http://www.cisco.com/univercd/cc/td/doc/cisintwk/itg_v1/tr1918.htm
0x0 - Added and inactive. The DLCI is programmed in the switch, but is not usable. One potential reason is that the other end of the PVC is down.
0x2 - Added and active. The DLCI is programmed in the switch, and the PVC is operational.
0x3 - Combines active status (0x2) and the receiver not ready (RNR) (or r-bit) that is set (0x1). A value of 0x03 means that the switch or a particular queue on the switch for this PVC is backed up, so the Frame Relay interface stops transmitting to avoid lost frames.
0x4 - Deleted. The DLCI is not programmed in the switch, but was programmed previously. Alternately, a deleted status can be caused by the DLCIs being reversed on the router or by the PVC being deleted by the telco in the Frame Relay cloud. Configuring a DLCI on a Frame Relay endpoint without a matching value on the switch leads to a 0x4 status value for the VC.
Sunday, 9 December 2007
Switch - when ROMmon mode
Recovering a switch
The Switch Goes to ROMmon Mode (switch: prompt) as Automatic Boot does not Occur
This problem can occur if the switch boot mode is set to manual. In order to confirm this setting, use these methods:
If you are at the ROMmon mode (switch: prompt), issue the set command and observe the output:
switch: set
BOOT=flash:c2950-i6q4l2-mz.121-13.EA1.bin
MANUAL_BOOT=yes
If you are at the regular switch# prompt, issue the show boot command and observe the output:
Switch#show boot
BOOT path-list: flash:c2950-i6q4l2-mz.121-13.EA1.bin
Config file: flash:config.text
Enable Break: no
Manual Boot: yes
HELPER path-list:
NVRAM/Config file
buffer size: 32768Note: In both cases, the Manual Boot variable is set to yes.
Solution:
If you are at the switch: prompt, perform these steps to allow the switch to boot automatically:
Issue the set MANUAL_BOOT no command at the switch: prompt.
switch: set MANUAL_BOOT no
switch:Issue the set command to confirm that the value for the MANUAL_BOOT variable is now no.
switch: set
BOOT=flash:c2950-i6q4l2-mz.121-13.EA1.bin
MANUAL_BOOT=no
Issue the boot command to reload the switch.
switch: boot flash:c2950-i6q4l2-mz.121-13.EA1.bin
Loading "flash:c2950-i6q4l2-mz.121-13.EA1.bin"...###########
###########################################################
!--- Output suppressed ---
If you are at the switch# prompt, perform these steps to allow the switch to boot automatically.
Enter the Global Configuration Mode. Issue the no boot manual to inform the switch to boot automatically.
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#no boot manual
Go back to the privileged EXEC mode and save the configuration with the write memory command.
Switch(config)#end
Switch#
Switch#write memory
Building configuration...
[OK]Verify the boot parameters with the show boot command, and verify whether Manual Boot is set to no.
Switch#show boot
BOOT path-list: flash:c2900XL-h-mz-112.8-SA5.bin
Config file: flash:config.text
Enable Break: no
Manual Boot: no
HELPER path-list:
!--- Output suppressed ---
Reload the switch.
The Switch Goes to ROMmon Mode (switch: prompt) as Automatic Boot does not Occur
This problem can occur if the switch boot mode is set to manual. In order to confirm this setting, use these methods:
If you are at the ROMmon mode (switch: prompt), issue the set command and observe the output:
switch: set
BOOT=flash:c2950-i6q4l2-mz.121-13.EA1.bin
MANUAL_BOOT=yes
If you are at the regular switch# prompt, issue the show boot command and observe the output:
Switch#show boot
BOOT path-list: flash:c2950-i6q4l2-mz.121-13.EA1.bin
Config file: flash:config.text
Enable Break: no
Manual Boot: yes
HELPER path-list:
NVRAM/Config file
buffer size: 32768Note: In both cases, the Manual Boot variable is set to yes.
Solution:
If you are at the switch: prompt, perform these steps to allow the switch to boot automatically:
Issue the set MANUAL_BOOT no command at the switch: prompt.
switch: set MANUAL_BOOT no
switch:Issue the set command to confirm that the value for the MANUAL_BOOT variable is now no.
switch: set
BOOT=flash:c2950-i6q4l2-mz.121-13.EA1.bin
MANUAL_BOOT=no
Issue the boot command to reload the switch.
switch: boot flash:c2950-i6q4l2-mz.121-13.EA1.bin
Loading "flash:c2950-i6q4l2-mz.121-13.EA1.bin"...###########
###########################################################
!--- Output suppressed ---
If you are at the switch# prompt, perform these steps to allow the switch to boot automatically.
Enter the Global Configuration Mode. Issue the no boot manual to inform the switch to boot automatically.
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#no boot manual
Go back to the privileged EXEC mode and save the configuration with the write memory command.
Switch(config)#end
Switch#
Switch#write memory
Building configuration...
[OK]Verify the boot parameters with the show boot command, and verify whether Manual Boot is set to no.
Switch#show boot
BOOT path-list: flash:c2900XL-h-mz-112.8-SA5.bin
Config file: flash:config.text
Enable Break: no
Manual Boot: no
HELPER path-list:
!--- Output suppressed ---
Reload the switch.
