard restricts the allowed time to be greater than 4000 microseconds and less than
165000 microseconds As defined in the X3T9.5 specification the value remaining in the token
rotation timer TRT is loaded into the token holding timer THT Combining the values of these
two timers provides the means to determine the amount of bandwidth available for subsequent transmissions
Configuring Interfaces 6-35 Configure FDDI Timers and Features
Set the Transmission Vaid Timer
You can set the transmission timer to recover from transient ring error by performing the following
task in interface configuration mode
Task Command
Set the FDDI valid transmission timer fddi validtransmission-time microseconds
Control the Transmission Timer
You can set the FDDI control transmission timer to control the FDDI TL-Min time which is the
minimum time to transmit Physical Sublayer or PHY line state before advancing to the next
Physical Connection Management or PCM state as defined by the X3T9.5 specification To do so
perform the following task in interface configuration mode
Task Command
Set the FDDI control transmission timer fddi ti-mm-time nicroseconds
Modify the C-Mm Timer
You can modify the C-Mm timer on the PCM from its default value of 1600 microseconds by
performing the following task in interface configuration mode
Task Command
Set the c-mm timer on the PCM fddi c-mm
Modify the TBMin Timer
You can change the TB-Mm timer in the PCM from its default value of 100 milliseconds To do so
perform the following task in interface configuration mode
Task Command
Set TB-Mm timer in the PCM fddi tb-mm
Modify the FDDI Timeout Timer
You can change the FDDI timeout timer in the PCM from its default value of 100 milliseconds To
do so perform the following task in interface configuration mode
Task Command
Set the timeout timer in the PCM fddi t-out
6-36 Router Products Configuration Guide Configure FDDI Timers and Features
Control SMT Frame Processing
You disable and reenable frame can SMT processing for diagnostic purposes To do so perform the
following task in interface configuration mode
Task Command
Disable SMT frame processing no fddi smt-frames
Enable SMT frame processing fddi smt-frames
Enable Duplicate Address Checking
You enable the address detection can duplicate capability on the FDDI If the FDDI finds duplicate
address it displays an error message and shuts down the interface To enable duplicate address
checking perform the following task in interface configuration mode
Task Command
Enable duplicate address checking capability fddi duplicate-address-check
Set the Bit Control
You can set the FDDI bit control to control the information transmitted during the Connection
Management CMT signaling phase To do so perform the following task in interface configuration mode
Task Command
Set the FDDI bit control fddi cmt-signal-bits signal..bits phy-a phy-b
Control the CMT Microcode
You can control whether the CMT onboard functions are on or off The CSC-FCI and CSC-C2IFCIT
interface cards and FIP provide CMT functions in microcode These functions are separate from
those provided on the processor card and are accessed through EXEC commands
The default is for the FCIT and FIP functions be disable CMT to on typical reason to is when you work with new FDDI equipment and have problems bringing up the ring If you disable the CMT
microcode the following actions occur
The FCIT or FIP CMT microcode is disabled
The main code the system performs CMT function while debugging output is generated
To disable the CMT microcode perform the following task in interface configuration mode
Task Command
Disable the FCIT CMT functions no fddi if-cmt
Configuring Interfaces 6-31 Configure the Point-to-Point Protocol
Start and Stop FDDV
In normal operation the FDDI interface is operational once the interface is connected and and configured You can start and stop the processes that perform the CMT function particularly
allow the ring on one fiber to be stopped To do so perform either of the following tasks in EXEC mode
Task Command
Start CMT processes on FDDI ring cmt connect phy-bI
Stop CMT processes on FDDI ring cmt disconnect tphy-a phy-bJI
The preceding tasks are not done during normal operation of FDDI they are performed during
interoperability tests
Configure FDD Dua.-Homing
FDDI interface configuration is not required for dual homing The FDDI interface recognizes that it
is attached to two ports on the concentrators and automatically supports dual homing
Contr the FDW SMT Message Queue Size
You can set the maximum number of unprocessed FDDI Station Management SMT frames that
will be held for processing This command is useful if the router you are configuring gets bursts of
than the them To the number of the messages arriving faster router can process set frames perform
following task in global configuration mode
Task Command
Set SMT message queue size smt-queue-threshold number
Configure the Pont4oPont Protoco
The Point-to-Point Protocol PPP described in RFCs 1331 and 1332 is method of encapsulating
Network Layer protocol information over point-to-point links
The current implementation of PPP supports option Link Quality Monitoring and option Magic
Number configuration options The software always sends option and will negotiate for option
if so configured All other options are rejected
We support the following upper-layer protocols Bridging CLNS DECnet IF IPX VINES and XNS
The software provides PPP as an encapsulation method It also provides the Challenge Handshake
Authentication Protocol CHAP on serial interfaces running PPP encapsulation The following
sections describe the tasks to configure these features
6-30 Router Products Configuration Guide Configure the Point-to-Point Protocol
Enable PPP Encapsulation
You can enable the Point-to-Point Protocol on serial lines to encapsulate IP and serial IP SLIP To do the datagrams so perform following task in interface configuration mode
Task Command
Enable PPP encapsulation encapsulation ppp
PPP echo are used as to minimize requests keepalives disruptions to the end users of your network The no keepalive command can be used to disable echo requests
Enable Challenge Handshake Authentication Protocol CHAP
Access control using Handshake Authentication Protocol Challenge CHAP is available on all
serial interfaces The authentication feature will reduce the risk of security violations on your router
Note To use CHAP you must be running PPP encapsulation
When is device CHAP enabled remote PC workstation or server attempting to connect to the
local router is requested or challenged to respond The required response is an encrypted version
of secret password or secret plus random value and the name of the remote device
this the By transmitting response secret is never transmitted preventing other devices from stealing
it and the gaining illegal access to system Without the proper response the remote device cannot
connect to the local router
CHAP transactions occur at the time link is established only The local router does not request
the rest of the call local password during The router can however respond to such requests from other devices during call
To use CHAP you must perform the following tasks
Enable on the interface Once have CHAP you enabled CHAP the local router requires
from remote devices If the password remote device does not support CHAP no traffic will be passed to that device
Configure server host name authentication Configure the secret or password for each remote
system for which authentication is required
Task Command
Step Enter interface configuration mode See Table 2-1
Enable CHAP Step ppp authentication chap
Step Enter global configuration mode See Table 2-1
host Step Configure authentication username name password secret
Configuring Interfaces 6-39 Configure Dial Uackup Service
For an example of CHAP see the section CHAP with an Encrypted Password Example at the end
of this chapter CHAP is specified in the IETF RFC 1334 The PPP Authentication Protocols by
Brian Lloyd of Lloyd and Associates and William Simpson of Computer Systems Consulting
Services CHAP is specified as an additional authentication phase of the PPP Link Control Protocol
Enable Link Quahty Monitoring LQM
is available PPP will monitor Link Quality Monitoring LQM on all serial interfaces running LQM
the link quality and if the quality drops below configured percentage the link will be taken down The The percentages are calculated for both the incoming and outgoing directions outgoing quality
is calculated by comparing the total number of packets and bytes sent with the total number of
packets and bytes received by the peer The incoming quality is calculated by comparing the total
number of packets and bytes received with the total number of packets and bytes sent by the peer
When LQM is enabled Link Quality Reports LQR5 are sent every keepalive period LQR5 are Sent
in place of keepalives All incoming keepalives are responded to properly If LQM is not configured
keepalives are sent every keepalive period and all incoming LQRs are responded to with an LQR
William of LQR is specified in the IETF RFC- 1333 PPP Link Quality Monitoring by Simpson
Computer Systems Consulting Services
To enable LQM on the interface perform the following task in interface configuration mode
Task Command
Enable LQM on the interface ppp quality percentage
The percentage argument specifies the link quality threshold That percentage must be maintained
or the link is deemed to be of poor quality and taken down
PPP Magic Number Support
available PPP will Magic Number support is on all serial interfaces When using PPP always attempt to negotiate for Magic Numbers which are used to detect looped-back nets The link may or may not be taken down upon looped-back detection depending on the use of the down-whenlooped command
Configure DaI Backup Service
The dial backup service provides protection against WAN downtime by allowing you to configure backup serial line via circuit-switched connection
To configure dial backup associate secondary serial interface as backup to primary serial
interface This feature requires that an external modem CSUIDSU device or ISDN terminal adapter
TA attached to circuit-switched service be connected on the secondary serial interface The of external device must be capable responding to DTR signal DTR active by auto-dialing
connection to preconfigured remote site
The dial backup software keeps the secondary line inactive DTR inactive until one of the following
conditions is met
The primary line goes down
The transmitted traffic load on the primary line exceeds defined limit
6-40 Router Products Configuration Guide Configure Loopback Detection
These conditions are defined using the interface configuration commands described later in this
section
When the software detects lost Carrier Detect signal from the primary line device or finds that the
line protocol is down it activates DTR on the secondary line At that time the modem CSU/DSU
or terminal be set to dial the site ISDN adapter TA must remote When that connection is made
the routing protocol defined for the serial line will continue the job of transmitting traffic over the
dialup line
You also can configure the dial backup feature to activate the secondary line based upon traffic load
on the primary line
The monitors the traffic software load and computes five-minute moving average If this average
exceeds the value you set for the line the secondary line is activated and depending upon how the
line is configured some or all of the traffic will flow onto the secondary dialup line
You also can specify value that defines when the secondaiy line should be disabled and the amount
of time the secondary line can take going up or down
The tasks to configure dial backup are as follows
Select the serial interface that will be the backup line
Define the traffic load threshold
much time Define how should elapse before secondary line is set up or taken down after
primary line transitions
Perform these tasks in interface configuration mode as follows
Task Command
Step Select serial interface as backup backup interface interface-name
line
On Cisco 7000 backup interface type slot/port
Step Enter the load as percentage of the backup load enable-threshold never disable-load never primary lines available bandwidth
Step Set the line delay for the backup backup delay enable-delay never disable-delay never
line
See examples of these commands at the end of this chapter
Configure Loopback Detecton
When an interface has backup interface configured it is often desirable that the backup interface
be enabled the interface is either in when primary down or loopback By default the backup is only
enabled if the primary interface is down By using the down-when-looped command the backup
interface will also be enabled if the primary interface is in loopback To achieve this condition
perform the following task in interface configuration mode
Task Command
Configure an interface to tell the system it is down-when-looped
down when loopback is detected
Configuring Interfaces 6-41 Set Transmit Delay
If testing an interface with the loopback command down-when-looped should not be configured
or packets will not be transmitted out the interface that is being tested
Set Transmit Dehay
It is possible to send back-to-back data packets over serial interfaces faster than some hosts can
receive them You can specify minimum dead time after transmitting packet to alleviate this
condition This setting is available for serial interfaces on the MCI and SCI interface cards for the
HSSI and for the IGS serial interface Perform one of the following tasks as appropriate for your
system in interface configuration mode
Task Command
Set the transmit delay on the MCI and SCI transmitter-delay microseconds
synchronous serial interfaces
Set the transmit delay on the IGS and FISSI transmitter-delay hdlc-flags
synchronous serial interfaces
Configure DTR Sgnah PuVsng
You can configure pulsing DTR signals on all serial interfaces.When the serial line protocol goes
down for example because of loss of synchronization the interface hardware is reset and the DTR
is useful for signal is held inactive for at least the specified interval This function handling
encrypting or other similar devices that use the toggling of the DTR signal to resynchronize.To mode configure DTR signal pulsing perform the following task in interface configuration
Task Command
Configure DTR signal pulsing pulse-timeseconds
Configure the Chock Rate on DCE Apphques
serial interface of the You can configure the clock rate for appliques connector hardware on the
task in interface MCI and SCI cards to an acceptable bit rate To do so perform the following
configuration mode
Task Command
Configure the clock rate on serial interfaces clockrate bps
Spec�fy the SeraO Network hnterface Moduhe Tmng
Network Interface Module On the Cisco 4000 platform you can specify the serial timing signal terminal configuration When the board is operatingas DCE and the DTE provides timing SCTE or TT you can configure the DCE to use SCTE from the DTE When running the line at high speeds the clock and long distances this strategy prevents phase shifting of the data with respect to
6-42 Router Products Configuration Guide Control Interface Hold-Queue Limits
To configure the DCE to use SCTE from the DTE perform the following task in interface
configuration mode
Task Command
Configure the DCE to use SCTE from the DTE dce-terminal-timing-enable
When the board is operating as DTE you can use the dte-invert-txc command to invert the TXC
clock signal it gets from the DCE that the DTE uses to transmit data Use this command if the DCE
cannot receive SCTE from the DTE the data is running at high speeds and the transmission line is
long Again this prevents phase shifting of the data with respect to the clock
To configure the interface so that the router inverts the TXC clock signal perform the following task
in interface configuration mode
Task Command
Specify timing configuration to invert TXC clock signal dte-invert-txc
Control Interface Hold-Queue Limits
Each interface has hold-queue limit This limit is the number of data packets that the interface can
store in its hold queue before rejecting new packets When the interface empties one or more packets
from the hold queue it can accept new packets again You can specify the hold-queue limit of an
interface in interface configuration mode as follows
Task Command
Specify the maximum number of packets allowed in the hold queue hold-queue length in out
Set Bandwidth
Higher-level protocols use bandwidth information to make operating decisions For example IGRP
uses the minimum path bandwidth to determine routing metric The TCP protOcol adjusts initial
retransmission parameters based on the apparent bandwidth of the outgoing interface Perform the
following task in interface configuration mode to set bandwidth value for an interface
Task Command
Set bandwidth value bandwidth kilobits
The bandwidth setting is routing parameter only it does not affect the physical interface
Configuring Interfaces 6-43 Set Interface Delay
SeflnterfaceDeay
Higher-level protocols might use delay information to make operating decisions For example IGRP
can use delay information to differentiate between satellite link and land link To set delay value
for an interface perform the following task in interface configuration mode
Task Command
Set delay value for an interface delay tens-of microseconds
The delay configuration command sets an informational parameter only you cannot adjust the
actual delay of an interface with this configuration command
Umt Transmit Queue Size
You can control the size of the transmit queue available to specified interface on the MCI and SCI
cards To limit the size perform the following task in interface configuration mode
Task Command
Limit the size of the transmit queue tx-queue..limit number
Adjust Maximum Packet Sze/MTU Size
Each interface has default maximum packet size or maximum transmission unit MTU size This
number generally defaults to 1500 bytes On serial interfaces the MTU size varies but cannot be set
smaller than 64 bytes To adjust the maximum packet size perform the following task in interface
configuration mode
Task Command
Adjust the maximum packet size or MTU size mtu bytes
lnvertTXC Clock Signal
On the Cisco 4000 you can invert the TXC clock signal that the board gets from the DCE when it
operates as DTE To do so perform the following task in interface configuration mode
Task Command
Invert the TXC clock signal dte-invert-txc
6-44 Router Products Configuration Guide Prevent Phase Shifting
Prevent Phase Shifting
On synchronous serial interface on the Cisco 4000 you can prevent phase shifting of data with
respect to the clock When the board is operating as DCE and the DTE provides terminal timing
SCTE or TT the dee-terminal-timing enable command causes the DCE to use SCTE from the
DTE Perform the following task in interface configuration mode to prevent phase shifting
Task Command
Configure the DCE to usc SCTE from the DTE dee-terminal-timing enable
Monitor and Ma�ntan the ntertace
You can perform the following tasks to monitor and maintain the interfaces
Monitor interface status
Monitor the interface port
Clear and reset the interface
Shutdown and restart
Enable interface loopback testing
The following sections describe the administrative tasks you perform to keep the interfaces up and running
Monftor interface Status
The software contains commands that you can enter at the EXEC prompt to display information
about the interface including the version of the software and the hardware the controller status and
statistics about the interfaces The following table lists some of the interface monitoring tasks The
full list of show commands can be displayed by entering the show command at the EXEC prompt
These conimands are fully described in the Router Products Comnand Reference publication
Perform the following commands in EXEC mode
Task Command
Display the status of the asynchronous interface show async status
Display current internal status information for show controllers bri cbus fddi lance mci serial
the interface controller cards token
For the Cisco 7000 show controllers bri cxbus fddi serial token
Display the number of packets of each protocol show interfaces LOpe lunitI
type that have been sent through the interface
For the Cisco 7000 show interfaces slot/port
Configuring Interfaces 6-45 Monitor and Maintain the Interface
Task Command
number of Display the packets of each protocol show interfaces async boil
type that have been sent through the
asynchronous serial line
Display the current contents of the Routing show rif Information Field RIF cache
Display the hardware configuration software show version
version the names and sources of configuration
files and the boot images
Monitor the nterface Port
This section applies to the Cisco 7000 only The port adapter cable connected to each port determines
the electrical interface type and mode of the port The default mode of the ports is DCE which
allows you to perform loopback test on any port without having to attach port adapter cable
Although DCE is the default there is no default clock rate set on the interfaces When there is no
cable attached to the software identifies port actually the port as Universal Cable Unattached
rather than either as DTE or DCE interface
Use the show controller cxbus command to show information about the interface port The
shows interface following example an port 2/0 that has an RS-232 DTE cable attached and second port 2/1 that does not have cable attached
70008 show controller cxbus
Switch Processor hardware version 11.1 microcode version 1.4 512 Kbytes of main memory 128 Kbytes cache memory 299 1520 byte buffers Restarts line down hung output controller error FSIP hardware version microcode version 1.0 Interface 16 Serial2/0 electrical interface is RS-232 DTE
31 buffer RX queue threshold 101 buffer TX queue limit buffer size 1520 Transmitter delay is microseconds
Interface 17 -Serial2/1 electrical interface is Universal cable unattached
31 buffer RX queue threshold 101 buffer TX queue limit buffer size 1520
To change the electrical interface type or mode of port online replace the serial adapter cable and
use software commands to restart the interface and if necessary reconfigure the port for the new
interface At system startup or restart the FSIP polls the interfaces and determines the electrical
interface type of each port according to the type of port adapter cable attached However it does
not necessarily repoll an interface when you change the adapter cable online To ensure that the
system recognizes the new interface type shut down and reenable the interface after changing the cable
