 |
|
 |  |
|
|
| |
 | Biologie | Chimie | Didactica | Fizica | Geografie | Informatica |
| Istorie | Literatura | Matematica | Psihologie |
Configurarea unui ruter
1 Configurarea numelui unui ruter
Unui ruter trebuie sa i se atribuie un nume unic, fiind una din primele misiuni din configurarea ruterului . Acest lucru se realizeaza utililizand comanda:
Router(config)#hostname numeledorit
numeledorit(config)#
Dupa validarea comenzii prin apasarea tastei "Enter" promptul va schimba din numele initial care este Router in noul nume setat, in exemplul nostru Router1 .
Exemplu:
Router>enable
Router#configure terminal
Router(config)#hostname Router1
Rouiter1(config)#
2 Stabilirea parolelor unui ruter
Parolele restrictioneaza accesul la ruter . Acestea trebuie intotdeauna configurate pentru liniile terminalului virtual (VTY) si ale consolei . Prin liniile terminalului virtual, sistemul poate fi accesat de la distanta prin Telnet sau SSH . Parolele sunt folosite de asemenea pentru a accesa modul "privileged EXEC", mod care autorizeaza utilizatorii sa faca schimbari in fisierul de configurare .
Comenzile urmatoare sunt utilizate pentru a seta o parola optionala, dar recomandata, pentru linia de consola .
Router1#configure terminal
Enter configuration commands, one per line . End with CNTL/Z .
Router1(config)#line console 0
Router1(config-line)#password 1234
Router1(config-line)#login
Router1(config-line)#exit
%SYS-5-CONFIG_I: Configured from console by console
Router1#
Acum cand vom incerca sa intram pe ruter ni se va solicita parola .
Daca introducem de trei ori la rand alta parola vom fi deconectati . Dupa introducerea parolei corecte vom putea accesa modul utilizator . Din motive de securitate, caracterele introduse de la tastura nu vor fi afisate pe ecran . Mai jos se va introduce parola corecta dupa introducerea celei gresite de trei ori si se va observa ca ni se va permite accesul:
Press RETURN to get started!
User Access Verification
Password:
Router1>
Parola trebuie setata pe una sau mai multe linii virtuale VTY pentru ca utilizatorii sa aiba acces la ruter de la distanta prin intermediul Telnet sau SSH (Secure Shell) . Cele mai multe rutere Cisco suporta cinci linii numerotate de la 0 la 4 . Alte platforme suporta diferite conexiuni . Aceeasi parola este utilizata in mod general pentru toate liniile . Totusi, o parola unica poate fi setata pentru o singura linie pentru a furniza o intrare fall-back in cazul in care celelalte patru conexiuni sunt in folosinta . Pentru acestea se folosesc urmatoarele comenzi:
Router1>enable
Router1#configure terminal
Enter configuration commands, one per line . End with CNTL/Z .
Router1(config)#line vty 0 4
Router1(config-line)#password 1234
Router1(config-line)#login
Router1(config-line)#end
Comenzile "enable password" si "enable secret" sunt utilizate pentru a restrictiona accesul la modul "privileged EXEC" . "Enable password" se utilizeaza numai daca "enable secret" nu a fost setat . Comanda "enable secret" trebuie utilizata deoarece folosind aceasta comanda, parola este criptata si ea nu va mai fi afisata in clar la introducerea comenzii "show running-config" de exemplu . Pentru a seta parolele folosim urmatoarele comenzi:
Router1#configure terminal
Enter configuration commands, one per line . End with CNTL/Z .
Router1(config)#enable password 1234
Router1(config)#^Z
%SYS-5-CONFIG_I: Configured from console by console
Router1#show running-config
Building configuration
Current configuration : 764 bytes
version 12 . 3
no service password-encryption
hostname Router1
enable password 1234
ip ssh version 1
router rip
version 2
network 131 . 2 . 0 . 0
network 139 . 10 . 0 . 0
network 195 . 40 . 0 . 0
ip classless
line con 0
password 1234
login
line vty 0 4
password 1234
login
End
Router1#exit
Router1 con0 is now available
Press RETURN to get started .