Saturday, 8 December 2007
ICND 2 Commands - Part 2
Spanning Tree
Bypass learning and listening to forwarding
spanning-tree port-fast (not on trunks on interfaces with PCs at end)
spanning-tree portfast default
show running-config int eth0/2
spanning-tree mode rapid-pvst
show spanning-tree vlan 2
debug spanning-tree pvst+
spanning-tree vlan 1 root primary
spanning-tree vlan 2 root secondary
spanning-tree vlan 2 priority priority
Locking down services
no service finger
no service tcp-small servers
OSPF
router ospf process-id
network x.x.x.x wildcard mask area 100
interface loopback
show ip protocols
show ip route
show ip ospf
show ip ospf interface
debug ip ospf events
show ip ospf neighbors
ip ospf authentication-key password
Bypass learning and listening to forwarding
spanning-tree port-fast (not on trunks on interfaces with PCs at end)
spanning-tree portfast default
show running-config int eth0/2
spanning-tree mode rapid-pvst
show spanning-tree vlan 2
debug spanning-tree pvst+
spanning-tree vlan 1 root primary
spanning-tree vlan 2 root secondary
spanning-tree vlan 2 priority priority
Locking down services
no service finger
no service tcp-small servers
OSPF
router ospf process-id
network x.x.x.x wildcard mask area 100
interface loopback
show ip protocols
show ip route
show ip ospf
show ip ospf interface
debug ip ospf events
show ip ospf neighbors
ip ospf authentication-key password
ICND 2 Commands
List of ICND 2 640-816 Commands
EIGRP COMMANDS
router eigrp (autonomous number)
network x.x.x.x
(no class specified - autosummarises, but EIGRP can cope with discontig networks and VLSM but another command is needed to disabled autosummarisation)
no auto-summary
To display you EIGRP Configuration:
show ip route eigrp (shows EIGRP routing table entries)
show ip eigrp neighbors (detail)
show ip protocols (show details of current routing process)
show ip eigrp interfaces
show ip eigrp topology (ALL) show Successors and Feasibly Successors
show ip eigrp traffic
debug ip eigrp
no debug all
EIGRP Load Balances up to 4 routes by default. EIGRP works on bandwidth and delay.
But you can load balance over different metric.
variance multiplier
Authentication can be used so that two EIGRP routers authenticate each packet sent and recieved. Uses Keychains.
key chain (name)
key (key id) (drops into configuration mode for that key on that key chain)
key-string (text for password)
OPTIONAL:
accept-lifetime start-time (options - infinate/endtime/duration/seconds)
send-lifetime start-time (options - infinate/endtime/duration/seconds)
APPLYING TO INTERFACE
ip authentication mode eigrp (autonomous system) md5
ip authentication key-chain eigrp (autonomous system) (name of chain)
Access Control List Commands
Dynamic ACL
Reflexive ACL
Time Based ACL
access-list 1 permit 172.16.23.0 0.0.255.255
interface fast ethernet0/0
ip access-group 1 in
show ip access-list
access-class 12 in (apply to VTY)
access-list 101 permit tcp 192.168.160.0 0.0.0.255 10.0.0.0 0.255.255.255 eq telnet
interface - ip access-group 101 in
NAT (Network Address Translation)
3 Types of NAT
- Static
- Dynamic
- Overload (Port Translation)
ip nat inside source static 192.168.2.2 10.2.1.1
interface eth
nat inside
interface serial
nat outside
show ip nat translations
Dynamic requires an address pool which is controled via an ACL
ip nat pool (name) 10.2.1.1 10.2.1.5 (netmask) prefix length (prefix length)
access-list 1 permit 192.168.2.0 0.0.0.255 (class C internal)
ip nat inside source list (ACL Above) pool (NAME)
show ip nat translations
access-list 1 permit 192.168.2.0 0.0.0.255
ip nat inside source list (ACL Above) interface (se0/0) overload
clear ip nat translations *
debug ip nat
IP V6 Configuration
ipv6 unicast routing
interface
ipv6 address (address prefix length) (eui-64 = 64 bit address)
ipv6 is a 128 bit address by default
Host names for ipv6
ipv6 hostname router 1 3ff3.b00.etc
ipv6 router rip (global)
ipv6 rip enable
show ipv6 rip
show ipv6 route
WAN Encapsulation PPP
interface
encapsulation ppp
hostname newyork
username name password password
ppp authentication (pap, chap, pap-chap, chap-pap)
service password-encryption
debug ppp authentication
Frame Relay
interface se0/0
ip address x.x.x.x x.x.x.x
encapsulation frame-relay
frame-relay lmi-type (cisco, q933a, ansi)
bandwidth 64
frame-relay inverse-arp ip 16 - (thats the DLCI which can be diff at both ends for same VC)
Static Mapping
frame-relay map ip x.x.x.x (dlci) broadcast
Go into subinterface
frame-relay interfrace-dlci (number)
show frame-relay lmi (cisco)
show frame-relay pvc (type) dlci
show frame-relay map
clear frame-relay-inarp
clear frame-relay map
Summary of BASIC Commands from ICND 1
banner motd (LIME)
config term
copy run start
enable secret
enable password
ip default-address
line console 0
local login
login
reload
show cdp entry
show cdp neighbor details
switchport port-security
switchport port-security mac-address (sticky)
switchport port-security maximum
switchport port-security violation (protect)
show history
exec timeout
VLANs
vtp mode server transparent client
vtp domain (name)
vtp password password
vtp pruning
end
show vtp status
switchport mode access
switchport mode trunk
switchport mode dynamic desirable
switchport mode dynamic auto
config term
vlan (number)
(switches to vlan)
name (name of vlan)
shwo vlan brief
on an interface - switchport access vlan 2
or
interface range fa0/0 - 4
switchport access vlan 2
EIGRP COMMANDS
router eigrp (autonomous number)
network x.x.x.x
(no class specified - autosummarises, but EIGRP can cope with discontig networks and VLSM but another command is needed to disabled autosummarisation)
no auto-summary
To display you EIGRP Configuration:
show ip route eigrp (shows EIGRP routing table entries)
show ip eigrp neighbors (detail)
show ip protocols (show details of current routing process)
show ip eigrp interfaces
show ip eigrp topology (ALL) show Successors and Feasibly Successors
show ip eigrp traffic
debug ip eigrp
no debug all
EIGRP Load Balances up to 4 routes by default. EIGRP works on bandwidth and delay.