Clear and Reset the interface
To clear the interface counters shown with the show interfaces command enter the following
command at the EXEC prompt
Task Command
Clear the interface counters clear counters nuwberl
For the Cisco 7000 clear counters slot/portl
6-46 Router Products Configuration Guide Monitor and Maintain the Interface
The command clears all the current interface counters from the interface unless the optional
arguments for the Cisco 7000 type slot and port are specified to clear only specific interface
slot and type from specific port number
Note This command will not clear ëounters retrieved using SNMP but only those seen with the
EXEC show interfaces command
Complete the following tasks in EXEC mode to clear and reset interfaces Under normal
circumstances you do not need to clear the hardware logic on interfaces
Task Command
Reset the hardware logic on an interface clear interface type-keyword nwnber
Reset the hardware logic on an asynchronous clear line
serial line
Clear the entire Token Ring RIF cache clear rif-cache
Shut Down and Restart an Interface
You can disable an interface Doing so disables all functions on the specified interface and marks the interface
as unavailable on all monitoring command displays This information is communicated to other network
servers through all dynamic routing protocols The interface will not be mentioned in any routing updates On
serial interfaces this command causes the DTR signal to be dropped On Token Ring interfaces this command
causes the interface to deinsert from the ring On FDDI interfaces this command causes the optical bypass
switch if present to go into bypass mode
To shut down an interface and then restart it perform the following tasks in interface configuration mode
Command Task
Shut down an interface shutdown
Reenable an interface no shutdown
To check whether an interface is disabled use the EXEC command show interfaces An interface that has
been shut down is shown as administratively down in the show interfaces command display See examples
in section Interface the of this the Shutdown Examples at end chapter
One reason to use the shutdown command is if you want to change the electrical interface type or
mode of Cisco 7000 port online You replace the serial adapter cable and use software commands
to restart the interface and if necessary reconfigure the port for the new interface At system startup
or restart the FSIP polls the interfaces and determines the electrical interface type of each port
according to the type of port adapter cable attached However it does not necessarily repoll an
interface when you change the adapter cable online To ensure that the system recognizes the new
interface type shut down using the shutdown command and reenable the interface after changing
the cable Refer to your hardware documentation for more details
Configuring Interfaces 6-47 Monitor and Maintain the lnteiace
Run nterface Loopback Diagnostics
You can use Ioopback test on lines to detect and distinguish equipment malfunctions between line
and modem or CSUIDSU Channel Service UnitlDigital Service Unit problems on the network
server If correct data transmission is not possible when an interface is in loopback mode the
interface is the source of the problem The DSU may have similar loopback functions you can use
isolate the if the interface to problem loopback test passes If the device does not support local loopback this function will have no effect
You can specify hardware loopback tests on the Ethernet and synchronous serial interfaces and all
Token Ring interfaces except the CSC-R 4-megabit card that are attached to CSUIDSUs and that
support the local loopback signal The CSU/DSU acts as Data Communications Equipment DCE device the router acts as Data Terminal Equipment DTE device The local loopback test
generates CSU loopa signal that goes through the CSU/DSU to the line then back through the
CSU/DSU to the router The ping command can also be useful during loopback operation
The loopback tests are available on the following interfaces
High-Speed Serial-Interface HSSI including the High-Speed Communications Interface HSCI card ribbon cable
Cisco Multiport Communications Interface MCI and Cisco Serial Communication Interface SCI synchronous serial interfaces
MCI and Cisco Multiport Ethernet Controller MEC Ethernet interfaces an Ethernet loopback
server is also provided on the Ethernet interfaces
The FDDI CSC-FCI card
Token Ring interfaces
The following sections describe each test
Note Loopback does not work on an X.2 DTE because the X.2 interface definition does not
include loopback definition The loopback tests do not work on the Ethernet interface of the IGS
router product
Enable Loopback Testing on the HSSI
The HSSI supports the following tests
Loopback test of the HSSI applique
Loopback test to the DTE
Loopback test through the CSUIDSU
Loopback test over remote DS3 link
HSSI externally requested loopback test
These tests apply only when the device supports them and are used to check the data
communications channels The tests are usually performed at the line port rather than the DTE port
of the remote CSUIDSU
6-48 Router Products Configuration Guide Monitor and Maintain the Interface
The internal loopback concepts are illustrated in Figure 6-6
Applique DIE Line Remote
rii1 Applique Remote Line DTE Applique
Figure 6-6 HSSI Loopback Testing
Enable Loopback Test of the HSSI Applique
You can configure an internal loop on the HSSI applique by performing the following task in interface configuration mode
Task Command
Loop internally on the HSSI applique loopback applique
Once enabled the loopback applique command loops the packets on the applique thereby establishing loopback inside the router This command is useful for sending pings to yourself to check the functionality of the applique The HSSI applique HSAcard uses an internal 44.736-MHz
clock the drive its crystal during applique loopback to internal circuits Refer to your hardware installation and maintenance publication for more information
This command is functionally equivalent to entering the loopback command with no arguments however when the HSCI card is installed the configuration displayed after the write terminal command is entered will show loopback applique set
Enable Loopback Test to the DIE
You can loop packets to DTE within the CSU/DSU at the DTE interface when the device supports this function Doing so is useful for testing the DTE-to-DCE cable To loop the packets to DTE perform the following task in interface configuration mode
Task Command
Loop packets to DTE internally loopback dte
Configuring Interfaces 6-49 Monitor and Maintain the Interface
Enable Loopback Test through the CSU/DSU
You can ioop packets completely through the CSUIDSU to configure CSU loop when the device
this feature is useful for supports Doing so testing the DCE device CSU/DSU itself To configure
CSU loop perform the following task in interface configuration mode
Task Command
Loop packets completely through the CSU/DSU loopback line
Enable Loopback Test over Remote DS-3 Link
You can loop packets through the CSU/DSU over the DS3 link and to the remote CSU/DSU and back To do so perform the following task in interface configuration mode
Task Command
Loop packets through the CSU/DSU to remote CSU/DSU over the loopback remote
Digital Signal Level DS-3 link
This command applies only when the device supports the remote function It is used for testing the data communication channels The loopback usually is performed at the line port rather than the
DTE port of the remote CSU/DSU
Enable HSSI Externally Requested Loopback
The the HSSI contains that HSA applique on an LED indicates the LA LB and LC signals transiting the devices The CSUIDSU the through uses LC signal to request loopback from the router The
CSUIDSU do this that its may want to so own network management diagnostics can independently
check the integrity of the connection between the CSUIDSU and the router
When the CSU/DSU asserts the LC signal and the router enables the external loopback the
connection is blocked by the loopback and the router no longer has access to the data communication channel
6-7 Figure illustrates the extent of the signal during an external loopback request
LC signal external loop request
Applique
Figure 6-7 HSSI External Loopback Request
6-50 Router Products Configuration Guide Monitor and Maintain the Interface
By default this feature is disabled on the router To enable this feature to support those CSU/DSUs
that support this function perform the following task in interface configuration mode
Task Command
Enable two-way internal and external loopback hssi external-loop-request
request on HSSI from DSU/CSU
If your CSU/DSU does not support this feature it should not be enabled in the router This prevents
spurious line noise from accidentally tripping the external loopback request line which would
interrupt the normal data flow
HSCI Card Ribbon Cable Loopback Test
useful diagnostic is available that allows fault isolation of possible defects on the HSCI card This
diagnostic is not part of the normal system diagnostics but is offered to help technicians test for
controller defects at installation or when the system is upgraded The diagnostic involves recabling
the HSCI card and then entering diagnostic script The tasks required to perform this diagnostic
described in the hardware installation and maintenance for are publication your router
Enable Loopback on MCI and SCI Serial Cards
The MCI and SCI serial interface cards support the loopback function when CSU/DSU or
equivalent device is attached to the router To enable loopback mode on them perform the following
task in interface configuration mode
Task Command
Enable loopback through CSU/DSU to configure CSU loop loopback
on the MCI and SCI synchronous serial interfaces
Enable Loopback on MCI and MEC Ethernet Cards
The Ethernet interfaces on the MCI and MEC cards support loopback mode To enable loopback
mode on them perform the following task in interface configuration mode
Task Command
Enable loopback to verify that the interface receives back loopback
every packet it sends
Configure the Ethernet Loophack Server
The router software provides an Ethernet loopback server that supports DEC Intel and Xerox blue systems specified by the book ajoint specification written by Digital Equipment Corporation DEC Intel and Xerox that defines the Ethernet protocol The loopback server responds to forward
Configuring Interfaces 6-51 Interface Configuration Examples
data loopback messages sent either to the servers MAC address or to the broadcast address
Currently the Ethernet loopback server does not respond to the loopback assistance multicast address
Use the Ethernet loopback server to test communications between your internetworking products
and that do DEC systems not support the IP ping command such as DECriet-only VMS systems
To originate ioop test on your VMS system with Cisco server use the DEC Network Control
Program NCP command Loop Circuit For more information about the Loop Circuit command consult the DECnet VAX documentation Cisco network servers support all options that can be specified by the VMS hosts
Enable Loopback on the CSC-FCI FDDI Card
You can place the FDDI CSC-FCI into loopback mode by performing the following task in
interface configuration mode
Task Command
Enable loopback to verify that the FDDI CSC-FCI interface loopback
receives back every packet it sends
Enable Loopback on Token Ring Cards
You all of the Token can place Ring interface cards except the 4-MB CSC-R card into loopback
mode the by performing following task in interface configuration mode
Task Command
Enable loopback to verify that the Token Ring interface loopback
receives back every packet it sends
nterface Configuration Examples
Use the in this section configuration examples to help you understand some aspects of interface
More and realistic configuration complex examples appear in the chapters that describe special
interface configuration and routing and bridging configuration
Examples of enabling interface configuration page 6-53
Example of enabling Ethernet encapsulation page 6-53
Dedicated asynchronous interface example page 6-53
Example of restricting access on the asynchronous interface page 6-53
Asynchronous routing and dynamic addressing example page 6-54
PPP connection example page 6-54
SLIP connection examples page 6-54
Interface description examples page 6-55
Interface shutdown examples page 6-55
IP tunneling examples page 6-56
6-52 Router Products Configuration Guide Interface Configuration Examples
CHAP with an encrypted password example page 6-59
of dial Examples backup service when primary line goes down page 6-60
Examples of dial backup service when primary line reaches threshold page 6-60
Examples of dial backup service when primary line exceeds threshold page 6-60
Examples of Enabling Interface Configuration
The following example illustrates how to begin interface configuration It assigns Point-to-Point
PPP encapsulation to interface serial
interface aerial
encapsulation ppp
The same example on Cisco 7000 requires the following commands
interface serial 1/0
encapsulation ppp
Example of Enabling Ethernet Encapsulation
These commands enable standard Ethernet Version 2.0 encapsulation on the Ethernet interface
processor in slot on port of Cisco 7000
interface ethernet 4/2
encapsulation arpa
Dedicated Asynchronous Interface Example
The following example assigns an IP address to an asynchronous interface and places the line in dedicated network mode
interface async
async default ip address 182.32.7.51 async mode dedicated
Example of Restricting Access on the Asynchronous Interface
The following example assumes that users are restricted to certain servers designated as
asynchronous servers but that normal terminal users can access anything on the local network
access list for normal connections accesslist permit 131.108.0.0 0.0.255.255
accesslist permit 131.108.42.55 access-list permit 131.108.111.1 accesslist permit 131.108.55.99
line
speed 19200 flow hardware modem inout
interface async async mode interactive async dynamic address ip access-group out ip access-group in
Configuring Interfaces 6-53 Interface Configuration Examples
Asynchronous Routing and Dynamic Addressing Example
The following example shows simple configuration that allows routing and dynamic addressing
In this configuration the router will act as either telecommuting server or router depending on whether the user specifies /routing in the EXEC slip or ppp command
interface async async dynamic routing async dynamic address async mode interactive
PPP Connection Example
In the following example line that is in asynchronous mode is using PPP encapsulation see
The IP address of the PC is Figure 6-8 ntpc assuming that the name ntpc is in the DNS so that it
can be resolved to real IP address The person typing this command is on PC running terminal
emulator program
Router ppp ntpc@serverl /routing /compressed
Figure 6-8 Using the PPP EXEC Command
SLIP Connection Examples
The following example shows how to make connection when permanent address has been
and is allowed assigned dynamic addressing not An authentication request is sent to the TACACS
server and if it is approved the line is placed in SLIP mode and the IP address is displayed
Router slip Entering SLIP mode
Your IP address is 192.31.7.28 MTU is 1500 bytes
The illustrates the following example prompts displayed and the response required when dynamic
addressing is used to assign the SLIP address
Router slip IP address or hostname 192.31.6.15 Password
Entering SLIP mode
Your IP address is 192.31.6.15 MTU is 1500 bytes
The following example illustrates the implementation of header compression on the interface with the IPaddress 128.66.2.1
Router slip /compressed 128.66.2.1 Password Entering SLIP mode Interface IP address is 128.66.2.1 MTO is 1500 bytes Header compression is On
6-54 Router Products Configuration Guide Interface Configuration Examples
In the following example header compression is configured as passive so the status of header
will be the compression assigned by user-level slip or ppp command
Router slip l.0.0.l@check Password
Entering SLIP mode
Interface IP address is 10.0.1 MTU is 1500 bytes Header compression will match your system
nterface Description Exampes
The illustrates how to add about interface that will following example description an appear in
configuration files and monitoring command displays
interface ethernet description First Ethernet in network ipaddress 101.13.15.78 255.255.255.0
The following example for Cisco 7000 describes an administration network attached to the
Ethernet processor in slot port
interface ethernet 2/4 description 2nd floor administration net
nterface Shutdown Exampes
This example turns off the Ethernet interface in slot at port
interface ethernet 2/4 shutdown
This example turns the interface back on
interface ethernet 2/4 no shutdown
This example illustrates how to shut down Token Ring interface
interface tokenring shutdown
Configuring Interfaces 6-55 Interface Configuration Examples
IP Tunneling Examples
The following example shows an IP tunneling configuration with commented explanations
Crates the interface interface tunnel
enables IPX on the interface novell network le enables appletalk appletalk cablerange 4001-4001 128 enables IP ipaddress 10.1.2.3 255.255.255.0 enables DECnet DECnet cost
sets the source address or interface for packets tunnel source ethernet
determines where the encapsulated packets are to go tunnel destination 131.108.14.12
sets the encapsulator protocol tunnel mode gre computes checksum on passenger packets if protocol doesnt already have reliable checksum tunnel checksum needed
sets the Id key tunnel key 42 set to drop out of order packets tunnel sequence-datagrams
Example of Routing Two AppleTalk Networks across an IP-only Backbone
In Figure 6-9 Router is configured as follows
interface ethernet
description physics department AppleTalk lan
AppleTalk cable-range 4001-4001 32
interface fddl
description connection to campus backbone ipaddress 36.0.8.108 255.255.255.0
interface tunnel tunnel source fddi tunnel destination 36.0.21.20 appletalk cable-range 5313-5313
Router is configured as follows
interface ethernet
description chemistry department appletalk lan AppleTalk cable-range 9458-9458
interface fddi
description connection to campus backbone ipaddress 36.0.21.20 255.255.255.0
interface tunnel
tunnel source fddi tunnel destination 36.0.8.108
appletalk cable-range 5313-5313
656 Router Products Configuration Guide Interface Configuration Examples
IL
Physics Department AppleTalk Network Tunnel
Campus Backbone IP
Chemistry Department AppleTalk
Figure 6-9 Connecting Multiprotocol Subnetworks across Single-Protocol Backbone
Configuring Interfaces 6-57 Interface Configuration Examples
Example of Routing Private IP Network and Novell Net across Public Service Provider
In Figure 6-10 RouterAis configured as follows
interface ethernet description boston office ipaddress 10.1.1.1 255.255.255.0 novell network le
interface serial description connection to NEARnet ipaddress 192.13.2.1 255.255.255.0
interface tunnel
tunnel source serial tunnel destination 131.108.5.2 ipaddress 10.1.2.1 255255255.0 novell network lf
Tunnel
CC
Figure 6-10 Creating Virtual Private Networks across WANs
6-58 Router Products Configuration Guide Interface Configuration Examples
The following commands illustrate Router Bs configuration
interface ethernet description menlo park office ipaddresslo.l.3.1255.255.255.0 novell network 31
interface serial
description connection to BARRnet ipaddress 131.108.5.2 255.255.255.0
interface tunnel
tunnel source serial tunnel destination 192.13.2.1 ip address 10.1.2.2 255255.255.0 novell network lf
CHAP with an Encrypted Password ExampDe
The following configuration examples enable CHAP on interface serial of three routers
Configuration of Router yyy hostname yyy interface serial
encapsulation ppp ppp authentication chap username xxx password secretxy username zzz password secretzy
Configuration of Router xxx
hostname xxx interface serial
encapsulation ppp ppp authentication chap username yyy password secretxy username zzz password secretxz
Configuration of Router zzz
hostname zzz interface serial
encapsulation ppp ppp authentication chap username xxx password secretxz username yyy password secretzy
When you look at the configuration file the passwords will be encrypted and the display will look
similar to the following
hostname xxx interface serial
encapsulation ppp
ppp authentication chap username yyy password l2lFOAl8 username zzz password 1329A055
Configuring Interfaces 6-59 Interface Configuration Examples
Examples of Dial Backup Service when Primary Line Goes Down
The following example configures serial as secondary line that activates only when the primary
line serial goes down The secondary line will not be activated because of load on the primary
interface serial backup interface serial backup delay 30 60
The secondary line is configured to activate 30 seconds after the primary line goes down and to
remain on for 60 seconds after the primary line is reactivated
The same example on the Cisco 7000 would be as follows
interface serial 1/1 backup interface serial 2/2 backup delay 30 60
Examples of Dial Backup Service when Primary Line Reaches Threshold
The following example configures the secondary line serial to be activated only when the load
of the primary line reaches certain threshold
interface serial backup interface serial backup load 75
In this case the secondary line will not be activated when the primary goes down The secondary
line will be activated when the load on the primary line is greater than 75 percent of the primarys
bandwidth The secondary line will then be brought down when the aggregate load between the
primary and secondary lines fits within percent of the primary bandwidth
The same example on the Cisco 7000 would be as follows
interface serial 1/1 backup interface serial 2/2 backup load 75
Examples of Dial Backup Service when Primary Line Exceeds Threshold
This example configures the secondary line to activate once the traffic threshold on the primary line
exceeds 25 percent
interface serial backup interface serial backup load 25
backup delay 10 60
Once the load the aggregate of primary and the secondary lines return to within percent of the
primary bandwidth the secondary line is deactivated The secondary line waits 10 seconds after the down before primary goes activating and remains active for 60 seconds after the primary returns
and becomes active again
The same example on the Cisco 7000 is as follows