User Access Verification
Password:
Router1>enable
Password:
Router1#
Uneori nu se doreste ca parolele sa fie aratate sub forma unui text clar, utilizand comezile "show running-config sau "show startup-config . Pentru a cripta parolele se foloseste comanda:
Router(config)#service password-encryption
Comanda "service password-encryption" aplica criptarea tuturor parolelor necriptate .
Router1#configure terminal
Enter configuration commands, one per line . End with CNTL/Z .
Router1(config)#service password-encryption
Router1(config)#^Z
%SYS-5-CONFIG_I: Configured from console by console
Router1#show running-config
Building configuration
Current configuration : 785 bytes
version 12 . 3
service password-encryption
hostname Router1
enable password 7 08701E1D5D
ip ssh version 1
router rip
version 2
network 131 . 2 . 0 . 0
network 139 . 10 . 0 . 0
network 195 . 40 . 0 . 0
ip classless
line con 0
password 7 08701E1D5D
login
line vty 0 4
password 7 08701E1D5D
login
end
3 Examinarea comenzilor de afisare (comenzile "show")
In acest capitol se vor prezenta cateva comenzi de afisare (comenzile " show ") . Multe din aceste comenzi se vor folosi pentru a afisa continutul unor fisiere din ruter precum si cele de diagnosticare ("troubleshooting") . In ambele moduri privilegiate "EXEC" si "user EXEC" comanda "show" listeaza toate comenzile "show" disponibile . Lista de comenzi este mai mare pentru modul "privileged EXEC" fata de cel al utilizatorului ("user EXEC") .
3 . 1 #show interfaces
Aceasta comanda afiseaza statisticile pentru toate interfetele ruter-ului .
Router1#show interface
FastEthernet0/0 is up, line protocol is up (connected)
Hardware is Lance, address is 0050 . 0fac . 2201 (bia 0050 . 0fac . 2201)
Internet address is 195 . 40 . 0 . 1/24
[]
FastEthernet0/1 is administratively down, line protocol is down (disabled)
Hardware is Lance, address is 0050 . 0fac . 2202 (bia 0050 . 0fac . 2202)
[]
Serial0/0/0 is administratively down, line protocol is down (disabled)
Hardware is HD64570
[]
Serial0/0/1 is administratively down, line protocol is down (disabled)
Hardware is HD64570
[]
Serial0/1/0 is up, line protocol is up (connected)
Hardware is HD64570
Internet address is 131 . 2 . 0 . 1/16
[]
Serial0/1/1 is up, line protocol is up (connected)
Hardware is HD64570
Internet address is 139 . 10 . 0 . 1/16
[]
Pentru a vedea statistica pentru o anumita interfata, se introduce comanda "show interfaces" urmata de interfata cu slot-ul/portul dorit . Aceasta este ilustrata in urmatorul exemplu:
Router1#show interfaces serial0/1/0
Serial0/1/0 is up, line protocol is up (connected)
Hardware is HD64570
Internet address is 131 . 2 . 0 . 1/16
[]
Router1#
#show controllers serial
Aceasta comanda afiseaza informatia specifica interfetei hardware si trebuie sa contina in plus numarul portului/slot-ului interfetei seriale .
Exemplu:
Router1# show controllers serial0/1/0
Interface Serial0/1/0
Hardware is PowerQUICC MPC860
DCE V . 35, clock rate 64000
idb at 0x81081AC4, driver data structure at 0x81084AC0
SCC Registers:
General [GSMR]=0x2:0x00000000, Protocol-specific [PSMR]=0x8
Events [SCCE]=0x0000, Mask [SCCM]=0x0000, Status [SCCS]=0x00
Transmit on Demand [TODR]=0x0, Data Sync [DSR]=0x7E7E
Interrupt Registers:
Config [CICR]=0x00367F80, Pending [CIPR]=0x0000C000
Mask [CIMR]=0x00200000, In-srv [CISR]=0x00000000
Command register [CR]=0x580
Port A [PADIR]=0x1030, [PAPAR]=0xFFFF
[PAODR]=0x0010, [PADAT]=0xCBFF
Port B [PBDIR]=0x09C0F, [PBPAR]=0x0800E
[PBODR]=0x00000, [PBDAT]=0x3FFFD
Port C [PCDIR]=0x00C, [PCPAR]=0x200
[PCSO]=0xC20, [PCDAT]=0xDF2, [PCINT]=0x00F
Receive Ring
rmd(68012830): status 9000 length 60C address 3B6DAC4
rmd(68012838): status B000 length 60C address 3B6D444
3 . 3 #show clock
Aceasta comanda afiseaza ceasul stabilit pentru ruter .