But you can load balance over different metric.
variance multiplier
Authentication can be used so that two EIGRP routers authenticate each packet sent and recieved. Uses Keychains.
key chain (name)
key (key id) (drops into configuration mode for that key on that key chain)
key-string (text for password)
OPTIONAL:
accept-lifetime start-time (options - infinate/endtime/duration/seconds)
send-lifetime start-time (options - infinate/endtime/duration/seconds)
APPLYING TO INTERFACE
ip authentication mode eigrp (autonomous system) md5
ip authentication key-chain eigrp (autonomous system) (name of chain)
Access Control List Commands
Dynamic ACL
Reflexive ACL
Time Based ACL
access-list 1 permit 172.16.23.0 0.0.255.255
interface fast ethernet0/0
ip access-group 1 in
show ip access-list
access-class 12 in (apply to VTY)
access-list 101 permit tcp 192.168.160.0 0.0.0.255 10.0.0.0 0.255.255.255 eq telnet
interface - ip access-group 101 in
NAT (Network Address Translation)
3 Types of NAT
- Static
- Dynamic
- Overload (Port Translation)
ip nat inside source static 192.168.2.2 10.2.1.1
interface eth
nat inside
interface serial
nat outside
show ip nat translations
Dynamic requires an address pool which is controled via an ACL
ip nat pool (name) 10.2.1.1 10.2.1.5 (netmask) prefix length (prefix length)
access-list 1 permit 192.168.2.0 0.0.0.255 (class C internal)
ip nat inside source list (ACL Above) pool (NAME)
show ip nat translations
access-list 1 permit 192.168.2.0 0.0.0.255
ip nat inside source list (ACL Above) interface (se0/0) overload
clear ip nat translations *
debug ip nat
IP V6 Configuration
ipv6 unicast routing
interface
ipv6 address (address prefix length) (eui-64 = 64 bit address)
ipv6 is a 128 bit address by default
Host names for ipv6
ipv6 hostname router 1 3ff3.b00.etc
ipv6 router rip (global)
ipv6 rip enable
show ipv6 rip
show ipv6 route
WAN Encapsulation PPP
interface
encapsulation ppp
hostname newyork
username name password password
ppp authentication (pap, chap, pap-chap, chap-pap)
service password-encryption
debug ppp authentication
Frame Relay
interface se0/0
ip address x.x.x.x x.x.x.x
encapsulation frame-relay
frame-relay lmi-type (cisco, q933a, ansi)
bandwidth 64
frame-relay inverse-arp ip 16 - (thats the DLCI which can be diff at both ends for same VC)
Static Mapping
frame-relay map ip x.x.x.x (dlci) broadcast
Go into subinterface
frame-relay interfrace-dlci (number)
show frame-relay lmi (cisco)
show frame-relay pvc (type) dlci
show frame-relay map
clear frame-relay-inarp
clear frame-relay map
Summary of BASIC Commands from ICND 1
banner motd (LIME)
config term
copy run start
enable secret
enable password
ip default-address
line console 0
local login
login
reload
show cdp entry
show cdp neighbor details
switchport port-security
switchport port-security mac-address (sticky)
switchport port-security maximum
switchport port-security violation (protect)
show history
exec timeout
VLANs
vtp mode server transparent client
vtp domain (name)
vtp password password
vtp pruning
end
show vtp status
switchport mode access
switchport mode trunk
switchport mode dynamic desirable
switchport mode dynamic auto
config term
vlan (number)
(switches to vlan)
name (name of vlan)
shwo vlan brief
on an interface - switchport access vlan 2
or
interface range fa0/0 - 4
switchport access vlan 2
Subscribe to:
Posts (Atom)