interface serial 1/1
backup interface serial 2/2 backup load 25 backup delay 10 60
6-60 Router Products Configuration Guide Ondex Symbols access groups DECnet 14-12
IP 15-23 symbol xlvi 3-11 3-30 3-33 access lists Apollo Domain symbol applying to an interface 11-3 in prompt 2-5 creating 11-3 in output 3-30 access lists AppleTalk character as router output 3-24 cable range assigning to interface 12-12 symbol timeout 3-30 displaying 12-29 symbol in prompt 2-4 examples 12-34 12-42 command 2-15 network number character xlvi 2-17 assigning to interface 12-12
creating 12-11
definition 12-9 Numerics rules for defining 12-10
zone
0x80d5 Processing creating 12-il
enabling 21-22 definition 12-9
8-bit character set 2-28 4-18 access lists bridging
defining 20-14
filtering by protocol type 20-13
access lists DDR assigning to an interface 10-21
access lists DECnet
filters 14-11 AA adding to configuring 14-10 See area addresses creating based on source addresses 14-11 AARP 12-1 12-2 extended 14-11 abbreviating commands filtering connect initiate packets 14-11 to execute 2-20 standard 14-11 to get command help 2-15 access lists IP Abort Output command Telnet 2-33 applying on inbound or outbound interfaces 15-23 absolute line number 4-2 applying to an interface 15-23 access control BGP access list filters 16-23 AppleTalk 12-912-16 configuring extended example 15-37 bridging examples 15-36 configuring 21-33 extended using byte offset 21-33 creating 15-22 using station names 21-32 description 15-22 DDR overview 10-3 implicit deny when no match found 15-22 DECnet 14-12 implicit masks 15-22 IPX 18-418-11 setting on virtual terminal lines 15-23 NetBIOS filtering 21-32 standard VINES 13-413-6 creating 15-22 XNS 19-419-7 description 15-22 access expressions types 15-22 combining administrative filters 21-36 undefined 15-23 configuration examples 21-75 21-76 access lists IPX configuring 21-37 configuration examples 18-2118-26 designing 1-37 extended optimizing 21-38 creating 18-6 18-7 18-10 access filters description 18-4 configuring for NetBIOS 1-32 NetBIOS frames 21-73 example configuration filtering SNAP creating 18-6 18-10 example configuration for NetBIOS 21-71 description 18-4 example for SR/TLB 21-68 routing table filtering 18-8 SRB combining using access expressions 21-36
Index SAP
creating 18-6 18-8 18-9 extended 15-22
description 18-4 standard 15-22 standard IPX
creating 18-6 18-7 18-10 extended 18-6 18-7 18-10
description 18-4 SAP 18-6 18-8 18-9 18-4 types standard 18-6 18-7 18-10
access lists ISO CLNS configuring 17-22 XNS
access lists overview extended 19-6
numerical ranges by protocol 5-18 standard 19-6 19-7
summary 5-17 access-list includes command 12-11 12-12 12-13 12-14 access lists SRB access-list network command 12-11 12-12 12-13 12-14 and access 21-39 expressions altering access-list other-access command 12-11 12-12 12-13
byte offset 21-34 12-14
filter 1-34 bytes access-list within command 12-11 12-12 12-13 12-14
configuring 1-38 access-list zone command 12-li 12-14 12-15 21-38 designing accounting management 5-3 NetBIOS 1-23 filtering activation character setting 2-28 4-18
NetBIOS station name 21-32 activation-character command 4-18
station specifying filter 21-33 address ranges summarizing
used by expression 21-38 IS-IS for IP 16-20 access lists VINES OSPF 16-12
displaying 13-11 Address Resolution Protocol extended See ARP
13-6 creating address resolution protocol
description 13-5 See ARP
simple address resolution establishing for IF 15-6
13-6 address creating translation gateway description 13-5 See ATG DECnet
standard addresses
creating 13-6 Apollo Domain
description 13-5 definition 11-2
13-5 types example 11-2 access lists XNS host number 11-2
example 19-14 network number 11-2
extended AppleTalk
creating 19-6 19-7 definition 12-4
definition 19-4 example 12-4
standard network number 12-4
19-7 creating 19-6 assigning default asynchronous 6-15 definition 19-4 assigning dynamic asynchronous 6-15 access restrictions configuring on asynchronous assigning for asynchronous interfaces 6-15 interfaces 6-53 configuring IP helper example 15-33 for interface access DDR controlling an 10-21 filtering by destination 20-12 21-36 access-class command 15-23 filtering by source 20-12 21-36 command 21-38 access-expression filtering multicast 20-10 access-list additional-zones command 12-11 12-14 Internet broadcasts establishing 15-15
12-15 IF access-list command cable-range 12-11 12-12 12-13 assigning multiple 15-3 12-14 mapping to host names 3-4 access-list command mapping to hostnames 15-8
bridging 20-12 20-13 20-15 21-35 21-36 specifying the domain name 15-9 DECnet 14-11 using secondary 15-3
IF to X.12l map 7-8 7-9
Router Products Configuration Guide IPX all-routes explorer 21-7
definition 18-1 apollo access-group command 11-3
example 18-1 apollo access-list command 11-3
network number 18-1 Apollo Domain 11-1
node number 18-1 802.5 implementation 11-1
IS-IS NSAPs 17-5 access lists
ISO CLNS applying to an interface 11-3
addressing rules 17-4 creating 11-3
background 17-2 access to network controlling 11-3
ISO-IGRP NSAPs 17-3 addresses 11-2
mapping SMDS to IP multicast 9-5 ARP 11-1
NSAPoverX.25 7-15 ARP table displaying entries 11-5
17-4 Ciscos 11-I NSAPs addressing structure implementation
PVC protocol 7-10 configuration examples 11-511-6
SMDS structure 9-2 configuration task list 11-2
VINES Domain Token Ring 12-megabit 11-1
definition 13-1 enabling routing 11-3
example 13-2 host number 11-2
network number 13-1 interfaces displaying status 11-5
subnetwork number 13-2 maximum paths
121 description 11-4
in routing table 7-13 setting 11-5
setting 7-9 monitoring tasks 11-5
setting alias 7-28 network number 11-2
translating called 7-13 restrictions
translating calling 7-13 bridging 11-1
update calling 7-14 setting IP addresses 11-1
XNS routing over LANs 11-1
definition 19-2 routing over WANs il-i
example 19-3 routing table
host number 19-2 adding entries 11-4
network number 19-2 displaying entries 11-5 adjacency levels IS-IS for IP specifying 16-18 update interval 11-4 administrative distance routing enabling 11-3
BGP setting 16-27 rtchk command 11-1
defaults table 16-40 setting IP addresses 11-1
definition 16-39 static routes adding to routing table 11-4 administrative filtering traffic displaying statistics 11-5
11-5 by protocol type 21-35 apollo maximum-paths command
by vendor code or address 1-36 apollo network command 11-3
destination addresses 20-12 21-36 apollo route command 11-4
dynamically determined stations 20-9 apollo routing command 11-3
Ethernet-encapsulated packets 20-13 20-14 apollo update-time command 11-4
iEEE 802.3-encapsulated packets 20-14 AppleTalk
LAT service announcements 20-15 AARP 12-1 12-2
MAC-layer address 20-11 access control 12-912-16
multicast addresses 20-10 access lists
SNAP-encapsulated packets 20-13 assigning cable range to interface 12-12
source addresses 20-12 assigning to network numbers interface 12-12
source-route bridging 1-34 creating for network numbers 12-11
vendor code 20-11 creating for zones 12-11
AEP 12-1 12-2 displaying 12-29
AFI NSAP addresses 17-3 examples 12-3412-42
all-nets broadcasts XNS 19-9 network number definition 12-9
all-nets flooding IPX 18-16
Index rules for defining 12-10 filters
zone definition 12-9 applying data packet 12-12 addresses applying GZL 12-15 definition 12-4 applying routing table 12-14
example 12-4 data packet definition 12-12
network number 12-4 data packet example 12-34 adjacent networks displaying routes to 12-29 GZL definition 12-15
adjacent routers displaying 12-29 partial zone 12-16 AEP 12-1 12-2 partial zone example 12-37 ARP table routing table definition 12-13
deleting entries 12-29 routing table example 12-34
displaying entries 12-29 free-trade zone 12-17
gleaning entries 12-27 gleaning 12-27 update interval 12-27 GZL
ATP 12-1 12-2 definition 12-15
cable range filters 12-15
to interface 12-6 assigning replies 12-15
definition 12-4 InterPo1l 12-30
CAP 12-21 interfaces
checksums disabling generation and configuring dynamically 12-6 verification 12-26 configuring manually 12-6 Cisco enhancements 12-2 displaying status of 12-29
Ciscos implementation 12-112-2 Internet Router software 12-5
configuration examples 12-3112-48 IPTalk
configuration task list 12-5 /etc/services file 12-23
configuring 12-512-19 atab 12-23
configuring over SMDS 9-8 configuration example 12-4512-48
DDP 12-1 12-2 definition 12-21
definition 12-1 IP encapsulation configuring 12-23
discovery mode SLIP drivers 12-21
definition 12-6 UDP port numbers 12-23
enabling on extended interface 12-8 K-Star version 12-5
enabling on nonextended interface 12-7 LocalTalk 12-1
enabling on nonextended interface logical cable definition 12-4 example 12-32 MacIP 12-22 encapsulation 12-2 12-3 12-18 12-19 address ranges 12-20 Ethernet with 12-5 card using addresses allocating 12-21 EtherTalk advantages 12-19 definition 12-1 clients displaying 12-29 version 12-5 configuration requirements 12-20
extended interface definition 12-19
cable 12-6 assigning range disadvantages 12-19
assigning zone name 12-6 implementation 12-19
configuring example 12-31 servers displaying 12-29
enabling routing 12-6 12-8 servers establishing 12-20
enabling routing example 12-31 traffic displaying statistics about 12-29 12-30 network proxy numbers 12-26 monitoring tasks 12-29
routing packets to nonextended interfaces 12-8 name binding extended network definition 12-3 See AppleTalk NBP
fast switching NBP
disabling 12-28 definition 12-2 12-16
cache entries 12-29 displaying name registration table 12-29 FDDITa1k 12-1 services displaying 12-29
neighbor table 12-29
network connectivity testing 12-29
Router Products Configuration Guide network events logging 12-28 Shiva FastPath using with 12-5 network definition 12-4 SNMP nonextended interface configuring 12-17
assigning address 12-6 configuring example 12-44
configuring example 12-31 sockets displaying 12-30 12-1 enabling routing 12-6 12-7 TokenTalk
enabling routing example 12-31 12-32 traffic displaying statistics about 12-30
proxy network numbers 12-26 transition mode
routing packets to extended interfaces 12-8 configuring 12-8
zone name assigning 12-6 configuring example 12-33 nonextended network definition 12-3 definition 12-8
Phase tuning performance 12-24
comparison with Phase 12-3 tunneling 6-25
compatibility with Phase 12-4 Cayman 12-18
definition 12-3 definition 12-18
Phase GRE 12-18 12-19
comparison with Phase 12-3 ZIP
compatibility with Phase 12-4 definition 12-2
definition 12-3 query interval 12-28 proxy network numbers zone 12-6 assigning 12-26 assigning name
assigning example 12-44 definition 12-4
responder support 12-2 12-30 name format 12-4
routing special characters 12-4
enabling on extended interface zone information table displaying 12-30
dynamically 12-8 zone name table 12-29 12-12 enabling on extended interface manually 12-6 appletalk access-group command
enabling on extended interface example 12-31 appletalk address command 12-6 12-7 12-8
enabling on nonextended interface AppleTalk Address Resolution Protocol
dynamically 12-7 See AARP
enabling on nonextended interface dynamically appletalk arp interval command 12-27
example 12-32 appletalk arp retransmit-count command 12-27
enabling on nonextended interface appletalk arp timeout command 12-27
manually 12-6 appletalk cable-range command 12-6 12-8 12-9 12-17
enabling on nonextended interface 12-19
example 12-31 appletalk checksum command 12-26
enabling on router 12-5 appletalk discovery command 12-7 12-8
distribute-list in command 12-14 routing table appletalk
creating update filters 12-13 appletalk distribute-list out command 12-14
deleting entries 12-29 AppleTalk Echo Protocol
displaying entries 12-29 SeeAEP
setting update timers 12-26 appletalk event-logging command 12-17 12-28 command routing updates appletalk free-trade-zone 12-17 command 12-15 advertising routes with no zones 12-25 appletalk getzonelist-filter command 12-27 disabling retransmission 12-25 appletalk glean-packets 12-23 setting timers 12-26 appletalk iptalk command
strict checking 12-24 appletalk iptalk-baseport command 12-24 12-16 RTMP appletalk lookup-type command command 12-21 advertising routes with no zones 12-25 appletalk macip dynamic 12-20 broadcasting packets 12-18 appletalk macip server command
definition 12-2 appletalk macip static command 12-21
routing updates disabling transmission 12-25 appletalk name-lookup interval command 12-16
strict checking of routing updates 12-24 appletalk permit-partial-zones command 12-16
seed router 12-7 appletalk proxy-nbp command 12-26
serial protocols supported 12-2 appletalk require-route-zones command 12-25
Index appletalk route-cache command 12-28 ARP table appletalk routing command 12-5 12-17 Apollo Domain 11-5 appletalk send-rtmp command 12-25 AppleTalk appletalk strict-rtmp-checking command 12-24 gleaning entries 12-27 appletalk timers command 12-26 update interval 12-27
AppleTalk Transaction Protocol
See ATP defining static 15-6 appletalk zip-query-interval command 12-28 displaying contents 15-7 15-31 appletalk zone command 12-6 12-8 12-9 12-17 12-19 arp timeout command 15-7
AppleTalk-to-IP-address mapping ASs See AppleTalk IPTalk BGP applique internal loop to 6-49 exchange of routing information between 16-20
Are You There command Telnet 2-33 providing AS paths to remote networks 16-25 area authentication command 16-12 specifying an AS number 16-28 area default-cost command 16-12 specifying networks to be advertised area range command 16-12 within 16-22 area stub command 16-12 EGP area virtual-link command 16-12 advertising knowledge of routes to networks area addresses within 16-27
IS-IS 17-3 example 16-63
ISO-IGRP 17-3 process acting as peer with 16-31
NSAPs 17-3 IGRP area routing example 16-47
IS-Is 17-10 more than one connection to an external
ISO-IGRP 17-10 network 16-4 area-password command 16-20 17-2 redistribution from 16-37 areas system routes within 16-4
IS-IS for CLNS number
addresses 17-6 gateway of last resort 16-4
establishing 17-6 needed for EGPs 16-2
multihoming 17-6 OSPF
ISO CLNS Autonomous System Network Map
addresses 17-5 figure 16-50
establishing 17-5 example 16-50
multihoming 17-6 routing for destinations outside AS 16-12
150-IGRP 17-10 async default ip address command 6-15 ARP async dynamic address command 6-16
Apollo Domain 11-1 async dynamic routing command 6-17
AppleTalk 12-2 12-27 async mode dedicated command 6-16
enabling on SMDS 9-5 async mode interactive command 6-16
async-bootp command 3-26
proxy 15-Il asynchronous interfaces
setting encapsulations 15-7 assigning default addresses 6-15
setting Proxy ARP 15-7 assigning dynamic addresses 6-15
SMDS broadcast messages 9-6 configuring addressing method 6-15
VINES 13-4 configuring dynamic addressing example 6-54 arp arpa command 15-7 dedicated example 6-53
ARP cache encapsulation 6-3
See ARP table restricting access example 6-53
command 15-7 arp IF asynchronous lines configuring dedicated 6-16 arp command SMDS 9-5 asynchronous routing enabling 6-17 arp probe command 15-7 Asynchronous Transfer Mode-Data Exchange Interface arp snap command 15-7 See ATM-DXI
atab
See AppleTalk IPTaIk
Router Products Configuration Guide ATG DECnet backup service dial
configuring 14-7 See dial backup
example 14-18 bandwidth command 6-43
routing table 14-18 banner command examples 4-28 ATM-DXI 6-3 banner exec command 4-22
atm-dxi map command 6-31 banner incoming command 4-22 ATP 12-1 12-2 banner motd command 4-22
authoritative time source 5-4 5-5 banners
autobaud command 4-4 announcing software upgrade example 4-28
autocommand command 4-5 disabling or enabling on line 4-23
AUTOGEN definition incoming message 4-22
adjusting for SDLLC 24-18 line number displaying 4-20
autohangup command 4-15 message-of-the-day 4-22 Autolnstall procedure MOTD 4-22
description 3-33-6 See also messages
host name resolution 3-5 Banyan VINES
instructions See VINES
configuring existing router 3-6 Basic Rate Interface
connecting new router 3-10 See BRI
setting up BOOTP or RARP server 3-9 baud rate
setting up TFTP server 3-8 automatic detection configuring 4-4
IP address resolution 3-33-4 setting for line 2-25 4-4
minimal configuration files required 3-8 BFE
requirements 3-23-3 address translation table 7-19
automatic dialing configuring 4-7 Blacker Emergency Mode
automatic disconnect configuring for line 4-15 entering 7-20
automatic warning message receiving 5-24 leaving 7-20
autonomous bridging enabling 20-7 Ciscos implementation 7-1
autonomous switching configuration example 7-39
and source-route bridging 21-41 description 7-2
configuring example 21-78 encapsulation 7-19
IP enabling 15-29 encryption 7-18
support 6-9 general statistics displaying 7-28
autonomous switching IPX enabling 18-18 mapping algorithm 7-9 7-19 autonomous systems bfe command 7-20 See ASs BGP
autonomous-system command 16-28 adjusting timers 16-27 auxiliary port 6-14 basic neighbor specification example 16-60
configuring 4-1 Ciscos implementation 16-20
setting parameters for session 2-26 configuration task list 16-21
signals 4-6 configuring 16-20
support for asynchronous serial interface 6-3 configuring BGP neighbors 16-22
configuring the INTERAS METRIC 16-27
enabling 16-22
indicating backdoor routes 16-26
resetting connections 16-23
route advertisement redistribution example 16-54 command 3-23 route filtering 16-23 flash command 3-22 route filtering by neighbor 16-23 tftp command 3-23 route selection rules 16-20 16-21 backup delay command 6-41 10-5 sessions staying up 6-12 backup interface command 6-41 10-4 setting administrative distance 16-27 backup line 6-41 synchronization with IGPs 16-25 backup load command 6-41 10-5 bit control setting for FDDI 6-37 backup routers EGP configuring 16-30
Index Blacker Mode Emergency bridge max-age command 20-19 address translation information 7-18 bridge multicast-source command 20-10 address translation table 7-19 bridge priority command 20-18 circumstances for participating in 7-20 bridge priority electing for spanning tree 20-18
configuration example 7-39 bridge protocol command 20-4
configuration task list 7-18 Bridge Protocol Data Units
description 7-2 See BPDUs
entering 7-20 bridge-group cbus-bridging command 20-8
leaving 7-20 bridge-group circuit command 20-20 Blacker Front-End Encryption bridge-group command 20-4 See BFE bridge-group input-address-list command 20-12 boot buffersize command 3-21 bridge-group input-lat-service-deny command 20-16 boot field of 3-12 configuration register bridge-group input-lat-service-permit command 20-16 boot host command 3-20 bridge-group input-Isap-list command 20-14 boot host command 3-20 mop bridge-group input-type-list command 20-13 boot host command 3-20 tftp bridge-group lat-compression command 20-8 boot network command 3-20 bridge-group output-address-list command 20-12 boot network command 3-20 mop bridge-group output-lat-service-deny command 20-17 boot network command 3-20 tftp bridge-group output-lat-service-permit command 20-17 boot command 3-19 system 3-17 bridge-group output-lsap-list command 20-14 boot flash command system 3-16 3-19 bridge-group output-pattern command 20-15 boot command 3-17 system mop bridge-group output-type-list command 20-14 boot rom command system 3-18 3-19 bridge-group path-cost command 20-18 boot command 3-17 system tftp bridge-group priority command 20-18
booting bridge-group spanning-disabled command 20-20 fault-tolerant strategy 3-19 bridges from network server 3-173-18 remote source-route with direct encapsulation 21-9
from Flash memory 3-14--3-17 root 20-18 from ROM 3-18 See also source-route bridging SRT SR/TLB
from network file manually 3-23 bridging
manually from Flash memory 3-22 between dissimilar media 20-3 from manually the ROM monitor 3-22 on Frame Relay 20-5
specifying backup methods 3-14 on SMDS 9-8 BOOTP server on X.25 7-28 20-5
for Autolnstall 3-9 configuring source-route See source-route bridging
role in Autolnstall figure 3-4 transit 20-2 BPDUs transparent See SR/TLB forward interval 20-19 adjusting delay broadcast messages enabling SMDS 9-6 intervals adjusting between 20-19 broadcast networks configuring OSPF on 16-11
maximum idle interval 20-19 adjusting broadcast routing timer DECnet adjusting 14-15
intervals between Hello 20-19 broadcasts
Break command Telnet 2-3 4-23 2-30 flooding of IP example 15-35 Break 2-14 key IGRP update frequency 16-5
Break signal hardware 2-30 4-23
BRI 6-5 and transparent bridging spanning-tree bridge command 20-9 acquire protocol 15-16 address bridge command 20-11 definition 15-13
bridge domain command 20-9 directed 15-13 bridge forward-time command 20-19 flooding 15-13 15-16 bridge group solution to storms 15-14
for and SRT assigning transparent bridging 20-3 types 15-13 interfaces 20-4 assigning IPX forwarding 18-16
assigning number 20-4 Net/One 19-2
hello-time command 20-19 bridge transparent bridging example 20-26 bridge lat-service-filtering command 20-16
Router Products Configuration Guide VINES character set international 2-28 4-18
forwarding 13-10 chat scripts
serverless networks 13-4 description 10-6
XNS naming conventions 10-7
all-nets 19-9 19-11 overview 10-2
directed 19-9 specifying for line 4-15 10-7
flooding 19-9 19-10 19-11 writing and implementing examples 10-27
forwarding 19-10 chat-script command 10-6
local 19-9 checksums buffers AppleTalk 12-26
character for terminal sessions 2-27 4-5 ISO CLNS 17-26
configuration file 3-21 of system image files verifying 3-30
editor pasting from 2-22 circuit group
size controlling for SDLC 23-9 definition 20-20 buffers command 5-37 use in load balancing 20-20 buffers huge size command 5-37 circuit simplex Ethernet configuring 15-21 busy-message command 4-25 Cisco 7000 calendar 5-5 5-11 byte offset Cisco Works 5-1
assigning access list name 21-34 Class of Service
use in access control 21-32 21-33 See COS
clear appletalk arp command 12-29
clear appletalk neighbor command 12-29
clear appletalk route command 12-29
clear appletalk zone command 12-29