Exemplu:
Router1#clock set 10:10:0 1 Jan 2009
Router1#show clock
*11:6:33 . 25 UTC Thu Jan 1 2009
Router1#
3 . 4 #show hosts
Aceasta comanda afiseaza lista de gazde si adrese .
Exemplu:
Router1# show hosts
Default Domain is not set
Name/address lookup uses domain service
Name servers are 255 . 255 . 255 . 255
Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
temp - temporary, perm - permanent
NA - Not Applicable None - Not defined
Host Port Flags Age Type Address(es)
Router1#
3 . 5 . #show users
Aceasta comanda afiseaza toti utilizatorii care sunt conectati la ruter .
Router1#show users
Line User Host(s) Idle Location
0 con 0 idle 00:00:00
Interface User Mode Idle Peer Address
Router1#
Daca pe ruter este deschisa o sesiune prin telnet de exemplu, cu aceasta comanda se va afisa sesiunea deschisa, durata acesteia si IP-ul de la care este executata aceasta conexiune .
3 . #show history
Aceasta comanda afiseaza lista cu o istorie a comenzilor ce au fost folosite .
Router1# show history
show interfaces serial 0/2
show interfaces serial0/1/0
show controllers serial0/1/0
show clock
clock set 10:10:0 1 Jan 2009
show clock
show clock
show hosts
show users
show history
In mod implicit se afiseaza ultimele 10 comenzi executate, numarul maxim de comenzi ce pot fi retinute este de 25
3 . 7 #show flash
Aceasta comanda afiseaza informatii despre memoria flash precum si ce fisiere IOS sunt stocate in acea memorie;
Exemplu:
Router1#show flash
System flash directory:
File Length Name/status
1 13832032 c1841-ipbase-mz . 123-14 . T7 . bin
[13832032 bytes used, 18682016 available, 32514048 total]
32768K bytes of processor board System flash (Read/Write)
Router1#
3 . 8 #show arp
Comanda "show arp" este folosita pentru afisarea tabelei ARP a ruter-ului;
Router1#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 195 . 40 . 0 . 1 - 0050 . 0FAC . 2201 ARPA FastEthernet0/0
Router1#
Asa arata initial tabela ARP a ruterului . Dupa configurarea unor protocoale de rutare, a adreselor IP si pornirea interfetelor, pe masura ce ruterul invata cai catre alte destinatii tabela va fi populata .
3 . 8 #show protocols
Comanda "show protocols" afiseaza starea globala si specifica fiecarei interfete a protocoalelor de Nivel 3;
Router1#show protocols
Global values:
Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
Internet address is 195 . 40 . 0 . 1/24
FastEthernet0/1 is administratively down, line protocol is down
Serial0/0/0 is administratively down, line protocol is down
Serial0/0/1 is administratively down, line protocol is down
Serial0/1/0 is up, line protocol is up
Internet address is 131 . 2 . 0 . 1/16
Serial0/1/1 is up, line protocol is up
Internet address is 139 . 10 . 0 . 1/16
Vlan1 is administratively down, line protocol is down
Router1#
3 . 10 . #show startup-config
Aceasta comanda afiseaza configuratia salvata in NVRAM;
Router1#show startup-config
Using 785 bytes
version 12 . 3
service password-encryption
hostname Router1
enable password 7 08701E1D5D
ip ssh version 1
interface FastEthernet0/0
ip address 195 . 40 . 0 . 1 255 . 255 . 255 . 0
duplex auto
speed auto
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
interface Serial0/0/0
no ip address
shutdown
interface Serial0/0/1
no ip address
shutdown
interface Serial0/1/0
ip address 131 . 2 . 0 . 1 255 . 255 . 0 . 0
clock rate 64000
interface Serial0/1/1
ip address 139 . 10 . 0 . 1 255 . 255 . 0 . 0
clock rate 64000
interface Vlan1
no ip address
shutdown
router rip
version 2
network 131 . 2 . 0 . 0
network 139 . 10 . 0 . 0
network 195 . 40 . 0 . 0
ip classless
line con 0
password 7 08701E1D5D
login
line vty 0 4
password 7 08701E1D5D
login
end
4 Configurarea unei interfete seriale
In acest paragraf se va explica cum poate fi configurata o interfata seriala de la consola sau de la o linie de terminal virtual .