clear arp-cache command 15-30 16-42 cable range clear bridge command 20-21 See AppleTalk cable range clear clns cache command 17-29 calendar set command 5-11 clear clns neighbors command 17-29 calendar system 5-5 clear ems route command 17-29 Call User Data clear counters command 6-46 byte definitions for supported protocols table 7-11 clear decnet counters command 14-15 definition of X.25 7-10 clear host command 15-30 example of 7-32 clear interface command 6-47 in X25 Call Request packet 7-8 7-10 clear ip accounting command 15-30 interpreting calls with unknown 7-11 clear ip bgp command 16-23 placing in X.25 routing table 7-13 clear ip bgp command 16-23 16-42 X.25 commands that support table 7-25 clear ip route command 15-30 16-42 CAP 12-2 clear ipx cache command 18-19 Carrier Detect signal 4-6 clear ipx route command 18-19 carrier protocol tunneling 6-25 clear line command 2-33 4-16 6-47 carrier wait time DDR 10-2 clear netbios-cache command 21-45 caution description xlvi clear rif-cache command 21-45 Cayman encapsulation protocol 6-25 clear source-bridge command 21-45 Cayman tunneling AppleTalk 12-18 Clear to Send signal 4-6 CCITT X25 Recommendation 7-1 clear vines cache command 13-11 CD signal 4-6 clear vines neighbor command 13-Il Challenge Handshake Authentication Protocol clear vines route command 13-li See CHAP clear vines traffic command 13-11 Channel Service Unit/Digital Service Unit clear x25-vc command 7-28 See CSU1DSU client router configuring 3-34 CHAP CLNP ISO documentation reference 17-1 configuring with encrypted password 6-59 clns access-group command 17-23 enabling 5-23 clns adjacency-filter command 17-23 using with DDR 10-14 clns checksum command 17-26 chap authentication command 6-39 clns cluster-alias command 17-24 character padding setting 2-28 4-19
Index clns configuration-time command 17-22 cmt disconnect command 6-38
clns congestion-threshold command 17-27 CMT microcode disabling 6-37
ems dec-compatible command 17-25 Columbia AppleTalk Package ems enable command 17-12 See CAP
clns erpdu-interval command 17-27 command history
clns esct-time command 17-22 disabling 2-20
clns es-neighbor command 17-8 recalling commands 2-19
clns filter-expr command 17-23 setting buffer size 2-19
clns filter-set command 17-23 command interpreter 2-1
cins holding-time command 17-22 command modes
clns host command 17-9 global configuration 2-62-8 3-11 clns command is-neighbor 17-8 interface configuration 2-82-10 cins command mtu 17-26 IPX router configuration 2-13 clns net command 17-7 17-il 17-24 line configuration 2-112-12 4-1 clns packet-lifetime command 17-28 line configuration entering example 4-27 clns rdpdu-interval command 17-28 privileged EXEC 2-42-6 clns route command 17-12 ROM monitor 2-142-15 clns default route 17-12 route map configuration 2-14 clns route-cache command 17-26 router configuration 2-122-13 clns router isis command 17-16 subinterface configuration 2-102-11
clns router iso-igrp command 17-13 summary table 2-3 clns routing command 17-11 types available 2-2
clns security pass-through command 17-25 user EXEC 2-4 clns 17-27 send-erpdu command command names completion help 2-21
clns command 17-28 send-rdpdu command syntax help 2-16
clns split-horizon command 17-15 commands abbreviating 2-20 clns template-alias command 17-23 comments adding to configuration files 3-11 clns command 17-28 want-erpdu communication parameters terminal 2-25 4-4 clock calendar-valid command 5-11 Complete Sequence Number PDUs clock rate configuring on serial interface 6-42 See CSNP clock read-calendar command 5-11 compressed image 3-18 clock set command 5-10 compression clock signal inverting 6-18 configuring for LAT 20-8 clock summer-time command 5-10 5-40 X.25 packet header 7-25 clock IPX 18-12 ticks conditional default origination IS-IS 16-19 clock timezone command 5-9 5-40 conditional default origination OSPF 16-13 clock update-calendar command 5-il conditional default origination OSPF example 16-58 clock enabling internal 6-18 config-register command 3-13 3-16 3-17 3-18 clockrate command 6-42 24-8 configuration commands cluster aliases 17-24 entering from the terminal 3-li
CMNS loading from server 3-12 address map 7-16 loading from NVRAM 3-12 address map example 7-35 configuration commands line description 4-1
configuration task list 7-15 configuration file
enabling 7-15 buffer changing size 3-21
LLC2 copying to network server 3-31
statistics 7-28 displaying active 3-32
support 7-15 displaying file stored in NVRAM 3-32
local X.25 routing on nonserial media 7-2 7-15 failing to load 3-21
on leased serial line 7-16 host
over public data network example 7-35 default file name 3-20
traffic statistics 7-28 description 3-20 cmns enable command 7-15 loading from server 3-20 CMT 6-6 minimal required for Autolnstall 3-8 cmt connect command 6-38 role in AutoInstall 3-53-6
10 Router Products Configuration Guide network core gateway EGP definition 16-30
description 3-20 COS
loading from server 3-20 enabling for SNA traffic 22-8
minimal required for Autolnstall 3-9 enabling to prioritize SNA traffic 1-40
role in Autolnstall 3-4 cost configuration management 5-2 assigning to interfaces DECnet 14-5 configuration register for DECnet interarea routing 14-10
boot field 3-12 for DECnet intra-area routing 14-9
changing value in software example 3-13 counters
description 3-12 clearing interface 6-46
listing value of boot field 3-13 DBCnet clearing 14-15
setting to boot from Flash 3-13 crc command 6-18 configure command CRC enabling 32-bit 6-18
from memory 3-12 3-33 CrossTalk downloading files across router line 4-21
from network 3-12 CRS function in LNM 21-28
from terminal 3-6 3-7 3-11 CSC-1R interface card 6-4 configure terminal command 2-7 3-34 CSC-2R interface card 6-4 congestion threshold CSC-C2 interface card 6-6 6-37
DECnet setting 14-15 CSC-C2CTR interface card 6-4
ISO CLNS 17-27 CSC-FCI interface card 6-6 6-37 6-52 connect command 2-32 CSC-FCIT interface card 6-6 6-37
Connection Management CSC-R interface card 6-52
See CMT CSC-R16 interface card 6-4
Connectionless Network Protocol CSNP interval
See CLNP IS-IS for CLNS configuring 17-18
Connectionless Network Service IS-IS for IP configuring 16-17 See ISO CLNS CSUIDSU
Connection-Mode Network Service Frame Relay connections over 8-2
See CMNS loopback 6-48 connections Ctrl sequence 2-32 asynchronous Ctrl-Z 2-8
See SLIP PPP CTS signal 4-6
configuring rotary groups 4-15 cursor moving on command line 2-21
defining protocols for 2-29 custom queuing 5-34
diagnosing 5-26 customizing DDR network 10-19
listing open 2-34 custom-queue-list command 5-36
listing Telnet 2-34 cyclic redundancy check configuring 6-18
naming 2-34
PPP establishing 6-17
preventing errant attempts 2-29
reverse Telnet 4-16
SLIP establishing 6-17 D-ARP Telnet See Apollo Domain ARP concurrent 2-32 DAS FDDI 6-6 establishing 2-32 data communications equipment exiting 2-32 See DCE switching between 2-32 data link connection identifier console port configuring 4-2 See DLCI and Frame Relay context-sensitive help 2-152-17 data terminal equipment controller See DTE card autonomous switching support 15-29 Data Terminal Ready signal 4-6 loopback test 6-51 databits command 4-4 4-19 flash command 3-30 copy tftp data-character-bits command 4-19 flash command 3-27 copy tftp Datagram Delivery Protocol copy verify command 3-32 See DDP
Index 11 datagram transport dialer rotary groups LAPB 7-1 assigning an interface 10-2 X.25 assigning interfaces 10-16 10-2
configuration task list 7-8 configuring example 10-25
description 7-2 dialing out 10-2
datagrams priority queuing 5-33 displaying diagnostics for interface 10-22
daylight savings time configuring system clock for 5-9 hub-and-spoke configuration figure 10-18 X.25 D-bit 7-12 7-26 idle time setting for line 10-20 DCE interface idle time setting 10-20
configuration example figure 8-15 interface timeout setting 10-20
DDN X25 encapsulation 7-18 IPX Frame Relay device 8-2 8-6 spoofing 18-19
rules for calls on X.25 7-21 initiating support 10-19 serial interface 6-42 appliques watchdog packets 18-19 in use LAPB 7-5 line down time setting 10-20
virtual circuit X.25 7-22 range on line idle timesetting 10-20 X.25 7-11 encapsulation 7-8 multiple calls configuring multiple destination dial enable command 6-45 dce-terminal-timing strings example 10-25 command 6-43 dce-terminal-timing-enable placing and receiving calls 10-16 DDN placing calls 10-2 enable X.25 7-18 PPPusing 10-14 X25 address conventions table 7-17 receiving calls 10-12 X.25 address conversion scheme 7-17 receiving calls from multiple sites X.25 task configuration list 7-17 on dialer rotary group 10-13 X.25 configuration example 7-39 on single line or multiple lines 10-13 X.25 7-18 encapsulation types rotary group X.25 7-9 7-17 mapping algorithm assigning group leader 10-13 X25 standard service 7-2 7-18 routing interconnections figure 10-2
X25 type of service TOS field 7-18 V25bis
DDP 12-1 12-2 conformance 10-2 DDR options table 10-3
access control overview 10-3 debug command 5-32
assigning access lists 10-21 debug command 5-32
site 10-7 calling single debug messages displaying on the local line 4-26 calling and receiving calls from single site 10-16 debug modem command 4-16
and calls from sites calling receiving multiple 10-17 debugging system 5-32
calling multiple sites 10-9 DECnet
calls from site 10-13 single access groups configuring 14-12 calls from multiple sites 10-13 access lists
carrier wait 10-2 time setting configuring 14-10 10-14 CHAP using creating based on source addresses 14-11 chat scripts creating based on source and destination
description 10-6 addresses 14-li
naming conventions 10-7 address translation 14-7
overview 10-2 advertising Phase IV through OSI backbone 14-8
specifying 10-7 14-16 and writing implementing examples 10-27 area definition 14-3 Ciscos implementation 10-1 ATG configuring 14-7
configuration examples 10-22 broadcast routing timers adjusting 14-15 task configuration overview 10-6 Ciscos implementation 14-i in IP configuring an environment example 10-24 cluster alias configuration 17-24
controlling access by protocol 10-21
dialer interface example 10-12
12 Router Products Configuration Guide configuration examples 14-1614-20 performance optimization 14-12
configuring address translation 14-18 Phase IV to Phase conversion 14-2 14-8
configuring Phase IV areas through OSI Poor Mans Routing 14-7
backbone 14-16 route cost setting
enabling routing 14-16 Level routers 14-9 configuration task list 14-3 Level routers 14-10 configuring over SMDS 9-5 9-7 routing configuring over WANs 14-15 disabling 14-4 congestion threshold setting 14-15 enabling globally 14-3 connect initiate packets filtering 14-11 enabling on interfaces 14-5 conversion Phase IV to Phase 14-8 example 14-16 cost assigning to interfaces 14-5 over Frame Relay example 8-12 designated routers specifying 14-10 routing table size 14-9 encapsulation over Token Ring 14-6 static discard routes injecting 14-8 equal cost path timers adjusting 14-14 14-15
selection method 14-13 Token Ring
setting 14-13 configuring on 14-6 extended access lists configuring 14-11 encapsulating DECnet 14-6 fast switching disabling 14-14 transmitting Phase IV congestion information over filters Frame Relay 8-2
Hello messages 14-12 decnet access-group command 14-12
on routing information 14-12 decnet advertise command 14-8
Hello timers adjusting 14-14 decnet area-max-cost command 14-10 hop count setting decnet area-max-hops command 14-10
interarea routing 14-10 decnet congestion-threshold command 14-15
intra-area routing 14-9 decnet conversion command 14-8 interarea routing 14-6 decnet cost command 14-5 interfaces decnet encapsulation command 14-6
address assignment 14-5 decnet hello-timer command 14-14
costs assigning 14-5 decnet in-routing-filter command 14-12
routing enabling 14-5 decnet map command 14-7
Token Ring 14-6 decnet max-address command 14-9 intra-area routing 14-6 decnet max-area command 14-9
IPX configuration caveat 14-4 decnet max-cost command 14-9
Level routers configuring 14-9 decnet max-hops command 14-9
Level routers configuring 14-10 decnet max-paths command 14-13
MAC addresses decnet max-visits command 14-14
changing 14-4 decnet node-type command 14-6
obtaining 14-4 decnet out-routing-filter command 14-12 maximum hops setting decnet path-split-mode interim command 14-13
for Level routers 14-9 decnet path-split-mode normal command 14-13
for Level routers 14-10 DECnet Phase IV/Phase conversion differences between maximum packet visits configuring 14-14 Cisco and Digital 14-2 maximum route cost setting decnet route-cache command 14-14
for Level routers 14-9 decnet router-priority command 14-10
for Level routers 14-10 decnet routing command 14-3 media supported 14-1 decnet routing-timer command 14-15 network monitoring and maintaining 14-15 dedicated mode configuring async interface 6-16 6-53 node default asynchronous addresses assigning 6-15
definition 14-3 default networks specifying 16-35
specifying 14-6 default routes
OSI backbone propagating Phase IV areas EGP configuring 16-30
through 14-8 gateway of last resort 16-36 parameters Ciscos implementation 14-2 path selection configuring 14-13
Index 13 dialing multiple sites
determining gateway of last resort 16-3 on single line 10-9
specifying 16-35 on multiple lines 10-9
IS-IS for IP generating 16-19 dialing out 16-13 OSPF generating and receiving calls 10-16 default-information allowed command 16-37 and receiving calls from single site 10-16 default-information command originate 16-13 16-19 and receiving calls from multiple sites 10-17 16-30 description 10-2 default-metric IGRP command 16-37 on dialer rotary groups 10-10 default-metric command 16-37 dialing configuring automatic 4-7 default-metric command BGP 16-27 dial-on-demand routing default-value exec-character-bits command 4-18 See DDR
default-value special-character-bits command 4-18 direct encapsulation remote source-route bridging Defense Communications Agency with 21-9
Blacker Interface Control document 7-19 disable command 2-6
certification 7-2 disconnect character setting 2-28 4-18
delay command 6-44 disconnect command 2-33
delay setting on interface 6-44 disconnect automatic 4-15
description command 6-19 disconnect-character command 4-18
designated routers discovery mode
DECnet specifying election 14-10 definition 12-6
IS-IS for IP specifying election 16-18 enabling on extended interface 12-8
election 17-18 IS-IS specifying enabling on nonextended interface 12-7
destination addresses administrative filtering 20-12 dispatch-character command 4-5
21-36 dispatch-timeout command 4-5
destination ISO routing table CLNS displaying 17-29 distance bgp command 16-27 dial backup distance command 16-39 17-16 17-20
line configuring 6-41 distribute-list in command 16-39 service configuring 6-40 distribute-list out command 16-39 dialer enable-timeout command 10-20 DLCI
dialer fast-idle command 10-20 associating with subinterface 8-9 dialer idle-timeout command 10-20 mapping protocol address to 8-4
dialer in-band command 10-8 10-9 10-11 10-13 10-14 multicast mechanism 8-1
10-17 10-19 setting local 8-10
dialer interface example 10-12 status mechanism 8-i
dialer map command 10-9 10-11 DNS
dialer map modem-script system-script command 10-8 configuring for ISO CLNS addresses 15-10
10-9 10-11 10-18 definition 15-9
dialer name command 10-16 map IP dynamic name lookup example 15-33 dialer rotary groups OSPF lookup of DNS names 16-13 assigning group leader 10-13 role in Autolnstall 3-4
interfaces 10-16 assigning use in discovering ISO CLNS addresses 17-9 10-25 configuring example using to assign device names 15-9
dialing out 10-10 Domain
calls 10-13 receiving See Apollo Domain dialer rotary-group command 10-il 10-16 domain list establishing IP example 15-33 dialer command string 10-8 10-9 10-17 10-18 Domain Name System dialer wait-for-carrier-time command 10-21 See DNS command 10-22 dialer-group Domain Specific Part dialer-list list command 10-21 See DSP dialer-list command 10-21 protocol Domain Token Ring 12-megabit il-i dial-in and dial-out modems supporting 4-13 domain-password command 16-20 17-21 dial-in modem supporting 4-li dialing single site 10-7
14 Router Products Configuration Guide domains EGP
ISO CLNS backup router example 16-62
addresses 17-5 backup routers configuring 16-30
16-28 establishing 17-5 Ciscos implementation
ISO-IGRP 17-3 configuration task list 16-28 down time setting for DDR line 10-20 configuring 16-27
Number 6-40 core 16-30 down-when-looped command and Magic gateway defining 16-30 DSP NSAP addresses 17-3 default routes configuring
DTE enabling 16-28 16-29 DDN X.25 encapsulation 7-18 neighbor relationships redistribution 16-37 Frame Relay device 8-6 16-2 Frame Relay switch 8-2 supported protocols 16-29 rules for initiating calls on X25 7-21 third-party support configuring
use inLAPB 7-5 third-party support example 16-62 16-29 virtual circuit range on X.25 7-22 timers adjusting electrical interface 6-46 X.25 encapsulation 7-8 7-11 type changing
dte-invert-txc command 6-43 6-44 Emacs editor 2-20 command 5-20 DTR signal 4-6 enable last-resort command 5-16 DTR signal pulsing 6-42 enable password
Dual Attach Stations enable use-tacacs command 5-20 8-4 See DAS encapsulation 12-22 dual homing FDDI 6-38 AppleTalk 12-2 12-3 12-18 12-19 DXI 3.2 9-1 9-9 ATM-DXI 6-3 BFE 7-19 dynamic addressing 6-25 configuring on asynchronous interfaces Cayman PPP 6-15 example 6-54 configuring SLIP 6-15 electronic mail application 6-16 configuring 6-15 7-18 dynamic asynchronous addresses assigning DDNX25 DECnet on Token 14-6 dynamic routing ISO CLNS Rings default serial 7-8 configuring 17-13 17-16 6-25 examples 17-3517-38 EON overview 17-10 Ethernet interface 6-4
FDDI 6-6
Generic Router Encapsulation GRE 6-25 HDLC 6-3
HSSI 6-8
IPX 18-1 18-2 18-3 18-4 as router 3-24 character output LAPB 7-6 echo 5-26 protocol NOS 6-25
editing command 2-21 4-19 of traffic in another protocol tunneling 6-25 editor PPP 6-39 completing command 2-21 SMDS 9-3 controlling capitalization 2-24 synchronous serial 6-3 entries 2-23 deleting VINES 13-7 disabling enhanced mode 2-25 X.25 7-8 enhanced mode 2-21 enabling XNS 19-4 features of 2-20 encapsulation arpa command 6-30 line-wrap feature 2-22 encapsulation atm-dxi command 6-31 moving the cursor 2-21 encapsulation bfex25 command 7-19 pasting from buffer 2-22 encapsulation command 6-15 redisplaying line 2-24 encapsulation ddnx25 command 7-18 Release 91 and earlier keys and functions encapsulation ddnx25-dce command 7-18 table 2-25 encapsulation frame-relay command 8-4 2-212-24 Release 9.21 keys and functions encapsulation hdlc command 6-30 2-23 scrolling down display encapsulation lapb command 7-6 transposing characters 2-24
Index 15 encapsulation lapb-dce command 7-6 interfaces
encapsulation multi-lapb command 7-6 cards 6-4
command 7-6 encapsulation multi-lapb-dce encapsulation 6-4 6-30 command 10-18 encapsulation ppp 6-39 10-15 loopback on 6-51 command 6-30 encapsulation sap transparent bridging example 20-23 command 23-8 encapsulation sdlc-primary Ethernet Type II frames assigning the OUT for 20-5 command encapsulation sdlc-secondary 23-8 ethernet-transit-oui command 20-5 21-21 encapsulation smds command 9-3 9-10 EtherTalk
encapsulation snap command 6-30 definition 12-1
encapsulation stun command 22-4 version 12-5
encapsulation x25 command 7-8 exec command 4-26 encapsulation x25-dce command 7-8 EXEC commands
encrypting passwords 5-16 interpreter 2-1 encryption BEE 7-18 privileged level description 2-42-6 end command 2-8 switching from privileged to user 2-6 end system user level description 2-4 See ES EXEC process End System-Intermediate System disabling on line 4-26 See ES-IS enabling on line 4-26 environmental 5-24 conditions displaying timeout interval setting 4-26 environmental monitor automatic shutdown exec-banner command 4-23
message 5-25 exec-character-bits command 4-19 6-25 EON exec-timeout command 4-26
Erase Character Telnet 2-33 command exit command 2-8 2-33 Erase Line command Telnet 2-33 exiting session 2-33 ERPDU extended access lists 17-27 configuring support See access lists
configuring to send 17-27 extended networks
interval 17-27 determining using IP secondary addresses 15-3 error count reset frequency setting 6-44 See AppleTalk extended network error messages exterior gateway protocols categories 5-30 See EGP
levels 5-30 exterior routing protocols severity levels 5-29 See EGP TFTP 3-24 exterior routing protocols list 16-2 error protocol data unit See ERPDU ES
communicating with another ES 17-7
listing for NSAP-to-SNPA mapping 17-8 fast switching escape character setting 2-28 4-18 and source-route 21-41 escape-character command 4-18 bridging ES-IS AppleTalk
disabling 12-28 configuring 17-21 displaying cache entries 12-29 Hello rate configuration 17-22 14-14 ISO CLNS 17-1 DECnet disabling 19-12 protocol overview 17-7 description 12-28 13-8 18-18 for 21-78 /etc/services file 12-23 example configuration IP Ethernet
disabling 15-28 configuring loopback server 6-51 enabling 15-28 encapsulation example 6-53 over SMDS 9-10 filtering encapsulated packets 20-13 20-14 IPX
deleting entries in cache 18-19
disabling 18-18
displaying cache entries 18-19
16 Router Products Configuration Guide ISO CLNS Fiber Distributed Data Interface
disabling 17-26 See FDDI
enabling 17-26 fiber-optic cable FDDI designations for 6-38
overview 6-9 filter expressions CLNS creating 17-22
same interface 15-28 filtering
VINES See access lists
deleting cache entries 13-11 filters
disabling 13-9 AppleTalk
displaying cache entries 13-11 applying data packet 12-12
XNS disabling 19-12 applying GZL 12-15
FastPath 12-5 applying routing table 12-14
FastPath router 12-23 data packet definition 12-12
Fast-Sequenced Transport data packet example 12-34 SeeFST GZL definition 12-15 fault management 5-2 5-23 partial zone 12-16 3-19 fault-tolerant strategy booting with partial zone example 12-37 FDDI routing table definition 12-13 6-34 bridging configurations 6-6 routing table example 12-34
C-Mm timer 6-36 bridging
controlling CMT microcode 6-37 administrative for transparent bridging 20-10
controlling transmission time 6-36 destination addresses 20-12
description 6-6 IEEE 802.3-encapsulated packets 20-14
determining bandwidth 6-35 LAT service announcements 20-15
disconnecting 6-38 source addresses 20-12
dual homing 6-38 station access list 21-33
duplicate address checking 6-37
encapsulation methods 6-6 apply offsets to routing metrics 16-39
encapsulation mode compatibility 6-35 on routing information 16-38
FDDI Station Management SMT 6-38 on sources of routing information 16-39
frame contents 6-6 preventing routing updates 16-38
on CSC-FCI interface card 6-52 loopback suppress routes from being advertised in routing
optional features 6-34 updates 16-39
ring scheduling 6-35 suppress routes listed in updates from being
setting bit control 6-37 processed 16-39
SMT frame processing 6-37 IPX
starting 6-38 broadcast 18-4 18-10
stopping 6-38 generic 18-4 18-6 TB-Mm timer 6-36 GNS 18-9
timeout timer 6-36 NetBIOS 18-4 18-9 18-10
timers 6-34 routing table 18-7 18-8
transit 20-2 bridging defining filters 18-4 fddi c-mm command 6-36 routing updates 18-8 FDDI CMT microcode control 6-37 SAP 18-4 18-8 fddi cmt-signal-bits command 6-37 types table 18-5 fddi command duplicate-address-check 6-37 ISO CLNS fddi encapsulate command 6-35 creating 17-22 fddi if-cmt command 6-37 See also access lists fddi smt-frames command 6-37 SRB fddi tb-mm command 6-36 administrative for source-route bridging 1-34 fddi token-rotation-time command 6-35 bytes access list 21-34 fddi t-out command 6-36 destination addresses 21-36 fddi valid-transmission-time command 6-36 source addresses 21-36 FDDITa1k 12-1 VINES fddi-tl-min-time command 6-36 applying to interface 13-6
types 13-5
Index 11 XNS DCE switch 8-6 8-12 applying generic to interface 19-6 DECnet routing over example 16-42 applying routing table to interface 19-7 disabled split horizon
statistics about 8-11 generic definition 19-5 19-6 displaying general
routing table definition 19-5 19-7 DLCI
address to 8-4 types 19-5 mapping protocol multicast mechanism 8-1 types table 19-5 mechanism 8-1 Finger protocol enabling 2-35 status
FIP 6-6 DTE device configuring 8-6
Flash memory DTE switch description 8-2 8-4 booting automatically from 3-143-17 enabling
booting from default fileconfig register setting 3-13 encapsulation IETF booting from example 3-16 3-18 8-18-4 8-12 booting manually from 3-22 IETF example 8-2 configure router to boot from 3-15 FECN-bit promotion 8-2 configuring 3-15 hardware requirements 8-2 copying images from 3-30 Inverse ARP support 8-2 copying images to 3-27 IP tunnel 8-7 fault-tolerant boot strategy 3-19 keepalive mechanism setting
features 3-15 LMI
8-8 hardware platforms 3-14 DCE error threshold 8-8 loading from TFTP server 3-15 DCE monitored events count timer 8-8 security precautions 3-15 DCE polling verification 8-8 storing images in 3-27 DTE error threshold interval 8-8 uses of 3-14 DTE full status polling
file 3-30 DTE monitored events counter 8-8 verifying checksum of system image
write protection 3-15 keepalive interval 8-7
Flash server configuring 3-34 NNI error threshold 8-8 flow control NNI monitored events count 8-8
NNI verification timer 8-8 for high-speed modems 4-15 polling
hardware setting 2-26 4-4 selecting type 8-7
addresses 8-4 software setting 2-26 4-4 mapping flowcontrol command 4-5 4-16 mapping VPI and VCI to DLCI 6-31
connections 8-11 forward delay interval 20-19 monitoring 8-1 Forward Explicit Congestion Notification FECN multicast mechanism
bits 8-2 netbooting over example 8-13
8-6 Frame Rejects NM support 8-20 See FRMRs point-to-point links example 8-14
8-18 Frame Relay PVC switching examples 8-12 ATM-DXI 6-31 routers in static mode example
8-13 backward compatibility example 8-13 routing IPX over example 8-4 bridging 8-1 8-4 routing protocols supported 8-1 8-1 configuration examples 20-28 software capabilities
with multicasts 20-29 specifications
with no multicasts 20-28 ANSI 8-1
broadcasts 8-4 CCIIT 8-1
Ciscos implementation 8-1 joint 8-1
configuration examples 8-11 standards defining 8-1 8-7 configuration task list 8-3 static route for PVC switching
20-5 status mechanism 8-1 configuring transparent bridging over DCE device subinterfaces on 6-21 8-2
configuration example figure 8-15 switching
configuring 8-6 description 8-2
8-5 description 8-2 enabling
selecting 8-6
18 Router Products Configuration Guide hybrid PVC figure 8-18 Get Nearest Server
over IP tunnel figure 8-20 See GNS
test environment 8-10 GetZoneList
transmitting congestion information over Frame See GZL
Relay 8-2 global configuration commands description 2-62-8
transparent bridging example 8-14 global configuration mode 2-3
frame-copied errors Token Ring 21-44 GNS
frame-relay intf-type command 8-6 delay in responding to requests 18-15
frame-relay keepalive command 8-7 filters 18-9
frame-relay lmi-n39ldte command 8-8 request response delay 18-15
frame-relay lmi-n392dce command 8-8 responding to requests 18-15
frame-relay lmi-n392dte command 8-8 GOSIP
frame-relay lmi-n393dce command 8-8 ISO CLNS compliance with 17-1
frame-relay lmi-n393dte command 8-8 NSAP format 17-4
frame-relay lmi-t393dce command 8-8 GRE tunneling AppleTalk 12-18 12-19
command 8-7 frame-relay imi-type group codes LAT
frame-relay local-dlci command 8-8 8-9 8-10 definition 20-15
frame-relay map bridge broadcast command 20-6 filtering 20-16
frame-relay map bridge command 8-4 lists 20-16
frame-relay map clns command 8-4 specifying deny conditions 20-16
frame-relay map command 8-4 specifying permit conditions 20-16
frame-relay multicast-dici command 8-10 GZL
frame-relay route command 8-7 replies 12-15
frame-relay switching command 8-6 requests 12-15
free-trade zone AppleTalk 12-17
FRMRs determining use of 23-8
front-ending 4-16
FSIP 6-3 FST hardware flow control configuring 2-26 4-4 enabling for RSRB 21-11 HDLC example using with RSRB 21-5 default serial encapsulation 6-30 7-8 performance considerations 21-12 encapsulation configuring for STUN 22-8 remote source-route bridging 21-11 encapsulation ISO CLNS 17-1
serial encapsulation method 6-3
header compression compressed TCP 7-25
header ISO CLNS options 17-24
heartbeat DXI 3.2 on SMDS 9-1 9-9
Gateway Discovery Protocol Hello
See GDP BPDU interval 20-19
gateway of last resort definition 16-4 16-3 IS-IS interval configuration 17-17 GDP ISO CLNS 17-22
Cisco implementation 16-31 hello message VINES 13-8
configuring 16-31 Hello packets
detecting routers using 15-12 IS-IS for IPadvertised interval setting 16-17
enabling 16-33 Net/One 19-1
enabling on an interface 16-31 OSPF setting advertised interval 16-10
messages 16-31 specifying 17-22
query message 16-31 hello packets
report message 16-3 Net/One 19-1
use in routing assistance 15-11 Hello timer DECnet adjusting 14-14
use to detect routers 15-12 help command 2-15 generic route encapsulation tunneling help context-sensitive 2-152-17
See GRE tunneling helper addresses
Generic Router Encapsulation IP example 15-3
See GRE IPX 18-10 18-11
Index 19 High Level Data-Link Control 22-8 disabling ICMP redirect messages 15-18 high-speed modem configuring 4-9 4-15 enabling ICMP mask reply messages 15-20
HIP 6-8 ICMP Router Discovery Protocol
history size command 2-19 See IRDP
hold character setting 2-28 4-18 IDBLK definition
hold queue required to configure SDLLC 24-18 LAPB packet 7-7 IDI NSAP addresses 17-3
limit 6-43 idle terminal message 4-22
X.25 packet 7-27 idle time DDR
hold-character command 4-18 setting for line 10-20
holddown setting for an interface 10-20
definition 16-5 IDNUM definition
16-7 24-18 disabling IGRP required to configure SDLLC
hold-queue command 6-43 IDP Internet Datagram Protocol 18-1
hop count IDP NSAP addresses 17-3
for DECnet interarea routing setting 14-10 IEEE 802 filtering encapsulated packets 20-14
for DECnet intra-area routing setting 14-9 IEEE 802.2 LLC encapsulation 6-4 6-30
in RIP 16-14 IEEE 802.3 encapsulation 6-4 6-30
hops limiting maximum for SRB 21-8 IEEE 802.5
host configuration file committee 21-1
default file name 3-20 Token Ring media 6-4
description 3-20 IETF Frame Relay encapsulation 8-1 8-4 8-12
loading from server 3-20 I-frames
minimal required for Autolnstall 3-8 configuring number sent example 23-10
role in Autolnstall 3-53-6 controlling number sent 23-2
host name table VINES displaying entries 13-11 resending time 23-4
host name resolving for Autoinstall 3-4 specifying largest size for SDLLC 24-8
host number Ignore Destination timer X.25 7-23
Apollo Domain 11-2 IGP supported protocols 16-1 XNS 19-2 19-9 IGRP 15-13
HP hosts on network segment example 15-33 adjusting metrics 16-7
HP Probe Proxy configuring name requests for IP 15-10 allowing point-to-point updates 16-6
HSCI card loopback test 6-51 autonomous systems 16-37
hssi external-loopback-request command 6-51 Ciscos implementation 16-4
HSSI interfaces configuration task list 16-5
configuring internal ioop on 6-49 configuring 16-4
encapsulation methods 6-8 detecting routes using 15-13
loopback on 6-48 determining route feasibility 16-6
loopback externally requested 6-50 enabling 16-5
support 6-7 redistribution 16-37
hssi internal-clock command 6-31 redistribution example 16-47
hunt groups route redistribution 16-37
description 4-15 runningwithRlP 16-15
16-6 See also rotary groups unequal-cost load balancing definition update broadcasts 16-5
updates frequency 16-5
incoming calls preventing 4-12
incoming message banner 4-22
information frames IBM 3174 frame-copied errors 1-44 See I-frames IBM 8209 bridges and SRITLB routers 21-21 Initial Domain Part IBM PC/3270 emulation and source-route bridging 21-43 See IDP ICMP Integrated Services Digital Network customizing services example 15-35 See ISDN disabling ICMP protocol unreachable interactive mode configuring async interface 6-16 messages 15-17
20 Router Products Configuration Guide interarea router interior gateway protocols See Level See IGP interarea routing Interior Gateway Routing Protocol DECnet See IGRP
maximum hops setting 14-10 interior IP gateway protocols list 16-1
maximum route cost setting 14-10 interior routing protocols
interdomain routing See IGP
description 17-10 interior routing protocols list 16-1
ISO-IGRP 17-10 intermediate system
interface See IS
adding descriptive name 6-19 Intermediate System-to-Intermediate System
restarting 6-47 See IS-IS
interface cards internal clock enabling 6-18
CSC-C2 6-6 6-37 international character set 2-28 4-18 CSC-C2CTR 6-4 Internet addresses
CSC-FCI 6-6 assigning multiple 15-3
CSC-FCIT 6-6 6-37 broadcast addresses 15-13
CSC-HSA 6-7 list of reserved table 15-4
CSC-HSCI 6-7 using secondary 15-3
CSC-R16M 6-4 See also addresses and IP addresses
MEC 6-4 Internet Datagram Protocol IDP 18-1
interface command 9-10 Internet Engineering Task Force
interface configuration commands description 2-82-10 See IETF
interface configuration mode 2-3 Internet Protocol
interface configuration example 6-53 SeelP
interface dialer command 10-11 10-14 Internet Router software Apple 12-5
interface port monitoring 6-46 Interrupt Process command Telnet 2-30 2-33 4-23
interface priority DDR setting 10-19 intervals
interface serial command 6-17 forward delay 20-19
interface tokenring command 14-6 Hello BPDU 20-19
interface tunnel command 6-28 12-18 12-19 maximum idle 20-19
interfaces intra-area router
assigning path costs 20-18 See Level
assigning priority group 5-36 intra-area routing DECnet
assigning queuing priority 5-35 maximum hops setting 14-9
assigning to spanning tree group 20-4 maximum route cost setting 14-9
circuit type setting for IS-IS for IP 16-18 Inverse Address Resolution Protocol Frame Relay 8-2
clearing counters 6-46 8-8
displaying information about 6-45 invert-transmit-clock command 6-18
hold queues 6-43
IP addresses assigning multiple 15-3 access lists
loopback on Ethernet 6-51 applying on inbound or outbound
naming 6-19 interfaces 15-23
null 6-13 applying to an interface 15-23
priority queuing 5-33 creating extended 15-22
restarting 6-47 creating standard 15-22
secondary addresses for IP 15-3 definition of extended 15-22
setting bandwidth on 6-43 definition of standard 15-22
setting delay value 6-44 implicit deny when no match found 15-22
setting priority for bridging 20-18 implicit masks 15-22
shutting down 6-47 implicit masks example 15-36
shutting down example 6-55 setting on virtual terminal lines 15-23
X.25 address alias 7-28 undefined 15-23
See also subinterfaces accounting configuring 15-26
address resolution 15-6
Index 21 address resolution for Autolnstall 3-3--3-4 security
addresses See IPSO
allowable 15-4 Security Option See IPSO
and subnet mask on SMDS 9-9 source-route header options configuring 15-20
assigning to interfaces 15-2 split horizon
mapping logical names to 15-8 enabling and disabling 16-41
mapping to hostnames 15-8 X.25 default 7-12
specifying the domain name 15-9 static routing redistribution example 16-46
See also addresses and Internet addresses subnet zero enabling 15-4
autonomous switching enabling 15-29 TCP headers compressing 15-27
broadcast flooding example 15-35 tunneling 6-25
broadcasts UDP broadcasts enable forwarding of 15-14
and transparent bridging spanning-tree UDP datagrams
protocol 15-16 flooding 15-17
directed 15-13 speeding up flooding 15-17
flooding 15-13 15-16 ip access-group command 15-23
types 15-13 ip accounting command 15-26
Ciscos implementation 15-1 ip accounting-list command 15-26
configuration examples 15-3115-39 ip accounting-threshold command 15-26
configuration task list 15-2 ip accounting-transits command 15-26
configuring over SMDS 9-7 ip address secondary command 15-3
configuring over WANs 15-30 ip address command 15-2
default gateway ip as-path access-list command 16-23 16-24
definition 15-11 ip broadcast-address command 15-15
enabling 15-11 ip cache-invalidate-delay command 15-29
directed broadcasts 15-14 ip default-gateway command 15-11
domains establishing example 15-33 ip default-network command 16-36
enabling on serial interfaces 15-4 ip directed-broadcast command 15-14
encapsulation configuring for RSRB 21-11 21-12 ip domain-list command 15-9
21-15 ip domain-lookup command 15-9
fast switching ip domain-lookup nsap command 15-10 17-9
disabling 15-28 ip domain-name command 15-9
enabling 15-28 ip forward-protocol command 15-15
metric translations 16-37 ip forward-protocol spanning-tree command 15-16
monitoring tasks 15-30 ip forward-protocol turbo-flood command 15-17
monitoring tasks for IP routing 16-42 ip gdp command 16-33
name server specifying 15-9 ip gdp gdp command 15-12
performance parameters ip gdp holdtime command 16-33
configuring 15-26 ip gdp igrp command 15-13
types 15-26 ip gdp irdp command 15-12
processing on serial interfaces 15-4 ip gdp priority command 16-33
protocol description 15-1 ip gdp reporttime command 16-33
route cache invalidation controlling 15-29 ip gdp rip command 15-13
routing ip helper-address command 3-6 3-7 15-15
and bridging 20-7 ip host command 15-8
assistance when disabled 15-li ip hp-host command 15-10
disabling in order to bridge IP 20-7 ip irdp address command 16-33
enabled by default 15-10 ip irdp command 16-33
over simplex Ethernet interface 15-21 ip irdp holdtime command 16-33
routing processes maximum number 16-2 ip irdp maxadvertinterval command 16-33
routing protocols ip irdp minadvertinterval command 16-3
choosing 15-13 ip irdp multicast command 16-33
configuration examples 6-44---1 6-67 ip irdp preference command 16-33
configuration task list 16-3 ip mask-reply command 15-20
secondary addresses 15-3 ip mtu command 15-20
22 Router Products Configuration Guide ip name-server command 15-9 IPX
ip ospf authentication-key command 16-10 access control configuring 18-418-11
ip ospf cost command 16-10 access lists
ip ospf dead-interval command 16-10 configuration examples 18-2118-26
ip ospf hello-interval command 16-10 creating extended 18-6 18-7 18-10 ip ospf name-lookup command 16-13 creating NetBIOS 18-6 18-10
ip ospf network command 16-11 creating SAP 18-6 18-8 18-9
ip ospf priority command 16-10 creating standard 18-6 18-7 18-10 ip ospf retransmit-interval command 16-10 extended description 18-4 ip ospf transmit-delay command 16-10 NetBIOS description 18-4 ip probe proxy command 15-10 SAP description 18-4 ip proxy-arp command 15-8 standard description 18-4 ip rarp-server command 3-25 types 18-4 ip redirects command 15-18 addresses 18-1 ip route command 16-34 all-nets flooding 18-16 ip route-cache cbus command 15-29 all-networks flooded broadcasts 18-16 ip route-cache command 9-10 15-28 autonomous switching enabling 18-18 ip route-cache same-interface command 15-28 broadcasts ip router isis command 16-16 blocking 18-15 ip routing command 15-10 20-7 forwarding 18-10 18-15 18-16 ip security add command 15-25 Ciscos implementation 18-1 ip security dedicated command 15-24 clock ticks 18-12 ip security extended-allowed command 15-25 compliance with Novells IPX 18-12 ip security first command 15-25 configuration examples 18-2018-28 ip security ignore-authorities command 15-25 configuration task list 18-2 ip security implicit-labelling command 15-25 configuring over SMDS 9-8 ip security multilevel command 15-24 corrupted network numbers repairing 18-19 ip security reserved-allowed command 15-25 disabling 18-12 ip security strip command 15-25 encapsulation 18-1 18-2 18-3 18-4 ip source-route command 15-21 fast switching ip split-horizon command 16-42 deleting entries in cache 18-19 ip subnet-zero command 15-4 disabling 18-18 ip tcp compression-connections command 15-27 displaying entries in cache 18-19 ip tcp header-compression command 7-25 15-27 filters ip tcp synwait-time command 15-27 applying broadcast to interface 18-10
IP tunnel 8-2 applying generic to interface 18-7 ip unnumbered command 15-5 applying GNS to interface 18-9 ip unreachables command 15-18 applying NetBIOS to interface 18-10
IPC connections VINES displaying information applying routing table to interface 18-8
about 13-11 broadcast description 18-4
IPSO generic description 18-4 18-6
configuring 15-24 GNS description 18-9
default values for minor keywords 15-25 NetBIOS description 18-4 18-9
examples 15-38 routing table description 18-4 18-7
features 15-24 SAP 18-8
classifications 15-24 setting security SAP applying to interface 18-8
setting security levels 15-25 SAP description 18-4
IPTalk table 18-5
/etc/services file 12-23 GNS
atab 12-23 control requests 18-15
configuration example 12-4512-48 filters 18-9
12-2 definition queue length for SAP requests 18-14
IP encapsulation configuring 12-23 helper addresses 18-10 18-11 18-15
SLIP drivers 12-2 interfaces displaying status 18-20
UDP port numbers 12-23 internal network numbers 18-19
Index 23 keepalives 18-19 tick count 18-12
maximum paths traffic displaying statistics 18-20
description 18-15 watchdog packets spoofing 18-19
setting 18-15 ipx access-group command 18-7
messages filtering NetBIOS 18-10 ipx delay command 18-12
monitoring tasks 18-19 ipx down command 18-12
NetBIOS ipx gns-response-delay command 18-15
access control 18-9 ipx gns-round-robin command 18-15
filters 18-9 ipx helper address command 18-11
messages filtering 18-10 ipx helper-address command 18-16
NetWare internal network numbers 18-19 ipx helper-list command 18-11
network connectivity testing 18-19 ipx input-network-filter command 18-8
network numbers ipx input-sap-filter command 18-8
assigning to interfaces 18-2 ipx maximum-paths command 18-15
corrupted repairing 18-19 ipx netbios input-access-filter command 18-10
definition 18-1 ipx network command 18-3
node number 18-1 ipx output-gns-filter command 18-9
Novell IPX compliance 18-12 ipx output-network-filter command 18-8
OS/2 Requestors 18-19 ipx output-rip-delay command 18-12 18-13
padding packets 18-18 ipx output-sap-delay command 18-12 18-14
responding to GNS requests 18-15 ipx output-sap-filter command 18-8
restarting 18-12 ipx pad-process-switched-packets command 18-18
RIP updates ipx route-cache command 10-19 18-18
delay between 18-13 IPX router configuration commands description 2-13
timers 18-13 IPX router configuration mode 2-3
RIP description 18-13 ipx router-filter command 18-8
router configuration mode 2-13 ipx router-sap-filter command 18-8
routing ipx routing command 18-2
18-2 enabling ipx sap command 18-14
enabling example 18-20 ipx sap-interval command 18-14
routing metrics 18-1 ipx sap-queue-maximum command 18-14
routing over Frame Relay example 8-13 ipx source-network update command 18-19
routing table ipx type-20-input-checks command 18-12 18-17
adding entries 18-8 ipx type-20-output-checks command 18-12 18-17
deleting entries 18-19 ipx type-20-propagation command 18-12 18-17
displaying entries 18-20 ipx update-time command 18-13
SAP ipx watchdog-spoof command 10-19
access lists creating 18-6 IRDP
to 16-33 controlling responses ONS requests 18-15 Ciscos implementation
creating filters 18-8 configuring 16-33
description 18-1 conformance to router discovery protocol 16-33
filters 18-4 enabling 16-33
filters description 18-8 use in routing assistance 15-11
maximum queue length setting 18-14 IS
messages filtering 18-8 Level 17-7 17-10
setting delay between packets 18-12 18-14 Level 17-7 17-10
setting interval between updates 18-14 listing for NSAP-to-SNPA mapping 17-8
static entries configuring 18-14 ISDN
SAP table Basic Rate Interface BRI 6-5
adding static entries 18-14 encapsulation methods 6-5
static entries 18-14 isdn spidl command 6-33
servers displaying 18-20 isdn spid2 command 6-33
static routes isdn tei command 6-34
adding to routing table 18-13
description 18-13
24 Router Products Configuration Guide Is-Is isis priority command 16-18 17-18
for CLNS isis retransmit-interval command 16-18 17-18
area routing 17-10 ISO CLNS
Ciscos implementation 17-4 access lists creating 17-22
configuring 17-16 addresses
CSNP interval configuration 17-18 assigning 17-5
designated router election 17-18 background 17-2
enabling routing 17-16 rules 17-4
Hello interval configuration 17-17 adjacencies establishing 17-22
interface parameter configuration 17-17 adjacency database
link state metric configuration 17-17 displaying ES neighbors 17-29
LSP retransmission interval 17-18 removing CLNS neighbors 17-29
password authentication 17-21 removing ES neighbors 17-29
password configuration 17-19 removing IS neighbors 17-29
preferred route configuration 17-20 areas
redistributing routes 17-20 addresses 17-5
router level support configuration 17-2 establishing 17-5
routing configuration example 17-39 multihoming 17-6
setting domain password 17-21 multihoming advantages 17-6
setting an area password 17-2 multihoming configuration 17-6
specifying desired adjacency 17-19 basic static routing example 17-31
station routing 17-10 checksum configuration 17-26
for IP Ciscos implementation 17-1
adjacency specifying 16-18 clearing cache 17-29
advertised Hello interval setting 16-17 CLNP ISO documentation reference 17-1
area passwords configuring 16-20 CLNS routing enabling 17-11
Ciscos implementation 16-15 configuration examples 17-3017-44
conditional default origination 16-19 configuration task list 17-2
configuration task list 16-15 configuring
configuring 16-15 over SMDS 9-8
default route generating 16-19 over WANs 17-23
designated router election specifying 16-18 overlapping areas 17-37
domain passwords configuring 16-20 overview 17-1
enabling 16-16 performance parameters 17-25
enabling for an interface 16-16 congestion threshold 17-27
interface parameters configuring 16-16 creating filter expressions 17-22
interface password assigning 16-19 DEC-compatible mode configuration 17-25
link state metrics configuring 16-17 DECnet cluster alias configuration 17-24
network entity titles configuring 16-16 destination routing table displaying 17-29
password authentication 16-20 disabling ERPDU 17-27
retransmission level setting 16-18 displaying general information 17-29
route redistribution 16-36 DNS queries 17-9
router support specifying level 16-19 domains
Level routers 17-10 addresses 17-5
Level routing table displaying 17-29 establishing 17-5
link state database displaying 17-29 dynamic interdomain routing 17-37
processes per router 17-16 dynamic routing
route maps 17-20 configuring 17-13 isis adjacency-filter command 17-23 in overlapping areas 17-37 isis circuit-type command 16-18 17-19 protocol support 17-10 isis csnp-interval command 17-18 within domain 17-35