Insa, interfata seriala este diferita - este o interfata seriala sincrona, de viteza mai mare decat interfata Seriala asincrona de la PC, si cu alt tip de conector (60 sau 26 pini) . Interfetele seriale sunt capat-la-capat, adica au numai 2 capete . Particularitatea interfetelor sincrone este ca trebuie generat un semnal de ceas (clock la unul din capete . Capatul respectiv se numeste DCE, in timp ce capatul opus se numeste DTE . Identificarea fizica a capatului se face dupa inscriptia de pe cablu, prin urmare cablul este cel care determina tipul capatului (interfata propriu-zisa suporta ambele tipuri) . La capatul DCE trebuie data o comanda aditionala (4) .
Fiecare interfata conectata trebuie sa aiba o adresa IP si o masca de subnetizare pentru a ruta pachetele IP de date . Configurarea adresei IP se face cu urmatoarele comenzi:
Router(config)#interface serial 2/0
Router(config-if)#ip address <ip address > <netmask >
Se va observa ca initial, interfetele nu sunt activate sau deschise . Pentru a porni/activa o interfata, comanda 'no shutdown' trebuie folosita . In cazul in care o interfata trebuie dezactivata/inchisa pentru diagnosticare, comanda "shutdown" va fi utilizata .
Theo#configure terminal
Enter configuration commands, one per line . End with CNTL/Z .
Theo(config)#interface serial 2/0
Theo(config-if)#ip address 192 . 168 . 1 . 129 255 . 255 . 255 . 252
Theo(config-if)#exit
%SYS-5-CONFIG_I: Configured from console by console
Theo#sh interfaces serial 2/0
Theo#configure terminal
Enter configuration commands, one per line . End with CNTL/Z .
Theo(config)#interface serial 2/0
Theo(config-if)#no shut
%LINK-5-CHANGED: Interface Serial2/0, changed state to up
Theo(config-if)#^Z
%SYS-5-CONFIG_I: Configured from console by console
Theo#show interfaces serial 2/0
Interfata Seriala necesita un semnal de tact pentru sincronizare (,clock signal') . In majoritatea cazurilor, un dispozitiv DCE va furniza semnalul de tact . Initial, ruterele Cisco sunt dispozitive DTE dar pot fi configurate ca dispozitive DCE . Ceasul este activat iar viteza este specificata folosind comanda "clock rate"
Valorile disponibile pentru ceas masurate in biti/secunda (bps) sunt: 1200, 2400, 9600, 19200, 38400, 56000, 64000, 72000, 125000, 148000, 500000, 800000, 1000000, 1300000, 2000000, sau 4000000 . Unele viteze nu pot fi folosite pentru anumite interfete seriale . Aceasta depinde de capacitatile fiecarei interfete seriale .
De exemplu, in practica, viteza folosita este de 56000 . Comenzile pentru a seta ceasul si pentru a activa o interfata sunt dupa cum urmeaza:
Router1#configure terminal
Enter configuration commands, one per line . End with CNTL/Z .