IS-IS for IP configuring 16-15 enabling on interface 17-12 isis hello-interval command 16-17 17-17 enabling on router 17-16 isis metric command 16-17 17-17 enabling routing 17-6 isis password command 16-19 17-19 end system See ISO CLNS ES
Index 25 ES routing protocols supported 17-1
definition 17-7 routing table
neighbors displaying 17-29 clearing entries from 17-29
ES-IS dynamic entries 17-10
ISO documentation reference 17-1 static entries 17-10
parameters 17-21 routing in more than one area 17-36
protocol overview 17-7 security-option packets allow to pass 17-25
fast switching serial interfaces supported 17-1
disabling 17-26 source route option 17-24
enabling 17-26 static routing
filter expressions configuring 17-11 17-12
displaying 17-29 overview 17-10
displaying filter sets 17-29 support of 17-1
GOSIP compliance 17-1 traffic statistics displaying 17-29
HDLC encapsulation 17-1 transmitting congestion information over Frame
header options 17-24 Relay 8-2
Hello messages specifying 17-22 X25
IGRP support 17-1 configuring over 17-23
interdomain routing example 17-34 encapsulation 17-1
interfaces displaying information about 17-29 ISO-IGRP
intermediate system See ISO CLNS IS addressing 17-3
intradomain static routing example 17-33 adjacency 17-22
IS area routing 17-10
definition 17-7 areas 17-10
neighbors displaying 17-29 border routers 17-15
IS-IS ISO documentation reference 17-1 Ciscos implementation 17-3
ISO standards supported 17-1 configuring 17-13
local source packet parameters 17-28 enabling 17-13
maintaining the network 17-29 filter expressions 17-22
MTU maximum 17-26 filters
multihoming configuring 17-6 aliases 17-23
neighbors listing for NSAP-to-SNPA mapping 17-8 applying to ES adjacencies 17-23
NETs applying to frames 17-23
assigning 17-5 applying to IS adjacencies 17-23
definition 17-2 applying to IS-IS adjacencies 17-23
next hop 17-5 applying to ISO-IGRP adjacencies 17-23
network connectivity testing 17-29 combining expressions 17-23
NSAPs templates 17-23
addressing rules 17-4 interdomain routing 17-10
background 17-2 Level routers 17-10
dynamic routing 17-2 metric adjustments 17-14
field formats 17-3 NETs 17-13
n-selector 17-2 network entity titles configuring 17-13
packet lifetime 17-28 packet forwarding 17-22
protocols supported 17-1 preferred routes 17-16
QOS option 17-24 processes per router 17-13
record route option 17-24 route maps 17-15
routes router level specifying 17-13
entering 17-5 routing information redistribution 17-15
next NET 17-5 information hop routing processes displaying protocol
NSAP prefix 17-5 about 17-29 cache routing split horizon 17-15
clearing 17-29 station IDs 17-10
displaying entries 17-29 station routing 17-10 17-29 reinitializing timing parameter adjustments 17-14
26 Router Products Configuration Guide iso-igrp adjacency-filter command 17-23 Level is-type command 16-19 17-21 adjacency 17-19
IS 17-7
routers
and ISO-IGRP 17-21
definition 17-10
Level KA9Q program 6-25 adjacency 17-19 keepalive command 16-41 IS 17-7 keepalive timers adjusting 16-41 routers keepalives and ISO-IGRP 17-10 and LQM 6-40 definition 17-10 IPX 18-19 routing updates 17-13 Kermit downloading files across router line 4-21 Level switching 6-4 Kinetics FastPath router 12-23 Level switching 6-4 K-Star version 12-5 line
activation message displaying 4-22
automatic disconnect configuring 4-15
auxiliary port configuring 4-1 backup see dial backup
LAN Network Manager configuring for file transfers 4-21
See LNM console port configuring 4-2
LAPB defining transport protocol 4-5
configuration example 7-29 disconnecting 2-33
configuration task list 7-5 information displaying 2-35 4-20 datagram transport 7-1 password assigning 2-33 description of 7-1 resetting
encapsulation 7-6 virtual terminal
frame error detection 7-5 7-6 adding 4-2 4-2 general statistics displaying 7-28 configuring
over leased serial line 7-5 7-6 eliminating 4-2
line NRZI 6-18 packet hold queue 7-7 coding line command 6-14 parameters table 7-7 4-1
retransmission criteria 7-5 7-6 line configuration commands description 2-112-12 4-1
line mode 2-3 lapb hold-queue command 7-7 configuration line lapb command 7-7 configuration mode entering 4-1 4-27 lapb ni command 7-7 LINE definition SDLLC lapb n2 command 7-7 required to configure 24-18 line numbers lapb protocol command 7-6 4-2 lapb tl command 7-7 absolute
LAT auxiliary 4-I
configuring compression 20-8 banners displaying 4-20
group codes 20-16 relative 4-2
service announcements virtual terminal 4-2
administrative filtering 20-15 line-in-use message defining 4-25 STUN deny conditions for LAT group codes 20-16 line-sharing device multipoint example 22-18
service 20-16 SDLC 24-8 group code filtering linespeed increasing permit conditions for LAT group codes 20-16 Link Access Procedure Balanced lcnode command 11-1 See LAPB
leased serial line link quality 6-40
CMNS on 7-16 7-37 Link Quality Monitoring
LAPB on 7-5 SeeLQM length command 4-17
Index 27 8-7 link state metrics selecting Frame Relay type
configuring IS-IS 17-17 specifications supported 8-1
configuring IS-IS for IF 16-17 LNM 1-28 IS-IS for IP configuring 16-17 and Cisco routers 21-31 link state PDU changing reporting thresholds
See LSP changing the reporting interval 21-31
LLC2 configuring on management stations 21-29
configuration examples 23-10 configuring support for 1-26
configuration task list 23-2 configuring the router 21-29
configuring number of frames received before configuring to ignore errors 1-44
acknowledgment example 23-10 example configuration for more complex
features supported 23-2 network 21-70
frequency of XID transmissions 23-6 example configuration for simple network 21-69
largest frame size for 24-7 monitoring 21-44
maximum delay for acknowledgments 23-3 preventing change in router parameters 1-29
maximum frames sent before requiring ACK 23-3 lnm alternate command 21-30
maximum frames sent before sending ACK 23-3 lnm crs command 21-30
number of retries allowed 23-3 lnm loss-threshold command 21-3
polling frequency 23-4 lnm password command 21-30
resending frames 23-4 lnm rem command 21-30
1-30 resending rejected frames 23-4 lnm rps command
transmission of information frames 23-2 mm snmp-only command 1-29 21-31 transmit-poll-frame timer 23-5 lnm soften command
XID retries 23-6 load balancing over serial lines 20-20
XID transmissions 23-6 load sharing example with RSRB 1-63
11c2 ack-delay-time command 23-3 LOCADD definition
11c2 ack-max command 23-3 adjusting for SDLLC 24-18
for 11c2 idle-time command 23-5 LOCADDR priority groups configuring STUN
LLC2 Local Acknowledgment example 22-22
advantages of enabling 21-15 locaddr-priority command 21-41
configuring for RSRB 21-13 locaddr-priority-list command 21-40 22-10
configuring example 21-61 Local Acknowledgment
NetBIOS timers 21-17 configuring for RSRB 1-13
overhead issues 21-16 configuring for SDLC 22-5
for 22-20 setting up 21-15 configuring STUN packets example
Ti timer problem 21-15 configuring LLC2 parameters 21-16
11c2 local-window command 23-3 configuring on per-STUN-peer basis example 22-20
llc2 n2 command 23-4 enabling for SDLC 22-6
1-54 11c2 ti-time command 23-4 example using with RSRB
11c2 tbusy-time command 23-5 LLC2
llc2 tpf-time command 23-5 See LLC2 Local Acknowledgment
llc2 trej-time command 23-4 SDLLC example 24-14
llc2 xid-neg-val-time command 23-6 Local Area Transport
11c2 xid-retry-time command 23-6 See LAT
LMI local management interface
configuring in Frame Relay 8-7 See LMI and Frame Relay
DCE error threshold 8-8 local routers
DCE monitored events count 8-8 See Level
DCE polling verification timer 8-8 LocalTalk 12-1
DTE error threshold 8-8 location command 4-25 4-25 DTE full status polling interval 8-8 location recording for serial device
keepalive interval 8-7 lock command 2-29
NNI error threshold 8-8 lockable command 4-20
NNI monitored events count 8-8 logging buffered command 5-29
NNI polling verification timer 8-8 logging command 5-29
28 Router Products Configuration Guide logging console command 5-29 clients displaying 12-29 logging facility command 5-30 configuration requirements 12-20 logging monitor 5-29 definition 12-19 logging on command 5-28 disadvantages 12-19 logging trap command 5-29 implementation 12-19
Logical Link Control Type server establishing 12-20
See LLC2 23-2 servers displaying 12-29 login command 2-32 4-20 5-15 traffic displaying statistics about 12-29 login local command 4-21 Magic Number 6-40 login tacacs command 4-21 5-19 Management Information Base login-string command 4-25 See Mifi logout command 2-33 map loop circuit command 6-52 Frame Relay 8-4 loopback X.25 dynamic 7-9
Ethernet server support 6-51 mapping
external 6-50 IP address-to-hostname 3-4
HSCI card ribbon cable 6-51 MAC address-to-IP address 3-4
HSSI externally requested 6-50 masks
interface 6-12 implicit in 1P access lists example 15-36
on CSC-FCI FDDI interface card 6-52 See also subnet masks
on HSSI 6-48 maximum paths
on MCI Ethernet card 6-51 Apollo Domain
on MCI serial card 6-51 6-52 description 11-4
on MEC Ethernet card 6-51 setting 11-5
on SCI serial card 6-51 6-52 IPX
on serial interface 6-48 description 18-15
on VMS system 6-52 setting 18-15 use with OSPF 16-13 XNS loopback command 6-49 6-5 6-52 description 19-8 loopback diagnostics 6-48 setting 19-9 loopback dte command 6-49 maximum transmission unit loopback line command 6-50 see MTU loopback remote command 6-50 MAXOUT changing value on host to improve SDLLC looped back nets detecting 6-40 performance 24-9 loops preventing bridge datagram 20-20 M-bit X.25 more data bit 7-24 lost password 5-16 MCI interface card
LQM 6-40 loopback on Ethernet 6-51 LSP retransmission interval 17-18 loopback on serial 6-51 6-52
LU address prioritizing SNA traffic based on 21-39 pulsing DTR signal on 6-42
serial interface 6-2
MEC interface card loopback on Ethernet 6-51
Media Access Control
See MAC
media translation SDLLC customizing 24-7 MAC addresses media-type lObaset command 6-31 administrative filtering by 20-11 media-type aui command 6-31 MAC addresses determining 15-6 media-type command 6-31 MAC address-to-IP address mapping 3-4 memory MAC layer displaying use of 5-39 and source-route bridging 21-1 running out during netboot 3-18 MAC DECnet addresses changing 14-4 message-of-the-day banner 4-22 mac-address command 1-44 messages MacIP debug displaying 4-26 address ranges 12-20 GDP Query 16-31 addresses allocating 12-21 GDP Report 16-31 advantages 12-19
Index 29 idle terminal 4-22 modem chat script example 10-28
Internet broadcast establishing 15-15 modem chat-script command 4-15 10-7
IP destination unreachable 15-19 modem cts-required command 4-8
line activation 4-22 modem dtr-active command 4-7
line-in-use defining 4-25 modem inout command 4-13
Telnet failed connection 4-25 modem ri-is-cd command 4-9 4-13
Telnet login 4-25 modes
Telnet successful connection 4-25 See command modes
vacant terminal 4-22 monitoring DDR connections 10-22 metric holddown command 16-7 mop device-code command 3-26 metric maximum-hops command 16-8 mop enabled command 6-32
metric weights command 16-7 17-14 mop retransmit-timer command 3-26 metrics mop retries command 3-26
automatic translations between IP routing MOP server
protocols 16-37 booting automaticallyfrom l7-3- 18
routing downloading configuration files from 3-20
IPX 18-1 forwarding boot requests to 3-26
Net/One 19-1 19-2 mop sysid command 6-32
VINES 13-1 more data bit X.25 7-24 XNS 18-1 19-1 19-2 MOTD banner 4-22
translations supported between IP routing MTU
protocols 16-37 adjusting media MTU 6-44
MIB definition 15-20
description 5-1 IPofpath 15-18
FDDI support 6-6 IP specifying size 15-20
source-route 21-2 bridging support ISO CLNS maximum 17-26
Token Ring support 21-2 mtu command 6-44
variables multicast SNMP support 5-12 addresses forwarding 20-6 Token Ring support 6-4 transparent bridging example 20-26 microcode images loading 3-36 transparent bridging example with 20-29 microcode interface-type command 3-36 multidrop SDLLC configuration example 24-12 microcode reload command 3-37 multihoming
microcode writable control store WCS 3-36 advantages 17-6
microwave communications simplex Ethernet 15-21 areas 17-6 MLIS configuring 17-6
See MultiLIS definition 17-6 modem IS-IS areas 17-6
automatic dialing 4-7 ISO CLNS 17-6
connections closing 4-8 MultiLIS
dial-in and dial-out supporting 4-13 configuration example 9-12
dial-in supporting 4-11 on SMDS 9-1 9-9 20-6 4-15 high-speed configuring 4-9 multiple destinations configuring DDR example 10-25
line configuration for continuous CTS figure 4-9 multiple logical IP subnet
line configuration for high-speed dial-up modem See MultiLIS
figure 4-10 multiple logical IP subnets
line configuration for incoming and outgoing calls See MultiLIS 4-14 figure multipoint STUN using with line-sharing device 22-18 line for modem call-in configuration figure 4-11 Multiport Communications Interface card
line configuration for modem call-out figure 4-13 See MCI interface card
line 4-14 timing configuring multiport source-route bridging example 21-6 21-48
reverse connections supporting 4-12 multiprotocol configuration example SMDS 9-11 modem answer-timeout command 4-12 4-14 multiring command 21-18 modem callin command 4-11 modem callout command 4-12
30 Router Products Configuration Guide RIP updates 19-1
routing protocol 19-1
netbios access-list command 1-34 Name Binding Protocol bytes See NBP netbios access-list command 18-6 18-10
netbios access-list host command 21-33 name display facility AppleTalk configuring 12-16 netbios enable-name-cache command 21-25 name mapping netbios NETs 17-9 input-access-filter bytes command 21-34 netbios NSAPs 17-9 input-access-filter host command 1-33 netbios name-cache name-connection command 2-34 command 1-25 NBP netbios name-cache query-timeout command 1-26 netbios name-cache definition 12-2 12-16 recognized-timeout command 21-26 netbios name-cache command name registration table 12-29 ring-group 21-25 netbios name-cache timeout command services displaying 12-29 1-25 netbios NCP definitions output-access-filter bytes command 21-34
netbios output-access-filter host command 21-33 configuring for SDLLC 24-15 NetBIOS IBM NCP DECnet parameters 14-2 access control filtering 1-32 neighbor configure-neighbors command 16-22 access control using offset 21-33 neighbor distribute-list command 16-23 byte 1-32 access control using station names 1-32 neighbor ebgp-multihop command 16-26 assigning station access list name 21-32 neighbor filter-list command 16-23 16-24 cache adding static 21-69 neighbor neighbor-list command 16-22 entry example configuring with access filters 21-76 neighbor next-hop-self command 16-24 example error 21-17 neighbor remote-as command 16-22 recovery
with access filters 21-71 neighbor third-party command 16-29 example configuration name neighbor update-source command 16-26 caching static entries 1-25 neighbor version command 16-26 creating 1-25 neighbor weight command 16-24 enabling
specifying dead time interval 21-25 neighbor any command 16-26 support configuring 1-23 neighbor any command EGP 16-31 NetBIOS IPX neighbor any third-party command 16-31 access control 18-9 neighbor command EGP 16-29 18-9 neighbor command IORP 16-6 description 18-10 neighbor command OSPF 16-11 filtering messages neighbor command RIP 16-15 netbooting definition 3-17 neighbor stations VINES example 3-18 adding static paths 13-10 3-23 deleting 13-11 manually over Frame 8-13 deleting static paths 13-10 Relay example over X.25 example 7-41 displaying 13-11 NETs neighbors ISO CLNS 17-8 17-13 net command 16-16 17-6 17-13 17-16 configuring 16-16 17-6 Net/One configuring IS-IS foriP 16-16 IS-IS number router 17-17 booting protocol 19-1 per ISO CLNS addresses 17-2 differences from XNS 19-1
emulation mode ISO-IGRP number per router 17-13
definition 19-2 name mapping 17-9
static addresses for router 17-7 17-11 enabling 19-4 network command 16-5 receiving RiP updates 19-2 network command backdoor 16-26 enabling routing 19-4 19-13 network command 16-22 flooding broadcasts 19-2 BOP network command 16-2g hello packets 19-1 EGP network command OSPF 16-9 metrics routing 19-1 19-2 network command RIP 16-14 Network Management Consoles configuring 19-2
network management protocols 19-2 Network Resource Monitor 19-2
Index 31 network configuration file IDI 17-3
description 3-20 IDP 17-3
loading from server 3-20 GOSIP format 17-4
minimal required for Autolnstall 3-9 IS-IS addresses
role in Autolnstall 3-4 area addresses 17-3
Network Control Program n-selector 17-3
See NCP system ID 17-3 network diameter enforcing IGRP 16-8 ISO CLNS addresses 17-2 ISO-IGRP addresses Network Entity Titles
see NETs area addresses 17-3
Network Management Consoles configuring 19-2 domains 17-3
network mode configuring dedicated 6-16 field formats 17-3
network number n-selector 17-3
ID 17-3 Apollo Domain 11-2 system IPX 18-1 media address mapping 17-8
VINES 13-1 name mapping 17-9
XNS 19-2 prefix 17-12
Network Resource Monitor Net/One 19-2 routes entering 17-5
network server priority queuing 5-33 shortcut command 17-9
network service access points SNPA mapping 17-8
See NSAPs static address assignments 17-7
Network Time Protocol static addresses 17-24
See NIP n-selector
Network to Node Interface NNI Frame Relay 8-6 IS-IS 17-3
network troubleshooting operations 5-32 ISO CLNS 17-2
no debug command 5-32 ISO-IGRP 17-3
node number IPX 18-1 NIP
nonbroadcast networks configuring OSPF on 16-11 access group 5-7
nonextended network associations configuring 5-6
See AppleTalk nonextended network configuring 5-5
5-4 non-return to zero inverting description
See NIRZI disabling services 5-7
NOS 6-25 showing status 5-12
5-4 note description xlvi stratum time 5-4 notify command 4-25 synchronizing
Novell IPX time services 5-4
See IPX ntp access-group command 5-7
NRZIencoding 6-18 ntp authenticate command 5-6 md5 command 5-6 nrzi-encoding command 6-18 ntp authentication- key
NSAPs ntp broadcast client command 5-6
addresses ntp broadcast command 5-40
area addresses 17-3 ntp broadcast version command 5-6
IS-IS 17-3 ntp broadcastdelay command 5-6
ISO-IGRP 17-3 ntp disable command 5-7
Level routing 17-3 ntp master command 5-8 5-41
mapping to media addresses 17-7 ntp peer command 5-6 5-8 5-40 system ID definition 17-3 ntp server command 5-6 5-8
addressing rules 17-4 ntp source command 5-8
addressing structure figure 17-4 ntp trusted-key command 5-6
dynamic routing 17-2 ntp update-calendar command 5-8 5-40
fields null interface configuring 6-13
AR 17-3 17-4
DSP 17-3
formats 17-3
32 Router Products Configuration Guide out-of-order packet 3-30 Packet Switched Nodes DDN X.25 7-2 7-16
character as router output 3-24 packets ocommand 3-13 administrative filtering 20-13 offset-list command 16-39 compressed TCP header 7-25
Organizational Unique Identifier dispatch character 2-27 4-5
See OUI dispatch timeout 2-27 4-5
OS explorer configuring 21-8
See ISO CLNS filtering Ethernet-encapsulated 20-13 20-14
OSPF filtering IEEE 802.3-encapsulated 20-14
assigning cost to the default external route 16-12 filtering SNAP-encapsulated 20-13 20-14
broadcasts on X25 7-10 setting maximum size 6-44
Ciscos implementation 16-8 X.25
complex configuration example 16-52 acknowledgement configuring 7-24
conditional default origination 16-13 input 7-24
conditional default origination example 16-58 output 7-24
configuration task list 16-9 padding command 4-19
configuring 16-8 padding packets IPX 18-18
configuring area parameters 16-12 parameters displaying terminal line 2-35
configuring basic commands example 16-48 16-49 parity
configuring for broadcast or nonbroadcast configuring for line 4-4
networks 16-11 for current line 2-26
configuring interface parameters 16-10 parity command 4-4
configuring lookup of DNS names 16-13 passenger protocol tunneling 6-25
configuring nonbroadcast networks 16-11 passive-interface command 16-38
configuring routers for an AS example 16-50 Passthrough RSRB example 21-58
configuring the network type 16-11 password command 4-20 5-15
creating virtual links 16-12 passwords
defining an area as stub area 16-12 assigning for line 4-20
enabling 16-9 assigning examples 4-28
enabling authentication for an area 16-12 authentication IS-IS for CLNS 17-21
forcing choice of Router ID 16-13 configuring IS-IS for CLNS 17-19
generating default routes 16-13 disabling 5-16
multicast addressing 16-11 enabling 5-15
route redistribution example 16-48 enabling password checking on line 4-20
sending IRDP advertisements to multicast encryption 5-16
address 16-33 IS-IS for CLNS
setting advertised Hello interval 16-10 assigning for domain 17-21
setting link state retransmission interval 16-10 assigning for an area 17-21
setting router dead interval 16-10 assigning for an interface 17-19
setting router priority 16-10 IS-IS for IP
setting transmission time for link state updates 16-10 assigning for area 16-20
specifying address range for single route 16-12 assigning for domain 16-20
specifying OSPF authentication key 16-10 assigning for interface 16-19
specifying path cost 16-10 authentication passwords 16-20
using multicast 16-8 recovering lost 5-16
OUl choosing for Ethernet Type II frames 20-5 paths
costs assigning for transparent bridging 20-18
discovery MTU 15-18
PC/3270 emulation and source-route bridging 1-43 PCMFDDI 6-36 PDU
error see ERPDU
redirect see RDPDU
Index 33 performance management 5-2 preferred routes
period as router output 3-24 IS-IS 17-20 permanent virtual circuit specifying with ISO-IGRP 17-16
See PVC primary station
Phase definition 23-1
See AppleTalk Phase enabling router as 23-7 Phase priority groups configuring for STUN example 22-22
See AppleTalk Phase priority list definition 5-34
Physical Connection Management priority queuing
See PCM assigning default 5-35 ping command assigning levels for 22-7 12-29 AppleTalk assigning to protocol 5-35
before TFP 3-33 assigning to an interface 5-35 DECnet by interface type 5-35
privileged 14-15 description 5-33
user 14-15 group 5-36
during.loopback 6-48 maximum packets 5-36
monitoring 5-37
privileged 15-31 types of 5-34
user 15-31 priority-group command 5-36 22-9 IPX 18-19 priority-list command 5-35 22-9 ISO CLNS priority-list interface command 5-35
privileged 17-29 priority-list protocol command 5-35 21-40
user 17-29 priority-list queue-limit command 5-36
over serial lines 7-40 multiple X25 priority-list stun address command 22-10
to test 5-26 connectivity priority-list stun command 5-36
VINES 13-11 private command 4-20
XNS 19-12 privileged EXEC commands controlling access to 5-16
Point-to-Point Protocol privileged EXEC mode 2-3 2-4 See PPP prompts system 2-3 polling protocol data unit
controlling for secondary stations 23-9 See ERPDU and RDPDU 23-5 frequency protocol type filtering by 20-12
interval 23-5 protocols
timer transmit-poll-frame 23-5 carrier tunneling 6-25 Poor Mans DECnet Routing on 14-7 defining transport 4-5 port ES-IS 17-11
See line exterior IP gateway list 16-2 mode 6-46 port passenger tunneling 6-25 for port numbers reverse connections 4-16 transport tunneling 6-25 PPP proxy ARP definition 15-11 6-15 enabling proxy explorers configuring 21-42
encapsulation configuring 6-15 proxy network numbers
establishing connections 6-17 assigning 12-26 EXEC command using figure 6-54 assigning example 12-44
Magic Number support 6-40 proxy polling
maldng connection example 6-54 configuring 22-11 with 5-23 using CHAP configuring for STUN example 22-24 with using DDR 10-14 setting the interval for 22-12 ppp authentication chap command 5-23 6-39 10-15 pseudo-broadcasting
10-18 example of SMDS 9-13 ppp command 6-17 SMDS 9-1 ppp quality command 6-40 PU definition required to configure SDLLC 24-18
34 Router Products Configuration Guide data network public redistribute command 16-37 17-15 17-20 7-35 CMNS over redistribute static cins command 17-20 X.25 7-22 7-2 redistribute static command 17-15
PVC redistribution
configuration example 7-31 IGRP 7-10 establishing example 16-47 7-33 establishing example of routes disabling default information between
IP traffic 7-33 exchange example processes 16-37 on subinterface 6-21 of routes using same metric value for all
switching on same router example 7-31 routes 16-37
X25 switched 7-14 IS-IS for CLNS 17-20
X.25 tunneled 7-14 IS-IS foriP 16-36
ISO-IORP 17-15
RIP IP example 16-47
RIP and IGRP protocol example 16-47
routing information 16-36
static routing example 16-46 QOS option 17-24 using route maps 16-36 17-15 17-20 query message GDP 16-3 refuse-message command 4-25 queue controlling hold 6-43 X.25 regular expressions pattern matching example 7-31 queue-list command 5-35 rejected frames setting time for resending 23-4 queue-list interface command 5-35 relative line number 4-2 queue-list protocol command 5-35 reload command 2-14 3-16 3-21 3-22 3-23 queue-list command 5-36 queue byte-count REM queue-list queue limit command 5-36 changing the reporting interval 21-31 queue-list stun command 5-36 function in LNM 21-28 queuing remote peer configuring SMDS example 9-12 assigning default priority 5-35 remote peer enabling LLC2 Local Acknowledgment priority 5-33 with 21-16 queuing priorities remote router automatic dialing 4-7 assigning by LU address 22-10 remote source-route bridging assigning by serial interface address 22-9 configuring over TCP connection 21-12 21-15
configuring with Local Acknowledgment for LLC2 21-13
enabling class of service 21-40
enablingFST 21-il
RARP server example for FST connection 21-51
configuring for Autolnstall 3-9 example using Local Ack and Passthrough 21-58
configuring router as 3-24 example with all transport types 21-53
role in Autolnstall figure 3-4 example with load sharing 21-63
RARP definition 15-6 example with Local Acknowledgment 1-54
RDPDU IP encapsulation over TCP 21-12
configuring for sending ISO CLNS 17-28 largest frame 1-43
interval to disable 17-28 listing peer bridges 21-13 receive calls configuring to 10-12 proxy explorers 21-44
Receive Data signal 4-6 simple reliability 1-63 receiving calls TCP connection example 21-50
from single site 10-13 with direct encapsulation 21-9
from multiple sites 10-13 REMOTTO definition adjusting for SDLLC 24-18
from multiple sites on single line or mutiple report message GDP 16-3
lines 10-13 Request To Send signal 4-6 record route option 17-24 responder support AppleTalk 12-30 recursive route problem 6-27 resume command Telnet 2-32 redirect protocol data unit retransmission interval LSP setting 17-18
See RDPDU retransmission interval setting for IP IS-IS 16-18
Index 35 Reverse Address Resolution Protocol ROM monitor mode
See RARP entering 3-22 reverse connection mode 4-16 summary 2-3 reverse connections configuring 4-16 using 2-14 reverse modem connections supporting 4-12 root bridge selecting 20-18
RIF rotary command 4-15
cache rotary groups 4-15 adding static entry for two-hop path configuring 4-15 example 1-65 description dialer adding static entry example 1-65 see rotary groups cache 15-29 clearing 6-47 route invalidation controlling
configuring static entry 21-18 route cost for DECnet interarea enabling use 21-18 maximum routing 14-10 establishing ring groups 21-18 setting for DECnet intra-area use in source-route bridging 21-1 21-18 maximum routing 14-9 rif command 21-18 setting 2-14 rif timeout command 21-19 route map configuration commands description mode 2-3 Ring Error Monitor route map configuration See REM route maps
for redistribution 16-36 ring group defining IS-IS 17-20 assigning to an interface 21-6 redistributing into ISO-IGRP 17-15 defining for SRB 21-6 redistributing into
definition 21-6 route summarization
example 21-48 IS-IS addresses 16-20
RING signal 4-6 OSPF addresses 16-12 17-20 ring scheduling FDDI 6-35 route-map command 16-36 17-15 RIP router bgp command 16-22
router 2-122-13 allowing point-to-point updates 16-15 configuration commands description mode 2-3 configuring 16-14 router configuration
list 16-2 explanation of hop count 16-14 router discovery protocols
IF router egp command 16-31 command 16-28 configuring 16-14 router egp command 16-5 detecting routers using 15-13 router igrp
isis command 17-16 enabling 16-14 router 16-16 command 17-13 redistribution example 16-47 router iso-igrp IPX router level specifying IS-IS for iF 16-19
16-9 description 18-13 router ospf command 16-14 update timers 18-13 router rip command
routes updates delay between 18-13 16-30 NetlOne updates 19-1 default EGP
running with IGRP 16-15 default IP
use to detect routers 15-13 determining gateway of last resort 16-3
XNS specifying 16-35
delay between updates 19-8 IGRP types 16-4
update timers 19-8 static 16-34 update timers example 19-14 IP configuring
updates description 19-1 IPX 18-13 13-10 updates receiving 19-2 19-4 VINES ROM XNS 19-8
booting automatically from 3-18 routing 6-17 booting from example 3-18 configuring asynchronous 16-3 booting manually from example 3-23 information filtering task list ROM monitor on Token Ring 6-4
booting system image from 3-22
commands description 2-142-15
36 Router Products Configuration Guide routing cache ISO CLNS table
clearing 17-29 adding static entries 18-14
displaying entries 17-29 static entries 18-14
reinitializing 17-29 update interval 18-14
Routing Information Field satellite link LAPB as transport 7-5
See RIF scheduler-interval command 5-33
Routing Information Protocol VINES SCI interface card
See VINES RTP loopback on serial 6-51 6-52 routing table support for synchronous serial interface 6-2 AppleTalk SDLC
controlling 12-24 affecting output buffering 23-9
creating update filters 12-13 assigning primary or secondary roles 22-6
displaying entries 12-29 configuration examples 23-10
setting update timers 12-26 configuration task list 23-7
update timers changing 12-26 configuring example 23-11
BGP attributes 16-25 controlling buffer size 23-9
controlling frame size 23-9
dynamic 16-35 controlling the protocol 23-8
removing entries from 16-5 controlling window size 23-9
static 16-35 determining use of FRMRs 23-8
IPX 18-8 18-19 displaying configuration for 23-10
ISO CLNS increasing the line speed for 24-8
dynamic entries 17-10 polling secondary stations controlling 23-9
static entries 17-10 retry counts controlling 23-8
VINES specifying largest I-frame size for 24-8
adding static routes 13-10 timers controlling 23-8
deleting entries from 13-11 sdlc address command 23-8
displaying entries 13-11 sdlc fair-poll-timer command 23-10
XNS 19-7 sdlc frmr-disable command 23-8
Routing Table Maintenance Protocol sdlc holdq command 23-9 See RTMP sdlc command 23-9
RPS function in LNM 21-28 sdlc ni command 23-9
RS-232 auxiliary port signals 4-6 sdlc n2 command 23-8
RTMP sdlc poll-limit-value command 23-10
advertising routes with no zones 12-25 sdlc poll-pause-timer command 23-10
definition 12-2 sdlc sdlc-largest-frame command 24-8
routing table update timers changing 12-26 sdlc ti command 23-8
routing updates disabling transmission 12-25 SDLLC
strict checking of routing updates 12-24 Ciscos implementation 24-1
RTP redirect messages 13-8 configuration examples 24-12
RTS signal 4-6 configuration for single 37x5 and single 3x74
RXDATA signal 4-6 example 24-12 rxspeed command 4-4 configuration task list 24-3
configuring with RSRB and Local
Acknowledgment 24-6
customizing 24-7
displaying Local Acknowledgment state for 24-9
how how frame size differences are resolved 24-2 SAP increasing the SDLC line speed for 24-8 controlling responses to GNS requests 18-15 specifying largest SDLC I-frame size for 24-8 description 18-1 specifying the largest LLC2 I-frame size for 24-7 filters creating 18-8 virtual Token Ring implementation 24-2 GNS access lists 18-4 sdllc partner command 24-4 maximum queue length setting 18-14 sdllc ring-largest-frame command 24-8 setting delay between packets 18-12 18-14 sdllc traddr command 24-4 static entries configuring 18-14
Index 37 SDLLC with Ethernet and Translational Bridging 24-7 Service Advertisement Protocol sdllc xid command 24-4 See SAP
SDSU SMDS CSUIDSU 9-1 service config command 3-20 secondary addresses service exec-wait command 5-38
IP use in networking subnets 15-32 service finger command 2-35
use in Frame Relay and SMDS example 16-66 service linenumber command 4-20 secondary station service nagle command 5-26
controlling polling for 23-9 service password-encrytion command 5-16
definition 23-1 Service Profile Identifier
enabling router as 23-7 See SPID security service tcp-keepalives- command 5-25
IP See IPSO service telent-zero-idle command 5-38
management 5-2 5-15 service timestamps command 5-31 5-32
See also CHAP service dial backup security precautions with Flash memory card 3-15 See dial backup seed router AppleTalk 12-7 session-limit command 4-6 serial encapsulation sessions
See direct encapsulation exiting 2-33 serial interface cards loopback on 6-52 limiting number per line 4-6 serial interface synchronous 6-2 session-timeout command 4-6 serial interfaces setting the system clock 5-3
asynchronous setup command 3-5
configuring 6-14 Shiva FastPath 12-5
encapsulation 6-3 show access-lists command 15-31
backup show apollo arp command 11-5
See dial backup show apollo interface command 11-5
clearing 6-47 show apollo route command 11-5
clock rate 6-42 show apollo traffic command 11-5
configuring 6-17 show appletalk access-lists command 12-29
configuring IP example 15-32 show appletalk adjacent-routes command 12-29 DCE appliques 6-42 show appletalk arp command 12-29
DTR signal pulsing 6-42 show appletalk cache command 12-29 IP processing on 15-4 show appletalk global command 12-29 LAT compression 20-8 show appletalk interface command 12-29 Link Quality Monitoring 6-40 show appletalk macip-clients command 12-29
load balancing 20-20 show appletalk macip-servers command 12-29
loopback on 6-48 6-52 show appletalk macip-traffic 12-29
loopback test on 6-51 show appletalk name-cache command 12-29
parallel 20-20 show appletalk nbp command 12-29
synchronous show appletalk neighbors command 12-29
adjusting characteristics 6-42 show appletalk route command 12-29
encapsulation 6-3 show appletalk socket command 12-30
maintaining 6-47 show appletalk traffic command 12-30
transmit delay 6-42 show appletalk zone command 12-30
serial line show arp command 9-10 15-31 leased 7-37 CMNS over show async status command 6-45
encapsulation 6-30 show async-bootp command 3-26
LAPB over leased 7-5 show bridge command 20-21
Serial Line Address Resolution Protocol show buffers command 5-37
See SLARP show calendar command 5-12
Serial Line Internet Protocol show clns cache command 17-29
See SLIP show clns command 17-29
Serial-port Communications Interface card show cbs es-neighbors command 17-29 See SCI interface card show clns filter-expr command 17-29
show clns filter-set command 17-29
38 Router Products Configuration Guide 17-29 show clns interface command show ip ospf database command 16-43
show cins is-neighbors command 17-29 show ip ospf interface command 16-43 17-29 show clns neighbors command show ip ospf neighbor command 16-43
show cins protocol command 17-29 show ip ospf virtual-links command 16-43
show clns route command 17-29 show ip protocols command 16-43
show clns traffic command 17-29 show ip redirects command 15-31
show clock comrhand 5-12 show ip route command 15-31 16-43
show cmns command 7-28 show route command 15-3 ip summary 16-43
show command 1-24 show command configuration 3-32 5-15 ip tcp header-compression 15-31
show controllers bri 6-45 show traffic 15-31 command 6-5 ip command
show controllers command 6-3 6-4 6-5 6-10 6-45 show ipx interface command 10-22
show controllers mci command 6-3 show ipx servers command 18-20
show controllers serial command 6-3 show isis database command 16-43 17-29
show controllers token command 1-44 show isis routes command 17-29
show debugging command 5-32 show line command 2-35 4-16
show decnet command 14-15 show 11c2 command 7-28 23-6 24-9
show decnet interface command 14-16 show lnm bridge command 21-3 21-44
show decnet map command 14-16 show lnm config command 21-3 21-44
show decnet route command 14-16 show lnm interface command 21-31 21-44
show decnet traffic command 14-16 show lnm ring command 21-31 21-45
show dialer command 10-22 show lnm station command 21-3 21-45
show environment all command 5-24 show local-ack command 1-45 24-9
show environment command 5-24 show logging command 5-29 5-31
show environment last command 5-24 show memory 5-39 show environment table command 5-24 show microcode command 3-37 show flash all command 3-32 show netbios-cache command 1-45 show flash command 3-32 show novell cache command 18-19 show frame-relay lmi command 8-11 show novell interface command 18-20 show frame-relay map command 8-11 show novell route command 18-20 show frame-relay pvc command 8-11 show novell traffic command 18-20 show frame-relay route command 8-11 show ntp associations command 5-12 show frame-relay traffic command 8-11 show ntp status command 5-12 show command 2-19 history show processes command 5-24 show hosts command 15-31 show processes memory command 5-39 show interface command 10-22 show protocols command 5-24 show interface command 13-3 show queuing custom command 5-37 show interface serial command 24-9 shdw queuing priority command 5-37 show interface tunnel command 6-30 show rif command 6-46 show interfaces async command 6-46 show route-map command 16-43 17-29 show interfaces command 6-3 6-4 6-5 6-10 6-45 6-46 show sessions command 2-34
7-28 21-44 23-10 show smds addresses command 9-10 show interfaces serial command 8-11 show smds map command 9-10 show ip accounting checkpoint command 15-3 show smds traffic command 9-10 show ip aliases command 15-31 show snmp command 5-14 show ip arp command 15-31 show source-bridge command 21-45 show ip bgp command 16-43 show span command 20-2 show ip bgp neighbors command 16-43 show stacks command 5-38 show ip bgp paths command 16-43 show stun command 22-13 show ip bgp summary command 16-43 show stun sdlc command 22-13 show ip cache command 15-31 show tcp command 2-34 show ip egp command 16-43 show terminal command 2-35 show ip interface command 15-3 show users command 2-35 show ip irdp command 16-43 show version command 3-13 3-32 3-35 6-46 show ip masks command 15-3 show vines access command 13-11 show ip ospf command 16-43 show vines cache command 13-11
Index 39 vines host 13-11 show command disabled split horizon 16-42 show vines interface command 13-11 DXI 3.2 with heartbeat 9-1 9-9 show vines ipc command 13-11 dynamic routing table 9-1 9-7 show vines neighbors command 13-1 enabling ARP 9-5 show vines route command 13-11 enabling via encapsulation 9-3 show vines services command 13-11 hardware requirements 9-2 show vines traffic command 13-11 IP addresses 9-9 show x25 map command 7-28 IP fast switching 9-10 show x25 remote-red command 7-28 IP on 9-7 show x25 route 7-28 command IP split horizon 9-1 show x25 command 7-28 vc monitoring activity 9-10 show xns cache command 19-12 multicast address map 9-5 show interface xns command 19-12 multiple logical IP subnet MultiLlS 9-1 9-9 show xns route command 19-12 multiple logical IP subnet MuttiLIS example 9-12 show traffic xns command 19-12 multiple logical IP subnets MultiLlS 20-6 shutdown command 6-47 multiprotocol configuration example 9-11 shutdown interfaces network connection 9-1
example 6-55 Novell on 9-8
result 6-47 protocols supported 9-1 signaling phase FDDI CMT 6-37 pseudo-broadcasting 9-1 9-9 signals pseudo-broadcasting example 9-13 DTR 6-42 pulsing remote peer configuration example 9-12
RS-232 4-6 required protocol multicasts table 9-7 simple access lists SDSU equipment 9-1
See access lists standards defining 9-1
Network Protocol Simple Management static map entries 9-4
See SNMP static routing table 9-1 simplex circuit definition 15-2 task list 9-3 simplex Ethernet interfaces configuring IP 15-21 VINES on 9-8 single-site calling 10-7 XNS on 9-8
SLARP role in Autolnstatl figure 3-3 smds address command 9-4
SLIP smds dxi command 9-9
configuring encapsulation 6-15 smds enable-arp command 9-5
making connection example 6-54 smds multicast arp command 9-6 command 6-17 slip smds multicast bridge command 9-8 20-6
SLIP drivers IPTalk 12-2 smds multicast command 9-5
establishing connections connections 6-17 smds multicast 9-9 SLIP ip command SMDS smds static-map command 9-4 address 9-4 smds 9-10 mapping static-map ip command address resolution ARP 9-5 SMT message queue size setting 6-38 address specification 9-4 smt-queue-threshold command 6-38 addresses SNA
broadcast 9-5 configuring transmissions groups for 22-3
European 9-2 error recovery 21-17 mutticast 9-5 local LU address priorities 21-41 North American 9-2 prioritizing traffic 1-39
AppleTalk on 9-8 SNAP
over 9-1 9-8 bridging example configuration filtering access 21-73 broadcast ARP messages 9-6 filtering encapsulated packets 20-13 20-14
Ciscos 9-1 implementation filtering on input or output 21-35 CLNS on 9-8 SNMP
configuration examples 9-11 AppleTalk configuring 12-17
configuring transparent bridging over 20-6 description 5-1
customizing 9-7 traps 5-12 5-13 DECnet on 9-5 9-7
40 Router Products Configuration Guide SNMP server source-bridge tcp-peername 24-6
configuring 5-12 source-bridge tcp-queue-max number command 1-45
description 5-12 source-bridge transparent command 21-21
shutdown mechanism 5-14 source-route autonomous-switching cache snmp server command 12-17 enabling 21-41 snmp-server access-list command 5-13 source-route bridging administrative 1-34 snmp-server chassis-id command 5-14 filtering andSNA snmp-server community command 5-13 5-14 12-17 21-121-21 RIF 21-65 snmp-server contact command 5-14 assigning Ciscos 21-2 snmp-server host command 5-13 implementation 1-46 snmp-server location command 5-14 configuration examples
snmp-server packetsize command 5-13 configuration task list 21-3
snmp-server queue-length command 5-13 configuring dual-port bridge 21-5 command 5-14 remote 21-8 snmp-server system-shutdown configuring command 5-13 definition 21-I snmp-server trap-authentication 5-13 dual 1-47 snmp-server trap-source command port configuration 5-13 21-5 snmp-server trap-timeout command enabling
SNPA enabling multiport bridge 21-6
masks 17-28 example for routing protocols also 1-48
NSAP mapping 17-8 example with multiple virtual ring groups 1-49
socket numbers IBM PC/3270 emulation 1-43 21-43 See port numbers interoperability
software flow control local See also local source-route bridging 6-47 configuring 2-26 4-5 maintaining
setting for session 2-26 multiport example 1-48
software flow control setting 4-4 NetBIOS access control 1-32
source addresses administrative filtering 20-12 1-36 NetBIOS protocol 21-1
source-bridge command 21-5 21-7 21-10 21-12 21-13 overview 21-1
21-16 remote See also remote source-route bridging
source-bridge cos-enable command 21-4 RIF timeout interval 1-19
source-bridge enable-80d5 command 1-22 securing the network 1-32
source-bridge fst-peername 24-5 24-6 Token Ring 6-4
source-bridge fst-peername command 21-11 tuning 21-39 21-36 21-18 source-bridge input-address-list command usingRiFin 21-4 source-bridge input-lsap-list command 1-35 source-route fast-switching cache disabling
source-bridge input-type-list command 1-35 source-route transparent bridging See SRT source-bridge largest-frame command 21-43
source-bridge max-hops command 21-8 spanning tree BPDU intervals 20-18 source-bridge old-sna command 1-43 adjusting interval 20-19 source-bridge output-address-list command 1-36 adjusting forward delay idle 20-19 source-bridge output-lsap-list command 1-35 adjusting maximum interval 20-4 source-bridge output-type-list command 1-35 assigning interface to group 20-18 source-bridge proxy-explorer command 21-42 assigning path costs
source-bridge proxy-netbios-only command 1-24 bridging and routing IP 20-7
source-bridge remote-peer command 21-11 disabling on an interface 20-19
source-bridge remote-peer fst 21-11 establishing multiple domains 20-6 command 21-10 21-7 source-bridge remote-peer interface explorer
source-bridge remote-peer tcp command 21-13 21-15 interface priority setting 20-18
source-bridge ring-group 24-5 24-6 known topology displaying 20-21
21-10 load 20-20 source-bridge ring-group command 21-6 balancing
source-bridge route-cache cbus command 21-42 multiple domains establishing 20-8
source-bridge route-cache command 21-41 parameters 20-17 source-bridge sap-80d5 command 21-22 adjusting Hello BPDU interval 20-19 source-bridge sdllc-local-ack command 24-6 adjusting forward interval 20-19 source-bridge spanning command 21-7 21-8 defining delay
Index 41 maximum idle interval defining 20-19 static routing table 17-5
electing the root bridge 20-18 table entries 17-10
for interface 20-18 setting priority an station configurations displaying LLC2 23-6
setting the bridge priority 20-18 station IDs ISO-IGRP 17-ID
topology configuring 21-7 station names use in NetBIOS access control 1-32
special-character-bits command 4-19 station routing
speed command 4-4 IS-IS 17-10
SPID 6-33 ISO-IGRP 17-10
horizon split stopbits command 4-4 effect on SMDS 9-I stop-character command 4-5
IF enabling 16-41 stratum 5-4
ISO-IGRP enabling 17-15 stub area
VINES 13-8 See OSPF
spoofing IPX 18-19 STUN SRITLB configuring LOCADDR priority groups for 22-22 with IBM 8209 21-21 compatibility bridges configuring Local Acknowledgment for STUN 21-21 enabling packets example 22-20 for example simple network 21-66 configuring Local Acknowledgment with with example access filtering 1-68 example 22-20
in IBM LLC2 environments 1-22 configuring protocol groups 22-3