Router1(config-if)#interface Serial0/1/0
Router1(config-if)#ip addr 131 . 2 . 0 . 1 255 . 255 . 0 . 0
Router1(config-if)#no shut
Router1(config-if)#interface Serial0/1/1
Router1(config-if)#ip addr 139 . 10 . 0 . 1 255 . 255 . 0 . 0
Router1(config-if)#no shut
Router1(config-if)#interface Serial 0/1/1
Router1(config-if)#clock rate 64000
Router1(config-if)#interface s0/1/0
Router1(config-if)#clock rate 64000
Router1(config-if)#
Router1(config-if)#^Z
%SYS-5-CONFIG_I: Configured from console by console
Router1#^Z
5 . Configurarea unei interfete Ethernet
In acest paragraf se va explica cum se configureaza o interfata Ethernet de la consola sau folosind o linie de terminal virtual . Fiecare interfata Ethernet trebuie sa aiba alocata o adresa IP si o masca de subretea pentru a ruta pachetele de date .
Pentru a configura o interfata Ethernet se parcurg urmatorii pasi:
Initial, interfetele sunt dezactivate sau inchise . Pentru a porni/activa o interfata, comanda no shutdown trebuie folosita . In cazul in care o interfata trebuie dezactivata/inchisa pentru diagnosticare, comanda shutdown va fi utilizata .
Router1#configure terminal
Enter configuration commands, one per line . End with CNTL/Z
Router1(config)#interface FastEthernet 0/0
Router1(config-if)#ip address 195 . 40 . 0 . 1 255 . 255 . 255 . 0
Router1(config-if)#no shut
Router1#
Pentru o prezentare mai pe scurt a interfetelor putem folosi comanda:
show ip interface brief
Exemplu
Router1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 195 . 40 . 0 . 1 YES manual up up
FastEthernet0/1 unassigned YES manual administratively down down
Serial0/0/0 unassigned YES manual administratively down down
Serial0/0/1 unassigned YES manual administratively down down
Serial0/1/0 131 . 2 . 0 . 1 YES manual up up
Serial0/1/1 139 . 10 . 0 . 1 YES manual up up
Vlan1 unassigned YES manual administratively down down
Router1#
6 Comanda Reload
Se foloseste aceasta comanda cand se doreste reinitializarea sistemului de operare fie pentru a incarca un alt sistem de operare din flash, fie pentru a testa anumite setari sau pentru a readuce echipamentul la paremetri initiali, caz in care se executa mai inainte comanda "erase startup-config" . Din modul privilegiat se tasteaza comanda "reload" si apoi se executa . Va fi necesara o confirmare, dupa care echipamentul se va reinitializa .
Exemplu:
Router1#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Router1#reload
Proceed with reload? [confirm]
%SYS-5-RELOAD: Reload requested by console . Reload Reason: Reload Command .
System Bootstrap, Version 12 . 3(8r)T8, RELEASE SOFTWARE (fc1)
Cisco 1841 (revision 5 . 0) with 114688K/16384K bytes of memory .
Self decompressing the image :
##### ######### ############ ############# ######## ########## ##### ########### [OK]
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec . 52 . 227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec . 252 . 227-7013 .
cisco Systems, Inc .
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12 . 3(14)T7, RELEASE SOFTWARE (fc2)
Technical Support: https://www . cisco . com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc .
Compiled Mon 15-May-06 14:54 by pt_team
Image text-base: 0x6007D180, data-base: 0x61400000
Port Statistics for unclassified packets is not turned on .
Cisco 1841 (revision 5 . 0) with 114688K/16384K bytes of memory .
Processor board ID FTX0947Z18E
M860 processor: part number 0, mask 49
2 FastEthernet/IEEE 802 . 3 interface(s)
4 Low-speed serial(sync/async) network interface(s)
191K bytes of NVRAM .
31360K bytes of ATA CompactFlash (Read/Write)
Cisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12 . 3(14)T7, RELEASE SOFTWARE (fc2)
Technical Support: https://www . cisco . com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc .
Compiled Mon 15-May-06 14:54 by pt_team
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]:
% Please answer 'yes' or 'no' .
Continue with configuration dialog? [yes/no]: y
At any point you may enter a question mark '?' for help .
Use ctrl-c to abort configuration dialog at any prompt .
Default settings are in square brackets '[]' .
Copyright © 2025 - Toate drepturile rezervate