IBM 8209 and Cisco routers 21-21 mixing bridges configuring proxy polling for example 22-24 overview 21-19 enabling 22-2
routers in the same network with IBM 8209 enabling proxy polling 22-12
bridges 21-21 example configuration for priority setting 22-14
Token Ring LLC2 to Ethernet conversion 1-22 monitoring 22-13 SRT multipoint implementation with line-sharing device with SR/TLB 20-2 compared example 22-18 20-3 configuring prioritizing STUN traffic 22-10 20-25 example implementing setting up 22-2 features of Cisco implementation 20-2 stun cos-enable command 22-8 hardware supporting 20-2 stun group command 22-4 standard access lists stun peer-name command 22-2
See lists access stun poll-interval command 22-13 start-character command 4-5 stun primary-pass-through command 22-13
static addresses NSAPs 17-24 stun protocol-group command 22-3
static SMDS map 9-4 stun proxy-poll address command 22-12
static RIF entries configuring 1-18 stun route address command 22-6
static routes stun route all interface serial command 22-8
Apollo Domain 11-4 stun route all tcp command 22-7
Frame Relay 8-7 stun schema command 22-4
stun sdlc-role primary command 22-6 16-34 configuring stun sdlc-role secondary command 22-6 16-46 redistribution example subinterface configuration commands IPX 18-13 description 2-102-11 16-36 redistributing subinterface configuration mode 2-3
VINES 13-10 subinterfaces
XNS 19-8 and Frame Relay 6-21 static ISO CLNS routing configuring 6-19
configuring 17-11 subnet masks variable length
controlling the source NET 17-24 definition 16-34
definition 17-1 example 16-44
example 17-32 subnets interdomain 17-34 example connecting discontinuous tunneling 6-25
intradomain example 17-33 displaying number using masks 15-31
overview 17-10 enabling use of subnet zero 15-4
42 Router Products Configuration Guide in OSPF network figure 16-50 TACACS
IP creating network from separated 15-32 establishing 5-15 subnetwork number VINES 13-2 user ID 4-21 subnetwork point of attachment tacacs-server attempts command 5-22
See SNPA tacacs-server authenticate command 5-21 summary-address command 16-20 tacacs-server extended command 5-22
Switched Multi-megabit Data Services tacacs-server host command 5-21
See SMDS tacacs-server last-resort command 5-19 switched PVCs tacacs-server notify command 5-21
See PVC and X.25 tacacs-server optional-passwords command 5-19 switching tacacs-server retransmit command 5-21
decisions by BGP routing table 16-25 tacacs-server timeout command 5-21 remote X.25 PVC 7-14 TCP
X.25 local 7-2 configuring connection for RSRB 21-12 21-15
X.25 remote 7-2 connections setting connection-attempt time 15-27 switching operations encapsulation configuring for STUN 22-5
changing priorities 5-33 header compression enabling 15-27
6-43 overview 15-1 system process scheduler 5-33 synchronization port numbers for reverse connections 4-16
definition 16-25 TCP/IP X.25 7-14 figure 16-60 IP datagrams over 7-11 15-1 synchronization command 16-25 overview
synchronize signal Telnet 2-31 4-24 Telnet command 4-23 Synchronous Data Link Control Break 2-30
See SDLC connections
synchronous serial interface concurrent 2-32
overview 6-2 éonfiguring 4-234-24
synchronous serial interfaces establishing 2-32
adjusting characteristics 6-42 exiting 2-32
encapsulation methods 6-3 listing open 2-34
syntax checking 2-172-18 setting parameters for 2-292-31 between 2-32 systat command 2-35 switching
system clock defined 2-29 4-23
description 5-3 displaying commands 2-33
initialization 5-5 end-of-line handling 2-3 4-24
5-40 Process command 4-23 system configuration file example Interrupt 2-30 5-27 2-32 system error messages directing key sequences of 4-25 system generation parameters notification pending output 2-29
configuring for SDLLC 24-15 port numbers for reverse connections 4-16 2-32 system ID special commands
definition synchronize signal 2-31 4-24
IS-IS 17-3 table of special commands 2-33
ISO-IGRP 17-3 telnet break-on-ip command 4-23
NSAPs Level routing 17-3 telnet command 2-32 command 4-24 system management 5-1 telnet refuse-negotiations 4-24 system processes changing priorities 5-33 telnet speed command 4-24 system prompts 2-3 telnet sync-on-break command command 4-24 system script executing example 10-28 telnet transparent
terminal
activation character setting 2-28 4-18
automatic baud detection setting 4-4
automatic command execution configuring 4-5
character and packet dispatch sequences Tl timer relating to LLC2 Local Acknowledgment 21-13 creating 2-27 4-5 Tab key using to recall complete command name 2-15 character padding setting 2-28 4-19 2-21
Index 43 communication parameters setting 2-25 4-4 test memory command 5-27
debug messages displaying 4-26 Texas Instruments Token Ring MAC firmware disconnect character setting 2-28 4-18 problem 21-44
escape character setting 2-28 4-18 TFTP hardware flow control configuring 4-4 booting from server 3-17 hold character setting 2-28 4-18 example 3-18
international character set configuring 2-28 4-18 TFTP server
line settings displaying 2-35 booting automatically from 3-1 73- 18
location recording 4-25 configuring for Autolnstall 3-8
locking mechanism setting 2-29 4-20 configuring router as 3-24
parity setting 4-4 downloading configuration files from 3-20
screen length setting 2-27 4-17 role in Autolnstall 3-2
screen width setting 2-27 4-17 using Flash memory 3-33 session limits setting 4-6 tftp-server system command 3-24 3-34 software flow 4-4 control setting third-party mechanism EGP definition 16-29
type setting 2-27 4-17 third-party support EGP figure 16-63 Terminal Access Controller Access Control System THT token holding timer FDDI 6-35 See TACACS TI MAC firmware establishing SRB interoperability
terminal databits command 2-26 2-28 with 21-44
terminal data-character-bits command 2-28 tick count Ipx 18-12
terminal dispatch-character command 2-27 time services 5-3 5-5
terminal dispatch-timeout command 2-27 time zone configuring 5-9
terminal download command 4-21 timeout interval
terminal editing command 2-21 2-25 EXEC setting 4-26 terminal IBM PC/3270 1-43 emulation modem line setting 4-14 terminal escape-character command 2-28 session setting 4-6
terminal exec-character-bits command 2-28 timers
terminal flowcontrol command 2-26 adjusting for routing protocols 16-40 terminal size history command 2-19 BOP adjusting 16-27 terminal hold-character command 2-28 DECnet broadcast routing adjusting 14-15 terminal length command 2-27 DECnet Hello adjusting 14-14
terminal lines controlling access to 5-15 EGP adjusting 16-29 16-41 terminal locking configuring 2-29 4-20 Frame Relay keepalive 8-8
terminal monitor 5-32 command 4-26 5-29 5-30 IGRP adjusting 16-40 terminal command 2-29 notify ISO-IGRP adjusting 17-14
terminal padding command 2-28 keepalive adjusting 16-41
terminal command 2-26 parity RIP adjusting 16-40 terminal command 2-26 rxspeed token holding 6-35
terminal special-character-bits command 2-28 token rotation 6-35
terminal speed command 2-26 transmission valid 6-36
terminal start-character command 2-26 X25 Ignore Destination 7-23
terminal stopbits command 2-26 X.25 retransmission 7-24
terminal stop-character command 2-26 timers basic command 16-41 17-14 terminal telnet break-on-ip command 2-30 timers bgp command 16-27 terminal telnet refuse-negotiations command 2-30 timers egp command 16-29 terminal telnet speed command 2-30 timestamping terminal telnet command 2-31 sync-on-break of debug messages 5-32 terminal telnet command 2-31 transparent of log messages 5-31 terminal terminal-type command 2-27 timing configuring for modem line 4-14 terminal transport command 2-29 token holding timer terminal txspeed command 2-26 See THT terminal width command 2-27 Token Ring command terminal-type 4-17 and frame-copied errors 21-44 test flash command 5-27 and TI MAC firmware problem 21-44 test interfaces command 5-27 configuring DECnet on 14-6
44 Router Products Configuration Guide DECnet encapsulation over 14-6 configuring over Ethernet 20-23
Frame 20-5 encapsulation 6-5 configuring over Relay
extended LAN 21-1 configuring over SMDS 20-6
frame format 21-1 configuring over X.25 20-5
lists for 20-14 IBM 8209 bridges and SR/TLB 21-21 defining extended access
interfaces displaying known spanning tree topology 20-21 20-23 displaying information 21-44 Ethernet 20-23 maintaining source-route bridging 21-69 Ethernet bridging example 20-1 source bridge only example configuration 1-47 features of Cisco implementation
source bridge basic example configuration 2.1-47 filtering 20-10
source-route bridging 21-1 filtering by protocol type 20-12
Token Ring LLC2 to Ethernet LLC2 Conversion filtering by vendor code 20-1
enabling standard 1-22 IP 20-7
TokenTalk 12-1 load balancing 20-20
trace command maintaining and monitoring 20-21
multicast or broadcast example 20-26
FDDI interface 6-34 privileged 15-31 on 6-6
user 15-31 on SMDS 9-1 9-8
ISO CLNS over Frame Relay 8-1 8-4 8-14 privileged 17-29 over Frame Relay example
user 17-29 restrictions on SMDS 20-6
privileged level 5-26 sample configurations 20-2
user level 5-26 setting priority 20-18
VINES 13-Il spanning tree parameters adjusting 20-17
transient ring error 6-36 SRT example 20-25
transit bridging FDDI 20-2 tuning the network 20-20
X.25 20-5 transition mode AppleTalk 20-27 configuring 12-8 X.25 example command 4-6 configuring example 12-33 transport
definition 12-8 transport input command 4-6
4-6 translational bridging transport output command 4-6 compatibility with IBM 8209 bridges 21-21 transport preferred command
on FDDI interface 6-6 6-34 transport protocol
See also SRITLB defining for line 4-5
translations supported metric between IP routing tunneling 6-25
protocols 16-37 transposed characters correcting 2-24
Transmission Control Protocol troubleshooting
SeeTCP using ping command 5-26
22-3 command 5-26 transmission group configuring for SNA traffic using trace transmission timer FDDI 6-36 TRT FDDI 6-35
transmission valid timer trusted authentication keys 5-5
See TVX tunnel checksum command 6-29
transmit clock inverting 6-18 tunnel destination command 6-28 12-18 12-19
Transmit Data signal 4-6 tunnel key command 6-29 12-19 transmit delay serial interface 6-42 tunnel mode command 6-28 12-18
transmit-clock-internal command 6-18 tunnel sequence-datagrams command 6-29
transmit-interface command 15-21 tunnel source command 6-28 12-18 12-19
transmitter-delay command 6-42 tunneling
6-25 transparent bridging advantages 20-10 administrative filtering AppleTalk
basic example 20-22 Cayman 12-18
configuration examples 20-21 configuring example 12-18
definition 12-18 configuring 20-3
configuring LAT compression 20-8 GRE 12-19 6-25 configuring options 20-7 Cayman
Index 45 components 6-25
destination address 6-28
encapulation 6-28 symbol in output 3-30 EON 6-25 V.25bis GRE 6-25 DDR options table 10-3 IP 6-25 6-27 description 10-2 NOS 6-25 vacant terminal message 4-22 optional tasks 6-27 vacant-message command 4-22 over X.25 7-12 variable-length subnet masks precautions 6-26 See VLSMs recursive route 6-27 variance command 16-6 required tasks 6-27 vendor code source address 6-28
administrative filtering 20-11 21-36 X.25 connections example 7-33 filtering by 1-36 TVX FDDI 6-36 VINES TXDATA signal 4-6 access control 13-4-13-6 tx-queue-limit command 6-44 access lists txspeed command 4-4 applying to interface 13-6 Tymnet X.25 PAD switch example 7-32 creating extended 13-6
creating simple 13-6
creating standard 13-6
displaying 13-11
extended description 13-5
UDP simple description 13-5
broadcast addresses establishing t5-l5 standard description 13-5
datagrams types 13-5
flooding t5-17 addresses
speeding up flooding 15-17 assigning host names to 13-7
port numbers IPTalk 12-23 definition 13-1
useinRlP 16-14 radix 13-7
unequal-cost load balancing definition IGRP 16-6 ARP packets processing 13-4 Ungermann-Bass Net/One broadcasts
See Net/One encapsulation 13-7
UNIX forwarding 13-10
messages 5-28 serverless networks 13-4
syslog daemon 5-28 Ciscos implementation 13-1
class field 13-10 unrecognized command message 2-28 4-19
update broadcast IGRP 16-5 configuration examples 13-1113-18
use to detect routers 15-13 configuration task list 13-2
user EXEC mode 2-3 configuring over SMDS 9-8
user ID TACACS 4-21 encapsulation 13-7 username command fast switching
enabling on per-line basis 4-2t deleting cache entries 13-11
examples 5-41 description 13-8
for networks that cannot support TACACS 5-22 disabling 13-9 username name password secret command 6-39 displaying cache entries 13-1 username password command 10-15 filters
applying to interface 13-6
types 13-5
hello message 13-8
hop count field 13-10
host name table displaying entries 13-11
host names assigning to addresses 13-7
host number
See subnetwork number
46 Router Products Configuration Guide interfaces displaying status of 13-I vines access-list command 13-6
IPheader 13-10 vines arp-enable command 13-4
IPC connections displaying information vines decimal command 13-7
about 13-11 vines encapsulation command 13-7
load sharing 13-8 vines host command 13-7
MAC-level echo 13-I vines metric command 13-3
metrics routing vines neighbor command 13-10
definition 13-3 vines propagate command 13-10
description 13-1 vines redirect command 13-8
vines route command 13-10 specifying 13-3 vines route-cache command 13-9 monitoring tasks 13-I
name-to-address mapping 13-1 vines routing command 13-3 13-11
command 13-8 neighbor stations vines split-horizon command 13-9 deleting 13-11 vines time access-group command 13-9 displaying 13-11 vines time destination command 13-9 static paths to 13-10 vines time participate
network connectivity testing 13-11 VINES time service 5-5
network number 13-I vines time set-system command 5-9 13-9
NTP 13-9 vines time use-system command 5-9 5-40 13-9
routing vines update deltas command 13-8
enabling 13-3 vines update interval command 13-8
enabling on serverless networks 13-4 virtual links creating OSPF 16-12
Virtual Address and Probe address routing table Request Reply
deleting entries from 13-11 resolution 15-7
circuit displaying entries 13-11 virtual PVC and X.25 routing updates See interfaces frequency 13-8 virtual interfaces propagation 13-8 See loopback
redirect messages 13-8 See subinterfaces
horizon 13-8 See split tunneling
RTP 13-10 Virtual Network System
RTP redirect messages 13-8 See VINES
server number virtual ring
See network number definition 21-2
serverless networks example 1-67
ARP 13-4 using with LAN Network Manager 1-29
configuring 13-4 virtual terminal lines 4-2 split horizon 13-8 configuring
static paths 13-10 creating additional 4-2
static routes 13-10 eliminating 4-2
subnetwork number 13-2 virtual Token Ring address
time See VTRA
virtual Token 24-7 accepting updates 13-9 Ring implementation
description 13-9 VLSMs definition 16-34 displaying current time 13-11 NTP 13-9 example 16-44 6-52 sending updates 13-9 VMS system loopback 13-9 definitions synchronizing with network time VTAM 13-9 for SDLLC 24-17 synchronizing with router configuring
time service 5-5 VTRA use with SDLLC 24-2
tracing packets path 13-11
traffic
deleting statistics about 13-11
displaying statistics about 13-11
13-6 vines access-group command
Index 41 configuration task list 7-7
configuring ISO CLNS over 17-23
WANs configuring transparent bridging over 20-5
configuring IP over 15-30 datagram transport
task list 7-8 configuring ISO CLNS over 17-23 configuration
description 7-2 configuring transparent bridging over 20-5 D-bit 7-12 7-26 DECnet support 14-1 DCE 7-8 7-11 warning message automatic receiving 5-24 encapsulation DDN address conventions watchdog packets 18-19 table 7-17
task list where command 2-32 2-34 DDN configuration 7-17 DDN which-route command 17-29 configuration example 7-39
width command 4-17 DDN encapsulation types 7-18 DDN word help 2-15 mapping algorithm 7-17 DDN write erase command 3-33 standard service 7-18
DDN of service field 7-18 write memory command 3-11 type TOS DECnet 14-1 write network command 3-31 3-32 support
write terminal command 3-32 default protocol setting 7-11
DTE 7-11 writeable control store WCS microcode 3-36 encapsulation 7-8 encapsulating ISO CLNS 17-I
general statistics displaying 7-28
Ignore Destination timer 7-23
input packet 7-24
input window size 7-23 X.25 IPdatagrams over 7-11 7-14 address map IP split horizon default 7-12
displaying 7-28 level parameters 7-20 in 7-8 datagram transport M-bit 7-24
NSAP to MAC or X.12l 7-16 modulo extended packet sequence NSAP to MAC or 121 7-35 example description 7-12 supported protocols for 7-10 netbooting over example 7-41 address pattern matching example 7-31 network user ID Cisco 7-26 addresses NSAP addresses over 7-15 omitting called 7-27 on Ethernet 7-14 7-15 7-16 omitting 7-27 calling on FDDI 7-14 7-15 7-16 setting interface 7-9 on Token Ring 7-14 7-15 7-16 translating called and 7-13 calling OSPF over 7-10
X.12l in routing table 7-13 output packet 7-24 alias X.l21 address 7-28 output window size 7-23 alternate IP routes 7-13 packet acknowledgment policy 7-24 assigned routes displaying 7-28 packet hold queue 7-27 Blacker Emergency Mode ping over example 7-40 circumstances for participating in 7-20 precedence handling 7-18 description 7-18 protocols entering 7-20 setting default 7-11 example 7-39 supported routing 7-1 7-9 leaving 7-20 public data network 7-2 bridging on 7-1 7-28 remote switching 7-2 Call Request packet 7-8 7-10 remote switching example 7-33 Call User Data Restart Request packet 7-27 commands 7-25 restricted fast select facility 7-26
interpreting calls with unknown 7-1 retransmission timers table 7-24 CCITT and ISO specifications 7-1 routing Ciscos implementation 7-1 alternate IP routes 7-13
compressed packet header 7-25 configuration task list 7-12 configuration example 7-29 example 7-32
48 Router Products Configuration Guide facilities supported 7-12 x25 bc command 7-22
local switching 7-2 7-117-12 x25 ltc command 7-22
remote switching 7-2 7-11 7-14 x25 map bridge broadcast command 20-5
static table 7-117-137-32 x25 map bridge command 7-28
supported protocols 7-1 7-9 x25 map cmns command 7-16
via OSI NSAP 7-2 x25 map command 7-9 7-23 7-26
x25 command 7-25 routing table map compressedtcp
constructing 7-13 x25 modubo command 7-26 x25 command 7-23 positional parameters 7-13 7-31 nyc 7-24 specifications 7-1 x25 ops command
transparent bridging example 20-27 x25 pvc command 7-10 7-14
tunneling 7-2 7-11 7-12 7-14 x25 remote-red command 7-19
fast select 7-26 x25 route 7-13 7-28 unrestricted facility command
user facilities x25 routing command 7-12
accept reverse charging 7-26 x25 rpoa command 7-26
closed user group 7-26 x25 suppress-called-address command 7-14 7-27
configuration task list 7-20 x25 suppress-calling-address command 7-14 7-27
flow control parameter negotiation 7-26 x25 tb command 7-25
list of 7-26 x25 t1 command 7-25
network user ID Cisco 7-26 x25 tl2 command 7-25
Recognized Private Operation Agency x25 t13 command 7-25 RPOA 7-26 x25 t20 command 7-25
reverse charging 7-26 x25 t21 command 7-25
throughput class negotiation 7-26 x25 t22 command 7-25
transit delay 7-26 x25 t23 command 7-25
virtual circuit x25 th command 7-24 command 7-14 clearing 7-28 x25 use-source-address
displaying 7-28 x25 win command 7-23
establishing 7-10 x25 wout command 7-23
ranges 7-21 X3T9.5 specification 6-35
setting number of 7-23 Xerox Network Systems
virtual circuit channel sequence See XNS
description 7-21 XID frequency of transmissions for LLC2 23-6 4-21 example 7-31 XMODEM downloading files across router line 7-22 XNS range limit keywords table
X.121 address updates 7-14 access control 19-419-7
X.25 switch access lists
See X.25 3Com example 19-14 x25 accept-reverse command 7-26 creating extended 19-6 19-7 x25 address command 7-9 creating standard 19-6 19-7 x25 bfe-decision command 7-20 extended definition 19-4 x25 bfe-emergency command 7-20 standard definition 19-4 x25 default command 7-11 7-25 addresses 19-2 x25 facility command 7-26 broadcasts x25 hic command 7-22 all-nets 19-9 19-11 x25 hoc command 7-22 description 19-9 x25 hold-queue command 7-27 directed 19-9 x25 hold-vc-timer command 7-23 flooding 19-9 19-10 19-11 x25 host command 7-25 forwarding 19-10 x25 htc command 7-22 local 19-9 x25 idle command 7-22 processing 19-10
7-18 Cisco 19-1 x25 ip-precedence command implementation 19-1219-15 x25 ips command 7-24 configuration examples x25 lie command 7-22 configuration task list 19-3 x25 linkrestart command 7-27
Index 49 enabling Net/One routing xns flood broadcast allnets command 19-11
example 19-13 xns flood broadcast net-zero command 19-Il
task list 19-4 xns flood specific allnets command 19-11
enabling standard routing xns forward-protocol command 19-10
example 19-13 xns hear-rip command 19-4
task list 19-3 xns helper-address command 19-10
encapsulation on Token Ring interfaces 19-4 xns input-network-filter command 19-5 19-7
fast switching xns maximum-paths command 19-9
cache displaying entries 19-12 xns network command 19-3
disabling 19-12 xns output-network-filter command 19-5 19-7
filters xns route command 19-8
applying generic to interface 19-6 xns route-cache command 19-12
applying routing table to interface 19-7 xns router-filter command 19-5 19-7
generic definition 19-5 19-6 xns routing command 19-3
routing table definition 19-5 19-7 xns ub-emulation command 19-4
types 19-5 xns updaie-time command 19-8
types table 19-5
flooding
configuring 19-11
defining behavior 19-Il
definition 19-10 ZIP helpering definition 12-2 configuring 19-10 query interval 12-28 definition 19-9 Zone Information Protocol example 19-15 See ZIP host number 19-2 19-9 zones interfaces displaying status 19-12 See AppleTalk zone Internet Datagram Protocol IDP 18-1
maximum paths
description 19-8
setting 19-9
metrics routing 19-1 19-2
monitoring tasks 19-12
Net/One emulation mode definition 19-2
network connectivity testing 19-12
network number 19-2
RIP
update timers 19-8
update timers example 19-14
updates 19-1
updates delay between 19-8
updates receiving 19-2 19-4
routing metrics 18-1
routing over LANs 19-1
routing over WANs 19-1
routing table
adding entries 19-7
displaying entries 19-12
static routes
adding to routing table 19-8
definition 19-8
Token Ring interface encapsulation 19-4
traffic displaying statistics 19-12 xns access-group command 19-5 19-6 xns encapsulation command 19-4
50 Router Products Configuration Guide Conparate Headquarters Cisco Systems Inc PO Box 3075
1525 0Brivn Drwe
Menlo Park CA 94025 USA
Tel 415 326-1941
800 553-NETS 18367
Fax 415 326-1989
Cisco Systems has over 75 sales othces wotldwtde Call
415 326-1941 to contact your local account representative or ri North Amerrca call
800 593-NETS 63871
3/12
Primed in the USA on recycled piper
containing IOU post-consumer waste
ISCI ITEMS 78 1241 UI